|
Luceo posted:Can an Airport Extreme/Time Capsule share an NTFS-formatted Windows drive over SMB for my wife's laptop to backup to? No. http://support.apple.com/kb/HT5924
|
# ¿ Oct 17, 2014 22:21 |
|
|
# ¿ Apr 23, 2024 21:39 |
|
Three-Phase posted:Just to summarize, the basic security settings everyone needs are: That's a pretty good list. In my experience setting up lots and lots of home networks over the years, these are the changes I would make: Encryption: WPA2 with AES+TKIP. UPnP: Enabled if you have gaming devices but make sure you have a rule in the firewall that halts any external access to UDP Port 1900. "Stealth Mode" is horseshit. Don't worry if your router is pingable or not, worry more about whether it has a solid password. If you have ISP problems then enabling pings on your router can be a real help for letting the remote tech puzzle things out. Well, the remote Tier 3 / Network Ops tech, the first people you call won't know what the hell a ping is and won't be authorized to do that kind of fiddling around.
|
# ¿ Oct 22, 2014 02:15 |
|
Mthrboard posted:Is it possible to set up a Mikrotik 750GL to get multiple IPs on a single port? I get multiple external IPs from my ISP. Currently, I have it set up with Modem -> Switch -> 2 Routers. The modem is a Cisco DPC-3010, and I have an Asus RT-N66U and a TP Link WDR3400 dividing my network. I'd like to continue to utilize the multiple IPs, but I was hoping to combine the devices to one internal network so I can share things easier among all my devices. I'm hoping this is something I can do with a Mikrotik, or maybe some other router if it's not possible with the 750GL. Sure! /ip addresses add address=x.x.x.1/29 interface=ether1-gateway Ta-da, you've added a new address to the ether1-gateway interface. Want to add another? /ip addresses add address=x.x.x.2/29 interface=ether1-gateway /ip addresses add address=x.x.x.3/29 interface=ether1-gateway (those are examples, you'd fill in whatever IP and CIDR mask for the range) You get the picture. In Winbox you just click into IP -> Addresses and then add them in. Once the addresses are in place, make sure you have an appropriate route in IP -> Routes and that should take care of that side. If you are NAT-ing through the addresses then be sure and write a NAT rule in IP -> Firewall -> NAT. For your specific example up above, how are you getting these IP addresses? Are you being given a block of IP's through PPPoE or just assigned a static block of addresses? You may just need to assign one of the IP's in the range to your router and then assign the rest to your other two routers and use the MikroTik as their gateway IP. It'll have its own gateway IP and route the packets merrily along to the upstream provider. Fun!
|
# ¿ Dec 19, 2014 19:42 |
|
Inspector_666 posted:You can add IPs to interfaces on Mikrotik stuff using CIDR notation? That's cool. Yeah, it's much much nicer than digging out the old cheat sheet for subnet masks.
|
# ¿ Dec 19, 2014 20:19 |
|
jonathan posted:I have a provider modem/router (Telus Optik which is TV over IP/ADSL) with wifi in the basement, it's wired in down there. Upper floor, opposite corner of house I have fairly poor Wifi reception. At this corner I have an RJ45 jack coming out of a TV set top box, and get 100mbit speeds from it. I figure I need something that I can hook to this port to boost wifi strength up here. Can 2 different devices operate on the same SSID to broadcast a wireless signal ? I need everything to see each other on my network as I have a plex server, a nas, and several android xbmc boxes around the house, Get a new wireless router and then do the following: - log into your existing router and write down the SSID (wireless network name) and the security key. You need exact spelling and punctuation for this. Make note of what channel it's currently broadcasting on. Write down what IP address your existing router uses and what range the DHCP works over (192.168.1.2-100 or 192.168.1.100 - 254 something like that) - plug an ethernet cable into your new router and then into a computer to program it. do not hook it into the network yet - Program your new router as follows: == WAN/Internet: doesn't matter == Uncheck the DHCP server. You want it disabled. == LAN IP: 192.168.1.2 (assuming your original router has a DHCP range that doesn't include .2 If it does, put this router at .254) == SSID: same as your original router == WPA key: same as your original router == Channel: must be different. Preferably turn on "auto" channel. - Plug the cable from the wall into one of the LAN ports of the router. - Take a piece of tape and put it over the Internet/WAN port so you don't ever use it. Your computer should now connect up to the network it already knows about (same as your downstairs one) but with a ton more signal. You have turned your fancy new wireless router into a wireless bridge. Networking and DHCP will come from the main router in your house so you'll be on the same network but whenever you move downstairs and get good signal again you should automatically hop on over to the stronger signal. This can get weird if the signal is nearly equal - in those spots you may thrash between the two sites but hopefully that won't happen much.
