I will try
the Teltonika RUT300 as we already have these as part of our product portfolio:
https://teltonika-networks.com/products/routers/rut300
Im also using Netgate 1100 (pfSense) which also work great.
Awesome to have a number of options.
Regards
Michael Knill
Noone
Regards
Michael Knill
From: Michael Knill
Sent: Friday, 23 February 2024 2:50 PM
To: AstLinux List (astlinux-users@lists.sourceforge.net)
Subject: [Astlinux-users] Ubiquiti Unifi
Im kicking and screaming all the way, but I will probably be moving
as
per below:
[cid:image002.png@01DA.E9951590]
Looks like it only support Pre-Shared Key and not certificates?
Could probably use Strongswan with IPsec but would rather not unless someone
has got this working or something similar.
Regards
Michael Knill
Managing Director
D: +61 2 6189 1360
astlinux -d .myportal.tel -d
.ipcaccess.net
I think we will just leave it to see if it happens again.
Regards
Michael Knill
From: Lonnie Abelbeck
Date: Friday, 23 February 2024 at 8:50 am
To: AstLinux Users Mailing List
Subject: Re: [Astlinux-users] Asterisk appeared to crash after ACME deploy
Yes good question but we certainly need multiple certs. We basically have a
domain for the customer portal and a domain for management access which may not
be the same address e.g. management via VPN.
Thanks I will add this to the next release.
Regards
Michael Knill
From: Lonnie Abelbeck
Ah interesting I do have two certs. Should I add a delay before the second
deploy script?
Regards
Michael Knill
From: Lonnie Abelbeck
Date: Friday, 23 February 2024 at 8:38 am
To: AstLinux Users Mailing List
Subject: Re: [Astlinux-users] Asterisk appeared to crash after ACME deploy
Hi
e acme-client: New ACME
certificates deployed for XMPP and 'prosody' restarted
---
Im thinking of putting this one in the cloud as this box has been there for a
while, but wondering if this is a bug or something else? I cant recall seeing
it before.
Thanks
Michael
Michael Knill
___
Astlinux-users mailing list
Astlinux-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/astlinux-users
Donations to support AstLinux are graciously accepted via PayPal to
pay...@krisk.org.
Ah I have found the problem.
We deleted one of the dyndns-host-open domains from our DNS but not from
Astlinux which meant that ALL domains in dyndns-host-open.conf failed for that
box?
I must admit that this is not particularly optimal. Is this standard behaviour?
Regards
Michael Knill
From
Hi Group
Just wondering how long it takes the dyndns-host-open plugin to update. I have
been waiting for well over a day now and some sites can see the two servers
with nslookup but have not updated iptables.
Any ideas?
Regards
Michael Knill
Managing Director
D: +61 2 6189 1360
P: +61 2
a
standard cloud provider can do.
Thanks all.
Regards
Michael Knill
From: Lonnie Abelbeck
Date: Thursday, 16 November 2023 at 11:44 pm
To: AstLinux Users Mailing List
Subject: Re: [Astlinux-users] GL.iNet. How good is it?
I have always heard good things about the GL.iNet products, but never
personally
is a bonus.
Just checking if anyone has had any experience with GL.iNet products and this
is not too good to be true.
Regards
Michael Knill
Managing Director
D: +61 2 6189 1360
P: +61 2 6140 4656
E: michael.kn...@ipcsolutions.com.au<mailto:michael.kn...@ipcsolutions.com.au>
W: ipcsolutions.
Thanks Lonnie
Very much appreciated.
Regards
Michael Knill
From: Lonnie Abelbeck
Date: Friday, 29 September 2023 at 4:43 am
To: AstLinux Users Mailing List
Subject: Re: [Astlinux-users] Stopping logging of Crontab
Hi Michael,
Looking at the /etc/init.d/crond init script, here [1
Hi group
Replying to this email again. I do understand below but just wondering if there
is any way to turn off Cron logging totally or send to a separate log file?
