|
I have an Archer A7 and RE450 range extender that I posted about here a while ago, and the setup loving sucks. Service cuts out constantly. Name resolution in particular fails constantly. Disconnecting and reconnecting the wifi connection often makes it work again, but only temporarily. Sometimes you have to reboot the router and extender. I've tried switching the DNS server to Google, doesn't work. Speed isn't a problem when the connection works, but it drops the connection constantly, even though it usually still registers in Windows as being connected to the internet through the wifi extender network. Occasionally it will drop even thatcode:icantfindaname fucked around with this message at 08:27 on Mar 21, 2020 |
#
?
Mar 21, 2020 08:02
|
|
|
|
| # ? Jun 6, 2024 16:50 |
|
|
icantfindaname posted:I have an Archer A7 and RE450 range extender that I posted about here a while ago, and the setup loving sucks. Service cuts out constantly. Name resolution in particular fails constantly. Disconnecting and reconnecting the wifi connection often makes it work again, but only temporarily. Sometimes you have to reboot the router and extender. I've tried switching the DNS server to Google, doesn't work. Speed isn't a problem when the connection works, but it drops the connection constantly, even though it usually still registers in Windows as being connected to the internet through the wifi extender network. Occasionally it will drop even that I've never been a fan of wifi extenders. If you unplug the extender, do you still experience problems?
|
|
#
?
Mar 21, 2020 08:15
|
|
|
astral posted:I've never been a fan of wifi extenders. If you unplug the extender, do you still experience problems? Problems aren't as bad on the original A7 network, but it's not powerful enough to get signal throughout the whole house Do mesh networks generally do better than extenders?
|
|
#
?
Mar 21, 2020 08:28
|
|
|
icantfindaname posted:Problems aren't as bad on the original A7 network, but it's not powerful enough to get signal throughout the whole house A mesh setup might work better than an extender, but nothing beats running a cable to a second AP if it's at all possible. Even powerline networking to a second AP would likely be a better experience than mesh or extenders (but, as always, how powerline networking works out will depend on the house's electrical setup, so make any powerline networking purchases somewhere with a solid return policy). Could you elaborate on the "problems aren't as bad" bit?
|
|
#
?
Mar 21, 2020 08:42
|
|
|
astral posted:A mesh setup might work better than an extender, but nothing beats running a cable to a second AP if it's at all possible. Even powerline networking to a second AP would likely be a better experience than mesh or extenders (but, as always, how powerline networking works out will depend on the house's electrical setup, so make any powerline networking purchases somewhere with a solid return policy). I honestly haven’t tested it enough to tell for sure but the cutting out doesn’t seem to happen as much on the wifi directly from the A7. Powerline to AP is interesting, I have 2 powerline adapters already for a desktop and a Roku TV box and they work pretty well, I’ll try hooking one up to the RE450 and using it as an access point
|
|
#
?
Mar 21, 2020 09:28
|
|
|
Captn Kurp posted:Hey guys, I was curious if someone here has experience with Palo Alto equipment in a home network. I'm mostly concerned about the way their licenses work and what will work on the device with and without certain licenses. I tried reaching out to PA but they were unable to really answer much and just tried selling me things. I, too, tried to ask them about private/hobbyist license possibilities, and received no answer.  Let us know if you figure something out.
|
|
#
?
Mar 21, 2020 12:37
|
|
|
I realize this is not strictly home networking, but seeing as the is the forum hangout for Ubiquiti fanbois/masochist, I'll pose the question here: Work recently acquired a Ubiquiti mFi mPower PRO (EU) six outlet remotely managed power strip. The software was last updated in 2015 and hoooo boy, does it show. The firmware on the thing is ancient (I see indications that newer firmware will add more features) and one needs to install some controller software on a PC or Mac to make them work. Trouble is, it's all Java based (and crap), so none of them worked with an OS released in this millennium. Anyone got experience with these? I think we bought the wrong product, all I really wanted was something that could be managed via a built in web server or shell or something. I really don't feel like setting up a five year old environment just to configure this loving thing.
|
|
#
?