|
# ¿ Dec 22, 2014 19:14 |
|
Mthrboard posted:Thanks for the advice, but I forgot one Weird. Ask your ISP to assign you IP's in a /29 or some other allocation rather than DHCP and then you'll be able to set up the router to use more addresses. Otherwise your current method is the right way to do this. Or... ask for a single static IP and put your whole network into a single block behind the router. Ta-da, now you can communicate with all your devices with a minimum of bullshit.
|
# ¿ Dec 23, 2014 18:17 |
|
flosofl posted:My biggest concern would be the inbound port in combination with the OS. After that the service that's actually being presented on that port. This is all good info and a correct and appropriate posture to take with computer and network security. That being said, your service isn't running on one of the well-known ports and presumably you keep up with patches to your computer. You should be fine. A better solution that will remove that port as an attack vector is to setup a VPN connection between yourself and your router and then talk to the network directly. This means you have to keep the VPN service patched but that only rarely gets blown up in awful security nightmares like the Heartbleed bug. This also gives you full access to all the machines on your network so you can fiddle around with them as you please.
|
# ¿ Dec 30, 2014 23:10 |
|
Twerk from Home posted:My brother in law just moved into a new house, and the fastest internet he can get at any price is 18Mbit. He lives 2.6 miles away and we can get line of sight to my house, where I get 105mbit Comcast for $35. Would we be insane to try to use cheapo UBNT wireless backhaul to connect our two houses, If you have a good line of sight between the two points then a 3 mile shot will rock for these types of radios. Easy-peasy.
|
# ¿ Jan 17, 2015 00:41 |
|
wormil posted:About 100 ft from the house, about 120 ft from the wifi router. The drawing is not to scale. Repeating signals and pushing wifi through several walls to reach your workshop sucks. It's always going to suck and I think you'd be happier by putting in a more permanent fixed solution like so: Buy a pair of Ubiquiti Nanostation M5's http://www.ubnt.com/airmax/nanostationm/ Run an ethernet cable from the router in your office, through the exterior wall and to a mounting point on the outside of your house. Mount the other NanoM5 on the workshop exterior, run ethernet to the interior and then you can plug in a single computer or setup a wifi router in there to provide coverage in the workshop. You could try this by just pointing the two nanos at each other through the walls of the existing buildings but I would expect that to have pretty poor service. A proper mounted install is a better idea. That cleans up service to your workshop with a minimum of new equipment.
|
# ¿ Jan 28, 2015 20:25 |
|
Squish posted:Cheers; that actually makes sense. Where it comes to the in-wall wiring I've done everything to spec, TIA-A in fact (because I didn't find any compelling reason to choose B over A while doing the initial research). However, in my post I was talking about patch leads, specifically the longer ones that connect device to wall point as opposed to the smaller patch leads in the cabinet. It would make those fiddly little plastic bridges a little easier to deal with, that's all. T568-A is usually used by Telecom folks, especially old phone guys. T568-B is used by non-commercial installers and is pretty much what you'll see on all the prepackaged cables you buy. If you're built your patch panel to 568-A then leave it there. It will be fine with whatever patch cables you use. BUT, moving forward be consistent with what standard you use. If you've wired it up in A already then do the entire house in A. Mixing the two standards will lead to annoying the next person who has to deal with your wiring job. 22 Eargesplitten posted:I've got cat-5 cables connected to a punch board, but when I try to test them for continuity with a toner probe, none of them show as having continuity. Cut off the plugs, the exposed ends have continuity with the punch board, but nothing once they're terminated. I'm not perfect, but the terminations look good and I'm not bad enough to have messed up seven of them in a row. What possibilities am I missing? On the other hand, maybe you've got a bad patch panel. Try using a plain old keystone jack, punch it down and test it out. If that's working but your punchdowns on the patch panel don't, you probably have some faulty gear there.