Regards
Michael Knill
From: Lonnie Abelbeck
Date: Friday, 31 March 2023 at 1:01 am
To: AstLinux Users Mailing List
Subject: Re
. As Lonnie mentioned we will script the addition and removal of SSH keys
from devices from a trusted device (my laptop probably)
Thanks guys for your help.
Regards
Michael Knill
From: Michael Keuter
Date: Saturday, 19 August 2023 at 2:20 am
To: AstLinux Users Mailing List
Subject: Re: [Astlinux
(and backups) and having multiple layers of
security.
Certainly some more ideas to think about.
Thanks again.
Regards
Michael Knill
From: Michael Keuter
Date: Saturday, 19 August 2023 at 2:20 am
To: AstLinux Users Mailing List
Subject: Re: [Astlinux-users] Accessing devices behind Astlinux
to have to go
into every system to add credentials or keys every time we bring on a new
staffmember.
Just wondering if there are any options for external authentication of SSH
rather than local on Astlinux e.g. using RADIUS
Could there be any other options e.g. HTTPS proxy?
Regards
Michael
Thanks
Regards
Michael Knill
From: Lonnie Abelbeck
Date: Friday, 11 August 2023 at 10:19 am
To: AstLinux Users Mailing List
Subject: Re: [Astlinux-users] Looking to implement DNS-TLS
Sounds like you have a use case to implement the the /mnt/kd/dnsmasq.static
trick/workaround.
Lonnie
have a static entry for access in the
firewall it would prevent access for all other addresses and ports using the
dyndns-host-open plugin.
Yes I suspect it would be rare but the impact would be high if it happened.
Regards
Michael Knill
From: Lonnie Abelbeck
Date: Thursday, 10 August 2023
sume this is not possible with the DNS Proxy and DNSSEC? I do realise that
Anycast DNS is very close to 100% uptime but I’m just cautious.
Regards
Michael Knill
Managing Director
D: +61 2 6189 1360
P: +61 2 6140 4656
E: michael.kn...@ipcsolutions.com.au<mailto:michael.kn...@ipcsolutions.co
Thanks Lonnie. I will remove to keep things clean.
Regards
Michael Knill
From: Lonnie Abelbeck
Date: Thursday, 3 August 2023 at 10:42 pm
To: AstLinux Users Mailing List
Subject: Re: [Astlinux-users] What is .wh.__dir_opaque
Hi Michael,
AstLinux version 1.3.8 and older used a unionfs driver
Hi Group
Im getting ‘.wh.__dir_opaque’ files in a number of directories on an old
Astlinux system that I have recently upgraded.
Just wondering what they are and whether I should delete them?
Regards
Michael Knill
Managing Director
D: +61 2 6189 1360
P: +61 2 6140 4656
E: michael.kn
Knill
From: Michael Knill
Date: Thursday, 22 June 2023 at 7:19 pm
To: AstLinux Users Mailing List
Subject: Re: [Astlinux-users] Problems with voicemail and Asterisk 16 on
Astlinux 1.4.7
Another update:
I actually think I have fixed the problem. I removed the adaptive jitterbuffer
from voicemail
. Will let you
know how I go.
PS sorry for all the emails.
Regards
Michael Knill
From: Michael Knill
Date: Thursday, 22 June 2023 at 5:51 pm
To: AstLinux Users Mailing List
Subject: Re: [Astlinux-users] Problems with voicemail and Asterisk 16 on
Astlinux 1.4.7
Scratch the last email. Had
Scratch the last email. Had it that only one of them dropped out and the other
kept working.
Regards
Michael Knill
From: Michael Knill
Date: Thursday, 22 June 2023 at 5:04 pm
To: AstLinux Users Mailing List
Subject: Re: [Astlinux-users] Problems with voicemail and Asterisk 16 on
Astlinux
-00c3]: app.c:2010 __ast_play_and_record:
Error writing frame
Regards
Michael Knill
From: Michael Knill
Date: Thursday, 22 June 2023 at 3:13 pm
To: AstLinux Users Mailing List
Subject: Re: [Astlinux-users] Problems with voicemail and Asterisk 16 on
Astlinux 1.4.7
Update:
Using tcpdump I
size. They were all G.711 PCMA encoded as well.
