Search results

  1. S

    Mobile router devices which allow ethernet connection and

    I believe the cradlepoint ibr600 allows you to disable wifi, and remove antennas, should be able to find on ebay for under 100
  2. S

    Improvement recommendations? Diagram inside

    I'd add a switch to this environment, create a VLAN for your IOT devices, set your PC's up on another VLAN this could be VLAN for Trusted-Wifi and your wired PC's(and anything else you trust), perhaps a third VLAN for your NVR equipment. Do the VLAN's at the switch level, set up a trunk port...
  3. S

    Improvement recommendations? Diagram inside

    A decent router honestly shouldn't allow that, but I'm used to enterprise gear. I'd be surprised if you aren't dropping packets in this setup, unless Mikrotik is essentially a consumer router with a built-in switch with some enterprise software capabilities. I haven't used their products.
  4. S

    Observium Alerting? Anyone done this personally?
  5. S

    Improvement recommendations? Diagram inside

    A routers job is to route between different subnets, aka different subnet on each port, I'd honestly be surprised is the router allows for this configuration, home routers allow it because their ports are basically an inbuilt switch. In this layout you are treating the router as a switch, it...
  6. S

    Cannot connect to printer in a seperate subnet but same domain.

    Do you use port security or sticky mac? Try clearing the arp cache on the firewalls and switches that are needed to get through. Had issues before where our FW wouldn't let go of an old MAC, Clear ARP and bounce the port the printer is on, check the config and make sure there isn't another...
  7. S

    Is hiding SSID's still a security risk?

    Hidden SSIDs are the equivalent of hiding your pornstash on multiple nested folders, anyone who knows how to search files will find it, it's security through obscurity, which isn't really security. Same with MAC whitelist its really east to get the MAC of nearby devices and spoof them. But that...
  8. S

    match default rule, drop

    You really need a vpn if you want to rdp externally to your machines on the network, without's like a bank asking how to keep criminals from climbing in the open window and robbing them, you tell them to close the window and they do, but they open another window and the criminals climb...
  9. S

    match default rule, drop

    If you indeed have two routers(the providers gateway router that you would have no control over), and than your own internal router(one you control) and the provider is setting routes to your internal router than if you change the IP address of your router they would need to update their routes...
  10. S

    Troubleshooting TFTP/PXE with WDS VM and MoFi Network MOFI4500-4GXeLTE-V3 OpenWrt router

    What versions are you running? This looks like an earlier bug with dnsmasq and ooenwrt but should be fixed
  11. S

    match default rule, drop

    I was trying to decipher if that was indeed the case.....if so....yeah very very bad practice, the port attacks most likely were from shodan scanners
  12. S

    match default rule, drop

    Are you using remote desktop externally? Is that router IP the public(external) or the private(internal)?
  13. S

    need some ubiquiti guidance PTP wireless bridge network

    Also for ubiquity APs you can tag them for a specific VLAN per ssid
  14. S

    need some ubiquiti guidance PTP wireless bridge network

    Create a new subnet and dhcp pool separate from your main network, assign the port that is connected to your wireless bridge to a VLAN, confirm VLAN is working by checking IPs of devices in other building should be on the new network you created, normally you'd have to set-up inter-vlan routing...
  15. S

    Why does uploading at max speed on fiber have to be so difficult ?

    I'm over here with 10meg uploads I'd love to get fiber but not available here :(
  16. S

    Device name not showing

    Makes sense glad you got it sorted
  17. S

    Device name not showing

    Check your phone's IP, than check your DHCp lease on your router, if your phone is connected it's getting the IP from the router, you can confirm its your phone based in the MAC address in each, the router may not be showing the name, but thats ok confirm first with IP and MAC
  18. S

    Need some LR/PTP help

    That isn't that far, and if it's connecting to a Spectrum Wireless wifi(which is usually pretty weak) the easiest/cheapest solution would honestly be to get an outdoor LR AP, either ubiquity or another brand, use the POE injector and mount the AP on the outside of the house pointing at the...
  19. S

    How do you create a "No Logs" network?

    Of course there is a reason, first you need to understand that there is a BIG difference between an IDS and an IPS, an IDS is an "intrusion detection system" it simply detects and alerts you, it's than up to the user to take some sort of action on the alert, but if you have no one looking at...
  20. S

    How do you create a "No Logs" network?

