|
eames posted:Unifi UDM would tick your boxes if you can get one, they are in the Unifi beta/early access program. It has new hardware and would replace your Unifi controller. Ah interesting. I don't need the AP though; I already have 3x UAP-AC-HD set up in the house. (Also that $49 price for the ER-X is a crazy good value, I must say.) Bummer about pfsense hardware; I was hoping that was the path to having a stable setup. I think I'm leaning towards ER-4 with hopes that it will be reliable and do what I need. Though I'd happily pay a bit more for more performance and GUI features, it sounds like it's just fast enough and I can do the things I want with More Work(tm). OpenVPN is possible just requires CLI - would prefer GUI because I'm lazy but not a biggie. Monthly bandwidth tracking - I may be looking at running a software package on a server behind the router, not sure yet. I'd get a Unifi thing to go with the rest of my setup but it doesn't look like the current Unifi stuff is as powerful as the ER-4, at least not in the sub-$500 range.
|
#
?
Jun 17, 2019 16:02
|
|
|
|
| # ? May 21, 2024 01:18 |
|
|
admiraldennis posted:I think my ~2-year old qotom pfsense box is dying. The WAN port seemed to be strangley losing the connection and not re-aquiring it or getting DHCP leases (direct connect to modem worked fine). Switched to another port, worked OK for a month, now having similar issues. Maybe it's a software issue but idk. I have also had a few crashes, like 1-2/year, randomly where the box would freeze up and need to be reset. I would check the power supply... The Qotom boxen use a external 12v power brick (at least mine does). If you have the ability, I would check the voltage on this power supply just to make sure its OK. Given that these are standard PCs, standard PC troubleshooting advice would apply here as well. i.e. re-seat the RAM stick, also re-seat the hardrive/SSD module. (if your box is so equipped).
|
|
#
?
Jun 17, 2019 16:35
|
|
|
Can you set up OpenVPN on The Google WiFi mesh so I can use my iPhone to get to my home network when out and about.
|
|
#
?
Jun 17, 2019 17:07
|
|
|
Lambert posted:You could try and see if the latest version of Asuswrt-merlin (which is no longer in active development for your router, but could be new enough to have the feature) supports SMBv2. Thanks for the suggestion! I've installed Asuswrt-merlin 380.70, and turned SMBv1 off again on my Windows 10 machine, and everything seems to be working as before. 
|
|
#
?
Jun 17, 2019 18:28
|
|
|
admiraldennis posted:
I can't comment on their ARM hardware but the numerous forum posts regarding overheating and crashing don't fill me with confidence. I myself was hit by the "sudden death" Intel Atom bug with two of their appliances; they replaced one of them even though it was 1 month out of warranty but the second one failed way later. Very frustrating experiences, though not necessarily their fault. If power consumption is not a concern (it probably should be) you could look into used workstation/enterprise hardware with a good Intel NIC. My personal impression is that Ubiquiti has a brighter future than pfsense because of chris buechler and the fact that pfsense kind of stated that their community image program is not sustainable. The ER-4 looks nice if you don't care about GUI integration. I'm waiting for the UDM as it should be ER-4 hardware + AP + PoE ports + UniFi Controller with full integration in one device.
|
|
#
?
Jun 17, 2019 18:41
|
|
|
eames posted:I can't comment on their ARM hardware but the numerous forum posts regarding overheating and crashing don't fill me with confidence. I myself was hit by the "sudden death" Intel Atom bug with two of their appliances; they replaced one of them even though it was 1 month out of warranty but the second one failed way later. I don't know how long ago this was, but I think it's intel footing the cost of those warranty repairs. It might be a good idea to see if they will RMA it, even if you just ebay it after.
|
|
#
?
Jun 17, 2019 19:09
|
|
|
eames posted:If power consumption is not a concern (it probably should be) you could look into used workstation/enterprise hardware with a good Intel NIC. OpnSense is also an option. It was forked some time ago from pfSense. I thought about giving it a try next time I am bored just for the hell of it. It uses the same FreeBSD base as pfSense so hardware compatibility is basically identical with similar requirements.
|
|
#
?