Surely it cant be a disk write issue otherwise I would probably be seeing other
issues and its usually intermittent?
Regards
Michael Knill
From: Michael Knill
Date: Thursday, 22 June 2023 at 2:24 pm
To: AstLinux Users Mailing List
Subject: Re
occurred when writing it to the disk
The first case would require probably orchestrating things and going through
the complete media flow to determine where/how a frame with no data appeared.
Any ideas where I would start my troubleshooting?
Regards
Michael Knill
From: Michael Knill
Date
will be able to get this
sorted.
Yes I never use IPsec.
Thanks again.
Regards
Michael Knill
From: Lonnie Abelbeck
Date: Thursday, 22 June 2023 at 12:10 am
To: AstLinux Users Mailing List
Subject: Re: [Astlinux-users] Running ipsec behind Astlinux
Hi Michael,
First, answering your followup
Actually if this works, is there any reason why I could not have this
implemented for all my systems?
Do I need any firewall rules for this? I did have AH, ESP and UDP500/4500 NAT’d
previously.
Regards
Michael Knill
From: Lonnie Abelbeck
Date: Tuesday, 20 June 2023 at 11:44 pm
To: AstLinux
Thanks Lonnie. I will give it a try.
Interestingly I had a Cisco router working behind it fine but we couldn’t get
the second VPN up. We changed it out for a TP-Link router so the customer could
manage themselves and that didn’t work at all.
Regards
Michael Knill
From: Lonnie Abelbeck
Date
it uses up
all my 4G data.
Regards
Michael Knill
Managing Director
D: +61 2 6189 1360
P: +61 2 6140 4656
E: michael.kn...@ipcsolutions.com.au<mailto:michael.kn...@ipcsolutions.com.au>
W: ipcsolutions.com.au<https://ipcsolutions.com.au/>
[Icon Description automatically genera
and it significantly reduced (possibly eliminated) the problem.
I will try setting this at a couple of our problem sites to see if it fixes the
problem and let you know how I go.
Regards
Michael Knill
From: Lonnie Abelbeck
Date: Tuesday, 13 June 2023 at 10:26 pm
To: AstLinux Users Mailing List
Subject: Re
have tried Astlinux 1.5.0 and it still happens. I cant seem to find any
related bugs.
Any ideas?
Regards
Michael Knill
Managing Director
D: +61 2 6189 1360
P: +61 2 6140 4656
E: michael.kn...@ipcsolutions.com.au<mailto:michael.kn...@ipcsolutions.com.au>
W: ipcsolutions.com.au
System Uptime: 989 days, 1:29
Its on an APU2 in a hospital environment so never had a power failure.
Yes I should have upgraded it long ago but pretty cool!
Regards
Michael Knill
___
Astlinux-users mailing list
Astlinux-users@lists.sourceforge.net
Ah thanks Lonnie
That looks a better way of doing it.
Regards
Michael Knill
From: Lonnie Abelbeck
Date: Friday, 31 March 2023 at 1:01 am
To: AstLinux Users Mailing List
Subject: Re: [Astlinux-users] Stopping logging of Crontab
Hi Michael,
The (busybox) crond daemon has a syslog level
Short of putting in a filter for the Status Tab, is there any way to stop
Crontab logging to Syslog.
I now have a process that is run every 10 minutes and its annoying that it logs
to Syslog each time.
Regards
Michael Knill
Managing Director
D: +61 2 6189 1360
P: +61 2 6140 4656
E: michael.kn
Yay we have Stretto now authenticating to OpenLDAP in Astlinux.
