Just curious about others experiences with v2 of the Edgerouter firmware. I have a ERPOE5 and I have been running the v1.10.10 firmware. I remember there were some issues when it first came out and I am curious on others experiences with it and if its worthwhile to upgrade. Keep in mind this is for home use/homelab.
While doing some research on implementing firewall rules on the EdgeRouter-X, I came across a post in the Ubiquiti community forum on the latest firmware release v2.0.1.
It turns out that users are encountering performance issues with firmware v2.0.1 and in rare cases; bricking the router itself which led to Ubiquiti pulling the v2.0.1 firmware for EdgeRouter-X from its’ site.
Navigate to the connection Firmware Manager to verify the available firmware releases. Select the Upgrade devices option on the EdgeRouter that you wish to upgrade. Choose to either schedule the update or upgrade the firmware directly (select ). The EdgeRouter will automatically reboot once the firmware upgrade is complete. New EdgeMAX software version v1.9.1 for EdgeRouter products has been released and is available here: ERLite-3. Loading Ubiquiti Community. Hi,I just got my EdgeRouter - X and tried to upgrade the firmware by CLI and GUI and both failed. Downloaded the file and use $ add system image c.GPL.ER-e50.v.1.8.4853089.tbz2. Geting a message 'Cannot find upgrade image. Hi,I just got my EdgeRouter - X and tried to upgrade the firmware by CLI and GUI and both failed. Downloaded the file and use $ add system image c. Geting a message 'Cannot find upgrade image.
Even though I did notice that the Bandwidth utilization graph no longer shows utilization on any other interface except for eth0 (Which I boil down to a cosmetic bug), I did not experience any performance issues reported by other ubiquiti users.
The advice from other ubiquiti users is to revert back to v1.10.9 which is currently considered as the most stable EdgeRouter-X firmware version.
To err on the side of caution, I decided to downgrade my router’s firmware back to v1.10.9.
Reverting to a previous firmware on your ubiquiti router is easy, there is no need for you to waste precious time finding, downloading and uploading the previous firmware to your device. Thus, saving you some headache when upgrades go wrong in a mission-critical network environment.
Whenever a firmware upgrade is performed, the current firmware will be set as secondary firmware by EdgeOS as opposed to deleting it (This practice is pretty much in line with most enterprise network vendors out there) and the current firmware will now be the latest firmware that you have uploaded to the router.
Step 1- Run ‘show system image‘ to see what are the firmware that is currently on your router.
Step 2- Run ‘set system image default-boot‘ to switch the firmware to be booted.
Step 4- Once you answer “Yes”, the firmware switch will take place and the expected output are as follow:
Step 5- Run ‘show system image‘ again to verify that the firmware has been switched successfully
Edge Router Firmware Update For Os X Download
Step 6- Then run ‘reboot’ to have the firmware switch take place.
The UbiquitiEdgerouter 4 is a fast, powerful, and highly customizable piece of equipment. But, in part because of this, it's more difficult than most commercial routers to set up from scratch. This guide will take you through the setup process from start to finish.
Assumptions
This guide assumes that:
You will need
Before you begin, make sure that you have the following:
Before you start
If you have a combination modem/router from your ISP (internet service provider), you will need to put it into “bridge mode” before you start. Essentially, this will turn your combination modem/router into just a modem, and prevent the problems that arise from your having two routers on the same network. The instructions that came with your particular modem/router model should explain how to do this.
WARNING If you have AT&T Fiber, this is not possible without a lot more work,. This is because the modem/router that AT&T provides is needed to authenticate with the network, and thus it cannot by bypassed.
Make your initial connection to the Edgerouter
Use an ethernet cable to connect your computer to the Edgerouter’s
eth0 port.
Next, you’ll need to bring up the in-built, browser-based GUI. Out of the box, the default IP address of the Edgerouter is
192.168.1.1 . Because there is no DHCP server, you’ll need to manually edit your computer’s TCP/IP settings so you can connect. You should use:
IPv4 Address:
192.168.1.2 Subnet Mask: 255.255.255.0 Router: 192.168.1.1
Apply these settings. Then open your favorite web browser and navigate to
https://192.168.1.1 . Ignore any warnings about SSL certificates.
Run the setup wizard
The first thing you’ll see is a login screen. The default username is
ubnt , and the default password is ubnt . Log in.
Once logged in, agree to start with the default wizard.
In the Internet port (eth0 or eth3/SFP ) section, set “Port” to
eth0 , “Internet connection type” to DHCP , and make sure that “VLAN,” “IPv4 Firewall,” “IPv6 Firewall,” and “DHCPv6 PD” are unchecked.
Do not check “Bridge LAN interfaces into a single network” in the “Bridging” area.
In the LAN port (eth1) section, enter
10.0.1.1 before the / and 255.255.255.0 after it.
Ignore the (Optional) Secondary LAN ports (eth2) section.
Finally, in the User setup area, select “Create new admin user” and set up a new user with a new password. Make sure you write down the details.
Click
Apply .
