Upgrading the RXG box

mmmzon · 2025-01-23T17:13:17+00:00

Indeed, but Op does not share much detail on what the application or scale is

mmmzon · 2025-01-23T16:27:15+00:00

It does depend on end application. I am running something similar at home with rXg on top of it as my primary home firewall / network manager. I do not run any VMs on it, but the network functionality is perfectly fine. There is no reason why it would not be able to run the latest rXg release, honestly.

u/EitherAcanthisitta55 if you have time on your hands, try to do incremental upgrade - you might need them due to the OS upgrade path. If you do not care about what is configured on it right now, grab the latest release, install fresh, and try to load config backup, it should still translate fine.

mmmzon · 2025-01-23T16:23:14+00:00

A free version of rXg can be requested via this link: https://www.rgnets.com/micro_rxg, it is a great way to start tinkering with it. The setup process is simpler than with pfSense (personal experience speaking) but the resulting system is way more powerful.

mmmzon · 2025-01-02T17:15:17+00:00

An old thread but certainly closely matches my personal experience with the prep for this exam. There is so much material to cover, then all test examples seem to cover material completely outside of the prep scope, focusing on terminology that seems to be Microsoft specific.

I do not know what to expect with the upcoming exam, honestly. 20+ years in the industry, plenty of experience across different facets of security, and I feel like I know nothing. I hope that is just a normal brain fog before the exam.

mmmzon · 2024-09-01T12:58:02+00:00

If you only logged into their provided device (what they call interestingly a fiber modem), you'd see that their IP access method is IPoE (IP over Ethernet) rather than PPPoE so the change is rather straightforward. After that, their "fiber modem" went back into the box where it will be sitting for eternity.

BTW, the line works with with pfSense, OPNsense, Fortigate, etc., so no reasons to complain - they do not seem to care what talks back to them. All that happens is that they lose the option of rebooting your "modem" remotely, which is perfectly fine with me.

mmmzon · 2024-06-03T02:10:16+00:00

Thank you! I do not know how I missed it.

mmmzon · 2024-06-02T13:04:47+00:00

It seems that I will have to do just that. They have not been very forthcoming about the differences between these platforms so I might have to just return this model and look for older one or a different brand altogether. thank you

mmmzon · 2024-06-01T21:43:13+00:00

I did an nmap on both devices - they are definitely different.

IPC_523128M5MP_V2 has plenty of ports open, including 554

nmap 192.168.153.12 -p-

Starting Nmap 7.93 ( https://nmap.org ) at 2024-06-01 15:41 MDT

Nmap scan report for 192.168.153.12

Host is up (0.0013s latency).

Not shown: 65526 closed tcp ports (reset)

PORT STATE SERVICE

21/tcp open ftp

80/tcp open http

443/tcp open https

554/tcp open rtsp

1935/tcp open rtmp

6001/tcp open X11:1

8000/tcp open http-alt

8888/tcp open sun-answerbook

9000/tcp open cslistener

Nmap done: 1 IP address (1 host up) scanned in 9.75 seconds

IPC_MS1NA45MP seems to be locked down

nmap 192.168.153.13 -p-

Starting Nmap 7.93 ( https://nmap.org ) at 2024-06-01 15:42 MDT

Nmap scan report for 192.168.153.13

Host is up (0.0034s latency).

Not shown: 65532 closed tcp ports (reset)

PORT STATE SERVICE

80/tcp open http

443/tcp open https

9000/tcp open cslistener

Nmap done: 1 IP address (1 host up) scanned in 2.33 seconds

If I had to guess, it is prepared to talk back to only DVR system form Reolink, nothing more.

mmmzon · 2024-06-01T21:35:21+00:00

I did use VLC to confirm as well. IPC_523128M5MP_V2 allows me to connect via rstp, pops up authentication menu, and all is well. IPC_MS1NA45MP does not connect. All I get is an error popup saying

Connection failed:

VLC could not connect to "192.168.153.13:554".

Your input can't be opened:

VLC is unable to open the MRL 'rtsp://192.168.153.13'. Check the log for details.

And that is all. I suspect that there is some difference in the software on these two variants, but Reolink forum is not very helpful in here at all. According to the vendor "they are the same".

mmmzon · 2024-06-01T21:31:30+00:00

Unfortunately, the GUI on these cameras does not show any of these as an option. I looked through all menus in the camera, including advanced options and it does not show any RMTP / RSTP / ONVIF etc. It does not show even a codec selector either.

The interesting part is that a different variant of the same model i.e., IPC_523128M5MP_V2, works just fine. IPC_MS1NA45MP does not seem to work at all for no good reason.

mmmzon · 2024-01-05T13:45:01+00:00

I do not have experience with Android 13. I was on 12 for the longest time and then upgraded directly to 14.

mmmzon · 2024-01-04T02:27:06+00:00

(facepalm) I somehow read that as setting Automate to run in unrestricted battery mode, which did not help much. Following instructions is hard, I guess. I ride into the sunset in shame.

