 EdrickI aspire to tell the story of a lifetime
Premium Member
join:2004-09-11
San Diego, CA |
Edrick
Premium Member
2014-Feb-5 4:37 pm
EdgeRouter Lite 1.4.0I've used the wizard to try and connect the new EdgeRouter. However I still can't get internet connectivity, the clients pull a DHCP address fine but cant get on the internet. Nor do the tools on the EdgeRouters page resolve or ping an IP. I also can't ping the public statically assigned IP by comcast. I set a static IP on my laptop and connected into the comcast gateway to make sure that the new static IPs we have are working. I am able to get on the internet and ping from outside of the network to the public IP of my Laptop, I also am able to ping the gateway (my comcast gateways IP). However the edgerouter will not work. firewall {
all-ping enable
broadcast-ping disable
ipv6-receive-redirects disable
ipv6-src-route disable
ip-src-route disable
log-martians enable
name WAN_IN {
default-action drop
description "WAN to internal"
rule 10 {
action accept
state {
established enable
related enable
}
}
rule 20 {
action drop
state {
invalid enable
}
}
}
name WAN_LOCAL {
default-action drop
description "WAN to router"
rule 10 {
action accept
state {
established enable
related enable
}
}
rule 20 {
action drop
state {
invalid enable
}
}
}
receive-redirects disable
send-redirects enable
source-validation disable
syn-cookies enable
}
interfaces {
ethernet eth0 {
address 192.168.1.1/24
description Local
duplex auto
speed auto
}
ethernet eth1 {
address 50.254.xx.xx/29
description Internet
duplex auto
firewall {
in {
name WAN_IN
}
local {
name WAN_LOCAL
}
}
speed auto
}
ethernet eth2 {
address 192.168.2.1/24
description "Local 2"
duplex auto
speed auto
}
loopback lo {
}
}
service {
dhcp-server {
disabled false
hostfile-update disable
shared-network-name LAN1 {
authoritative disable
subnet 192.168.1.0/24 {
default-router 192.168.1.1
dns-server 192.168.1.1
lease 86400
start 192.168.1.21 {
stop 192.168.1.240
}
}
}
shared-network-name LAN2 {
authoritative disable
subnet 192.168.2.0/24 {
default-router 192.168.2.1
dns-server 192.168.2.1
lease 86400
start 192.168.2.21 {
stop 192.168.2.240
}
}
}
}
dns {
forwarding {
cache-size 150
listen-on eth0
listen-on eth2
}
}
gui {
https-port 443
}
nat {
rule 5010 {
outbound-interface eth1
type masquerade
}
}
ssh {
port 22
protocol-version v2
}
}
system {
gateway-address 50.254.xx.xx
host-name ubnt
login {
user ubnt {
authentication {
encrypted-password $1$zKNoUbAo$gomzUbYvgyUMcD436Wo66.
}
level admin
}
}
name-server 75.75.75.75
ntp {
server 0.ubnt.pool.ntp.org {
}
server 1.ubnt.pool.ntp.org {
}
server 2.ubnt.pool.ntp.org {
}
server 3.ubnt.pool.ntp.org {
}
}
syslog {
global {
facility all {
level notice
}
facility protocols {
level debug
}
}
}
time-zone UTC
}
/* Warning: Do not remove the following line. */
/* === vyatta-config-version: "config-management@1:conntrack@1:dhcp-relay@1:dhcp-server@4:firewall@5:ipsec@3:nat@3:qos@1:quagga@2:system@4:ubnt-pptp@1:ubnt-util@1:vrrp@1:webgui@1:webproxy@1:zone-policy@1" === */
/* Release version: v1.4.0.4632200.140113.1644 */
|
|
| |
go to uibiquiti and ask them,
that team is actually very responsive |
|
|
EdrickI aspire to tell the story of a lifetime
Premium Member
join:2004-09-11
San Diego, CA |
Edrick
Premium Member
2014-Feb-5 4:42 pm
I posted the question up over there also so hopefully I can figure it out. |
|
| Edrick |
Edrick
Premium Member
2014-Feb-5 6:23 pm
While I'm waiting to get the internet to hopefully work, anyone have real throughput experience with VPN on this? Both locations have 75mbit / 35mbit connectivity. I'm looking at PPPoE vs L2TP |
|
| Edrick |
Edrick
Premium Member
2014-Feb-5 6:41 pm
While I'm waiting to get the internet to hopefully work, anyone have real throughput experience with VPN on this? Both locations have 75mbit / 35mbit connectivity. I'm looking at PPPoE vs L2TP |
|
| |
to Edrick
How are you translating the private addresses to the WAN address? |
|
EdrickI aspire to tell the story of a lifetime
Premium Member
join:2004-09-11
San Diego, CA
1 edit |
Edrick
Premium Member
2014-Feb-5 7:35 pm
Figured it out I had accidentally put 254 instead of 245 in the gateway only took 6 hours |
|
| Edrick |
Edrick
Premium Member
2014-Feb-5 10:49 pm
So next up I did get a L2TP VPN setup however I see conflicting results as to if I should use L2TP or IPsec, I want to connect both endpoint devices like the iPhone or MacBook along with creating a site to site to another edge router. |
|
| |
they are used hand in hand. l2tp is the transport ipsec is the encryption |
|
EdrickI aspire to tell the story of a lifetime
Premium Member
join:2004-09-11
San Diego, CA |
Edrick
Premium Member
2014-Feb-5 11:10 pm
Right now I'm connecting strictly through L2TP however they say if it's through IPSec then it uses hardware for the VPN instead of software if it's l2tp |
|
| |
Are you able to max out your connection with non-VPN traffic? Last I heard, the ERL doesn't hardware-accel for PPPoE connections, so I'm curious to see where it tops out. |
|
1 recommendation |
i wouldn't get too hopped up on hardware accel anyway.
alot of posts showing up on the forums with hardware accel traffic.
there first troubleshooting step is to turn off hardware accell...
just my .02. its definitely in its beta stage |
|
| |
to Edrick
Use OpenVPN for site to site on the ERL's. Works great. |
|
