Clik here to view.
Re: Access server from blocked subnet via external
poisonsnak wrote:When you enabled port forwarding did you turn on hairpin NAT? If that is enabled, I think it should be working...
View ArticleRe: Help choosing and configuring a VPN
I get a bit confused with the naming schemes different companies use. IKEv2 and L2TP both use IPsec so is the 3rd option "IPsec" IKEv1? Anyway... On the edgerouter most people use L2TP for this kind...
View ArticleRe: IPSec VPN not working 1.9.0 - any tips for debugging?
Post your entire updated config, let's review.
View ArticleRe: VLAN configuration, firewall rules, basics
Thanks dpurgert, I would like to block traffic going out on guest_vlan, except for traffic over http/s 80/443. I don't seem to be able to make that happen. Is that possible to by default deny all...
View ArticleRe: Unclear on EdgeRouters and their switching
Thanks for that info. Are all er-x ports switched other than eth0?
View ArticleRe: Static Host DNS Sometimes not working on MacOS
Actually no, I do use the standard DHCP server, but set hosts-file-update to disable, and instead manually enter hosts like: set system static-host-mapping host-name imap.[my domain] inet [local IP]...
View ArticleRe: Load Balance, Fail over Dual WAN same gateway / subnet
@torankuzuI'm going to bring this post to life again.I have the same situation as you're.I have manage to get GATEWAY GROUP working on pFsense for a while, with good results.I have 4 wan connection...
View ArticleRe: Load Balance, Fail over Dual WAN same gateway / subnet
you should probably start your own thread, but one problem that often comes up with multiple WANs from the same ISP is to make sure each WAN is in a different subnet with a different gateway. If...
View ArticleRe: Load Balance, Fail over Dual WAN same gateway / subnet
Thanks for the suggestions .I read that about pppoe some post before this.Let me do some testing and experiments and will do a new thread on this.
View ArticleCan a site-to-site IPSec VPN co-exist with a remote-access L2TP VPN?
The subject pretty much says it all - can a site-to-site IPSec VPN co-exist with a remote-access L2TP VPN? I have two sites linked with a site-to-site IPSec VPN, and I can't afford for it to go down as...
View ArticleRe: Can a site-to-site IPSec VPN co-exist with a remote-access L2TP VPN?
Yes, you can have both at the same time. (I have it on multiple routers, works like charm).
View ArticleRe: Unclear on EdgeRouters and their switching
On ER-X all ports can be part of the HW switch.
View ArticleRe: Cake compiled for the ERL
PS: I'd love to know when cake falls apart running (at 60Mbit shaped, or higher), vs smart queue, on this hardware. should be somewhere between 60 and 220Mbits.
View ArticleRe: Help setting up ERLite-3 Firewall (WAN+2LAN)
No, leave WAN_IN as it is. WAN_OUT is pretty restrictive -- suffice to say, it's extremely rare to block "everything" outbound. Honestly, it looks more like it's specific to the "CWGUEST" network...
View ArticleRe: Need help setting up a Edgerouter Pro 8
no, having multiple networks would not make anything "better" or "faster"
View ArticleRe: VLAN configuration, firewall rules, basics
you would need default deny,rule 1 accept destination port 80rule 2 accept [...]
View ArticleRe: VLAN configuration, firewall rules, basics
Thanks dpurgert, Thats exactly what I thought, but when I do that, no traffic is able to go through at all. Here is the config: name GUEST_VLAN_IN {default-action reject description "PACKETS COMING...
View ArticleRe: Cake compiled for the ERL
UBNT-stig wrote:Lochnair wrote:dtaht2 wrote:stig: the portion that I'd hoped be handled properly was GRO peeling on the interface with cake on it. are you saying that enabling qos on one interface...
View ArticleRe: IPSec VPN not working 1.9.0 - any tips for debugging?
BranoB wrote:Post your entire updated config, let's review.Here you go. Thanks again for your help with this. firewall { all-ping enable broadcast-ping disable ipv6-name WANv6_IN { default-action drop...
View Article