Jump to content

SUBIECTE NOI
« 1 / 5 »
RSS
La 22 de ani in Spania, Castellón

Catalin Tolontan dat afara si de ...

WEBASTO pt duster pe motorina

One World Radio/TOMORROWLAND in R...
 Upgrade memorie ram DDR4 la laptop?

Timberland sau Columbia

AMD, evolutie procesoare laptop

Shazam pentru Parfumuri?
 Transportul in comun in Bucuresti...

Recomandare - disjunctoare difere...

Puteti sa imi recomandati si mie ...

Camerele de supraveghere dau uneo...
 Haine de iarna

Junsun V1 pro Qashqai j11 probleme

Tinichigerie/vopsitorie in Consta...

recomandare GPS android
 

EdgeRouter X - Ubiquiti - (ER X)

* * * * * 3 votes
Last Updated: Nov 14 2023 15:38, Started by wolfydRg , Nov 09 2019 21:14  
  ·  
  • Please log in to reply
543 replies to this topic

#91
petman
Posted 29 November 2019 - 06:47

petman

    Senior Member

  • Grup: Senior Members
  • Posts: 4,793
  • Înscris: 28.11.2001
QoS/smart queue/alt tip de queue - nu este activat.
Cablul este ok, o sa-l schimb totusi astazi.
IP Route Table for VRF "default"
S *> 0.0.0.0/0 [210/0] via 95.76.118.1, eth0
C *> 0.0.0.0/24 is directly connected, wg0
C *> 95.76.118.0/24 is directly connected, eth0
C *> 127.0.0.0/8 is directly connected, lo
C *> 192.168.1.0/24 is directly connected, switch0
C *> 192.168.33.0/24 is directly connected, wg0
K *> 192.168.33.2/32 [0/0] is directly connected, wg0
K *> 192.168.33.3/32 [0/0] is directly connected, wg0
K *> 192.168.33.4/32 [0/0] is directly connected, wg0
si
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
	 inet x.x.x.x netmask 255.255.255.0 broadcast 255.255.255.255
	 inet6 fe80::1ae8:29ff:fe5c:1d28 prefixlen 64 scopeid 0x20<link>
	 ether 18:e8:29:5c:1d:28 txqueuelen 1000 (Ethernet)
	 RX packets 8686440 bytes 8262823418 (7.6 GiB)
	 RX errors 0 dropped 0 overruns 0 frame 0
	 TX packets 2290527 bytes 1003843702 (957.3 MiB)
	 TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
eth1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
	 inet6 fe80::1ae8:29ff:fe5c:1d29 prefixlen 64 scopeid 0x20<link>
	 ether 18:e8:29:5c:1d:29 txqueuelen 1000 (Ethernet)
	 RX packets 7574062 bytes 622630025 (593.7 MiB)
	 RX errors 0 dropped 1 overruns 0 frame 0
	 TX packets 47966474 bytes 66158359077 (61.6 GiB)
	 TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
eth2: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
	 inet6 fe80::1ae8:29ff:fe5c:1d2a prefixlen 64 scopeid 0x20<link>
	 ether 18:e8:29:5c:1d:2a txqueuelen 1000 (Ethernet)
	 RX packets 168692048 bytes 231949269554 (216.0 GiB)
	 RX errors 0 dropped 2 overruns 0 frame 0
	 TX packets 77081457 bytes 6720354139 (6.2 GiB)
	 TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
eth3: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
	 inet6 fe80::1ae8:29ff:fe5c:1d2b prefixlen 64 scopeid 0x20<link>
	 ether 18:e8:29:5c:1d:2b txqueuelen 1000 (Ethernet)
	 RX packets 136188286 bytes 89830534755 (83.6 GiB)
	 RX errors 0 dropped 0 overruns 0 frame 0
	 TX packets 176450867 bytes 232745951402 (216.7 GiB)
	 TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
eth4: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
	 inet6 fe80::1ae8:29ff:fe5c:1d2c prefixlen 64 scopeid 0x20<link>
	 ether 18:e8:29:5c:1d:2c txqueuelen 1000 (Ethernet)
	 RX packets 4276161 bytes 1039356547 (991.2 MiB)
	 RX errors 0 dropped 2 overruns 0 frame 0
	 TX packets 18938977 bytes 24414234021 (22.7 GiB)
	 TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
imq0: flags=193<UP,RUNNING,NOARP> mtu 16000
	 unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 txqueuelen 11000 (UNSPEC)
	 RX packets 0 bytes 0 (0.0 B)
	 RX errors 0 dropped 0 overruns 0 frame 0
	 TX packets 0 bytes 0 (0.0 B)
	 TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
itf0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 2018
	 inet6 fe80::1ae8:29ff:fe5c:1d2d prefixlen 64 scopeid 0x20<link>
	 ether 18:e8:29:5c:1d:2d txqueuelen 1000 (Ethernet)
	 RX packets 13184021 bytes 9506433464 (8.8 GiB)
	 RX errors 166 dropped 0 overruns 0 frame 0
	 TX packets 13011557 bytes 9575237805 (8.9 GiB)
	 TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
	 device interrupt 18
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
	 inet 127.0.0.1 netmask 255.0.0.0
	 inet6 ::1 prefixlen 128 scopeid 0x10<host>
	 loop txqueuelen 1000 (Local Loopback)
	 RX packets 3805 bytes 583438 (569.7 KiB)
	 RX errors 0 dropped 0 overruns 0 frame 0
	 TX packets 3805 bytes 583438 (569.7 KiB)
	 TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
switch0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
	 inet 192.168.1.1 netmask 255.255.255.0 broadcast 192.168.1.255
	 inet6 fe80::1ae8:29ff:fe5c:1d2d prefixlen 64 scopeid 0x20<link>
	 ether 18:e8:29:5c:1d:2d txqueuelen 1000 (Ethernet)
	 RX packets 1603683 bytes 406748364 (387.9 MiB)
	 RX errors 0 dropped 10393 overruns 0 frame 0
	 TX packets 1331043 bytes 1132030967 (1.0 GiB)
	 TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
wg0: flags=209<UP,POINTOPOINT,RUNNING,NOARP> mtu 1420
	 inet 192.168.33.1 netmask 255.255.255.0 destination 192.168.33.1
	 unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 txqueuelen 1000 (UNSPEC)
	 RX packets 54468 bytes 29154736 (27.8 MiB)
	 RX errors 256 dropped 425640 overruns 0 frame 256
	 TX packets 593401 bytes 731054020 (697.1 MiB)
	 TX errors 633 dropped 465 overruns 0 carrier 0 collisions 0

