Re: Can my EdgeRouter help to protect against this kind of attack?
You can also use rate-limiting rules in your firewall. This for SSH brute force attacks: rule 4 { action drop description "SSH Bruteforce prevention" destination { port 22 } log disable protocol tcp...
View ArticleRe: Can my EdgeRouter help to protect against this kind of attack?
That was already in the back of my mind for a while. I've been subscribed to the emerging threats thread on the forum. I had not acted on it yet because I do not trust my understanding of this to a...
View ArticleInsufficient validation of DHCP static MAC/IP mapping names
I'm in the process of setting up an EdgeRouter Lite v1.9.1 with some static DHCP lease mappings and have uncovered a possible bug. My current setup has two DHCP services running to service different...
View ArticleRe: Can my EdgeRouter help to protect against this kind of attack?
OzPHB wrote:You can also use rate-limiting rules in your firewall. This for SSH brute force attacks: rule 4 { action drop description "SSH Bruteforce prevention" destination { port 22 } log disable...
View ArticleRe: Can my EdgeRouter help to protect against this kind of attack?
the iptables 'recent' module tracks the IP of the attacker/good-guy, and the rule is set to only apply to new, not established or related, so it will not block legitimate connections to your...
View ArticleRe: PPTP and HTTPS issues
My bad, il explain it a bit better: What I do is I'm on my laptop, connected to my home network using the ERLite's PPTP service. While im connected I cannot connect to some HTTPS sites on my laptop,...
View ArticleRe: Can my EdgeRouter help to protect against this kind of attack?
OzPHB wrote:the iptables 'recent' module tracks the IP of the attacker/good-guy, and the rule is set to only apply to new, not established or related, so it will not block legitimate connections to...
View ArticleRe: EdgeRouter Lite setup
Many thanks for the quick responce, I'll pick my way through the KB.May take a while, I've just got the EdgeRouter running and updated to latest firmware - somewhat hampered at the mo as the Wisp fell...
View ArticleRe: EdgeRouterX & UniFi AP Overloading issue? Too many wifi connections?
Current firmware for the AP is 3.7.29.5963, so you are a few firmware editions behind. This suggests your controller version is out of date. I would fix these. Seems you have GEN1 AP hardware....
View ArticleRe: L2TP over IPsec VPN server issue with no response
markbristow wrote:...not getting any useful error messages. ...Post ipsec logs:sudo swanctl --log
View ArticleRe: EdgeRouterX & UniFi AP Overloading issue? Too many wifi connections?
Mike81 wrote: I actually have a 3rd private Wifi connection plugged into the LAN and that one will continue working (as long as I don't share the password with the gym members). This third WIFI...
View ArticleRe: L2TP VPN Constantly Disconnecting
Id this "my.current.ip" (from your swanctl logs) the only L2TP client? Or maybe you have other L2TP client connected? Try following:Disabling IPSEC offloat - set system offload ipsec disableLower IPSEC...
View ArticleRe: EdgeRouter Lite Throughput
jms33 wrote:dphulgin wrote:If you just inherited the router with the config already installed, and really have no clue then I would restart from scratch. Only use 1 port for WAN and 1 for LAN. You...
View ArticleRe: Help request on firewall config
fburgod wrote:Thanks a lot for the quick answer.I will go to VPN later on, but I need to get familiar with the ERL first. I have one extra question: How can I add a port forward rule from the gui...
View ArticleRe: Help on home setup
Hi, Welcome to the community :-) My tip would be NOT to enable QOS unless you find you need it. What you certainly should enable is offload:set system offload ipv4 forwarding enable set system offload...
View ArticleRe: Help on home setup
Thank you for the tip!I will make sure the offloading is enabled then and see how everything is working out.
View ArticleFirewall policies not working.
Good morning, We have an Edge router Lite which has been working flawlessly for the past year or so. We literally set it up and never looked back. However after carrying out an audit we noticed that...
View ArticleRe: OpenVPN Client Setup for Private Internet Access - Continuing Config Help
Odd, then something else must be happening because it's not connecting or giving me an IP (from what I can see)
View ArticleEDGEMAX(ERL3): minor issue in "show nat rules" command
I'm using the last FW v1.9.1 I have 2 active NAT rules, rule #1 for SSH port redirection, rule #3 for HTTP/HTTPS redirectionRule3 is using a "port-group" destination including 80,443 When displaying...
View ArticleRe: Help on home setup
To verify that it is working, exit configure mode, and do:$ show ubnt offload IP offload module : loaded IPv4 forwarding: enabled vlan : enabled pppoe : disabled gre : disabled IPv6 forwarding: enabled...
View Article