Maybe that's the key - I need something like Powercode?
On Fri, Nov 28, 2014 at 4:18 PM, Adair Winter <[email protected]> wrote: > My previous email defines how we are setup which has the CPE pull a public > IP out of a /24. Powercode assigns a single IP based on the MAC of the CPE > via DHCP. > If you want more detail, let me know. > > On Fri, Nov 28, 2014 at 3:11 PM, RickG <[email protected]> wrote: > >> What I'd really like to do is present a routable IP to their router. >> Obviously that is easy in "bridge mode" but I haven't figured out how to do >> it in "router mode". >> >> On Fri, Nov 28, 2014 at 4:01 PM, Mike Hammett <[email protected]> >> wrote: >> >>> uPNP fixes XBox. >>> >>> Security cameras... depends. May still need manual port forwards on >>> those. >>> >>> >>> >>> ----- >>> Mike Hammett >>> Intelligent Computing Solutions >>> http://www.ics-il.com >>> >>> <https://www.facebook.com/ICSIL> >>> <https://plus.google.com/+IntelligentComputingSolutionsDeKalb> >>> <https://www.linkedin.com/company/intelligent-computing-solutions> >>> <https://twitter.com/ICSIL> >>> >>> ------------------------------ >>> *From: *"RickG" <[email protected]> >>> *To: *"Ubiquiti Users Group" <[email protected]> >>> *Sent: *Friday, November 28, 2014 2:58:16 PM >>> >>> *Subject: *Re: [Ubnt_users] Default open/closed ports - [WAS] DMZ >>> Management Ports, what are they? >>> >>> Well, I occasionally get complaints that the XBox network test shows >>> ports closed and security cameras aren't viewable remotely. I'll try UPNP. >>> Thanks! >>> >>> On Fri, Nov 28, 2014 at 3:20 PM, Mike Hammett <[email protected] >>> > wrote: >>> >>>> If there hasn't been an issue yet, then there's probably not a problem. >>>> >>>> Turn on uPNP, call it a day. >>>> >>>> >>>> >>>> ----- >>>> Mike Hammett >>>> Intelligent Computing Solutions >>>> http://www.ics-il.com >>>> >>>> <https://www.facebook.com/ICSIL> >>>> <https://plus.google.com/+IntelligentComputingSolutionsDeKalb> >>>> <https://www.linkedin.com/company/intelligent-computing-solutions> >>>> <https://twitter.com/ICSIL> >>>> >>>> ------------------------------ >>>> *From: *"RickG" <[email protected]> >>>> *To: *"Ubiquiti Users Group" <[email protected]> >>>> *Sent: *Friday, November 28, 2014 2:10:39 PM >>>> >>>> *Subject: *Re: [Ubnt_users] Default open/closed ports - [WAS] DMZ >>>> Management Ports, what are they? >>>> >>>> Mainly be sure I'm not causing issues for customers. Such as XBox or >>>> security cameras not being able to function properly. >>>> >>>> On Fri, Nov 28, 2014 at 8:12 AM, Mike Hammett < >>>> [email protected]> wrote: >>>> >>>>> What problem are you having that you're trying to solve? >>>>> >>>>> >>>>> >>>>> ----- >>>>> Mike Hammett >>>>> Intelligent Computing Solutions >>>>> http://www.ics-il.com >>>>> >>>>> <https://www.facebook.com/ICSIL> >>>>> <https://plus.google.com/+IntelligentComputingSolutionsDeKalb> >>>>> <https://www.linkedin.com/company/intelligent-computing-solutions> >>>>> <https://twitter.com/ICSIL> >>>>> >>>>> ------------------------------ >>>>> *From: *"RickG" <[email protected]> >>>>> *To: *"Ubiquiti Users Group" <[email protected]> >>>>> *Sent: *Friday, November 28, 2014 