EdgeRouter Lite User Guide
Contents
1. Note To enhance security we recommend that you change the default login using at least one of the following options e Set up a new user account preferred option For details go to Remove the Default User Account on page 41 e Change the default password of the ubnt login Use the set command as detailed in Remove the Default User Account on page 41 FS Ubiquiti Networks Inc Appendix A Command Line Interface CLI Modes Operational Mode When you first log in the CLI is in operational mode Press the key to view the available commands ubnt ubnt Note The question mark does not display onscreen add delete ping6 reset terminal clear disconnect reboot restart traceroute configure generate release set traceroute6 connect initial setup remove show undebug copy no rename shutdown debug ping renew telnet Enter show and press the key to view the settings that you have configured ubnt ubnt S show arp flow accounting nat tech support bridge hardware ntp ubnt configuration history openvpn users date host pppoe server version debugging incoming queueing vpn dhcp interfaces reboot vrrp dhcpv6 ip route map webproxy disk ipv6 shutdown zebra dns lildp snmp file log system firewall login table For example type show interfaces to display the interfaces and their status information ubnt ubnt S show interfaces Codes S State L Link u Up D Down A Admi2. MAC Address At the bottom of the screen you can click Delete to IP Address delete the DHCP server and its configuration Static MAC IP Mapping DHCP Server Internal Complete the following Static Map IP Mapping SEENEN once Stat 10 10 21 a ID Entera name for this mapping End 10 1 1 252 Status Enabled 488 345 143 id MAC Address Enter the MAC address of the DHCP client Create New Mapping Se SE See IP Address Enter the IP address that should be 00 1b 21 bc 59 92 10 1 1 148 a ssig n ed 00 26 2d d1 31 29 10 1 0 250 cluster dToughSwitch device_primary device_staging P gateway printer Showing 1 to 37 of 37 entries 00 13 D4 10 B1 51 00 27 22 76 C8 4F 00 26 9e 2b ba bb 00 26 9e 2b bb f9 00 26 9e 2b ba bd 13 20 30 40 50 f0 00 1b 21 79 6f d0 00 30 18 a5 32 9b 30 46 9a f9 77 2e 00 08 9b c8 50 5b 08 00 27 7a 55 3e 00 1D 73 19 2E 3F 00 24 A5 25 A1 7E 84 2b 2b 96 91 bd 00 26 9e 7f 6e 8a 00 90 8f 33 bb 02 00 C0 02 0D 75 0C 10 1 1 244 10 1 1 251 10 1 0 101 10 1 0 102 10 1 0 111 10 1 1 31 10 1 1 165 10 1 0 18 10 1 0 37 10 1 1 217 10 1 0 106 10 1 0 253 10 1 1 253 10 1 0 245 10 1 0 241 10 1 0 11 10 1 1 110 The top section displays the following status information e Pool Size The total number of IP addresses is displayed e Leased The number of used IP addresses is displayed e Available The number of available I
3. NOTE This equipment has been tested and found to comply with the limits for a Class A digital device pursuant to part 15 of the FCC Rules These limits are designed to provide reasonable protection against harmful interference when the equipment is operated in a commercial environment This equipment generates uses and can radiate radio frequency energy and if not installed and used in accordance with the instruction manual may cause harmful interference to radio communications Operations of this equipment in a residential area is likely to cause harmful interference in which case the user will be required to correct the interference at his own expense Industry Canada This Class A digital apparatus complies with Canadian ICES 003 Cet appareil num rique de la classe A est confrome a la norme NMB 003 Canada Australia and New Zealand Warning This is a Class A product In a domestic environment this product may cause radio interference in which case the user may be required to take adequate measures Japan VCCI A CORBIS 107 A HRRHRECH COREE RERA CEAT 3 EB RSS NEHCTCEMHVET CORA RARA mo COKIBKENSCEMHVET CE Marking CE marking on this product represents the product is in compliance with all directives that are applicable to it FS Ubiquiti Networks Inc Appendix E Compliance Information RoHS WEEE Compliance Statement English European Directive 2002 96 EC requires that the equipment bearing
4. e Use DHCP Renew Use DHCP for IPv6 The interface acquires network settings from a DHCPV6 server Manually define IP address es Enter the static IP address example 792 0 2 1 24 for IPv4 or 2001 db8 1 32 for IPv6 Click Add IP to enter additional IP addresses e Manually define IP address es Add IP MTU Enter the MTU Maximum Transmission Unit value which is the maximum packet size in bytes that a network interface can transmit The default is 7500 Proxy ARP Enable the EdgeRouter to answer a source host s ARP Address Resolution Protocol requests for the IP address of a destination host that is not located on the source host s network ARP allows hosts on the same network to discover each other s IP address via a layer 2 broadcast to all MAC addresses If they are not on the same network the layer 2 broadcast will not reach its destination however the EdgeRouter can serve as the go between if Proxy ARP is enabled Click Save to apply your changes or click Cancel 12 EdgeRouter Lite User Guide doot IS Welcomeubnt to ubnt S OSPF Destination a Next Hop 0 0 0 0 0 2030 113 177 1 1 1 0 24 10 1 0 38 10 0 1 0 24 10 1 200 6 10 1 0 0 23 10 1 0 0 23 10 1 2 0 24 10 1 254 2 10 1 3 0 24 10 1 254 3 10 1 5 0 24 10 1 5 0 24 10 1 6 0 24 10 1 6 0 24 10 1 200 2 32 10 1 200 2 32 10 1 200 4 32 10 1 200 4 32 10 1 200 5 32 10 1 200 6 32 10 1 200 6 32 10 1 200 7 32 10 1 2
5. verensst mmelse med de v sentliga egenskapskrav och vriga relevanta best mmelser som framg r av direktiv 1999 5 EG Por medio de la presente UBIQUITI NETWORKS declara que el UBIQUITI NETWORKS device cumple con los requisitos esenciales y cualesquiera otras disposiciones aplicables o exigibles de la Directiva 1999 5 CE Niniejszym firma UBIQUITI NETWORKS o wiadcza e produkt serii UBIQUITI NETWORKS device spe nia zasadnicze wymagania i inne istotne postanowienia Dyrektywy 1999 5 EC UBIQUITI NETWORKS declara que este UBIQUITI NETWORKS device est conforme com os requisitos essenciais e outras disposi es da Directiva 1999 5 CE Prin prezenta UBIQUITI NETWORKS declar c acest dispozitiv UBIQUITI NETWORKS este in conformitate cu cerin ele esen iale i alte prevederi relevante ale Directivei 1999 5 CE 52 EdgeRouter Lite User Guide Appendix G Contact Information Ubiquiti Networks Support Ubiquiti Support Engineers are located around the world and are dedicated to helping customers resolve software hardware compatibility or field issues as quickly as possible We strive to respond to support inquiries within a 24 hour period Online Resources Support support ubnt com Wiki Page wiki ubnt com Support Forum forum ubnt com Downloads downloads ubnt com UBIQUITI NETWORKS 2580 Orchard Parkway San Jose CA 95131 www ubnt com 2012 Ubiquiti Networks Inc All rights re
6. Alerts System The device settings are organized into these sections 28 Basic Settings on page 7 Mi e Management Settings on page 7 Mi e Configuration Management amp Device Maintenance on page 8 4 e Restart amp Shutdown Router on page 9 EdgeRouter Lite User Guide Basic Settings Host Name Basic Settings Host Name System host name ubnt demo System host name Enter a name for the EdgeRouter The host name identifies the EdgeRouter as a specific device For example a com URL typically uses this format lt host_name gt domain_name com Time Zone Time Zone _ Use Coordinated Universal Time UTC Time zone Select continent ocean Use Coordinated Universal Time UTC UTC is the international time standard used by Network Time Protocol NTP servers If your routers are located in multiple time zones then you may want to use UTC Time zone To set your network to a specific time zone select Time zone and configure the following Select continent ocean Select your location Select country region Select your location Select time zone Select your time zone Gateway Gateway System gateway address System gateway address Enter the IP address of your gateway This will set up your default route If you want to set up additional default routes configure them as static routes on the Routing tab See Routing Tab on page
7. This User Guide is designed to provide instructions about Console Ethernet 0 2 installation of the EdgeRouter and to provide details about how to use the EdgeOS Configuration Interface Configuration Se The intuitive interface allows you to conveniently manage your EdgeRouter using your web browser See Using Interface Description EdgeOS on page 5 for more information If you need ee RJ45 serial console port for Command Line Interface to configure advanced features or prefer configuration by CLI management command line you can use the Command Line Interface Ethernet 0 2 10 100 1000 Mbps Ethernet ports CLI See Command Line Interface on page 37 for To reset to factory defaults disconnect the Power more information Adapter from the Power port Press and hold the Reset button while connecting the Power Adapter to the Power port Keep holding the button until the Package Contents right LED on port 2 starts flashing and then stops EdgeRouter Lite after a few seconds Front Panel LEDs The LEDs on the left side of each port are not used at this time Below is a description of the right LED functionality Power Speed Link Act Speed Link Act 1000 Mbps 10 100 Mbps EdgeRouter Lite Power Adapter Power Cord 12V 1A Status Off EdgeRouter Lite not powered on Green EdgeRouter Lite is powered on gt pp e Off No Link d L S M2 9x20 Screws M2 9 Anchors Quick Start Guide Amber Link Establishe
8. action drop state invalid enable rule 30 action accept destination port 22 protocol tcp name WAN2 IN default action drop rule 10 action accept state established enable related enable rule 20 action drop state invalid enable l rule 30 action accept destination port 22 protocol tcp edit ubnt ubnt 43 EdgeRouter Lite User Guide Manage the Configuration File Typically you use the save command to save the active configuration to disk config config boot however you can also save the active configuration to a different file or remote server Enter save and press the key ubnt RTR save Possible completions lt Enter gt Save to system config file lt file gt Save to file on local machine scp lt user gt lt passwd gt lt host gt lt file gt Save to file on remote machine ftp lt user gt lt passwd gt lt host gt lt file gt Save to file on remote machine Save to file on remote machine tftp lt host gt lt file gt edit ubnt RTR save tftp 10 1 0 15 rtr config boot Saving configuration to tftp 10 1 0 15rtr config boot HARAMAAARAMNAAAARAANAAAARABAAARAAAAARAAAAARARARAARA 100 08 Done edit Scenario In the midst of the administrator changing an IPsec tunnel into an OpenVPN tunnel the administrator had to revert the EdgeRouter to its previous configuration with the IPsec tunnel 1 Before
9. ras UBIQUITI NETWORKS EdgeRouter LITE ES 3 Port Router Model ERLite 3 USER GUIDE EdgeRouter Lite User Guide Table of Contents Table of Contents Chapter 1 Overview 0 ccc cece cece cece eee eee e ee eeeeeees 1 EEOC TOM roer dais 1 Pack age COMMING resarcir conato 1 Configuration Interface System Requirements ccc cece cece eee eeeeeeeees 1 Hardware Overview papiros 1 Chapter 2 Installation 0 0 ccc ccc cece eee eee eeeeees 2 danige st ae a orador ooo as 2 Installation of the EdgeRouter Lite cornisas di 2 Typical Deployment GcCenartos cece cece eee ooo 3 Chapter 3 Using does 5 Ports and Status ege e Ee titanic metas 5 NaVIGGUOM E 5 Common Interface OPUON Sunset daras ba 6 Chapter 4 Dashboard Tab 10 EE EE eros EEN 10 Jane EE 11 Chapter 5 Routing Tab 13 IPS ROUSING casual aportara asas 13 o neu aoesaceseceaeeen aeeeeenueeseasseacaeeertess 14 OSPF EE 16 Chapter 6 Security Tab 19 Firewall Ge Me E 19 FEY AN E ge dnt eso errada ess 23 e noe e es 24 o oo gn no erry aeesesesdes 27 Chapter 7 Services Tab 28 DHCP SCIVEl EE 28 ae ue E eee eee pao eee Rae eno soe 31 Chapter 8 Users Tab 32 Boa ere ree et er ee eee ee ere ee EE eee 32 Ferien 33 Chapter 9 Toolbox ooooooccocccconccncccc coo 34 gigs ree CO E re eee ee eee 34 lA Mess Un E o II A T EE 35 A o o II E 35 Packet EE EE ER Beie MONO EE 36 FAS Ubiquiti Networks Inc i EdgeRo
10. 13 for more information Name Server Domain Name System DNS translates domain names to IP addresses each DNS server on the Internet holds these mappings in its respective DNS database Name Server System name server System name server Enter the IP address of your DNS server example 192 0 2 1 for IPv4 or 2001 db8 1 for IPv6 Click Add New to add additional servers FS Ubiquiti Networks Inc Chapter 3 Using EdgeOS Domain Name Domain Name System domain name System domain name Enter the domain name of your EdgeRouter The domain name identifies the EdgeRouter s network on the Internet For example a com URL typically uses this format host_name lt domain_name gt com NTP NTP is a protocol for synchronizing the clocks of computer systems over packet switched variable latency data networks You can use it to set the system time on the EdgeRouter If the System Log option is enabled then the system time is reported next to every log entry that registers a system event NTP Automatically update system Y time using NTP Automatically update system time using NTP By default the EdgeRouter obtains the system time from a time server on the Internet Click Save to apply your changes Management Settings SSH Server Management Settings SSH Server Enable E Port 22 Enable Enabled by default This option allows SSH Secure Shell access to the EdgeRouter for remote configurat
11. TX packets The number of packets transmitted is displayed TX bytes The number of bytes transmitted is displayed RX packets The number of packets received is displayed RX bytes The number of bytes received is displayed 33 EdgeRouter Lite User Guide doot IS Wekomeubnt to ubnt S Oo O DA g ke O oo E tw admin Showing 1 to 7 of 7 entries Chapter 9 Toolbox Each tab of the EdgeOS interface contains network administration and monitoring tools At the top right of the screen click the Toolbox button The Toolbox drop down menu appears wv Ping O Trace P Discover D Packet Capture B Log Monitor The following tools are available e Ping e Trace e Discover e Packet Capture e Log Monitor FS Ubiquiti Networks Inc Chapter 9 Toolbox EJ CLI Toolbox v gt Date Connected November 8 2012 November 12 2012 00h 24m 19s Ping You can ping other devices on the network directly from the EdgeRouter The Ping tool uses ICMP packets to check the preliminary link quality and packet latency estimation between two network devices Destination Hostv IP Packet Count Packet Size Destination Host IP Enter the IP address Packet Count Enter the number of packets to send for the ping test Packet Size Specify the size of the packet Run Test Click this button to start the test Packet loss statistics and latency time evaluation are displayed after the test is c
12. mac address 00 16 cb 33 ba 77 You have four tabs available e Rules see below yr e Configuration on page 23 e Interfaces on page 23 e Stats on page 23 Add New Rule To create a new rule click Add New Rule Go to Add or Configure a Rule on page 21 Save Rule Order To change the rule order click and drag a rule up or down the sequence and then release the rule When you are finished click Save Rule Order Rules A rule tells the EdgeRouter what action to take with a specific packet Define the following e Criteria for matching packets e Action to take with matching packets Rules are organized into a set and applied in the specified Rule Order If the packets match a rule s criteria then its action is triggered If not then the next rule is applied A table displays the following information about each rule Click a column heading to sort by that heading Order The rules are applied in the order specified The number of the rule in this order is displayed Description The keywords you entered to describe this rule are displayed Source The source specified by this rule is displayed Destination The destination specified by this rule is displayed Protocol The protocol that matches the rule is displayed Action The action specified by this rule is displayed Actions Click the Actions button to access the following options e Basic To configure the basic options of a rule c
13. 21 30 57 2012 08 28 21 12 56 2012 08 28 19 52 42 2012 08 28 21 24 17 2012 08 28 21 16 52 2012 08 28 20 47 50 Pool Internal Internal Internal Internal Internal Internal Internal Internal internal Internal Internal Internal Internal Internal Internal Internal Internal Internal Internal G SPhone AV J M Support ubnt mFi UniFi ubuntu bPhone m Iphone Showing 1 to 345 of 345 entries The top section displays the following status information e Pool Size The total number of IP addresses is displayed The DHCP server assigns IP address from the pool or group of IP addresses e Leased The number of used IP addresses is displayed Available The number of available IP addresses is displayed e Subnet The IP address and subnet mask of the DHCP server are displayed in slash notation e Range Start The starting IP address of the range is displayed e Range End The last IP address of the range is displayed e Router The default route of the DHCP clients is displayed The DHCP clients route all packets to this IP address which is the EdgeRouter s own IP address in most cases e DNS The IP address of the DNS server is displayed e Status The Enabled Disabled status of the DHCP server is displayed e Search Allows you to search for specific text Begin typing there is no need to press enter The results are filtered in real time as soon as you type t