    Tons of monitoring is only good if you have someone analyzing those logs for signs of compromise, I've seen too many companies buy all sorts of logging security tools, endpoint, network, deep packet inspection, etc, but they don't hire the right people to look at those logs, or worse they don't...
  21. S

    How do you create a "No Logs" network?

    Funny, but useless and inaccurate.
  22. S

    How do you create a "No Logs" network?
  23. S

    Passive Network Tap

    There is absolutely nothing illegal about monitoring your own internal traffic, people hear TAP and think "omg spies! illegal" come one now.
  24. S

    How do you create a "No Logs" network?

    The more you try to secure the easier you are to track actually look as browser fingerprinting, there comes a point where adding additional security is actually not good thing, you're never going to be 100% safe online, you'll never be 100% anonymous online, you can continue to try, but you're...
  25. S

    Attempting my first real Home Network, could use some help

    Personally i think the udm pro is a bit much in this setup, from my understanding the main selling point is that it has router/switch/ap all in one machine, you're already purchasing a separate switch and separate APs so honestly i don't see why'd you'd want the udm pro, instead I'd look at...
  26. S

    Strange issue with my networked printer - any ideas?

    Delete the job history on the printer, manual can be found here After deleting the job history check again in a few weeks and see if you're still getting weird reports
  27. S

    wifi bridge across house

    Why do a bridge at all? Just set one router into AP mode amd let the main router handle the rest, bridges are really for longer distances not across an apartment, the other option is Ethernet over power adapters for cheaper, uses your in-house electrical wire no need to get anymore complicated...
  28. S

    Best way to route ... HW vs SW

    Public IPs are more of a security risk because you can get location information and there are online tools that can scan them to see if there are any vulnerabilities(aka weaknesses) that could allow them in, private IPs aren't as bad, because honestly they are defined ranges all ready, just less...
  29. S

    Best way to route ... HW vs SW

    That's probably because of the rest of the network, your IP scheme is all messy and its probably getting confused, I'd set all the SSID and passwords the same on all routers, personally I'd set up the ISP modem in bridged mode and disable the wifi on it(unless you need it of course) and the...
  30. S

    Best way to route ... HW vs SW

    Also remove/block out your public IP You're asking for trouble leaving it there
  31. S

    Best way to route ... HW vs SW

    Are you defining these networks? Or are you just taking whatever network the router gives you? Where is your dhcp server? Do you have a dchp server for each network or are these VLANs and you've defined the scope off of a primary DHCP server?
  32. S

    802.1x wireless authentication - RADIUS (NPS) certificate confusion

    For android i believe the domain field is looking for the FQDN of the RADIUS server
  33. S

    Networking with Ubiquiti

    As with everything it depends on the use case, Ubiquity/Unifi was in a niche market for awhile "prosumer" gear they are NOT by any means up to enterprise standards, but their price also reflects that reality. They do have more expensive offerings but I wouldn't say they are enterprise grade...
  34. S

    Networking with Ubiquiti

    I have all ubiquity, harder to initially get set up than normal consumer gear, but once it's set up and configured it just runs, i haven't had any issues except with then cloud-keys(burned up on me), but other than that no issues here set it up, configured everything, and it just works, and is...
  35. S

    Guys, why does my ethernet disconnect while gaming? looks like this is a common issue with windows 10 and driver issues, check out the link above. I thought they fixed this back in...
  36. S

    How to securely share a broadband connection?

    I will say prosumer/enterprise grade AP's are going to need to be reset MUCH less often than consumer gear, personally I use Ubiquity AP's in my home, and for my sisters business, since I set my sisters AP up in June of last year it hasn't needed reset yet, except for firmware upgrades, even in...
  37. S

    How to securely share a broadband connection?

    if you are running ethernet to their residence, don't let them get their own wifi router, instead you can place your own AP's connected to your main switch, this way you control the security not your residents, you provide them with the SSID/Pass, each on it's own VLAN, and VLANS aren't allowed...
  38. S

    just ordered Starlink

    Did you actually cross services from a real sailor to a puddle jumper? you must be over 5'5 than ;), I was a spook for just shy of 8.
  39. S

    Move all of my smart devices over to an older access point?

    common misconception, separating over to another network doesn't mean you can't access them, it just means you control what/how they are accessed, and more importantly what the IOT devices are allowed access to in the other direction. I have all of my IOT devices separated in their own VLAN, I...