2:19:56 AM >>>>> >>>>> *Subject: *Re: [Ubnt_users] Default open/closed ports - [WAS] DMZ >>>>> Management Ports, what are they? >>>>> >>>>> True. Perhaps what I need to do on the CPE is set the DHCP range for 1 >>>>> IP addy and put that addy in the DMZ? Then the radio wouldn't >>>>> inadvertently >>>>> block anything. >>>>> >>>>> On Thu, Nov 27, 2014 at 10:57 PM, Mike Hammett < >>>>> [email protected]> wrote: >>>>> >>>>>> There's nothing to open or close. >>>>>> >>>>>> You couldn't set port forwards ahead of time without knowing what >>>>>> they want and where they want it. That's what uPNP is for. >>>>>> >>>>>> >>>>>> >>>>>> ----- >>>>>> Mike Hammett >>>>>> Intelligent Computing Solutions >>>>>> http://www.ics-il.com >>>>>> >>>>>> <https://www.facebook.com/ICSIL> >>>>>> <https://plus.google.com/+IntelligentComputingSolutionsDeKalb> >>>>>> <https://www.linkedin.com/company/intelligent-computing-solutions> >>>>>> <https://twitter.com/ICSIL> >>>>>> >>>>>> ------------------------------ >>>>>> *From: *"RickG" <[email protected]> >>>>>> *To: *"Ubiquiti Users Group" <[email protected]> >>>>>> *Sent: *Wednesday, November 26, 2014 10:19:45 PM >>>>>> >>>>>> *Subject: *Re: [Ubnt_users] Default open/closed ports - [WAS] DMZ >>>>>> Management Ports, what are they? >>>>>> >>>>>> That helps a lot! I have my customers in router mode with NAT enabled >>>>>> without opening any ports. I really dont get any complaints but I'm >>>>>> trying >>>>>> to be sure I am not causing any undo issues for my customers, so, should >>>>>> I >>>>>> open any ports or is default sufficient? >>>>>> >>>>>> On Wed, Nov 26, 2014 at 2:48 PM, Sam Tetherow <[email protected]> >>>>>> wrote: >>>>>> >>>>>>> I think there is some confusion. >>>>>>> >>>>>>> In router mode with NAT enabled and DMZ disabled the only thing it >>>>>>> will pass to the customer is stuff that is set in the port forwarding >>>>>>> section. (iptables -t nat -L) >>>>>>> >>>>>>> In router mode with NAT enabled and DMZ enabled it will pass >>>>>>> everything to the DMZ IP except management ports (unless DMZ management >>>>>>> ports is checked) (iptables -t nat -L will show all ports not passed >>>>>>> to >>>>>>> the router). If DMZ management ports is checked then everything is >>>>>>> sent to >>>>>>> the DMZ IP. >>>>>>> >>>>>>> In router mode without NAT enabled it will route all traffic to the >>>>>>> LAN address space, this means you need to have a subnet on the LAN side >>>>>>> that is routed externally to the radio IP address. >>>>>>> >>>>>>> In bridge mode all traffic coming in WLAN will be passed to LAN. >>>>>>> >>>>>>> >>>>>>> >>>>>>> On 11/26/2014 11:04 AM, RickG wrote: >>>>>>> >>>>>>> Thanks Sam! With that, should I assume only those ports are being >>>>>>> passed through the UBNT radio to the customer? >>>>>>> >>>>>>> On Wed, Nov 26, 2014 at 10:13 AM, Sam Tetherow <[email protected]> >>>>>>> wrote: >>>>>>> >>>>>>>> Default should have ports 80, 443, 22 TCP for HTTP, HTTPS and SSH >>>>>>>> as well as 10001 UDP for the discovery protocol. By open that means >>>>>>>> those >>>>>>>> are the only ports on the radio that have something listening on them. >>>>>>>> If >>>>>>>> you turn those services off