Mar 21, 2020 12:38
|
|
|
Per posted:Oh ok, thanks, port forwarding ended.  thread success story.Lookup a wireguard setup tutorial, there is likely one on the wireguard site. It's what the kids are doing these days. Clients for everything. Once you have it running locally how you like, ironically enough, you then need to Google how to port forward from your router to the wireguard server:port.  Then you get to find out if you can even connect to your home internet from the internet. If you can't you're going to either need to call and play the "work needs my ip to whitelist me for their corporate VPN" game, the "I need a static ip" game, or make a bastion host in THE CLOUD (e.g. digitalocean).
|
|
#
?
Mar 21, 2020 15:48
|
|
|
Per posted:Oh ok, thanks, port forwarding ended. While Wireguard is the Tier A solution, you can also enable OpenVPN in your Archer settings for a more Out of the Box solution. OpenVPN has some problems but I think that it’s an ok solution for a non-technical user.
|
|
#
?
Mar 21, 2020 16:26
|
|
|
Ur Getting Fatter posted:While Wireguard is the Tier A solution, you can also enable OpenVPN in your Archer settings for a more Out of the Box solution. I didn't realize Archers had it built in, if they do, use that. If you want to learn something hip and new, look at wireguard.
|
|
#
?
Mar 21, 2020 16:28
|
|
|
H110Hawk posted:
I went ahead on my own with OpenVPN. I got a server set up on my Pi and a client on my laptop and I´ve made a successful connection I´m fairly sure (no errors that I can see) while my laptop was on a mobile hotspot. Now for a dumb question: What do I do now? How do I control the Pi from my laptop with like a remote desktop type thing?
|
|
#
?
Mar 21, 2020 16:31
|
|
|
Per posted:I went ahead on my own with OpenVPN. I got a server set up on my Pi and a client on my laptop and I´ve made a successful connection I´m fairly sure (no errors that I can see) while my laptop was on a mobile hotspot. If you have VNC running on the PI just download whatever VNC client you prefer on your remote machine and connect to the PI’s local ip:[ PORT ]
|
|
#
?
Mar 21, 2020 16:35
|
|
|
Per posted:I went ahead on my own with OpenVPN. I got a server set up on my Pi and a client on my laptop and I´ve made a successful connection I´m fairly sure (no errors that I can see) while my laptop was on a mobile hotspot. How do you currently do it? A physical monitor? Which OS are you running on it?
|
|
#
?
Mar 21, 2020 16:36
|
|
|
Ur Getting Fatter posted:If you have VNC running on the PI just download whatever VNC client you prefer on your remote machine and connect to the PI’s local ip:[ PORT ] And it works, yay! Thanks guys! quote:How do you currently do it? A physical monitor? Which OS are you running on it? I don't currently do it, this is all a bit new to me. But basically the idea was for my (Win10) laptop to access my Pi at home to do stuff while I am away (on a ship). One last question regarding port forwarding: I forwarded port 1194 for the VPN stuff. When I use one of those port scanners websites it says that the port is closed. I get that this is a good thing, I am just wondering why it is closed if it is forwarded? How is the VPN tunnel happening through a seemingly closed port?
|
|
#
?
Mar 21, 2020 16:53
|
|
|
Neslepaks posted:I, too, tried to ask them about private/hobbyist license possibilities, and received no answer. According to a few threads I read on reddit, they sell "lab units" that are special SKUs for the device series that have cheaper licensing and work on an honor system. I ordered a PA-220 lab unit (half price of a regular 220 @ 500 USD) from CDW, will report back as I move through the process. In addition to the lab units others have stated having a VM-50 NGFW is significantly cheaper and is the same speed or faster with the right hardware but I really wanted a physical device. Will report back (:
|
|
#
?
Mar 21, 2020 17:33
|
|
|
Per posted:This is my port forwarding. I´m not sure why it works with 5900, but not 3389. While I realize you have chosen the vastly superior path of VPN, the answer here might be your ISP trying to protect you from yourself. They might block inbound traffic to certain ports. Cox blocks port 80, which makes getting a letsencrypt cert for my router loving impossible.
|
|
#
?
Mar 21, 2020 17:47
|
|
|
IOwnCalculus posted:Cox blocks port 80, which makes getting a letsencrypt cert for my router loving impossible. In case you did not already find out: there are other ways of verifying you own the domain than running a webserver, like setting some TXT records it asks you to.
|
|
#
?
