|
IOwnCalculus posted:It's not, especially with how modern browsers make you jump through hoops to deal with this poo poo even in RFC 1918 space. I need to deal with this on my Unifi controller still. I've looked for a good solution for literally years. This is one, but it requires shenanigans to redirect the outside IP to the inside. The other way, which is how I've fixed it at work, is to install the FreeIPA CA cert on all non-enrolled client machines.
|
#
?
Feb 17, 2021 21:07
|
|
|
|
| # ? Apr 19, 2024 23:34 |
|
|
bolind posted:I did the EdgeRouter web UI let’s encrypt very thingie and it worked a charm! Hi. We're trying to avoid words like sperg / spergy these days. Please try to find a better way to say what you're trying to say. Thank you!
|
|
#
?
Feb 17, 2021 22:23
|
|
|
Internet Explorer posted:Hi. We're trying to avoid words like sperg / spergy these days. Please try to find a better way to say what you're trying to say. Thank you! Wooops, sorry, my bad. Wasn't aware.
|
|
#
?
Feb 18, 2021 05:50
|
|
|
bolind posted:I've looked for a good solution for literally years. This is one, but it requires shenanigans to redirect the outside IP to the inside. Besides hairpinning, the other good solution is split horizon DNS with a domain name you own and an internal DNS server.
|
|
#
?
Feb 18, 2021 06:33
|
|
|
 boom headshot
|
|
#
?
Feb 19, 2021 06:35
|
|
|
There are freakishly good deals available on used Cisco WS-C3850-12X48U switches on Ebay right now. That's 36 ports 1gbit + 12 ports 1/2.5/5/10 mgig, with 60W UPOE and a ~600W POE budget that's expandable with a 2nd PSU. Modular power supply replacements readily available for $80. 5 years left on Cisco software support. Add-on uplinks up to 4x10g SFP+ or 2x40g. There are multiple -L models <$1k. -S models with IP base are $1500 but probably not worth paying for. By comparison the 24 port version of the same switch is over $4k and most Cisco switches with comparable capabilities are north of that. Do you need a 48 port mgig POE switch for home? Probably not. But the combination of 12 ports of 10Gbase-T, mgig support for newer desktops, and a bunch of POE for smart devices or surveillance in one device that's priced like a Ubiquiti switch is kinda cool. Anyways, I bought one along with a cheap copper 10gig card for my NAS. My new desktop and my APs are mgig capable so kinda excited to put something together that's stupid unusably fast. It'll be like LN2 benchmarking but for wifi.
|
|
#
?
Feb 19, 2021 16:53
|
|
|
I was actually just going to ask about a decent Layer 3 switch with a couple 10 gig SFPs I can use some direct attach on. I have one of the godawful cisco home SG300's that's driving me nuts. I have an HP JC099 5800 w/ PoE that should fit the bill though the over 100 watt idle draw and sheer noise has been a turn off... Though the difference between that power draw and a better/newer one may take an awfully long time to pay for itself, since I already have the HP.
Rescue Toaster fucked around with this message at 02:02 on Feb 20, 2021 |
|
#
?
Feb 20, 2021 01:58
|
|
|
What's the easiest way to tell Windows 10 "hey this ethernet is for LAN only, don't make my wifi stop working to try to get to the internet through this"?
|
|
#
?
Feb 20, 2021 21:06
|
|
|
Zero VGS posted:What's the easiest way to tell Windows 10 "hey this ethernet is for LAN only, don't make my wifi stop working to try to get to the internet through this"? You can specify manual interface metrics to prioritize the wireless connection: https://www.windowscentral.com/how-change-priority-order-network-adapters-windows-10
|
|
#
?
Feb 20, 2021 21:23
|
|
|
You may actually need: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\WcmSvc\Local\fMinimizeConnections DWORD=0 But it shouldn't be doing that for a network that doesn't have internet access.
|
|
#
?
Feb 20, 2021 21:49
|
|
|
Removing the default gateway from the interface should do it
|
|
#
?
