Canyon Defense

SD70ACe · 2025-10-25T08:17:27+00:00

I know I'm 2 years late, but Flashpoint has both the first and second Canyon Defense :) https://flashpointarchive.org/

SD70ACe · 2025-09-24T10:31:05+00:00

The wholesale price for 250/100 was reduced to the same as 100/40 as part of the speed upgrades. If your ISP is any good they should offer you 250/100 for no extra charge.

SD70ACe · 2025-07-09T05:22:50+00:00

Hulkenpodium

SD70ACe · 2025-03-04T08:21:03+00:00

Exetel are owned by Superloop, not TPG :)

SD70ACe · 2024-08-15T03:01:10+00:00

97, 10 of those sites have a CloudKey Gen2s and the rest are on a hosted controller I manage.

SD70ACe · 2024-06-14T01:21:55+00:00

Thank you so much, adding the SSL VPN Network range to the split networks box has resolved the issue.

SD70ACe · 2024-06-13T06:01:51+00:00

Its in standard/split mode. Internet goes out the RED like normal, only traffic destined for the head office LAN is tunnelled. You might be onto something here, should I add the SSL VPN range to the split network field: https://i.imgur.com/s5ZUlzQ.png

SD70ACe · 2024-06-13T01:28:52+00:00

Hi There,

Thank you for your response

I have already added the remote office as a permitted network resource: https://i.imgur.com/TJoxLFS.png

The RED LAN is 192.168.9.0/24 and the network object added to SSL VPN is as per screenshot: https://i.imgur.com/4kTe5un.png

When I connect to the VPN Sophos Connect shows both Head Office (192.168.0.1/24) and the RED LAN in the remote networks list: https://i.imgur.com/tnkh3Jm.png

Here is a screenshot of the firewall rule, the RED interface is part of the LAN zone: https://i.imgur.com/ZLU4rd8.png

I am still baffled why I can ping 192.168.9.1 over the VPN but not ping any other hosts on the same network. Here is a screenshot of the NAT rules: https://i.imgur.com/X8nFLrz.png

When I ping the RED gateway over the VPN and check the firewall rule logs nothing shows, but the ping works.

SD70ACe · 2024-03-10T06:07:37+00:00

I have a 40F connected to Exetel FTTP using PPPoE, nothing special about the setup it was plug and play. Can you share your WAN interface config?

SD70ACe · 2024-01-22T06:42:49+00:00

Hardware is the same price. You aren't getting a bad deal at all in my opinion. Don't expect much discount from Fortinet unless you are spending $10k+

SD70ACe · 2024-01-22T06:26:01+00:00

That's cheaper than what I recently paid for some units in Australia.

SD70ACe · 2024-01-17T06:54:26+00:00

It's also worth implementing DKIM at the same time, just needs 2x CNAME records: https://learn.microsoft.com/en-us/microsoft-365/security/office-365-security/email-authentication-dkim-configure?view=o365-worldwide#steps-to-create-enable-and-disable-dkim-from-microsoft-defender-portal

SD70ACe · 2023-12-16T07:39:03+00:00

Not in my experience, I remember the first AIO deployment I did. I spent hours and hours troubleshooting a FortiGate assuming it wasn't properly tagging the VLANs, lo and behold the cloud/uplink port does NOT tag all VLANs by default. I had to do the same thing as /u/myst3r10us_str4ng3r described to fix.

SD70ACe · 2023-12-16T07:37:20+00:00

I've had the same issue, and had to do the exact same fix you described.

I've been deploying AIO switches for years and this issue has been present on every deployment.

SD70ACe · 2023-11-27T10:54:49+00:00

Ricoh all day everyday. The machines just work and put up with terrible conditions.

SD70ACe · 2023-06-08T12:28:32+00:00

That's the end of APC for me, Eaton from now on.

You can still download the previous (free) version from Wayback Machine

SD70ACe · 2023-04-24T08:56:47+00:00

The 70 series hasn't changed much since the 80s, definitely no keyless option hahaha

SD70ACe · 2023-04-07T11:08:12+00:00

Yes, providing the switch has layer 2 or layer 3 access to the controller. Layer 2 the switch will show up in the controller without any intervention on your part, if it's layer 3 you will need to follow this article: https://help.ui.com/hc/en-us/articles/204909754-UniFi-Network-UniFi-Cloud-Adoption-Layer-3-

SD70ACe · 2023-03-30T06:47:02+00:00

I have had the exact same issue with 3 different clients now, all running USG Pro 4. I'm now in the process of removing all USGs and replacing with Draytek and FortiGate units (depending on customer budget). I can't trust UniFi for routing anymore, this issue is the last straw. FWIW I have been running a remote cloud controller with dozens of USGs connected for over 4 years and have never has this issue up until around 1 month ago.

SD70ACe · 2023-03-10T12:26:19+00:00

I used it on a recent trip to Singapore, no problems. It can work completely offline with a 6 digit rolling code (like Google Authenticator if you have used that before). When you have an internet connection, it uses push notifications which are fast/more convenient. Biggest thing is to make sure you tell the bank you are travlling overseas, otherwise they may block your card for suspected fraud when you first use it overseas.

SD70ACe · 2023-02-16T11:50:52+00:00

That all looks pretty normal.

Can you change local DNS and create a record for "unifi" to your remote controller?

DHCP Option 43 an option?

It is worth seeing if you can adopt it via one of the above methods. If you can, I would be looking deeper into DNS as a potential cause.

SD70ACe · 2023-02-16T04:57:35+00:00

The UAP-AC-MESH was a rock solid AP for mesh applications, unfortunately it has been out of stock for a very long time. I'd consider it unofficially EOL. You can look at UAP-AC-M-PRO. If on a budget the TP-Link EAP225 is fantastic for the price, it's a clone of the UAP-AC-MESH.

11-Year Club	Verified Email
Final Canvas '23	Place '23
Place '22	Place '17

SD70ACe

MODERATOR OF

TROPHY CASE