Reply
New Member
Posts: 25
Registered: ‎03-27-2015
Accepted Solution

Bug in ERLITE3 maybe?

Hello all!

 

I am new to the forum and I am loving the Ubiquiti product line! I do come from  a background of Cisco however so I am still training and learning about Ubiquiti products.  So with that out of the way I hope this can be resolved, I have an ERLITE 3 which is configured for DUAL WAN between two ISP companies.  One is CHARTER so I do not have to do anything special but put in a static ip or dhcp to pull it from the modem, and it works great!  However the other company CENTURYLINK which is our failover has password problems.  So without further ado the CENTURYLINK modem is configured as a transparent bridge and I have set up everything on the ERLITE3 itself, but the catch, the ERLITE3 is throwing errors when I try to create a new PPPoE either by the GUI or CLI I get this error.jpg

 

As you can see I am running the latest firmware, and I already tried getting the password changed to something more regular but centurylink cannot change it as it is computer generated...  Any help finding out how to solve this would be awesome!

 

P.S.  The username is a **********@qwest.net and the actual password to be stored within the router is @2$[a#%]^&*b)(h3

 

Actual error message in the CLI as well: [ interfaces ethernet eth1 pppoe 0 password @2$[a#%]^&*b)(h3 ] sh: line 1: a#%: syntax error: invalid arithmetic operator (error token is "#%") ￿0 Commit failed

 

Here is the configuration itself:

 

firewall {
    all-ping enable
    broadcast-ping disable
    ipv6-receive-redirects disable
    ipv6-src-route disable
    ip-src-route disable
    log-martians disable
    modify balance {
        rule 1 {
            action modify
            modify {
                lb-group G
            }
        }
    }
    name WAN_IN {
        default-action drop
        description "WAN to internal"
        rule 10 {
            action accept
            description "Allow established/related"
            state {
                established enable
                related enable
            }
        }
        rule 20 {
            action drop
            description "Drop invalid state"
            state {
                invalid enable
            }
        }
    }
    name WAN_LOCAL {
        default-action drop
        description "WAN to router"
        rule 10 {
            action accept
            description "Allow established/related"
            state {
                established enable
                related enable
            }
        }
        rule 20 {
            action drop
            description "Drop invalid state"
            state {
                invalid enable
            }
        }
    }
    options {
        mss-clamp {
            mss 1412
        }
    }
    receive-redirects disable
    send-redirects enable
    source-validation disable
    syn-cookies enable
}
interfaces {
    ethernet eth0 {
        address 98.127.148.166/30
        description CHARTER_INTERNET
        duplex auto
        firewall {
            in {
                name WAN_IN
            }
            local {
                name WAN_LOCAL
            }
        }
        speed auto
    }
    ethernet eth1 {
        description CENTURY_INTERNET
        duplex auto
        speed auto
    }
    ethernet eth2 {
        address 192.168.0.1/24
        description RMBH_LAN
        duplex auto
        firewall {
            in {
                modify balance
            }
        }
        speed auto
    }
    loopback lo {
    }
}
load-balance {
    group G {
        interface eth0 {
        }
        interface pppoe1 {
            failover-only
        }
    }
}
service {
    dhcp-server {
        disabled false
        hostfile-update disable
        shared-network-name LAN {
            authoritative enable
            subnet 192.168.0.0/24 {
                default-router 192.168.0.1
                dns-server 192.168.0.1
                lease 86400
                start 192.168.0.2 {
                    stop 192.168.0.99
                }
            }
        }
    }
    dns {
        forwarding {
            cache-size 150
            listen-on eth2
        }
    }
    gui {
        https-port 443
    }
    nat {
        rule 5000 {
            outbound-interface eth0
            type masquerade
        }
        rule 5002 {
            outbound-interface pppoe1
            type masquerade
        }
    }
    ssh {
        port 22
        protocol-version v2
    }
}
system {
    conntrack {
        expect-table-size 4096
        hash-size 4096
        table-size 32768
        tcp {
            half-open-connections 512
            loose enable
            max-retrans 3
        }
    }
    gateway-address 98.127.148.165
    host-name ubnt
    login {
        user ubnt {
            authentication {
                encrypted-password $1$zKNoUbAo$gomzUbYvgyUMcD436Wo66.
            }
            level admin
        }
    }
    name-server 8.8.8.8
    name-server 8.8.4.4
    ntp {
        server 0.ubnt.pool.ntp.org {
        }
        server 1.ubnt.pool.ntp.org {
        }
        server 2.ubnt.pool.ntp.org {
        }
        server 3.ubnt.pool.ntp.org {
        }
    }
    package {
        repository squeeze {
            components "main contrib non-free"
            distribution squeeze
            password ""
            url http://ftp.us.debian.org/debian/
            username ""
        }
        repository squeeze-updates {
            components "main contrib"
            distribution squeeze/updates
            password ""
            url http://security.debian.org/
            username ""
        }
    }
    syslog {
        global {
            facility all {
                level notice
            }
            facility protocols {
                level debug
            }
        }
    }
    time-zone UTC
}


