@gjacobse said in Help troubleshooting L2TP over IPSEC VPN connections.: jeeze,.. that is a sad state to think that we have nbeen fighting this for that long,... @JaredBusch @scottalanmiller Can a cron be set to restart the ipsec every 24 hours? Yes.

@dustinb3403 I see Polycom has some higher end models now. Nice and colourful.

@jaredbusch said in Unifi Video: I recently discovered Wyze. https://wyzecam.com These are fucking awesome. That is an awesome find.

@ccwtech said in Unifi 5.7 on Ubuntu 18.04: Scott, why did you go with Ubuntu vs. Fedora? (Asking for a friend) Because it's the official OS of the product. Absolutely no reason to use Fedora here. Unifi only supports Ubuntu and Debian, and Jared and I have opposite views here. Ubuntu is the business product of the Debian family, Debian is the hobby project that is used as the basis for it. Debian is great, I love the project and they do great work, but it doesn't have primary vendor support, you are at the mercy of a hobby project. Ubuntu uses that basis and turns it into a production ready release with vendor and market support options. Ubuntu isn't Fedora, but it's still extremely good.

@penguinwrangler said in Connect Ubiquiti APs to a New Controller: @jaredbusch said in Connect Ubiquiti APs to a New Controller: @penguinwrangler said in Connect Ubiquiti APs to a New Controller: @jaredbusch said in Connect Ubiquiti APs to a New Controller: Controlled migrations have lots of tools and options. But a downed controller has pretty much no option except to default the APs and readopt. You will not even be able to SSH into the APs if you cannot log into the controller and get the device admin password for the site. @JaredBusch is right. If you lost the controller it is a reset process. I recently went through something similar, however, it was the fact that our ISP at a location I manage decided to change out there cable modem and in doing so changed them from a static IP to a dynamic IP. Which is fine and easier for me but they didn't tell the client that they might have to reconfigure their equipment and didn't even bother to make sure they had internet. Switch cable modem and left. Client calls me and I get there and well the Ubiquiti Secure Gateway wasn't working because it was set to use a static IP on the WAN side. I was mad. So I had to reset the Ubiquiti Secure Gateway. Now here is the kicker, it would show up in my controller once I set the inform address but for some reason at least on the smaller USG's is that you had to ssh into them and set the inform address. Click on adopt in the controller and then while it says adopting in the controller run the inform command in ssh again. If you didn't do that it would be adopted but say disconnected. It was a long night until I found those instructions. Grrrr. I hate the USG. Such a piece of crap. I know, I wasn't the one that put it in, it is this one: https://www.ubnt.com/unifi-routing/usg/ They have the newer USG that are bigger. Are those any better? https://www.ubnt.com/unifi-routing/unifi-security-gateway-pro-4/ https://unifi-xg.ubnt.com/usg-xg-8 It is better hardware under the hood, but it is still UniFi. UniFi is shit on a router.

I updated all the sites that could be rebooted mid work day already. The rest will happen this evening.

@jaredbusch said in EdgeSwitch firmware 1.7.4.5075842 released: Adding a VLAN is a snap. It was already trivial!

@bbigford said in Does any one have a EdgeRouter 4 online and can test L2TP: Any insight on maybe why that worked? I've had issues with the default group on another manufacturer, but I wouldn't think 14 was default. It worked prior to changing to DH 14 on my iPhone. I had to add a proposal with DH 14 for Windows 10 to work.

@dbeato said in UNMS 0.12 rc2 released yesterday: @bnrstnr said in UNMS 0.12 rc2 released yesterday: DHCP stuff being in there for the EdgeRouter devices, but I also don't see it in the added features list. Regardless, it's pretty useful for me. It was there before. Yes, it has been there since at least version 0.10.0

Wow! Interesting to follow up.

@jaredbusch said in ERL and Smart Queue throughput: If the CPU was not limiting things, the unit should be pull 100Mbps The Smart Queue is set to 100. Of course, that is what I was referring.

@360col said in schedule time per client not possible: Opps this was meant as a reply to the Unifi Schedule thread. No idea why it became a separate topic Can someone fix up this or close this thread. Thanks. Probably because you tried posting it as below:

@mike-davis said in Unifi Time Schedule: Ah, maybe the best approach would be to have two SSIDs. One on a schedule and one on all the time. Then only allow devices you want to connect to the all on SSID. This is what I have done in the past for myself and my friends/family. I setup a SSID for parents and then sometimes a SSID for each child. That way the parent can turn off the internet for one child and not bother the other children. Of course I always think that the punishment imposed by the children on other children for everyone losing internet because of the actions for one is a great way to get them to behave.