Feb 20, 2021 22:12
|
|
|
wyoak posted:Removing the default gateway from the interface should do it Yes, that should also work -- assuming you don't need to traverse that gateway for any of your LAN connection use. (If it's all hosts on your local subnet via switches, the gateway shouldn't need to be used. If it's something fancier like you might see in a corporate or office LAN, the GW might be needed for some things.) If you know you don't need the LAN gateway (and/or know it goes to nowhere), I might take this advice and remove it to prevent even the possibility of traffic trying to route over it. admiraldennis fucked around with this message at 23:54 on Feb 20, 2021 |
|
#
?
Feb 20, 2021 23:27
|
|
|
admiraldennis posted:You can specify manual interface metrics to prioritize the wireless connection: Thank you, setting my phone tether to priority one and my ethernet to priority 5 finally fixed everything. wyoak posted:Removing the default gateway from the interface should do it Didn't want to do this as I connect my devices with a wifi router that gives DHCP, so I can easily remote from one to another with NVidia Gamestream over the LAN which has no perceptible latency. My internet has been down a month because Comcast, so I've been having everything connect to a wifi phone hotspot with a second wifi adapter on each device.
|
|
#
?
Feb 20, 2021 23:34
|
|
|
I'm entertaining the idea of colocating a 1U server to replace my current leased server. In order to have secure access to IPMI I suppose I'll need to purchase another 1U for a firewall/vpn. Seems like it'd be kinda odd though since network ports seem to always been on the front of the unit, and I'm assuming they wouldn't runt two cables from the front of my firewall to the back of my server. Is there a better way to be going about this? Since the server I'm looking at isn't very deep maybe I can stick an edgerouter lite on the rear end of it somehow?
|
|
#
?
Feb 21, 2021 11:46
|
|
|
fletcher posted:I'm entertaining the idea of colocating a 1U server to replace my current leased server. In order to have secure access to IPMI I suppose I'll need to purchase another 1U for a firewall/vpn. Seems like it'd be kinda odd though since network ports seem to always been on the front of the unit, and I'm assuming they wouldn't runt two cables from the front of my firewall to the back of my server. Is there a better way to be going about this? Since the server I'm looking at isn't very deep maybe I can stick an edgerouter lite on the rear end of it somehow? Some providers will attach an IP-KVM to your server on demand when you need it, included in the service. Then you don't have to pay for space/power for a separate firewall just to protect your IPMI interface.
|
|
#
?
Feb 21, 2021 12:51
|
|
|
Unless you are doing something really weird a vps is generally the better way to go. But that being said, with the number of used servers on the market that companies are dumping in mass quantities, you can definitely get some deals and there are a few older colos that are losing customers/gear, so are desperate to fill with anything.
|
|
#
?
Feb 21, 2021 14:59
|
|
|
I could have brought home a fully loaded DL585 G6 virtualization host from work a year or so ago and didn’t give a second thought to declining it. No point in having a beast of a server like that without more storage than was onboard, not to mention the power usage and outright noise. Sent the entire rack full of them to the recycler after pulling some spare parts for the two remaining ones we have in our test lab. We’ll be out of that data center by the end of the year, and two years ago we went from 7 racks to 4 so yeah being a traditional colo provider not a good business to be in long term.
|
|
#
?
Feb 21, 2021 15:35
|
|
|
unknown posted:Unless you are doing something really weird a vps is generally the better way to go. VPS doesn't seem as cost effective for my use. I'm looking for something with 12+ cores, 64GB RAM, 1 Gbps unmetered, and at least 16TB of storage. The storage is where it seems the VPS route becomes too expensive. I've had my current (leased) dedicated server for 6+ years (and others for the 10 years prior to this one) so I'd be willing to put in some upfront investment to plan for the future. If I buy my own hardware then I can break even after a few years (vs. my current lease) and then after that it'd be saving me some $.
|
|
#
?
Feb 21, 2021 20:46
|
|
|
So I broke down and bought two Unifi UAP AC Lite devices to hopefully better my in-home WiFi. I have one setup but I can't figure out how to differentiate between the 2.4ghz band and the 5ghz band. On my phone all I see is the one network name I set up - no option for 2.4ghz or 5ghz - and I don't see any option for selecting bands or creating two ssids in the Unifi network manager thing. Is the device supposed to automatically select the band it wants to operate on? Anyone have any suggestions?
|
|
#
?
