Chirurgia cranio-cerebrală minim invazivă
Tehnicile minim invazive impun utilizarea unei tehnologii ultramoderne. Endoscoapele operatorii de diverse tipuri, microscopul operator dedicat, neuronavigația, neuroelectrofiziologia, tehnicile avansate de anestezie, chirurgia cu pacientul treaz reprezintă armamentarium fără de care neurochirurgia prin "gaura cheii" nu ar fi posibilă. Folosind tehnicile de mai sus, tratăm un spectru larg de patologii cranio-cerebrale. www.neurohope.ro |
EdgeRouter X - Ubiquiti - (ER X)
Last Updated: May 18 2024 08:38, Started by
wolfydRg
, Nov 09 2019 21:14
·
14
#577
Posted 10 May 2024 - 14:56
Nu am experienta cu Ubiquiti dar in mod normal regulile de firewall sunt executate in ordinea lor ; daca treci regula Wireguard pe pozitia 2 are vreun efect ?
|
#578
Posted 10 May 2024 - 15:07
/32 nu cred ca e ok. Sigur e /24 sau 255.255.255.0.
Vedeti ca mai pe la inceputul topicului era configurare pentru Wireguard , am testat atunci si a mers ok. Eu personal am acum altceva si folosesc OpenVPN + ipfire direct per server. Ubiquiti sta in sertar, doar ocazional il mai pun. |
#579
Posted 10 May 2024 - 16:18
Am pus /24 ulterior.
Linkul de sus nu merge. Ajung deseara și mut regula de fw mai sus. Totusi, asa o vazusem pe un site... |
#580
Posted 10 May 2024 - 18:09
joystick, on 10 mai 2024 - 13:57, said:
Mda, am vazut greseala cu drop, dar tot nu merge.... nu trebuie source la portul udp. doar destination. clientul poate sa trimita de pe port 53131 udp pe portul tau wireguard udp. daca iti e mai usor via GUI uite o poza sa-ti dai seama (portul e editat): wg0 edgerouter gui wan local.JPG 30.97K 13 downloads ps nu m-am uitat peste toata configuratia, dar poti pune output-urile de la cee 2 comenzi de mai jos si rezolvam configure show interface wireguard show firewall name WAN_LOCAL discard; exitsterge doar key-urile de la peer-urile wireguard si ip-public/ddns daca ai cumva. |
#581
Posted 10 May 2024 - 21:30
ubnt@EdgeRouter-X-SFP-6-Port# show firewall name WAN_LOCAL default-action drop description "WAN to router" rule 10 { action accept description "Allow established/related" state { established enable related enable } } rule 20 { action drop description "Drop invalid state" state { invalid enable } } rule 21 { action accept description Wireguard destination { port 51820 } :...skipping... default-action drop description "WAN to router" rule 10 { action accept description "Allow established/related" state { established enable related enable } } rule 20 { action drop description "Drop invalid state" state { invalid enable } } rule 21 { action accept description Wireguard destination { port 51820 } log disable protocol udp source { } } ~ ~ ~ ~ ~ ~ [edit] ubnt@EdgeRouter-X-SFP-6-Port# show interface wireguard Specified configuration path is not valid [edit] ubnt@EdgeRouter-X-SFP-6-Port# show interfaces .......................................... } wireguard wg0 { address 192.168.1.1/24 listen-port 51820 peer Xq...... description WireGuard preshared-key h } private-key QP....... route-allowed-ips true } Nu stiu de ce show interface wireguardnu merge Attached Files |
#582
Posted 12 May 2024 - 09:17
este interfaces, am gresit eu
e o neconcordanta intre config-ul cli si gui configure edit firewall name WAN_LOCAL rule 21 delete source top edit interfaces wireguard wg0 set mtu 1412 top edit interfaces wireguard peer Xq...... set allowed-ips 192.168.1.2/32 commit; save; exit acum da-mi paste la: configure show interfaces wireguard show firewall name WAN_LOCAL discard; exit |
#583
Posted 12 May 2024 - 13:19
Primesc eroare aici:
ubnt@EdgeRouter-X-SFP-6-Port# edit interfaces wireguard peer Xq.....y/Gw....ZwS/P...hA= The specified configuration node is not valid Oare nu bag ce trebuie? ubnt@EdgeRouter-X-SFP-6-Port# show interfaces wireguard wireguard wg0 { address 192.168.1.1/24 listen-port 51820 > mtu 1412 peer Xq....y/Gw....S/P.....A= { description WireGuard preshared-key h......E= } private-key QP.....8= route-allowed-ips true } [edit] ubnt@EdgeRouter-X-SFP-6-Port# show firewall name WAN_LOCAL default-action drop description "WAN to router" rule 10 { action accept description "Allow established/related" state { established enable related enable } } rule 20 { action drop description "Drop invalid state" state { invalid enable } } rule 21 { action accept description Wireguard destination { port 51820 } log disable protocol udp - source { - } } [edit] Mersi |
#584
Posted 13 May 2024 - 08:12
Ai/am uitat wg0 inainte de peer
…interfaces wireguard wg0 peer …. Edited by ogo, 13 May 2024 - 08:13. |
#585
Posted 13 May 2024 - 15:26
Multumesc frumos ogo, merge.