I think I have it figured out.. when I'm back on that network I'll get a screen shot. Hope to spend the afternoon testing it, have a few other pieces of gear to setup for it.

@mattbagan said in Looking for stock of the EdgeRouter 4: @JaredBusch ubnt has them in their store now https://store.ubnt.com/collections/routing-switching/products/edgerouter-4 I ended up purchasing from DoubleRadius.

@dbeato said in Passing traffic between a remote access VPN and Site-to-site VPN on an Edge Router Lite: @dashrender said in Passing traffic between a remote access VPN and Site-to-site VPN on an Edge Router Lite: @dbeato said in Passing traffic between a remote access VPN and Site-to-site VPN on an Edge Router Lite: @eddiejennings said in Passing traffic between a remote access VPN and Site-to-site VPN on an Edge Router Lite: Thanks to @Dashrender for the assist. It looks like the problem was authentication. I authenticated to the VPN using domain\username rather than using the User Principal Name. Doing the latter allowed me to reach DFS shares. Woops, that's crazy but definitely there is an issue with DNS huh? If the user cannot login with UPN there is an issue with DNS.... As you should be able to use domain.com. User can login with UPN. They were using the old domain\username method rather than UPN, which apparently caused problems with accessing stuff via the DFS namespace.

@FATeknollogee You've said that the bosses want the networks to be separate. You've also said that company B provides a service for company A akin to B providing email services to A, so A needs access to B's network for that single service. All that said - what is the goal in splitting the networks? Why do it? If you don't know why the bosses want this - ask them. Let's not worry about the how of splitting yet allowing things to continue to work, let's work on the why first - because the helps lead to the correct solution for the goal.

@jaredbusch I have it up and running. (DNS) Even my guest WIFI on a VLan is now getting DHCP addresses. Everything is working great now.

@dashrender said in Ubiquiti publicly rolls out UNMS Beta: @scottalanmiller said in Ubiquiti publicly rolls out UNMS Beta: @dashrender said in Ubiquiti publicly rolls out UNMS Beta: @scottalanmiller said in Ubiquiti publicly rolls out UNMS Beta: @dashrender said in Ubiquiti publicly rolls out UNMS Beta: @scottalanmiller said in Ubiquiti publicly rolls out UNMS Beta: @dashrender said in Ubiquiti publicly rolls out UNMS Beta: @scottalanmiller said in Ubiquiti publicly rolls out UNMS Beta: @dashrender said in Ubiquiti publicly rolls out UNMS Beta: @scottalanmiller said in Ubiquiti publicly rolls out UNMS Beta: https://en.wikipedia.org/wiki/Software_release_life_cycle Beta literally means it's not reached candidacy for release yet. RC is still not released, but is what they might consider for release once tested. Notice Beta is in the middle of the "non-released" period. These are as the terms have always been used, even going back to the early 1980s and, I assume, long before that. Release being such a structured term that it is nearly impossible to define released without using the term released itself. While I'm sure this has no baring in reality - for me release is a point but the public can get support for the thing. That's not quite accurate. There is no reason that something unreleased can't offer support. How else do you really do your testing, get feedback, and so forth? It's an expectation that anything that the public can get would get some amount of support most likely, because otherwise, what is the purpose of the public nature of the testing? Perhaps I should have added the words "expect to" to the support portion. As you said with the other thread, There should be no expectation of support for the product that was still in beta. So, here is a question then, does Microsoft ever release software? Because nothing that MS makes comes with support. What about Debian Linux, is it ever released? Expect <> free. But free software has all the same release guidelines as commercial software. And MS products aren't normally free. Again - what does cost have to do with anything? As I also said - you'd all probably disagree with me. Because you mentioned it in the post I quoted. Please highlight the part where I mentioned costs. Same thing I quoted and you responded to.

ERL with an AC Lite AP at home as well as many clients. Zero issues.