/* Warning: Do not remove the following line. */
/* === vyatta-config-version: "config-management@1:conntrack@1:cron@1:dhcp-relay@1:dhcp-server@4:firewall@5:ipsec@4:nat@3:qos@1:quagga@2:system@4:ubnt-pptp@1:ubnt-util@1:vrrp@1:webgui@1:webproxy@1:zone-policy@1" === */
/* Release version: v1.6.0.4716006.141031.1731 */
 


Accepted Solutions
Highlighted
Member
Posts: 167
Registered: ‎11-05-2012
Kudos: 29
Solutions: 7

Re: Bug in ERLITE3 maybe?

[ Edited ]

ssh into the router

 

make a backup of the file you're going to edit by running sudo cp -a /opt/vyatta/share/vyatta-cfg/templates/interfaces/ethernet/node.tag/pppoe/node.tag/password/node.def{,.original}

 

run editor sudo vi /opt/vyatta/share/vyatta-cfg/templates/interfaces/ethernet/node.tag/pppoe/node.tag/password/node.def (google how to edit in if you're not familiar with vi)

 

change line 

sudo sh -c "echo password '\"$VAR(@)\"' >> /etc/ppp/peers/pppoe$VAR(../@)"

to

sudo sh -c "echo password '\""'$VAR(@)'"\"' >>/etc/ppp/peers/pppoe$VAR(../@)"

press :x, Enter to save changes

 

check results by running diff /opt/vyatta/share/vyatta-cfg/templates/interfaces/ethernet/node.tag/pppoe/node.tag/password/node.def{.original,}

you should see the same diff as I posted above

 

then configure password via cli or gui

 

it's more of a linux than ubiquiti Man Happy

View solution in original post


All Replies
Established Member
Posts: 879
Registered: ‎02-07-2015
Kudos: 179
Solutions: 37

Re: Bug in ERLITE3 maybe?

[ Edited ]

The ISP PPPOE password may have to be simpified but I would move this to the Edgemax thread so you get the quickest fix. The brackets in the password may be the problem.

New Member
Posts: 25
Registered: ‎03-27-2015

Re: Bug in ERLITE3 maybe?

Thanks for a quick response, they will not change the PPPoE password as they said it was computer generated and cannot be changed..  Sorry I saw troubleshooting here, how do you move it over to the other thread?

Established Member
Posts: 879
Registered: ‎02-07-2015
Kudos: 179
Solutions: 37

Re: Bug in ERLITE3 maybe?

[ Edited ]

Dont worry about reposting. Just keep that in mind for next time. Have them regenerate a password that does not contain  [   ]   within the key

New Member
Posts: 25
Registered: ‎03-27-2015

Re: Bug in ERLITE3 maybe?

I asked them that too, they cannot regenerate or change it, and I do not know why?

Established Member
Posts: 879
Registered: ‎02-07-2015
Kudos: 179
Solutions: 37

Re: Bug in ERLITE3 maybe?

Very strange for them... Repost in the Edgemax forum and see if anyone else has a workaround but I think the [ ] is throwing some coding off somewhere.

New Member
Posts: 25
Registered: ‎03-27-2015

Re: Bug in ERLITE3 maybe?

Yeah, thanks I posted it in there, should I close this one or?

New Member
Posts: 25
Registered: ‎03-27-2015

Re: Bug in ERLITE3 maybe?

It makes sense of how to go about it, but of course port forwarding is much needed...