De-aia nu e bine sa iti iei un astfel de router daca nu te pricepi. Nu de alta dar sunt extrem de putini cu cunostineele lui ogo care sunt dispusi sa ajute persoane cu cunostinte putine. Si e normal, ptr ca nu prea are de castigat. ubnt@EdgeRouter-X-SFP-6-Port# show interfaces wireguard wireguard wg0 { address 192.168.1.1/24 listen-port 51820 peer Xqn.../Gw...A= { allowed-ips 192.168.1.2/32 description WireGuard preshared-key hQ...uE= } private-key QP..../T.....8= route-allowed-ips true } [edit] ubnt@EdgeRouter-X-SFP-6-Port# show firewall name WAN_LOCAL default-action drop description "WAN to router" rule 10 { action accept description "Allow established/related" state { established enable related enable } } rule 20 { action drop description "Drop invalid state" state { invalid enable } } rule 21 { action accept description Wireguard destination { port 51820 } log disable protocol udp PS: wireguard wg0 { address 192.168.1.1/24 Nu ar trebui sa pun si aici /32? Sau nu conteaza? Edited by joystick, 13 May 2024 - 15:28. |
#586
Posted 13 May 2024 - 16:13
nu
clienti /32 server ...orice inafara de /32 - wg0 e ca un gateway pt toti clientii wireguard - daca e doar /32 (adica o adresa) nu e gateway pt nimeni. poti avea orice subnet, /24 , /22, /26 etc - depinde de cati clienti wireguard vrei sa ai - dar e cel mai comod cu /24 (si cel mai utilizat entry level)asta ca sa nu stai sa calculezi |
|
#587
Posted 14 May 2024 - 20:20
no...eu credeam ca sunt mai multi clienti in acel /32.
Deh, s-o dus naibii toata teoria invatata acum multi ani legata de subnetizare. |
#588
Posted 14 May 2024 - 20:39
cu cat subnetul e mai mare (nr de dupa / e mai MIC - da stiu, suna invers) cu atat sunt mai multe adrese disponibile
/24 = 254 adrese disponibile (+1 network + 1 broadcast) total 256 /27 = 30 adrese disponibile ( ---//---- ----//---------) total 32 /30 = 2 adrese disponibile ( ---//---- ----//---------) total 4 /32 = 1 singura adresa - total 1 sau mai multe... /18 = 16.382 e disponibile ( ---//---- ----//---------) total 16.384 /8 = 16.777.214 adrese disponibile ( ---//---- ----//---------) total 16.777.216 /0 = tot internetul - 4.294.967.294 - adica de la 0.0.0.1 la 255.255.255.254 adrese disponibile (+ 0.0.0.0 si 255.255.255.255, network si broadcast) dar asta doar teoretic, practic sunt o gramada de subneturi rezervate: network 0.0.0.0/8 network 10.0.0.0/8 network 127.0.0.0/8 network 169.254.0.0/16 network 172.16.0.0/12 network 192.0.0.0/24 network 192.0.2.0/24 network 192.168.0.0/16 network 198.18.0.0/15 network 198.51.100.0/24 network 203.0.113.0/24 network 224.0.0.0/4 network 240.0.0.0/4 + CGNat: 100.64.0.0/10 Edited by ogo, 14 May 2024 - 20:49. |
#590
Posted 16 May 2024 - 20:18
Intrebare: a mai aparut vreun RC la V3? Eu sunt pe 3.0.0-rc.7
Daca da, ma mai poti ajuta cu un link? Mersi. Edited by joystick, 16 May 2024 - 20:18. |
Anunturi
▶ 0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users