[Maylyn's Review ~ Networking] Ubiquiti EdgeRouter Lite

[andr3wyong]

Looks like VQ needs to revise price… haha.

But anyway IIRC VQ has stock for exchange for RMA on the spot. Alagas stock depends on batched orders

Anyway Alagas is where I get all my MTik stuff

 

[wkweksl]

Now to see whats the longest uptime it can sustain

Somebody in the community forums ran it for >6 months and still going. Reluctant to reboot and lose the uptime!

 

[HeeroYuy84]

$136 local.
https://store.alagasnetwork.sg

I got mine from amazon, got a friend from US to ship.

You best liao la..thanks for sharing

 

[cyberet]

Somebody in the community forums ran it for >6 months and still going. Reluctant to reboot and lose the uptime!

mine was up for 2 months before i had to update the firmware.
bricked it in the process, then vq changed a new ERL

Must remember to reboot before i update the firmware in future

 

[jojocruz24]

Please help - UBNT EDGE ROUTER LITE - REmote Management

Hi,

Can someone please help me on some configuration please?
I want to access my EDGE ROUTER LITE via WAN side on port 5555.
How can I do it? Also I want to change the Ip Address of WAN side to 222.100.130.254.

jojo



firewall {
all-ping enable
broadcast-ping disable
conntrack-expect-table-size 4096
conntrack-hash-size 4096
conntrack-table-size 32768
conntrack-tcp-loose enable
ipv6-receive-redirects disable
ipv6-src-route disable
ip-src-route disable
log-martians enable
name WAN_IN {
default-action drop
description "packets from Internet to LAN & WLAN"
enable-default-log
rule 1 {
action accept
description "allow established sessions"
log disable
protocol all
state {
established enable
invalid disable
new disable
related enable
}
}
rule 2 {
action drop
description "drop invalid state"
log disable
protocol all
state {
established disable
invalid enable
new disable
related disable
}
}
}
name WAN_LOCAL {
default-action drop
description "packets from Internet to the router"
enable-default-log
rule 1 {
action accept
description "allow established session to the router"
log disable
protocol all
state {
established enable
invalid disable
new disable
related enable
}
}
rule 2 {
action drop
description "drop invalid state"
log enable
protocol all
state {
established disable
invalid enable
new disable
related disable
}
}
}
receive-redirects disable
send-redirects enable
source-validation disable
syn-cookies enable
}
interfaces {
ethernet eth0 {
address dhcp
description WAN
firewall {
in {
name WAN_IN
}
local {
name WAN_LOCAL
}
}
}
ethernet eth1 {
address 192.168.33.1/24
description LAN
}
ethernet eth2 {
address 192.168.32.1/24
description LAN2
}
loopback lo {
}
}
service {
dhcp-server {
disabled false
shared-network-name LAN {
authoritative disable
subnet 192.168.33.0/24 {
default-router 192.168.33.1
dns-server 192.168.33.1
lease 86400
start 192.168.33.2 {
stop 192.168.33.254
}
}
}
shared-network-name LAN2 {
authoritative disable
subnet 192.168.32.0/24 {
lease 86400
start 192.168.32.100 {
stop 192.168.32.150
}
}
}
}
dns {
forwarding {
cache-size 150
listen-on eth1
listen-on eth2
}
}
gui {
https-port 443
}
nat {
rule 5000 {
description "masquerade for WAN"
log disable
outbound-interface eth0
type masquerade
}
}
ssh {
port 22
protocol-version v2
}
}
system {
host-name ubnt
login {
user ubnt {
authentication {
encrypted-password $1$zKNoUbAo$gomzUbYvgyUMcD436Wo66.
}
level admin
}
}
ntp {
server 0.ubnt.pool.ntp.org {
}
server 1.ubnt.pool.ntp.org {
}
server 2.ubnt.pool.ntp.org {
}
server 3.ubnt.pool.ntp.org {
}
}
syslog {
global {
facility all {
level notice
}
facility protocols {
level debug
}
}
}
time-zone America/New_York
}


/* Warning: Do not remove the following line. */
/* === vyatta-config-version: "config-management@1:dhcp-relay@1:dhcp-server@4:firewall@4:ipsec@3:nat@3:qos@1:quagga@2:system@4:ubnt-pptp@1:vrrp@1:webgui@1:webproxy@1:zone-policy@1" === */
/* Release version: v1.0.2.4507738.121107.1250 */

 

[davidktw]

Hi,

Can someone please help me on some configuration please?
I want to access my EDGE ROUTER LITE via WAN side on port 5555.
How can I do it? Also I want to change the Ip Address of WAN side to 222.100.130.254.

jojo

Depending on which NIC you are using for WAN uplink, change the ip address to 222.100.130.254. I see that your eth0 is dhcp and the rest are on 192.168.32.X subnets.
You can do this through the GUI easily, no need to dig into the console.

