IoT power switching equipment at [WayBack] Shelly Shop Europe:
Via: [WayBack] Tweakers Gift Guide 2019 – Smarthome – Koophulp – Tweakers
–jeroen
Archive for the ‘Network-and-equipment’ Category
Shelly Shop USA
Posted by jpluimers on 2021/09/01
Posted in Development, Hardware Development, IoT Internet of Things, Network-and-equipment, Power User | Leave a Comment »
MikroTik RB960PGS hEX PoE powering PoE devices: ensure you get a 48V power supply
Posted by jpluimers on 2021/08/24
By default, the [WayBack] MikroTik RB960PGS hEX PoE comes with a 24V power supply.
Most PoE capable devices cannot be powered by 24V but need 48V. I wrote about this before in the midst of the long post Linus Torvalds – Google+: Working gadgets: Ubiquiti UniFi collection (and a whole bunch of Unifi/Ubiquiti/Ubtn links)
- Mikrotik needs to make up their mind, as they ship a 24V power supply which cannot power any 802.3af/802.3at devices. The 48POW power supply enables 802.3af for the RB960PGS hEX PoE: [WayBack] hEX PoE (RB960PGS) – Need 48V Power Supply – MikroTik
So now I re-mention it in a much smaller post so it easier to find back, and a few links to Power over Ethernet – Wikipedia, where especially these bits are relevant:
- The PoE Standard implementation for 802.3af (802.3at Type 1) “PoE” requires DC 44.0–57.0 V.
- Of the PoE Non-standard_implementations, some common Passive specifications include:
- 24VDC 0.5A 100 Mbit/s or 1 Gbit/s
- 24VDC 1.0A 100 Mbit/s or 1 Gbit/s
- 48VDC 1.0A 100 Mbit/s or 1 Gbit/s
- 56VDC 1.0A and 2.0A 1 Gbit/s (used for 45W+ load point to point microwave and millimeter band radios
The 24V is what MikroTik sticks to with their default power supply.
Share this:
Posted in Internet, MikroTik, Network-and-equipment, Power User, routers, Unifi-Ubiquiti | Leave a Comment »
Winbox 3.19 can connect via MAC whereas Winbox 3.17 cannot
Posted by jpluimers on 2021/08/17
Not sure why, but Winbox 3.17 could not connect to out of the box blank MikroTik equipment at all.
Winbox 3.19 complains every now and than, but usually connects fine.
This was while configuring a bunch of [WayBack] MikroTik Routers and Wireless – Products: CRS305-1G-4S+IN.
Share this:
Posted in Development, Hardware, Internet, MikroTik, Network-and-equipment, Power User, RouterOS, routers, Scripting, Software Development, WinBox | Leave a Comment »
Mikrotik CCR devices based on NAND memory will eventually die
Posted by jpluimers on 2021/08/16
If you own a Mikrotik CCR device based on NAND memory, then be prepared that it will die.
I had this on a (now discontinued [WayBack] MikroTik Routers and Wireless – Products: CCR1009-8G-1S-1S+PC, superseded by the less functional [WayBack] MikroTik Routers and Wireless – Products: CCR1009-7G-1C-1S+PC, which is also NAND based).
Many more people had this or very similar problems:
- [WayBack] Corrupted routerboard firmware prevents booting – MikroTik
- [WayBack] CCR-1009-8G1S-1S Stuck at Starting Kernel – MikroTik
- [WayBack] ccr1009-8g-1s-1s+ stop in loading kernel from nand – MikroTik
- [WayBack] CCR-1016 ”loading kernel from nand ” Problem – MikroTik
- [WayBack] CCR Router Upgrades and often Fails with Reboot Loop – MikroTik
- [WayBack] CCR 1036-12G-EM reboot problem – MikroTik
- [WayBack] ccr 1009 after reboot/power loss boot loop – MikroTik
- [WayBack] CCR hangs on boot – MikroTik
- [WayBack] Mikrotik bricked by backup, reset button not working anymore – MikroTik
- [WayBack] Corrupted routerboard firmware prevents booting – MikroTik
- [WayBack] Cannot netinstall a CRS125 due to reboot loop – MikroTik
- [WayBack] RB493G, 60.0% Bad Blocks!!! What should I do now? – MikroTik
It also happens due to bad capacitors on the (also discontinued) [WayBack] MikroTik Routers and Wireless – Products: RB1200:
- [WayBack] RB1200 + Router keeps rebooting in loop (on power up one beep then it continues in loop) – MikroTik
There have been quite a few NAND related changes to the firmware over the years that have to do with handling corruption:
- [WayBack] mikrotik-tools/changelog-historic at master · 0ki/mikrotik-tools · GitHub from [WayBack] GitHub – 0ki/mikrotik-tools: Tools for Mikrotik devices
- [WayBack] www.mikrotik.ro/docs/changelog.txt
If you are really lucky (I was not), then it is a bad power supply: [WayBack] bootloop on CCR1036-12g-4s (almost 5 years old) [SOLVED] – MikroTik.
