Upcoming Maintenance Alert:

The UBNT Community will be upgraded at 5pm MDT on April 25th. During this time the community forums will be set to read-only status.

Learn more

×
Reply
Highlighted
New Member
Posts: 3
Registered: ‎01-18-2013
Kudos: 2

EdgeRouter Lite Configuration

Hi !

I just got my Edge Router Lite, to replace a 10 years old Linksys RV042
that is the frontend to my home network.

I work in the Network Area but unfortunately not that close to
iptables as it seems though :-), EdgeOS is next generation low level
configuration ui, compared to the RV042 it seems 30 years old...

Anyway I am trying to configure eth2 with fixed IP towards my ISP,
so I setup the IP address on the port eth2 and change the system
settings (default router/Name Server) according to my ISP.

Then I keep the 192.168.1.1 on eth0, and add a DHCP server for
192.168.1.0.

I have not yet tried to connect it to internet yet because I am very
uncertain on how to setup firewall/nat, and how to turn on UPNP. Lets
take that issue later.

Now after I have added the DHCP server I can change to DHCP on
my laptop and the connection to the Router is fine, I do get an DHCP lease.

But I want to use eth1 for my LAN too, I have one LAN switch in each end of my house and the EdgeRouter is supposed to be in the middle.

If I move the cable to eth1 my laptop does not get an IP address from the DHCP server. Assigning 192.168.1.2 to eth1 does not make any difference,
I do not get any DHCP responses on eth1.

Can anyone describe how to configure the EdgeRouter
with a network using DHCP 192.168.1.0/24 on LAN ports eth0 and eth1,
and FIXED ip on WAN port (eth2) (did i do it correctly already??) ?

Can anyone describe how to setup the firewall/NAT rules + UPNP just as
a regular consumer router, I think I partially got it, but would appreciate
some assistance here...

Thanx

/Daniel
SuperUser
Posts: 21,708
Registered: ‎11-20-2011
Kudos: 7799
Solutions: 233

Re: EdgeRouter Lite Configuration

It's a 3 port router, not a 3 port switch. If you setup a DHCP server, it will bind to the interface where it sees that subnet.

The easiest method would be for you to add a switch coming off your designated "LAN" port.

Maybe Stig, mrjester, or ancheng know an easy way around this.


isp builder | linux sorcerer | datacenter automation conjurer | blog: blog.engineered.online
link to our slack channel on the blog
Previous Employee
Posts: 13,551
Registered: ‎06-10-2011
Kudos: 5401
Solutions: 1656
Contributions: 2

Re: EdgeRouter Lite Configuration

Can anyone describe how to configure the EdgeRouter
with a network using DHCP 192.168.1.0/24 on LAN ports eth0 and eth1,
and FIXED ip on WAN port (eth2) (did i do it correctly already??) ?


The three ports on the EdgeRouter Lite are individual interfaces, so each one should have its own subnet. Your old router has a four-port switch internally and the four "LAN ports" are on the switch, i.e., they are on the same subnet.

One possibility is to bridge two EdgeRouter Lite ports together, in which case they behave like a "2-port switch".

Another possibility, like essehph said, is to connect an L2 switch to one of the ports on the EdgeRouter Lite. You can think of this as equivalent to your old router (which has the switch built in).

In fact, you might be able to use the four LAN ports on your old router as a four-port switch, i.e., connect one EdgeRouter Lite port to one of the LAN ports on your old router, and then you may be able to use the remaining 3 LAN ports on your old router to connect other devices Icon Smile
New Member
Posts: 3
Registered: ‎01-18-2013
Kudos: 2

Re: EdgeRouter Lite Configuration

Okey, thanx guys, I think I got most parts then, I can probably live with only one
port on the LAN side, but just out of curiosity:
- how do I bridge the ports togeher then, CLI is not scary... :-)
I'll try experimenting with my NAT rules and Firewall rules then. I did read something on
how to turn on UPNP through the CLI, but I cannot seem to find it again any hints?
/Daniel
Previous Employee
Posts: 86
Registered: ‎04-30-2012
Kudos: 39

Re: EdgeRouter Lite Configuration

Okey, thanx guys, I think I got most parts then, I can probably live with only one
port on the LAN side, but just out of curiosity:

- how do I bridge the ports togeher then, CLI is not scary... :-)

I'll try experimenting with my NAT rules and Firewall rules then. I did read something on
how to turn on UPNP through the CLI, but I cannot seem to find it again any hints?

/Daniel


Bridging in the CLI is pretty easy-

configure
set interfaces bridge br0
set interfaces ethernet eth1 bridge‐group bridge br0
set interfaces ethernet eth2 bridge‐group bridge br0
commit
save


Now ports eth1 and eth2 are bridged together.