on the services tab then they will no >>>>>>>> longer be >>>>>>>> listening on those ports. You can also turn on SNMP (UDP 161) and >>>>>>>> telnet >>>>>>>> (TCP 23) >>>>>>>> >>>>>>>> To see what ports are being listened on use 'netstat -nl' from the >>>>>>>> command line, to see what ports are being forwarded you can use >>>>>>>> 'iptables >>>>>>>> -t nat -L' >>>>>>>> >>>>>>>> On 11/25/2014 08:27 PM, RickG wrote: >>>>>>>> >>>>>>>> I agree Mike, however my question is more basic than that. I >>>>>>>> realize that a UBNT radio comes with the firewall turned off and in >>>>>>>> fact >>>>>>>> I've never turned it on. So, my question is: Default from the factory, >>>>>>>> which ports are open and/or closed? Obviously most common ports are >>>>>>>> open. >>>>>>>> Do I need to open any to prevent any issues? >>>>>>>> >>>>>>>> On Tue, Nov 25, 2014 at 10:02 AM, Mike Hammett < >>>>>>>> [email protected]> wrote: >>>>>>>> >>>>>>>>> I think people go a bit excessive with firewalling. If there's >>>>>>>>> no service there to answer, there's no need to firewall it. >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> ----- >>>>>>>>> Mike Hammett >>>>>>>>> Intelligent Computing Solutions >>>>>>>>> http://www.ics-il.com >>>>>>>>> >>>>>>>>> <https://www.facebook.com/ICSIL> >>>>>>>>> <https://plus.google.com/+IntelligentComputingSolutionsDeKalb> >>>>>>>>> <https://www.linkedin.com/company/intelligent-computing-solutions> >>>>>>>>> <https://twitter.com/ICSIL> >>>>>>>>> >>>>>>>>> ------------------------------ >>>>>>>>> *From: *"RickG" <[email protected]> >>>>>>>>> *To: *"Ubiquiti Users Group" <[email protected]> >>>>>>>>> *Sent: *Tuesday, November 25, 2014 9:00:45 AM >>>>>>>>> *Subject: *Re: [Ubnt_users] Default open/closed ports - [WAS] DMZ >>>>>>>>> Management Ports, what are they? >>>>>>>>> >>>>>>>>> Ya, thank goodness for upnp. I'm just trying to understand and be >>>>>>>>> sure I'm not causing any issues for my customers as far as open & >>>>>>>>> closed >>>>>>>>> ports. Obviously certain ports are open but are they all? >>>>>>>>> >>>>>>>>> On Tue, Nov 25, 2014 at 7:32 AM, Josh Luthman < >>>>>>>>> [email protected]> wrote: >>>>>>>>> >>>>>>>>>> If you're behind Nat your Xbox will say closed because they need >>>>>>>>>> to be dstnated. There's upnp on the later versions. >>>>>>>>>> >>>>>>>>>> Josh Luthman >>>>>>>>>> Office: 937-552-2340 >>>>>>>>>> Direct: 937-552-2343 >>>>>>>>>> 1100 Wayne St >>>>>>>>>> Suite 1337 >>>>>>>>>> Troy, OH 45373 >>>>>>>>>> On Nov 25, 2014 12:28 AM, "RickG" <[email protected]> wrote: >>>>>>>>>> >>>>>>>>>>> So I should expect all ports to be open? >>>>>>>>>>> >>>>>>>>>>> On Mon, Nov 24, 2014 at 5:55 PM, Josh Luthman < >>>>>>>>>>> [email protected]> wrote: >>>>>>>>>>> >>>>>>>>>>>> There are no firewall rules by default. Nothing is DMZ'ed nor >>>>>>>>>>>> PAT'ed. >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> Josh Luthman >>>>>>>>>>>> Office: 937-552-2340 >>>>>>>>>>>> Direct: 937-552-2343 >>>>>>>>>>>> 1100 Wayne St >>>>>>>>>>>> Suite 1337 >>>>>>>>>>>> Troy, OH 45373 >>>>>>>>>>>> >>>>>>>>>>>> On Mon, Nov 24, 2014 at 5:25 PM, RickG <[email protected]> >>>>>>>>>>>> wrote: >>>>>>>>>>>> >>>>>>>>>>>>> This reminded me of