SuperUser
Posts: 19,864
Registered: ‎09-17-2013
Kudos: 4999
Solutions: 1409

Re: Bug in ERLITE3 maybe?

Try putting it in quotes (i.e ."password")

New Member
Posts: 25
Registered: ‎03-27-2015

Re: Bug in ERLITE3 maybe?

That doesn't work either..
Member
Posts: 167
Registered: ‎11-05-2012
Kudos: 29
Solutions: 7

Re: Bug in ERLITE3 maybe?

[ Edited ]

Apply the following patch 

# diff /opt/vyatta/share/vyatta-cfg/templates/interfaces/ethernet/node.tag/pppoe/node.tag/password/node.def{.original,}
--- /opt/vyatta/share/vyatta-cfg/templates/interfaces/ethernet/node.tag/pppoe/node.tag/password/node.def.original
+++ /opt/vyatta/share/vyatta-cfg/templates/interfaces/ethernet/node.tag/pppoe/node.tag/password/node.def
@@ -12,6 +12,6 @@
 help: Password for authenticating local machine to PPPOE server
 
 update:	sudo sed -i '/^password/d' /etc/ppp/peers/pppoe$VAR(../@)
-        sudo sh -c "echo password '\"$VAR(@)\"' >> /etc/ppp/peers/pppoe$VAR(../@)"
+        sudo sh -c "echo password '\""'$VAR(@)'"\"' >>/etc/ppp/peers/pppoe$VAR(../@)"
 
 delete:	sudo sed -i '/^password/d' /etc/ppp/peers/pppoe$VAR(../@)

 and then commit your password again via configure. It should work.

 

Beware - this patch will be lost in case of firmware upgrade or factory reset and your config will not be applied then. So remember to check/apply it every time you do something with the router OS except using configure until UBNT devs will take it into their new firmware version. 

New Member
Posts: 25
Registered: ‎03-27-2015

Re: Bug in ERLITE3 maybe?

I am really not familiar with ubiquiti products to do that, can you please take it step by step.?
Highlighted
Member
Posts: 167
Registered: ‎11-05-2012
Kudos: 29
Solutions: 7

Re: Bug in ERLITE3 maybe?

[ Edited ]

ssh into the router

 

make a backup of the file you're going to edit by running sudo cp -a /opt/vyatta/share/vyatta-cfg/templates/interfaces/ethernet/node.tag/pppoe/node.tag/password/node.def{,.original}

 

run editor sudo vi /opt/vyatta/share/vyatta-cfg/templates/interfaces/ethernet/node.tag/pppoe/node.tag/password/node.def (google how to edit in if you're not familiar with vi)

 

change line 

sudo sh -c "echo password '\"$VAR(@)\"' >> /etc/ppp/peers/pppoe$VAR(../@)"

to

sudo sh -c "echo password '\""'$VAR(@)'"\"' >>/etc/ppp/peers/pppoe$VAR(../@)"

press :x, Enter to save changes

 

check results by running diff /opt/vyatta/share/vyatta-cfg/templates/interfaces/ethernet/node.tag/pppoe/node.tag/password/node.def{.original,}

you should see the same diff as I posted above

 

then configure password via cli or gui

 

it's more of a linux than ubiquiti Man Happy

New Member
Posts: 25
Registered: ‎03-27-2015

Re: Bug in ERLITE3 maybe?

Thank you, I will repost the results in a day or two, I really appreciate your time.
New Member
Posts: 25
Registered: ‎03-27-2015

Re: Bug in ERLITE3 maybe?

It worked!  Thank you so much! I have added the PPPoE to ETH1 not sure how to test if it works though because it is just a fail safe....

Member
Posts: 167
Registered: ‎11-05-2012
Kudos: 29
Solutions: 7

Re: Bug in ERLITE3 maybe?

[ Edited ]

@WalkingZombie7 , glad it worked. 

 

@UBNT-stig , would you mind adding the patch 4 posts earlier to the firmware? 

Previous Employee
Posts: 13,551
Registered: ‎06-10-2011
Kudos: 5438
Solutions: 1656
Contributions: 2

Re: Bug in ERLITE3 maybe?

hyphenatic: Good catch, and I've applied your change! Thanks for your contributions!

Reply