14. MTU The MTU Maximum Transmission Unit value of the interface is displayed This is the maximum packet size in bytes that the interface can transmit TX The transmit speed of the interface is displayed RX The receive speed of the interface is displayed Status The connection status of the interface is displayed Actions Click the Actions button to access the following options e Config To configure the interface click Config Go to the Configure the Interface section e Disable Disable the interface while keeping its configuration Configure the Interface After you click Config the Interface Configuration screen appears Interface Configuration for eth1 Description Internet Enable A Address No address settings e Use DHCP Renew Use DHCP for IPv6 Manually define IP address es MTU 1500 Proxy ARP CENS EXT Make changes as needed Description Enter keywords to describe this interface e Enable Check the box to enable the interface All of the interfaces are saved in the system configuration file however only the enabled interfaces are active on the device FS Ubiquiti Networks Inc Chapter 4 Dashboard Tab e Address Select one of the following No address settings The interface uses no address settings In most cases an address is needed Use DHCP The interface acquires network settings from a DHCPv4 server Click the Renew button to acquire fresh network settings
15. address which is the EdgeRouter s own IP address in most cases e DNS 1 Enter the IP address of the primary DNS server Your ISP may provide this information or you can use Google s DNS server at 8 8 8 8 e DNS 2 Enter the IP address of the secondary DNS server e Enable Check the box to enable this DHCP server Click Save to apply your changes or click Cancel Search Allows you to search for specific text Begin typing there is no need to press enter The results are filtered in real time as soon as you type two or more characters 28 EdgeRouter Lite User Guide A table displays the following information about each DHCP server Click a column heading to sort by that heading Name The name of the DHCP server is displayed Subnet The IP address and subnet mask of the DHCP server are displayed Pool size The total number of IP addresses is displayed Leased The number of leased IP addresses is displayed Available The number of available IP addresses is displayed Actions Click the Actions button to access the following options e View Leases To view the current DHCP leases click View Leases Go to the Configure the DHCP Server gt Leases section e Configure Static Map To map static IP addresses to MAC addresses click Configure Static Map Go to Static MAC IP Mapping on page 30 e View Details To configure the DHCP server click View Details Go to Details on page 31 e Delete Delete the DHCP s
16. another interface for DNS forwarding click Add Listen Interface From the new Interface drop down menu select the appropriate interface Click Save to apply your changes or click Cancel 31 EdgeRouter Lite User Guide doot IS Welcome ubnt to ubnt S Bic O O g ke O oo E tw admin Showing 1 to 7 of 7 entries Chapter 8 Users Tab The Users tab displays account information about users You can also configure these user accounts Any setting marked with a blue asterisk is required You have two sub tabs Local Displays configurable user accounts Remote Displays statistics about the users who remotely access the EdgeRouter Local Configure user accounts with unique logins Add User To create a new user click Add User The Create New User screen appears Create New User Username Full Name Password Confirm Role FS Ubiquiti Networks Inc Chapter 8 Users Tab ael Toolbox v gt Date Connected November 8 2012 November 12 2012 00h 24m 19s Complete the following e Username Enter a unique account name for the user Full Name Enter the actual name of the user e Password Enter the password e Confirm Enter the password again e Role Select the appropriate permission level Admin The user can make changes to the EdgeRouter configuration Operator The user can view the EdgeRouter configuration but cannot make changes Click Save to apply your
17. authentication is used MD5 sec Each router uses a key password and key ID This is the most secure option because the key is never transmitted Plain text Each router uses a key This provides minimal security because the key is transmitted in plain text format EdgeRouter Lite User Guide e Network Enter the IP address and subnet mask using slash notation lt network_IP_address gt lt subnet_mask_number gt example 192 0 2 0 24 Click Add New to enter more network addresses Click Save to apply your changes Interfaces You can configure interfaces with specific OSPF options Interfaces Add OSPF Interface Interface a s Actions vtun1 Actions v vtun2 Actions v vtun3 Actions v Add OSPF Interface To create a new interface click Add OSPF Interface The OSPF Interface Configuration screen appears OSPF Interface Configuration Interface select Auth Type Off gt Auth Key Complete the following Interface Select the appropriate interface from the drop down list Auth Type OSPF authentication helps secure communication between routers Select the appropriate option Off No authentication is used MD5 sec Each router uses a key password and key ID This is the most secure option because the key is never transmitted Plain text Each router uses a key This provides minimal security because the key is transmitted in plain text format e Auth Key Enter th
18. changes Search Allows you to search for specific text Begin typing there is no need to press enter The results are filtered in real time as soon as you type two or more characters A table displays the following information about each user Click a column heading to sort by that heading Username The account name of the user is displayed Name The actual name of the user is displayed Level The permission level of the user is displayed Active Sessions The number of times the user has accessed the EdgeRouter is displayed Date Connected The date of the user s most recent access is displayed Uptime The duration of the user s access is displayed Status The status of the user is displayed 32 EdgeRouter Lite User Guide Actions Click the Actions button to access the following options e Config To configure the user click Config Go to the Configure the User section below e Delete Delete the user account its configuration will be removed Configure the User After you click Config the Username screen appears Make changes as needed Username admin Full Name Role Admin Password weREEKEK Change Password e Username The unique account name is displayed Full Name Enter the actual name of the user e Role Select the appropriate permission level Admin The user can make changes to the EdgeRouter configuration Operator The user can view the EdgeRouter configuration but cannot make c
19. displayed Distance 1 255 Enter the administrative distance If there are identical routes from different sources such as static RIP and OSPF the EdgeRouter compares the routes and uses the route with the lowest distance e Enable Check the box to enable the route Click Save to apply your changes Interface Static Route Configuration Route type interface Destination network 203 0 113 170 32 Next hop interface 203 0 113 177 Distance 1 255 e Route type The interface route uses the next hop interface Destination network The IP address and subnet mask are displayed in slash notation e Next hop interface The name of the next hop interface is displayed Distance 1 255 Enter the administrative distance If there are identical routes from different sources such as static RIP and OSPF the EdgeRouter compares the routes and uses the route with the lowest distance e Enable Check the box to enable the route Click Save to apply your changes EdgeRouter Lite User Guide Black Hole Static Route Configuration Route type blackhole Destination network 192 168 0 0 23 Distance 1 255 e Route type The black hole route drops unwanted traffic e Destination network The IP address and subnet mask are displayed in slash notation e Distance 1 255 Enter the administrative distance If there are identical routes from different sources such as static RIP and OSPF the EdgeRouter compares the r
20. displayed e Accept All of the accept policies are displayed A table displays the following information about each policy Click a column heading to sort by that heading Name The name of the policy is displayed Interfaces The specified interface and direction of traffic flow are displayed Number of Rules The number of rules in the policy is displayed Default Action The action that the policy will execute if the packets do not match any rule is displayed Actions Clickthe Actions button to access the following options e Edit Rules To configure the rules click Edit Rules Go to the Rules section in the next column e Configuration To configure the policy click Configuration Go to Configuration on page 23 e Interfaces To select interfaces and direction of traffic flow for your policy click Interfaces Go to Interfaces on page 23 e Stats To view statistics on firewall usage click Stats Go to Stats on page 23 e Copy Policy To create a duplicate click Copy Policy The Copy Firewall Ruleset screen appears Copy Firewall Ruleset Name Enter a new name for this policy Click Copy to confirm or click Cancel Delete Policy Remove the policy FS Ubiquiti Networks Inc Chapter 6 Security Tab Configure the Firewall Policy The Ruleset Configuration for _ screen appears Ruleset Configuration for LAN_IN Order Description Source Destination Protocol Action 1 Drop rogue
21. established RSA key fingerprint is 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Are you sure you want to continue connecting yes no yes Warning Permanently added 192 168 1 1 RSA to the list of known hosts Welcome to Edge0S By logging in accessing or using the Ubiquiti product you acknowledge that you have read and understood the Ubiquiti License Agreement available in the Web UI at by default http 192 168 1 1 and agree to be bound by its terms ubnt 192 168 1 1 s password 4 For help with commands you can either press the key or enter show and press the key Last login Wed Oct 3 11 21 11 on ttys000 MacBook Pro ee ssh ubnt 192 168 1 1 The authenticity of host 192 168 1 1 192 168 1 1 can t be established RSA key fingerprint is 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Are you sure you want to continue connecting yes no yes Warning Permanently added 192 168 1 1 RSA to the list of known hosts Welcome to Edge0S By logging in accessing or using the Ubiquiti product you acknowledge that you have read and understood the Ubiquiti License Agreement available in the Web UI at by default http 192 168 1 1 and agree to be bound by its terms ubnt 192 168 1 1 s password Linux ubnt 2 6 32 13 UBNT 1 SMP Thu Sep 13 13 26 16 PDT 2012 mips64 Welcome to Edge0S Last login Wed Oct 3 18 19 05 2012 ubnt UBNT 0C ff Note To enhance security we recommend that you change
22. in future releases For other options you can use the CLI which has comprehensive IPv6 support Note Use the CLI to view IPv6 options configured in the CLI but not supported by the EdgeOS Configuration Interface 13 EdgeRouter Lite User Guide Routes A route determines how traffic travels to its destination network If more than one route is suitable the EdgeRouter uses administrative distance as a metric to compare all available routes including directly connected routes Manually configured static routes dynamic routes and the default route The EdgeRouter uses the route with the lowest administrative distance All Static Connected RIP OSPF Add Static Route To create a new Static route click Add Static Route The Create Static Route screen appears Create Pv4 Static Route Select Route Type Gateway Destination network Next hop address Distance 1 255 Enable Complete the following e Select Route Type You have three options Gateway Interface or Black Hole Gateway Define a route using the IP address and subnet mask of the next hop gateway Create IPv4 Static Route Select Route Type Gateway Destination network Next hop address Distance 1 255 Enable e Destination network Enter the IP address and subnet mask using slash notation lt network_IP_address gt lt subnet_mask_number gt example 192 0 2 0 24 The first default route is configured
23. protocol to filter e Address Enter the address to filter e Port Enter the port number to filter e Negate filter Check this box to capture all packets except for the ones matching the selected filter s 35 EdgeRouter Lite User Guide Start Click this button to start the capture If a Packet Limit is not specified then this button becomes a Stop button during the capture Capture results are displayed with Time and Packet descriptions Log Monitor The Log Monitor is a log displaying live updates System Log Monitor System log messages Time v Message Oct 1 21 32 06 UBNT OC zebra 384 warning interface eth1 broadcast addr 255 255 255 255 26 calculated 24 43 103 255 routing protocols may malfunction Jun 1 10 00 35 UBNT OC dhcpd WARNING Host declarations are global They are not limited to the scope you declared them in UBNT OC dhcpd UBNT OC dhcpd No subnet declaration for eth1 24 43 103 194 Click the pause button to stop the live updates Click the play button to resume the live updates The System log messages table displays the following information about each log Click a column heading to sort by that heading Time The system time is displayed next to every log entry that registers a system event Message A description of the system event is displayed FS Ubiquiti Networks Inc Chapter 9 Toolbox 36 EdgeRouter Lite User Guide Appendix A Command Line Interface Ove
24. responsabilit de jeter ce mat riel ainsi que tout autre mat riel lectrique ou lectronique par les moyens de collecte indiqu s par le gouvernement et les pouvoirs publics des collectivit s territoriales L limination et le recyclage en bonne et due forme ont pour but de lutter contre l impact n faste potentiel de ce type de produits sur l environnement et la sant publique Pour plus d informations sur le mode d limination de votre ancien equipement veuillez prendre contact avec les pouvoirs publics locaux le service de traitement des d chets ou l endroit o vous avez achet le produit Italiano La direttiva europea 2002 96 EC richiede che le apparecchiature contrassegnate con questo simbolo sul prodotto e o sull imballaggio non siano smaltite insieme ai rifiuti urbani non differenziati Il simbolo indica che questo prodotto non deve essere smaltito insieme ai normali rifiuti domestici E responsabilit del proprietario smaltire sia questi prodotti sia le altre apparecchiature elettriche ed elettroniche mediante le specifiche strutture di raccolta indicate dal governo o dagli enti pubblici locali Il corretto smaltimento ed il riciclaggio aiuteranno a prevenire conseguenze potenzialmente negative per l ambiente e per la salute dell essere umano Per ricevere informazioni pi dettagliate circa lo smaltimento delle vecchie apparecchiature in Vostro possesso Vi invitiamo a contattare gli enti pubblici di competenza il servi
25. system message logging utilities Note Properly configure the remote host to receive syslog protocol messages SNMP Agent Simple Network Monitor Protocol SNMP is an application layer protocol that facilitates the exchange of management information between network devices Network administrators use SNMP to monitor network attached devices for issues that warrant attention The EdgeRouter contains an SNMP agent which does the following e Provides an interface for device monitoring using SNMP e Communicates with SNMP management applications for network provisioning Allows network administrators to monitor network performance and troubleshoot network problems FS Ubiquiti Networks Inc Chapter 3 Using EdgeOS For the purpose of equipment identification configure the SNMP agent with contact and location information SNMP Agent Enable SNMP community Contact Location Enable Disabled by default This option activates the SNMP agent SNMP community Specify the SNMP community string It is required to authenticate access to MIB Management Information Base objects and functions as an embedded password The device supports a read only community string authorized management stations have read access to all the objects in the MIB except the community strings but do not have write access The device supports SNMP v1 The default is public Contact Specify the contact who should be notified
26. the default login using at least one of the following options e Set up a new user account preferred option For details go to Remove the Default User Account on page 41 e Change the default password of the ubnt login Use the set command as detailed in Remove the Default User Account on page 41 FS Ubiquiti Networks Inc Appendix A Command Line Interface Access Using Telnet Telnet is disabled by default To use Telnet enable it on the System tab see Telnet Server on page 8 1 2 r Open the telnet client on your computer At the prompt enter telnet lt hostname gt The default is 192 168 1 1 for the hostname You can also enter a domain name instead of an IP address for the hostname Last login Wed Oct 3 11 26 03 on ttys000 MacBook Pro ee telnet 192 168 1 1 At the login prompt enter the username the default is ubnt Last login Wed Oct 3 11 27 26 on ttys000 MacBook Pro ee telnet 192 168 1 1 Trying 192 168 1 1 Connected to 192 168 1 1 Escape character is lr Welcome to Edge0S By logging in accessing or using the Ubiquiti product you acknowledge that you have read and understood the Ubiquiti License Agreement available in the Web UI at by default http 192 168 1 1 and agree to be bound by its terms UBNT 0C login ubntf At the Password prompt enter the password the default is ubnt Last login Wed Oct 3 11 28 35 on ttys00