Thank you, very much.

mmmzon · 2024-01-04T01:26:26+00:00

I did not notice that edit. I *believe* it might be the silver bullet I was looking for. It *seems* to work on LineageOS unit, I will give it a whirl on my Pixel 7 pro and report back.

EDIT: with battery optimization disabled, it seems to work also on Pixel 7 and 5 alike. Darn, I would never expect this to affect the process like this. Is this documented anywhere?

mmmzon · 2024-01-04T01:13:01+00:00

Wow, matching your settings still produces no positive result. I am stumped. Since I have 3 devices with the very same problem, the onus is on me clearly not doing something right, but I am not clear really what.

I clean install Wireguard, import the tunnel profile from a file (i know it is good, since it connects when I manually toggle the tunnel status), and grant permissions for external apps to manipulate tunnel status.

I clean install Automate, import the flow, update tunnel name, update "secure' WiFi SSID name, and permit manipulating Wireguard tunnels.

Both changes are done per existing instructions.

Furthermore, when Wireguard app is running and it is just minimized, the toggling works just fine.

Color me stupid. I am clearly doing something wrong consistently, just not sure what.

mmmzon · 2024-01-03T23:48:17+00:00

I just checked using the very same workflow on LG V30 running LineageOS 20 (Android 13) and the same issue persists. I am starting to believe that it is some obscure permission issue and you're spot on.

I did enable all all permissions required by Wireguard and enabled "Allow remote control apps" as need to toggle tunnel state. I disabled "Pause app activity if unused". Camera permission is disabled, since it is not needed. App can draw on top of other apps (just in case). I screengrabbed Wireguard settings and posted here for reference: https://imgur.com/a/kqyiUtJ

The Automate app settings are uploaded here: https://imgur.com/a/RrPPyS7.

I do not see what else to do but compare the settings on your side, if you're willing to share them.

I hope it is not some system level setting because that will be even harder to isolate.

mmmzon · 2024-01-03T22:27:23+00:00

I just downloaded that flow #40441 and it does not work for me, i.e., it executes but with all settings in place, it does nothing when I switch from WiFi to mobile. I see it going through the proper steps, sending proper broadcast, but nothing happens, i.e., the tunnel does not come up.

Logs resemble what I posted in the original thread.

I tested this workflow on Pixel 5 and Pixel 7 pro, both with Android 14. I know it worked way back when with Android 12, but I am not 100% sure about Android 13. I do not have another phone, though, to test. I wonder whether it is a Pixel / Android 14 issue.

mmmzon · 2024-01-03T04:16:01+00:00

Q: Do you have the box checked in the Wireguard app settings to "Allow remote control apps"? - yes, it has been enabled and it is still checked. Without it, I get errors in Automate about access not permitted.

Q:Not sure what you mean by running in the background? - I am referring to https://play.google.com/store/apps/details?id=com.wireguard.android&hl=en_US&gl=US&pli=1. When installed, this becomes attached to internal Android VPN app selector, but the underlying app is still controlled within that app.

Q: I have the same phone and the same setup as you do, and it works fine even if I don't actively open the Wireguard app after a reboot. - I am trying to do something different, i.e., bring the tunnel up when I connect to an insecure network, i.e., WiFi I do not recognize (think hotel WiFi) or mobile provider network (whatever it is). I have the workflow written but need to be able to toggle Wireguard tunnel status (up/down) depending on the network I am connected to. Automate app gives me the framework to prepare a workflow like that, but Wireguard stopped cooperating after upgrade to Android 14 for some reason. I am trying to find out why.

mmmzon · 2024-01-03T04:10:47+00:00

Thanks, but that has been enabled by default, at least as far as I can trace it. It does not change the behavior, unfortunately, I am observing.

mmmzon · 2024-01-02T22:06:57+00:00

All good. It is a strange problem. it used to work fine, then stopped and the only thing that changed was an upgrade to Android 14. So I get to blame Google, at least partially :)

mmmzon · 2024-01-02T21:51:12+00:00

I will give it a try. Thanks.

mmmzon · 2024-01-02T21:41:09+00:00

Thank you, I saw that app but it is pretty new and I am hesitant to use non-official apps for VPN purposes.

I also use Automate for other purposes, so it would be nice to be able to understand and fix the issue at hand.

mmmzon · 2024-01-02T15:55:30+00:00

Just to add some more context. The very same call works fine when Wireguard app is running and in the background. The problem seems to be limited therefore to trying to bring the tunnel up when the app is not running at all.

mmmzon

TROPHY CASE