Edited by petman, 29 November 2019 - 06:49.

#92
ogo
Posted 29 November 2019 - 11:02

ogo

    Senior Member

  • Grup: Senior Members
  • Posts: 4,382
  • Înscris: 07.03.2006
Configurarea interfetelor pare ok.
Ai ruta dhcp spre provider, apare si ruta wireguard.
Poti incerca si cu un dispozitiv IoS? (apple) - am mai vazut ca, via vpn udp (l2tp/ipsec/wirguard/etc), sa apara destul de multe pachete pierdute atunci cand se foloseste versiuni ceva mai vechi de android.

inainte sa incerci cu alt dispozitiv:
clear interfaces counters


Daca nu si nu, putem incearca, daca vrei, sa-mi trimite-mi toata configuratia in privat sa arunc un ochi mai "adanc": te conectezi la interfata gui, jos in stanga ai system iar la Configuration Management & Device Maintenance apasa pe Download backup config. O salvezi in laptop/calc si mi-o poti trimite 
presleigh82 at hcuglasgow com
(e o adresa temporara) sau via PM - cum iti e mai usor.

#93
petman
Posted 29 November 2019 - 14:22

petman

    Senior Member

  • Grup: Senior Members
  • Posts: 4,793
  • Înscris: 28.11.2001
N-am niciun IoS dispo. Doar android (unu are vers 9, unu 8.1, unu 7).
Iti trimit in privat configuratia sa te uiti - trimis pe mail.
Mersi!

Edited by petman, 29 November 2019 - 14:22.

#94
ogo
Posted 29 November 2019 - 14:46

ogo

    Senior Member

  • Grup: Senior Members
  • Posts: 4,382
  • Înscris: 07.03.2006
ok. got it.