Sometimes you can partially recover using the Console port or NetInstall, but eventually you will trip another part of the faulty NAND storage and it will die again, until it has spent all its lives.
Unlike a cat, those are usually far less than 9 lives.
If you do need to recover, the links might help you:
- [WayBack] Recover a Broken Mikrotik Device | Murray’s Blog
- [WayBack] Manual:System/Serial Console – MikroTik Wiki
- [WayBack] Manual:Special Login – MikroTik Wiki
- [WayBack] Manual:RouterBOOT – MikroTik Wiki
- [WayBack] Manual:Netinstall – MikroTik Wiki
–jeroen
Share this:
Posted in Internet, MikroTik, Power User, routers | Leave a Comment »
It looks like a volunteer has been found to maintain the openvpn chocolatey
Posted by jpluimers on 2021/08/09
The chocolatey package for OpenVPN has not been updated for quite a while. It looks like it has to do with the current dependency to verify the OpenVPN signature.
The current [Wayback] Chocolatey Software | OpenVPN 2.4.7 version is both outdated on the major version number ([Wayback/Archive.is] Release OpenVPN v2.5.3 release · OpenVPN/openvpn) and minor version ([Wayback/Archive.is] Release OpenVPN v2.4.11 release · OpenVPN/openvpn). The version 2.4 Windows installers are now called “Legacy Windows Installers”.
Luckily less than a day after the start of the [Wayback/Archive.is] RFM – openvpn · Issue #1024 · chocolatey-community/chocolatey-package-requests, a volunteer stepped forward.
Hopefully by now the package is being maintained again.
–jeroen
Share this:
Posted in Network-and-equipment, OpenVPN, Power User, VPN | Leave a Comment »
Factory reset a MikroTik hEX PoE RB960PGS using the reset button
Posted by jpluimers on 2021/08/02
[WayBack] Manual:Reset – MikroTik Wiki:
unplug the device from power
2) press and hold the button right after applying power
Note: hold the button for 5 seconds (USER LED will start flashing)
3) release the button to clear configuration.
Note: If you wait until LED stops flashing, and only then release the button – this will instead launch Netinstall mode, to reinstall RouterOS.
Initial configuration
(see also [WayBack] Manual:First time startup – MikroTik Wiki)
Share this:
Posted in Hardware, Internet, MikroTik, Network-and-equipment, Power User, routers, WinBox | Leave a Comment »
Updating a Unifi Controller (either a Cloud Key, or a local installation like a VM)
Posted by jpluimers on 2021/07/27
Note that by now, Unifi Controller is usually named Unifi Network Management Controller (somewhere in between it was called Unify Network Controller).
You can either run a local installation on a Linux box (usually Ubuntu), for instance the CloudKey ESXi Appliance, or from a Cloud Key (if you do, do not get a version 1 Cloud Key; too much SD card and other hardware trouble)
Steps to update both the Unifi Controller Firmware (Cloud Key only) and the Unifi Controller software (both Cloud Key and local installation) are below.
I am assuming that 192.168.71.50 is the IP address of your Cloud Key, and for brevity, I included few screenshots, but opted for URLs.