WARNING When you set up a new user, the Edgerouter will delete the default one. So make sure you write down the details correctly.
Move your ethernet cable from eth0 to eth1
After you’ve clicked
Apply , you need to physically move the ethernet cable that is connected from your computer from the Edgerouter’s eth0 port to the Edgerouter’s eth1 port.
Next, you’ll need to set your computer to accept an IP address via DHCP, rather than manually.
After about a minute, the Edgerouter should come back up, and your computer should be assigned an IP address. Now you can navigate to the GUI at
https://10.0.1.1 .
Setting up your modem
The next step is to set up your internet connection. To do this, run an ethernet cable from your modem to the Edgerouter’s
eth0 port. In most cases you’ll need to restart the modem having done this. In some cases, you may need to restart the Edgerouter, too.
Test your internet connection
Wineskin for high sierra mac. Once your modem comes back up, your Edgerouter should show an IP address in the
eth0 field:
SSH into the Edgerouter
The rest of the setup process outlined in this guide will be performed via the command line. Some of the things we are about to do can be done via the GUI, but when you are doing a lot of configuration at once, the command line is much more efficient. Moreover, it’s good to know how to control the router should you lose access to the GUI.
To gain SSH access to the Edgerouter, we will need:
Using the above variables, to SSH in to the Edgerouter, you’d type:
At the password prompt, you’d type your password, and then press
Enter .
NOTE In most circumstances, you will not see your password appear on the screen as you type. This is a security measure. Simply type as usual, and then press
Enter .
If successful, you will see an output that looks something like this:
Welcome to EdgeOS
By logging in, accessing, or using the Ubiquiti product, you acknowledge that you have read and understood the Ubiquiti License Agreement (available in the Web UI at, by default, http://192.168.1.1) and agree to be bound by its terms.
Linux 10.0.1.1 4.9.79-UBNT #1 SMP Tue Mar 12 16:18:59 UTC 2019 mips64
Welcome to EdgeOS Last login: Tue May 7 10:12:59 2019 from 10.0.1.x [email protected]:~$ Enter configuration mode
To make changes, you need to enter configuration mode. To do this, you simply type:
[edit]
[email protected]#
You are now able to edit the Edgerouter’s configuration.
Set a hostname and disable unused ethernet ports
First, we will give the Edgerouter a name on the network — in this example,
router.your.house . Type the following, followed by the hostname you want the Edgerouter to adopt:
Next, we will label our active WAN port (
eth0 ) and our active LAN port (eth1 ), and disable the Edgerouter’s two unused ethernet ports — in this case, eth2 and eth3 :
To save these changes, run: Dvd profiler for mac os x.
and then:
NOTE The
commit command saves the changes to the Edgerouter; the save command makes sure that those changes will persist after a reboot. To get out of the configure mode completely, you simply type exit , but we won’t do that yet.
Enable UPnP
Next, we will enable Universal Plug and Play. UPnP is a set of protocols that allows certain devices on your network to discover each other without the need for manual settings. Php for mac sierra update. It can be especially useful if you have a games console such as an XBox or Playstation 4:
Set a manual DNS server (optional)
If you intend to use the DNS servers provided by your ISP, or you don’t know what a DNS server is, you can ignore this step. Because you set up your “Internet connection type” to DHCP, the Edgerouter will automatically inherit DNS servers from your ISP.
If, by contrast, you want to set a manual DNS server — for example, a Pi-Hole — you’ll want to do that now. To do this, run (this assumes that your DNS server is at
10.0.1.10 ):
Set up your DHCP reservations (optional)
The Edgerouter will automatically allocate every connected device an IP address within the DHCP range. This IP address may change every 24 hours. For most devices, this is fine. For resources such as servers, however, it makes more sense to force the Edgerouter to hand out the same IP address every time so that you always know where to reach it. This is also known as a “setting a static IP.”
To set a static IP, you need to know:
Assuming that the DHCP server is called LAN1, that its subnet is 10.0.1.0/24, that the device you’re giving a static IP address is a server that you want to label “Server,” that the server’s MAC address is aa:bb:cc:dd:ee:ff, and that you want the Edgerouter to give it the internal IP address 10.0.1.200, you’d run:
You can set as many of these as you want. When done, run:
Set up an IPv4 firewall
Next, we’ll set up a basic IPv4 firewall, and limit access to the router’s GUI and SSH interfaces—and to any network address translation (NAT)—to machines that have been explicitly added to a list of trusted external IPs:
With the above lines, we are:
Naturally, if you want to add more IPv4 addresses (e.g.
987.654.3.21 to your trusted group, in this instance called Trusted_IPs ), you’d just run multiple lines of this sort:
Port forwarding and NAT (optional)
Next, we need to make some exceptions to the above rules, so that certain types of IPv4 traffic can reach devices behind the router. There are two ways of “poking a hole” in the firewall: “port forwarding” and “NAT.” For the purposes of this guide, we will use port forwarding to allow certain types of traffic that originates from anywhere, and NAT to allow certain types of traffic that originates only from the IP addresses we placed on the Trusted IPs list.