Edited by ogo, 29 November 2019 - 14:52.

#95
ogo
Posted 29 November 2019 - 15:21

ogo

    Senior Member

  • Grup: Senior Members
  • Posts: 4,382
  • Înscris: 07.03.2006
1.
configure
set firewall send-redirects disable
commit; save; exit


2.
configure
set service dns forwarding name-server 1.1.1.1
set service dns forwarding name-server 9.9.9.9
commit; save; exit

3.
ca sa vezi cheile in intregime a celor 2 clienti setati incomplet mai jos:
(nu esti in configure)
show interfaces wireguard wg0 peers
dupa
configure
set interfaces wireguard wg0 peer 2VK9XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX= persistent-keepalive 25
set interfaces wireguard wg0 peer Eie4eXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX= persistent-keepalive 25
commit; save; exit

pune ca dns in aplicatia wireguard a telefoanelor 192.168.1.1 (ip router-ului)

Problema era (sper) ca la 2) aveai setat ca server de dns ip-ul router-ului dar nu aveai niciun forwarding activ (adica e activ dar nu era complet setat, lipsea catre ce dns server sa faca request mai departe, deci degeaba).

acum o sa-ti mearga si primul server de dns pus la dhcp care era tot ip router-ului -  dhcp-ul iti meargea (dns-ului lui mai exact) pt ca aveai setat si secondary dns pe goagal. Nu iti dadea time-out-uri si pe clientii conectati pe lan din cand in cand atunci cand accesai vreo pagina de web *NOUA* (ne-accesata pana atunci)?

Acum, fa putin trafic pe orice client din lan/vpn si dupa paste la out-put-urile celor 2 comenzi de mai jos:

show dns forwarding nameservers

si

show dns forwarding statistics

#96
petman
Posted 29 November 2019 - 16:25

petman

    Senior Member

  • Grup: Senior Members
  • Posts: 4,793
  • Înscris: 28.11.2001
Nu am avut probleme cu netul pe lan la nicio pagina.
Nu merge daca pun la dns ip-ul routerului 192.168.1.1 in aplicatia de pe android.
   Nameservers configured for DNS forwarding
-----------------------------------------------
1.1.1.1 available via 'statically configured'
9.9.9.9 available via 'statically configured'
-----------------------------------------------
Nameservers NOT configured for DNS forwarding
-----------------------------------------------
95.77.94.88 available via 'dhcp eth0'
78.96.7.88 available via 'dhcp eth0'


Cache statistics
----------------
Cache size: 1000
Queries forwarded: 69
Queries answered locally: 11
Total DNS entries inserted into cache: 216
DNS entries removed from cache before expiry: 0
---------------------
Nameserver statistics
---------------------
Server: 9.9.9.9
Queries sent: 36
Queries retried or failed: 0
Server: 1.1.1.1
Queries sent: 43
Queries retried or failed: 0

#97
ogo
Posted 29 November 2019 - 17:26

ogo

    Senior Member

  • Grup: Senior Members
  • Posts: 4,382
  • Înscris: 07.03.2006
Erm
Adauga
configure
set service dns forwarding listen-on wg0
commit; save; exit

Acum pune ip router-ului ca dns in aplicatia wireguard telefon.
Merge?

Edited by ogo, 29 November 2019 - 17:27.

#98
petman
Posted 29 November 2019 - 17:48

petman

    Senior Member

  • Grup: Senior Members
  • Posts: 4,793
  • Înscris: 28.11.2001
Posted Image  
Multam!

#99
petman
Posted 02 December 2019 - 11:12

petman

    Senior Member

  • Grup: Senior Members
  • Posts: 4,793
  • Înscris: 28.11.2001
Am 2 aplicatii bancare pe telefon (ing si unicredit) si amandoua refuza sa functioneze prin vpn. Ing ramane la ecranul portocaliu - nu ajung nici la logare macar, iar unicredit nu face secventa de logare.

#100
ogo
Posted 02 December 2019 - 11:31

ogo

    Senior Member

  • Grup: Senior Members
  • Posts: 4,382
  • Înscris: 07.03.2006
Aplicatiile astea au si echivalent https via web browser? Daca da, merg via https?
In general, alte aplicatii ce vor logare, iti functioneaza? De exemplu gmail.