|
# ¿ Feb 3, 2015 01:30 |
|
EvilElmo posted:It's been awhile since the OP was updated, do I still flash my RT-N66 router? Or leave it? Is it working for you? Leave it alone. You could install official firmware udpates but unless it's not meeting your needs in some way you don't have to bother with a third-party firmware.
|
# ¿ Feb 5, 2015 21:01 |
|
Three-Phase posted:Kinda' an odd question here - is DD-WRT inherently more secure than the default firmware on routers? I'd say "No." The default firmwares and DD-WRT both use a small selection of underlying operating systems for running the hardware. The usual attack vectors - running services exposed to the outside world - tend to affect these with equal regularity in my vague recollection of the last few big ugly bugs. OpenSSL was used on tons of devices from all the major vendors so the Heartbleed exploit made anything using that vulnerable. UPnP has had some exploits and loads of consume routers have that loaded by default. In the end, most of the attacks target services that are accessible from the outside world like VPN connections, admin access via telnet or SSH or UPnP services. Turning that stuff off goes a long way towards making your router more secure. That can be a real headache if you need to get into your router from the outside for whatever reason. The SANS institute has a whitepaper on how to hack into routers: http://www.sans.org/reading-room/whitepapers/testing/exploiting-embedded-devices-34022 Interesting reading.
|
# ¿ Feb 18, 2015 01:45 |
|
Xenomorph posted:I'll see if we can hook more things into the existing system (I've never had to touch it). The idea to put some WiFi products inside was just one of the first things that popped in my head for it. This isn't the job for a cheap-o consumer wireless router. This is some serious nerd poo poo involving temperature probes, hardware to interpret their signals and then feed that to a proper computer for stats gathering. It's the kind of thing Arduinos and Raspberry Pi boards excel at so getting familiar with those platforms would probably be a great idea. https://www.adafruit.com/products/165?&main_page=product_info&cPath=35&products_id=165 -50C sensor right there.
|
# ¿ Mar 5, 2015 01:50 |
|
Golbez posted:Just moved into a new house. My office will be upstairs, the modem+router will [likely] live downstairs. Unfortunately, I have a thin client for work and it requires a wired connection. What's the best solution for a router to bridge between the wireless router and my office? (running a 100 foot cable is less than ideal) I used to use an old WRT54GL with dd-wrt for this kind of thing, but it's really long in the tooth and not holding together that well these days. Something like this may suit your needs: http://www.amazon.com/TP-LINK-TL-PA4010KIT-Powerline-Adapter-Starter/dp/B00AWRUICG/ref=pd_sim_147_5?ie=UTF8&refRID=10DJ5QXDTD4MWP1DTFEB
|
# ¿ May 10, 2015 22:37 |
|
Golem II posted:I can't figure out this wireless problem, I can connect to the internet for a little while but then I lose connection. I can still connect to the router but the only thing I can do to solve the internet connection issue is change the channels my router is on. Do I need a 5ghz card? Some details would be helpful: - Make and model of router - Type of internet connection - How many other wireless networks do you see in the are? - How many devices are connecting to the router (wired and wireless) - Do they all lose connection at the same time? - What OS are you running? - Do you have the latest drivers for your wireless card and firmware for the router? If you use Windows, open a command prompt (type "cmd" in the search box and hit enter) then type: "ping -t 192.168.1.1" without the quotes and hit enter to keep a running ping to your router. (replace that IP address with whatever your router uses). When you next lose connection, do the pings drop out? Do they suddenly get a huge amount of latency in them? What do you see? Finally, set your router on fire and move to the mountains to take up the Priesthood. It's a better life choice than troubleshooting wireless connection problems.
