|
90ft between the furthest cabin and the router with a cabin in between? See you in a few weeks asking how deep to bury the cable.
|
#
?
Jun 30, 2023 21:28
|
|
|
|
| # ? May 19, 2024 17:27 |
|
|
Cyks posted:90ft between the furthest cabin and the router with a cabin in between? See you in a few weeks asking how deep to bury the cable. Well, I don’t want to waste our money! If the answer is there’s no wireless solution that will work, that’s valuable info too. Drilling into the house/ installing wires is complicated (more complicated than wifi extenders) because of family issues. But if that’s the only thing that will work, that’s good to know!
|
|
#
?
Jun 30, 2023 22:12
|
|
|
1 new router please.
|
|
#
?
Jun 30, 2023 23:51
|
|
|
Its easy enough to do a unifi mesh across 100ft, I've got a AP-AC-Pro in my attic linked to another in my shed out back behind trees and that gives me another 350ft of fast wifi. You'd have to do some VLAN stuff at the router so that both cabins would be on separate networks unless you don't care about any cross building security. Much faster and more reliable to just run a fiberoptic cable though. They're cheap these days. Gigabit SFP transceivers are cheap at like $28. You don't even have to bury it, cable is <$20 so just buy a spare and replace it if a tree falls on it.
|
|
#
?
Jul 1, 2023 02:50
|
|
|
Hi it’s me with the camera setup. I got my PoE switch and hooked the 3 cameras to it. I think one of them might not be working because the power and link lights on that port are lighting up. The problem I’m having is that they aren’t being detected by my network. I cant find any information about these stupid things on the internet either. There isn’t any writing on the outside and the two part numbers that are on the main board come back with nothing     That’s all I’ve got. I’m gonna check the network port in the office that the camera drop is but I’m pretty drat sure it’s working because it was before we moved in and the link lights on the router in the other room light up. I could possibly hook the cameras directly up to the NUC and that might work right? Will the NUC auto assign IPs to the cameras? I also cant tell if there is a way to factory reset these stupid things either in case the dude changed the password on them. Edit: I checked the network drop in the office and it’s working so I’m not sure why the cameras aren’t getting an IP address. Hell maybe it’s this one? 5MP PoE IP Dome Security Camera, 2.8mm Wide Angle, H.265 IP66 Waterproof Built-in Micphone/Audio, Compatible with Hik Vision NVR, Not PTZ Camera https://a.co/d/374FlMK I have no fuckin clue lol Edit again : here is the switch the white wire runs to the cable closet where the router is. 
MarcusSA fucked around with this message at 01:38 on Jul 3, 2023 |
|
#
?
Jul 3, 2023 00:52
|
|
|
MarcusSA posted:Hi it’s me with the camera setup. I got my PoE switch and hooked the 3 cameras to it. I think one of them might not be working because the power and link lights on that port are lighting up. Unbranded cameras can be difficult to work with for a few reasons. A factory might make the same camera for a bunch of resellers with different names and put slightly different firmware/branding on it which could change the login credentials. That camera looks the most like this one that I can find based on how the IR LEDs are spaced out on the PCB, but it's entirely possible that it's the same PCB but sold from someone else and the credentials will be different: https://www.amazon.com/Anpviz-Microphone-Weatherproof-Compaliant-IPC-D250W-S/dp/B07PNF7DQT/ These cameras are basically a little PC running some kind of embedded linux. The config page is webserver and they stream video out on a port they're configured to. If you hook a PoE switch to your NUC and the PoE port to this camera you will have them both on the same physical network but the NUC won't be giving it any address information by default, you'd need to run DHCP software on the NUC and the NUC will be acting like a DHCP server, so you may need to set static addressing on the NUC itself if you were to set it up like that. You'd be making your own separate network for just the camera and NUC as its NVR (network video recorder). That's somewhat common but often done with two network cards in the host PC, which would be your NUC in this case, so it could also be on the internet/normal LAN at your house and serve the camera's video stream as a web page you can look at. The camera may grab an address with DHCP but it could also be assigned to a static IP address in its config, there's no way to be sure without hooking it up so it can access a dhcp server and see if it shows up on your network. I usually run https://www.mitec.cz/netscan.html on my PC or Fing on my phone. Fing is getting lovely about pushing you for a license but you can still scan your network for devices. If you plug it into your router and then see it on the list you can try to connect to its IP from a web browser. The amazon Q&A section has this post about seeing the streams on the anpviz one, which may or may not work: quote:1)Main Stream: rtsp://IP:554/h264?username=admin&password=123456 The good news is that if it's an ONVIF camera it should handle the basic streams that are supported by those, ONVIF is a set of standards that IP cameras are supposed to adhere to if they label them as onvif, making them intercompatible with NVRs and cameras. iSpy or other software should be able to access the camera with an IP address and name/password as long as it's onvif but will often suggest a selection of possible streams and some may work and some may not.