Feb 21, 2021 23:49
|
|
|
Yes, there is an option for prefer 5G / band steering under the AP radio configuration. I believe it is enabled by default. Go into the config, look at your clients, and it will tell you what band they are on. Once you have the first AP set up there is a handy “copy the config from another device” option to save you the effort of the second one.
|
|
#
?
Feb 22, 2021 00:01
|
|
|
devmd01 posted:Yes, there is an option for prefer 5G / band steering under the AP radio configuration. I believe it is enabled by default. Go into the config, look at your clients, and it will tell you what band they are on. Thanks, I see now. If it helps anyone else - under Settings, then Wifi, then Advanced, you can select 2.4ghz/5ghz/both wifi bands. I had one wifi network set up for both on accident. Switching to 5ghz and setting a new one for 2.4ghz. Cool!
|
|
#
?
Feb 22, 2021 00:10
|
|
|
Hopefully a quick question, I felt it more appropriate for this thread than the android thread. I have a media server on my home network, and when at home I sometimes use VLC on my phone to watch something from my server via the LAN (not plex, etc). The local network is seen easily by VLC and I'm able to navigate into shared folders normally. It's actually a relatively slick experience, great. I use openVPN to vpn into my home network with my phone to RDP into the server, and this works great. I just tried to connect via the VPN (success) to use VLC in this same way from outside my home network and it can't see anything on the network. Is this expected behavior? Shouldn't this work as the phone is essentially in the LAN again? This clearly represents a hole in my networking knowledge and I'd like to understand why this isn't working. Thanks!
|
|
#
?
Feb 22, 2021 08:27
|
|
|
are there any non-garbage home wifi units? I'm running a pair of TPLink archer A7s in access point (non-routed) mode, and they just don't have enough coverage. 2 story, 2800 sqft, dozens of wireless devices. 5 kids doing digital learning at the same time getting a lot of dropouts on their team calls and I'd like to improve it. I can either replace the two i have or add some new ones (or replace with 3 or 4 new units if something is significantly better) (A7 is the Archer C7 with ~~~alexa integration~~~ but it's worthless. I bought them because they were cheaper than the stock C7s) Harik fucked around with this message at 13:00 on Feb 22, 2021 |
|
#
?
Feb 22, 2021 12:56
|
|
|
fletcher posted:VPS doesn't seem as cost effective for my use. I'm looking for something with 12+ cores, 64GB RAM, 1 Gbps unmetered, and at least 16TB of storage. The storage is where it seems the VPS route becomes too expensive. I've had my current (leased) dedicated server for 6+ years (and others for the 10 years prior to this one) so I'd be willing to put in some upfront investment to plan for the future. If I buy my own hardware then I can break even after a few years (vs. my current lease) and then after that it'd be saving me some $. LOL, ok, that's not what I'd call "home networking" - so yeah, you can find a loaded off lease 2u server in amazing condition for cheap with a bit of searching and then put it in a Colo. Don't worry about hooking up idrac/ilo in the Colo unless you really expect to blow up the os regularly. For that once in a blue moon requirement get them to put a kvm on it. Look for 1/8 racks at places too, which generally give you 4u of space to play with.
|
|
#
?
Feb 22, 2021 12:56
|
|
|
Harik posted:are there any non-garbage home wifi units? Google Wifi and Eero Pro come to mind, especially since it sounds like you'd have wired backhauls that you're running your C7s on. But you should track down the problem first. You said they're in nonrouted mode -- what's the router? Have you narrowed it down to a wifi issue vs. an internet connection or router issue? I think running multiple APs without coordination is generally a mistake. There are too many clients that hang on to weak signals rather than making the jump to a stronger AP. APs with controllers will recognize this and force clients to jump. Clients should also be forced to the direct connected AP over any repeater or mesh AP if signal levels are reasonable. These aren't standards based things, so everyone has their own implementation and some are better than others. skylined! posted:If it helps anyone else - under Settings, then Wifi, then Advanced, you can select 2.4ghz/5ghz/both wifi bands. I had one wifi network set up for both on accident. Switching to 5ghz and setting a new one for 2.4ghz. Cool! You really shouldn't need to run separate SSIDs for different bands. Band Steering should just work on any good equipment made in the last decade. KS fucked around with this message at 18:15 on Feb 22, 2021 |
|
#
?
