I've lost count on how many times I've been asked to write a tutorial however because my current router has a rather complex configuration on it I could never get a chance to do it. Truth is, the Edgerouter has to be one of the most rock solid routers I've ever used and in the 2 years I've had it, it's never needed a complete reconfigure. Apologies for it taking a while to come up with a guide (I've had Earthquakes, flooding as well as work and family commitments to adhere to).So, a huge thanks to Go Wireless for providing me an Edgerouter PoE to both have a general play around with and write a guide. Now, both the Edgerouter PoE and the Edgerouter Lite are essentially the same router so this guide covers both of those (as well as the big brothers).Configuration Guide Parameters:This configuration will assume you're on a UFB / Vodafone FibreX connection - for VDSL / ADSL connections it is advisable to get a Draytek DV130 to put in bridge mode. I won't be writing a guide for this as I simply don't have any way to test anymore.Getting Started:Once you get your new EdgeRouter before you plug it in use your existing internet connection and navigate to the Ubiquiti Firmware site to grab the latest version of the firmware. I'll attempt to keep this guide up-to-date as long as I am using an Edgerouter. The current firmware package for both the Edgerouter Lite and PoE is "EdgeRouter ERLite-3/ERPoe-5 Firmware v1.9.0".1) Connect your Edgerouter to your PC / Switch via "eth0" - leave your ONT out of it for now. The Edgerouter will take up-to 5mins to initially boot.2) Set an IP on your computer in the 192.168.1.0/24 range:2) Navigate to https://192.168.1.1 in your web browser (Chrome or Firefox) - since the Edgerouter uses a self signed certificate you can ignore the certificate warning.3) Login with username + password ubnt. We'll be changing this.3) When it asks you to do the "Basic Setup" wizard we'll be clicking "No" just at the moment. It just brings you into the Wizards screen.4) If you're needing to update your firmware click "System" and scroll down to "Upload system image" - upload the file you've prepared earlier. When the router is done uploading it'll ask nicely if it can reboot to apply the firmware.Bring in the Wizard!Now you've got your Edgerouter on its latest firmware and you're back in the web interface you can now wrangle the Wizards within. Back when I first set up my Edgerouter we never had these so honestly this generation should be grateful.1) Click on Wizards up near the top - it'll bring you to this screen:2) We'll be running the WAN+2LAN2 wizard. My configuration is for UFB / DHCP over VLAN 10 (same as Orcon and Vodafone FibreX) however I'll also show you how to do PPPoE. This wizard is really straight forward. For the Edgerouter PoE there are some additional options relating to ports 2,3,4 of which Edgerouter Lite users can disregard.For UFB over IPoE (including Vodafone Fibre X):Internet Connection Type: DHCPVLAN: Yes, your internet connection is on a VLAN - tick this box and your VLAN ID is 10.Enable the default firewall.Do not tick Bridging - this will severely hinder the performance of the Edgerouter.For UFB / VDSL / ADSL PPPoE:Internet Connection Type: PPPoE (enter your ISP provided account name + password. BigPipe + Spark has to be anything but blank for both)VLAN: If you're on BigPipe, bridging with a Draytek or on an ISP that doesn't offer VLAN then keep this unticked, otherwise change this to VLAN 10.Enable the default firewall.Do not tick Bridging - this will severely hinder the performance of the Edgerouter.Edgerouter PoE users:Configure your LAN Ports eth2 to eth4 - we'll be using 192.168.2.1/24 for this guide with eth1 as our primary LAN. These interfaces are switched in hardware and so you can use these for your main network.Once completed your configuration should look something like this:Hit Apply - a prompt will come up asking if you're sure.The router will ask to reboot to apply its configuration - like a good router you need to confirm 3x before it'll actually reboot.Getting Internet:Now, you'll want to connect your ONT, that Vodafone "CNT" (Cable Network Terminal - now we can see why they didn't call it that) or your Draytek to the router:eth0: ONT, CNT or Modem.eth1: Your switch.eth2-eth4: Unused (unless if you're using the Edgerouter PoE you'll want to connect your AP to this).Bug Warning: In the current Edgerouter firmware you won't get an IP from your internet provider if you're using VLAN tagging. The fix is simple, next to "Internet" on the main screen when you login click Actions, Config and then simply press Save. An IP will come rolling in. If you're on the PPPoE connection you'll just want to hit save on your "eth0.10" connection.Secondary Bug Warning: If you're using VLAN tagging also you'll note you'll have an IP however be unable to access the internet. Go under Firewall/NAT, NAT the under the rule "masquerade for WAN" click Actions - Config. Change the Outbound interface to either your PPPoE connection or your VLAN connection (for IPoE):When you hit Save you'll suddenly have internet.Additional things:You'll note that doing a Speedtest you'll get really really poor speeds like this:You can see this in the console if you type "show ubnt offload".The reason is the wizards don't enable offloading by default. Open up the Console (top right), login with the same user you use for the WebUI and type these direct into the terminal:configureset system offload ipv4 vlan enableset system offload ipv4 pppoe enablecommitsaveexitHere is a Speedtest taken directly after those commands (no reboot required):Port Forwarding + Hairpin NAT:Something you'll also want to do is select your WAN interface under the Port Forwarding screen for Hairpin NAT. Select this beside "WAN Interface" and add your LAN interfaces under here. From this screen it is straight forward to enable Port Forwarding. Hit Apply once you're done.UPnP:I do not recommend enabling this however if you must for any reason you can find this under the Wizards tab. I would always recommend using port forwarding instead of this so you don't end up as a part of a massive DDOS attack.Firewall:It is always worth going into Firewall/NAT and looking at your Firewall Policies to ensure you've got the correct interfaces enabled. Check these:-----If you've got any questions then feel free to fire away below. My record during this tutorial of the Chrome Dinosaur game is 8296.Last edited: 25/11/2016
↧