Jun 17, 2019 19:37
|
|
|
stevewm posted:OpnSense is also an option. It was forked some time ago from pfSense. I thought about giving it a try next time I am bored just for the hell of it. I had a rock-solid m0n0wall machine growing up (pfsense started as a fork of this) that I set up at our family house. The thing ran for many, many years even after I moved out with 0 maintenance and massive multi-year uptimes. It was just an old PC with an IDE->CF adapter; they even still host my cute image in their gallery after all of these years (probably 10+ since I submitted this image): https://m0n0.ch/wall/gallery/237.jpg. Then I used various Soekris boxes for my own personal setups, net4801 and such. It was all bullet-proof. Wish I could say the same about my modern pfsense experiences
|
|
#
?
Jun 17, 2019 20:34
|
|
|
eames posted:I can't comment on their ARM hardware but the numerous forum posts regarding overheating and crashing don't fill me with confidence. I myself was hit by the "sudden death" Intel Atom bug with two of their appliances; they replaced one of them even though it was 1 month out of warranty but the second one failed way later. I thought about the 'let's use a full PC/server' route but it seems excessive and at this point I'm not really sure if my stability woes are due to hardware or just pfsense itself. And, well, I do care about power consumption and footprint to some degree. The GUI integration would be nice, and I would pay extra for it, but if going with Ubiquiti comes down to a $140 low-powered USG, a $300 USG-PRO-4, or a $180 ER-4 with significantly more power than either of those UGS models - feels like the ER-4 is my choice at the moment. The UDM looks like a rad unit but I don't need the AP, the PoE ports, or the controller as I have all of those already. A UGS with the ER-4 hardware or higher looks like what I really want, but who knows when that's coming. stevewm posted:I would check the power supply... The Qotom boxen use a external 12v power brick (at least mine does). If you have the ability, I would check the voltage on this power supply just to make sure its OK. That's a reasonable point; I'll check this out. I think I'm probably bought into trying something not-pfsense for a while after reading about others' stability issues but if the hardware checks out, maybe I'll find another use for the Qotom box. admiraldennis fucked around with this message at 20:48 on Jun 17, 2019 |
|
#
?
Jun 17, 2019 20:41
|
|
|
I don’t know what it’s going to cost but they just teased what is essentially a UDM that is rack mountable and has 4 ports, no AP included.
|
|
#
?
Jun 17, 2019 21:18
|
|
|
admiraldennis posted:
I'm curious what stability issues you've seen.. I've had my Qotom box and pfSense for almost a year to the day now. It nearly had a full year of uptime until a power outage a couple weeks ago cut that short... It has been set and forget for me.
|
|
#
?
Jun 17, 2019 21:36
|
|
|
admiraldennis posted:I had a rock-solid m0n0wall machine growing up (pfsense started as a fork of this) that I set up at our family house. The thing ran for many, many years even after I moved out with 0 maintenance and massive multi-year uptimes. It was just an old PC with an IDE->CF adapter; they even still host my cute image in their gallery after all of these years (probably 10+ since I submitted this image): https://m0n0.ch/wall/gallery/237.jpg. Then I used various Soekris boxes for my own personal setups, net4801 and such. Thats kind of a bummer but my pfsense install is going on a year with no downtime. Probably wont update it either.
|
|
#
?
Jun 17, 2019 22:09
|
|
|
KKKLIP ART posted:I don’t know what it’s going to cost but they just teased what is essentially a UDM that is rack mountable and has 4 ports, no AP included. Where'd you see such a thing?
|
|
#
?
Jun 17, 2019 22:31
|
|
|
https://www.reddit.com/r/Ubiquiti/comments/bziqml/new_udmpro_spotted/
|
|
#
?
Jun 18, 2019 00:09
|
|
|
I've just moved and my new place can get symmetric gigabit fiber to the home! Yay! I want to take advantage of the full gigabit speeds but the home is not wired with ethernet at all. Obviously I could wire the home but I am exploring other options first. The home is ~1,500 square feet and is newly renovated / drywall. 1) Is there a wireless router which can handle the full gigabit speeds? That'd be the easiest solution. The reading I've done indicates that 802.11ac may not reach its full rated 1,300Mbps (I've seen people claiming it gets ~600Mbps in real world tests). I've already read about 802.11ad, but the 60GHz signal definitely won't cover my house and my devices aren't compatible anyway AFAIK. Do I wait for 802.11ax later this year and simply go slower on my old router until then? 2) If no wireless router works well with gigabit, how about powerline networking? The house was recently renovated. That may mean new powerlines. But even if so, can anyone attest to how well powerline networking works specifically with a gigabit connection? I've read the thread's other discussions about powerline and people's opinions sound quite mixed, and I haven't seen anyone mention using it specifically with gigabit in the last ten pages or so. The connection isn't even installed yet, so I can't do any testing with my existing gear for a few weeks.
|
|
#
?