The default web management console is exposed via port 443 using HTTPS, if you want to move it to 5555, I'm not sure if it is a configuration since I haven't try it, but you can certainly open INPUT port 443, then also at the NAT table, setup PREROUTING for port 5555, redirect to port 443.

firewall {
all-ping enable
broadcast-ping disable
conntrack-expect-table-size 4096
conntrack-hash-size 4096
conntrack-table-size 32768
conntrack-tcp-loose enable
ipv6-receive-redirects disable
ipv6-src-route disable
ip-src-route disable
log-martians enable
name WAN_IN {
default-action drop
description "packets from Internet to LAN & WLAN"
enable-default-log
rule 1 {
action accept
description "allow established sessions"
log disable
protocol all
state {
established enable
invalid disable
new disable
related enable
}
}
rule 2 {
action drop
description "drop invalid state"
log disable
protocol all
state {
established disable
invalid enable
new disable
related disable
}
}
}
name WAN_LOCAL {
default-action drop
description "packets from Internet to the router"
enable-default-log
rule 1 {
action accept
description "allow established session to the router"
log disable
protocol all
state {
established enable
invalid disable
new disable
related enable
}
}
rule 2 {
action drop
description "drop invalid state"
log enable
protocol all
state {
established disable
invalid enable
new disable
related disable
}
}
}
receive-redirects disable
send-redirects enable
source-validation disable
syn-cookies enable
}
interfaces {
ethernet eth0 {
address dhcp
description WAN
firewall {
in {
name WAN_IN
}
local {
name WAN_LOCAL
}
}
}
ethernet eth1 {
address 192.168.33.1/24
description LAN
}
ethernet eth2 {
address 192.168.32.1/24
description LAN2
}
loopback lo {
}
}
service {
dhcp-server {
disabled false
shared-network-name LAN {
authoritative disable
subnet 192.168.33.0/24 {
default-router 192.168.33.1
dns-server 192.168.33.1
lease 86400
start 192.168.33.2 {
stop 192.168.33.254
}
}
}
shared-network-name LAN2 {
authoritative disable
subnet 192.168.32.0/24 {
lease 86400
start 192.168.32.100 {
stop 192.168.32.150
}
}
}
}
dns {
forwarding {
cache-size 150
listen-on eth1
listen-on eth2
}
}
gui {
https-port 443
}
nat {
rule 5000 {
description "masquerade for WAN"
log disable
outbound-interface eth0
type masquerade
}
}
ssh {
port 22
protocol-version v2
}
}
system {
host-name ubnt
login {
user ubnt {
authentication {
encrypted-password $1$zKNoUbAo$gomzUbYvgyUMcD436Wo66.
}
level admin
}
}
ntp {
server 0.ubnt.pool.ntp.org {
}
server 1.ubnt.pool.ntp.org {
}
server 2.ubnt.pool.ntp.org {
}
server 3.ubnt.pool.ntp.org {
}
}
syslog {
global {
facility all {
level notice
}
facility protocols {
level debug
}
}
}
time-zone America/New_York
}


/* Warning: Do not remove the following line. */
/* === vyatta-config-version: "config-management@1:dhcp-relay@1:dhcp-server@4:firewall@4:ipsec@3:nat@3:qos@1:quagga@2:system@4:ubnt-pptp@1:vrrp@1:webgui@1:webproxy@1:zone-policy@1" === */
/* Release version: v1.0.2.4507738.121107.1250 */

 

[Microstar]

Hi, sorry to divert a bit..but where can I buy Ubiquiti UniFi AC 3-pack here?

 

[andr3wyong]

If you were a VQ subscriber, you would have seen our MO ^^|| you can try purchasing from Alagas Network

 

[saint17]

~ One important note ~

You might have to include your previous mac address of your previous router in the config file before you are able to establish an Internet connection depending which Internet service provider you are using

Alternatively, you can call your Internet service provider to inform them about the new mac address behind on the ERL, in the case of Viewqwest. Mainstream ISP that's too bad

Mine? no need even to include the part and neither need to call them as well. I have 10 over routers @ home for firmware validation

interfaces {
    ethernet eth0 {
        address dhcp
        address 192.168.1.1/24
        [B]mac xx:xx:xx:xx:xx:xx ##Your previous router mac address[/B]

is this method working?
then i can use my asus mac instead of calling VQ to change it for me..