27. use commas to separate the numbers example 3 4 5 Match all month days except for these Match all days of the month except for the selected days Week Days Enter the days of the week when the rule should be applied Enter Sun Mon Tue Wed Thu Fri or Sat If you enter more than one day use commas to separate the days example Mon Tue Wed Match all week days except for these Match all days of the week except for the selected days Start Date Enter the date the rule should start being applied Use the YYYY MM DD year month day format Start Time Enter the time the rule should start being applied Use the 24 hour format HH MM SS hours minutes seconds Stop Date Enter the date the rule should stop being applied Use the YYYY MM DD year month day format Stop Time Enter the time the rule should stop being applied Use the 24 hour format HH MM SS hours minutes seconds Interpret dates and times as UTC Check the box if your network uses UTC Click Save to apply your changes or click Cancel 22 EdgeRouter Lite User Guide Configuration Ruleset Configuration for LAN_IN Configuration Name LAN_IN Description LAN Inbound Default Action _ Drop Reject 9 Accept Default Log LI Name The name of this policy is displayed Description Enter keywords to describe this policy Default action All policies have a default action if the packets do not match any rule Select the appropri
28. wenden Sie sich bitte an die rtlichen Beh rden oder st dtischen Entsorgungsdienste oder an den Handler bei dem Sie das Produkt erworben haben 50 EdgeRouter Lite User Guide Espanol La Directiva 2002 96 CE de la UE exige que los equipos que lleven este s mbolo en el propio aparato y o en su embalaje no deben eliminarse junto con otros residuos urbanos no seleccionados El s mbolo indica que el producto en cuesti n debe separarse de los residuos dom sticos convencionales con vistas a su eliminaci n Es responsabilidad suya desechar este y cualesquiera otros aparatos el ctricos y electr nicos a trav s de los puntos de recogida que ponen a su disposici n el gobierno y las autoridades locales Al desechar y reciclar correctamente estos aparatos estar contribuyendo a evitar posibles consecuencias negativas para el medio ambiente y la salud de las personas Si desea obtener informaci n m s detallada sobre la eliminaci n segura de su aparato usado consulte a las autoridades locales al servicio de recogida y eliminaci n de residuos de su zona o pregunte en la tienda donde adquiri el producto Francais La directive europ enne 2002 96 CE exige que l quipement sur lequel est appos ce symbole sur le produit et ou son emballage ne soit pas jet avec les autres ordures m nag res Ce symbole indique que le produit doit tre limin dans un circuit distinct de celui pour les dechets des m nages Il est de votre
29. 0 MacBook Pro ee telnet 192 168 1 1 Trying 192 168 1 1 Connected to 192 168 1 1 Escape character is Welcome to Edge0S By logging in accessing or using the Ubiquiti product you acknowledge that you have read and understood the Ubiquiti License Agreement available in the Web UI at by default http 192 168 1 1 and agree to be bound by its terms UBNT OC login ubnt Password For help with commands you can either press the key or enter show and press the key Last login Wed Oct 3 11 28 35 on ttys000 MacBook Pro ee telnet 192 168 1 1 Trying 192 168 1 1 Connected to 192 168 1 1 Escape character is lz Welcome to Edge0S By logging in accessing or using the Ubiquiti product you acknowledge that you have read and understood the Ubiquiti License Agreement available in the Web UI at by default http 192 168 1 1 and agree to be bound by its terms UBNT OC login ubnt Password Last login Wed Oct 3 18 26 59 UTC 2012 from 192 168 25 110 on pts 0 Linux ubnt 2 6 32 13 UBNT 1 SMP Thu Sep 13 13 26 16 PDT 2012 mips64 Welcome to Edge0S ubnt UBNT 0C ff Note To enhance security we recommend that you change the default login using at least one of the following options e Set up a new user account preferred option For details go to Remove the Default User Account on page 41 e Change the default password of the ubnt login Use the set command as detailed in Remov
30. 00 8 32 10 1 200 8 32 10 1 254 0 24 10 1 254 0 24 10 2 0 0 24 Chapter 5 Routing Tab The Routing tab displays status information about a variety of connected static RIP and OSPF routes You can also configure static routes and OSPF options Any setting marked with a blue asterisk is required You have two sub tabs Routes View route information and create static routes OSPF Configure OSPF options IPv6 Routing IPv6 Internet Protocol version 6 is gaining popularity and is bound to grow as IP addressing demands increase The EdgeOS Configuration Interface supports IPv6 for the following options e System gt Name Server configuration Refer to Name Server on page 7 Dashboard gt VLAN configuration Refer to Add VLAN on page 11 Dashboard gt Interface configuration Refer to Configure the Interface on page 12 FS Ubiquiti Networks Inc Chapter 5 Routing Tab EJ Cu Toolbox v For IPv6 addresses the EdgeOS Configuration Interface supports double colon notation which substitutes x for a contiguous sequence of 16 bit blocks set to zero Here is an example 2001 db8 1 If written out the IPv6 address becomes 2001 db8 0000 0000 0000 0000 0000 0001 The EdgeOS Configuration Interface displays IPv6 addresses only in two locations e System gt Name Server section e Dashboard tab The EdgeOS Configuration Interface will increase its support of IPv6
31. 3 14 Mbps 8 31 Mbps Connected Actions v 10 1 254 1 24 00 9 80 Kbps 16 26 Kbps Connected Actions v Obps Obps Connected Actions v O bps 0 bps Connected Actions v 272 bps 0 bps Connected Actions v 303 30 Kbps 37 87 Kbps Connected Actions v Routes The following route types are listed e Connected e Static e RIP Routing Information Protocol e OSPF Open Shortest Path First e EBGP Exterior Border Gateway Protocol IBGP Interior Border Gateway Protocol The number of each route type is displayed Click Routes to display the Routing gt Routes tab Go to Routes on page 14 for more information OSPF The OSPF status settings and number of areas are displayed Click OSPF to display the Routing gt OSPF tab Go to OSPF on page 16 for more information NAT The NAT Network Address Translation status and number of NAT rules are displayed Click NAT to display the Security gt NAT tab Go to NAT on page 24 for more information Firewall The firewall status and numbers of sets and rules are displayed Click Firewall to display the Security gt Firewall Policies tab Go to Firewall Policies on page 19 for more information 10 EdgeRouter Lite User Guide DHCP The DHCP server status and numbers of active and inactive servers are displayed Click DHCP to display the Services tab Go to DHCP Server on page 28 for more information Interfaces Distribution Click Hi
32. Configuration File on page 44 To display the changes in revision 0 use the show system commit diff command ubnt RTR show system commit diff 0 edit system login user joe authentication encrypted password S1 CWVzYggs NyJXxC35572rfm6pY8ZM0 plaintext password level admin To display the entire configuration file for revision 0 use the show system commit file command ubnt RTR S show system commit file 0 To add a comment to the commit use the comment command ubnt RTR set system login user joe level operator edit ubnt RTR commit comment change joe from admin to op edit ubnt RTR save exit Saving configuration to config config boot Done exit Now you will see the comment when you use the show system commit command ubnt RTR S show system commit 0 2012 08 17 18 44 41 by ubnt via cli change joe from admin to op 2012 08 17 18 34 01 by ubnt via cli commit 2012 08 17 18 32 13 by ubnt via cli commit 2012 08 17 18 31 52 by ubnt via cli commit 2012 08 17 18 31 51 by root via init commit bone When you work on a remote router certain changes such as a firewall or NAT rule can cut off access to the remote router so you then have to visit the remote router and reboot it To avoid such issues when you make risky changes use the commit confirm command first Then use the confirm command to save your changes ubnt RTR configure edit ubnt RTR se
33. NDITION OF ANY KIND EITHER EXPRESS OR IMPLIED UBIQUITI NETWORKS ITS AFFILIATES AND ITS AND THEIR THIRD PARTY DATA SERVICE SOFTWARE AND HARDWARE PROVIDERS HEREBY DISCLAIM AND MAKE NO OTHER REPRESENTATION OR WARRANTY OF ANY KIND EXPRESS IMPLIED OR STATUTORY INCLUDING BUT NOT LIMITED TO REPRESENTATIONS GUARANTEES OR WARRANTIES OF MERCHANTABILITY ACCURACY QUALITY OF SERVICE OR RESULTS AVAILABILITY SATISFACTORY QUALITY LACK OF VIRUSES TITLE QUIET ENJOYMENT FITNESS FOR A PARTICULAR PURPOSE AND NON INFRINGEMENT BUYER ACKNOWLEDGE THAT NEITHER UBIQUITI NETWORKS NOR ITS THIRD PARTY PROVIDERS CONTROLS BUYER S EQUIPMENT OR THE TRANSFER OF DATA OVER COMMUNICATIONS FACILITIES INCLUDING THE INTERNET AND THAT THE PRODUCTS AND SERVICES MAY AN Ubiquiti Networks Inc Appendix D Warranty BE SUBJECT TO LIMITATIONS INTERRUPTIONS DELAYS CANCELLATIONS AND OTHER PROBLEMS INHERENT IN THE USE OF THE COMMUNICATIONS FACILITIES UBIQUITI NETWORKS ITS AFFILIATES AND ITS AND THEIR THIRD PARTY PROVIDERS ARE NOT RESPONSIBLE FOR ANY INTERRUPTIONS DELAYS CANCELLATIONS DELIVERY FAILURES DATA LOSS CONTENT CORRUPTION PACKET LOSS OR OTHER DAMAGE RESULTING FROM THESE PROBLEMS Warranty Conditions The foregoing warranty shall apply only if I The Product has not been subjected to misuse neglect or unusual physical electrical or electromagnetic stress or some other type of accident Il No modification alteration or addition ha
34. OR USED BY CLICKING ON HE DOWNLOADING UBIQUITI SOFTWARE OR INSTAI biquiti Networks Inc Ubiquiti YOU MUST READ AND AGREE TO RE ANY UBIQUITI S ARE OR USING UBIQUITI SO EMENT IF YOU DO NOT DAM TLE A AR NAT LLING UBIQUITI Ri GREEING TO BE BOUND BY THE TERMS AND CONDITIONS OF THIS AGRE JUTE AND COITO OT TLC ACOCOMTCNUT TCN MOL CUAL Y I agree to the terms of this License Agreement Login The EdgeOS Configuration Interface will appear allowing you to customize your settings as needed A Ubiquiti Networks Inc Chapter 3 Using EdgeOS Note To enhance security we recommend that you change the default login using at least one of the following options e Set up a new user account on the Users gt Local tab preferred option For details go to Add User on page 32 e Change the default password of the ubnt login on the Users gt Local tab For details go to Configure the User on page 33 Ports and Status Information The Ports image displays the active connections An amber port indicates 10 100 Mbps and a green port indicates 1000 Mbps The Status bar graphs display the following CPU The percentage of processing power that the EdgeRouter is using is displayed RAM The percentage of RAM that the EdgeRouter is using is displayed Uptime The duration of the EdgeRouter s activity is displayed 1 month 1 week 3 hours Place your mouse over a port to view the following Enabled Disa
35. P addresses is displayed e Subnet The IP address and subnet mask of the DHCP server are displayed in slash notation FS Ubiquiti Networks Inc Click Save to apply your changes Search Allows you to search for specific text Begin typing there is no need to press enter The results are filtered in real time as soon as you type two or more characters A table displays the following information about each static MAC IP mapping Click a column heading to sort by that heading Name The name of the mapping is displayed MAC Address The MAC address of the DHCP client is displayed IP Address The IP address assigned to the corresponding MAC address is displayed Actions Click the Actions button to access the following options Config To configure the mapping click Config Go to Configure Static MAC IP Mapping on page 31 Delete Remove the selected mapping At the bottom of the screen you can click Delete to delete the DHCP server and its configuration 30 EdgeRouter Lite User Guide Configure Static MAC IP Mapping The Static MAC IP Mapping screen appears Static MAC IP Mapping ID a MAC Address 00 1b 21 bc 59 92 IP Address 10 1 1 148 Make changes as needed ID The name of this mapping is displayed MAC Address Enter the MAC address of the DHCP client IP Address Enter the IP address that should be assigned Click Save to apply your changes Details DHCP Server Inter
36. R set system config management commit archive location tftp 10 1 0 15 RTR edit ubnt RTR commit Archiving config tftp 10 1 0 15 RTR OK edit On the remote tftp server a copy with the hostname and date is saved for each commit admin2 server tftpboot RTRS 1s 1 total 8 rw 1 nobody nogroup 908 Aug 17 17 19 config boot RTR 20120817 171932 rw 1 nobody nogroup 874 Aug 17 17 20 config boot RTR 20120818 002046 You can also keep a specified number of revisions of the configuration file on the local disk Use the commit revisions configuration option ubnt RTR set system config management commit revisions 50 edit ubnt RTR commit edit Here is an example that uses the commit revisions command ubnt RTR set system login user joe authentication plaintext password secret edit ubnt RTR commit edit ubnt RTR save exit Saving configuration to config config boot Done exit ubnt RTR S show system commit 2012 08 17 18 32 13 by ubnt via cli commit 2012 08 17 18 31 52 by ubnt via cli commit 2012 08 17 18 31 51 by root via init commit 44 EdgeRouter Lite User Guide Note The following commands require that the configuration option commit revisions be set first show system commit diff commit confirm show system commit file confirm show system commit rollback commit comment For details on the commit revisions option go to 4 Manage the
37. achable Accept Packets are allowed e Protocol All protocols Match packets of all protocols Both TCP and UDP Match TCP and UDP packets Choose a protocol by name Select the protocol from the drop down list Match packets of this protocol e Match all protocols except for this Match packets of all protocols except for the selected protocol e Choose a protocol by name ah s _ Match all protocols except for this FS Ubiquiti Networks Inc Chapter 6 Security Tab Enter a protocol number Enter the port number of the protocol Match packets of this protocol e Match all protocols except for this Match packets of all protocols except for the selected protocol e Enter a protocol number _ Match all protocols except for this e Logging Check this box to log instances when the rule is matched Click Save to apply your changes or click Cancel Advanced Add New Rule Recent Time Recent Count IPsec Destination 1 Established 1 1 Invalid J New Related _ Don t match on IPsec patckets L 1 Match inbound IPsec packets _ Match inbound non IPsec packets J None O All _ Choose P2P app s by name e State This describes the connection state of a packet Established Match packets that are part of a two way connection Invalid Match packets that cannot be identified New Match packets creating a new connection Related Match packets related to establ
38. as an integral safety ground wire intended for connection to a grounded safety outlet a Do not substitute the power cord with one that is not the provided approved type Never use an adapter plug to connect to a 2 wire outlet as this will defeat the continuity of the grounding wire b The equipment requires the use of the ground wire as a part of the safety certification modification or misuse can provide a shock hazard that can result in serious injury or death c Contact a qualified electrician or the manufacturer if there are questions about the installation prior to connecting the equipment d Protective earthing is provided by Listed AC adapter Building installation shall provide appropriate short circuit backup protection e Protective bonding must be installed in accordance with local national wiring rules and regulations FS Ubiquiti Networks Inc Appendix C Safety Notices 48 EdgeRouter Lite User Guide Appendix D Warranty General Warranty UBIQUITI NETWORKS Inc UBIQUITI NETWORKS represents and warrants that the Products furnished hereunder shall be free from defects in material and workmanship for a period of one 1 year from the date of shipment by UBIQUITI NETWORKS under normal use and operation UBIQUITI NETWORKS sole and exclusive obligation under the foregoing warranty shall be to repair or replace at its option any defective Product that fails during the warranty period The expense
39. asainak H r me sir UBIQUITI NETWORKS yfir v a UBIQUITI NETWORKS device er i samr mi vi grunnkr fur og a rar kr fur sem ger ar eru tilskipun 1999 5 EC Con la presente UBIQUITI NETWORKS dichiara che questo UBIQUITI NETWORKS device conforme ai requisiti essenziali ed alle altre disposizioni pertinenti stabilite dalla direttiva 1999 5 CE Ar o UBIQUITI NETWORKS deklar ka UBIQUITI NETWORKS device atbilst Direkt vas 1999 5 EK b tiskaj m pras b m un citiem ar to saist tajiem noteikumiem UBIQUITI NETWORKS deklaruoja kad is UBIQUITI NETWORKS renginys atitinka esminius reikalavimus ir kitas 1999 5 EB Direktyvos nuostatas AN Ubiquiti Networks Inc Malti Maltese Norsk Norwegian Slovensky Slovak Svenska Swedish Espa ol Spanish Polski Polish Portugu s Portuguese Rom n Romanian Appendix F Declaration of Conformity Hawnhekk UBIQUITI NETWORKS jiddikjara li dan UBIQUITI NETWORKS device jikkonforma mal ti ijiet essenzjali u ma provvedimenti o rajn relevanti li hemm fid Dirrettiva 1999 5 EC UBIQUITI NETWORKS erkl rer herved at utstyret UBIQUITI NETWORKS device er i samsvar med de grunnleggende krav og vrige relevante krav i direktiv 1999 5 EF UBIQUITI NETWORKS t mto vyhlasuje e UBIQUITI NETWORKS device sp a z kladn po iadavky a v etky pr slu n ustanovenia Smernice 1999 5 ES H rmed intygar UBIQUITI NETWORKS att denna UBIQUITI NETWORKS device st r
