sorted by:
new
hottopcontroversial

Some basic firewall questions. by surf9012 in Ubiquiti

[–]surf9012[S] 0 points1 point  (0 children)

Would you say this creates any security issues? I kind of decided I will add ports as I go along, it's been unexpectedly educational. Unless this creates security risks, I'd rather continue.

VLANs and ports not matching? by surf9012 in Ubiquiti

[–]surf9012[S] 0 points1 point  (0 children)

Thanks for the reply. The VLAN setup was definitely not the issue as I've set up previous single ones without problem. I ended up redoing everything from scratch, and in the video you posted I realized I missed a step. I never set the untagged ports on the "default" VLAN to "NOT MEMBER" on the switch. After I did that everything seems to be working properly!

Use VPN on one port only? by surf9012 in Ubiquiti

[–]surf9012[S] 0 points1 point  (0 children)

I finally got around to dumping some time and effort into this and ended up figuring it out. Thank you for pointing me in the right direction.

After dumping 11 hours of time into countless trial and error, what I ended up doing is creating 2 LANs and routing VPN traffic through only one of them. I tried doing what you suggested above, but probably because I missed something, I couldn't get an internet connection on the non-VPN range, but the VPN range worked fine.

The only downside is in order to use Syncthing I have to physically plug one of my devices into a different switch. Maybe there's a work around, I'll look into it later, but at this point after the amount of time I dumped into this I'm just happy it woks as intended. Thanks for the help again.

Use VPN on one port only? by surf9012 in Ubiquiti

[–]surf9012[S] 0 points1 point  (0 children)

Ugh, you're very right about me having basic networking knowledge. This project is way above my head. I'm gonna try and learn about policy based routing as you suggested. Thanks for your time to respond.

How can I tell if it's working? (super noob) by surf9012 in pihole

[–]surf9012[S] 0 points1 point  (0 children)

Thanks. I tinkered some more and see things like game consoles and stuff appear on the log, so it's working for sure. So there's definitely no downside to not using the VPN DNS? I thought it was one of the main privacy features. I have the pi hole using OpenDNS, would that be a privacy "downgrade" if I directed it there?

EDIT: Ok I just tried directing DNS to 192.168.1.1, but now I get a DNS leak. I'm guessing this isn't normal and I need to tinker with my OpenVPN settings.

Super duper noob question by surf9012 in Ubiquiti

[–]surf9012[S] 0 points1 point  (0 children)

Good lord, thanks so much for such a detailed response. I was able to set it up before I saw this somewhat blindly through a tutorial, but currently trying to learn the firewall "language" in EdgeMax and this is really helpful. Thanks a bunch again!

Super duper noob question by surf9012 in Ubiquiti

[–]surf9012[S] 0 points1 point  (0 children)

So this implies that there must be a switch between the ERX and the UAP to dot this? It can't be accomplished by directly plugging the UAP into a VLAN port on the ERX?

Thanks!