UPNP works like this -

configure
set service upnp listen-on eth1 outbound-interface eth0
commit
save
Established Member
Posts: 1,200
Registered: ‎06-14-2012
Kudos: 988
Solutions: 80
Contributions: 9

Re: EdgeRouter Lite Configuration

Also, you need to remove the configuration from the bridge-group interfaces and move it to your bridge interface. You will not get the desired results if you leave it in place.
Previous Employee
Posts: 86
Registered: ‎04-30-2012
Kudos: 39

Re: EdgeRouter Lite Configuration

[ Edited ]
Also, you need to remove the configuration from the bridge-group interfaces and move it to your bridge interface. You will not get the desired results if you leave it in place.


Good point... You can delete your configuration on the interfaces completely like this. Mr. J, feel free to jump in if you have better ways of doing this-


ubnt@ubnt# delete interfaces ethernet eth1 address
ubnt@ubnt# delete interfaces ethernet eth2 address
ubnt@ubnt# commit
ubnt@ubnt# set interfaces bridge br0
ubnt@ubnt# set interfaces ethernet eth1 bridge-group bridge br0
ubnt@ubnt# set interfaces ethernet eth2 bridge-group bridge br0
ubnt@ubnt# commit
Adding interface eth1 to bridge br0

Adding interface eth2 to bridge br0


An-Cheng also had a point about assigning an address to the bridge so you can assign a DHCP server to it.
You can assign an address to the bridge when creating the bridge interface as follows:


ubnt@ubnt# set interfaces bridge br0 address 192.168.1.1/24


Then you can create a DHCP server for the 192.168.1.0/24 subnet as you did previously.

New Member
Posts: 3
Registered: ‎01-18-2013
Kudos: 2

Re: EdgeRouter Lite Configuration

Okey, Thanx guys, I got it.
I think some parts can be done through the EdgeOS UI then.
Clearing the interfaces:
$ delete interfaces ethernet eth
Is the same as removing the IP Address assignment on them in EdgeOS I assume...
Then the bridge, and setting IP address on the bridge needs to be done
through the command line then.
Thank you for Excellent support, soon my two UniFi Pro will have good backbone
by a fast Router :-), hope my 2 Cisco Switches can cope with the load :-)
Established Member
Posts: 1,200
Registered: ‎06-14-2012
Kudos: 988
Solutions: 80
Contributions: 9

Re: EdgeRouter Lite Configuration

Good point... You can delete your configuration on the interfaces completely like this. Mr. J, feel free to jump in if you have better ways of doing this-


You got this. Man Wink Don't even have to worry about matching HW-ID. Easy peasy.
New Member
Posts: 33
Registered: ‎01-11-2013
Kudos: 32

Re: EdgeRouter Lite Configuration

Also check my example I use eth0 as wan and both eth1 and eth2 are bridged.

Ignore all pppoe info and replace with eth0 for example:
forum.ubnt.com/showpost.php?p=419234&postcount=17
Previous Employee
Posts: 13,551
Registered: ‎06-10-2011
Kudos: 5401
Solutions: 1656
Contributions: 2

Re: EdgeRouter Lite Configuration


I think some parts can be done through the EdgeOS UI then.

Clearing the interfaces:
$ delete interfaces ethernet eth
Is the same as removing the IP Address assignment on them in EdgeOS I assume...


Yes, removing the IP address from the Web UI is sufficient. Also, from the CLI, it is probably safer to just delete the address (e.g., "delete interfaces ethernet eth1 address") instead of the whole interface.


Then the bridge, and setting IP address on the bridge needs to be done
through the command line then.


Yes, at the moment bridge interfaces needs to be created from the CLI, but you can set the IP address and assign the interfaces from the Web UI after it's created. We do plan to support the interface creation in the Web UI at some point, depending on development resources of course.
New Member
Posts: 38
Registered: ‎09-22-2013
Kudos: 161

Re: EdgeRouter Lite Configuration

I know this is an old post... but I need some clarification on the information here.

I have an Edgemax lite configured as such:

eth0 - WAN (gets IP address via my ISP's ethernet connection and DHCP service)
eth1 - LAN - configured with my internal subnet, DHCP server, and several NAT\Firewall rules
eth2 - Not configured

I want to bridge eth1 and 2 as described very clearly in this thread. However, if I follow the instrcutions will I have to reconfigure all my NAT\Firewall rules for the new bridge interface "br0"?

I'm just trying to gague the amount of time I will need to commit to this before starting it Man Happy.

Previous Employee
Posts: 13,551
Registered: ‎06-10-2011
Kudos: 5401
Solutions: 1656
Contributions: 2

Re: EdgeRouter Lite Configuration

For firewall usually one would apply rulesets to interfaces, so the change may just be to apply the rulesets to different interfaces. NAT is different and requires the interface for each rule. So the effort would depend on the actual configuration (e.g., how many NAT rules, etc.).