|
|
#
?
Jul 3, 2023 01:36
|
|
|
Rexxed posted:Unbranded cameras can be difficult to work with for a few reasons. A factory might make the same camera for a bunch of resellers with different names and put slightly different firmware/branding on it which could change the login credentials. Thanks for this! So the guy who set the cameras up was the head IT guy for a major hospital here in LA so I guess I should have known it wouldn’t be plug and play. Im going to bet he gave them static IP addresses aren’t set to dhcp poo poo lol. I’m going to have to move my NUC ( well I’ll just use my laptop) into that room and do what you said so I can configure them.
|
|
#
?
Jul 3, 2023 01:44
|
|
|
MarcusSA posted:Thanks for this! So the guy who set the cameras up was the head IT guy for a major hospital here in LA so I guess I should have known it wouldn’t be plug and play. He may have even just had an NVR it was hooked up to and taken it with him, it's hard to say for sure. Worst case, if you get tired of trying to figure out the existing camera, you have a mount location and an existing piece of cat5/6 so you could easily replace it with a new one. As you can see from amazon ,they're under a hundred bucks unless you get one that has pan/tilt/zoom.
|
|
#
?
Jul 3, 2023 01:50
|
|
|
Rexxed posted:He may have even just had an NVR it was hooked up to and taken it with him, it's hard to say for sure. Worst case, if you get tired of trying to figure out the existing camera, you have a mount location and an existing piece of cat5/6 so you could easily replace it with a new one. As you can see from amazon ,they're under a hundred bucks unless you get one that has pan/tilt/zoom. This is also true. I might end up doing that. I’m going to give it a shot. I don’t think he has an NvR as when we toured the house I’m pretty sure he had them hooked up to his PC.
|
|
#
?
Jul 3, 2023 01:52
|
|
|
I installed opnsense and am wondering how to block WAN traffic. I want to route everything via VPN instead. Auto rules have higher prio than manual so my manual block all rule does not work at all. Any ideas?
|
|
#
?
Jul 3, 2023 10:01
|
|
|
Ihmemies posted:I installed opnsense and am wondering how to block WAN traffic. I want to route everything via VPN instead. Auto rules have higher prio than manual so my manual block all rule does not work at all. Any ideas? That at least works on FreeBSD.
|
|
#
?
Jul 3, 2023 12:04
|
|
|
Yes. In pfsense I had some written instructions I think at mullvad.net which told me what to do. I really don't understand what I'm doing so it's quite tough with opnsense  My old setup was: All outgoing and incoming traffic went through Mullvad VPN. So if VPN connection was down I had no internet access, that was fine. I used openvpn since pfsense didn't support wireguard. I don't know if it matters which VPN protocol to use because my router has enough cpu to calculate 1Gbit openvpn at least, so it does not need to be any more efficient than openvpn is. Anyways, I'm really at a loss what I need to do. Would be better to learn to use wireguard these days? I guess I need to create a Local and Endpoint Wireguard with ??? settings. Mainly I'm wondering what IP addresses I should use there. Networking is probably the most complex subject I've ever witnessed..  Maybe I need to add a new interface? A gateway? Adjust NAT or firewall settings? Is there some way to learn enough new information so I can actually accomplish this? Maybe read and understand this: https://docs.opnsense.org/manual/how-tos/wireguard-s2s.html ? quote:Go to tab Local and create a new instance. Give it a Name and set a desired Listen Port. If you have more than one service instance be aware that you can use the Listen Port only once. For Tunnel Address choose a new virtual network to run communication over it, just like with OpenVPN or GRE (e.g. 192.168.0.1/24). Peers can not be chosen yet since we have not created them yet. After hitting Save changes you can reopen the newly created instance, write down your new public key and give it to the other side. Where did the guys pull those IP's from? I really have no idea what IP's to slot in myself.
|
|
#
?
