Beruflich Dokumente
Kultur Dokumente
7/17/13 8:51 PM
COMMUNITY
SIGN IN
REGISTER
Home
Forums
Knowledge Base
Bookmarks
Blogs
Unread Posts
Search
Knowledge Base
SEARCH
Subscriptions
Ubiquiti Networks Community
Mark As Read
Recent Posts
Recent Topics
FAQ
This article is an example of how a small office might configure their EdgeRouter to connect the office with the Internet. Note: if you're not interested in learning how to do it and just want an example configuration, this forum thread mrjester's Basic SOHO/HOME Config There are three networks: 1. WAN - dhcp client (getting public address from ISP) 2. LAN - 172.16.0.1/24 3. WLAN - 172.16.1.1/24
Setup Interfaces
From the dashboard tab we can configure the IP address on the interfaces and give optional descriptions.
http://community.ubnt.com/t5/EdgeMAX-Configuration-Examples/EdgeMAX-SOHO-Example/ta-p/413019
Page 1 of 10
7/17/13 8:51 PM
Note: this example is using DHCP client to request a addresss. If you have static IP addresses see adding static IP, gateway, name server
We can't delete a user that is still logged in, so we'll logout and back in as our new users.
http://community.ubnt.com/t5/EdgeMAX-Configuration-Examples/EdgeMAX-SOHO-Example/ta-p/413019
Page 2 of 10
7/17/13 8:51 PM
http://community.ubnt.com/t5/EdgeMAX-Configuration-Examples/EdgeMAX-SOHO-Example/ta-p/413019
Page 3 of 10
7/17/13 8:51 PM
Configure NAT
We're using private address on our LAN and WLAN, so we'll need a NAT Masquerade rule for outbound interface eth0.
http://community.ubnt.com/t5/EdgeMAX-Configuration-Examples/EdgeMAX-SOHO-Example/ta-p/413019
Page 4 of 10
7/17/13 8:51 PM
Stateful Firewall
The following example firewall is just very basic (and not necessarily recommended). Basically this allow any traffic from LAN, WLAN or the router to be initiated out to Internet, but drop all traffic initiated from Internet. Before we jump into the example we should first discuss the EdgeOS firewall terminology for IN, OUT, and LOCAL. Applying a firewall ruleset to the INfirewall of an interface affect traffic inbound on that interface but only the traffic forwarded through the router. OUT is traffic that has been forwarded through the router and about to leave exit out the interface. LOCAL is traffic destined for the router (for example if you wanted to use the web UI on the router you'd need to allow port 443 on LOCAL. In terms of using IN or OUT rules, some will say that IN is better because if you're going to drop a packet it's better to do it on input rather than go through the full packet processing path only to drop it before it leaves the router. First we'll use the 'Add Ruleset' to create the WAN_IN and WAN_LOCAL Rulesets
http://community.ubnt.com/t5/EdgeMAX-Configuration-Examples/EdgeMAX-SOHO-Example/ta-p/413019
Page 5 of 10
7/17/13 8:51 PM
http://community.ubnt.com/t5/EdgeMAX-Configuration-Examples/EdgeMAX-SOHO-Example/ta-p/413019
Page 6 of 10
7/17/13 8:51 PM
The first rule will 'accept' any packet that has state established or related
http://community.ubnt.com/t5/EdgeMAX-Configuration-Examples/EdgeMAX-SOHO-Example/ta-p/413019
Page 7 of 10
7/17/13 8:51 PM
For the 2nd rule we'll drop packets that have state invalid set
http://community.ubnt.com/t5/EdgeMAX-Configuration-Examples/EdgeMAX-SOHO-Example/ta-p/413019
Page 8 of 10
7/17/13 8:51 PM
Now we'll basically add the same 2 rules to WAN_LOCAL and then apply it to eth0/local.
System Settings
Lastly we'll use the 'system' tab from the bottom of the page to configure our hostname, nameserver, domain name, time-zone and various other system settings. Notice that if you're ISP assigned you a static public address instead of using DHCP, then you would configure your gateway here.
http://community.ubnt.com/t5/EdgeMAX-Configuration-Examples/EdgeMAX-SOHO-Example/ta-p/413019
Page 9 of 10
7/17/13 8:51 PM
6 Kudos
Contributors
Platforms
EdgeMax airMax airFiber airVision UniFi mFi
Support
Support Downloads Training
Company
About Us Contact Us Marketing Investors
2013 Ubiquiti Networks. All rights reserved. Terms of Service and Privacy Policy
http://community.ubnt.com/t5/EdgeMAX-Configuration-Examples/EdgeMAX-SOHO-Example/ta-p/413019
Page 10 of 10