Feb 22, 2021 18:08
|
|
|
KS posted:Google Wifi and Eero Pro come to mind, especially since it sounds like you'd have wired backhauls that you're running your C7s on. But you should track down the problem first. You said they're in nonrouted mode -- what's the router? Have you narrowed it down to a wifi issue vs. an internet connection or router issue? Thanks, I know little about this stuff. So I'm fine with just a single SSID, with 'both' selected for WiFi bands, and my devices will do the rest? For record I have several google nest minis, several LIFX strips and bulbs, several generic wifi plugs and bulbs, a wifi connected fridge, a nest video doorbell, some wyze cameras and some exterior Blink wifi enabled cameras. Also this video suggests I manually select which channels each AP is on - is this necessary? I currently have the Transmit Power on Auto and channel on Auto for 2.4ghz, and channel Auto for 5ghz - this was how it was set when I installed the APs.
|
|
#
?
Feb 22, 2021 20:05
|
|
|
Also ensure your band steering setting is on. Most of those are likely 2.4 only devices. Channel selection: from what I'm reading Ubiquiti has a cleanair-like feature called Airmagic that should look for interference and move your radios off of those channels. If for some reason Ubiquiti's trying to use anything other than 1/6/11 for 2.4 bands, you might want to specify.
|
|
#
?
Feb 22, 2021 20:34
|
|
|
Added a couple more drops to the upstairs IDF this weekend. I am rapidly approaching the point of needing to buy a switch with dual gbics for upstairs, if I want to patch anything else in I will need one. The last port of the 4x1gbe downlink runs goes to one more POE camera for now.
|
|
#
?
Feb 22, 2021 21:25
|
|
|
devmd01 posted:Added a couple more drops to the upstairs IDF this weekend. I am rapidly approaching the point of needing to buy a switch with dual gbics for upstairs, if I want to patch anything else in I will need one. The last port of the 4x1gbe downlink runs goes to one more POE camera for now. I feel like this is what I should do in my office instead of a comical amount of RJ-45 in single- or dual-gang junction boxes...
|
|
#
?
Feb 22, 2021 23:50
|
|
|
KS posted:Google Wifi and Eero Pro come to mind, especially since it sounds like you'd have wired backhauls that you're running your C7s on. But you should track down the problem first. You said they're in nonrouted mode -- what's the router? Have you narrowed it down to a wifi issue vs. an internet connection or router issue? That's a good call, however: anything hardwired has no issue, so I'm fairly confident it's a wifi issue. A laptop that's on ethernet works fine, but disconnect ethernet and use wifi and it's got issues. A debugging tip a lot of people don't know: if you get _extremely_ periodic bad connections on the 5ghz band move your channel out of the weather radar range, lol. Doppler 0.0005 kilobit radar transfer says "expect heavy packet loss every 75 seconds". Needless to say, I've already done this. It's just generally meh, not periodically unusable. KS posted:I think running multiple APs without coordination is generally a mistake. There are too many clients that hang on to weak signals rather than making the jump to a stronger AP. APs with controllers will recognize this and force clients to jump. Clients should also be forced to the direct connected AP over any repeater or mesh AP if signal levels are reasonable. These aren't standards based things, so everyone has their own implementation and some are better than others. KS posted:You really shouldn't need to run separate SSIDs for different bands. Band Steering should just work on any good equipment made in the last decade. There's a reason my 5g is named "alexa_is_garbage". But hey Bezos got that chip for a half cent less than one that worked correctly, and really, does anything else matter? movax posted:I feel like this is what I should do in my office instead of a comical amount of RJ-45 in single- or dual-gang junction boxes... I put 2-4 drops wherever I went since it's a lot more work drilling and running a fish than it is to pull a few extra cables back down with it. Having a bunch of spools is nice too, you can just pull them all at once. Harik fucked around with this message at 03:24 on Feb 23, 2021 |
|
#
?
Feb 23, 2021 03:16
|
|
|
Harik posted:Great, tell that to IoT vendors who make products that completely poo poo their pants if presented with unified SSIDs. I’ve bought one or two things like this and returned them when they didn’t connect to wifi.
|
|
#
?
Feb 23, 2021 03:22
|
|
|
Evis posted:I’ve bought one or two things like this and returned them when they didn’t connect to wifi. If it was anything other than the $!@# alexa I would have. Unfortunately I got overruled on that one so split SSIDs it is. On the upside, I can simply not put the 2.4ghz ssid in devices that support 5g, lest they get any dumb ideas about what they should be connecting to.
|
|
#
?