Regards
Michael Knill
From: Michael Knill
Date: Thursday, 23 March 2023 at 3:51 pm
To: AstLinux Users Mailing List
Subject: Re: [Astlinux-users] LDAP Authentication on Astlinux
Hi Lonnie
Yes thoroughly actually. We may
Hi Lonnie
Yes thoroughly actually. We may be getting there slowly. Not knowing a great
deal about LDAP and slapd is making progress slow.
Our main problem appears to be LDAPS currently as LDAP seems to work.
Regards
Michael Knill
From: Lonnie Abelbeck
Date: Thursday, 23 March 2023 at 12:29
Hi All
I need to set up LDAPS authentication on Astlinux for Stretto Authentication
(Bria) and just wondering how I would do this.
I have set up LDAP fine for just telephone numbers but not passwords.
Sorry that I am an LDAP noob.
Regards
Michael Knill
Managing Director
D: +61 2 6189 1360
P
Whoops that's embarrassing. Glad I asked. Thanks guys.
Regards
Michael Knill
On 23/2/2023, 12:20 am, "Lonnie Abelbeck" mailto:li...@lonnie.abelbeck.com>> wrote:
> On Feb 22, 2023, at 2:36 AM, Michael Keuter <mailto:li...@mksolutions.info>> wrote:
>
>
&g
Hi Guys
Everything I read mentions that mpg123 is required for this but it does not
appear to be in Astlinux.
Could I just add the binary to /mnt/kd/bin do you think?
Regards
Michael Knill
Managing Director
D: +61 2 6189 1360
P: +61 2 6140 4656
E: michael.kn...@ipcsolutions.com.au
done so before?
Note this is not just creating an XMPP only roster which are added to
sharedgroups.conf, but also includes telephone numbers and other contact
information.
Thanks all.
Regards
Michael Knill
Managing Director
D: +61 2 6189 1360
P: +61 2 6140 4656
E: michael.kn
e "s/^([0-9][0-9./]+)([[:space:]].*|)$/add
-exist udp_sip_hosts \1/p" | ipset restore
iptables -A EXT_INPUT_CHAIN -m set --match-set udp_sip_hosts src -p udp --dport
5060 -j ACCEPT
-
Regards
Michael Knill
On 3/1/2023, 2:03 pm, "Lonnie Abelbeck" mailto:li...@lonnie.abelbec
I decided that I will just write them all in to be on the safe side. It should
still work if they are not there but should be more reliable if they are.
Regards
Michael Knill
On 3/1/2023, 2:23 pm, "Michael Knill" mailto:michael.kn...@ipcsolutions.com.au>> wrote:
Thanks L
that already don't have a rule for UDP5060 that have been working fine
for years.
Regards
Michael Knill
On 3/1/2023, 2:03 pm, "Lonnie Abelbeck" mailto:li...@lonnie.abelbeck.com>> wrote:
Michael,
Controlling the client is not ideal.
Not sure if it is worth the trouble, but rath
.
Is this a bit risky do you think? Can you think of any breaking scenarios?
Regards
Michael Knill
On 3/1/2023, 9:07 am, "Lonnie Abelbeck" mailto:li...@lonnie.abelbeck.com>> wrote:
Hi Michael,
I rolled up my sleeves, and gave this a test in my lab:
-- snip /etc/arno-iptables-firew
lt;2nd ip address>
If I then remove the address and restart the firewall, the address is removed
from the list (ipset list confirms this) but the address is still open in the
firewall. I cannot remove it unless I reboot the system.
Obviously not workable I'm afraid.
Regards
Michael Knill
which will get iptables to reread the
ipset?
Thanks guys.
Regards
Michael Knill
On 27/9/2021, 10:54 am, "Lonnie Abelbeck" mailto:li...@lonnie.abelbeck.com>> wrote:
Michael,
The /mnt/kd/arno-iptables-firewall/custom-rules is a basic shell script, so
parsing sip
Thanks Lonnie.
Not sure why I'm not getting it for other IPoE broadband services though?
Regards
Michael Knill
On 3/11/2022, 12:01 am, "Lonnie Abelbeck" wrote:
Michael,
BTW the "daemon.err udhcpc" are not actually error logs, just informational
logs in this case
Hi Lonnie
Yes that would be nice. My lease time is 300s.