Am facut un test dar cu aplicatia BT IOS si merge fara nicio problema via wireguard si l2tp/ipsec (in cazul meu).

#101
me_iauras
Posted 02 December 2019 - 11:51

me_iauras

    Senior Member

  • Grup: Senior Members
  • Posts: 2,274
  • Înscris: 08.01.2009
@pteman Prin L2TP/IPSec si OpenVPN (nu pe Edgerouter) HomeBank de la ING merge fara probleme ; sigur iti merge bine DNS-ul via VPN .

#102
petman
Posted 02 December 2019 - 15:21

petman

    Senior Member

  • Grup: Senior Members
  • Posts: 4,793
  • Înscris: 28.11.2001
@ogo - setarile sunt facute conform tutorialului tau. Chiar nu stiu de ce nu merge. Am whatsapp web si nici ala nu mai merge cand sunt conectat pe vpn.
Unele site-uri merg foarte bine si rapid iar unele gen hotnews care nu se incarca.

#103
ogo
Posted 02 December 2019 - 18:24

ogo

    Senior Member

  • Grup: Senior Members
  • Posts: 4,382
  • Înscris: 07.03.2006
@petman nu am nicio idee - teoretic acelasi setup merge pe inca 6 echipamente - dar niciunul nu e er-x ci er-4 si er3lite.
Poti incerca sa faci update la 2.0.8 pt ER-X; firmware-ul aici: https://dl.ui.com/fi...0.8.5247496.tar (doar pt ER-X, ER-10X, ER-X-SFP si EP-R6)

poti sa pui si un screen shoot de la setarile wireguard din telefon totusi?

#104
ogo
Posted 02 December 2019 - 18:41

ogo

    Senior Member

  • Grup: Senior Members
  • Posts: 4,382
  • Înscris: 07.03.2006
PS.
ai mai putea  adauga inainte de update (si sa mai testezi odata):
configure
set interfaces eth0 dhcp-options name-server no-update
commit; save; exit

#105
petman
Posted 02 December 2019 - 18:49

petman

    Senior Member

  • Grup: Senior Members
  • Posts: 4,793
  • Înscris: 28.11.2001
Attached File  Screenshot_20191202-184729~2.png   214.73K   24 downloadsAttached File  Screenshot_20191202-184419~2.png   202.39K   23 downloads

#106
MembruAnonim
Posted 02 December 2019 - 19:17

MembruAnonim

    MembruAnonim

  • Grup: Banned
  • Posts: 358,351
  • Înscris: 08.10.2015
N-ar trebui sa ai acelasi MTU setat pe tel si pe router? pe router vad ca ai 1420 pe wg0 iar pe tel 1440.

#107
petman
Posted 02 December 2019 - 19:20

petman

    Senior Member

  • Grup: Senior Members
  • Posts: 4,793
  • Înscris: 28.11.2001
Cu 1420 nu merge, nu ma intreba de ce. :)

#108
ogo
Posted 02 December 2019 - 19:56

ogo

    Senior Member

  • Grup: Senior Members
  • Posts: 4,382
  • Înscris: 07.03.2006
pune MTU la fel. Pune 1440 si la router
configure
set interfaces wireguard wg0 mtu 1440
commit; save; exit

Edited by ogo, 02 December 2019 - 19:56.

Anunturi

Second Opinion Second Opinion

Folosind serviciul second opinion ne puteți trimite RMN-uri, CT -uri, angiografii, fișiere .pdf, documente medicale.

Astfel vă vom putea da o opinie neurochirurgicală, fără ca aceasta să poată înlocui un consult de specialitate. Răspunsurile vor fi date prin e-mail în cel mai scurt timp posibil (de obicei în mai putin de 24 de ore, dar nu mai mult de 48 de ore). Second opinion – Neurohope este un serviciu gratuit.

www.neurohope.ro
Back to Networking

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Forumul Softpedia
  2. Professional Zone
  3. Networking
Forumul Softpedia foloseste "cookies" pentru a imbunatati experienta utilizatorilor Accept
Pentru detalii si optiuni legate de cookies si datele personale, consultati Politica de utilizare cookies si Politica de confidentialitate