Network configuration: Difference between revisions
From Wildsong
Jump to navigationJump to search
Brian Wilson (talk | contribs) m →Unifi |
Brian Wilson (talk | contribs) m →Unifi |
||
Line 90: | Line 90: | ||
== Unifi == | == Unifi == | ||
Use admin account to get access to [ | Use admin account to get access to [https://bellman.wildsong.biz:8443/ UniFi server in Docker.] | ||
[[Category: Network]] | [[Category: Network]] |
Revision as of 03:15, 6 November 2018
Overview
- Aris DOCSIS modem in bridge mode provided by Spectrum (no WiFi thank you very much!)
- Ubiquiti Edgerouter as firewall and 4 ports (one is used up by the DLINK)
- 8 port DLINK 1G switch
- Unifi wireless access point; Unifi controller in Docker on Bellman
Bellman provides DNS and DHCP
- WLAN wildsong2 2.4 GHz
- WLAN wildsong5 5 GHz
Someday I might put up SSID=wildsong for guest access and create a separate VLAN but at the moment I have more interesting things to do.
Wired
- Bellman server
- Murre Windows 10 Desktop
- Other random gadgets come and go including a Raspberry Pi
- 1 Grandstream Android phone
Wireless via Unifi
I think everything but the Squeezebox should work on 5 GHz.
In the eLab,
- Desktop Tern in the eLab.
- 1 Grandstream Android phone
Laptops
Squeezebox, 2.4 GHz ONLY
Edgerouter
Use bwilson account to get access
You can SSH into it or go to its web interface.
I have a basic firewall set up here.
Getting syn flooded from 23.225.141.70
ssh into bellman then ssh into edgerouter
configure # Find a good rule number to use show firewall name WAN_IN # Add the rule to blacklist the attacker
set firewall name WAN_IN rule 40 action drop set firewall name WAN_IN rule 40 source address 23.225.141.70 set firewall name WAN_IN rule 40 protocol tcp
commit; save # Did not work!
delete firewall name WAN_IN rule 40 commit; save
# Heavy handed, but we're running all services on HTTP anyway # Just drop port forwarding for port 80!
show port-forward
rule 4 { description HTTP forward-to { address 192.168.123.2 port 80 } original-port 80 protocol tcp } ...
delete port-forward rule 4 commit; save
This worked. For now anyway.
Unifi
Use admin account to get access to UniFi server in Docker.