Jul 3, 2023 12:14
|
|
|
I gotta be honest, I've got no clue - I wasn't even aware that OPNsense had diverged from pfSense so much that their documentation aren't essentially-equivalent. I'm just a FreeBSD user and developer, so I prefer using it on a single powerful machine rather than as a handful of low-power appliances. By setting up routing for it, you shouldn't really need to use anything else.
|
|
#
?
Jul 3, 2023 12:25
|
|
|
Just to clarify, what are you trying to accomplish? Do you want all of your traffic to go over a VPN instead of using your ISP as your gateway for internet traffic? Or are you trying to set it up so remote devices have to VPN into your network first before going out to the public internet? Or are you trying to connect two sites together for internal communication (I assume not this one)?
|
|
#
?
Jul 3, 2023 12:35
|
|
|
Cyks posted:Just to clarify, what are you trying to accomplish? I am trying to do this. So my router should communicate only to my VPN provider. I don’t need remote access and I don’t need internet if VPN connection is down. I have many devices on lan and it’s not possible to run a vpn client in every one of them. This setup works mostly fine on pfsense, but I want to move to opnsense and I really don’t remember anymore what kind of settings I had to adjust. Ihmemies fucked around with this message at 13:07 on Jul 3, 2023 |
|
#
?
Jul 3, 2023 13:04
|
|
|
If pfsense works, and you don't know how to do it with opnsense, then there's an obvious solution here.
|
|
#
?
Jul 3, 2023 14:34
|
|
|
Wibla posted:If pfsense works, and you don't know how to do it with opnsense, then there's an obvious solution here. Pfsense is going towards closed source, and there's too much monetization around, and they don't feel like updating their software timely anymore. I finally got it to work with this guide: https://notes.aliciasykes.com/18842/how-to-mullvad-vpn-using-wireguard-on-opnsense Now the VPN connection seems to work, DNS queries seem to work, and traffic is routed through VPN. Thanks for nothing though
|
|
#
?
Jul 3, 2023 17:03
|
|
|
For my home network, is there a pre-built appliance that is a wifi router running FreeBSD/TrueNAS? The router that came from my ISP is starting to be unreliable for wifi, I want to disable the wifi, and plug a better router into one of its ports. Bonus points if it can double as a NAS, with 2-4 hard drive slots. This part isn't important though.
|
|
#
?
Jul 4, 2023 02:03
|
|
|
FreeBSD's WiFi support has never been great and that remains the case. AFAIK even supporting 802.11ac at all is still largely a work in progress. Don't hold your breath. If you want a FreeBSD based router your best bet is to pair it with some standalone wireless access points that are likely running Linux.
|
|
#
?
Jul 4, 2023 23:49
|
|
|
MarcusSA posted:Hi it’s me with the camera setup. I got my PoE switch and hooked the 3 cameras to it. I think one of them might not be working because the power and link lights on that port are lighting up. Have you pulled the base off the wall/ceiling/whatever? That's usually where branding, model numbers, etc is, and if there's a reset button, it's could be there.
|
|
#
?
Jul 5, 2023 05:25
|
|
|
wolrah posted:FreeBSD's WiFi support has never been great and that remains the case. AFAIK even supporting 802.11ac at all is still largely a work in progress. Don't hold your breath. If you want a FreeBSD based router your best bet is to pair it with some standalone wireless access points that are likely running Linux. Qualcomm and Realtek drivers in Linux are also of particularly poor quality (they look like they've been mechanically converted from some sort of internal documentation, and simply aren't up to the code quality expected in FreeBSD even if Realtek or Qualcomm were particularly good about providing them, which they've never shown any interest in doing, or even being helpful with documentation). It's being worked on in two ways; the LKPI (which is already used to implement DRM support for Intel and AMD graphics cards) is being extended to also support wireless drivers from Linux. Once that work is done (and there are ports available with drivers, as they can't be included in the base system, not unlike how net/realtek-re-kmod or net/intel-em-kmod works already except that they have equivalents in the base system), I believe bz@ will move onto the newer 802.11 standards.
|
|
#
?
