Network configuration: Difference between revisions
From Wildsong
Jump to navigationJump to search
Brian Wilson (talk | contribs) |
Brian Wilson (talk | contribs) mNo edit summary |
||
Line 2: | Line 2: | ||
* Aris DOCSIS modem in bridge mode provided by Spectrum (no WiFi thank you very much!) | * Aris DOCSIS modem in bridge mode provided by Spectrum (no WiFi thank you very much!) | ||
* Edgerouter as firewall | * Ubiquiti Edgerouter as firewall and 4 ports (one is used up by the DLINK) | ||
* 8 port DLINK 1G switch | * 8 port DLINK 1G switch | ||
* Unifi wireless access point | * Unifi wireless access point; Unifi controller in Docker on Bellman | ||
Bellman provides DNS and DHCP | Bellman provides DNS and DHCP | ||
Line 20: | Line 19: | ||
* [[Murre]] Windows 10 Desktop | * [[Murre]] Windows 10 Desktop | ||
* Other random gadgets come and go including a Raspberry Pi | * Other random gadgets come and go including a Raspberry Pi | ||
* 1 Grandstream Android phone | |||
=== Wireless via Unifi === | === Wireless via Unifi === | ||
Line 25: | Line 25: | ||
I think everything but the Squeezebox should work on 5 GHz. | I think everything but the Squeezebox should work on 5 GHz. | ||
Desktop [[Tern]] | In the eLab, | ||
* Desktop [[Tern]] in the eLab. | |||
* 1 Grandstream Android phone | |||
Laptops | Laptops | ||
Line 33: | Line 35: | ||
Squeezebox, 2.4 GHz ONLY | Squeezebox, 2.4 GHz ONLY | ||
== Edgerouter == | == Edgerouter == | ||
Use bwilson account to get access | Use bwilson account to get access | ||
You can SSH into it or go to its [http://192.168.1.1 web interface]. | |||
I have a basic firewall set up here. | I have a basic firewall set up here. | ||
Line 88: | Line 90: | ||
== Unifi == | == Unifi == | ||
Use admin account to get access | Use admin account to get access to [http://unifi.wildsong.biz UniFi server in Docker.] | ||
[[Category: Network]] | [[Category: Network]] |
Revision as of 03:13, 6 November 2018
Overview
- Aris DOCSIS modem in bridge mode provided by Spectrum (no WiFi thank you very much!)
- Ubiquiti Edgerouter as firewall and 4 ports (one is used up by the DLINK)
- 8 port DLINK 1G switch
- Unifi wireless access point; Unifi controller in Docker on Bellman
Bellman provides DNS and DHCP
- WLAN wildsong2 2.4 GHz
- WLAN wildsong5 5 GHz
Someday I might put up SSID=wildsong for guest access and create a separate VLAN but at the moment I have more interesting things to do.
Wired
- Bellman server
- Murre Windows 10 Desktop
- Other random gadgets come and go including a Raspberry Pi
- 1 Grandstream Android phone
Wireless via Unifi
I think everything but the Squeezebox should work on 5 GHz.
In the eLab,
- Desktop Tern in the eLab.
- 1 Grandstream Android phone
Laptops
Squeezebox, 2.4 GHz ONLY
Edgerouter
Use bwilson account to get access
You can SSH into it or go to its web interface.
I have a basic firewall set up here.
Getting syn flooded from 23.225.141.70
ssh into bellman then ssh into edgerouter
configure # Find a good rule number to use show firewall name WAN_IN # Add the rule to blacklist the attacker
set firewall name WAN_IN rule 40 action drop set firewall name WAN_IN rule 40 source address 23.225.141.70 set firewall name WAN_IN rule 40 protocol tcp
commit; save # Did not work!
delete firewall name WAN_IN rule 40 commit; save
# Heavy handed, but we're running all services on HTTP anyway # Just drop port forwarding for port 80!
show port-forward
rule 4 { description HTTP forward-to { address 192.168.123.2 port 80 } original-port 80 protocol tcp } ...
delete port-forward rule 4 commit; save
This worked. For now anyway.
Unifi
Use admin account to get access to UniFi server in Docker.