ML
    • Register
    • Login
    • Search
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    1. Home
    2. Tags
    3. edge router
    Log in to post
    • All categories
    • AdamF

      Site to Site VPN - not passing audio traffic properly
      IT Discussion • site-to-site edge router asterisk • • AdamF

      6
      1
      Votes
      6
      Posts
      237
      Views

      Dashrender

      @fuznutz04 said in Site to Site VPN - not passing audio traffic properly:

      This one was interesting to get to the bottom of. @JaredBusch With the VPN tunnel enabled, the phone system was trying to send RTP to the phone on the internal IP. There is a setting in FreePBX on the extension level called "RTP Symmetric". Normally, this is set to yes. I changed it to no and the audio started flowing normally. However, I didn't like this solution. So, as a test, (and what I should have done from the beginning) I blocked all outbound traffic FROM my phone system, to any local network. (10.x, 172.16, 192.168, etc) This immediately solved the issue. I did not yet do a packet capture AFTER the fact to confirm, but I am assuming that blocking the PBX's ability to get to an internal private IP, forces the system to renegotiate and send the RTP to the correct public IP.

      Definitely an odd issue.

      nice you found a solution - I'm curious why it happens in the first place? Are some of the original phone's packet data still containing the original IP? And if so, why?
      Are you using encrypted RTP?

    • AdamF

      Internet connection sharing
      IT Discussion • ubiquiti edge router • • AdamF

      14
      0
      Votes
      14
      Posts
      369
      Views

      JaredBusch

      @scottalanmiller said in Internet connection sharing:

      @fuznutz04 said in Internet connection sharing:

      @scottalanmiller said in Internet connection sharing:

      I think that the key thing here might be in interpretation of the language.

      "We have another business in the building" could mean that they own two companies and those two "companies" are sharing a connection. We might use that terminology for two divisions that do different things but legally can share a connection no problem.

      Or it might be some random business that just happens to be in the same building that is trying to not pay for their own Internet, in which case this is a big problem.

      Everyone is assuming the second, but I had read it assuming it was the first. But both are just assumptions, to know what the best options are and what is an option really requires understanding that.

      Wow, I am terrible at following up with posts in a timely manner....

      Yes, it is the first. So you assumed correctly. So I think we are all set with just breaking out the connection via a switch after the modem.

      Thanks!

      If it was me and it was two companies that I controlled, I'd use an EdgeRouter Lite, it has one WAN in and two LAN out. That way I'd have central control. Make that control owned by the "parent" organization. Then have each place have their own switches after that point. But only one router.

      This is also how I would do it. There would only be one company in control of the one router.

    • AdamF

      Ubiquiti - Small office Router and WIFI
      IT Discussion • unifi edge router • • AdamF

      43
      2
      Votes
      43
      Posts
      1149
      Views

      syko24

      Not sure anyone mentioned HostiFi. You can get a free account for a single site.

      https://hostifi.net

    • JaredBusch

      Old ass IPSEC
      IT Discussion • technical debt edge router cisco • • JaredBusch

      4
      6
      Votes
      4
      Posts
      845
      Views

      JaredBusch

      The esp-group encryption also, but it at least still does MD5 hash.

      [email protected]# set vpn ipsec esp-group Test proposal 1 encryption 3des aes128 aes128gcm128 aes256 aes256gcm128 [edit] [email protected]# set vpn ipsec esp-group Test proposal 1 hash md5 sha1 sha256 sha384 sha512 [edit]
    • JaredBusch

      Ubiquiti released EdgeOS 1.9.7
      IT Discussion • edge router edgemax firmware unms edgeos edgeos 1.9.7 • • JaredBusch

      33
      7
      Votes
      33
      Posts
      3011
      Views

      scottalanmiller

      @gjacobse said in Ubiquiti released EdgeOS 1.9.7:

      @scottalanmiller said in Ubiquiti released EdgeOS 1.9.7:

      Just got my EdgeRouter for home hooked up after years of it disconnected.

      Welcome back to the world of Internet.....

      And to good Internet equipment, as well!

    • stacksofplates

      Dynamic DNS with CloudFlare
      IT Discussion • cloudflare api linux dns edge router • • stacksofplates

      25
      8
      Votes
      25
      Posts
      2775
      Views

      Romo

      Edgerouters can now handle custom dynamic dns providers without the need of the script - here is the guide with Cloudflare as the example: https://help.ubnt.com/hc/en-us/articles/204976324

    • AdamF

      Edge Router Lite vs Edge Router
      IT Discussion • edgemax edge router edgerouter lite • • AdamF

      29
      1
      Votes
      29
      Posts
      3120
      Views

      Reid Cooper

      Seems like the ERL is probably right for you most of the time.

    • AdamF

      Edge Router lockup
      IT Discussion • edgeos erx edge router • • AdamF

      11
      3
      Votes
      11
      Posts
      1338
      Views

      scottalanmiller

      @fuznutz04 said in Edge Router lockup:

      Yeah, really strange behavior with no evidence to look at.

      Time to set logs to go to a remote server.

    • AdamF

      WINs/DNS on Edge Router
      IT Discussion • edge router • • AdamF

      28
      1
      Votes
      28
      Posts
      5556
      Views

      JaredBusch

      @fuznutz04 said in WINs/DNS on Edge Router:

      @JaredBusch

      Excellent. So then the only entries needed would be any device that has a static IP address.

      Yes.

      EdgeOS is getting better all the time.

      Yes.