Jul 5, 2023 11:28
|
|
|
I'm in a situation where I'm considering putting a router behind a modem/router that can't be put into bridge mode or passthrough mode or whatever it's called. Closest I can do is put the router in the dmz of the modem/router. From what I gather, this would solve whatever problems there would be with port forwarding, which is what all the garbage Google serves me about the topic is concerned about. Is that the whole problem or are there services that would trip over the mere fact of there being two levels of internal addresses? In the current, modem/router only situation, I had to forward a port to seed some self created torrents. I think that will probably work with the router in the dmz? I'm most worried about tailscale being set up on my nas, to vpn into the local network from outside. This is one of those I don't know what things I don't know problems.
|
|
#
?
Jul 5, 2023 15:16
|
|
|
I'm moving in under a month, and Comcast at our new building is offering 2000mbps speeds, so I'm in a frenzy mixed between "this rules" and "how the hell will this work." I'm using a RT-AC67P router right now, so I'm looking to upgrade to something that can handle the speeds. Looking at specs of different routers, it seems like they have, at most, one multi-gig port out. Is this the case with all of them, assuming I don't get some ridiculous $1000 router? In general, what are the recommended ones for multi-gig speeds? edit: if usage matters, it's about an 800 sq ft apartment, I'll be looking to set up a Plex server off of a desktop for two TVs + two laptops + two phones + PS5. edit edit: oh am I supposed to hook a switch up to the one multi-gig port?? kingcobweb fucked around with this message at 19:30 on Jul 5, 2023 |
|
#
?
Jul 5, 2023 19:28
|
|
|
n0tqu1tesane posted:Have you pulled the base off the wall/ceiling/whatever? That's usually where branding, model numbers, etc is, and if there's a reset button, it's could be there. I did not! I gave it a good try with software and just said gently caress it and I’m going to just replace one of them for $50. I’ll check to see if that’s the case when I pull it down and replace it. Thanks for the tip though!
|
|
#
?
Jul 5, 2023 19:31
|
|
|
Flipperwaldt posted:I'm in a situation where I'm considering putting a router behind a modem/router that can't be put into bridge mode or passthrough mode or whatever it's called. Closest I can do is put the router in the dmz of the modem/router. From what I gather, this would solve whatever problems there would be with port forwarding, which is what all the garbage Google serves me about the topic is concerned about. Is that the whole problem or are there services that would trip over the mere fact of there being two levels of internal addresses? Putting the second router in DMZ mode should solve your double NAT issues and allow your port forwarding rules to work properly. kingcobweb posted:I'm moving in under a month, and Comcast at our new building is offering 2000mbps speeds, so I'm in a frenzy mixed between "this rules" and "how the hell will this work." I'm using a RT-AC67P router right now, so I'm looking to upgrade to something that can handle the speeds. Do you know the exact product Comcast is offering? They have a couple I think. Maybe I'm confusing them with someone else. One product is basically fiber to the home. The other is just really fast Docsis over a traditional cable wire. Either way Comcast will provide you the equipment you need. My hot take, speeds like that are pointless. Once you get over 500mbit it doesn't matter. I wouldn't spend the money to redesign my home network to take advantage of theoretical speeds only a handful of sites can take advantage of in the real world.
|
|
#
?
Jul 5, 2023 19:54
|
|
|
skipdogg posted:Putting the second router in DMZ mode should solve your double NAT issues and allow your port forwarding rules to work properly. And then the first router transparently bucket brigades all the traffic to the second one, in and out. So transparently that it's functionally identical to having the first router in bridge mode, apart from the internal technical detail of external ip being translated to an internal ip twice in succession and some latency overhead. I'm just expecting there to be other reasons or other potential problems, what with all the people lamenting how this modem/router can't be put into bridge mode. This is what I'm not clear on. Port forwarding is the literal only problem you'd expect in a router after router setup then?
|
|
#
?