First attempt few nights ago,
sent the new mac address to VQ, no connections..
end up, VQ detected a few mac address, even got one that i dont know what device is it.. NOC had to reset my modem in order to get the connection back for me..

thanks

 

[andr3wyong]

is this method working?
then i can use my asus mac instead of calling VQ to change it for me..

First attempt few nights ago,
sent the new mac address to VQ, no connections..
end up, VQ detected a few mac address, even got one that i dont know what device is it.. NOC had to reset my modem in order to get the connection back for me..

thanks

Yes, that works, but in the long run just fire an email to VQ to update the MAC address.

By the way, the leaking of MAC addresses to VQ’s optical network issue usually happens when the router connected to GE1 is also in bridge mode or has NAT turned off by accident/misconfiguration.

Or it could just be a bug

 

[maylyn]

Just some observations

I have manage to find some time to perform a firmware upgrade to 1.30, just realised that the Ubiquiti edgerouter lite uptime was almost 2 months went straight to upload the v1.30 firmware tar file and keep running into upgrade error so a quick reboot solve the resolve upgrade error



Getting full speed on Speedtest doesn't even break any sweat for the Ubiquiti Edgerouter lite, that's why it's still serving as the main router for my main fiber line

 

[Confession.pt3]

which home router will provide high packet per second after edge light?

 

[chaicka]

Just some observations

I have manage to find some time to perform a firmware upgrade to 1.30, just realised that the Ubiquiti edgerouter lite uptime was almost 2 months went straight to upload the v1.30 firmware tar file and keep running into upgrade error so a quick reboot solve the resolve upgrade error



Getting full speed on Speedtest doesn't even break any sweat for the Ubiquiti Edgerouter lite, that's why it's still serving as the main router for my main fiber line

Yes... Useful enhancements and bug fixes keep progressing on a regular basis with each new firmware release.

v1.3.0 spots some useful ones for many typical real-world deployments, all thanks to its development team actively listens and interacts with real-world customers over its forum.

If one has an Apple eco-system at home, give the "mDNS Reflector" a try by enabling it (though needs to do so via CLI command). Bonjor protocol now works across subnets and now one can have the WLAN on a separate segment while still be able to AirPlay to their AppleTV which may be on another LAN segment.



Disclaimer: EdgeRouter Lite/PoE are not those typical consumer-grade router. Certain level of networking knowledge is required and CLI configuration is almost certainly required for advance configurations/set-up scenarios.

 

[MichaelTan]

Hi guys, I apologise to butt into this thread.

I got one of these babies to toy around, but after various attempts with setting up the VLAN tagging stuff that Singtel fiber requires, I couldn't get it to work with Singtel.

Only require internet - since the phone has been switched over to the fiber ONT, and not using MIO. Is there a configuration file somebody has made before which works?

Investigating on how to get this to work, any help will be appreciated. Working this out for a friend.

 

[MichaelTan]

Ok we got it to work on Singtel fiber already. Required putting the VLAN10 thing on a lot of the sample code.

Hi guys, I apologise to butt into this thread.

I got one of these babies to toy around, but after various attempts with setting up the VLAN tagging stuff that Singtel fiber requires, I couldn't get it to work with Singtel.

Only require internet - since the phone has been switched over to the fiber ONT, and not using MIO. Is there a configuration file somebody has made before which works?

Investigating on how to get this to work, any help will be appreciated. Working this out for a friend.

 

[chaicka]

Hi fellow users of EdgeMax routers (ERL, ERPOE, etc),

I have raised a feature request to Ubiquiti to have IPv6 Support in GUI. I believe you can help to let Ubiquiti team knows the demand of it and make it happen in 2014, simply by goto to the post link below and click "Kudos".

https://community.ubnt.com/t5/EdgeM...port-in-Management-GUI-Interface/idi-p/661583

Thanks and may all of us who use EdgeMax routers benefit from the little efforts each of us contribute.

 

[maylyn]

Hi fellow users of EdgeMax routers (ERL, ERPOE, etc),

I have raised a feature request to Ubiquiti to have IPv6 Support in GUI. I believe you can help to let Ubiquiti team knows the demand of it and make it happen in 2014, simply by goto to the post link below and click "Kudos".

https://community.ubnt.com/t5/EdgeM...port-in-Management-GUI-Interface/idi-p/661583

Thanks and may all of us who use EdgeMax routers benefit from the little efforts each of us contribute.

Good call and initiative Chaicka. Support !!!

 

[chaicka]

only garnered 9 kudos...

 

[chaicka]

Thanks for the effort to "Kudos" the feature request, which is now in the top 10.

More 'Kudos' will sure help to push it up the priorities of to-add in 2014.

 

[andr3wyong]

Paiseh, still trying to figure out where the kudos button is, I'm a bit slow