Quantcast
Channel: All EdgeRouter posts
Browsing all 60861 articles
Browse latest View live

Re: IPSec VPN one end with Dynamic IP

What's the exact error from sudo swanctl --log?

View Article



Re: ERL v1.9.0 Slow WAN

What router are you talking about?Do you have HW offload enabled?Make sure you don't have any config that would disable HW offload i.e. SW bridge or QoS.Best post your config show configuration | no-more

View Article

Re: EdgeRouter with Avaya H.323 VPN remote phones

Nope, nothing special to make the phone work on my end. I have observed the condition you are referring to once or twice, but I just wrote it off as transient network issues.  I believe its trying to...

View Article

Re: EdgeRouter with Avaya H.323 VPN remote phones

You could try to decrypt ipsec tcpdump packets to figure out if phone is reaching out to something that isn't there. 

View Article

Re: Load Balancing problem

Thanks for the update. The default count failure and options should be okay. 

View Article


Re: Unable to use IPsec over IPv6 [Bug]

Thanks for your response. OK, I understand!( I realize to use IPv6 VTI needs Linux Kernel 3.13 or later. )I hope you will support IPv6 VTI when Kernel will be upgraded.

View Article

Re: Site-To-Site VPN not running on one end (both ERL with highly similar...

I'm going to give both of those a try. Notably, though, it turns out that the "ubnt" ERL lost all internet connectivity for the hosts in the 192.168.2.0/24 network. I was still able to access the web...

View Article

Re: IPSec VPN one end with Dynamic IP

When I do sudo ipsec up peer-10.0.0.113-tunnel-1 I get the following output:  initiating Main Mode IKE_SA peer-10.0.0.113-tunnel-1[1] to 10.0.0.113generating ID_PROT request 0 [ SA V V V V ]sending...

View Article


Re: ER-Pro L2TP - VPN Clients Can't Ping Network After 1.8.0 to 1.9.0 Upgrade

 can you post your config file too.  Two of l2tp threads are using load-balance.  Is you're load-balance too?  It might be interesting to try removing the new l2tp kernel modules to see if that is the...

View Article


Re: IPSec VPN one end with Dynamic IP

Instead of using "local-address any" I'd suggest either "dhcp-interface" or "local-address 0.0.0.0".  For some reason that "local-address any" seem problematic.  Aslo when using FQDN I find that using...

View Article

Re: Update to 1.9 broke my l2tp/ipsec

It seems OK on my macbook pro but I may not be connected as long as you are at a time. Do you have a more exact amount of time? I can probably work on my macbook tomorrow over VPN to test that out

View Article

Re: EdgeRouter with Avaya H.323 VPN remote phones

Would the 'ip xfrm state' command need to be run on the client? In my case the VPN client is the phone.16again wrote:You could try to decrypt ipsec tcpdump packets to figure out if phone is reaching...

View Article

Re: Update to 1.9 broke my l2tp/ipsec

 I don't think we've seen your config file.  Are you also using load-balance?

View Article


Re: ERL Open VPN Site-to-Site

Bump...

View Article

Re: Load Balancing problem

I don't mean or want to hijack this thread, but its along the same lines. How do you make it so that the failover will happen faster??  I'm testing it out right now with an ERL and the standard...

View Article


Re: DynDns problems

1. web and web-skip These two are used in case the IP on your interface (eth0 in your case) is not your external IP (your router is behind NAT).  Then you put the address of some site that will give...

View Article

Re: Load Balancing problem

Default "interval" = 10 seconds, default failure count = 3.   10 x 3 = 30 seconds, but all those parameters are changeable.

View Article


Re: Add VLAN

Thank you!switch0 has an ip assigned by the wan+2lan2 wizard, but each of the vlans I assign to it can have seperate ip ranges for guest, IOT right?

View Article

Re: L2TP/IPSec default negotiation [3DES vs AES, SHA1 vs SHA2 etc]

I've long dealt with this on Vyatta/VyOS.  If this is on Windows, max hashing is SHA1. Windows clients don't ask for SHA-2.  3DES and AES-256 will allowed on maximum encryption.  Require encryption...

View Article

Re: 1.9.0 broke dashboard for me (using Firefox)

I've tried attaching the log file, but the forum doesn't want to accept it. Have you an email address I can send it to?

View Article
Browsing all 60861 articles
Browse latest View live


Latest Images