Re: Simple DMZ for ER-X?
Why not remove one interface from the switch 0, and create the DMZ on its dedicated interface, with its own ip address ? Even, forwarding all new incoming connetions, isn't a good idea, rather, use the...
View ArticleRe: problem with AP to ubnt edgerouter x
My understanding from what you have written. Topology is:modem<---->ER8<---->Edgeswitch<---->ERX<---devices - correct? The ER8 is the DHCP Server for the 192.168.2.0 subnet? This...
View ArticleRe: Fix Smart Queue label error
16again wrote:What does the config look like in CLI?I don't know. I'd never use that.
View ArticleRe: IPv6 and Mediacom
I really don't see what's missing here. Your WAN interface has an IPv6 address, as does your LAN, and you said from the router you can ping6 to targets on the Internet. Looking at the ipconfig from the...
View ArticleRe: problem with AP to ubnt edgerouter x
How are you connecting the AP to the ER-X? Unless you have very specific needs, then you should plug the cable into a LAN port on the AP (rather than the WAN/Internet port). You may need to manually...
View ArticleRe: 1.9.1 DHCP on Vlan interfaces does not send reply to broadcast
After much wiresharking identified the issue... and it was the Netgear switch connected to the Edgerouter.. or more specifically the Polycom phones interpretation of the LLDP standard that was the...
View ArticleRe: How do I limit traffic between 2 LAN's on a ERLite-3?
Create a new firewall ruleset with default action Accept on your VOIP interface with the IN direction (you can name this something like "VOIP_IN").Add the following firewall rules.Rule 1: Allow...
View ArticleRe: Simple DMZ for ER-X?
Security isn't a high priority for this network. My original request stands. -Jamie M.
View ArticleRe: Using dnsmasq on ER-X
Hi We do have plans to add viewing leases when using dnsmasq in the UI in the future. To make sure you are aware, you can currently view these in the CLI using: cat /var/run/dnsmasq-dhcp.leases
View ArticleRe: Edgepoint EP-R8, EP-R6 Vlan Trunk
Looks like you're misunderstanding the purposes/uses of a few different pieces of equipment.First off, the EP-R8 is a router only, and all ports are separate routable interfaces. You cannot assign a...
View ArticleRe: Simple DMZ for ER-X?
Create a DNAT rule, input interface pppoe, dest address ip.addr.of.server.All new incoming connections should be redirected to your server
View ArticleRe: How do I limit traffic between 2 LAN's on a ERLite-3?
Remember, I ONLY want to initiate traffic on LAN going to VoIP, ie want to use a PC on LAN to configure the VoIP hardware on VoIP. I want any traffic initiated by VoIP towards LAN to be dropped. Will...
View ArticleRe: How do I limit traffic between 2 LAN's on a ERLite-3?
Yep, that'll work. Rule 1 allows data to flow between the networks for connections initiated from the LAN, rule 2 blocks connections originating from the VOIP segment.
View ArticleRe: Simple DMZ for ER-X?
redfive wrote:Create a DNAT rule, input interface pppoe, dest address ip.addr.of.server.All new incoming connections should be redirected to your serverI tried that and it seems to block everything....
View ArticleRe: Simple DMZ for ER-X?
You have to add state new to the firewall rules .... at least , for wan_in, and maybe would be better create a new rule with the state new only for the destination to 192.168.1.100 , and leave related,...
View ArticleRe: Reduced Throughput on ERL3
TheTCat wrote: I understand that routing slows the ERL3 down (since it's not a router), but other than for vtun0 for OpenVPN, I haven't added any. Possibly I have more NAT and firewall rules than...
View ArticleRe: igmp proxy crashes - script to check and restart automatically
When I was having this issue it was only once a week and actually it hasn't happened for about a month. Every 5 minutes is probably lots but feel free to change "interval 5m" in step 3 to "interval...
View ArticleRe: OSPF: One Edgerouter insists itself is the DR, even though it isn't
Another thing worth trying: Add allow rules on WAN_LOCAL for OSPF traffic
View ArticleRe: VLAN traffic showing as passing over the base interface rather than vif?
I wonder if this is something the ubnt team could investigate for furture releases? Or would this be virtually impossible to do due to the nature of cpu offload?
View ArticleRe: All hands to interfaces!?
wrote:Nothing speaks against having the traffic go out of the interface at 1Gbit/s into the switch.The idea behind not doing that, is that you want to "own the queue." On upstream to a modem, having...
View Article