Good evening. I am hoping a networking guru can help me out with what is likely a simple problem. I have just swapped to 2Degrees from MyRepublic UFB and am in the process of configuring the modem. When I set up a WAN, everything seems to go OK, and I get a good connection. Approx 5-10 mins later I start getting DNS errors which I can fix for 5-10 mins with a modem reset. 2Degrees requires PPoE, VLAN 10. What am I missing here? Any help very much appreciated. (I am entering my username and password, I have just left these out for the pics) Thanks
↧
Configuring NF8AC (MyRepublic Modem) For 2Degrees UFB
↧
DNS Keeps getting Changed to Manual. Modem Netcomm Wireless NF15ACV (AC1200)
Hello.I signed up with Trustpower and converted to fibre last year. Things were good, but over the last few months I have been having the DNS inside the modem changed to MANUAL rather than 'Use DNS Relay'. I have turned off Wi-fi and remote management and Upnp as experiments to see if that fixes it .. but no. I have Norton Antivirus on my main WIN 7 PC. I have run Malabytes scanner and Spybot etc for last month or so and put a virus scanner on Cellphone, but nothing detects anything.I also use Chromecasting a lot form cellphone to TV, over wi-fi. The normal fix is to check The log on the modem and check if DNS is still automatic.. When it is set to manual then all sites going to HTTPS sites fail (thankfully) so i jump in and reset it and then repower modem.Anything form a few hours to days later it will go back to Manual again. The log in the modem I use is set to warning level and I can see a lot of stuff coming from addresses using dropbear and boa? whatever they are. LOG looks a bit like this :2:23:27authprivwarndropbear[3368]: bad password attempt for 'admin' from ::ffff:47.60.161.100:41697Jul 15 02:23:31authprivwarndropbear[3369]: bad password attempt for 'admin' from ::ffff:47.60.161.100:41742Jul 15 02:23:38authprivwarndropbear[3370]: bad password attempt for 'admin' from ::ffff:47.60.161.100:41920Jul 15 02:23:42authprivwarndropbear[3371]: bad password attempt for 'admin' from ::ffff:47.60.161.100:42099Jul 15 02:27:05authprivwarndropbear[3455]: login attempt for nonexistent user from ::ffff:103.99.1.237:50734Jul 15 02:27:12authprivwarndropbear[3456]: bad password attempt for 'admin' from ::ffff:103.99.1.237:53404Jul 15 02:27:17authprivwarndropbear[3458]: login attempt for nonexistent user from ::ffff:103.99.1.237:55679Jul 15 02:27:44authprivwarndropbear[3465]: login attempt for nonexistent user from ::ffff:103.99.1.237:52226Jul 15 02:27:49authprivwarndropbear[3466]: bad password attempt for 'admin' from ::ffff:103.99.1.237:53817Jul 15 02:27:52authprivwarndropbear[3471]: login attempt for nonexistent user from ::ffff:103.99.1.237:56894Jul 15 10:07:23daemonwarnradvd[352]: sendmsg: Invalid argumentJul 15 10:46:08authpriverrboa[281]: Authentication attempt failed for from because: Bad PasswordThe DNS gets changed even if I set it to Manual myself with Google DNS values. 8.8.8.8, 8.8.4.4 etc.Sometimes it says 'dnsfork' errors and then 'dns truncated' messages. I have rung Trustpower quite a few times asking if modem type has been hacked and if any new firmware etc. I have had to stick in another modem (with earlier firmware, but still having same issue) as the first one couldn't reset to automatic relay mode and seemed dead) Maybe too many resets? I really don't know if problem is coming from The ONT to modem (WAN) communications, hacked firmware in the modem or one of my devices or software?I think everyone gets their ports scanned frequently for weak passwords and open ports but I am at a loss, rather than to set DNS manually in all my devices. (Which seems like last option) Lot of scanning seems to come from China/Vietnam.Does anyone else have this kind of modem or problem? Thanks for any help!