Still not sure why I'm getting those errors though.
Regards
Michael Knill
On 2/11/2022, 11:56 am, "Lonnie Abelbeck" mailto:li...@lonnie.abelbeck.com>> wrote:
Addendum:
For my cable modem, only one "sendin
It does not have this error from the same provider on other broadband types. Do
you have any idea what it could be?
Regards
Michael Knill
On 2/11/2022, 8:12 am, "Lonnie Abelbeck" mailto:li...@lonnie.abelbeck.com>> wrote:
Normally you would see 3 or 4 of those logs be
Is this normal? Can I turn them off?
Regards
Michael Knill
Managing Director
D: +61 2 6189 1360
P: +61 2 6140 4656
E: michael.kn...@ipcsolutions.com.au<mailto:michael.kn...@ipcsolutions.com.au>
W: ipcsolutions.com.au<https://ipcsolutions.com.au/>
[Icon Description automatically genera
this from happening as its very problematic?
Regards
Michael Knill
Managing Director
D: +61 2 6189 1360
P: +61 2 6140 4656
E: michael.kn...@ipcsolutions.com.au<mailto:michael.kn...@ipcsolutions.com.au>
W: ipcsolutions.com.au<https://ipcsolutions.com.au/>
[Icon Description automatical
Thanks guys for your input.
Regards
Michael Knill
On 7/8/2022, 2:41 am, "Lonnie Abelbeck" wrote:
Good catch David, it is good practice to always remove the
/etc/udev/rules.d/70-persistent-net.rules file (if it exists) when creating a
template AstLinux system.
Though for t
Whoops typo:
* Zabbix Key – ssl/zabbix_secret.psk is removed in the template so it is
regenerated (when you access the Zabbix Tab I believe)
Regards
Michael Knill
From: Michael Knill
Reply to: AstLinux List
Date: Saturday, 6 August 2022 at 12:38 pm
To: AstLinux List
Subject: [Astlinux
in the template so it needs to be
generated
Can you think of anything else I require?
Thanks all.
Regards
Michael Knill
Managing Director
D: +61 2 6189 1360
P: +61 2 6140 4656
E: michael.kn...@ipcsolutions.com.au<mailto:michael.kn...@ipcsolutions.com.au>
W: ipcsolutions.com.au
I saw in our build
environment I think we will be fine.
Regards
Michael Knill
On 21/7/2022, 9:11 am, "Lonnie Abelbeck" wrote:
Hi Michael,
Out of curiosity, what do you mean by "Virtual DC" ? I'm not familiar with
that term.
If you are using AstLinux 1.4.3
Hi Group
I am virtualising most Astlinux installs and now moving to Virtual DC’s where I
have more control of the type of resources I allocate. One of these is the type
of storage and usually in the form of IOP’s.
For example I can purchase storage ranging from 100 IOP’s to 25,000 IOP’s. Now
Thanks Lonnie. Yeah that's way too hard. I will wait for them to open up the
firewall.
Regards
Michael Knill
On 26/6/2022, 1:20 am, "Lonnie Abelbeck" wrote:
Hi Michael,
Do you have physical access? If "yes" a local attached USB drive can be
used as a &quo
Thanks Lonnie. I think we will set up our own repo for Runnix.
Regards
Michael Knill
On 25/6/2022, 11:51 pm, "Lonnie Abelbeck" wrote:
Hi Michael, (comments inline)
> On Jun 24, 2022, at 8:07 PM, Michael Knill
wrote:
>
> A couple of questions regarding
Is this easy to do?
I have a site where they are tough with security and I cant reach the download
server currently.
Along with my previous question, a Runnix upgrade without network connectivity
may be handy too.
Regards
Michael Knill
Managing Director
D: +61 2 6189 1360
P: +61 2 6140 4656
Hi Group
A couple of questions regarding Runnix:
1. I did a Runnix upgrade and it went to 0.6.11. Is this ok on Astlinux
1.3.10?