a question: What ports are open or closed >>>>>>>>>>>>> by default of a UBNT radio in router mode? >>>>>>>>>>>>> >>>>>>>>>>>>> On Wed, Nov 19, 2014 at 5:56 PM, Sam Tetherow < >>>>>>>>>>>>> [email protected]> wrote: >>>>>>>>>>>>> >>>>>>>>>>>>>> Definitively list: >>>>>>>>>>>>>> TCP telnet (23) >>>>>>>>>>>>>> TCP http (80) >>>>>>>>>>>>>> TCP https (443) >>>>>>>>>>>>>> ICMP Echo-Request >>>>>>>>>>>>>> TCP ssh (22) >>>>>>>>>>>>>> TCP snmp (161) >>>>>>>>>>>>>> TCP 18888 >>>>>>>>>>>>>> UDP discard (9) >>>>>>>>>>>>>> UDP 10001 - ubiquiti discovery protocol although it never >>>>>>>>>>>>>> seems to reply >>>>>>>>>>>>>> when in DMZ mode >>>>>>>>>>>>>> >>>>>>>>>>>>>> If any of the services are disabled on the radio then the >>>>>>>>>>>>>> ports are >>>>>>>>>>>>>> forwarded on to the DMZ radio, if the ports are changed on >>>>>>>>>>>>>> the services >>>>>>>>>>>>>> tab then they will be changed in the DMZ section. >>>>>>>>>>>>>> >>>>>>>>>>>>>> If in doubt, ssh into the radio and run iptables -t nat -L >>>>>>>>>>>>>> >>>>>>>>>>>>>> >>>>>>>>>>>>>> >>>>>>>>>>>>>> On 11/14/2014 06:36 PM, Matt Jenkins wrote: >>>>>>>>>>>>>> > I assume 80, 22, 443. What others are there? I can't find >>>>>>>>>>>>>> it in any of >>>>>>>>>>>>>> > the manuals. >>>>>>>>>>>>>> > _______________________________________________ >>>>>>>>>>>>>> > Ubnt_users mailing list >>>>>>>>>>>>>> > [email protected] >>>>>>>>>>>>>> > http://lists.wispa.org/mailman/listinfo/ubnt_users >>>>>>>>>>>>>> >>>>>>>>>>>>>> _______________________________________________ >>>>>>>>>>>>>> Ubnt_users mailing list >>>>>>>>>>>>>> [email protected] >>>>>>>>>>>>>> http://lists.wispa.org/mailman/listinfo/ubnt_users >>>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> -- >>>>>>>>>>>>> -RickG KyWiFi >>>>>>>>>>>>> >>>>>>>>>>>>> _______________________________________________ >>>>>>>>>>>>> Ubnt_users mailing list >>>>>>>>>>>>> [email protected] >>>>>>>>>>>>> http://lists.wispa.org/mailman/listinfo/ubnt_users >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> _______________________________________________ >>>>>>>>>>>> Ubnt_users mailing list >>>>>>>>>>>> [email protected] >>>>>>>>>>>> http://lists.wispa.org/mailman/listinfo/ubnt_users >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> -- >>>>>>>>>>> -RickG KyWiFi >>>>>>>>>>> >>>>>>>>>>> _______________________________________________ >>>>>>>>>>> Ubnt_users mailing list >>>>>>>>>>> [email protected] >>>>>>>>>>> http://lists.wispa.org/mailman/listinfo/ubnt_users >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>> _______________________________________________ >>>>>>>>>> Ubnt_users mailing list >>>>>>>>>> [email protected] >>>>>>>>>> http://lists.wispa.org/mailman/listinfo/ubnt_users >>>>>>>>>> >>>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> -- >>>>>>>>> -RickG KyWiFi >>>>>>>>> >>>>>>>>> _______________________________________________ >>>>>>>>> Ubnt_users mailing list >>>>>>>>> [email protected] >>>>>>>>> http://lists.wispa.org/mailman/listinfo/ubnt_users >>>>>>>>> >>>>>>>>> >>>>>>>>> _______________________________________________ >>>>>>>>> Ubnt_users mailing list >>>>>>>>> [email protected] >>>>>>>>> http://lists.wispa.org/mailman/listinfo/ubnt_users >>>>>>>>> >>>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> -- >>>>>>>> -RickG KyWiFi >>>>>>>> >>>>>>>> >>>>>>>> _______________________________________________ >>>>>>>> Ubnt_users mailing >>>>>>>> [email protected]http://lists.wispa.org/mailman/listinfo/ubnt_users >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> _______________________________________________ >>>>>>>> Ubnt_users mailing list >>>>>>>> [email protected] >>>>>>>> http://lists.wispa.org/mailman/listinfo/ubnt_users >>>>>>>> >>>>>>>> >>>>>>> >>>>>>> >>>>>>> -- >>>>>>> -RickG KyWiFi >>>>>>> >>>>>>> >>>>>>> _______________________________________________ >>>>>>> Ubnt_users mailing >>>>>>> [email protected]http://lists.wispa.org/mailman/listinfo/ubnt_users >>>>>>> >>>>>>> >>>>>>> >>>>>>> _______________________________________________ >>>>>>> Ubnt_users mailing list >>>>>>> [email protected] >>>>>>> http://lists.wispa.org/mailman/listinfo/ubnt_users >>>>>>> >>>>>>> >>>>>> >>>>>> >>>>>> -- >>>>>> -RickG KyWiFi >>>>>> >>>>>> _______________________________________________ >>>>>> Ubnt_users mailing list >>>>>> [email protected] >>>>>> http://lists.wispa.org/mailman/listinfo/ubnt_users >>>>>> >>>>>> >>>>>> _______________________________________________ >>>>>> Ubnt_users mailing list >>>>>> [email protected] >>>>>> http://lists.wispa.org/mailman/listinfo/ubnt_users >>>>>> >>>>>> >>>>> >>>>> >>>>> -- >>>>> -RickG KyWiFi >>>>> >>>>> _______________________________________________ >>>>> Ubnt_users mailing list >>>>> [email protected] >>>>> http://lists.wispa.org/mailman/listinfo/ubnt_users >>>>> >>>>> >>>>> _______________________________________________ >>>>> Ubnt_users mailing list >>>>> [email protected] >>>>> http://lists.wispa.org/mailman/listinfo/ubnt_users >>>>> >>>>> >>>> >>>> >>>> -- >>>> -RickG KyWiFi >>>> >>>> _______________________________________________ >>>> Ubnt_users mailing list >>>> [email protected] >>>> http://lists.wispa.org/mailman/listinfo/ubnt_users >>>> >>>> >>>> _______________________________________________ >>>> Ubnt_users mailing list >>>> [email protected] >>>> http://lists.wispa.org/mailman/listinfo/ubnt_users >>>> >>>> >>> >>> >>> -- >>> -RickG KyWiFi >>> >>> _______________________________________________ >>> Ubnt_users mailing list >>> [email protected] >>> http://lists.wispa.org/mailman/listinfo/ubnt_users >>> >>> >>> _______________________________________________ >>> Ubnt_users mailing list >>> [email protected] >>> http://lists.wispa.org/mailman/listinfo/ubnt_users >>> >>> >> >> >> -- >> -RickG KyWiFi >> >> _______________________________________________ >> Ubnt_users mailing list >> [email protected] >> http://lists.wispa.org/mailman/listinfo/ubnt_users >> >> > > > -- > > Adair Winter > VP, Network Operations / Owner > Amarillo Wireless | 806.316.5071 > C: 806.231.7180 > http://www.amarillowireless.net > > > _______________________________________________ > Ubnt_users mailing list > [email protected] > http://lists.wispa.org/mailman/listinfo/ubnt_users > > -- -RickG KyWiFi
_______________________________________________ Ubnt_users mailing list [email protected] http://lists.wispa.org/mailman/listinfo/ubnt_users