Devices steps
- Logon to your Cloud Key at https://192.168.71.50:8443/manage
- Go to the devices page https://192.168.71.50:8443/manage/site/default/devices/1/50/uap
- Ensure the filter is “APs” (either through the dropdown when your tab is narrow, or the button when the tab is wide)
- Press the “Start rolling update” button.
- Confirm the rolling update
- Wait for the rolling update to finish
Screenshots for selecting “APs” with narrow and wide tab widths:
Share this:
Posted in Cloud Key, Network-and-equipment, Power User, Unifi-Ubiquiti | Leave a Comment »
Did not realise that a 2018 Mikrotik vulnerability made it to the top of the CBL (SMTP composite black list) warning page for quite some months as the first ever device
Posted by jpluimers on 2021/07/02
Having it accidentally made it to the CBL (Composite Blocking List – Wikipedia) a long time ago, I discovered the page started with (WayBack link mine):
IMPORTANT: Many CBL/XBL listings are caused by a vulnerability in Mikrotik routers. If you have a Mikrotik router, please check out the [WayBack] Mikrotik blog on this subject and follow the instructions before attempting to remove your CBL listing.
It wasn’t one of my Mikrotik devices, as first of all they had all being patched out of the box from a really empty internal network before being externally exposed to the internet or more busy internal networks, and second because the CBL entry was a one off on one specific day where someone used our guest network.
Some CBL entries in the range where it was displayed, quite a while after CVE-2018-14847 became public:
Share this:
Posted in Firewall, Hardware, Infrastructure, Internet, MikroTik, Network-and-equipment, Power User, routers, SPAM, WinBox | Leave a Comment »
Fritz!Box as DMZ behind an Experiabox version 10A
Posted by jpluimers on 2021/06/17
First of all: incoming Fritz!Box VPN behind an Experiabox version 10A fails, because the DMZ implementation of the Experiabox is faulty.
This worked just fine with the Fritz!Box as DMZ host behind a Ziggo Connectbox ([WayBack] Connectbox | Klantenservice | Ziggo).
First a few things to get regular TCP stuff to work: having your Fritz!Box as the DMZ host of an Experiabox.
I had a hart time figuring out some of them, so further below are also quite a few links just in case you bump into simular things.
- On the back of the Experiabox version 10A you find the SSDI and WiFi password on what appears to be a sticker, but is in fact a small piece of cardboard paper.
- Behind that cardboard paper is a sticker with the initial administrator password: shove out the piece of cardboard to reveal the sticker.
- After login (you cannot change the username, which is
ADMINorKPN) you have to choose a new password, which has these undocumented restrictions:- It cannot be the old password
- The password must contain at least 1 special character (
!@#$%^&*()_+|~- =\`{}[]:";'<>?,./). - The password must contain at least 1 number character.
- The password must contain at least 1 uppercase letter.
- Other restrictions I have not bumped into
- The default address of the Experiabox V10a is 192.168.2.254. Do NEVER change it, as KPN totally does not support that scenario and will force you to reset it before starting to help you out with anything. Logon as Administrator to the Experiabox at 192.168.2.254.
- Setting fixed DHCP leases was hard to find (I was looking for fixed DHCP, not DHCP reservation): Network -> LAN -> LAN DHCP (dropdown next to LAN) -> DHCP Reservation (up to 10 computers).
- The DMZ setting was not where I expected it: Network -> Firewall -> DMZ (dropdown next to Firewall)
External port checker: [WayBack] Open Port Checker & Scanner | Test Port Forwarding | Internet Protocol Tools
Related:
- Passwords and SSID on the back of the device:
- [WayBack] KPN toont nieuwe Experiabox V10a met vplus-ondersteuning | Van de Kooy Computers & ICT
- [WayBack] [Melding] Experiabox V10a met verkeerde WiFi gegevens op de sticker | Telfort Forum
- [WayBack] Experia Box v10a | KPN Community
- [WayBack] Wachtwoord Experia box | KPN Community
- [WayBack] Wachtwoord Experia box V10a | KPN Community
Beste antwoord door wjb
Het wachtwoord staat echterop op een sticker, zichtbaar als je het kaartje er uit schuift.