2. Can I upgrade to a specific Runnix version or is there no point?
3. Can I manage my own repository of Runnix?
Thanks all.
Regards
Michael Knill
.
Regards
Michael Knill
On 17/5/22, 6:41 am, "Lonnie Abelbeck" wrote:
Hi Hamid,
I know of a person who ran AstLinux VM ISO on bare-metal using QEMU/KVM ...
it worked OK for him but took a lot of testing and internet searches to get it
working. And keeping QEMU and all related p
stuff or be
very inefficient?
I'm thinking to reduce the problem I will only use VPN when I need to e.g. when
behind NAT, failover, dynamic address etc. and use direct trunk all other times.
Regards
Michael Knill
On 15/5/22, 11:34 pm, "Lonnie Abelbeck" wrote:
Hi Michael,
Th
to ping it.
Can you think of any way to resolve this. I tried a null route and that didn't
work.
Regards
Michael Knill
Managing Director
D: +61 2 6189 1360
P: +61 2 6140 4656
E: michael.kn...@ipcsolutions.com.au<mailto:michael.kn...@ipcsolutions.com.au>
W: ipcsolutions.com.au
that needs to be updated.
Regards
Michael Knill
From: Michael Keuter
Reply to: AstLinux List
Date: Wednesday, 20 April 2022 at 9:47 pm
To: AstLinux List
Subject: Re: [Astlinux-users] Analogue CLIP (CallerID)
Am 20.04.2022 um 01:36 schrieb Michael Knill
mailto:michael.kn...@ipcsolutions.com.au
Awesome thanks Lonnie. Some great options there.
Not at 1.4 yet (coming soon) so might try the iPoE option initially.
The PPPoE options look very interesting. Think I may do some fine tuning in my
1.4.4 release. Would be interesting to see if CAKE improves anything too.
Regards
Michael Knill
? Can I change the PPPoE
parameters for LCP echos maybe?
3. Would changing the service to IPoE fix the problem e.g. only DHCP then?
Thanks all.
Regards
Michael Knill
Managing Director
D: +61 2 6189 1360
P: +61 2 6140 4656
E: michael.kn...@ipcsolutions.com.au<mailto:michael
Thanks David
Regards
Michael Knill
From: David Kerr
Reply to: AstLinux List
Date: Thursday, 3 February 2022 at 7:51 pm
To: AstLinux List
Subject: Re: [Astlinux-users] WAN Bridge interface
If you are looking for redundancy on the WAN uplink then the way to do it is
with bonded interfaces
Hi Lonnie
It's the firewalls that are configured for failover using FireCluster. They use
VRRP as I just found out:
https://www.watchguard.com/help/docs/help-center/en-US/Content/en-US/Fireware/ha/cluster_ap_cluster_id_wsm.html?Highlight=firecluster%20mac%20address
Regards
Michael Knill
On 3
should not be an issue.
Regards
Michael Knill
On 3/2/22, 9:00 am, "Lonnie Abelbeck" wrote:
Hi Michael,
It would be a special case where you would want the WAN to be a bridge
interface.
How is the WAN interface's IP address defined?
I'm not sure how your two WAN trunks
phones.
Just wanting to know if anyone can see any issues with this architecture as I
haven’t used bridge interfaces before.
It just seems better than sticking a switch in between creating another single
point of failure.
Regards
Michael Knill
Managing Director
D: +61 2 6189 1360
P: +61 2 6140
application has been deprecated and is no longer
built by default
* The Command action now sends the output from the CLI command as a series
of Output headers for each line instead of as a block of text with the --END
COMMAND-- delimiter to match the output from other actions.
Regards
Michael
Controller etc.
