The following are the steps I used to perform to set up an IPSEC VPN with a vti (virtual tunnel interface). The advantage is that using a vti gives us a route-able interface so making it easy to work with the IPSEC tunnel. The current setup looks like: Primary Site: ER-8 (with load-balancing WAN1 and… Read More »
Trying to fix my OpenVPN site-to-site link and due to the environment update I had to do some changes. The initial setup of the OpenVPN is here https://blog.voina.be/edgerouter-dual-wan-hair-pin-multiple-networks-openvpn-site-to-site-vpn/ First of all there is a new EdgeRouter ER-8 that is directly linked to the main ISP I got this from Amazon.de see Ubiquiti ER-8 Netzwerk/Router .… Read More »
Very important information about the SafeNet software and licences. I get all the time very puzzled clients that find it difficult to understand how to see the license validity and how to install the e-token support. In order to obtain the software and to be able to monitor your licences you need an account with… Read More »
In the following I will try to show how to generate user certificates on e-tokens by using the Windows CA. This tokens can be used after that for secure user authentication or signing. Prerequisites: – Install the Windows CA service. This comes a standard feature in Windows Server 2012. – Internet Explorer 9 and up… Read More »
My setup becomes more and more complicated bellow there are the updated steps of my configurations with references to the original posts containing the partial configurations. STEP 1 EdgeRouter : Dual WAN with Hair Pin Initially I started with a dual-wan configuration with some extra setting to exclude from load balancing the hair pin connections:… Read More »
I wanted to use for my site-to-site VPN connection some aliases in the configuration files. The simple solution was to configure some dynamic DNS aliases with afraid.org After creating an account and defining a site name like site1.mooo.com do the following from CLI configure set service dns dynamic interface eth0 service afraid host-name site1.mooo.com set… Read More »
As a result of setting up my site-to-site VPN see this it is much easier to transfer things from one site to the other. The questions that came to mind were: What is the bandwidth of my VPN ? What is the limiting factor ? My ISPs or the Edge Router ? To answer to… Read More »
I have two sites hosting my home servers so I wanted a solution to have a permanent link between the sites. On site one I have an EdgeRouter POE and on the other site an EdgeRouter Lite and the obvious solution is to have a site to site VPN on a permanent basis. There is… Read More »
I got my EdgeRouter POE from UbiQuiti EdgeRouter, 5-port Router POE and came with the 24VAC power supply. Because the Ubiquity devices are all using the strange low power POE for which 24VAC is enough they ship the EdgeRouter POE with the 24VAC power supply. As a result the device is useless in powering “normal”… Read More »
Yes our friends from China invented a new type of DDOS attack. The great firewall changed unencrypted traffic that contained 3rd party javascript libraries to DDOS GitHub. There is already a testing tool SRI Test developed and deployed by Gabor Szathmari see for more details his blog To protect my blog I found out that… Read More »