↧
↧
ANT-205
So I am using the ANT-205 and B525s setup in quite a rural area. Although most of the time works quite well, during wet weather it struggles to get above 2G, or displays as 4G with no bars. I am wondering if anyone knows if there are stronger antennas available? Hamish
↧
Ubiquiti Edgeswitch 10XP and 10X on early access
Ubiquiti early release have these 2x Switches.US only sales, but if you have a Youshop account with NZPost you should be able to grab themRemember often these come with Alpha or Beta Firmware till officially releasedI was very temped but 10x ports not quite enough, 16x would have been idealYou can find them here, you do need a Ubiquiti login to view and purchaseDon't dawdle as these tend to go quick then you pay full retailEdgeSwitch 10XP EARLY ACCESSOptimized for WISP deployments, the EdgeSwitch® 10XP is a managed PoE switch with SFP ports that is ideal for WISP deployments. Eight Gigabit RJ45 ports offer copper connectivity with 24V PoE output, while two SFP ports offer fiber connectivity. The browser-based configuration interface offers intuitive control using a redesigned UI. Management is also available through the Ubiquiti® Network Management System (UNMS™). · (8) Gigabit RJ45 Ports · (2) SFP Ports · Supports 24V Passive PoE Output on All RJ45 Ports · Powered by External AC/DC Adapter · Wall- or Rack-Mountable* * Rack mount sold separatelyThis is an early access test product. By purchasing this item, you are agreeing to the Early Access Store Online Sales Terms & Conditions.$129.00 EARLY ACCESS EdgeSwitch 10X EARLY ACCESSIdeal for WISP applications, the EdgeSwitch® 10X is our most affordable managed switch with SFP ports. Eight Gigabit RJ45 ports offer copper connectivity with PoE input on port 1 and PoE passthrough on port 8. Two SFP ports offer fiber connectivity. The browser-based configuration interface offers intuitive control using a redesigned UI. Management is also available through the Ubiquiti® Network Management System (UNMS™). · (8) Gigabit RJ45 Ports · (2) SFP Ports · Support PoE Passthrough on Port 8 (software-selectable) · Powered by 24V Passive PoE or External AC/DC Adapter · Wall- or Rack-Mountable* * Rack mount sold separatelyThis is an early access test product. By purchasing this item, you are agreeing to the Early Access Store Online Sales Terms & Conditions.$115.00 EARLY ACCESS
↧
Advice on setting up a home network
Hi everyone, I have just moved house and am setting up a home network, and would gratefully accept and help or advice anyone can offer. My old home was very small, and the network pretty simple. I had fibre installed a few years back; the Optical Network Terminal was installed in the lounge. Vodafone provided a Huawei HG659, which plugged into this. I didn't much like the Huawei modem. I only kept it because Vodafone kinda prevented you from using a phone with any other kind of modem. So my actual access point was a Netgear D6400. Into this I plugged my PS3, SKY, NAS and my desktop computer. My wireless devices also accessed this. My new home is much larger. There is a home hub cabinet in the garage, where Chorus have installed the Optical Network terminal. Also in the hub, there are 6 ethernet cables wired to 6 jack points thoroughout the house (1 in the lounge, 1 in each of the 4 bedrooms and 1 in the kitchen). Chorus connected the lounge access point to the ONT, and then my modems to this jack point. Of course, this only gives me wired connectivity in one room. I would ideally like to use all 6 points, but for day-to-day use the main access points I would like are the lounge (PS3 and SKY) and one of the rooms as an office (computer, NAS and maybe some other computers). I have kinda hacked together a solution that is not pretty but only sort-of works, so any advice would be great. I have connected the Huawei 659 to the ONT, then connected this to a Netgear GS108 switcher, which has all 6 ethernet jacks connected. In the lounge, I have the Netgear D6400 connected, with the SKY and PS3 connected, plus this is the wireless access point. In the office, I have another spare router, a Netgear D6300 connected to the jack, and into this I plugged the computer and the NAS. The main problems with this are: 1. The home hub is really untidy. I could probably tidy it up a bit, but with the ONT, switcher and Huawei modem, it's pretty tight inside the cabinet.2. The office seems to be working as a private network. It can connect to the internet, but nothing on that network can see the devices attached to the lounge router - so my wireless computers can't see the NAS. I have been fiddling with the settings on the 2nd Netgear router, which could be what's causing the problem. I can no longer access its maintenance page. It does switch at least, as my computer can see the NAS. Might have to do a reset and see what can be done. I could try switching the two routers around, or making the 2nd Netgear the wireless access point. This would isolate the PS3 from the NAS, although I could never get uPNP working properly (and from what I read online, I'm not alone). The SKY box would also be isolated, which is OK for now, but SKY are getting into IPTV so in future I'd probably want it open to the network. Is there any combination that would mean I only have the switcher in the home hub? I would ideally like to take the modem out of the cabinet. I have tried putting it further up the chain, but it seems I have to put it right after the ONT. I could potentially ditch the Huawei altogether. My new home does not have any phone jacks, so I'm not using a phone right now. In future, I might get a VOIP phone, but I think I still need the Vodafone router. When I called them to arrange the move, they offered me a new Huawei but I declined. Ideally, I'd like just the switcher and the ONT in the home hub; to be able to use all the jack points (but if I have to limit this to 3 or 4, that's OK); and to have all the devices be able to see each other.