40. atch packets of this protocol e Match all protocols except for this Match packets of all protocols except for the selected protocol e Choose a protocol by name ah 3 1 1 Match all protocols except for this Enter a protocol number Enter the port number of the protocol Match packets of this protocol e Match all protocols except for this Match packets of all protocols except for the selected protocol e Enter a protocol number _ Match all protocols except for this 25 EdgeRouter Lite User Guide e Src Address Enter the IP address or network address of the source You can also enter a range of IP addresses one of them will be used Note If you enter a network address enter the IP address and subnet mask using slash notation lt network_IP_address gt lt subnet_mask_number gt example 192 0 2 0 24 e Src Port Enter the port name or number of the source You can also enter a range of port numbers one of them will be used e Dest Address Enter the IP address or network address of the destination You can also enter a range of IP addresses one of them will be used Note If you enter a network address enter the IP address and subnet mask using slash notation lt network_IP_address gt lt subnet_mask_number gt example 192 0 2 0 24 e Dest Port Enter the port name or number of the destination You can also enter a range of port numbers one of them will be used Clic
41. ate default action e Drop Packets are blocked with no message e Reject Packets are blocked and an ICMP Internet Control Message Protocol message is sent saying the destination is unreachable e Accept Packets are allowed Default Log Check this box to log packets that trigger the default action Click Save Ruleset to apply your changes Interfaces Ruleset Configuration for LAN_IN Interface ethl Add Interface e Interface Select the appropriate interface from the drop down list e Direction Select the direction of the traffic flow in Match inbound packets out Match outbound packets local Match local packets e Add Interface Click Add Interface to enter more interfaces Click Save Ruleset to apply your changes Stats Ruleset Configuration for LAN_IN Interfaces Stats Packets Action Description D D DROP Drop rogue 174470481994 ACCEPT DEFAULT ACTION A table displays the following statistics about each rule Click a column heading to sort by that heading Rule The rules are applied in the order specified The number of the rule in this order is displayed Packets The number of packets that triggered this rule is displayed FS Ubiquiti Networks Inc Chapter 6 Security Tab Bytes The number of bytes that triggered this rule is displayed Action The action specified by this rule is displayed Description The keywords you entered to describe this rule are displ
42. ayed Firewall Groups Create groups organized by IP address network address or port number S open egen pen open v open v open pen open pen pen pen open pen v Agen pen open Agen egen pen All Address Network Port Add Group To create a new group click Add Group The Create New Group screen appears Create New Group Name Description Group Type _ Address Group C Network Group L 1 Port Group D Save Complete the following e Name Enter a name for this group e Description Enter keywords to describe this group e Group Type Select the appropriate option Address Group Define a group by IP address Network Group Define a group by network address Port Group Define a group by port numbers Click Save to apply your changes Search Allows you to search for specific text Begin typing there is no need to press enter The results are filtered in real time as soon as you type two or more characters All Address Network Port Click the appropriate tab to filter the groups as needed e All All groups are displayed by default e Address All of the address groups are displayed e Network All of the network groups are displayed Port All of the port groups are displayed 23 EdgeRouter Lite User Guide A table displays the following information about each group Click a column heading to sort by that heading Name The name of th
43. biquiti Networks Inc Chapter 6 Security Tab EJ OU Toolbox v 3 Configure the details of the firewall policy See Configure the Firewall Policy on page 20 for more information All Drop Reject Accept Add Policy To create a new policy click Add Policy The Create New Ruleset screen appears Create New Ruleset Name Description Default action Drop O Reject Accept Default Log O Complete the following e Name Enter a name for this policy e Description Enter keywords to describe this policy e Default action All policies have a default action if the packets do not match any rule Select the appropriate default action Drop Packets are blocked with no message Reject Packets are blocked and an ICMP Internet Control Message Protocol message is sent saying the destination is unreachable Accept Packets are allowed through the firewall EdgeRouter Lite User Guide e Default Log Check this box to log packets that trigger the default action Click Save to apply your changes Search Allows you to search for specific text Begin typing there is no need to press enter The results are filtered in real time as soon as you type two or more characters All Drop Reject Accept Click the appropriate tab to filter the policies by default action e All All policies are displayed by default e Drop All of the drop policies are displayed e Reject All of the reject policies are
44. ble in the Web UI at by default http 192 168 1 1 and agree to be bound by its terms UBNT OC login ubnt Password Linux ubnt 2 6 32 13 UBNT 1 SMP Wed Oct 24 01 08 06 PDT 2012 mips64 Welcome to EdgeOS ubnt UBNT OC Note To enhance security we recommend that you change the default login using at least one of the following options e Set up a new user account preferred option For details go to Remove the Default User Account on page 41 e Change the default password of the ubnt login Use the set command as detailed in Remove the Default User Account on page 41 37 EdgeRouter Lite User Guide Access Using SSH SSH is enabled by default 1 Open the SSH client on your computer 2 At the login prompt enter ssh lt username gt lt hostname gt The defaults are ubnt for the username and 192 168 1 1 for the hostname You can also enter a domain name instead of an IP address for the hostname Last login Wed Oct 3 09 26 30 on console MacBook Pro ee ssh ubnt 192 168 1 1 Note Upon initial login a host key will be displayed You will be asked to confirm that you want to save the host key to the local database Click Yes to bypass this message in the future 3 At the Password prompt enter the password the default is ubnt Last login Wed Oct 3 11 21 11 on ttys000 MacBook Pro ees ssh ubnt 192 168 1 1 The authenticity of host 192 168 1 1 192 168 1 1 can t be
45. bled The administrative status is displayed Link The connection status is displayed Speed The speed in Mbps and duplex mode are displayed Port 2 Enabled ink up Speed 1000 full Navigation The EdgeOS software consists of five primary tabs and some of these tabs have sub tabs This User Guide covers each tab with a chapter For details on a specific tab refer to the appropriate chapter e Dashboard The Dashboard Tab on page 10 displays status information about services and interfaces You can also configure interfaces and Virtual Local Area Networks VLANs e Routing The Routing Tab on page 13 configures static routes and Open Shortest Path First OSPF settings including metrics areas and interfaces Security The Security Tab on page 19 configures firewall policies firewall groups Network Address Translation NAT rules and PPTP VPN options Services The Services Tab on page 28 configures DHCP servers and DNS forwarding e Users The Users Tab on page 32 configures user accounts with administrator or operator access EdgeRouter Lite User Guide Depending on the tab you click some of the screens display information and options in multiple sections You can click the open close tab to hide or display a section Open Close Tab Open Close Tab Common Interface Options The common interface options are accessible from all tabs on the EdgeOS interface e W
46. c Address Src Port Dest Address Dest Port AN Ubiquiti Networks Inc Chapter 6 Security Tab Description Enter keywords to describe this rule e Enable Check the box to enable this rule e Outbound Interface Select the interface through which the outgoing packets exit the EdgeRouter This is required only for Source NAT Rules that use Masquerade e Translation Select one of the following Use Masquerade Masquerade is a type of Source NAT If enabled the source IP address of the packets becomes the public IP address of the outbound interface Specify address and or port If enabled the source IP address of the packets becomes the specified IP address and port Address Enter the IP address that will replace the source IP address of the outgoing packet You can also enter a range of IP addresses one of them will be used Port Enter the port number that will replace the source port number of the outgoing packet You can also enter a range of port numbers one of them will be used e Specify address and or port Address Port e Exclude from NAT Check the box to exclude packets that match this rule from NAT e Enable Logging Check this box to log instances when the rule is matched e Protocol Select one of the following All protocols Match packets of all protocols Both TCP and UDP Match TCP and UDP packets Choose a protocol by name Select the protocol from the drop down list M
47. d at 10 100 Mbps Qty 2 Qty 2 Speed Link Act Amber Flashing Link Activity at 10 100 Mbps T 2 cD E cD E LLI Config u ration Inte rface System Green Link Established at 1000 Mbps Requirements Green Flashing Link Activity at 1000 Mbps e Microsoft Windows XP Windows Vista Windows 7 Windows 8 Linux or Mac OS X e Web Browser Google Chrome Mozilla Firefox or Microsoft Internet Explorer 8 or above FS Ubiquiti Networks Inc 1 EdgeRouter Lite User Guide Chapter 2 Installation Introduction This chapter covers the installation instructions and a couple of typical deployment scenarios see Typical Deployment Scenarios on page 3 After you install the EdgeRouter refer to the instructions in Using EdgeOS on page 5 which explain how to access the Configuration Interface Installation of the EdgeRouter Lite Mount the EdgeRouter on a wall or place iton a bench top Note Keep 20 mm of clearance next to the ventilation holes for adequate airflow Cabling Requirements e For indoor applications use Category 5 or above cabling approved for indoor use e For outdoor applications shielded Category 5 or above cabling should be used for all wired Ethernet connections and should be grounded through the AC ground of the power supply We recommend that you protect your outdoor networks from the most brutal environments and devastating ESD attacks with industrial
48. de Distribution to hide the nterfaces gt Distribution section Click the remaining open close tab to display the Interfaces gt Distribution section again Open Close Tab The RX Rate and TX Rate graph displays the current data traffic in both graphical and numerical form The graph scale and throughput dimension Mbps for example change dynamically depending on the mean throughput value The statistics are updated automatically The RX and TX pie charts display the data traffic allocated among the ports of the EdgeRouter The pie charts are updated automatically Place your mouse over a port s portion of the pie chart to view its percentage of data traffic allocation TX amount of transmitted data and RX amount of received data S Tx Rx 75 436 70 MB 1 56 GB FS Ubiquiti Networks Inc Chapter 4 Dashboard Tab All Ethernet VLAN Add VLAN To create a new VLAN click Add VLAN The Create a New VLAN screen appears Create New VLAN VLAN ID Interface select Description MTU 1500 Address e No address settings O Use DHCP Use DHCP for IPv6 C Manually define IP address es CES EXT e VLAN ID The VLAN ID is a unique value assigned to each VLAN at a single device every VLAN ID represents a different VLAN The VLAN ID range is 2 to 4094 e Interface Select the appropriate interface e Description Enter keywords to describe this VLAN e MTU Enter the MTU Maximum Tra
49. e the EdgeRouter is updated with a new firmware version However we recommend that you back up your current system configuration before updating the firmware Upgrade System Image Upload system image To check for updates go to www ubnt com download Upload system image To update the EdgeRouter with new firmware click Upload a file and locate the new firmware file Then click Choose Please be patient as the firmware update routine can take three to seven minutes You cannot access the EdgeRouter until the firmware update routine is completed A WARNING Do not power off do not reboot and do not disconnect the EdgeRouter from the power supply during the firmware update process as these actions will damage the EdgeRouter Restart amp Shutdown Router Restart Router Restart amp Shutdown Router Restart Router Restart Restart To turn the EdgeRouter off and back on again click this option FS Ubiquiti Networks Inc Chapter 3 Using EdgeOS Shutdown Router Shutdown Router Shutdown Shutdown To turn off the EdgeRouter click this option A WARNING Click Shutdown to properly shut down the EdgeRouter An improper shutdown such as disconnecting the EdgeRouter from its power supply runs the risk of data corruption Click the top right corner of the System tab to close it EdgeRouter Lite User Guide doot IS Wekomeubnt to ubnt S Interfaces Routes connected 7 OSPF is enab
50. e group is displayed Description The keywords you entered to describe the group are displayed Type The type of group is displayed Number of group members The number of members is displayed Actions Click the Actions button to access the following options e Config To configure the group click Config Go to the Configure the Firewall Group section below e Delete Remove the group Configure the Firewall Group After you click Config the Edit Firewall Group screen appears Follow the instructions for your group type e Address Group Make changes as needed Edit Firewall Group Name Description Address 10 1 1 244 Add New Name The name of this group is displayed Description Enter keywords to describe this group Address Enter the IP address or range of addresses examples 192 0 2 1 or 192 0 2 1 15 Click Add New to enter more IP addresses Click Save to apply your changes e Network Group Make changes as needed Edit Firewall Group Name UBNT LAN Description Ubiquiti LAN Network 10 0 1 0 24 Add New Name The name of this group is displayed Description Enter keywords to describe this group AN Ubiquiti Networks Inc Chapter 6 Security Tab Network Enter the IP address and subnet mask using slash notation lt network_IP_address gt lt subnet_mask_number gt example 192 0 2 0 24 Click Add New to enter more network addresses Click Save to apply your cha
51. e key used for authentication e Cost By default the cost of an interface is based on its bandwidth however you can manually assign a cost to the interface Click Save to apply your changes A table displays the following information about each OSPF Interface Click a column heading to sort by that heading Interface The name of the interface is displayed Cost The cost of the interface is displayed OSPF uses cost as a metric to determine the best route FS Ubiquiti Networks Inc Chapter 5 Routing Tab Actions Click the Actions button to access the following options e Config To configure the OSPF Interface click Config Go to the Configure the OSPF Interface section e Delete Delete the OSPF Interface Configure the OSPF Interface After you click Config the OSPF Interface Configuration screen appears OSPF Interface Configuration Interface vtun1 Auth Type Off Auth Key Cost Make changes as needed e Interface The name of the interface is displayed e Auth Type Authentication helps secure communication between routers Select the appropriate option Off No authentication is used MD5 sec Each router uses a key password and key ID This is the most secure option because the key is never transmitted Plain text Each router uses a key This provides minimal security because the key is transmitted in plain text format e Auth Key Enter the key used for authentication e Cost By de
52. e the Default User Account on page 41 38 EdgeRouter Lite User Guide Access Using the EdgeOS Configuration Interface Each tab of the EdgeOS interface contains CLI access 1 At the top right of the screen click the CLI button 2 The CLI window appears At the login prompt enter the username the default is ubnt Welcome to EdgeOS By logging in accessing or using the Ubiquiti product you acknowledge that you have read and understood the Ubiquiti License Agreement available in the Web UI at by default http 192 168 1 1 and agree to be bound by its terms UBNT OC login ubnt 3 At the Password prompt enter the password the default is ubnt Welcome to EdgeOS By logging in accessing or using the Ubiquiti product you acknowledge that you have read and understood the Ubiquiti License Agreement available in the Web UI at by default http 192 168 1 1 and agree to be bound by its terms UBNT OC login ubnt Password 4 For help with commands you can either press the key or enter show and press the key Welcome to EdgeOS By logging in accessing or using the Ubiquiti product you acknowledge that you have read and understood the Ubiquiti License Agreement available in the Web UI at by default http 192 168 1 1 and agree to be bound by its terms UBNT 0C login ubnt Password Linux ubnt 2 6 32 13 UBNT 1 SMP Wed Oct 24 01 08 06 PDT 2012 mips64 Welcome to EdgeOS ubnt UBNT OC
53. elcome e CLI e Toolbox e Alerts e System Welcome At the top left of the screen click Welcome to view the Logout option Welcome ubnt e Logout Logout To manually log out of the EdgeRouter Configuration Interface click this option CLI Advanced users can make configuration changes using Linux commands At the top right of the screen click the CLI button See Command Line Interface on page 37 for more information Toolbox At the top right of the screen click the Toolbox button The following network administration and monitoring tools are available Ping on page 34 Mi e Trace on page 35 Mi e Discover on page 35 Mi e Packet Capture on page 35 Mi e Log Monitor on page 36 FS Ubiquiti Networks Inc Chapter 3 Using EdgeOS Alerts The number of new alerts is displayed in a red popup A Alerts At the bottom of the screen click the Alerts tab See 1 A table displays the following information about each important event Message A description of the event is displayed Field The settings that are affected by the event are displayed Actions The following options are available e Remove Click this button to clear an alert e Clear All Click this button to clear all alerts Click the top right corner of the Alerts tab to close it System At the bottom of the screen click the System tab to access the device settings