Mar 21, 2020 19:01
|
|
|
Update yo poo poo people. Critical bugs in dozens of Zyxel and Lilin IoT models under active exploit
|
|
#
?
Mar 21, 2020 19:40
|
|
|
astral posted:In case you did not already find out: there are other ways of verifying you own the domain than running a webserver, like setting some TXT records it asks you to. I shall have to investigate this further, the automated scripts I was fiddling around with on my Edgerouter assumed port 80.
|
|
#
?
Mar 21, 2020 19:52
|
|
|
Per posted:One last question regarding port forwarding: I forwarded port 1194 for the VPN stuff. When I use one of those port scanners websites it says that the port is closed. I get that this is a good thing, I am just wondering why it is closed if it is forwarded? How is the VPN tunnel happening through a seemingly closed port? Depends on what port scanner you're using, but IIRC most default to checking to see if the port is open by sending a TCP connection request and seeing if they get a response. Most VPN clients are looking for UDP packets, so they just ignore TCP packets entirely, which shows up to the port scanner as a closed port. It can't tell the difference between a packet that got dropped because the port is closed, or because the service listening on that port simply ignored it.
|
|
#
?
Mar 21, 2020 20:39
|
|
|
Per posted:Hey guys. I´m pretty new to this stuff. My problem relates to port forwarding. eternally screaming Captn Kurp posted:According to a few threads I read on reddit, they sell "lab units" that are special SKUs for the device series that have cheaper licensing and work on an honor system. Yeah, I'm about to pull the trigger on a VM-50 lab license. I tried to sneak through an order for an NFR SKU since the company I work for has some kind of partnership but CDW just silently went "nahhhhh" which i'm assuming meant PA rejected the order. H2SO4 fucked around with this message at 00:57 on Mar 22, 2020 |
|
#
?
Mar 22, 2020 00:51
|
|
|
H2SO4 posted:eternally screaming I actually missed this, thank you. The reason 3389 didn't work directly is it is such a phenomenally bad idea that I imagine your ISP (as all residential ISPs should) filter it at their border and just say "no fuckin way." If you want to find out why, google "Microsoft RDP pre-auth CVE" and see what you get. Often times you can find "rdp pre-auth rce" and get similar numbers of result. This means "before authentication" (pre-auth) "remote code execution" (rce) in Microsoft Windows Remote Desktop Protocol ("RDP"). This is Very Bad and will generally always warrant a CVSS score >9.0. https://en.wikipedia.org/wiki/Common_Vulnerability_Scoring_System You didn't know as you are a naive home user that the public internet is basically just a virus that you happen to not get due to luck, NAT, and the occasional firewall. Now you know. There are basically a handful of protocols specifically designed to be exposed to the open internet for secure access, and even those occasionally fail. Those are various VPN's, SSH, and their ilk.
|
|
#
?
Mar 22, 2020 01:36
|
|
|
And yet so much stuff is done on ports 80 and 443... I finally pulled the trigger on a UDM PRO and an AP lite and thought the thread would like to know that the UDM Pro is $20 off right now May be other discounts too, but that was what I saw
|
|
#
?
Mar 23, 2020 00:17
|
|
|
namlosh posted:And yet so much stuff is done on ports 80 and 443... And those are also frequently broken into and are constantly under attack. It's the wild west out there, but the old school remote access protocols are the worst of the worst. (rdp, vnc, all the "team viewers" of the world which don't do connections via a centralized broker.)
|
|
#
?
Mar 23, 2020 01:24
|
|
|
bolind posted:I realize this is not strictly home networking, but seeing as the is the forum hangout for Ubiquiti fanbois/masochist, I'll pose the question here: Figured it out, what a tire fire. Ubiquiti has all but abandoned that product line, but there's a way: The ssh server in the device is old, so to successfully ssh or scp to the device, use the following options: ssh -oKexAlgorithms=+diffie-hellman-group1-sha1 -c aes128-cbc ubnt@123.123.123.123 (for scp, the options only work if the order is reversed.) This thread: https://community.ui.com/questions/mpower-how-to-change-port-name-without-mfi-controler/b1ec094d-2ef0-47bb-831b-9e0be9c2655f describes how to set up names for the outlets. This page describes how to update the firmware: https://help.ubnt.com/hc/en-us/articles/205222650-mFi-How-to-upgrade-devices-manually. The last bit you'll need exactly once, because the SW was last released in 2015 and is not likely to be ever updated again. Oh, and it probably has more security holes than a stock Windows 95.
|
|
#
?