Regards
Michael Knill
On 28/12/21, 9:39 pm, "Michael Keuter" wrote:
> Am 27.12.2021 um 22:07 schrieb Lonnie Abelbeck
:
>
> Hi,
>
> Updated Vultr - Cloud Hosted Guest VM Documentation
>
> There have been some cosmetic cha
Ok thanks Lonnie. Already disabled pre SE __
Regards
Michael Knill
On 19/12/21, 12:41 pm, "Lonnie Abelbeck" wrote:
Hi Michael,
> Are we looking at an Asterisk 16SE version at some stage?
Not in 2022, we plan to be supporting ast13se, ast16 and ast18
You will n
Thanks all. Looks like I'm going to 1.4.4 with Asterisk 16 then.
Are we looking at an Asterisk 16SE version at some stage?
Regards
Michael Knill
On 19/12/21, 11:57 am, "Michael Knill"
wrote:
Thanks Michael. I'm already using res_parking.conf so that's all good.
Regards
Thanks Michael. I'm already using res_parking.conf so that's all good.
Regards
Michael Knill
On 18/12/21, 9:33 pm, "Michael Keuter" wrote:
> Am 18.12.2021 um 02:04 schrieb Michael Knill
:
>
> Hi Group
>
> Wanting to get some dev work done
Forgot to mention that I am currently on 13.
Regards
Michael Knill
From: Michael Knill
Reply to: AstLinux List
Date: Saturday, 18 December 2021 at 12:19 pm
To: AstLinux List
Subject: [Astlinux-users] Moving to Asterisk 16
Hi Group
Wanting to get some dev work done over the Christmas break
changes for the Command action!
Regards
Michael Knill
Managing Director
D: +61 2 6189 1360
P: +61 2 6140 4656
E: michael.kn...@ipcsolutions.com.au<mailto:michael.kn...@ipcsolutions.com.au>
W: ipcsolutions.com.au<https://ipcsolutions.com.au/>
[IPC Solutions]
Smarter Business Co
I would be building a whole new system and just copy across the KD files.
That's the beauty of Astlinux.
Regards
Michael Knill
On 15/11/21, 10:16 am, "Ionel Chila via Astlinux-users"
wrote:
I had this Astlinux box running for almost 12 years now. Rock SOLID and
thanks t
on the interface should work fine for this just not
sure how to do it?
Regards
Michael Knill
On 11/11/21, 8:42 am, "Lonnie Abelbeck" wrote:
Probably a question for your ISP.
A single DHCP public address is all I would expect.
Lonnie
> On Nov 10, 2021, at 3:2
address I assume?
Regards
Michael Knill
On 11/11/21, 12:30 am, "Lonnie Abelbeck" wrote:
Hi Michael,
Are you saying the ISP is providing both DHCP and Static IPs for your
public WAN address(es) using the same routed subnet?
My business DOCSIS cable modem ISP provides eit
easy to do.
Regards
Michael Knill
Managing Director
D: +61 2 6189 1360
P: +61 2 6140 4656
E: michael.kn...@ipcsolutions.com.au<mailto:michael.kn...@ipcsolutions.com.au>
W: ipcsolutions.com.au<https://ipcsolutions.com.au/>
[IPC Solutions]
Smarter Business Co
in the future.
I'm thinking I could replace all instances of the IP Address in the log with
something like and then restart the firewall.
Would this work? Any other options?
Regards
Michael Knill
Managing Director
D: +61 2 6189 1360
P: +61 2 6140 4656
E: michael.kn...@ipcsolutions.com.au
router but fine to route voice traffic over a
Wireguard tunnel. Just plug it in anywhere on the network and plug your phones
in. We now have full visibility inside the customers network which will allow
us to better manage the solution.
Regards
Michael Knill
On 13/12/20, 1:26 am, "L
Actually thinking I will use SSTP for VPN to the management and monitoring
environment as it appears to be much better suited for the task.
Regards
Michael Knill
From: Michael Knill
Reply to: AstLinux List
Date: Tuesday, 28 September 2021 at 6:56 am
To: AstLinux List
Subject: Re: [Astlinux
.
I'm assuming you use Mikrotik CHR in the NOC? Have you ever connected L2TP
directly to an Astlinux system?