Jul 5, 2023 20:50
|
|
|
Flipperwaldt posted:Right, put the second router in the first router's dmz is what I'm taking that to mean. I want to use the second router as the actual router of everything else. Sorry if I'm misunderstanding basic established terminology. Bridge mode is fine for like 98% of users. Internet nerds (including the ones here) sometimes get pissed off about ISP's not allowing a true bridge mode because they want 100% control and make a big deal about it. It's fine. The only time I've seen issues with it, and this was a long long time ago when I did ISP support, was certain types of voip got a little cranky about it. I don't know what ISP you have, but back in the day with AT&T, the 2nd router will get the public IP on it's wan port once it's in DMZ mode. It should be fine for hosting torrents or running vpn at home. I was never a fan of running 2 routers at home. The ISP gateway device wireless always sucked, so I used some access points at my last house for wifi, but let the ISP gateway do the routing. That was a decent compromise for my specific situation.
|
|
#
?
Jul 5, 2023 21:07
|
|
|
The main issue with not having a true bridge mode is when the reason you want to bypass the ISP-provided nonsense is a lovely little NAT table like AT&T loves to configure on their garbage. DMZ mode still has you stuck behind a stupidly tiny state table.
|
|
#
?
Jul 5, 2023 21:49
|
|
|
Thank you for clarifying, that's very helpful! I'm in Belgium, I have no choice of ISPs in the specific location. My main complaint is that the ISP does frequent "maintenance on their network", like maybe five, six times a year on average. This, for no good reason, takes down (deactivates) the whole local network, which I don't appreciate. These windows are maybe 20 minutes and occur mostly during the night, but I hate it. Whenever that happens, there's an even chance half the devices on the network get a random different IP address assigned. There are like 20-25 places where I have to type new addresses in apps and devices. The router doesn't allow me to set DHCP reservations. I've tried using local hostnames wherever I can, but the functionality seems slow and unreliable on Android in particular. I'm sure as hell not going to set static IPs for half my devices and still have to deal with the problem on devices where this isn't an option (like the thermostat). On top of that, I want to set a network wide adblocking DNS, which current router doesn't allow either. I'm just so loving sick of it, I want these things to be in my control and have my network accessible even if there is an external outage. The WiFi, oddly, is great, I'm worried that I'm gonna downgrade myself in some way. wolrah posted:The main issue with not having a true bridge mode is when the reason you want to bypass the ISP-provided nonsense is a lovely little NAT table like AT&T loves to configure on their garbage. DMZ mode still has you stuck behind a stupidly tiny state table. Edit: just googled that, the table is a list of active connections, a tiny one causes slowdowns. Thanks again everyone. Flipperwaldt fucked around with this message at 22:09 on Jul 5, 2023 |
|
#
?
Jul 5, 2023 22:01
|
|
|
skipdogg posted:Putting the second router in DMZ mode should solve your double NAT issues and allow your port forwarding rules to work properly. Pretty sure it’s just cable internet. I have a good DOCSIS 3.1 modem already, if I use their poo poo they charge me like $20 a month extra or something. So I just need the router And yeah I probably don’t need 2000mbit instead of 500 but what if I REALLY NEED to download a blu ray in two minutes huh
|
|
#
?
Jul 5, 2023 22:07
|
|
|
Flipperwaldt posted:What is the user adverse consequence of a tiny state table? Is it just lack of addresses to assign? I've personally only seen a full NAT table be an issue a handful of times in my life. Torrenting is the biggest one. The other one was finding online game servers for CounterStrike or something. You would hit find server and it would reach out to like 500+ servers at once and overload the NAT table. Back in the day the NAT table on some of the devices I supported was as low as 1024 I think. It seem like it's double that now. Tuning the NAT timeout, the torrent software, can mitigate some of this, but yeah if the table fills up things slow down. wolrah posted:AT&T loves to configure on their garbage. All I can say is AT&T is very intentional on what features it enables on the hardware it uses, and how everything is configured. They do all of it on purpose.
|
|
#
?
