Re: Block Malicious Traffic on WAN
Well, what do you think I should do to defend against udp flood ? ISP offers a DDoS protection for extra monthly subscription which is a bit expensive.
View ArticleRe: Road Warrior IKEv2 VPN Server
Thanks for the input, you are right on both counts: I indeed missed that the erlite does not offload sha256 and have now removed the option on the erlite as you suggested. Regarding the split...
View ArticleRe: Edgerouter Lite and UniFi Switch vlans
In the UniFi controller, once you have created the VLAN's, (Settings, Networks, Create new network, Purpose 'Vlan only'), by default, all ports of the USW will carry all the VLAN's, the untagged one...
View ArticleRe: Feature Suggestion: keep PoE while router is rebooted
Not really. Most switches (etc) are simply based around a SoC (maybe an ASIC for high-end stuff). No such thing (today) as UEFI (or even a BIOS in some cases).
View ArticleRe: VPLS setup not working.
Just in case someone stumbles across this necrothread - I had this problem today and the root cause was that the mtu on my ldp interfaces was set too high for the link. Once I figured out what the...
View ArticleIPSec/L2TP - PCI Compliance
Hello all: Is there a way to tighten up the encryption ciphers and DH groups the EdgeRouter it says it is capable of? We currently have a corporate office with remote access and a site-to-site setup....
View ArticlePRTG -> SSH -> Script
Hello,I would like to have PRTG monitor how many leases I have taken up in a pool. Currently I have a script that runs from the Operational CLI: #!/bin/vbash /opt/vyatta/bin/vyatta-op-cmd-wrapper show...
View ArticleRe: ER-4 reliability ?
Understood,The issue to me is that it have never happened with my other routers. And it happened twice with my ERPOE. As the system runs, I think it should mostly do reads on the fs, for this reason, I...
View ArticleRe: Lite-3 (1.10.6) Best Throughput?
The following is my config: firewall {all-ping enablebroadcast-ping disableipv6-receive-redirects disableipv6-src-route disableip-src-route disablelog-martians enablename WAN_IN {default-action...
View ArticleRe: Edgemax lite3
I used all of the wizards on it. I set up eth0 as dhcp to have other router s/u ip address. I have verizon quantum 1100 modem. It showed as a bridge. It worked as if it was part of the router itself....
View ArticleRe: Multiple DHCP servers / subnets
How would I go about setting a Destination NAT rule to accomplish this? I have it filled out like this (attached screenshot), but I know I must be doing something wrong. The desired behavior is that I...
View ArticleRe: PRTG -> SSH -> Script
Probably not working because your trying to use vbash not bash. You could always just read off the lease file instead, then you can stay away from the command wrapper completely. I think it'll be in...
View ArticleRe: Load-balancing not working as expected
wrote:Thank you for your fast reply. The WANs should not be on the same subnet (eth0 has 192.168.178.0/24, eth1 has 192.168.188.0/24) for my understanding. Or will it help to separate them "further"?...
View ArticleRe: IPSec/L2TP - PCI Compliance
The report doesn't discern between the two, since both use isakmp. The report lists off what encryption ciphers and DH groups the VPN device (EdgeRouter) is saying it can do, so 3DES and DH group 1-4...
View ArticleRe: IPSec/L2TP - PCI Compliance
Those settings your using is for site to site only. L2tp is probably using weaker encryption. I think you'll need a custom script to change that.
View Articlewhat queue type to use for fairness
Hi, what type of queue should I use for fair bandwidth distribution? Should I use HFQ or SFQ? or some otherone? Thanks
View ArticleRe: What is my router downloading?
I've been ecperiencing the issue this evening. I ran the commands that you suggested - here is a partial output form the second commnad. I masked my IP address - the one that starts with 24.191....
View Articlehelp?
is this the appropriate place to ask for help for an Edgemax I own? I ask this cause apparently the last two posts I tried to make here asking some questions here were marked as "SPAM" . not sure why?...
View ArticleRe: VPN assistance
Rightio i used the REGEDIT to get it working behind the NAT. So it fully works now and im very happy but i need to add additional users for the VPN. i have been searching for a CLI command to add...
View Article