54. en you commit changes to the active configuration they are applied however the changes do not become part of the boot configuration until you save the changes to the boot configuration e Boot When the EdgeRouter reboots it loads the boot configuration for use The following scenarios cover some of the most commonly used commands e Configure an Interface see below 4 e Remove the Default User Account on page 41 4 e Create a Firewall Rule on page 41 e Manage the Configuration File on page 44 Configure an Interface To configure an interface do the following e Assign an IP address and subnet mask e Enter a description Use the set compare commit and save commands AN Ubiquiti Networks Inc Appendix A Command Line Interface To configure an interface use the set command ubntlubnt configure edit To view the possible completions for the ethO address enter set interfaces ethernet ethO address and press the key ubnt ubnt set interfaces ethernet eth0 address Possible completions lt X X X X X gt IP address and prefix length lt h h h h h h h h x gt IPv6 address and prefix length dhcp Dynamic Host Configuration Protocol dhcpv6 Dynamic Host Configuration Protocol for IPv6 edit ubnt ubnt set interfaces ethernet eth0 address 10 1 1 80 23 edit ubnt ubnt set interfaces ethernet eth0 description production LAN These changes affect the working configurat
55. erver its configuration will be removed e Disable Disable the DHCP server while keeping its configuration FS Ubiquiti Networks Inc Chapter 7 Services Tab Configure the DHCP Server The DHCP Server screen appears You have three tabs available Leases DHCP Server Internal Static Map IP Mapping Details Subnet 10 1 0 0 23 Range Start 10 1 0 21 Range End 10 1 1 252 Router 10 1 0 1 DNS 10 1 0 1 Status Enabled Pool Size Leased Available 488 345 143 IP Address a 10 1 0 22 10 1 0 28 10 1 0 29 10 1 0 30 10 1 0 31 10 1 0 32 10 1 0 33 10 1 0 34 10 1 0 35 10 1 0 38 10 1 0 39 10 1 0 41 10 1 0 42 10 1 0 43 10 1 0 44 10 1 0 45 10 1 0 46 10 1 0 47 10 1 0 49 Hardware Address 00 26 f2 ee 9f 28 f0 cb a1 2c be 29 00 27 22 60 06 e9 88 53 2e 78 e4 0c 00 27 22 ca e1 e9 88 9f fa 2d b8 ec dc 9f db 2a 01 52 8c 70 5a 36 0b c0 00 0c 29 32 91 86 60 c5 47 69 03 9d b8 17 c2 04 53 b7 e0 b9 ba 3d be 95 c8 2a 14 30 40 db 00 27 22 61 e0 d7 f0 de f1 ba 52 e7 d0 23 db 9e fd 27 00 27 22 60 0a 8b 90 27 e4 f6 4d c1 f0 bf 97 c0 96 5b Lease Expiration gt 2012 08 28 21 22 34 2012 08 28 21 08 19 2012 08 28 21 05 56 2012 08 28 21 19 09 2012 08 28 21 23 14 2012 08 28 21 23 55 2012 08 28 21 04 58 2012 08 28 21 15 21 2012 08 28 21 29 06 2012 08 28 21 29 52 2012 08 28 21 06 12 2012 08 28 20 59 44 2012 08 28 21 33 06 2012 08 28
56. es your EdgeRouter It offers both a browser based interface EdgeOS Configuration Interface for easy configuration and a Command Line Interface CLI for advanced configuration To access the EdgeOS Configuration Interface 1 Connect an Ethernet cable from the Ethernet port of your computer to the port labeled 0 on the EdgeRouter 2 Configure the Ethernet adapter on your computer with a static IP address on the 192 168 1 x subnet e g 192 168 1 100 Note As an alternative you can connect a serial cable to the Console port of the EdgeRouter See Command Line Interface on page 37 for more information 3 Launch your web browser Type https 192 168 1 1 in the address field Press enter PC or return Mac https 192 168 1 1 4 The login screen will appear Enter ubnt in the Username and Password fields Read the Ubiquiti License Agreement and check the box next to I agree to the terms of this License Agreement to accept it Click Login UBIQUITI LICENSE AGREEMENT This License Agreement strictly prohibits You from using the Ubiquiti Software on any device other than a Ubiquiti Device You are also prohibited from removing any Ubiquiti iquiti face of the Ubiquiti Software or any Ubiquiti Device t notice or brand or modifying any user This is a legal agreement between You and Ubiq THE TERMS OF THIS LICENSE AGREEMENT AGREEMENT BEFO Q OFTWARE CAN BE DOWNLOADED OR INSTALLED
57. exit and delete commands ubntlubnt configure edit ubnt ubnt set system login user adminl authentication plaintext password adminlpass edit ubnt ubnt commit edit ubnt ubnt save Saving configuration to config config boot Done edit ubnt ubnt exit exit ubntlubnt exit logout Welcome to Edge OS ubnt ttyS0 ubnt login adminl Password Linux ubnt 2 6 32 13 UBNT 1 SMP Fri Jun 8 09 48 31 PDT 2012 mips64 Welcome to EdgeOS adminl ubnt configure edit adminl ubnt delete system login user ubnt edit adminl ubnt commit edit adminl ubnt save Saving configuration to config config boot Done edit admin ubnt exit exit adminl ubnt The plaintext password that you entered is converted to an encrypted password adminl ubnt configure edit adminl ubnt show system login user adminl authentication encrypted password S1 mv8ERQ1T 7xq eUDwy 5And7nV 9r6 plaintext password 41 14 t edit adminl ubnt exit exit admin1 ubnt AN Ubiquiti Networks Inc Appendix A Command Line Interface Create a Firewall Rule To create a firewall rule use the set or edit commands both methods are described below In addition use the compare discard up top copy and rename commands Create a firewall rule using the full syntax ubntlubnt configure edit ubnt ubnt set firewall name TEST default action drop edit ubnt ubnt set f
58. fault the cost of an interface is based on its bandwidth however you can manually assign a cost to the interface Click Save to apply your changes EdgeRouter Lite User Guide Firewall Policies Add Ruleset Name a Interfaces LAN_LOCAL eth1 local LOCAL WAN_IN WAN_OUT Showing 1 to 4 of 4 entries Chapter 6 Security Tab The Security tab displays status information about firewall policies firewall groups Network Address Translation rules and PPTP VPN options You can also configure these policies groups rules and options Any setting marked with a blue asterisk is required You have four sub tabs Firewall Policies Each firewall policy is a set of rules applied in the order you specify Firewall Groups Create groups defined by IP address network address or port number NAT View and create NAT rules VPN Configure the EdgeRouter as a PPTP VPN server Firewall Policies A firewall policy is a set of rules with a default action Firewall policies are applied before SNAT Source Network Address Translation and after DNAT Destination Network Address Translation To create a firewall policy 1 Click the Firewall Groups tab and create the applicable firewall groups See Firewall Groups on page 23 for more information 2 Click the Firewall Policies tab and then click Add Policy Configure the basic parameters See the Add Policy description in the next column for more information AN U
59. g A Ubiquiti Networks Inc Chapter 5 Routing Tab Area ID The identification number of the area is displayed Area Type The type of area is displayed Auth Type The authentication type of the area is displayed Network The network address of the area is displayed Actions Click the Actions button to access the following options e Config To configure the OSPF Area click Config Go to the Configure the OSPF Area section e Delete Delete the OSPF Area Configure the OSPF Area After you click Config the OSPF Area Configuration screen appears OSPF Area Configuration Area ID 0 0 0 0 Area Type Normal sec Auth Type Off Network 10 1 254 0 24 10 1 0 0 23 10 1 200 0 24 10 242 1 0 24 10 1 5 0 24 10 1 6 0 24 Add New Make changes as needed e Area ID This is the number that identifies an area It can be an integer or use a format similar to an IPv4 address e Area Type This defines the routes that are acceptable inside the area Select the appropriate option Normal sec The default type accepts all routes NSSA ANSSA Not So Stubby Area network is a variation of a stub network It can import external routes from type 7 Link State Advertisements which are NSSA specific Stub The network has no external routes Typically it has a default route for outbound traffic e Auth Type Authentication helps secure communication between routers Select the appropriate option Off No
60. grade shielded Ethernet cable from Ubiquiti Networks For more details visit www ubnt com toughcable 1 Note Although the cabling can be located outdoors the EdgeRouter Lite itself should be housed inside a protective enclosure Mounting Template Chapter 2 Installation Wall Mounting To mount the EdgeRouter Lite on a wall you will need a drill a6 mm drill bit and a Phillips screwdriver Use a 6 mm drill bit to drill two holes 100 mm apart You can use the template at the bottom of the page to mark the holes Insert the M2 9 Anchors into the holes Use a Phillips screwdriver to secure a M2 9x20 Screw to each anchor Leave a clearance of approximately 3 mm between each screw head and its anchor Z Note You can also mount the EdgeRouter Lite in a vertical orientation Position the EdgeRouter Lite with the Ethernet ports facing down Place the Wall Mount Slots of the EdgeRouter Lite over the screw heads on the wall Then slide the EdgeRouter Lite down to lock it into place The recommended mounting orientation is horizontal with the ports facing down vertical placement A Ubiquiti Networks Inc Note The EdgeRouter Lite can also be mounted in a vertical orientation Turn this page sideways to mark the holes for EdgeRouter Lite User Guide Grounding the EdgeRouter Lite Optional The EdgeRouter Lite is grounded through the Power Adapter however you can add op
61. hanges e Password Click Change Password to make a change Password Enter the new password Confirm Enter the new password again Cancel Change Password Click this option to cancel Username admin Full Name Role Admin Password Confirm Cancel Change Password Click Save to apply your changes or click Cancel FS Ubiquiti Networks Inc Chapter 8 Users Tab Remote Remote access of the EdgeRouter is logged on this tab Search Allows you to search for specific text Begin typing there is no need to press enter The results are filtered in real time as soon as you type two or more characters PPTP L2TP PPPOE AI Click the appropriate tab to filter the remote users as needed e PPTP All users who use PPTP Point to Point Tunneling Protocol connections are displayed e L2TP All users who use L2TP Layer 2 Tunneling Protocol connections are displayed e PPPOE All users who use PPPOE Point to Point over Ethernet connections are displayed e All All remote users are displayed by default A table displays the following information about each remote user Click a column heading to sort by that heading Name The actual name of the user is displayed Type The type of connection used by the user is displayed Time The duration of the user s access is displayed Interface The specific interface used by the user is displayed Remote IP The remote IP address of the user is displayed
62. in case of emergency Location Specify the physical location of the EdgeRouter Click Save to apply your changes Configuration Management amp Device Maintenance The controls in this section manage the device configuration routines and firmware maintenance Backup Config We recommend that you back up your current system configuration before updating the firmware or uploading a new configuration Configuration Management amp Device Maintenance Backup Config Download backup config file Download Download backup config file Click Download to download the current system configuration file Note We strongly recommend that you save the configuration file in a secure location because it includes confidential information The user login passwords are encrypted however other passwords and keys such as those used for VPN BGP authentication and RADIUS are stored in plain text EdgeRouter Lite User Guide Restore Config Restore Config Upload config file Upload a tite Upload config file Click Upload a file to locate the new configuration file Select the file and click Choose We recommend that you back up your current system configuration before uploading the new configuration Upgrade System Image Download the firmware file from downloads ubnt com and save it on your computer The firmware update is compatible with all configuration settings The system configuration is preserved whil
63. ion not the active configuration To see what changes have been made to the working configuration use the compare command ubnt ubnt compare edit interfaces ethernet eth0 taddress 10 1 1 2 24 description production LAN edit To make the changes active use the commit command ubnt ubnt commit edit Ifyou reboot the EdgeRouter the changes will be lost To save these changes use the save command to save the active configuration to the boot configuration ubnt ubnt save Saving configuration to config config boot Done edit ubnt ubnt exit exit ubnt ubnt S ubnt ubnt S show interfaces Codes S State L Link u Up D Down A Admin Down Interface IP Address S L Description etho 10 1 1 80 23 u u production LAN ethl u D eth2 u D lo 127 0 0 1 8 u u 1 128 ubnt ubnt 5 ping 10 1 0 1 PING 10 1 0 1 10 1 0 1 56 84 bytes of data 64 bytes from 10 1 0 1 icmp_req 1 ttl 64 time 0 460 ms 64 bytes from 10 1 0 1 icmp_req 2 ttl 64 time 0 407 ms C 10 1 0 1 ping statistics 2 packets transmitted 2 received 0 packet loss time 999 ms rtt min avg max mdev 0 407 0 433 0 460 0 033 ms 40 EdgeRouter Lite User Guide Remove the Default User Account To remove the default user account do the following e Create a new user e Log out of the default user account e Log in with the new user account e Delete the default user account Use the set commit save
64. ion by command line SSH uses encryption and authentication so it is a secure form of communication See Command Line Interface on page 37 for more information Port Specify the TCP IP port of the SSH server The default is 22 EdgeRouter Lite User Guide Telnet Server Telnet Server Enable Port Enable Disabled by default This option allows Telnet access to the EdgeRouter for remote configuration by command line Telnet is not a secure form of communication so we recommend SSH See Command Line Interface on page 37 for more information Port Specify the TCP IP port of the Telnet server The default is 23 System Log Every logged message contains at least a system time and host name Usually a specific service name that generates the system event is also specified within the message Messages from different services have different contexts and different levels of detail Usually error warning or informational system service messages are reported however more detailed debug level messages can also be reported The more detailed the system messages reported the greater the volume of log messages generated System Log Log to remote server Log to remote server This option allows the EdgeRouter to send system log messages to a remote server Enter the remote host IP address and TCP IP port that should receive the system log syslog messages 574 is the default port for the commonly used
65. irewall name TEST enable default log edit ubnt ubnt set firewall name TEST rule 10 description allow icmp edit ubnt ubnt set firewall name TEST rule 10 action accept edit ubnt ubnt set firewall name TEST rule 10 protocol icmp edit To display uncommitted changes use the compare command ubnt ubnt compare edit firewall name TEST default action drop enable default log rule 10 action accept description allow icmp protocol icmp T EJ edit To undo uncommitted changes use the discard command ubnt ubnt discard Changes have been discarded edit ubnt ubnt compare No changes between working and active configurations edit To create the same firewall rule while reducing the amount of repetition in the full syntax use the edit command ubnt ubnt edit firewall name TEST edit firewall name TEST ubnt ubnt set default action drop edit firewall name TEST ubnt ubnt set enable default log edit firewall name TEST ubnt ubnt edit rule 10 edit firewall name TEST rule 10 41 EdgeRouter Lite User Guide Press the or tab key to display options for the specified edit level ubnt ubnt set action disable ipsec p2p source time description fragment limit protocol state destination icmp log recent tcp edit firewall name TEST rule 10 ubnt ubnt set description allow icmp edit firewall name TEST rule 10 ubnt ubnt set action accept edi
66. ished connections e Recent Time Enter the number of seconds to monitor for attempts to connect from the same source e Recent Count Enter the number of times the same source is detected within the Recent Time duration This helps thwart attacks using continual attempts to connect e IPsec IPsec Internet Protocol security helps secure packet routing Don t match on IPsec packets Do not match any IPsec packets Match inbound IPsec packets Match IPsec packets that are entering the EdgeRouter Match inbound non IPsec packets Match non lPsec packets that are entering the EdgeRouter 21 EdgeRouter Lite User Guide P2P Match P2P Peer to Peer applications None Donot match P2P connections All Match all P2P connections Choose P2P app s by name Match packets of the selected P2P application s Check the box of any P2P application on this list to select it Choose P2P app s by name 1 1 AppleJuice _ eDonkey BitTorrent _ Gnutella _j Direct Connect KaZaA Click Save to apply your changes or click Cancel Source Add New Rule Basic Advanced Destination Time Address Port MAC Address Address Group Network Group Port Group Address Enter the IP address of the source Port Enter the port number or range of the source MAC Address Enter the MAC address of the source Address Group Network Group Port Group Firewall groups are created on