Feb 23, 2021 03:27
|
|
|
Airport radar too. If you don't have an interference detection technology like cleanair, I'd just use the non-DFS 5 ghz bands if they're relatively uncrowded.Harik posted:Agreed. Is there anything short of enterprise gear that does this? Hell, if there's non-vendor firmware for the C7s that does it properly I'd use that, they're cheap enough to be disposable at this point if the flashing goes wrong. Yeah, the mesh systems do this. Eero and Google Wifi for sure -- I have no experience with the newer Nest model and I know it doesn't do wired backhaul. Ubiquiti access points do it as well. I think you may find your dual band SSID problems go away on different hardware.
|
|
#
?
Feb 23, 2021 03:40
|
|
|
KS posted:Airport radar too. If you don't have an interference detection technology like cleanair, I'd just use the non-DFS 5 ghz bands if they're relatively uncrowded. What's the go-to for Ubiquiti access points nowdays? The models in the OP are a couple years out of date.
|
|
#
?
Feb 23, 2021 12:07
|
|
|
Ubiquiti hasn't finished rolling out updated WiFi 6-capable devices yet so things will change, but right now the UniFi 6 Lite is a easy replacement for the AC Lite version (WiFi 6/802.11ax vs 802.11ac), and the UniFi nanoHD is an upgrade from the AC Pro (4x4 vs 3x3). There's no WiFi 6 "pro" or "nanoHD" out yet. e. The UniFi 6 LR is available to pre-order. Seems odd to have a 1gbit interface for a device that could theoretically handle more than that though. Actuarial Fables fucked around with this message at 13:08 on Feb 23, 2021 |
|
#
?
Feb 23, 2021 12:46
|
|
|
So the UniFi APs are working well and I think I’m going to add a third one for better coverage - my home walls are all old plaster and signals degrade quickly. Wondering if I should bother with a security gateway as well? I have a bunch of IOT stuff, regularly use two desktops and two laptops, plus smart TVs etc - through an Arris modem and a managed switch. Any thoughts on this? Also does anyone have thoughts on preferred VPNs these days?
|
|
#
?
Feb 23, 2021 17:55
|
|
|
skylined! posted:So the UniFi APs are working well and I think I’m going to add a third one for better coverage - my home walls are all old plaster and signals degrade quickly. Wondering if I should bother with a security gateway as well? I have a bunch of IOT stuff, regularly use two desktops and two laptops, plus smart TVs etc - through an Arris modem and a managed switch. Any thoughts on this? Also does anyone have thoughts on preferred VPNs these days? What is your router? Is your Arris a combo?
|
|
#
?
Feb 23, 2021 18:32
|
|
|
thiazi posted:What is your router? Is your Arris a combo? Arris is a modem/wifi combo yea, though I’m probably going to turn off the wifi since I have the APs now. The switch is a managed TPlink I think, will check model when home.
|
|
#
?
Feb 23, 2021 18:46
|
|
|
I don't understand a single word of this thread but I just had a router/modem combo die. Its job was to turn our little coaxial cable in our floor into a wifi signal, so our computers/phones/devices can connect to it. It was a Netgear C3700 N600 cable modem/router. Amazingly the heat sink fell off on its own over time and destroyed it. My wife and I need a new way of converting our little house cable wire into wifi. We don't know anything about networking. I want security, and I'd lock our network down from creepy hackers if I knew how, but I just don't. What I'm looking for is whatever the thread's consensus is today for a usual family modem and router device to buy, one that is reliable and secure and cheap (our budget does not really permit unplanned expenses). We have Spectrum internet. Any product names endorsed by you all will help us more than randomly searching Amazon for "router/modem". It also prevents us from just re-buying our same device from 2015 again, which costs a hundred bucks still, which can't reach all of our rooms with signal and apparently falls apart insanely catastrophically. Any help is appreciated!
|
|
#
?
Feb 25, 2021 00:54
|
|
|
|
| # ? Apr 19, 2024 23:34 |
|
|
Friends don't let friends get combo modem/routers.
|
|
#
?
Feb 25, 2021 01:15
|
|