↧
↧
L2+/L3 Switch Connecting to HG659b VDSL
So I've got the TP-Link T1600G-28PS up and running with 4 VLANs and the connected devices are routing and working great except for Internet Access.I'm setting it up at home initially for testing and connecting to my HG659b VDSL router. I naively thought I could connect an untagged port from the T1600 to a LAN port on the HG659 and be able to route to it. i.e.However it doesn't appear to work that way. Devices on the other Vlans cannot ping the HG659b LAN interface (but they can ping other devices on Vlan2). A device on Vlan2 can ping the HG659 but cannot use it as a route to the internet despite having a static route in place.Do I need the HG659 to be in Bridge mode? I was about to try but there is no way to specify a PPPoE connection in the T1600. Am I missing something?
↧
Unifi USG dhcp issues and not connected
Seems updates for the controller software has started duplicating some of the functions that are now offered in the gui so, because I had static name/up assignments in config.gateway.json the network name definition changed to include eth1. So it stopped working, and then with a firmware upgrade dns wouldn't start. I managed to fix the network name issue and get dhcp going but I looked today at my clients and only the wireless items were shown, no wired.I did a reboot of the controller and now the USG is not connected. I assume I can set inform on it. But I also have lost the UniFi dns entry. It was in the config.boot, how can I get that back so that it can provision the device. I could add it to the config.gateway, but feel I just need a temporary method so that I can force provision. or should I just start using dnsmasq for static dns assignments of clients?
↧
Synology RT2600ac Wifi performance vs DSL-AC68u
So i decided seeing as the Asus DSL-AC68U was 2014 and while nothing technically wrong with it, and has served me well, i should get a full fledged router plus the extra port was needed, having a gig fibre connection.So after countless reviews, and reading up, i settled on the Synology RT2600AC as i know a few of you have also. I didn't want to spend heaps, like on the AC88u but close to 400 was enough for me, for it to last another good few years, plus i know their software is great.Wired connections, are great, no issues there, apart from ipv6 not really working, but no big deal. When it comes to the wifi, its not good at all its so inconsistent. I know all about interference and what not, and changing channels i have tried everything i can think of.With the exact same location of the router, and the exact same channels for the 5ghz and the 2.4 ghz manually set on both devices, testing using the same device ( iphone 7 until i get my laptop back) and standing in the same locations throughout the house, with no packages installed in the synology router, the asus will consistently deliver between 180 to 260 down, and similar equal upload, the synology varies from 70's, and 80's down,mids 100's, a sporadic 344 once, but the uploads, are as low as in there 30's to a peak of 108 at its highest upload rate, and when i say throughout the house, i do one test on the couch about 5 meters away, and then a couple more at the either ends of the house, with some walls and floors in the way.So im really thinking the asus is still quite solid, and is the synology i have faulty, or its firmware, or after hours of trying different settings im being thick about something. I know the speeds are still good, but not as excellent as i was hoping for.