Port forwarding (optional)
As explained above, we will use port forwarding to enable outside traffic to access certain resources on our network, irrespective of where it originates. This can be useful if, for example, you have a Plex Media Server on your network, and you want to be able to watch movies from it from anywhere in the world.
The first step is to enable the auto-firewall and hairpin-nat, and to tie the port forwarding process to our WAN (
eth0 ) and LAN (eth1 ) ports:
![]()
Next, we need to set some rules. We need to know:
Edgerouter Poe Firmware Update
Given the variables above, to set a port-forwarding rule, we’d run:
We can set as many rules as we like using this rubric. Obviously, each rule will need a different number.
When you’ve finished setting your rules, run:
Set up NAT (optional)
We’ll use NAT rules in pretty much the same way as above, except in this case we’re going to limit access to the
Trusted_IPs list we established earlier. This can be useful if, for example, you have a server that you want to be able to access remotely via SSH, but which you don’t want just anyone to be able to try to access.
Here’s a sample rule:
The above rule tells the Edgerouter to examine any TCP traffic on port 22 that arrives on the WAN port (
eth0 ) and either:
We can set as many rules as we like using this rubric. Again, each rule will obviously need a different number.
When you’ve finished setting your rules, run:
Set up IPv6 (optional)
Some ISPs offer IPv6 support. If you don’t know what this is, we’d recommend leaving it alone. If you do, running these lines should set you up:
To confirm that this has worked, we need to exit the configuration mode. To do this, we simply type:
Now we can check to see if both
eth0 and eth1 are running IPv6 correctly. To do this, we’ll run:
You should see an IPv6 address under
eth0 and an IPv6 prefix under eth1 :
Codes: S – State, L – Link, u – Up, D – Down, A – Admin Down
Interface IP Address S/L Description ——— ———- — ———– eth0 1.2.3.4/21 u/u Internet 2001:558:6043:1e:e112:d0a9:282a:197e/128 eth1 10.0.1.1/24 u/u LAN 2001:db8::1/64 eth2 – A/D – eth3 – A/D – lo 127.0.0.1/8 u/u ::1/128 Set up an IPv6 firewall (optional)
Because you have exited configuration mode in order to test your IPv6 configuration, you’ll need to get back in before you make the rest of your changes. To do this, type:
The first step is to set up a basic IPv6 firewall, as we did for IPv4:
The above firewall does the same as our IPv4 firewall, with three differences:
![]()
If you have a standard setup, you won’t need to change any of this.
Last, we’ll set up outside access to the devices behind the router. Because IPv6 does not use Network Address Translation, there are no NAT rules or port forwarding rules here. Instead, we need to set up a rule for every single device. In the below example, we’re allowing IPv6 traffic to access TCP port 32400 on a server running Plex, the IP address of which is
2001:0db8:85a3:0000:0000:8a2e:0370:7334 .
You can add as many of these are you need. If you need to open multiple ports, just add them in sequence, like this:
You can also limit access by source IP, as in
LOCAL rule 50 above.
Set up dynamic DNS (optional)
Most residential ISPs do not give you a fixed IP address, which can cause problems if you’re using DNS to access your router (e.g., if you’ve pointed
router.your.house at the your router’s IP address). You can get around this by using a “dynamic DNS” service. For this guide, we will use no-ip.
To make this work, you first need to get a free dynamic DNS address from no-iphere, and then to tell your router to automatically update no-ip when its IP address changes.
Assuming that the DNS address you got is
yourhome.ddns.net , your user account is youraccount , and your password is yourpassword , you’d run the following:
If you want to keep using your customized DNS address, you’d just set the following in your own DNS records:
router.your.house CNAME yourhome.ddns.net
That way, if your router’s address changes, it doesn’t matter. You’ll always be able to access it from your customized domain name.
Add your router to UNMS (optional)
If you are running UNMS, you can add your Edgerouter to your setup by running the following and including your UNMS key. You can find your key inside UNMS by going to
Devices and clicking on Actions → Add Ubiquiti Device , and then Copy UNMS key and paste into device configuration :
Set up an SSL certificate (optional)
Finally, we will add an SSL certificate that corresponds to the hostname you just set — in our example,
router.your.house . This will allow you to securely access the web interface (GUI) of your router both inside and outside your network.
If you do not own a domain name that you can point at your router — or if this is not important to you, you can skip this step. If you do own a domain name for this purpose, set up an A record that points at the WAN IP address of the Edgerouter.
Once that has been done — and the record has propagated, run the following commands (replacing
router.your.house with your own address, obviously). Thanks to Github user j-c-m for this script:
Now, try to visit
https://router.your.house in your browser. It should load over https without any errors. If, having run the script, you find that the GUI will not load, run:
CostProducts FeaturedUpdate
Some readers were confused when, having used SSH to log in, their passwords did not show up on the screen as they typed them in. We have updated the guide to note that this is expected behavior.
Notice an error?
Have we got something wrong? Please let us know and we’ll fix it right away.
TagsCommand LineEdgerouterComments are closed.
|
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |