#networking

as far as i know, if your wifi router is acting like an actual router, it will either do dhcp itself or won't quite work as a router (i don't think you can have a dhcp server on a completely seperate network, which the LTE router is in, due to the presence of the Wifi router...unless you mean "wifi access point" which just does Wifi, like a wifi version of a switch). Also, in order for DNS to propogate to every device the best way is to set it on the DHCP (i.e. tell every device that "pi hole" is the dns server as part of the dhcp settings. which i don' tthink you're accounting for. What are you trying to do here?

Uhh, let's rephrase that a bit.
The LTE Router is the "modem".
WiFi Router is the WiFi AP.

What am I trying to do is that I extend the network connection from the modem to the WiFi AP.

Also, in order for DNS to propogate to every device the best way is to set it on the DHCP
So, does that mean I have to disable DHCP from the "modem" and switch it on the WiFi AP?

Anyway, if this setup kills the entire network I have to resort by setting up manually the DNS on all devices because stock PH ISP router sucks.

whats the wifi thing you have?

possibly yes in the long run

that would be my suggestion, if possible put your LTE router/modem thing in "bridge mode" or turn off DHCP/DNS everything and use your wifi router as DHCP ...you may want to also use address reservation for the rasperry PI so it just has one static IP and use that as the DNS in the dhcp settings

got it

It's Comcast after all

Has anyone attempted adding WiFi antennas to a laptop?

Hi, I have a static IP from my ISP and they gavee a FQDN (my_ip.adsl.isp_name.tdl) can I ask them to change it to mydomain.com? They even can do that?

> ping my public ip

64 bytes from ip.adsl.isp.tdl (ip):...

you can point the domain to your public IP through your domain provider, i think

Yes that what I did but still this domain shows up

So even

> ping mydomain.tld

64 bytes from ip.adsl.isp.tdl (ip):...

ask your isp ig

that's called rdns

reverse dns

So I'm on a revers proxy?

no

the whole getting domain name from IP is called reverse dns

normal dns is domain -> IP

basically ask ISP if you can change reverse dns record for your IP

But just in general they can?

https://www.cloudflare.com/learning/dns/glossary/reverse-dns/#:~:text=How does reverse DNS work,reversed%2C and they append ".&text=For example if a domain has an IP address of 192.0.

yeah

OK thanks so match

@peak cloak sorry for pinging, dose every one have a rdns?

no, I"m not 100% sure how it works from a technical POV

but it has to do with a PTR record

👍

my uap ac lr came lets go

Anyone here use the modem and router provided from spectrum

Are LDAP connections only allowed for a set period of time?
Are they supposed to be short or long-lived connections?

good video on how bgp, dns works

https://www.youtube.com/watch?v=-wMU8vmfaYo

Could someone help me setup my mikrotik router with 2 AP's in 13 hours just DM me. thanks in advance! as it keeps having weird problems no matter what I configure and what other people tried to help me with

anyone have any clue why nmap gives me a 404 error when trying to install it on raspbian? sudo apt-get install nmap

Heres the situation:
Server at Location A with Fiber Internet 1G/1G
PC at Location B with DSL Internet 1G/50mb
PC uses Windows built in PPTP VPN to connect to Server for file access
When PC download file from server it downloads at 5MB/s
Shouldnt it download at 100MB/s since the server has an upload speed of 1G

what os are you using on server

@blazing gorge did you run sudo apt update ?

Yup.

It’s weird cause every time I boot up my vm it makes me go through a set up process and I have to reinstall everything

@blazing gorge Try apt show nmap and pinging the repo listed on the APT-Sources line? That's odd, did you remove the .iso from the virtual disk drive after installing?

Oh wait do I have to do that?

Yes, otherwise it will boot from the .iso

Lol

@faint gale I need some help with my networking

I like how you mention some random dude who has the name of smart dude, and break all rules of public chat question asking like "do not ask to ask", etc, gl getting your answer

He is my dearest friend and I believe he can help me with my troubles.

Then take it to the dm's? 😄 if you know them...

This should be a public chat, you ask, any one here can answer, not just a single specific dude

Sorry, didn't mean to commit a hate crime to this server.

I will take it to DMs.

🙄 don't know if your trolling, just gave good advise for asking almost any question anywhere, not only LTT. whatever, I told what I told

hey does anyone know how to configure wireguard with a dynamic port? or do i have to run multiple instances with different ports

bro, if he pings a specific dude, its probably because he needs that dude

Ayo can someone help me setup my unifi ap (just the ap no cloud key or management shiz)

is it worth it switch from 100mb ethernet to gigabit ethernet for streaming?

What res and how many people on your network

res?

Resolution of stream

5 including myself

720p to 1080p

on a bad day the download speed is 40mb and upload speed of 35mb

but the current is

83.47 dw 73.23 ul

Damn you ain’t getting as advertised

?

You ain’t getting 100

is it worth it switch from 100mb ethernet to gigabit ethernet for streaming?

well, does the information that it's going through 20 meters matter?

Have you had bad problems lately with streaming

I haven't tried streaming at all, still trying to setup stuff

Well try it first if you have problems then upgrade

ahh, ok then, thanks

Hi, is that a good for main router for a home? I have servers and sec cams etc. (Mikrotik CRS328-24P-4S+RM)

Always nice to have extra.

So I'm wondering, if I were to order 2 asus routers. And have one connected to the modem(Fiber optic) and the other one routed using CAT6 cables to the attic. Obviously it would have full coverage, but does it like load balance, so say I have my PC and other devices connected to the one in the attic(That is daisy chained to the one downstairs connected to the modem). So like when I'm downloading something on my pc(Which is ethernet connected to the attic one) it would make full usage of the bandwith we got from our ISP

Aka that it won't merely act as an extender but actually do the calculating

so my dad FINALLY got us onto a new isp. right now i get 57mb download and 30 upload on a 100mb download plan (dont know the upload). but now we are switching to 300mb download and 30 upload (i will replace the switches in the house to gigabit switches) would i see a tripling of my download speed or would i get even more (looking generally at steam downloads)

because i download at 7mbps on steam now

and if i would just say i tripled it it would download at 21mbps

would my assumation be correct?

so you actually do not want 2 routers. that causes issues. what r u trying to achieve?

you would think so.. hold on your internet promised speed is 57Mbps? and your steam gets 7MB/s?

Damn ..

?

thats download ookla says

but steam thinks otherwise

but ookla is probs mbit

yeao

small b vs big b...so youre getting about 50+

which is. idk what's happening with the other 50

Sounds about right when converted

but im getting new switches for the 300mbit internet

8mbps\1MB

bcs i think these switches are bottlenecking it

well if everything remains the same u shd see tripling of speed

if not more

IME steam downloads are REALLY fast

Wait are u Daisey chaining switches?

i have no choice

modem of isp is downstairs and my room is well almost opposite of the house from there

but its only 1 switch between my modem and me

And presumably cat 6?

dont know that tbh

It should say on cable. Cat5e should be alright anyway for short distance.

Yeah that shouldn't really be bottlenecking unless they aren't gigabit

cat 5 4 pr

see i didn't think cables made that much of a difference, until i accidentally used the crap i got with my phillips hue to connect my wifi AP

cut my speed down to 25%

If the switch is only 100mbps then that's the problem

yeah quite old switches

But if u know it's gigabit then there's something else up..

but do multiple switches in between modem and pc/device make the speeds go down?

It can yeah depending on how many devices demanding the internet.

oh ok, my brother lives a floor above me (top floor) and has 2 switches in between his pc and modem

but thanks for the info 🙂

Its only 2 pair Cat5, you'll only get 100mbps from it. Thats why I tossed it.

i think what you want to look at as well is stuff like "switching capacity" or whatever it's called (usually an issue with VERY lowe powered or old switches and/or a LOT Of devices that are ultimately just all going through one switch). i've personaly never had any issues even with wierd daisy chaining and long cables (with the exception of the one time i used whatever the hell the phillips hue cable was). I make sure to buy well known gigabit switches

Focusing on switching capacity for anything past 2010 is really not required. Any basic dumb switch is switching in hardware nowadays.

yea otherwise i can't really think of how daisy chaining would make a difference

Are you running DSL?

Im not. I was only commenting on that particular cable included with the hue

Ah

It's just odd they would include that since it's usually used for phone lines lol

yeap...used that one by mistake, i suppose they dont NEED to make it really good but yeesh

i will check if my ethernet cable is connected directly to the modem instead of my dads switch near the modem for downstairs

that wasn't even the worst of it, it somehow failed to deliver PoE, which makes sense in retrospect but wasn't expecting it

Yeah, PoE is not supported over 2 pairs.

It makes complete sense since 4 of the wires, blue and brown typically, run POE

Positive is ran by the blue ones. In a 2 pair link you're not getting the full circuit (Blue gives positive, brown gives negative)

green and orange run data

Basically pin 4-5 and 7-8 are needed to do poe

To give you reference

oh yea i realized that afterwards, just wasn't expecting it right off the bat

Reminds me of wiring up a patch panel years ago

Gawd, there's one thing I'll never get over with my job.

Major anxiety and panic attacks before production changes

Especially when things hang, knowing if it breaks, you're gonna have life flashbacks

At least you're not doing what i'm about to do

I only feel slightly nervous

I get to do a massive change affecting the servers that make our money

24/7 environment

You have a test environment right?

That was what I was basically saying in my situation. Major updates, some changes and an entire migration of assets. All from the main production server instead of a backup. Anything goes wrong and the entire thing could die

nope

its too expensive to make a test environment for networking

Oh gee. Always have one to replicate what you want to do to see what happens

How much hardware are you talking?

we cant buy a million dollars in network gear just for test

commit-confirm 2

I wanna ask so many questions but it’s not safe to discuss any of this here

I do wish you luck though

That’s a scary place to be for sure

almost accidentally deleted whole / on server today

you could argue virtual butttttttt trust me, ive been burned a LOT by hardware doing something unexpected. a virtual cant replicate that

We all have

Was supposed to be */

for example, a switch said it has a valid route somewhere but the linecards decided not to program it

And yes virtual was gonna be a recommendation but you said networking and there’s not a lot in that field in regard to virtual

Being at the mercy of developers in virtual environments is quite uncomfortable

I don't think anyone is going to be labbing whole network

But I do enjoy ESXi

And trust it almost completely

Maybe a specific setup, yeah, but not the whole thing

the change script for what i'm doing is like 5000 lines

touches 30 pieces of gear

took a month or so to write

and 2 seconds to propagate and take down the whole network. :p

Make sure you back up everything in case. That way restores will be easy

restores like that will cause an outage

i have a ton of lines of script to back it out so there is no outage

networks are no longer one/two main devices per zone

you have a bunch of zones sharing the same equipment

It's taking FOREVER to get the cash needed for these https://www.amazon.com/dp/B0931V5847

1 pack equals 2 adapters

ZERO need for a filter since the coaxil is already isolated from everyone else since its a Saterlite network and NOT a cable network

We got rid of the Satelite TV and just have a big atenna in its place now for OTA TV in the entire house

Since it was DirectTV the spliter is perfectly fine for MOCA. AKA 1 Spliter that then runs to each room

Luckily Juniper's virtual images can mimic 99% of the hardware so our vlab is cheap with a single chassis for each model to test against

wat. how are you mimicing actual asics

vMX can mimic it in software

i have a linecard nullrouting a few routes now

the l3 table? valid next hop.

linecard literally saying null0

@hollow marlin how is virtual hardware bug formed?

Hi, it might be stupid question.
Could someone please send me a resource to download imgs for network diagrams?

That would be handy alright

I meant switches images and routers to put in my digram

I am pretty sure draw.io have a bunch, including being a diagram drawing tool

Thanks

Hi everyone, I hope somebody can help with a networking question? Not sure if this belongs in support or not...

It's written here:
https://linustechtips.com/topic/1380969-splitting-bandwidth

for a 100 people building you really shouldn't be using a mesh system

and proper APs with qos

Something like Ubiquiti UniFi-AP-AC PRO Access Point?

So will that have the same smoothness for people when they walk around? So when I have 2 of these laying around and somebody walks from 1 point of the building to another it the device will automatically switch to the other access point?

kinda, you need a controller for seamless roaming

for 100 people you really should have some proper network design

having lots of devices on one flat network could also slow things down a lot

broadcast, etc.

And what about splitting the bandwidth?

use qos

to limit a bandwidth on a user

Can qos also assign a portion of the total bandwidth to 1 device?

uhh, yeah

Do you know any good APs that have this option?

basically anything actually prosumer/enterprise

👍 alright, thanks

some do it better than others

you really want to limit bandwidth on wifi clients

200mbps for 100 people is really stretching it

technically 2mbps per person

Well it's not for them to stream

still for work?

And not all there at once usually

tp-link omada have this

No it's not for work. Those people don't actually "need" it. It's just some extra service to provide for them

ah got it

This looks nice if it can be set per device or user

Per client device

It would be best to somehow so it for everyone, per ssid

Is it a bug in my side or they don't exist in this group?

I can't imagine CEF's table is full which is all I could think that would have different next-hops vs the routing table. vMX can simulate this due to their split of the CP/FP in separate nodes. Bugs however, thats just part of the fun

sip

So I'm building right now my office and I'm putting everywhere cat7 ethernet with a 10Gbit switch and an ubiquiti dream machine pro SE as a router.

But since I have some extra funds for an overkill setup and a part of this setup is a decent NAS for all my computers (Mac Mini + workstation + some mobile devices) I was wondering if I should go for a totally overkill network cards for it. I'm thinking about 40 Gbps direct connection to my workstation and a 10Gbit for everything else. Anyone got some experience with a setup like this?

I'm mostly interested in having a NAS directly connected to a workstation with 40 or 100Gbit connection, since I already have some experience with regular 10Gbit ethernet at home

pretty sure there's a few lTT videos on 40gbit stuff but at that point you end up running into bottlenecks with drive speeds

You can't use ethernet

That's one thing

I could use cat8, but there are no cards

nah, just go fiber

There is no equipment that uses anything over 10G over copper 8p8c

om3 can do 100 too right?

Yes

I don't even know if sfp+ can do over 10g

no

I think you need qsfp

sfp+ can do 25G

Ah

but that's SFP28 technically

I was thinking about getting just two mellanox connectx cards and a cable. My NAS will be just next to my workstation

a DAC cable then?

SFPDD was rumored at one point, might see it in a few years, who knows

with 40G too, idk how many switches there are that support that that aren't super expensive

40g fiber? pretty cheap usually for used switches

I don't really need a switch since only one other device can do 40 Gbit other than my NAS

really? nice

Then you'll go DAC or fiber with 40G QSFP on either end

sounds good 🙂

just connect computer to NAS directly?

yeah

NAS will have also a 10Gbit ethernet card for other devices

so 10Gbit for everything, 40 Gbit for the workstation

ooh interesting setup

I just wanted to get a lot of fast storage for the workstation, but keep it on the network if I need to access it from other devices

why not 40Gbit to a switch with maybe just the 2 or 3 40Gbit ports?

like i'm doing that but one level lower. NAS gets 10Gbit to switch, workstation gets 2.5 all else gets 1

I already have at home 10Gbit everywhere

including 10Gbit up/down FTTH ISP connection

O.O

https://www.speedtest.net/result/c/ce7576b7-3b39-4a64-a605-4ba89a9cf3f5

where do you live, and how can i move there

Poland, it costs $25 a month and it's uncapped

in the us you can get it too, just costs a lot more

ok...time to move to poland

yup, I used to live in California a while back 🙂

don't want to live in poland tbh

all my family lives there

LOL

well that's not the reason

genuinely asking, but maybe slightly off topic, @rocky hawk how is the language situation in poland, like how well can you get by with only english

Oh, I speak both languages and a few more

i was looking at germany for PG but realized i pretty much need to be able to learn in german if i want to get anywhere

but I know that english native speakers here and they don't really complain

oh nice

it's much better in bigger cities and much worse in rural areas

wow, and here i thought my symmetrical gigabit was a big deal

Chattanooga in Tennessee has 10g residential

also where ever snazzy labs lives

my secondary ISP is 1Gbit symmetrical

but Ubiquiti DMP doesn't support this kind of a setup, so it's a major PITA to use

don't use Ubiquiti

lol why @peak cloak ?

I hate unifi

hmm doesn't nvme cap out at 32Gbps?

I like their stuff, but it's buggy when you have anything faster than 1Gbit

the webui, urgh

edgeos is fine

ooh i have similar feelings about netgear

netgear same thing

ew

I've hacked a netgear switch with noctua fans

to get a cheap 10Gbit ethernet. I've literally took a drill to it to make it work

bruh

just get a CRS305

but it was still loud and hot, so I've replaced it with an ubiquiti aggregation switch

I need more SFP+ ports but I cba to buy more shit 😂

my issue with that was availability and the fact that there's no multigig ethernet ports

https://i.ryois.me/NI9E5szDmJ.png

Been looking @ this

goddamn

2 for each server, desktop, UDMP, access layer switches

can't you get something used from like cisco or juniper

ew no

aren't cisco stuff just really loud and power hungry for home use?

This switch

Old switches you'd find on eBay are average power consumption @ 100W or higher

probobly

Plus SDN lol

All under one vendor 😌

SDN?

Software Defined Networking

@clear igloo pls gimme https://meraki.cisco.com/product/wi-fi/indoor-access-points/mr56/

is yeetco meraki good or

8x8 MU-MIMO, 5GbE, layer 7 on the AP

an friend saw a good deal on some Meraki switch other day

https://i.ryois.me/E4AUDdIDou.png

is that affordable to you?

✨no✨

though it's really nice

Hmm that may be cheaper than the alternative to be honest

but hes cheating, I think thats education pricing

$2.7k for a normal big business would be cutting it close for not going meraki

2.7k times 200 or whatever

Can anyone recommend a WiFi 6 router that's not super expensive and doesn't contain garbage firmware?

https://mikrotik.com/product/RB750Gr3 router
https://www.engeniustech.com/engenius-products/802-11ax-wifi-6-2x2-managed-indoor-wifi-access-point/ wi-fi 6 AP

Tp omada seem descent too

I have the eap225

Not wifi 6, but prob similar firmware

https://store.ui.com/products/unifi-ap-6-lited

I might go with that. But ideally, looking for an all-in-one router WiF6 with good firmware. ASUS has some good units, but not sure what their firmware is based on

I heard eh things about Asus

You won't be able to do anything remotely advanced

I have an ASUS wifi6 router, works good

if you want good security go linksys

Lol

Security wise they are all basically the same

Block all new from wan

I mean more options, linksys provides more

can't do much with ASUS

Like?

you can individually filter devices on linksys, on ASUS you cannot, if filter, it filters all devices

little security features like that

Wdym by filter?

like websites, etc

I mean, that's not really security

More like parental controls, wonder how it was implemented

Dns, or actual blocking

I'm looking for an unubtainium here, but seeking A WiFi 6 router with firmware based on one of many open sourced router code

I've use both, I say go with ASUS if you want more features

If ASUS's firmware is based on one of those open sourced projects, then that at least gives me some comfort of security. Linksys and DLINK are garbage

asus uses their own custom sauce.

😦

generally built upon some small linux distro that is 10 or more years old. just like linksys and dlink.

yea, linksys and dlink are very outdated

I mean there is that new unifi dream router

don't bother imo.

unifi ap's and switches are great, dont bother with their routers. grab an old server like a t330(you can get these for free from IT companies) and throw an OSS firewall on it like opnsense or pfsense, or grab a protectli box or something along those lines.

I just know myself I would never get it since I hate unifi, maybe if it was edgeos it would be better, but I think it actually does run edgeos under the hood

Pfsense kinda sucks

pfsense is amazing if you know what youre doing.

Using servers as routers sucks

free router's dont suck.

High power, noise, not built to the task

well..if you get it from your isp it does

Power you pay for

so throw plex on it too.

or unraid and run the router in vm.

If you want a basic but advanced router, get a hex or er-x

there are millions of options.

Ok wtf, unRAID sucks

All the bad options

unraid absolutely has its uses.

proxmox if you hate unraid.

You do not want to virtualize your main router

Bruh

i dont disagree, but you say everything sucks. what do you recommend. because edgerouters are bloody awful compared to something like pfsense which gives you a commercial grade ips.

with things like suricata and such.

what are you going to do, get a watchguard, or a sonicwall, or a meraki sub? and pay thousands in licensing?

Pfsense is just eh, I hate it's webui, vyos all the way if you want a software router. Er-x is pretty good. You don't need packet inspection

YOU may not need dpi or an IPS

And most consumers don't need it either

Only really need it at companies

And for that you want a dedicated machine

which a pfsense box can be with something like protectli or a server with an asic in it.

Sure, but "throw pfsense on a computer" is not a good router

Pfsense for a dedicated appliance for dpi sure

i think youre mistaking dpi with ips... they are two very different things.

Deep packet inspection

ips=intrusion prevention dpi=deep packet inspection.

dpi is mostly used for blocking or correctly routing/filtering ssl and/or encrypted packets, ips pulls from things like abuseidb and checks for common exploits sent out and protects you

normal people do not need dpi

ips on the other hand is far more debateable.

Different purpose same thing, both slow down the network, both require inspection of packets

I agree, I have zero interest in repurposing a Dell PoweEdge server,

@copper rover he was going on about how what i said was not an option, so i offered alternatives, i dont disagree.

Not a very good option

though you can actually make a poweredge rather good at performance per watt for a server on linux, its still a bear of a system

meh oh I need to update.

Would the OS be smart enough to offload TCP/IP to the NIC hardware (if the NIC supports it?)

Dedicated appliances are just better

Or would it all be mainline CPU?

I mean if it has the driver's to do it

Most routers run Linux anyway

Just have hardware acceleration

I see, so it would be up to whatever the Linux kernel supports

everything from sonicwalls to merakis to watchguards to unifi's all use linux

or a variant

every modern piece of networking that isnt a dumb switch runs some variant of bsd or *nix

and even some dumb switches probably do for that matter.

I mean it's basically just a switch chip, where would it even run

some dumb switches still have a gui you can access(i dont know why.)

most of those are running apache or nginx to throw up that webpage

Huh

again i think its REALLY dumb

but ive seen a few that do

Yeah seems stupid to not advertise a feature, but have it

^

Maybe just commonality between managed and not managed version, idk

its basically 9/10ths of the way to a smart switch at that point. honestly its probably for cost cutting, same hardware less software.

yeah exactly.

And just mark up the managed more

cheaper to make a few thousand of the same switch and just cut off the serial port or what have you.

Web UI for non-managed switches is really more for SNMP I think for things like up-down status

thats probably the actual reason, but there are better ways of doing that.

Netgear is a big offender in this area

And their switch firmware is buggy as hell

netgear is a name i wish id never hear again when working with smb's

Yeah, it's trash

"its all the same right, this 10$ switch i got off ebay will work just as well as this cisco catalyst switch right?"

Yeah I have one and it's a pita

no...no it will not.

lol

lol

D-Link switches are allright...for the price. Can't complain too much. You get what you pay for, but at least you get it

d-link routers are horrid though, but yeah, if you just need an at home switch d-link isnt the worst you could do

My main switch is a dlink, got it for free so whatever

It works, does what I need it to do

Poe and all

i run unifi switches and ap's at home personally

Edge Switch, or Unifi Switch?

unifi switches

all unifi except for routing

Unifi requires a controller. I'm not sure the Unifi switch has a UI you can use

Web UI that is

docker.

I see

I have a whole lot of different brands, tplink for APs, unifi flex mini switch, Netgear, er-x, mikrotik

ZTE is crap

zte is and always has been bad haha

Can you ssh into them without using web ui

that being said the only switch ive EVER had catch fire was a tp-link one

You can't do much with them over SSH other then adopt and reboot

you can actually

its just not intuitive.

hmmm

the switches run linux so you can actually configure it and all that, its just unifi tries to hide that.

Do they run a similar cli as edgeos

depends on model

So basically vyetta based, like vyos

for example older unifi and commerical unifi yes, the udm stuff, no it runs unifios which is like all useful features removed version of that.

Rip

udm is great for like a router you want to grab for your grandparents.

I honestly prefer cli these days

whats great about unifi is its remote management simplicity, if i want to deploy and basically forget about a device i use unifi routers.

either family or clients that are cheap.

CLI for programming. But I really NEED the GUI when working with vendors remotely to validate port activity and search MAC addresses

Good and bad, since I myself wouldn't want to have something being controlled by the cloud

if the client isnt cheap i give a whole range from watchguards out to fully custom opnsense boxes with proprietary scripts loaded

i hate watchguards but some people love them for some reason

Never heard of them

youre lucky.

I'm a Fortigate guy with SMB market. I'm done with SonicWALL (have been for a long time after Dell originally bought them out).

i had to get some of their certs and god they are awful.

And Watchguard and Barracuda suck

fortigate has some great stuff, sonicwall has become horrid.

meraki is cisco attempting to fuck us harder.

60F rocks

https://www.fortinet.com/content/dam/fortinet/assets/data-sheets/fortigate-fortiwifi-60f-series.pdf

aruba is great if you are dealing with small enterprise

but unaffordable below that

Yeah, I agree

I never had a client that large, so I never had a chance to play with Aruba

Mainly deal with Unifi AP these days

ive had a few large medical customers using aruba, and a few small/medium enterprises

ive always loved it when ive had an smb ask me for my best and i send them an aruba quote just for the reaction

"can i have your fourth best" was one of the best replies ive gotten from that

I basically just work security now though, so things are quite a bit different on this side of it

i kind of miss just doing network work

building out clients was actually extremely rewarding

security work is basically run a bunch of scripts is 90% of the work, rest of it is time spent in things like armitage, phishing, red teaming, etc.

I'm about to quit my job in the next few months for a new one. I won't say who my employer is. But let just say we have no sales people with IT experience. The clients we get are cheap and so not worth our time.

I'm so done with my skills being wasted. It's not good for me frankly.

yeah thats a big thing i learned a long time ago, if youre a cheap client i wont even fuck with you. there arent enough liability waivers for me to waste my time.

I primarily deal with VM Server infrastructure and consult clients with data management

Workstation stuff is handled pretty well with RMM agents and AV. Then you get EDR to provide additional protection. Ensure clients of 2FA with O365 and the vast majority of security issues are mitigated in SMB environment

the second those cheaparse clients get ransomed they try everything they can to find a way to pin it on you, from your rmm software to printer drivers you installed for them, they just whinge and fight and try to get their money back and everything and i just refuse to deal with the hassle

when i have a client nowadays start talking to me about cost or deals i drop them, and within a year or two they are back with a blank check.

you want security and things working, or do you want cheap, pick 2.

Oh, I definately mention ransomware. Tell them security is like an onion with layers - - Firewall, workstation (patches, AV, EDR), and employee training. And backups are the #1 thing for server and local data. All in e-mail.

If they lose data from ransomware, my forward button gets used to basically say "I told you so, now lets talk about preventing this from occuring again"

the onion metaphor is one ive used for years to dumb down layered security haha, it seems the easiest way to explain it to imbeciles.

have more layers than your neighbor and youre probably fine.

Well, the metaphor is really for the business decision makers. Basically tell them, "hey, you really need this, and here's why the cost is justified"

MFA is a 100% requirement that i have had for all clients for over 4 years now. if a company wont jump on board i wont go further in discussion with them though.

that is completely non-negotiable to me

^Agreed

ive dropped over 10 clients for refusing to use it.

Wish I had 10 clients to drop. lol

well this is over a period of about 15 years haha.

I'm not in that fortunate position to cherry pick. God I wish I could

never too late to change your ways. time is money, and time spent on dealing with stupid things constantly is you not making money.

how much is your time worth, im dying from cancer, my time is worth a LOT.

as new clients come on, onboard them with requirements that are non-negotiable, and as you get more of those, go sink or swim with your old clients.

I've learned a lot from different industries and styles of management over the years. One thing rings true; the fish rots from the head. Often is the owner that's so cheap, they somehow think it pays to fail.

Nope. I have none of that noise

I remember I had a client yell at me(and this was the ceo), trying to say i was fear mongering when i was discussing security, he ran a fucking engineering firm that did government contracts, i stood up and walked out the door

he called me for like 3 weeks after begging me to reconsider....fact is, i dont have time for people like that.

if you don't consider your business worth protecting, i dont either.

Maybe I've had bad luck, but I find the most arrogant clients are Doctors and lawyers. They act like I'm talking down to them, get all pissy, so I then throw down my IT knowledge like I'm talking to another IT pro (it's easier for me actually). Well, they don't pick up what I'm throwing down and get even more angry. Can't win! SMH

oh, and great irony they went out of business after they got ransomwared.

doctors 100%, lawyers ive had hit and miss.

i refuse to deal with a private practice without a full business team on board though, that includes law firms and medical.

just because youre a managing partner in a law firm or a head surgeon doesnt mean you understand risk analysis

I'm afraid of working for medical industry; many small firms don't adhere to proper HIPAA compliance. I will NOT manage your machine if you don't have Windows Pro with BitLocker enabled. I will not answer before a judge because some moron lost their laptop in a smash-n-grab due to being left in a car.

just like i dont know how to read latin or cut someone open if i want them to get up after hah.

HIPAA is a nightmare. because i work remote a lot, and i have those clients even my home is iso:27001 certified.

thus my conversation with presenmonkey about how HE may not need IPS

lol

i love dealing with cert auditing though, from iso27001 to nist and nist csf(a whole different thing)

Well, who certifies proper IPS implementation?

"hey look at this, you get to send money to me...a lot of money"

ips is simply another layer, its impossible to really certify something like that, you just pull from as many different sources as possible

from ip based blocking to signature based blocking to WoT based blocking etc

geoblocking and so on and so forth

I know what it is, but how do you quantify what is acceptable and what is just in name only?

well, that really depends, i mean thats a really difficult question to ask, there are so many different options in that sense. I can tell you unifi with their non-customisable ips is NOT up to my standard

i need to be able to add abuse sources myself if say theres a new source i find and I want to add it in to my system

thats why im such a huge fan of opnsense. if it isnt there i can build it.

People crap all over Gartner, but that is my default go-to when in question. But some rando IPS solution in FOSS project...yeah, no way

well suricata is a "rando" ips solution in a foss project

and its considered enterprise grade

so, there is that.

So is it "free"

but yeah, unifi's IPS is...you can implement a better ips into openwrt.

F = Free

yeah its free. Though again, its not the ONLY thing i would recommend to use.

i dont fully trust any one option.

be it proprietary or open source.

id rather have to deal with multiple systems than leak client files. Its more of a daily headache, but less of a headache than losing a 7 figure client.

https://suricata.io/

anyways in terms of things i really recommend, huntress.io.

that's a client requirement i have

Unless you're doing MITM with SSL inspection, you can't prevent data exfiltration from a compromised machine sending over an SSL session

https://www.huntress.com/

well thats what DPI is for.

and something like huntress.

No, DPI can't crack open SSL packets unless it's MITM

yes and you use mitm.

on the dpi

Combined, I see

certificate store.

Yeah, because that's what it takes. Each client machine has to have the cert installed

yep

GPO or whatever, not difficult

exactly, its rather simple

seriously though check out huntress demo if you can(and no i dont work for them or resell for them, they are really just that good of a thing to have)

What is is, like over 90% of web traffic goes over 443. Port 80 is just to start the session before you get redirected to SSL .lol

Yeah, I'll check out huntress

nowadays id say above 90%.

id say closer to 96%+

which when you consider all web traffic, that 6% is a LOT.

Yeah

also for home use(if you dont want a neutered version of nessus) check out Greenbone security scanner

its a good software to learn

my nessus subcription is "oof" amounts of money, but i still use greenbone as well.

What's your opinion of Huntress vs SentinelOne?

two very different things.

huntress is an mdr sentinelone is an edr

I just noticed that

what huntress does is 1.) ransomware canary, and 2.) checks for persistence

any long term data exfiltration requires persistence

So basically there's a live NOC at the other end with an MDR?

so it checks for things like startup files or things that run on startup

Now you don’t even need that sometimes. A website can be loaded with https without a http connection and redirect

With HSTS

and yes, and they are amazing. Ive had them call me at 3 in the morning to report things, and its one of the few times im really happy to get a call at 3am

Interesting

and yeah hsts is a thing, but its sporadically implemented

yeah, if huntress calls me, its something i REALLY want to know.

and that is huuuuge peace of mind for me.

I work around the Houston TX area, so I deal with a lot of industrial side of things. Nation states hit them hard for obvious reasons. Would be nice to know these things

bloody hell.

I work in the houston tx area. lmfao!

small world isnt it.

Yeah, so you know!

Hurricane season is my favorite . lol

yeah i know haha. Im here for the med center though myself, have to say its not bad living with cancer in probably the worlds leading cancer research center.

I pray I never have to find out for sure

though mine is gastrointestinal so i go to methodist not md anderson

yeah, its not terribly fun lol, but look on the bright side, if it does youre in the best possible hands.

Leader in cardiology too

on the cancer group im a part of, one of the biggest fears is misdiagnosis for the wrong type of super rare cancer...it takes some people yeaaaaars to get the correct diagnosis. By which time they are already pretty much done for. From start to fully diagnosed as an incurable untreatable cancer it was less than 4 months.

my doctors were and are amazing, its just my cancer is so rare there is no treatment. no fault of theirs.

So all clear?

no, im a dead man walking, because its a genetic cancer and will keep coming back until it hits my brain

but thats not the doctors fault

i was given max 12 years, average 6

i wont live to 50

and im lucky, it hits most people at 8-12 years old, and they dont live to 20.

so, ive already lived a more full life than most.

and im in my mid-late 30's.

I dunno. It ain't over until the fat lady sings. I'm hearing breakneck advancements in immunotherpy and whatnot. Or so I've read

the only options for mine are crispr or an mrna vaccine of some sort(yes, the covid vaccine is based on cancer treament tech)

and i cant even get into a trial because I am a sample size of 1.

im the only living adult with it.

so a trial is useless.

so its possible, but likely will happen a few years after my death

i plan to donate my body to help with it because again, my cancer is mainly a paediatric one, and kids dying is horrible =/

if we werent in a global pandemic id be volunteering at the cancer center in the kids wards

Yeah, that take courage. A soldier at the spiritual level to endure that. Good thing there's people like you in this world that will go the extra mile for that. Major respect 🤘

what else can i do, you know?

if youre dying you have to go out with a smile and helping people. not like you can take anything with you.

True. As George Carlin would say "It's just stuff"

exactly lol

anyways im off to bed, take care mate

Yup, you too. Thanks for the info BTW, I'll check it out. I'm got to wrap this up too for work. See ya'll later. ✌️

Anybody know any cheaper alternatives to Ubiquiti APs and a software defined network? I love the automatic moving clients between access points but it's just out of my price range...

TP-Link Omada devices?

What would be the best way to connect my office lan with my home lan?

how do i use internet download manager ?
i have never used it before
I am trying to download some stuff from getintopc.com and i dont know how to use a internet download manager please help

A bit more detail:
My father's office is alley's down our house and he has a few computers there connected to a lan. Both My house and office have a routers with independent internet access, My house has my PC, my brother's laptop and a couple of phones. The office has a nas, as well as my father's PC. How can i connect the lans so that i can access the nas from home and my father can remotely work on his PC from when he is home? Also is there a way to make it so that when one place looses internet, it can access the internet from the other router?

can someone please help ?

gonna be completely honest with you, this looks like a scam lol

Wireguard tunnel

Oh wait nevermind, since it's the same location

What you want is basically a third router between the two networks

No wifi, just a ethernet router like hex or er-x

a third router?

as an upstream or super router?

I mean technically you wouldn't even need it thinking about it

Neither, I'll show a diagram in a sec

k

basically this is the idea, you could prob do it without the 3rd router, but the 2 routers would prob require some more advanced features

and in this setup in the diagram they would need to be able to set static routes

so you can see how home clients would be able to reach the NAS

ah no

could you explain a bit?

basically in your nomal router setup you have a default gateway and that's where your computer sends all traffic to outside of it's subnet, so if an address would be outside 192.168.2.1 - 192.168.2.255 it would send it to 192.168.2.1 and it would decide what to do with it. When we set a static route on home router, for example: 192.168.1.0/24 via 192.168.2.2 it would send all packets with a destination of 192.168.1.0/24 it to the third router which will send it over to the other network, and when it wants to send data back we need a entry in the office router like 192.168.2.0/24 via 192.168.1.2

ah so the client are using the router as a messenger between the routers

well kinda basically, it will still send to the main router on each site first, since it has all the static routes configured

yes

so all traffic would still be going to the main routers on each site, but would then if needed sent to the 3rd one

oh

can this be done between routers of different brands?

ofc

ok

just need to be able to set static routes, etc.

i would connect the third router with ethernet cable right?

if on the home and office routers you can set interface addresses you may be able to get without the 3rd router

ye

could you explain how?

let me try to draw it up

ok

someone else correct me if I'm wrong, but basically something like this

the subnet size of the 100.x network is overkill big, just trying to explain

hmmm

how can i check if my router supports this?

what router do you have

Tenda Ac 1200

not really

😦

possibly using a third party firmware

that would not be a good thing, right?

but I wouldn't guaranteee it

i will check with my ISP if they can give a salution

I mean depends, I never used third party firmware, but it all depends since you may loose some acceleration features

Thank you abyways

good thing tho

you can use third router, since the Tenda Ac 1200 has static routes

https://www.tenda.cz/sites/Upload/AC5/ac5_ug.pdf

a site to site vpn, preferably wireguard.

this type of software hasnt been needed or used in years. This was in the Ie5 era.

it's same physical location

that was my reaction too at first

" father's office is alley's down our house" it sounded like it was like "down the road"

yeah really confusing

maybe, but then they said they wanted to be able to use the other one for internet if it went down

uh lol, dig a hole and run a wire?

or unifi ptp

or failover load balancing if in same house.

i have gigabit fiber with starlink failover actually myself

is starlink still cgnat?

yeah, but you can get around it with a vpn.

yeah ofc, what about native ipv6?

oh yeah, thats not terrible tbh. just a bit more work.

tbf though its not like im hosting massive websites or anything.

Is it worth qualifying home network Ethernet runs? I’m planning on running Ethernet to all the rooms in my house, as well as IP cameras/etc, but I don’t want to realize later that I screwed up and am getting really poor performance. But is it even worth trying to do that? Hardware that does qualification is expensive.

I don't qualify any of my runs, just a simple pair tester and that's it

just don't run it parallel to any high voltage

https://www.homedepot.com/p/Klein-Tools-Scout-Pro-3-Tester-Kit-VDV501-851/312212425 something like this? Just making sure that the wires are all in the right place?

I have something even more basic,

I was working for someone who did electrical work, and that's all they did to test it

Okay awesome. Thank you!

I want to learn how to set up a local network. I have 3 machines, I have my main machine that i will access all of the other machines from. the file server, and then lastley the windows 98 machine. which has all my physical media drives, (5.25 floppy and 3.5 floppy DVD/CD drives). it sounds pretty difficult to network all those things. i dont want to interface with the computers operating system at all i just want to use their drives as network drives

anyone got any advice

@clear igloo I kinda want to switch to M365 Business Premium off of Google Workspace 😩

For email or?

email, cloud identity, InTune

Ah, yah, I'm using it for email pretty much only. It's like $6/user per month

Ugh

I use Google Workspace for Google Drive and Google Photos, I kinda want to keep that

but I want M365 for email, cloud identity, intune, office apps, etc

That's like $30/user per month 😄
Maybe more, I forget off hand

Yeah....

$20/mo for M365 and $12/mo for Google

but does that package include InTune and Azure?

Yes

https://m365maps.com/Microsoft 365 Business.htm

https://i.ryois.me/S389aScGnl.png

M$ money plan!

@clear igloo Apparently MS made the setup super easy now.

If you're using a compatible 3rd party DNS (like Cloudflare), feed it your credentials and it'll setup DNS records for you.

hwo come?

Outlook/Exchange, Azure AD, InTune MDM, etc

as a sidenote, using google for DNS is just Weirdly difficult to do stuff that requires external dns verification like ssl

Google Workspace is ok for small business/homelab people

but M365 is way better for larger businesses and enterprise

A lot more control and options

their whole admin iam stuff is pretty well made

M365 is good for small business as well

oh cool

Just depends on what you want

there's some stuff that google makes a bit harder imo, but their CS is really good, how is MS for customer service?

hmm, shd i switch to cloudflare or smthg for dns?

host your own nameservers

What do you use rn?

Tbh I really like CF's DNS API and such

MS's is really good as well

I just don't like cloudflare cuz of how big it is, which is good and bad. But the whole auth tokens are real nice

google, their API is insanity

yea that's my thing abt cloudflare too. OTOH cloudflare is one of those "we run the internet" companies

idrc about that lol ¯_(ツ)_/¯

I use AWS, Azure, and Google Cloud as well

The only really "small" cloud service I use is DigitalOcean, which is still big.

Because all of those services are mature

i need to try out google cloud, their dns service basically requires it for complex stuff

@clear igloo https://i.ryois.me/xIssd5xMXy.png

If you want availability, a CDN has to have HA and redundancy out the wazoo

There's no way for any company with a shoestring Kickstarter to do that on their own.

lol

Sure they can. They do it the lazy way and put it all on Azure

Sounds like using a big guy by proxy

So not on their own lol

related side note, i am SHOCKEd at how much my android devices "phone home" based on "top dns lookups" in my network

meanwhile my apple devices with barely anything

@rocky badge gonna get a P6 pro on tuesday

lol

@waxen scroll @clear igloo Finally got exaBGP from 1 full table of 29GB of mem down to 2 full tables at 6GB

Just add more RAM!

Oh I had the RAM. Problem was python being single threaded and BGP path selection on 4 million routes resulted in 40mins before the peering went up. All due to an added flag in the command for the database

lol, that's some long peering times

sending full routes was snappy. The times between starting exaBGP and it being ready to peer was the problem

Interesting, I had an issue a while back with traffic tools where it would trickle routes into the box until I found an option to as shovel as much as you can into each message

BTW @hollow marlin we were able to get FS.com optics to work with the TA5004 chassis. The official ADTRAN optics use the string ADTRAN in the vendor-specific area of the EEPROM, and we were able to get FS Box to program the string into the area of the EEPROM. The chassis now recognizes the optic as an official ADTRAN and it works.

for now

Looking for a bit of networking help here.
I have a non-wifi motherboard and the router is all the way on the other side of the apartment, I can't move it to my room as the other side for some reason basically becomes a deadzone, I'd run a long ethernet cable but I don't think it's possible, it is but I'd need to get a technician and stuff, I checked out powerline adapters but since they completely depend on the wiring of the building, I think it's a total nono because this building is straight up horrible, very old and outdated and has terrible wirings, and I don't know if I want to pay the premium price for a non-guaranteed solution, I have a DSL outlet in my room (the same outlet I'd connect my router to if I put it in my room, so that it receives internet), is it possible to run two routers on the same home network without being connected to eachother via a LAN cable? Like, leave the current router in the living room connected to the outlet, and buy a new router connecting it to my own outlet (both accessing the same network), would it work or would there be IP conflicts??

Also for some bullshit reason we're not allowed thirdparty router's, So I'm unable to get a mesh system if I wanted to, I'm bound by my carrier's stock routers (thanks turkey)

No

You can't use the dsl outlet since that's basically like the transport of your internet

So it's limited to 1 outlet at a time, what solution do you suggest?

If you have coax cables in both locations you could do Moca but that's more money than powerline

What's to stop you from using their router and buying a mesh system, disabling DHCP on the mesh system, and using that?

I'm still new here and don't know the exact reason, but I asked some fellow techies that are natives here and they said I'm locked to the turk telekom routers only

For the internet connection, not for anything after their box

Oh I see your point now

hmm

I'll look a little into it

The biggest thing to keep an eye on is material of the walls. If you put a mesh system into a building with solid concrete walls you'll have a bad time

If that's what I'm gonna be doing, what mesh system do you recommend? im not that familiar with networking

ah

they don't seem veryyy concrete to me

I'll go around tapping my walls trying to figure out if it's concrete lmao

The reason it's an issue is because most mesh uses 5GHz for the connection between nodes and that's more easily blocked by solid walls and whatnot

DigitalOcean is making real cash because the free trials are so long and bold

Lol

but don't most (if not all) of them still have 2.4ghz

I mean they definitely do make nice profits

Yes but they talk between nodes on 5GHz so connection between the points will be slow

Basically a dedicated highway for communication and data transfer and then other highways for cars to get on and off

I see

do you suggest just running a long lan cable?

@clear igloo

lel

That's going to be the cheapest and most solid, there are options though. You could see if your current router is sending out a 5GHz signal and using a signal checking app to see if that reaches into your room (even if barely) then you'll know a node in the middle should work out well to help get the signal to you so you can plug in directly

my router is only capable of 2.4ghz, terribly

hold on let me get the model number

it's a Türk Telekom branded TP-Link TD-W9970v3

yikes, that's old 😄

How long

Ethernet should be able to do 100m

I don't know I'm trying to measure the distance right now

yeah it's definitely not going to go around this much but the apartment is kinda tight and I don't know about my parents agreeing to setup a cable running across it all

Yeah

Could put it in a cable raceway

we have these across the apartment, but not one in my room, if I'm not mistaken you can run cables through them right?

No clue, never seen such a thing in the us

I think you can, checking one in the living room and it has the AC cable running through it to the other side but what's confusing me is that I'm following that cable and the cable is just cut off with no target

I'll try and see if it's possible to run cables through them, hopefully that'd be my solution but I'm gonna have to figure out of I can get someone to drill and put one of these access points in my room

Either way, you shouldn't run Ethernet in close parallel with high voltage

I think you could get away with it using shielded ethernet, but def not unshielded

Can I check what's the highest cat gen my router can well route? I have a cat5, cat5e and a cat6 cable, but I don't know if my router actually supports the cat6 one

that's assuming the router would have to support it, that is

Doesn't matter

It's all the same connector

Although there is a distinction between shielded and unshielded ports

And cat5e is bare minimum these days

Cat6 is the standard

I see

i have those

they're generally installed to hang fans by the builder and you as the buyer can take the cap off and install a fan. You cannot use these for an AP with live high voltage wires in the box or conduit

Oh yeah codes, most prohibit low and hv in same conduit and box

even if they didnt it may cause packet loss

well, I'm paying for a 100Mbps down, 10mbps up unlimited home internet plan (https://m.turkcell.com.tr/kampanyalar/ev-interneti-fiber-kampanyalari/turkcell-fiber-100-mbps-hiz-senligi-kampanyasi), I've been able to get 100mbps on my xbox earlier this year when I used to run it via lan, but now running lan (cat6 instead of the cat5 I had for my Xbox) I'm getting 0.10mbps-50mbps download only, even tho it should be able to do 100mbps

and I keep getting dns errors sometimes, when trying to open a site, would take 2 reloads for it to actually load sometimes and it does feel slow and sluggish nowadays, even tho nothing has changed in my network setup and I haven't messed with the dns settings on my router

fans?

Ceiling fans

oh, gotcha

any idea about this though? can I just blame it on my carrier not delivering promised speeds

Wdym "I used to run it via lan, but now running lan"

terrible wording, earlier this year I used to run lan on my xbox in the living room but we basically moved around the furniture so I don't run it with lan anymore

but now I'm running my pc via lan in my room (or was, until a bit ago), and it doesn't get nearly as much speeds as my xbox did on lan earlier this year

So it used to be ethernet, now it's wifi?

yes

Oh, gotcha

it's getting half the speeds

The PC is?

Yeah

Same cable?

cat6 for the pc, cat5 for the xbox

Could be many reasons, but gotta isolate it one by one.

Try the cat5?

I'll try it but I'll need to wait for a bit to move the router back to my room

do you mind if I ping you in a bit? it shouldn't be too long, definitely less than half an hour

Could also be network drivers

Do you happen to have another computer?

Could do a lan speed test

ah could be, I only got this computer last night, built it set it up for the first time and ran driverpack, but I didn't install any other drivers manually

nope

Ethernet on motherboard right?

yeah

Yeah try to find the drivers for the chipset, what's the motherboard

b550m pro-vdh

it'd be this right?

I'll install it and test the speeds once I get to move back the router to my room

Seems correct

@peak cloak Actually, I think my whole issue could be fixed if I managed to connect the router i imported through my current router

I tried doing so before but I couldn't figure it out

can you help me?

my second router is D-Link AC1300

Wdym, like connect them wirelessly?

Like a wireless repeater?

connect them with a wire and configure it to use the second router

it's much better and definitely has better range too

So basically as an access point

that way I can leave it in my room

yes

check in the web management interface. Mine had an option to set up as an access point there.

Most don't

You could check, but then there are 2 other ways, one is preferred

Either you can just plug cable from main router into wan, and that will work just fine BUT you will be double nating, which can could all sorts of issues since it's no longer one unified network

Second option is to try to take advantage how they are programmed, and turn off dhcp on it, then plug cable from main router into the lan ports

This will not Nat, and therefore it will be basically just an AP

I'm fine as long as I'll be able to connect to the imported router and use the internet from there

If you just want internet access you could do the first option

that's what I tried and didn't work

What didn't work?

also for some reason 2 bricks came with my imported router, one labeled as a SWITCHING ADAPTER

I'd be able to connect to the SSID but it had no connection to the internet

Could you access admin page

Yeah

Could you check the status page of second router and see what ip it got

alright let me boot it up and connect to it, but back to the question what's the switching adapter?

I assume I should stick to the power supply adapter, not the switching one?

I mean, it had just power ports on it?

Switching in power refers to the type of AC - dc converter

A switching power supply

connected to the imported router SSID ^ but it won't let me access the panel

My parents are considering upgrading from 350mbps internet to 1100mbps (gigabit speeds) if it's available, it feels wrong even thinking of the concept of gigabit residential internet in England

@peak cloak

my current router has a bridge option

nvm i got access to the imported router panel

lemme check

Is there anything specific to look for?

the ip is 192.168.0.2

Ok, seems fine

It looks like you have an internet connection tho?

I moved the router to my room, as everybody is sleeping now (its like 2am)

i dont wanna have to keep moving routers and basically not have internet in the day for my pc

oh u mean the second router, no it doesnt have internet that screenshot is from the other one

this is the imported router

huh, so it's not getting an ip it seems from main router

what mode is it in, look for something like WAN settings and make sure it's DHCP

it doesnt have a WAN port

oh

would it still have WAN settings?

what does it have,

DSL?

an Internet port, and 4 LANs

on the d-link router you would want to set up the ssid's as the same as the tp-link router, if you are connecting it wired you want to change the address of the d-link router to the address range of the tp-link router. 192.168.1.x -- right now its set to 19.168.0.x

what is internet?

Im not sure if the internet port is just a renamed WAN

oh yeah same thing

you are connected via internet port?

well it's connected to main router via internet port?

well first we want to get it to actually have internet connection

it seems to be different subnet anyway

hmm i connected it to the lan port since thats what the guide i saw earlier said , let me try the internet port

see that's the second method I mentioned, it sometimes works sometimes doesn't

now its main router LAN port to imported router Internet/WAN port

you need to turn off DHCP off as well in that method

ye, it will be double-nated but should be find for a budget setup

and if the 2nd method with plugging into lan doesn't work

the internet LED is blinking orange

normal

uhh im connected to WAN/Internet now, what should i look for in the panel?

well depends

show screenshot of the same page

hmm

should show at least something connected

you have a cable from main LAN to second WAN right?

yep

ill try restarting the router, perhaps a miracle happens

it shows IP addresses now

huh, still nothing on wan

wait no

it's showing an IP from the other router I think?

i think so because the IP for the other router is 192.168.1.1 while this one is 192.168.0.2

also its not blinking orange anymore, its just stable orange

if that means something

I honestly don't know what else

maybe someone else could help to somehow hack it together

damn

but if my main router has bridge mode settings it shouldnt be hard to route my internet to the second router should it?

what would be the point of the settings if i couldnt

doesn't even need to route anything

just a AP mode, which gets rid of any routing is what you need

"How to change a D-Link router to AP mode

1. Connect a computer to the D-link router and launch a web browser.

2. Visit the following router configuration page:

http://192.168.0.1

3. You are prompted to enter a username and password. Enter the following default login credentials:

Username: admin

Password: leave blank

NOTE: If the default login credentials do not work, you might have changed the admin password

4. Click Setup > Local Network

5. Set the DHCP Mode to Off

6. Click Apply Changes."

bridge mode on the tp-link would shut off all functions on it. it would just be a media converter then. (don't really want to do that) if you hook the d-link up with the lan ports you have to change the address of the d-link to be in the same subnet 192.168.1.x instead of the default 192.168.0.x -- what you really want to do is set a dhcp range on the tp-link router like 192.168.1.100 to 192.168.1.254 - then use the 192.168.1.2 to 192.168.1.99 as "static IPs" for thing you set up manually. then set the d-link router to 192.168.1.10 ..

Just set it's internal IP to something in the range on your LAN, disable dhcp and hook it up to main router via lan port

alright I'll do that in a min, waiting for my pc to go back up since it's installing graphics drivers

how long does it usually take for graphics drivers? it's been a long few minutes

No idea... hopefully not too long

I guess ill do that, constantly switching networks on my phone

1 sec

something in the range of my lan, so if the range was .100-.254 would I put it somewhere in between?

or am I getting it wrong

192.168.1 instead of 192.168.0

the default settings of my main router

ah gotcha, 1 sec

Yeah you can use anything in between x.2 - x.254 as long as there's nothing on that ip already

the d-link not the tp-link

Yeah, give the device you want acting as an access point the ip address

I use a dlink dsl-4320l as an access point at the moment, just gave it an ip out of dhcp range, plugged in via lan port and it works great

where can I change the static ips? I don't see any settings regarding the range of it in the main router

yeah that is fine for the default router. now you just want to set the d-link's IP address some where between 192.168.1.2 and 192.168.1.99 - like I said earlier normally 192.168.1.10 is good

You mean set the ip on your access point?

Settings > network

ah the static ip would be the ip of the router itself my bad, I thought it was another settings of range I had to change

Yeah haha

so like this?