@marcinozga said in Ubiquiti - piss poor customer service: @dashrender said in Ubiquiti - piss poor customer service: @marcinozga said in Ubiquiti - piss poor customer service: @scottalanmiller said in Ubiquiti - piss poor customer service: You are missing that it's not Ubiquiti causing the problem here. We don't know why different places are listing these products, what we do know is that according to Ubiquiti, they are early release and not eligible for resale. Do you really think B&H would be selling product that's not officially available? you didn't buy it from B&H, you got it from NewEgg, So I really wonder, is B&H (no clue who they even are - never heard of them before) just has a page up for pre-sales. Don't really know. Everything on Ubiquiti's site points that the product is still in beta. I had a quick look at some products here, and only Aircube seems listed on products page. No XG units, no application server, no PRO camera, no application server. If Aircube is still beta, it should be clearly marked as such on main product page, not in forums that are inaccessible without applying for early access. I agree that it is not as obvious as might be useful. But it is important to understand that this is a universal standard to have products that are not released yet on product pages as if they are released. You can never tell, with any product or any vendor, the status of release in this way. Example Asus - their entire website is advertising products that have not released yet. You can't tell even when year products will release. I don't like it either, it's a confusing way to let people know about products, but this is how everything works. Unless it explicitly tells you that it has released, you have to find out somewhere else. UBNT at least does have the info, vendors like Asus don't have it at all and leave you guessing until the product line is done and shut down. Sometimes you can never figure out if it ever released at all.

@scottalanmiller said in Home Network Setup: @jmoore said in Home Network Setup: @scottalanmiller said in Home Network Setup: @dashrender said in Home Network Setup: The whole crux of my ask was - the desire to buy as few Windows Server CALs as possible. This is unrelated to the question asked, though. you know i have noticed you and dash really communicate differently. not good or bad, just different. then you both have trouble understanding the other. from the many threads i have read with you two, that is the common theme i have seen. I'd assume part of it is that I am highly literal. That tends to be a root of many communications issues for me in general. yeah i think your right you are literal. i had to adjust my communication with you. that was my fault though, i am used to having to be so unliteral with my users because i would lose them that i got into that bad habit lol. i know for me, i was not explaining my thoughts in a well laid out way and that made me harder to understand and threw you off. did i do better that time?

@dustinb3403 Its a worth a try. The worse they could say is no. Best is that it could save you a couple bucks a month.

@jaredbusch said in Ubiquity new feature for AP that looks sweet.: @travisdh1 said in Ubiquity new feature for AP that looks sweet.: @scottalanmiller said in Ubiquity new feature for AP that looks sweet.: Added tags Bother, phone didn't cooperate with those then You have to have a topic selected prior to adding tags to make them stick. Easy for me to miss on the small screen

@jaredbusch said in Trying the UNMS built in updater: refreshed the browser and it shows 0.9.2 so the updater stalled visibly, but did finish. Just like on prom night. . . Youtube Video

@travisdh1 said in Ubiquiti Frontrow: @scottalanmiller said in Ubiquiti Frontrow: @travisdh1 said in Ubiquiti Frontrow: @scottalanmiller said in Ubiquiti Frontrow: @travisdh1 said in Ubiquiti Frontrow: I NEEDED this around 2 months back For MangoCon videos? No, for the things that happened at work that should have been recorded. That's how you get yourself beaten. They actually got security camera footage of a government official shoving an employee. Harder to beat up and intimidate a mounted camera in the corner.

@eddiejennings said in Just need a basic Switch - to act as a Hub: @scottalanmiller said in Just need a basic Switch - to act as a Hub: @dashrender said in Just need a basic Switch - to act as a Hub: @eddiejennings said in Just need a basic Switch - to act as a Hub: @dashrender said in Just need a basic Switch - to act as a Hub: @coliver said in Just need a basic Switch - to act as a Hub: @dustinb3403 said in Just need a basic Switch - to act as a Hub: @fateknollogee said in Just need a basic Switch - to act as a Hub: @DustinB3403 Why are you calling it a "hub"? Because there is no switching taking place. The devices simply ask for a dhcp address, and go. All switches are hubs, so a basic unmanaged switch. Wtf are you talking about? My guess - a confusion between switching and routing. Probably wants a switch, but is calling it a hub, not realizing that a hub is a specific thing that sends all traffic out all ports (layer 1). In this case, either would probably work, but hubs are limited to 10/100,... That's true, the GBit standard prohibits hubs. @QuixoticJeremy Are you bored again? We need a hub that can get around Ethernet standards and pass traffic at gigabit speeds! Ha, ha ha ha, ha.... pass. lol

@storageninja said in Ubiquiti Security Gateway: Agent based network abstraction is an interesting alternative to traditional VPN. It's still traditional VPN, though. Other than automating the configuration, it's all stuff you could have done with OpenVPN or whatever decades ago. It's nice that it auto-configures and it is a great product (or was, appears mostly abandoned now) but it's not an alternative or new VPN, it's just a mesh VPN setup.

@hobbit666 said in How to install the Ubiquiti UNMS on Debian 9.1: Haven't got enough EdgeSwitch out there yet to need central management Those are not in yet anyway. Soon