Jul 5, 2023 22:20
|
|
|
Flipperwaldt posted:What is the user adverse consequence of a tiny state table? Is it just lack of addresses to assign? The lovely AT&T devices have an absolutely miniscule state table, around 8000 slots, which can not be adjusted. For comparison a random Netgate SG-1000 I have access to, an absolute garbage-tier device that barely manages to run pfSense, has its table set to 49,000 by default and it's easy to turn it up if you aren't using up RAM with other things. Once you run out the firewall can't keep track of any further connections and weird things happen, depending on the platform you either lose the ability to open new connections until old ones either time out or are closed or it FIFOs and starts dropping the oldest ones. It doesn't matter that much to someone doing normal web browsing things with a few computers, but a popular torrent can get the number up fast. Back when people used to say torrents "crashed their network" this was usually what had actually happened, a shitbox router ran out of firewall state tracking space. The more devices you have on your home network making connections around the internet the more likely it is to be a problem.
|
|
#
?
Jul 5, 2023 22:22
|
|
|
skipdogg posted:The other one was finding online game servers for CounterStrike or something. You would hit find server and it would reach out to like 500+ servers at once and overload the NAT table. quote:All I can say is AT&T is very intentional on what features it enables on the hardware it uses, and how everything is configured. They do all of it on purpose. edit: crap, meant to edit my last post rather than doublepost...
|
|
#
?
Jul 5, 2023 22:27
|
|
|
Thank you all once again, I'm so glad to be able to ask people. I used to be good at google, but then they changed it.
|
|
#
?
Jul 5, 2023 22:39
|
|
|
Flipperwaldt posted:Thank you all once again, I'm so glad to be able to ask people. I used to be good at google, but then they changed it. SEO was the death of the search engine
|
|
#
?
Jul 5, 2023 22:45
|
|
|
Hey all, I'm building a new office and I need to move my fiber optic modem/receiver into the new office room. That means I have to run a line through the wall and install a wall plate etc. But I have no idea how to do this with fiber. Are there any special keystone connectors, or methods for cutting and/or splicing a fiber cable if I need to? With Ethernet I'd just get cat6 and terminate it at the wall.
|
|
#
?
Jul 7, 2023 00:38
|
|
|
Can you just leave the fiber device in place and run an ethernet line to the new office?
|
|
#
?
Jul 7, 2023 03:28
|
|
|
Yes, moving the service provided fiber optic part of your network is a terrible and expensive proposition. There are more traditional solutions that would work better. Like switches and ethernet or wifi.
|
|
#
?
Jul 7, 2023 04:57
|
|
|
Yeah so I've got everything working with the new router. The loving pants making GBS threads dmz function simply would not work. Change the setting, save it, save successful!, refresh, setting is back where it originally was  Three hours of that. Occasionally it would remove the setting from the interface entirely or bring back a port forwarding rule I had deleted earlier. Then later revert. Exactly the erratic garbage I want to get away from. In the end I just double forwarded the port for BT from outside to router 2 and from there to my nas. Tailscale didn't work for two hours and then suddenly did without intervention on my end, at which point I decided to stop touching things. The new router is a Fritz!box 4060 and so far has been a champ. Settings go deep enough for me but not too deep.
|
|
#
?
Jul 7, 2023 14:47
|
|
|
|
| # ? May 19, 2024 17:27 |
|
|
M_Gargantua posted:Yes, moving the service provided fiber optic part of your network is a terrible and expensive proposition. There are more traditional solutions that would work better. Like switches and ethernet or wifi. Inept posted:Can you just leave the fiber device in place and run an ethernet line to the new office? drat I was hoping there was just a way to cut and splice a new portion of fiber onto. I guess just running ethernet down is an option. After I looked at the installation and how the wires were routed, its definitely a shorter run to my new office than to the old. It looks like if I just carefully pull the wire back out of the wall and run it to the new spot I should be OK with reusing the original stuff. Fingers crossed.
|
|
#
?
Jul 7, 2023 15:39
|
|