Because the number of my systems increased moving all my stuff to a rack was the right decision to avoid cable spaghetti and administration hell. But when you have a rack you need to have an administration console for it. Looking on the market (the deals market) the cheapest console I could find was some… Read More »
Open Shortest Path First (OSPF) is a routing protocol for Internet Protocol (IP) networks. Because I have site-to-site OpenVPN and IPSEC tunnels between my primary and remote sites I ended up defining lots of static routes. The environment started to be complex enough to justify the use of OSPF that is supported by EdgeRouter. The… Read More »
The following are the steps I used to perform to set up an IPSEC VPN with a vti (virtual tunnel interface). The advantage is that using a vti gives us a route-able interface so making it easy to work with the IPSEC tunnel. The current setup looks like: Primary Site: ER-8 (with load-balancing WAN1 and… Read More »
Trying to fix my OpenVPN site-to-site link and due to the environment update I had to do some changes. The initial setup of the OpenVPN is here https://blog.voina.org/edgerouter-dual-wan-hair-pin-multiple-networks-openvpn-site-to-site-vpn/ First of all there is a new EdgeRouter ER-8 that is directly linked to the main ISP I got this from Amazon.de see Ubiquiti ER-8 Netzwerk/Router .… Read More »
Very important information about the SafeNet software and licences. I get all the time very puzzled clients that find it difficult to understand how to see the license validity and how to install the e-token support. In order to obtain the software and to be able to monitor your licences you need an account with… Read More »
In the following I will try to show how to generate user certificates on e-tokens by using the Windows CA. This tokens can be used after that for secure user authentication or signing. Prerequisites: – Install the Windows CA service. This comes a standard feature in Windows Server 2012. – Internet Explorer 9 and up… Read More »
My setup becomes more and more complicated bellow there are the updated steps of my configurations with references to the original posts containing the partial configurations. STEP 1 EdgeRouter : Dual WAN with Hair Pin Initially I started with a dual-wan configuration with some extra setting to exclude from load balancing the hair pin connections:… Read More »
I wanted to use for my site-to-site VPN connection some aliases in the configuration files. The simple solution was to configure some dynamic DNS aliases with afraid.org After creating an account and defining a site name like site1.mooo.com do the following from CLI configure set service dns dynamic interface eth0 service afraid host-name site1.mooo.com set… Read More »
As a result of setting up my site-to-site VPN see this it is much easier to transfer things from one site to the other. The questions that came to mind were: What is the bandwidth of my VPN ? What is the limiting factor ? My ISPs or the Edge Router ? To answer to… Read More »
I have two sites hosting my home servers so I wanted a solution to have a permanent link between the sites. On site one I have an EdgeRouter POE and on the other site an EdgeRouter Lite and the obvious solution is to have a site to site VPN on a permanent basis. There is… Read More »