↧
Same Cat7 Ethernet cable giving conflicting ping values for two different computers
Having a strange issue here, not sure if there are any networking people hanging about but it has stumped me. I've got a brand new Cat7 cable which is hooked up to our Orcon NF4v adsl line. When taking a speedtest, same server, same cable I am getting different pings on two different machines. This is not the issue, I realise that many factors can come into play, the issue is that my vastly superior desktop machine with a gigabit port is getting consistent pings of 27 while my ancient NEC laptop is getting consistent pings of 16. My desktop was built in the last couple of years, Gigabyte Sniper B7 MB with an Intel Gigabit port. The max speeds of the port on the laptop is 100mb/s. The laptop is running Windows 7 SP1 and the desktop is running Arch with the 414 kernel, I've already tried installing windows on the desktop, but that gives me the same results. I have also tried a different cable, same results, static IP, same results, changing the duplex values, changing DNS servers, disabling NAT on the Ethernet line, reinstalling the most recent drivers while running Windows 10 on my desktop (drivers that were released 10 years after the final update of the laptop's drivers) which surprisingly all producing the same results. Both using the chrome as the browser although I have tried using Firefox which also produces the same results.I'm looking at some trace routes from the router, however I can't seem to understand what they are telling me, perhaps someone can point me in the right direction. Anyone know any other tools I can use to debug the issue and see where these extra 14 or so ms of ping are bizarrely coming from? The download speeds are also slightly different with the laptop again winning out, however I couldn't tell you exactly by how much.Please don't bother commenting if you are just going to say "I wouldn't worry about it, it's not going to make a difference anyway..." I am looking to debug the issue, not to ignore it.
↧
↧
powerline kits with additional slave units
HiAre powerline kits with additional (wifi) slave units still available . I cant seem to find them anymore Used to be able to buy additional slave units to put in additional rooms other floorseg like this , for some reason importer doesnt have these .https://www.tp-link.com/au/products/details/cat-18_TL-WPA4220.htmlbasically I need a powerline kit & will need 2 additional wifi powerline slaves for itI cant see a mesh unit working, if wifi cant get through the several walls I dont see how mesh would work there (?)
↧
pricing to run cable + wifi access point ??
Hi , in general , for the av home, what would be a reasonable pricing to run ethernet cable & have a good wif ap installed.I was looking at the pricing for wifplus .$590 for cabling to a single AP, $950 for wiring + 2x access points .Does that sound reasonble ? seems about $450 just to run a single cable?https://wifiplus.co.nz/pricing/
↧
Mikrotik router with MyRepublic UFB
Has anyone had experience with the above?? I'm currently killing myself trying to make it worked. It was fine when I was with or on and trustpower but can't do it for MyRepublic. I have removed the VLAN tagging as I know that there is none for this ISP. Any ideas??
↧
Mikrotik with Bridged Spark VDSL - traceroute missing first two hops
I've got a newly configured Mikrotik (10.0.0.2/24) router connecting to a Spark VDSL connection which has been bridged. I have a wired connection to the MT and can access the internet. But I notice when I run a traceroute from the laptop it misses the first two hops as per below. Tracing route to www.trademe.co.nz [202.162.73.2]over a maximum of 30 hops:1 <1 ms <1 ms <1 ms 10.0.0.22 * * * Request timed out.3 * * * Request timed out.4 9 ms 9 ms 10 ms 122.56.116.95 10 ms 10 ms 10 ms 122.56.127.2106 12 ms 11 ms 12 ms 122.56.118.387 12 ms 12 ms 19 ms 203.57.145.1358 11 ms 11 ms 12 ms 202.162.73.2Trace complete. Do I have something misconfigured?I have some funky stuff happening on Wifi (Unifi AP and clients have correct IP info but can't access web) but wonder if its related to this routing issue. Routing table is default and shows directly connected networks:# DST-ADDRESS PREF-SRC GATEWAY DISTANCE0 ADS 0.0.0.0/0 pppoe-out1 11 ADC 10.0.0.0/24 10.0.0.2 bridge 02 ADC 125.239.206.1/32 xxx.xxx.143.212 pppoe-out1 0Looks like it's going to be another late night...
↧
↧
NZ VPN - Configure Edgerouter or Sign up to VPN service.
I will be travelling to Samoa soon, Yet it looks like I will be needing a VPN service with an NZ exit server. As Samoa is not supported by Google Play Music. And there will probably be other apps that will be geoblocked from Samoa also.Should I just sign up to a paid VPN service? (if so, who would you recommend?) Or should I setup a VPN server using my Edge router lite? and just use it and my UFB connection as a VPN? (I already have a static IP).
