Recent content by scrappymouse

  1. S

    Question about networking

    If you haven't checked them out, I'd suggest Aunty Aprils a really good chicken and waffle place in SF, personally I think they are better than Roscoe's, but last time I went was before the pandemic really hoping they survived
  2. S

    Mobile router devices which allow ethernet connection and

    I believe the cradlepoint ibr600 allows you to disable wifi, and remove antennas, should be able to find on ebay for under 100
  3. S

    Improvement recommendations? Diagram inside

    I'd add a switch to this environment, create a VLAN for your IOT devices, set your PC's up on another VLAN this could be VLAN for Trusted-Wifi and your wired PC's(and anything else you trust), perhaps a third VLAN for your NVR equipment. Do the VLAN's at the switch level, set up a trunk port...
  4. S

    Improvement recommendations? Diagram inside

    A decent router honestly shouldn't allow that, but I'm used to enterprise gear. I'd be surprised if you aren't dropping packets in this setup, unless Mikrotik is essentially a consumer router with a built-in switch with some enterprise software capabilities. I haven't used their products.
  5. S

    Observium Alerting? Anyone done this personally?
  6. S

    Improvement recommendations? Diagram inside

    A routers job is to route between different subnets, aka different subnet on each port, I'd honestly be surprised is the router allows for this configuration, home routers allow it because their ports are basically an inbuilt switch. In this layout you are treating the router as a switch, it...
  7. S

    Cannot connect to printer in a seperate subnet but same domain.

    Do you use port security or sticky mac? Try clearing the arp cache on the firewalls and switches that are needed to get through. Had issues before where our FW wouldn't let go of an old MAC, Clear ARP and bounce the port the printer is on, check the config and make sure there isn't another...
  8. S

    Is hiding SSID's still a security risk?

    Hidden SSIDs are the equivalent of hiding your pornstash on multiple nested folders, anyone who knows how to search files will find it, it's security through obscurity, which isn't really security. Same with MAC whitelist its really east to get the MAC of nearby devices and spoof them. But that...
  9. S

    match default rule, drop

    You really need a vpn if you want to rdp externally to your machines on the network, without's like a bank asking how to keep criminals from climbing in the open window and robbing them, you tell them to close the window and they do, but they open another window and the criminals climb...
  10. S

    match default rule, drop

    If you indeed have two routers(the providers gateway router that you would have no control over), and than your own internal router(one you control) and the provider is setting routes to your internal router than if you change the IP address of your router they would need to update their routes...
  11. S

    Troubleshooting TFTP/PXE with WDS VM and MoFi Network MOFI4500-4GXeLTE-V3 OpenWrt router

    What versions are you running? This looks like an earlier bug with dnsmasq and ooenwrt but should be fixed
  12. S

    match default rule, drop

    I was trying to decipher if that was indeed the case.....if so....yeah very very bad practice, the port attacks most likely were from shodan scanners
  13. S

    match default rule, drop

    Are you using remote desktop externally? Is that router IP the public(external) or the private(internal)?
  14. S

    need some ubiquiti guidance PTP wireless bridge network

    Also for ubiquity APs you can tag them for a specific VLAN per ssid