|
# ¿ May 12, 2015 23:29 |
|
Don Lapre posted:I use this flosofl posted:Get a stud finder
|
# ¿ May 20, 2015 22:19 |
|
Slumpy posted:I'd like to one day learn some networking as I'm hoping to get into IT (currently studying for A+) but I have no experience -at all- networking. I wanted to start a project but not sure how to go about doing it. Buy a pair of Ubiquiti Nanostation Loco M5's and some ethernet cable , a crimper and ends. You'll need a long drill bit to get through the exterior wall of your house and barn. Mount these two on the outside, drill a hole into the interior where you want the cable to come out (and then weather seal it) and run the ethernet into the house near an electrical socket. Both of these radios support Power Over Ethernet so you use the little POE gizmo that comes with them to power them up and then run an ethernet cable from the LAN side of the POE to your router in the house and to a switch in the barn (so you can hook up more than one device. You'll need to program the radios and turn their power way down but they should give you a solid multimegabit link between the two buildings with the least amount of hassle. They act as network bridges so you just link them up and then let the router at the head end of your network in the house do all the heavy lifting for assigning IP's and such. This keeps your network "flat" so you don't have any hassle with seeing the media server in the house off a computer in the barn.
|
# ¿ May 20, 2015 22:28 |
|
Spatule posted:I moved and wifi here is needs a range extender to get to the third floor. That should be fine.
|
# ¿ May 20, 2015 22:47 |
|
Tapedump posted:Japan-Site1 (L2TP IPsec VPN server built in to fiber modem/router) and U.S.-Site2 (my home, Windows 7 VPN client) both use 192.168.1.1 LAN addressing. I know is not a good thing, but at this point I'm just experimenting. Change one of the networks to a different address range. That should clear up a lot of headaches right away.
|
# ¿ Jun 2, 2015 02:03 |
|
ThermoPhysical posted:Having some major problems with my network anyone know of those router/modem setups are worth it? Combo modems are generally poor performers. What problems are you having? What gear are you using? How far apart is everything, have you tried a direct Ethernet connection to rule out wireless issues? Are you in an apartment complex with fifty other APs nearby?
|
# ¿ Jun 15, 2015 20:36 |
|
LmaoTheKid posted:So we just closed an office and my boss said I can help myself to the leftover networking hardware. Any reason why I shouldn't use the Sonicwall TZ200 at home? I currently have a Netgear WNDR3700 running DDWRT that I can convert into an AP. Sell your Sonicwall to slyo up there so he can setup a Site-to-Site VPN and keep rocking along with your Netgear. Win-win! Don't forget to transfer it from the existing Sonicwall account over to the new owner (yourself or poor slyo who needs some way to anchor a site-to-site VPN which Sonicwalls are pretty drat decent at).
|
# ¿ Aug 4, 2015 20:59 |
|
emocrat posted:I own my own cable modem and it currently connects to a 5th generation Airport Extreme. Buy an Airport Express and let it extend the network. Apple products do a good job of that. I'd try that before dropping any serious money on building in a whole house wireless network.
|
# ¿ Aug 26, 2015 22:47 |
|
emocrat posted:Thanks for the tips. Ill try repositioning and then extending. That's what she said! Gothmog1065 posted:How hard are the Mikrotik routers to set up? the TP Link Archer C8 has lovely WiFi, drops a lot and has problems on my phones. They have a default home router setup right out of the box now. They have a web interface for configuration that is easy to use and there's always winbox, command line and a whole thread with suggestions right here in SH/SC.
|
# ¿ Aug 28, 2015 19:32 |
|
|
# ¿ Apr 23, 2024 21:39 |
|
CrazyLittle posted:99% coincidence. The internet doesn't transfer jumbo frames. I've tested. Sure it does! With just a little reassembly at the end you can transfer whatever size* frame you want! *1500 bytes at a time.** **Actual payload size may vary based on weather conditions, time of day, VPN tags, MPLS tags, and TAG tags.
|
# ¿ Sep 23, 2015 02:10 |