67. k Save to apply your changes or click Cancel Destination NAT Rules Destination NAT changes the destination address of packets a typical scenario is that a public source needs to communicate with a private destination A Destination NAT Rule goes from the public network to the private network and is applied before routing 110130111003 313 Pee eee EES Add Destination NAT Rule To create a new rule click Add Destination NAT Rule Go to the Add or Configure a Destination NAT Rule section Save Rule Order To change the rule order click and drag a rule up or down the sequence and then release the rule When you are finished click Save Rule Order Search Allows you to search for specific text Begin typing there is no need to press enter The results are filtered in real time as soon as you type two or more characters FS Ubiquiti Networks Inc Chapter 6 Security Tab A table displays the following information about each rule Click a column heading to sort by that heading Order The rules are applied in the order specified The number of the rule in this order is displayed Description The keywords you entered to describe this rule are displayed Source Addr The source IP address is displayed Source Port The source port number is displayed Dest Addr The destination IP address is displayed Dest Port The destination port number is displayed Translation A description of the translation such as to l
68. layed IP Address The IP address of the device is displayed You can click it to access the device s configuration through its web management interface FS Ubiquiti Networks Inc Chapter 9 Toolbox For more information click the arrow to view the following Firmware Version The version number of the device s firmware is displayed e Uptime The duration of the device s activity is displayed e Addresses The addresses of the device s interface are displayed If the device has more than one interface addresses for each interface are displayed hwaddr The MAC address of the device s interface is displayed ipv4 The IP address of the device s interface is displayed d 7 devices Displayed 7 devices Interface gt Hardware Address lt v eth2 00 27 22 60 00 02 Firmware Version AirCam GM8126 v1 1 5 14312 120905 154 Uptime 2w3d17h8m19s Addresses hwaddr 00 27 22 60 00 02 ipv4 192 168 25 103 2 hwaddr 00 27 22 60 00 02 ipv4 169 254 0 2 2 Packet Capture Capture packets traveling through the specified interface for analysis You can set up filters to capture the specific types of packets you are seeking Packet Capture Interface Enter the name of the interface Packet Limit Enter the number of packets to capture The maximum number is 300 Resolve addresses Select this option to resolve the IP addresses symbolically as names instead of numerically Filter e Protocol Enter the
69. led 10 1 254 1 areas 1 NAT is enabled active rules Add VLAN Description Interface a Type Firewall is enabled rulesets Internet ethO ethernet rules DHCP is enabled active servers production LAN eth ethernet inactive servers UniFi guest eth1 10 vian network UniFi corporate eth1 20 vlan Routers network eth2 ethernet UBNT Atlanta openvpn office UBNT LT office vtun1 openvpn UBNT LA office vtun2 openvpn UBNT TW office vtun3 openvpn Showing 1 to 9 of 9 entries Chapter 4 Dashboard Tab The Dashboard tab displays status information about services and interfaces You can also configure interfaces and Virtual Local Area Networks VLANs Any setting marked with a blue asterisk is required Services Status information is displayed Each heading is a convenient link to the appropriate tab Routes connected static rip ospf bgp OSPF is enabled 10 1 254 1 areas 1 NAT is enabled active rules Firewall is enabled sets rules DHCP is enabled active servers inactive servers AN Ubiquiti Networks Inc Chapter 4 Dashboard Tab Toolbox v 1 week 2 days 21 hours Users Hide Distribution E Port 1 BB por 2 La Ethernet VLAN Search IP Addr Status E Actions 203 0 113 178 29 500 1 56 Mbps Connected Actions e 203 0 113 179 29 203 0 113 180 29 10 1 0 1 23 0 20 83 Mbps 13 04 Mbps Connected Actions v 10 1 5 1 24 500 O bps Obps Connected Actions v 10 1 6 1 24 d
70. lick Basic Go to Basic on page 21 e Advanced To configure the advanced options of a rule click Advanced Go to Advanced on page 21 e Source To configure the source options of a rule click Source Go to Source on page 22 e Destination To configure the destination options of a rule click Destination Go to Destination on page 22 e Time To configure the time options of a rule click Time Go to Time on page 22 20 EdgeRouter Lite User Guide e Copy Rule To create a duplicate click Copy Rule The duplicate rule appears at the bottom of the list e Delete Rule Remove the rule Add or Configure a Rule The Rule Configuration for _ screen appears You have five tabs available Basic see below Advanced see the next column Source on page 22 Destination on page 22 Time on page 22 Basic Add New Rule Description Enable Action Protocol Logging Advanced Destination Y O Drop O Reject Accept All protocols Both TCP and UDP Choose a protocol by name Enter a protocol number e Description Enter keywords to describe this rule e Enable Check the box to enable this rule e Action Select the action for packets that match this rule s criteria Drop Packets are blocked with no message Reject Packets are blocked and an ICMP Internet Control Message Protocol message is sent saying the destination is unre
71. lick Add Area The Create OSPF Area screen appears Create OSPF Area Area ID Area Type Normal sec Auth Type Off Network Complete the following e Area ID This is the number that identifies an area It can be an integer or use a format similar to an IPv4 address e Area Type This defines the routes that are acceptable inside the area Select the appropriate option Normal sec The default type accepts all routes NSSA ANSSA Not So Stubby Area network is a variation of a stub network It can import external routes from type 7 Link State Advertisements which are NSSA specific Stub The network has no external routes Typically it has a default route for outbound traffic e Auth Type Authentication helps secure communication between routers Select the appropriate option Off No authentication is used MD5 sec Each router uses a key password and key ID This is the most secure option because the key is never transmitted Plain text Each router uses a key This provides minimal security because the key is transmitted in plain text format e Network Enter the IP address and subnet mask using slash notation lt network_IP_address gt lt subnet_mask_number gt example 192 0 2 0 24 Click Add New to enter more network addresses Click Save to apply your changes A table displays the following information about each OSPF Area Click a column heading to sort by that headin
72. lient will use DNS 2 Enter the IP address of the secondary remote access DNS server Click Save to apply your changes or click Cancel 27 EdgeRouter Lite User Guide a Subnet 10 1 0 0 23 10 1 6 0 24 10 1 5 0 24 Chapter 7 Services Tab The Services tab displays status information about DHCP servers and DNS forwarding Any setting marked with a blue asterisk is required You have two sub tabs DHCP Server Configure DHCP servers to implement different subnets on the independent interfaces DNS Configure DNS forwarding so the EdgeRouter receives all LAN DNS requests and forwards them to the service provider s DNS server DHCP Server A DHCP server assigns IP addresses to DHCP clients You can configure multiple DHCP servers to assign IP ranges in different subnets on the different interfaces Add DHCP Server To create a new DHCP server click Add DHCP Server The Create DHCP Server screen appears Create DHCP Server A Ubiquiti Networks Inc Chapter 7 Services Tab Complete the following e DHCP Name Enter a name for this DHCP server e Subnet Enter the IP address and subnet mask using slash notation lt network_IP_address gt lt subnet_mask_number gt example 192 0 2 0 24 e Range Start Enter the starting IP address of the range e Range Stop Enter the last IP address of the range e Router Enter the default route of the DHCP clients The DHCP clients route all packets to this IP
73. making changes the administrator saved a backup configuration file with a working IPsec tunnel configuration ubnt RTR save config boot ipsec Saving configuration to config config boot ipsec Done edit Note This is a backup if the EdgeRouter were rebooted it would still boot from the default file contig contig boot 2 After the administrator deleted the IPsec configuration and was configuring of the OpenVPN tunnel circumstances changed so that the IPsec tunnel was required again Consequently the administrator reverted the EdgeRouter to its previous configuration with the IPsec tunnel ubnt RTR load config boot ipsec Loading configuration from config config boot ipsec Load complete Use commit to make changes active edit ubnt RTR commit edit ubnt RTR save exit Saving configuration to config config boot Done exit ubnt RTR S FS Ubiquiti Networks Inc Appendix A Command Line Interface To automatically make a remote backup after every commit use the commit archive configuration option enter location and press the key ubnt RTR set system config management commit archive location Possible completions lt url gt Uniform Resource Identifier Detailed information scp lt user gt lt passwd gt lt host gt lt dir gt ftp lt user gt lt passwd gt lt host gt lt dir gt tftp lt host gt lt dir gt ubnt RT
74. n Down Interface IP Address S L Description etho u u eth1 u D eth2 u D lo 127 0 0 1 8 u u To properly shut down the EdgeRouter use the shutdown command ubnt ubnt S shutdown A WARNING Use the shutdown command to properly shut down the EdgeRouter An improper shutdown such as disconnecting the EdgeRouter from its power supply runs the risk of data corruption 39 EdgeRouter Lite User Guide Configuration Mode To switch to configuration mode use the configure command ubntlubnt configure edit ubnt ubnt For the show set and delete commands you can press the key for help e set View the available commands e show View the settings that you have configured Because configurations vary the list you see will differ from the sample list displayed below e delete View the settings that you can delete Enter show and press the key ubnt ubnt show firewall interfaces protocol service system edit To display the available command completions press the tab key Note The tab does not display onscreen ubnt ubnt show Possible completions firewall Firewall interfaces Network interfaces protocols Routing protocol parameters service Services system System parameters The EdgeRouter uses three configurations e Working When you make changes to the working configuration they are not applied until you commit the changes to the active configuration e Active Wh
75. nal Leases Static Map 1P Mapping Subnet 10 1 0 0 23 Router 10 1 0 1 Poo Stasi o Range Start 10 1 0 21 DNS 10 1 0 1 488 358 1 3 0 Range End 10 1 1 252 Status Enabled DHCP Name Internal Subnet 10 1 0 0 23 Range Start 10 1 0 21 Range Stop 10 1 1 252 Router 10 1 0 1 The top section displays the following status information e Pool Size The total number of IP addresses is displayed e Leased The number of used IP addresses is displayed e Available The number of available IP addresses is displayed e Subnet The IP address and subnet mask of the DHCP server are displayed in slash notation e Range Start The starting IP address of the range is displayed e Range End The last IP address of the range is displayed e Router The default route of the DHCP clients is displayed The DHCP clients route all packets to this IP address which is the EdgeRouter s own IP address in most cases e DNS The IP address of the DNS server is displayed e Status The Enabled Disabled status of the DHCP server is displayed The rest of the Details tab displays the following e DHCP Name The name of the DHCP server is displayed e Subnet The IP address and subnet mask of the DHCP server are displayed in slash notation A Ubiquiti Networks Inc Chapter 7 Services Tab Make changes as needed to the following options e Range Start Enter the starting IP address of the range e Range Stop Enter the last IP address of the ra
76. nce 1 255 Enable Destination network Enter the IP address and subnet mask using slash notation lt network_IP_address gt lt subnet_mask_number gt example 192 0 2 0 24 Distance 1 255 Enter the administrative distance If there are identical routes from different sources such as static RIP and OSPF the EdgeRouter compares the routes and uses the route with the lowest distance e Enable Check the box to enable the route Click Save to apply your changes Search Allows you to search for specific text Begin typing there is no need to press enter The results are filtered in real time as soon as you type two or more characters 14 EdgeRouter Lite User Guide All Static Connected RIP OSPF Click the appropriate tab to filter the routes as needed e All All routes are displayed by default e Static All static routes that you have configured are displayed e Connected All routes that are directly connected to the EdgeRouter are displayed RIP All RIP Routing Information Protocol routes are displayed RIP is an interior distance vector routing protocol that uses hop count as a metric to determine the best route e OSPF All OSPF Open Shortest Path First routes are displayed OSPF is an interior link state routing protocol that uses cost as a metric to determine the best route The bandwidth of an interface determines the cost the higher the bandwidth the lower the cost A table displays the f
77. nge e Router Enter the default route of the DHCP clients The DHCP clients route all packets to this IP address which is the EdgeRouter s own IP address in most cases e DNS 1 Enter the IP address of the primary DNS server Your ISP may provide this information or you can use Google s DNS server at 8 8 8 8 e DNS 2 Enter the IP address of the secondary DNS server e Domain Enter the domain name for DHCP clients e Lease Time Enter the period of time in seconds that a DHCP lease should last e Enable Check the box to enable this DHCP server Click Save to apply your changes At the bottom of the screen you can click Delete to delete the DHCP server and its configuration DNS The EdgeRouter receives all LAN DNS requests and forwards them to the service provider s DNS server The EdgeRouter receives responses from the DNS server and forwards them to the LAN clients DNS Forwarding Suel Welcomeubnt e to ubnt SJ DHCP Server DNS Forwarding Cache Size 500 Interface ethl Leth2 eth1 10 ethl 20 Add Listen Interface Cache Size Completed DNS requests are cached so response time is faster for cached entries and there is less traffic traveling to the DNS server Enter the maximum number of DNS queries to cache Interface Select the appropriate interface that the EdgeRouter will listen to so it can forward DNS requests Add Listen Interface You can select multiple interfaces To add
78. nges e Port Group Make changes as needed Edit Firewall Group Name Web Server 1 Description website mirror Asia Port 22 23 Name The name of this group is displayed Description Enter keywords to describe this group Port Enter the port name number or range Click Add New to enter more ports Click Save to apply your changes NAT NAT changes the addressing of packets A NAT rule tells the EdgeRouter what action to take with a specific packet Define the following e Criteria for matching packets e Action to take with matching packets Rules are organized into a set and applied in the specified Rule Order If the packets match a rule s criteria then its action is performed If not then the next rule is applied HUHH Source NAT Rules Source NAT changes the source address of packets a typical scenario is that a private source needs to communicate with a public destination A Source NAT Rule goes from the private network to the public network and is applied after routing Add Source NAT Rule To create a new rule click Add Source NAT Rule Go to Add or Configure a Source NAT Rule on page 25 24 EdgeRouter Lite User Guide Save Rule Order To change the rule order click and drag a rule up or down the sequence and then release the rule When you are finished click Save Rule Order Search Allows you to search for specific text Begin typing there is no need to press enter The res
79. nnects an OSPF area to a network using a different routing protocol and redistributes the other protocol s directly connected routes into the OSPF area These routes become external OSPF routes Metric If there are multiple routes to the same destination OSPF uses the metric to select a route for the routing table Assign a cost value to the redistributed connected routes The EdgeRouter can then use this metric to compare these routes to other OSPF routes Redistribute static If enabled the EdgeRouter connects an OSPF area to a network using a different routing protocol and redistributes the other protocol s static routes into the OSPF area These routes become external OSPF routes Metric If there are multiple routes to the same destination OSPF uses the metric to select a route for the routing table Assign a cost value to the redistributed static routes The EdgeRouter can then use this metric to compare these routes to other OSPF routes Announce default route If enabled the EdgeRouter communicates the default route to the other routers of the OSPF network eliminating the need to configure the default route on the other routers The default route connects the OSPF network to an outside network 16 EdgeRouter Lite User Guide Areas To enhance scalability an OSPF network is comprised of smaller sections called areas At the minimum there is the backbone area called Area 0 Add Area To create a new area c