Mar 23, 2020 17:27
|
|
|
Ok I’m sorry if this is the wrong thread. I’m not extremely tech literate but I’ve been presented with an unusual and suddenly urgent problem. I have been sent to work from home. They had us bring our old dumb desktop computers home to set up and work. Which is all well and good. BUT These drat computers don’t have WiFi adapters and also will not let you install anything on them. My first instinct was to try and plug it into my normal desktop and network it like a LAN but that did not work and I am too feeble to figure it out without help. My second instinct was to buy a USB WiFi adapter and that’s how I found out you cannot install software on these PCs. So, I need a way to get wireless on this PC that does not involve installing software on the PC if possible. I’m looking at something called a TP-Link Powerline AV500 Nano Adapter Starter Kit (model TL-PA4010KIT, SKU 2080136) which appears to be some kind of Ethernet antenna? But I already bought two WiFi adapters that don’t work and which I have to return, so I wanted to ask if there’s a solution that goons know that I can do. Alternatively if you could help me do a LAN thing or whatever through my regular PC that would also work. For reference, if I were by myself I would just put up with having to sit next to the router, but my fiancé and I work at the same company and now both have to work from home, and our job is calling people. Having to sit basically next to each other is not sustainable and I really would rather not run a 60 foot Ethernet cord into the other room if I don’t have to. Please help goons. I will remove this post if this is the wrong thread. 
|
|
#
?
Mar 24, 2020 01:38
|
|
|
Lightning Knight posted:Ok I’m sorry if this is the wrong thread. I’m not extremely tech literate but I’ve been presented with an unusual and suddenly urgent problem. My go to temporary solution is a 100ft ethernet cable. Get a flat one and you can hide it along the walls. Just buy it much longer than you need. It's an eyesore but it's temporary.
|
|
#
?
Mar 24, 2020 02:16
|
|
|
Lightning Knight posted:My first instinct was to try and plug it into my normal desktop and network it like a LAN but that did not work and I am too feeble to figure it out without help. One option: the magical keywords you want to do that in Windows: "Internet Connection Sharing". Another option: The Powerline networking you described, but make sure to buy from somewhere with a good return policy because performance can vary depending on your electrical setup. Yet another option: Spend money on something like this or this that connects to your wifi network and lets you plug in your WFH desktop. Aforementioned 100ft cable is great, too. astral fucked around with this message at 02:30 on Mar 24, 2020 |
|
#
?
Mar 24, 2020 02:27
|
|
|
astral posted:One option: the magical keywords you want to do that in Windows: "Internet Connection Sharing". So if I stick these in the wall and connect them to my WiFi, and then plug the computer into it, it will be as if I plugged it into the router? As in, do they try to install any software or drivers?
|
|
#
?
Mar 24, 2020 04:00
|
|
|
Lightning Knight posted:So if I stick these in the wall and connect them to my WiFi, and then plug the computer into it, it will be as if I plugged it into the router? As in, do they try to install any software or drivers? Nope! Your computer should just see it as a normal wired connection.
|
|
#
?
Mar 24, 2020 05:12
|
|
|
Armacham posted:Nope! Your computer should just see it as a normal wired connection. Ok sweet. I’ll see if I can somehow buy one of these today.
|
|
#
?