- Use of your own internal routers behind the Experiabox:
- [WayBack] WAN uitgang prive-router communiceert niet met Experia Box | KPN Community
- [WayBack] ASUS RT-AC66U achter Experia Box v10A bijvooorbeeld in DMZ | KPN Community
- IPsec works for Telfort
- [WayBack] VPN op een V10A werkt niet | Telfort Forum: IPSec and OpenVPN should work
- [WayBack] VPN op een V10A werkt niet | Telfort Forum: Somebody got IPSec to work and observed PPTP fails.
- [WayBack] VPN op een V10A werkt niet | Telfort Forum background information on IPSec/SSL-VPN/OpenVPN
- [WayBack] Experia Box V10 DMZ werkt niet correct na een herstart | Telfort Forum
- IPsec fails for KPN; over many years (via “KPN” experiabox “v10a” “IPsec” “server” – Google Search)
- [WayBack] Experiabox v10a, icm VPN-diensten 1900AC (PPTP fails, IPSec should work, but on my system does not)
- 2014 [WayBack] Synology VPN L2TP/IPSec | KPN Community
- 2017 [WayBack] L2TP VPN (Windows Server 2016) werkt niet door ExperiaBox i.c.m. portformwarding | KPN Community
- 2018 [WayBack] Poort forwarding werkt niet op de de Experiabox V10A | KPN Community
- 2019 [WayBack] L2TP/IPsec VPN over Experiabox V10a werkt niet | KPN Community
- 2019 [WayBack] VPN werkt niet meer op Experiabox V10a | KPN Community
- Incoming SMTP port 25 could be blocked:
- DHCP configuration:
- You can only configure 32 DHCP Bindings (this used be an even more mediocre 10 DHCP bindings), which is a laugh:
- There have been quite a few issues in the past that have been solved with firmware updates; I’m still not sure how to update it apart from doing a hard reset.
- [WayBack] Feedback over het nieuwste modem van KPN V10A | KPN Community
- [WayBack] Experiabox v10a update | KPN Community
- [WayBack] Devices IP adres toekennen in v10a | KPN Community (devices not getting DHCP leases, but a 169.254.x.x Link-local address – Wikipedia)
- Wall mounting:
- Keep the bar at the bottom as it protects the plugs (a not so nice design is that they stick out on the back unlike most routers I have ever seen):[WayBack] Beugel Experiabox v10a | KPN Community
- Manuals and such:
- Service tool (be careful: anyone on the internal network can run these if they know the last 3 digits of your bank account!):
- [WayBack] Servicetool: wijzig je WiFi naam & wachtwoord | KPN (fails if you are behind the second router, even though it says it is in progress)
- [WayBack] Servicetool herstellen fabrieksinstellingen Experia Box | KPN
- Without Experiabox seems to be only possible for Telfort, not for KPN:
- [WayBack] Ervaring Telfort oude glasvezelnetwerk naar het nieuwe netwerk / Instellen FritzBox voor externe VOIP | Telfort Forum
- [WayBack] Gebruik een eigen router i.p.v. de Experia Box | KPN Community
- [WayBack] KPN Glasvezel internet zonder Experia Box | KPN Community
- WayBack: Een eigen router | netwerkje.com
- [WayBack] Fritz box i.p.v Experiabox | KPN Community
- [WayBack] KPN Experiabox vervangen voor eigen modem/router – Netwerken – GoT
–jeroen
Share this:
Posted in Network-and-equipment, Power User, VPN | Leave a Comment »
CloudKey ESXi Appliance – Google Search
Posted by jpluimers on 2021/06/07
Via [Archive.is] CloudKey ESXi Appliance – Google Search:
- [WayBack] My Ubiquiti UniFi Appliance 3.0 – now even more super! | Justin’s IT Blog
- [WayBack] Pre-built ESXi *nix Unifi Controller? Or, minimal resources required to install my own? – Ubiquiti Networks Community
–jeroen
Share this:
Posted in *nix, Cloud Key, ESXi6, ESXi6.5, ESXi6.7, Internet, Network-and-equipment, Power User, Unifi-Ubiquiti, Virtualization, VMware, VMware ESXi | Leave a Comment »
The Wiert Corner - irregular stream of stuff 