Thanks all.
Regards
Michael Knill
From: AstLinux List
Reply to: AstLinux List
Date: Monday, 27 September 2021 at 11:27 pm
To: AstLinux List
Cc: The Cadillac Kid
Subject: Re: [Astlinux
Hi Group
Forgive my lack of VPN knowledge here. V85 of Yealink phones supports L2TP.
Could this be supported on Astlinux?
It looks like it would be easier to set up on the phone than OpenVPN.
Regards
Michael Knill
Managing Director
D: +61 2 6189 1360
P: +61 2 6140 4656
E: michael.kn
Thanks Lonnie
May even add this to my standard build.
Regards
Michael Knill
On 27/9/21, 10:54 am, "Lonnie Abelbeck" wrote:
Michael,
The /mnt/kd/arno-iptables-firewall/custom-rules is a basic shell script, so
parsing sip.conf using 'sed' or such should be reasonably strai
very simply.
Regards
Michael Knill
On 27/9/21, 9:47 am, "Lonnie Abelbeck" wrote:
Hi Michael,
With 300 rules and the same across all your boxes, I would use
/mnt/kd/arno-iptables-firewall/custom-rules to define these.
Very similar to the deny_ext_local() example I poste
Hi Group
I'm looking to have a large number of firewall entries in Astlinux e.g. 300.
They would be all the same e.g. I want to open port 5060 from multiple sites.
Is there an easier/neater way to do this other than lots of firewall entries in
the Firewall Tab?
Regards
Michael Knill
Managing
Thanks David
We built a Wireguard Peers Tab which makes this easier. Managing IP’s is
certainly a little tricky but we will be adding more tools later to make this
easier.
Regards
Michael Knill
From: David Kerr
Reply to: AstLinux List
Date: Tuesday, 7 September 2021 at 11:37 pm
To: AstLinux
Michael Knill
On 8/9/21, 12:27 am, "Lonnie Abelbeck" wrote:
Hi Michael,
Good question ... I did a did a little research.
Two things come to mind, the WireGuard CPU usage per traffic and RAM usage
per peer.
WireGuard CPU usage p
Hi Group
Just wondering what you would consider is the maximum number of clients for a
Wireguard interface that you would feel comfortable with assuming you have
enough resources to support the traffic?
Im looking at connecting up to 400 remote peers.
Regards
Michael Knill
Managing Director
are terminated by
Asterisk with no direct media.
Looks like this is what I will do then. Nice! Thanks again.
Regards
Michael Knill
On 6/9/21, 8:11 am, "Lonnie Abelbeck" wrote:
That should work, be a CIDR ninja. :-)
Though if you want your "softswitch" to route to a
for mobile peers and remote peers.
So for your example below, the softswitch will be on 10.4.1.254/24 for instance
and the remote peer will be on 10.4.1.1-250 but will be configured as a /23 so
it has all 10.4.0.x for local connections.
What do you think?
Regards
Michael Knill
On 4/9/21, 12:35
systems now with direct mobile
connectivity, I don't need to use mobile peers but I do need the address space.
Regards
Michael Knill
Managing Director
D: +61 2 6189 1360
P: +61 2 6140 4656
E: michael.kn...@ipcsolutions.com.au<mailto:michael.kn...@ipcsolutions.com.au>
W: ipcsolutions.com.au
Thanks Lonnie. 1G it will be
Regards
Michael Knill
On 23/8/21, 8:11 am, "Lonnie Abelbeck" wrote:
Hi Michael,
Without FOP and no LXC containers, 1.0G RAM should be safe and not a worry.
You could go lower, but you would have to monitor things more closely.
on each Astlinux system.
Just wondering what the maximum RAM usage you should ever see on an Astlinux
system assuming no FOP is running? I have currently made it 1.5G but I think I
can go lower than this.
Regards
Michael Knill
Managing Director
D: +61 2 6189 1360
P: +61 2 6140 4656
E
1 - 100 of 946 matches
Mail list logo