Jun 18, 2019 01:10
|
|
|
Don’t go down the rabbit hole of trying to get 1000 mbit to every device you own. 95% of the stuff you do can’t even provide you 1000 mbit of traffic. That being said, if you have a single story house with an attic, run Ethernet.
|
|
#
?
Jun 18, 2019 02:09
|
|
|
stevewm posted:I'm curious what stability issues you've seen.. redeyes posted:Thats kind of a bummer but my pfsense install is going on a year with no downtime. Probably wont update it either. Mine has never really been stable. It crashes at least once per year, if not more. Now it has become unusable. Usual 'crash' symptom is that the internet doesn't work, I can't reach the box, and when I reboot it, I find a crash log in the system logs. I've reported a few of them. Here's a couple of crash logs I found in my email: https://pastebin.com/3LdnZwkZ https://pastebin.com/FSWJex46 I'm doing pretty much vanilla things. NAT routing, DNS caching, static DHCP assignments, OpenVPN. Only plugin is Traffic Totals. Kept things up to date always. Box is QOTOM-Q355G4. The recent problem is that it's been dropping connections to the WAN / is unable to reliably acquire an IP via DHCP. At first I thought this was a cable modem / internet issue, and it is possible that the internet connection is temporarily disconnecting. But the symptom I see is that it won't get a DHCP lease over the WAN port. The CM (SB8200) gives DHCP no problem to a PC or another router. When this started happening, I switched WAN ports and it started working again. A month later, same issue popping up. Interestingly, spoofing the MAC address on the WAN port seemed to kind of fix it - got a lease, but the connection wasn't reliable, things were off-and-on and then I'd hit the same exact issue again with no lease. I now have an Asus home router in place, very temporarily, and no connectivity issues. I don't really know what's going on with either of the problems (crashing or inability to get DHCP lease). I haven't tried a wipe and reinstall of pfsense since the new issues started so I suppose I could give that a shot, but it wouldn't leave me confident re: the random infrequent crashes even if it fixes the connectivity problems. admiraldennis fucked around with this message at 02:44 on Jun 18, 2019 |
|
#
?
Jun 18, 2019 02:40
|
|
|
I have the same box, just one model down. 4GB, 16GB SSD, and i3, model# Q335G4 Same port configuration though. And I also have the same pfSense plugins.. I would suspect you have possibly had a bad box/unit from the start. My first suspect would be the power supply, followed by RAM. I would at the very least take it apart and re-seat all the components, particularly the RAM stick(s).. Hell, I'd also download and run something like memtest86 on t just to rule that out.
|
|
#
?
Jun 18, 2019 02:54
|
|
|
Can we get "i'm getting gigabit what router do i get" to the OP? We get like two of those a page at this point.
|
|
#
?
Jun 18, 2019 03:25
|
|
|
So I finally flashed my Sprint AC-2015 router to stock Asus RT-AC66U firmware. I need to enter the WiFi Calling settings but I don't know where/how to do it. I know I need to enter these: Emergency Location Reporting: TCP 444 WiFi Calling Tunnel: UDP 4500 But I don't know if I enter that under Port Trigger or Port Forwarding or what. Can someone fill me in? Better yet, there's a dummy UI here and a screenshot from it would be a huge help. I need stupid babby handholding for this.
|
|
#
?
Jun 18, 2019 03:51
|
|
|
I don't think you're able to do that unless you're on the carrier specific firmware. Have you done this on Asus firmware before?
|
|
#
?
Jun 18, 2019 03:53
|
|
|
The guide I've read on doing this literally advises to do so, but doesn't lay out the steps of doing so. The dummy UI linked above confirms that it can be done, and I can confirm that I can enter settings in those tabs.
|
|
#
?