80. nsmission Unit value which is the maximum packet size in bytes that a network interface can transmit The default is 7500 e Address Select one of the following No address settings The VLAN uses no address settings In most cases an address is needed Use DHCP The VLAN acquires network settings from a DHCPV4 server Use DHCP for IPv6 The VLAN acquires network settings from a DHCPV6 server Manually define IP address es Enter the static IP address example 792 0 2 1 24 for IPv4 or 2001 db8 1 32 for IPv6 Click Add IP to enter additional IP addresses e Manually define IP address es Add IP Click Save to apply your changes or click Cancel Search Allows you to search for specific text Begin typing there is no need to press enter The results are filtered in real time as soon as you type two or more characters All Ethernet VLAN Click the appropriate tab to filter the interfaces as needed e All All interfaces are displayed by default Ethernet All of the Ethernet interfaces are displayed e VLAN All VLANs are displayed EdgeRouter Lite User Guide A table displays the following information about each interface Click a column heading to sort by that heading Description The keywords you entered to describe the interface are displayed Interface The name of the interface is displayed Type The type of interface is displayed IP Addr The IP address of the interface is displayed
81. of removal and reinstallation of any item is not included in this warranty The foregoing warranty is exclusive and in lieu of all other warranties express or implied including the implied warranties of merchantability and fitness for a particular purpose and any warranties arising from a course of dealing usage or trade practice with respect to the products Repair or replacement in the manner provided herein shall be the sole and exclusive remedy of Buyer for breach of warranty and shall constitute fulfillment of all liabilities of UBIQUITI NETWORKS with respect to the quality and performance of the Products UBIQUITI NETWORKS reserves the right to inspect all defective Products which must be returned by Buyer to UBIQUITI NETWORKS factory freight prepaid No Products will be accepted for replacement or repair without obtaining a Return Materials Authorization RMA number from UBIQUITI NETWORKS Products returned without an RMA number will not be processed and will be returned to Buyer freight collect UBIQUIT I NETWORKS shall have no obligation to make repairs or replacement necessitated by catastrophe fault negligence misuse abuse or accident by Buyer Buyer s customers or any other parties The warranty period of any repaired or replaced Product shall not extend beyond its original term EXCEPT FOR ANY EXPRESS WARRANTIES PROVIDED HEREIN UBIQUITI NETWORKS PRODUCTS AND SERVICES ARE PROVIDED AS IS WITHOUT WARRANTY OR CO
82. ollowing information about each route Click a column heading to sort by that heading Selected The status of the route whether it has been selected for the routing table is displayed Destination The destination IP address is displayed Next Hop The IP address of the next hop interface is displayed Interface The name of the interface is displayed Route Type The type of route is displayed In FIB The forwarding status of the route whether it is in the FIB Forwarding Information Base is displayed Actions Click the Actions button to access the following options e Config To configure the route click Config Go to the Configure the Static Route section below e Delete Delete the route its configuration will be removed e Disable Disable the route while keeping its configuration This option is not available for black hole routes FS Ubiquiti Networks Inc Chapter 5 Routing Tab Configure the Static Route After you click Config the Static Route Configuration screen appears Static Route Configuration Route type gateway Destination network 10 100 10 0 24 Next hop address 10 1 200 2 Distance 1 255 Follow the instructions for your route type Gateway e Route type The gateway route uses the IP address and subnet mask of the next hop gateway e Destination network The IP address and subnet mask are displayed in slash notation e Next hop address The IP address of the next hop gateway is
83. ompleted 34 EdgeRouter Lite User Guide Trace The Trace tool traces the hops from the EdgeRouter to a specified outgoing IP address Use this tool to find the route taken by ICMP packets across the network to the destination host Destination Host Resolve IP Address Run Test Destination Host Enter the IP address of the destination host Resolve IP Address Select this option to resolve the IP addresses symbolically as names instead of numerically Run Test Click this button to start the test Responses are displayed after the test is completed Discover The Discover tool searches for all Ubiquiti devices on your network The Search field automatically filters devices containing specified names or numbers as you enter them d 7 devices Displayed 7 devices Interface gt Hardware Address AirCam AirCam AirCamMini 00 27 22 76 F7 55 TSW PoE PRO DC 9F DB 12 91 DC UBNT M2M DC 9F DB 17 0D 67 ERLite 3 All eth_ Select which interface to search or select All The tool reports the number of Discovered and Displayed Ubiquiti devices A table displays the following information about each Ubiquiti device Click a column heading to sort by that heading Interface The EdgeRouter interface used by the device is displayed Hardware Address The MAC address of the device is displayed Device Name The name assigned to the device is displayed Product Name The Ubiquiti name of the device is disp
84. on the System tab see System gateway address on page 7 for more information To create multiple default routes set up static routes and enter 0 0 0 0 0 e Next hop address Enter the IP address e Distance 1 255 Enter the administrative distance If there are identical routes from different sources such as static RIP or OSPF the EdgeRouter compares the routes and uses the route with the lowest distance e Enable Check the box to enable the route Click Save to apply your changes AN Ubiquiti Networks Inc Chapter 5 Routing Tab Interface Define a route using a next hop interface Create IPv4 Static Route Select Route Type Interface Destination network Next hop interface select Distance 1 255 Enable Destination network Enter the IP address and subnet mask using slash notation lt network_IP_address gt lt subnet_mask_number gt example 192 0 2 0 24 Next hop interface Select the appropriate interface from the drop down list Distance 1 255 Enter the administrative distance If there are identical routes from different sources such as static RIP and OSPF the EdgeRouter compares the routes and uses the route with the lowest distance e Enable Check the box to enable the route Click Save to apply your changes Black Hole Define a route that drops unwanted traffic Create Pv4 Static Route Select Route Type Black Hole Destination network Dista
85. outes and uses the route with the lowest distance e Enable Check the box to enable the route Click Save to apply your changes OSPF Using Link State Advertisements routers communicate with each other when there is a router or link status change Each router maintains the information in a database which is used to create and update a network map from the router s point of view Each router then uses the map to build and update a routing table Router Router Router ID 40 1 254 1 Save Delete OSPF Router ID Enter the IP address that identifies a specific router in an OSPF network In OSPF the highest Router ID determines which router is the Designated Router DR which distributes updates to the other OSPF routers Click Save to apply your changes or click Delete OSPF to remove the Router Redistribution and Area settings Interfaces settings are retained A Ubiquiti Networks Inc Chapter 5 Routing Tab Redistribution A single router can use multiple routing protocols such as OSPF and RIP which use incompatible metrics It must reconcile information from multiple protocols to determine which route to use for a specific destination network You can change the metrics of the distributed protocol to create protocol compatibility Redistribution Redistribute connected Y Redistribute static Announce default route _ Metric Metric Redistribute connected If enabled the EdgeRouter co
86. page 28 for more information 5 Configure NAT rules on the Security gt NAT tab see NAT on page 24 for more information 6 Configure firewall rules on the Security gt Firewall Policies tab see Firewall Policies on page 19 for more information 7 Configure additional settings as needed for your network Corporate Deployment This scenario uses a single EdgeRouter device The three independent interfaces connect to the following e Internet e DMZ e LAN ei A as Internet Firewall Policies ENAN LAN Here are the typical steps to follow 1 Configure the appropriate settings on the System tab see System on page 6 for more information e Host Name e Time Zone e Gateway e Name Server e Domain Name e NTP FS Ubiquiti Networks Inc Chapter 2 Installation Configure the interfaces on the Dashboard tab see Interfaces on page 11 for more information Configure DHCP server s on the Services tab see DHCP Server on page 28 for more information Configure NAT rules on the Security gt NAT tab see NAT on page 24 for more information Configure firewall rules on the Security gt Firewall Policies tab see Firewall Policies on page 19 for more information Configure additional settings as needed for your network EdgeRouter Lite User Guide Chapter 3 Using EdgeOS EdgeOS is a powerful sophisticated operating system that manag
87. rview The Command Line Interface CLI is available if you need to configure and monitor advanced features on the EdgeRouter or prefer configuration by command line The CLI provides direct access to standard Linux tools and shell commands This chapter explains how to access the CLI and describes a basic set of frequently used commands Access the CLI There are four methods you can use to access the CLI e terminal emulator Go to the following section Connect to the Console Port SSH If you are using the console port go to the following section Connect to the Console Port otherwise go to Access Using SSH on page 38 Telnet If you are using the console port go to the following section Connect to the Console Port otherwise go to Access Using Telnet on page 38 e EdgeOS Configuration Interface Go to Access Using the EdgeOS Configuration Interface on page 39 Connect to the Console Port Instructions may vary slightly depending on your specific terminal emulator 1 Use a RJ45 to DB9 serial console cable to connect the Console port of the EdgeRouter to your computer If your computer does not have a DB9 port then you will also need a DB9 adapter Console OO CONSOLE aa gt Computer 2 Follow the appropriate set of instructions terminal emulator Go to the following section Access Using a Terminal Emulator SSH Go to Access Using SSH on page 38 e Telnet Go
88. s been made to the Product by persons other than UBIQUITI NETWORKS or UBIQUITI NETWORK S authorized representatives or otherwise approved by UBIQUITI NETWORKS 111 The Product has been properly installed and used at all times in accordance and in all material respects with the applicable Product documentation IV All Ethernet cabling runs use CAT5 or above shielded cabling Disclaimer UBIQUITI NETWORKS does not warrant that the operation of the products is error free or that operation will be uninterrupted In no event shall UBIQUITI NETWORKS be responsible for damages or claims of any nature or description relating to system performance including coverage buyer s selection of products for buyer s application and or failure of products to meet government or regulatory requirements Returns In the unlikely event a defect occurs please work through the dealer or distributor from which this product was purchased 49 EdgeRouter Lite User Guide Appendix E Compliance Information FCC Changes or modifications not expressly approved by the party responsible for compliance could void the user s authority to operate the equipment This device complies with Part 15 of the FCC Rules Operation is subject to the following two conditions 1 This device may not cause harmful interference and 2 This device must accept any interference received including interference that may cause undesired operation
89. served EdgeMAX EdgeOS EdgeRouter and Ubiquiti Networks are trademarks of Ubiquiti Networks Inc FS Ubiquiti Networks Inc Appendix G Contact Information 31121412 53
90. t Port Enter the port name or number of the destination You can also enter a range of port numbers one of them will be used Click Save to apply your changes or click Cancel FS Ubiquiti Networks Inc Chapter 6 Security Tab VPN A common type of VPN uses PPTP Point to Point Tunneling Protocol The EdgeRouter can function as a PPTP VPN server so a remote VPN client can access the LAN using a PPTP VPN tunnel over the Internet PPTP Server EdgeOS Welcomeubnt v to ubnt S Firewall Policies Firewall Groups PPTP Server Client IP pool range start Client IP pool range stop Server outside address Radius server IP address Radius server key MTU Client IP pool range start The client IP pool is the pool of IP addresses that remote VPN clients will use Enter the starting IP address of the range this address must in a 24 subnet Client IP pool range stop Enter the last IP address of the range Server outside address Enter the IP address that VPN clients will connect to this is the outside or external address of the PPTP server RADIUS server IP address The RADIUS Remote Access Dial In User Service server provides authentication to help secure VPN tunnels Enter the IP address of the RADIUS server RADIUS server key Enter the key shared with the RADIUS server MTU Enter the MTU for the PPTP VPN connection DNS 1 Enter the IP address of the primary remote access DNS server that your VPN c
91. t IP_address gt is displayed Count The number of translations is displayed Actions Click the Actions button to access the following options e Config To configure the rule click Config Go to the Add or Configure a Destination NAT Rule section below e Copy To create a duplicate click Copy The duplicate rule appears at the bottom of the list e Delete Remove the rule Add or Configure a Destination NAT Rule After you click Config the Destination NAT Rule Configuration screen appears Destination NAT Rule Configuration Description Enable Inbound Interface Translations Exclude from NAT Enable Logging Protocol All protocols O Both TCP and UDP _ Choose a protocol by name _ Enter a protocol number Src Address Src Port Dest Address Dest Port e Description Enter keywords to describe this rule e Enable Check the box to enable this rule e Inbound Interface Select the interface through which the incoming packets enter the EdgeRouter 26 EdgeRouter Lite User Guide Translations Complete the following Address Enter the IP address that will replace the destination IP address of the incoming packet Port Enter the port number that will replace the destination port number of the incoming packet e Exclude from NAT Check the box to exclude packets that match this rule from NAT Enable Logging Check this box to log instances when the rule is matched e Pro
92. t firewall name TEST rule 10 ubnt ubnt set protocol icmp edit firewall name TEST rule 10 To show changes within the edit level use the compare command ubnt ubnt compare edit firewall name TEST rule 10 taction accept description allow icmp protocol icmp edit firewall name TEST rule 10 To move up an edit level use the up command ubnt ubnt up edit firewall name TEST ubnt ubnt compare edit firewall name TEST default action drop enable default log rule 10 action accept description allow icmp protocol icmp edit firewall name TEST ubnt ubnt up edit firewall ubnt ubnt compare edit firewall name TEST default action drop enable default log rule 10 action accept description allow icmp protocol icmp S TJ edit firewall AN Ubiquiti Networks Inc Appendix A Command Line Interface To return to the top edit level use the top command ubnt ubnt top edit ubnt ubnt compare edit firewall name TEST edit default action drop enable default 1log rule 10 i action accept description allow icmp protocol icmp To display the existing firewall rule use the show firewall command ubnt ubnt show firewall name WAN1 LOCAL default action drop edit rule 10 rule 20 rule 30 action accept state established enable related enable I ac
93. t firewall name WAN IN rule 50 action drop edit ubnt RTR set firewall name WAN IN rule 50 destination address 172 16 0 0 16 edit ubnt RTR commit confirm commit confirm will be automatically reboot in 10 minutes unless confirmed Proceed confirm y edit FS Ubiquiti Networks Inc Appendix A Command Line Interface After you verify that the changes should be saved use the confirm command ubnt RTR confirm edit You can also specify the number of minutes to wait but you must remember to also use the confirm command Otherwise if you forget then you can be surprised by the EdgeRouter s reboot to its previous configuration ubnt RTR commit confirm 1 commit confirm will be automatically reboot in 1 minutes unless confirmed Proceed confirm y edit ubnt RTR Broadcast message from root RTR Mon Aug 20 14 00 06 2012 The system is going down for reboot NOW INIT Switching to runlevel 6 INIT Stopping routing services zebra done Removing all Quagga Routes SNIP To roll back to an earlier commit use the show system commit and rollback commands ubnt RTR show system commit 0 2012 08 21 14 46 41 by admin 5 via cli fix bgp policy maps 7 1 2012 08 21 14 45 59 by admin 5 via cli commit 7 2 2012 08 21 14 45 33 by admin_5 via cli fix port forwarding 3 2012 08 21 14 45 15 by admin_5 via cli fix firewall 4 2012 08 21 14 44 29 by ubnt via cli commit 5 2012 08 21 14 21 15 by