↧
Extremely minor insignificant issue - no signal bars
I have just noticed that my Huawei 4G RBI gateway device, which I had to replace the other day, no longer gives me signal strength indications in bars. I don't know if this has to do with the router, or with Vodafone. Everything works peachy keen so no problem and no complaint, but I kind of miss the bars as a quick rough indicator of relative signal strength.
↧
Different SSIDs for 2.4ghz and 5ghz
Hi all -Been hunting around for a while now trying to find the answer to this question but not having much luck. I've currently got a Fritz 7490 from 2degrees. I would like to have a SSID and password for 2.4ghz and a different SSID and password for 5ghz. The Fritz box gets close to this - you can have different SSIDs but you have to use the same password.I know much more expensive wireless APs can do this, I've previously used some Cisco Meraki MR32s at an old workplace but there's no way I want to spend that kind of money at home.Can anyone recommend a few wireless routers that are capable of this and then I can look into the feathers? I've got fibre so no need for ADSL / VDSL support.Thanks!
↧
SSH Tunnel advice for dummies please
Hi, my client uses an application that is a telnet server, and it is connected to by telnet clients that are hand-held barcode scanners running a VT100 terminal emulator. They use these in factories and warehouses to scan boxes as they move about.The clients are located in various locations around the world, and the server is in NZ. They're not happy about the clear text going over the internet for obvious reasons. So I have half an idea in my head to secure this system and hope if someone here can tell me if I'm on the right track: Setup a little SSH server in the remote building, that accepts the local telnet connections. These telnet connections are carried over the building wifi - can't really avoid that with the current scanners they have, but hopefully this wifi can be made secure.The SSH server somehow maintains a secure tunnel to another SSH server within a network in Auckland office that then connects to the telnet server. So the bit that is outside the fence is encrypted SSH and the bits inside are clear text Telnet.Is this how it works? Can they just download SSH and go? TIA for any tipsJohnO
↧
↧
Bamboozled by IPv6 on pfsense
How do I setup IPv6 on pfsense? I have got a static IPv6 addressBut unsure what to setup on WAN/LAN interface.. and how to config DHCPv6Any help please
↧
Mikrotik IKEv2 - iOS Client EAP Error
I've got a working IKEv2 vpn with RSA authentication on my new Mikrotik after following their wiki guideIt wasn't documented as part of the guide but I had some fun figuring out that I needed to add a couple of Filter rules to enable this to work. Namely: 1 ;;; allow L2TP VPN (500,4500,1701/udp)chain=input action=accept protocol=udp in-interface=pppoe-out1 dst-port=500,1701,4500 log=yes log-prefix="vpn"2 ;;; allow L2TP VPN (ipsec-esp)chain=input action=accept protocol=ipsec-esp in-interface=pppoe-out1 log=yes log-prefix="vpn" Windows 10 clients are connecting and working fine with Certificate Authentication so I've assumed VPN is setup correctly. Not so with my iPhone (IOS 11). Filter log indicates:jul/26 07:00:18 ipsec,info new ike2 SA (R): public.ip.address[500]-my.iphone.public.address[44774] spi:f3ac03c95c285edd:0b7eaa5b9a4d8b2djul/26 07:00:18 ipsec,error EAP not configuredjul/26 07:00:18 ipsec,info killing ike2 SA: public.ip.address[4500]-my.iphone.public.address[40931] spi:f3ac03c95c285edd:0b7eaa5b9a4d8b2d But I'm not using EAP - at least I don't think I am. I found some info online about older IOS versions having a bug requiring EAP with certs. My iPhone VPN connection specifies Certificate Authentication. I have both Root cert and Client certs loaded, verified and trusted.Has anyone encountered this? I'll play some more tonight but fallback plan may be to try a L2TP/IpSec connection instead.
↧
My Republic and Edgerouter offloading
I have just switched to a 1000/500 MyRepublic plan. I deleted the pppoe connection as MyRepublic does not need it and reran the WAN+2LAN2 wizard and this got me connect to MyRepublic. However the down speed is poor, 30Meg, the up speed seems okay >270meg. I suspect its to do with offloading, but I can't find any instructions if you don't have a pppoe setup.Does anyone know the CLI commands to enable offlaoding for a non pppoe setup.currently show ubnt offload returnsIPSec offload module: not loaded HWNAT offload module: loaded Traffic Analysis : export : disabled dpi : disabled version : 1.354 ThanksNic.
↧