Jun 18, 2019 03:57
|
|
|
Can you link the guide? Port forwarding/triggering is how you pass inbound traffic from the internet directly to a device on your local network, generally things like servers. For something like Sprint's router I'd expect it to be running whatever server type functionality is required for Wifi calling on the router itself, but I'd be surprised if they made it accessible to third parties.
|
|
#
?
Jun 18, 2019 04:39
|
|
|
This is the guide I used to change it from a Sprint router with these settings hard coded, to an Asus router with these settings editable: https://www.snbforums.com/threads/how-to-sprint-ac-rt66u-to-stock-asus-firmware.25261/
|
|
#
?
Jun 18, 2019 04:51
|
|
|
Yeah, judging by that walkthrough it's not telling you to use those values on the Asus firmware, it's providing them in case you flash back to the Sprint firmware. You can't just configure port forwarding - you need something to forward that traffic to. In the Sprint firmware that's to a server process that's running on the router itself.
|
|
#
?
Jun 18, 2019 04:57
|
|
|
goodness posted:I'm strongly considering this now since the ER-4 is only $60 more Since I didn't make it clear enough in my post: the caveat about the 2.x firmwares applies to both the ER-Lite and ER-4 -- if you have a gigabit connection and care about maxing it out, you're stuck on 1.10.9 whichever hardware you go with. The ER-X variants have even stranger 2.x limitations right now. On the other hand, if you don't care about 5-10% being lopped off the top for now, then either would be fine.
|
|
#
?
Jun 18, 2019 05:45
|
|
|
I much prefer the ER-4 over the ER-X, though it's about three times the price.
|
|
#
?
Jun 18, 2019 12:27
|
|
|
ComWalk posted:Since I didn't make it clear enough in my post: the caveat about the 2.x firmwares applies to both the ER-Lite and ER-4 -- if you have a gigabit connection and care about maxing it out, you're stuck on 1.10.9 whichever hardware you go with. The ER-X variants have even stranger 2.x limitations right now. On the other hand, if you don't care about 5-10% being lopped off the top for now, then either would be fine. Ugh, what's all this? The ER-4 can't even vanilla route @ Gigabit with the latest firmware? Is that simultaneous up/down gigabit or even just downstream 1Gbps?
|
|
#
?
Jun 18, 2019 12:44
|
|
|
admiraldennis posted:Ugh, what's all this? The ER-4 can't even vanilla route @ Gigabit with the latest firmware? Is that simultaneous up/down gigabit or even just downstream 1Gbps? The exact language from their release notes: Ubiquiti posted:Throughput degradation by 5-10% when comparing with v1.10.9 firmware with older kernel But since v1.10.9 is still perfectly fine it's not the end of the world -- there aren't really any pressing reasons to upgrade and it looks like the 1.10 series is going to have anything critical backported until they've sorted it out. IPv6 is marginally more annoying to set up, but meh. Also, compared to how comically broken the Mediatek-based family (ER-X, ER-R6) is on the new firmwares: Ubiquiti, authors of excellent FW updates posted:! IPsec and VLAN offloading on ER-X/ER-X-SFP and EP-R6 does not work I'll uh, celebrate dodging that bullet instead, cause  .
|
|
#
?
Jun 18, 2019 13:31
|
|
|
Moved over to AT&T fiber yesterday and decided to just go with their modem/router as it looked featured enough for me. The only problem I'm having is with port forwarding. If I'm on the network itself and I try to connect to a service via my external IP (ie 1.1.1.1:10001 should get to a webserver), it moves very slowly and just about brings back enough data so I know it's there but gets no further. If I try from outside my network, this works as expected. Not everything is forwarded to one device either, so I can't pin it on my Mac being funny about the new setup as my IPCam works in exactly the same way. Anything stupid I'm overlooking? I've tried binding to a DDNS service too (as that's how I always did it with my old ASUS router) and that's made no difference. At the moment I'm having to use two sets of bookmarks which is a bit of a pain. Router is an Arris BGW210-700.
|
|
#
?