New Member
Posts: 38
Registered: ‎09-22-2013
Kudos: 161

Re: EdgeRouter Lite Configuration

Thank you. I just didnt want to start a re-config attempt without a realistic time frame for it. I re-configured it and it works great.

Regular Member
Posts: 431
Registered: ‎09-23-2013
Kudos: 296
Solutions: 9

Re: EdgeRouter Lite Configuration

[ Edited ]

To make edits you need to type "configure" then enter first:

http://wiki.ubnt.com/Configuration_Mode

I was able to get the bridge added by using commit and I also did a save so this should stay now.

New issue:


In the bridge settings I see switch and eth1 which are the ports I want to bridge.  I can't do the switch because I can't add eth2,3,4 because I have VLANs on them.

This is what I'm trying to do:

eth1 - > AP with 3 VLANs (different IP subnets for each VLAN)

eth2 - > AP with same 3 VLANs

eth3 - > AP with same 3 VLANs

eth4 - > Computer with AP controller software with different IP subnet as VLANs as above.


So what I thought would work is bridge eth1 thru eth4 (not VLANs) with IP 192.168.0.1.  This will allow the AP controller to see the APs and the 3 VLANs will be private.  I would need to bidge each VLAN on the different ports with DHCP so the AP VLANs can talk.  If possible I would like to just have the AP with a static IP, only allow mac of AP, and not DHCP on eth1-eth3.

This seems like it should be a breeze to setup.

Update:

So I found this: http://community.ubnt.com/t5/EdgeMAX/EdgeRouter-PoE-quot-switch-quot-ports-some-clarification-sought...

The switch ports are unique.  If I use eth1 for the AP controller and switch ports for the VLANs then it looks like the bridging is ok.  I don't think I can limit the DHCP for eth2 thru eth4 (for AP only) or mac address limiting.  I would have to do this for all eth1 thru eth4.  Not sure if this is 100% so I'll mess around with this and give an update if I get anywhere.

 

Update2:

switch0 for eth1 thru eth4 works but not the VLANs.  Someone else is having a similar issue here: http://community.ubnt.com/t5/EdgeMAX/VLAN-on-Edge-Router-Pro-POE/m-p/581633#U581633

Member
Posts: 233
Registered: ‎02-03-2014
Kudos: 19
Solutions: 9

Re: EdgeRouter Lite Configuration

If I'm understanding the GUI correctly, it doesn't seem that I can create VLANs on a bridge interface? This is opposite of how Juniper firewalls work.. Can someone tell me if this is correct?

Thanks,
-Ryan

Previous Employee
Posts: 13,551
Registered: ‎06-10-2011
Kudos: 5401
Solutions: 1656
Contributions: 2

Re: EdgeRouter Lite Configuration

In version 1.4.0 the support for creating VLANs on a bridge interface has been added to the CLI (e.g., "set interfaces bridge br0 vif 100 address 1.1.1.1/24", etc.) and should be added to the GUI soon.

Member
Posts: 203
Registered: ‎05-01-2014
Kudos: 55
Solutions: 9

Re: EdgeRouter Lite Configuration

Not to bump a dead thread, is there an ETA on when bridging will be available through the GUI?  I love the Edge UI and while CLI is no problem, it's just very convenient to do most of the configuration in the GUI.  Thanks for the great work!

Previous Employee
Posts: 13,551
Registered: ‎06-10-2011
Kudos: 5401
Solutions: 1656
Contributions: 2

Re: EdgeRouter Lite Configuration

Adding VLAN to a bridge has been added to the GUI in the current 1.5 beta release, but adding a new bridge interface in the GUI is still on the TODO list and we'll need to see when we can get to that.

Member
Posts: 203
Registered: ‎05-01-2014
Kudos: 55
Solutions: 9

Re: EdgeRouter Lite Configuration

[ Edited ]

UBNT-ancheng wrote:

Adding VLAN to a bridge has been added to the GUI in the current 1.5 beta release, but adding a new bridge interface in the GUI is still on the TODO list and we'll need to see when we can get to that.


No hurry on my end, it would be convenient but it's forcing me to learn your CLI better anyway.  Love your system so far, just switch to UniFi and an ER8.

Just to verify, if I wanted to create an LACP connection to our layer 2 Cisco SMB switch, but be able to add IPs from the GUI, I could do the following:

  1. Create a bond between 2+ eth interfaces (802.3ad mode),
  2. Set the bridge group for the bond to a newly created bridge connection (i.e. br1),
  3. Modify IP settings for br1 in the GUI, and if in Beta 1.5, add VLANs if desired.

I noticed that bonds have no configuration options at all in the GUI, so this was my work around.

Thanks for the help, sorry if this should be moved to a different thread.

 

Edit: Meant ER8, not ERPro.

Reply