94. te to Site and Remote Access PPTP Remote Access L2TP Remote Access PPTP Client Services DHCP DHCPv6 Server DHCP DHCPVv6 Relay Dynamic DNS DNS Forwarding VRRP RADIUS Client Web Caching QoS FIFO Stochastic Fairness Queueing Random Early Detection Token Bucket Filter Deficit Round Robin Hierarchical Token Bucket Ingress Policing Management Web UI CLI Console SSH Telnet SNMP NetFlow LLDP NTP UBNT Discovery Protocol Logging FS Ubiquiti Networks Inc 47 EdgeRouter Lite User Guide Appendix C Safety Notices 1 Read follow and keep these instructions 2 Heed all warnings 3 Only use attachments accessories specified by the manufacturer A WARNING Do not use this product in location that can be submerged by water A WARNING Avoid using this product during an electrical storm There may be a remote risk of electric shock from lightning Electrical Safety Information 1 Compliance is required with respect to voltage frequency and current requirements indicated on the manufacturer s label Connection to a different power source than those specified may result in improper operation damage to the equipment or pose a fire hazard if the limitations are not followed There are no operator serviceable parts inside this equipment Service should be provided only by a qualified service technician This equipment is provided with a detachable power cord which h
95. the Firewall Groups tab see Firewall Groups on page 23 for more information Select the appropriate group s you can specify up to two groups maximum in these combinations e An address group and port group A network group and port group The packets must match both groups to apply the rule Click Save to apply your changes or click Cancel Destination Add New Rule Basic Advanced Address Port Address Group Network Group Port Group La Address Enter the IP address of the destination e Port Enter the port number of the destination FS Ubiquiti Networks Inc Chapter 6 Security Tab Address Group Network Group Port Group Firewall groups are created on the Firewall Groups tab see Firewall Groups on page 23 for more information Select the appropriate group s you can specify up to two groups maximum in these combinations e An address group and port group e A network group and port group The packets must match both groups to apply the rule Click Save to apply your changes or click Cancel Time Add New Rule Basic Advanced Month Days 1 Match all month days except for these Week Days _ Match all week days except for these Start Date Start Time Stop Date Stop Time _ Interpret dates and times as UTC Month Days Enter the days of the month when the rule should be applied Enter numbers in the range 1 to 31 If you enter more than one day
96. this symbol on the product and or its packaging must not be disposed of with unsorted municipal waste The symbol indicates that this product should be disposed of separately from regular household waste streams It is your responsibility to dispose of this and other electric and electronic equipment via designated collection facilities appointed by the government or local authorities Correct disposal and recycling will help prevent potential negative consequences to the environment and human health For more detailed information about the disposal of your old equipment please contact your local authorities waste disposal service or the shop where you purchased the product Deutsch Die Europ ische Richtlinie 2002 96 EC verlangt dass technische Ausr stung die direkt am Ger t und oder an der Verpackung mit diesem Symbol versehen ist nicht zusammen mit unsortiertem Gemeindeabfall entsorgt werden darf Das Symbol weist darauf hin dass das Produkt von regul rem Haushaltm ll getrennt entsorgt werden sollte Es liegt in Ihrer Verantwortung dieses Ger t und andere elektrische und elektronische Ger te Uber die daf r zustandigen und von der Regierung oder rtlichen Beh rden dazu bestimmten Sammelstellen zu entsorgen Ordnungsgem fies Entsorgen und Recyceln tr gt dazu bei potentielle negative Folgen fur Umwelt und die menschliche Gesundheit zu vermeiden Wenn Sie weitere Informationen zur Entsorgung Ihrer Altger te ben tigen
97. tion drop state invalid enable action accept destination port 22 protocol tcp 42 EdgeRouter Lite User Guide To create a new firewall rule from an existing firewall rule use the copy command ubnt ubnt edit firewall edit firewall ubnt ubnt copy name WAN1 LOCAL to name WAN LOCAL edit firewall ubnt ubnt commit edit firewall ubnt ubnt top edit ubnt ubnt show firewall name WAN1 LOCAL default action drop rule 10 action accept state established enable related enable i rule 20 action drop state invalid enable y rule 30 action accept destination port 22 protocol tep name WAN2_LOCAL default action drop rule 10 action accept state established enable related enable i rule 20 action drop state invalid enable rule 30 action accept destination port 22 protocol tcp edit FS Ubiquiti Networks Inc Appendix A Command Line Interface To change the name of the new firewall rule use the rename command ubnt ubnt edit firewall edit firewall ubnt ubnt rename name W TAB WAN1 LOCAL WAN2_ LOCAL edit firewall ubnt ubnt rename name WAN2 LOCAL to name WAN2_IN edit firewall ubnt ubnt commit edit firewall ubnt ubnt top edit ubnt ubnt show firewall name name WAN1 LOCAL default action drop rule 10 action accept state established enable related enable rule 20
98. tional ESD grounding for enhanced ESD protection 1 Loosen the Grounding Screw to secure a ground wire not included to the Grounding Hole 2 Secure the other end of the ground wire toa grounding block Connecting Power 1 Connect the Power Adapter to the Power port 2 Connect the Power Cord to the Power Adapter Connect the other end of the Power Cord to a power outlet FS Ubiquiti Networks Inc Chapter 2 Installation Typical Deployment Scenarios While there are numerous scenarios that are possible this section highlights a couple of typical deployments e Service Provider Deployment e Corporate Deployment Service Provider Deployment This scenario uses six EdgeRouter devices OSPF Area 0 to OSPF Area 1 OSPF Area 0 to OSPF Area 2 OSPF Area 1 OSPF Area 1 to Internet OSPF Area 2 OSPF Area 2 to Internet tee SS Internet ty Here are the typical steps to follow A D Internet 1 Configure the appropriate settings on the System tab see System on page 6 for more information e Host Name e Time Zone e Gateway e Name Server e Domain Name e NTP 2 Configure the interfaces on the Dashboard tab see Interfaces on page 11 for more information 3 Configure OSPF settings on the Routing gt OSPF tab see 4 OSPF on page 16 for more information EdgeRouter Lite User Guide 4 Configure DHCP server s on the Services tab see DHCP Server on
99. to Access Using Telnet on page 38 FS Ubiquiti Networks Inc Appendix A Command Line Interface Access Using a Terminal Emulator Instructions may vary slightly depending on your specific terminal emulator 1 Open the terminal emulator on your computer and configure it with the following serial port settings e Baud rate 115200 e Stop bits 8 Parity 1 e Flow control NONE 2 Select Serial as the connection type 3 Click Open to connect to the EdgeRouter 4 Atthe ubnt login prompt enter the username the default is ubnt Welcome to EdgeOS By logging in accessing or using the Ubiquiti product you acknowledge that you have read and understood the Ubiquiti License Agreement available in the Web UI at by default http 192 168 1 1 and agree to be bound by its terms UBNT OC login ubnt 5 At the Password prompt enter the password the default is ubnt Welcome to EdgeOS By logging in accessing or using the Ubiquiti product you acknowledge that you have read and understood the Ubiquiti License Agreement available in the Web UI at by default http 192 168 1 1 and agree to be bound by its terms UBNT OC login ubnt Password 6 For help with commands you can either press the key or enter show and press the key Welcome to EdgeOS By logging in accessing or using the Ubiquiti product you acknowledge that you have read and understood the Ubiquiti License Agreement availa
100. tocol All protocols Match packets of all protocols Both TCP and UDP Match TCP and UDP packets Choose a protocol by name Select the protocol from the drop down list Match packets of this protocol e Match all protocols except for this Match packets of all protocols except for the selected protocol e Choose a protocol by name ah wots 1 1 Match all protocols except for this Enter a protocol number Enter the port number of the protocol Match packets of this protocol e Match all protocols except for this Match packets of all protocols except for the selected protocol e Enter a protocol number _ Match all protocols except for this e Src Address Enter the IP address or network address of the source You can also enter a range of IP addresses one of them will be used Note If you enter a network address enter the IP address and subnet mask using slash notation lt network_IP_address gt lt subnet_mask_number gt example 192 0 2 0 24 e Src Port Enter the port name or number of the source You can also enter a range of port numbers one of them will be used e Dest Address Enter the IP address or network address of the destination You can also enter a range of IP addresses one of them will be used Note If you enter a network address enter the IP address and subnet mask using slash notation lt network_IP_address gt lt subnet_mask_number gt example 192 0 2 0 24 e Des
101. ubnt via cli add port forward for port 2222 to build server 6 2012 08 21 14 20 24 by ubnt via cli add dmz interface to eth2 7 2012 08 21 14 19 53 by ubnt via cli add ipsec tunnel to office exchange 8 2012 08 21 14 07 18 by ubnt via cli add firewall for WAN_IN 9 2012 08 21 14 06 37 by ubnt via cli add user first last 10 2012 08 21 14 04 47 by ubnt via cli commit 11 2012 08 21 14 04 46 by root via init commit After viewing the history of system commits you decide to discard the last four commits by admin_5 Roll back the system configuration file to commit 4 ubnt RTR rollback 4 Proceed with reboot confirm y Broadcast message from root RTR ttyS0 Mon Aug 21 15 09 12 2012 The system is going down for reboot NOW 45 EdgeRouter Lite User Guide Appendix B Specifications Appendix B Specifications EdgeRouter Lite 12VDC 1A Power Adapter Included 9 to 24V Supported Voltage Range Processor Dual Core 500 MHz MIPS64 with Hardware Acceleration for Packet Processing FS Ubiquiti Networks Inc 46 EdgeRouter Lite User Guide Appendix B Specifications Interface Encapsulation Ethernet 802 1q VLAN PPPoE GRE IP in IP Bridging Bonding 802 3ad Addressing Static IPv4 IPv6 Addressing DHCP DHCPv6 Routing Static Routes OSPF OSPFv3 RIP RIPng BGP with IPv6 Support IGMP Proxy Security ACL Based Firewall Zone Based Firewall NAT VPN IPSec Site to Site and Remote Access OpenVPN Si
102. ults are filtered in real time as soon as you type two or more characters A table displays the following information about each rule Click a column heading to sort by that heading EIE E E E E E E E E Order The rules are applied in the order specified The number of the rule in this order is displayed Description The keywords you entered to describe this rule are displayed Source Addr The source IP address is displayed Source Port The source port number is displayed Dest Addr The destination IP address is displayed Dest Port The destination port number is displayed Translation A description of the translation such as masquerade to eth_ is displayed Count The number of translations is displayed Actions Click the Actions button to access the following options e Config To configure the rule click Config Go to the Add or Configure a Source NAT Rule section below e Copy To create a duplicate click Copy The duplicate rule appears at the bottom of the list e Delete Remove the rule Add or Configure a Source NAT Rule After you click Config the Source NAT Rule Configuration screen appears Source NAT Rule Configuration Description Enable A Outbound Interface A Translation Use Masquerade _ Specify address and or port Exclude from NAT _ Enable Logging a Protocol _ All protocols L Both TCP and UDP _ Choose a protocol by name Enter a protocol number Sr
103. uter Lite User Guide Table of Contents Appendix A Command Line Interface ooooooooooon 37 EE 37 Access the A E E II 37 SE ojo EE 39 Appendix B Specifications oo ooooooonororormmmmm o 46 Appendix C GatetvNotices 48 Electrical Safety Information rre 48 Appendix D Warranty ccc cece cece eee n eee eenenees 49 General Wa Maniac sarao rotar ines 49 Appendix E Compliance Information o ooooooommmo 50 EE 50 IGG Canada rosada poi 50 Australia and New Zealand essa 50 Japan e arras traca datan ade 50 CENAR casarse oros 50 ROHS WEEE Compliance Statement 50 Appendix F Declaration of Conformity 0 cece eee eee 52 Appendix G Contact Information 53 Ubiquiti Networks Support arar ias Unid tara 53 FAS Ubiquiti Networks Inc ii EdgeRouter Lite User Guide Chapter 1 Overview Chapter 1 Overview Hardware Overview Back Panel Introduction Thank you for purchasing the Ubiquiti EdgeRouter Lite model ERLite 3 It is part of the EdgeMAX platform For more information visit www ubnt com edgemax Ventilation Holes GROUND The EdgeRouter is a router that provides a variety of features including routing security Virtual Private Grounding Hole with Networking VPN monitoring and management Grounding Screw services and Quality of Service QoS For more detailed specifications refer to EdgeOS on page 47 Front Panel Ports
104. vastavust direktiivi 1999 5 EU p hin uetele ja nimetatud direktiivist tulenevatele teistele asjakohastele s tetele UBIQUITI NETWORKS vakuuttaa t ten ett UBIQUITI NETWORKS device tyyppinen laite on direktiivin 1999 5 EY oleellisten vaatimusten ja sit koskevien direktiivin muiden ehtojen mukainen Par la pr sente UBIQUITI NETWORKS d clare que l appareil UBIQUITI NETWORKS device est conforme aux exigences essentielles et aux autres dispositions pertinentes de la directive 1999 5 CE Par la pr sente UBIQUITI NETWORKS d clare que ce UBIQUITI NETWORKS device est conforme aux exigences essentielles et aux autres dispositions de la directive 1999 5 CE qui lui sont applicables Hiermit erkl rt UBIQUITI NETWORKS dass sich diese UBIQUITI NETWORKS device in bereinstimmung mit den grundlegenden Anforderungen und den anderen relevanten Vorschriften der Richtlinie 1999 5 EG befindet BMWi Hiermit erkl rt UBIQUITI NETWORKS die bereinstimmung des Ger tes UBIQUITI NETWORKS device mit den grundlegenden Anforderungen und den anderen relevanten Festlegungen der Richtlinie 1999 5 EG Wien ME THN MAPOY2A UBIQUITI NETWORKS AHAQNEI OTI UBIQUITI NETWORKS device 2YMMOPOONETAI MPO2 TIX OYZIOAEIZ ANMAITHZEIX KAI TIX AOINE 2XETIKE2 AIATA El2 TH OAHTIA2 1995 5 EK Alul rott UBIQUITI NETWORKS nyilatkozom hogy a UBIQUITI NETWORKS device megfelel a vonatkoz alapvet k vetelm nyeknek s az 1999 5 EC ir nyelv egy b eldir
105. wo or more characters 29 EdgeRouter Lite User Guide A table displays the following information about each DHCP client Click a column heading to sort by that heading Chapter 7 Services Tab Range Start The starting IP address of the range is displayed Range End The last IP address of the range is displayed e Router The default route of the DHCP clients is displayed The DHCP clients route all packets to this IP address which is the EdgeRouter s own IP address in most cases IP Address a Hardware Address Lease Expiration gt Pool 10 1 0 22 00 26 f2 ee 9f 28 2012 08 28 21 22 34 Internal G 10 1 0 28 f0 cb a1 2c be 29 2012 08 28 21 08 19 Internal SPhone 10 1 0 29 00 27 22 60 06 e9 2012 08 28 21 05 56 Internal AV 10 1 0 30 88 53 2e 78 e4 0c 2012 08 28 21 19 09 Internal J IP Address The IP address assigned to the DHCP client is displayed Hardware Address The MAC address of the DHCP client is displayed Lease Expiration The date and time when the DHCP DNS The IP address of the DNS server is displayed Status The Enabled Disabled status of the DHCP server is displayed Create New Mapping To map a static IP address to a specific MAC address click Create New Mapping The Create Static MAC IP Mapping appears lease will expire is displayed Create Static MAC IP Mapping e Pool The name of the DHCP server is displayed e Hostname The name used to identify the DHCP client is ID displayed
106. zio di smaltimento rifiuti o il negozio nel quale avete acquistato il prodotto FS Ubiquiti Networks Inc Appendix E Compliance Information 51 EdgeRouter Lite User Guide Appendix F Declaration of Conformity Cesky Czech Dansk Danish Nederlands Dutch English Eesti Estonian Suomi Finnish Francais French Deutsch German EAAnVIKh Greek Magyar Hungarian slenska Icelandic Italiano Italian Latviski Latvian Lietuviskai Lithuanian UBIQUITI NETWORKS t mto prohla uje e tento UBIQUITI NETWORKS device je ve shod se zakladnimi po adavky a dal imi p slu n mi ustanoven mi sm rnice 1999 5 ES Undertegnede UBIQUITI NETWORKS erkl rer herved at f lgende udstyr UBIQUITI NETWORKS device overholder de v sentlige krav og vrige relevante krav i direktiv 1999 5 EF Hierbij verklaart UBIQUITI NETWORKS dat het toestel UBIQUITI NETWORKS device in overeenstemming is met de essenti le eisen en de andere relevante bepalingen van richtlijn 1999 5 EG Bij deze verklaart UBIQUITI NETWORKS dat deze UBIQUITI NETWORKS device voldoet aan de essenti le eisen en aan de overige relevante bepalingen van Richtlijn 1999 5 EC Hereby UBIQUITI NETWORKS declares that this UBIQUITI NETWORKS device is in compliance with the essential requirements and other relevant provisions of Directive 1999 5 EC K esolevaga kinnitab UBIQUITI NETWORKS seadme UBIQUITI NETWORKS device
Download Pdf Manuals
Related Search