Mar 24, 2020 13:14
|
|
|
Hey guys I should get my UDM-Pro and AP AC Lite on Thursday according to the tracking number I was sent. I'm very excited to set it all up, but I was a little worried about some posts on the Unifi community boards specifically about the UDM-PRO having issues: https://community.ui.com/questions/Dream-Machine-not-ready-for-prime-time/938124ca-df43-4b34-8cbd-2462edf8a845?page=4 https://community.ui.com/questions/UDM-Pro-the-Dream-Machine-Pro-a-machine-nightmares-are-made-of/2dfc11c8-d696-42d2-8c51-566c923b81bf https://community.ui.com/questions/UDM-PRO-release-is-a-disaster/bf98e20e-1290-40a2-9e30-517561fdb705 I'm a software developer, not a network guy. But I do have some experience supporting some network equipment (layer-3, vpn concentrator... all cisco) for a startup I had years ago. I thought I was spending more money and taking the high road with this equipment because it was awesome and highly recommended and would last me a while (have good ROI). Now I'm worried, it's the worst to feel like you took the safe route and find out it wasn't safe at all. Here's what I want to do with it when it gets here: VPN - both site-to-site with azure and Point-to-site to access my home network from anywhere VLANS - want to segregate iOT stuff so it can't see my network and can't access the internet unless it has to PieHole - not really something that has to do with UDM-pro, but it is on the list Some kind of Content-blocking for the kids Should I send this stuff back? Are the people that are complaining doing anything significantly different from what I want to do? Also, any tips on having a trouble-free setup? should I upgrade firmware first thing? re-install the o/s? I figure I'm starting from scratch so that's good, a lot of people are having issues with importing existing configs. I'm a home network, so I can deal with some issues/teething. I can restart the thing once a week if I have to for a few months or whatever. But now I'm worried that this thing will never be right. Is it possible that the product will be abandoned? I trust your opinions and really appreciate any feedback you can give.
|
|
#
?
Mar 24, 2020 16:12
|
|
|
I'd return the UDM Pro and get a Netgate SG3100 if you want to do anything with VPNs - Ubiquiti's VPN support is appalling. If you have a really fast home internet service then you might want to consider the SG5100.
|
|
#
?
Mar 24, 2020 19:15
|
|
|
Or stand up a VPN behind the UDM.
|
|
#
?
Mar 24, 2020 19:27
|
|
|
What router could I get that would handle full duplex gigabit? I had an edgerouter x and was considering the edgerouter 4. I do have unifi uap-ac-pros so would it be worth going with a usg to streamline that? I'm contemplating going with at&t fiber which is now available in my area.
|
|
#
?
Mar 24, 2020 19:42
|
|
|
St. Blaize posted:What router could I get that would handle full duplex gigabit? I had an edgerouter x and was considering the edgerouter 4. I do have unifi uap-ac-pros so would it be worth going with a usg to streamline that? I'm contemplating going with at&t fiber which is now available in my area. Be aware that you have to use AT&T's dumb residential gateway with their fiber service. The Arris (?) BGW210 will let you use it as a bridge with a different router and that works fine, but if you're like me, and are stuck with a Pace 5268AC, you'll be boned. Google "5268AC DMZ plus" if you'd like to read about the problems with it. There are ways around using their residential gateway that have been mentioned in this thread but you'll still need to keep the RG around. A fun side note, I'm paying for the gigabit service now (was 100/100) and I'm only getting 400/500 while wired. Not sure if it's because my laptop dock is USB3 or if it's the dumb 5268ac but I haven't really felt like troubleshooting it.
|
|
#
?
Mar 24, 2020 19:54
|
|
|
I've had weird issues when testing gigabit connections and traced it back to poo poo USB adapters so many times, it's pretty much the first thing I check now.
|
|
#
?
Mar 24, 2020 22:38
|
|
|
It’s something else. I get the same (or worse) speeds using my laptop’s gigabit lan port. Example: 200 down/900 up. Something is screwed somewhere in the chain.
|
|
#
?
Mar 24, 2020 23:25
|
|
|
TheWevel posted:It’s something else. I get the same (or worse) speeds using my laptop’s gigabit lan port. Example: 200 down/900 up. Something is screwed somewhere in the chain. This is really odd. Having such different down/up rates when you should be seeing similar. 1) What are you testing from? 2) Can you use iperf to test between two clients on the LAN?
|
|
#
?
Mar 25, 2020 00:02
|
|
|
|
| # ? Jun 6, 2024 16:50 |
|
|
TheWevel posted:It’s something else. I get the same (or worse) speeds using my laptop’s gigabit lan port. Example: 200 down/900 up. Something is screwed somewhere in the chain. Did you have QoS set up for your old speeds without updating the configuration since the speed upgrade?
|
|
#
?
Mar 25, 2020 00:26
|
|