Block LAN IP to WAN but Allow over VPN
I have an ERL 3.0 (1.9.1) with L2TP VPN setup on it and it is functional (no site-to-site). Right now, all LAN devices can access the WAN. I would like to block a group of them (by IP) from accessing...
View ArticleRe: EdgeRouter X Failover question
Below are the results. Here are the commands before I disable the internet on eth0 on ER1.show load-balance status Group G interface : eth0 carrier : up status : active gateway : 192.168.5.1 route...
View ArticleRe: Block LAN IP to WAN but Allow over VPN
Create group NO_INTERNET_ACCESS, and populate it with required LAN ip addresses. Create firewall ruleset LAN_IN. Default action accept-rule 1 Allow group NO_INTERNET_ACCESS access to destination...
View ArticleRe: Setup two routers on different subnet
Don't use masquerade on R2On R2, add static default route (0.0.0.0/0) to 192.168.1.1 On R1, add static route to 192.168.3.0/24 to 192.168.1.80
View ArticleVLAN Routing - EdgeRouter X
Hi, I'm having some issues with my new network setup. I'm using the EdgeRouter X and trying to seperate my network into 4 VLANS (LAN, GUEST, DEVICE, DMZ). Everything is working as I'd expect, other...
View ArticleRe: CLI Integrated dnsmasq Adblocking & Blacklisting v3.6.3.2 Easy Config
Unlikely, I don't believe the USG has a commandline interface with root access.skandshus wrote:Can this be installed in The USG?
View ArticleRe: CLI Integrated dnsmasq Adblocking & Blacklisting v3.6.3.2 Easy Config
It will run on the Er-X, not sure about memory if the source lists are too large - may be try it? Or someone who is using it on the ER-X can post about their experience using the script.jiznug...
View ArticleVPLS over GRE (Somethings not working)
I'm trying to run VPLS between 2 routers connected via a GRE tunnel. As far as I can tell everything is connected. I can even see the mpls packets traversing the tunnel (looking at tcpdump on both...
View ArticleRe: VPLS over GRE (Somethings not working)
Router 1 logsadmin@K0x-VPLS# run show log May 9 17:15:12 K0x-VPLS rsyslogd: set SCM_CREDENTIALS failed on '/dev/log': Proto col not available May 9 17:15:12 K0x-VPLS kernel: Linux version 3.10.14-UBNT...
View ArticleRe: VPLS over GRE (Somethings not working)
Router 2 logsadmin@CPx-VPLS# run show log May 9 17:15:12 CPx-VPLS rsyslogd: set SCM_CREDENTIALS failed on '/dev/log': Protocol not available May 9 17:15:12 CPx-VPLS kernel: Linux version 3.10.14-UBNT...
View ArticleERLite-3, IPv4: martian source problem
Hi, Newbie question, maybe a FAQ?Anyway, as I'm new to this compared to a plastic home product advanced router, this is for me a very tricky problem to which I haven't found any solution to even tough...
View ArticleRe: VPN IP sec won't establish
Could you post the output of# show vpn ipsecOf both routers ?You may also check the logs,$ sudo swanctl --logDid you enabled the NAT-T ?# set vpn ipsec nat-traversal enable#commitCheers,jonatha
View ArticleRe: VPN IP sec won't establish
"R1 private ip is 192.168.252.2 and is reachable by the public ip 188.118.46.AAA"Is extra NAT involved, or do you have multiple IPs on WAN interface?
View ArticleBGP and Load Balancing - route-map doesn't exist
We have two ISPs, one that is moving to BGP, the other one not. So I need to load balance these two uplinks (one BGP, one not) via the ER8-PRO. I confirmed BGP works with the ISP (they provided a...
View ArticleRe: EdgeMAX EdgeRouter security release frmware v1.9.1.1 has been released!
Hmmm. I just had a ERL die, so was building a new ERP to replace it (with 1.9.1.1) and have been banging my head trying to figure out why I didn't have DHCP working on one VLAN (the primary), but at...
View ArticleRe: BGP and Load Balancing - route-map doesn't exist
Here is the show protocols bgp output: bgp 64840 { neighbor 146.129.242.241 { route-map { export R1MAPLE-IN }} The error that occurs when attempting to save changes is "route-map...
View ArticleRe: Setting up an IPsec VPN between two ERX (noob)
Hi, The configuration is equal on each side, same parameters, and the auto-firewall is also enabled.I tried disabling on both ends the IPSec offloading as I read thet it may cause L2TP packets...
View ArticleRe: BGP and Load Balancing - route-map doesn't exist
I went ahead and implemented the rest of the bgp config via the command line. show protocols bgp matches what I had eariler. And I still have the same error when attempting to save changes in the UI...
View ArticleRe: BGP and Load Balancing - route-map doesn't exist
Oops as Emily Litella would say, NEVER MIND - forgot the "set policy route-map...." commands. Once I had those in place the OS allowed me to save changes. Sorry for taking up space here, all ;-) Steve
View Article