Jun 18, 2019 16:42
|
|
|
EL BROMANCE posted:Moved over to AT&T fiber yesterday and decided to just go with their modem/router as it looked featured enough for me. The only problem I'm having is with port forwarding. If I'm on the network itself and I try to connect to a service via my external IP (ie 1.1.1.1:10001 should get to a webserver), it moves very slowly and just about brings back enough data so I know it's there but gets no further. If I try from outside my network, this works as expected. Not everything is forwarded to one device either, so I can't pin it on my Mac being funny about the new setup as my IPCam works in exactly the same way. That router probably doesn't support hairpinning/NAT loopback. You may be out of luck. EDIT: Some of the comments here seem to confirm that it doesn't support NAT loopback: https://forums.att.com/t5/AT-T-Internet-Equipment/Strict-NAT-Bridge-Mode-What-is-IP-Passthrough-Can-I-enable-on-my/td-p/5296974/page/7 n0tqu1tesane fucked around with this message at 18:08 on Jun 18, 2019 |
|
#
?
Jun 18, 2019 18:05
|
|
|
n0tqu1tesane posted:That router probably doesn't support hairpinning/NAT loopback. You may be out of luck. He should be able to do it, but likely won't be able to do with just with the AT&T gateway in bridge mode. This is where you'd use the Edgerouter X and EAP Proxy script.
|
|
#
?
Jun 18, 2019 18:09
|
|
|
Looks like that is indeed the case, thanks. I guess I'll just have to eat it, a pain but not unbearable. My use case doesn't really outweigh the installation of additional hardware, I'm in a small house on my own these days so it's hard to justify going crazy with the networking!
|
|
#
?
Jun 18, 2019 18:13
|
|
|
EL BROMANCE posted:Looks like that is indeed the case, thanks. I guess I'll just have to eat it, a pain but not unbearable. My use case doesn't really outweigh the installation of additional hardware, I'm in a small house on my own these days so it's hard to justify going crazy with the networking! It is worth the $50 for an ER-X imo. I have AT&T fiber and set their modem to DMZ the ER-X and have had no issues in the year that I have had it. I don’t do any of the auth spoofing packet stuff either.
|
|
#
?
Jun 18, 2019 20:57
|
|
|
ComWalk posted:
So routing from one VLAN to the other is done fully in software?  how does that even make it into a production release
|
|
#
?
Jun 18, 2019 21:01
|
|
|
Ubiquiti's quality control is...not good. Their AC AirMax radios can't go above 200Mbps because the ancient kernel they run maxes the CPU out with soft interrupts, but they released the product anyway, promised 450Mbps throughput from it, and are taking a "it will be fixed when we fix it" approach to sorting the problem out.
|
|
#
?
Jun 18, 2019 21:05
|
|
|
Thanks Ants posted:Ubiquiti's quality control is...not good. Their AC AirMax radios can't go above 200Mbps because the ancient kernel they run maxes the CPU out with soft interrupts, but they released the product anyway, promised 450Mbps throughput from it, and are taking a "it will be fixed when we fix it" approach to sorting the problem out. This is typical of Ubiquiti.. The marketing department has zero apparent communication with R&D. They quite often release products where some majorly touted feature doesn't actually work in said product until a a year after it's release. They have always been this way. Their foray into VoIP phones was a big one.. Much was promised, little was delivered. I am surprised they even have the things on their website anymore. However their AirMax line was usually spared this... Disappointing to learn this is not the case anymore.
|
|
#
?
Jun 18, 2019 21:20
|
|
|
Their recent change of forum software seems to be going down harder than any software/hardware issues ever have with the ubnt 'community'.
|
|
#
?
Jun 18, 2019 21:21
|
|
|
Meraki did an even worse job at trying to launch phones. Except they told people they realised they'd hosed up, said they were going to re-evaluate their approach to voice but they could 100% keep buying the devices, then shitcanned the entire platform giving people at best a few months to pick a new provider, deploy handsets and port numbers. The  thing about it was that Meraki did that after Cisco had already owned them for years. There's a department sat over there that make phones, just come up with a licensing and distribution model that fits what you do rather than completely starting over.
|
|
#
?
Jun 18, 2019 21:23
|
|
|
|
| # ? May 21, 2024 01:18 |
|
|
That's why I'm intrigued by Aruba's recently announced line that seems aimed at the Ubiquiti market share. If the pricing isn't astronomical and includes central management capabilities and the boxes don't pull a Meraki and become paperweights without a maintenance contract then it'll be real interesting.
|
|
#
?
Jun 18, 2019 21:31
|
|