• Apr 29, 2016

    Guest Network with EdgeRouter Lite and UniFi Access Points

    Last year, I wrote about setting up a guest network with the EdgeRouter Lite. The post was focused on using an Apple Time Capsule as the wireless access point. Since then I've switched away from the Time Capsule and am now using Ubiquiti UniFi APs, so parts of the post are no longer relevant to me and a few people have asked me how to do this with the EdgeRouter Lite and the UniFi APs.

    While the UniFi controller software has the option to do a guest network, as far as I can tell, it isn't exactly what I want. With my setup, you can't just use the checkbox to turn on the guest network as the current firmware apparently slows things down. So if you don't check the box, my instructions appear to still be needed.

    All of the EdgeRouter Lite steps are taken from my original post, so they may look familiar.

    Here are the steps:

    1. On the EdgeRouter Lite's Dashboard, click Add Interface and select VLAN.

      Add VLAN Image

    2. Set up the VLAN as 1003 and attach it to the physical interface of your LAN. Give it an IP address in the range of a private IP block, but make sure you end it in a /24 to specify the proper subnet. (Make sure it is different than your normal private IP block.)

      Setup VLAN

    3. Click on the Services tab. Click Add DHCP Server. Set it up similar to the image below.

      Add DHCP Server

    4. Click on the DNS tab under services. Click Add Listen interface and select the VLAN interface. Make sure you hit save.

      Setup DNS

    5. Click on Firewall/NAT and then click on Add Ruleset. This is for packets coming into the router destined for somewhere else (not the router). Set up the default policy for Accept. Click Save.

      Add Firewall Rules

    6. From the Actions menu next to the Ruleset, click Interfaces.

      Select Interfaces

    7. Select your VLAN interface and the in direction.

      VLAN In Direction

    8. Click Rules and then Add New Rule. Click on Basic and name it LAN. Select Drop as the Action.

      Add Rule

    9. Click Destination and enter 10.0.1.0/24 or whatever your LAN IP range is. Then click Save. This will drop all packets from the VLAN destined for your LAN. Save.

      Destination Selection

    10. Repeat 1 and 2 above (name it GUEST_LOCAL). From the Interface, select the VLAN interface and the local direction.

    11. Add a new rule. Set it to Accept on UDP port 53 (DNS).

      Rule Configuration

      Rule Destination

    12. Save.






    Now it's time to move over to the UniFi Controller.

    1. After you login to the controller, click the Settings in the lower left.

      Settings

    2. If you're using your UniFi AP connected to a UniFi Switch, you have to setup the switch to pass traffic for your guest network. If you aren't, you can skip to step 5.

      Networks

    3. Click Create New Network

      Create New Network

    4. Setup the network as indicated in the next image and then click Save.

      New Network

    5. Select Wireless Networks on the left side.

      Wireless Networks

    6. Configure the network similar to the next picture. Note that I didn't turn on guest policy.

      Wireless Configuration




    Now you can test this by connecting to the guest network and accessing the Internet. Then try connecting to a device on your LAN or connecting to the EdgeRouter Lite. Both actions should fail.

    I know that there are a lot of steps to configure this, but they're not that difficult and you only have to do it once!

    I've tested this and it is working well on my network; if I've missed anything, please let me know!

  • Apr 28, 2016

    Ineffective Stop Signs

    Soon after we moved into our house (about two and a half years ago), the city installed stop signs at the end of our street. This seemed like a great idea as traffic would speed down the hill perpendicular to our street and make it dangerous to get out of our street.

    Over the time we've been here, we've seen people stop at the signs, slow down at the signs, and simply ignore the signs. I filled out a traffic engineering request to see what the city could do to get people to actually stop. Soon after I did this, I saw the cables on the ground across the traffic lanes that measure traffic. I thought that this was great and that the city was going to do something about people stopping.

    Unfortunately I saw the result not too long after that. The result was that the word STOP was repainted larger on the ground in all 3 directions. This solution, of course, is quite laughable.

    Stop Sign

    Last week I received a call from a traffic engineer (I think) and he explained that the council rep and the community planning group had requested a stop sign to slow down the traffic. The city's job was done and traffic was slower most of the time; I do have to admit that if this was the goal, it has worked. The engineer suggested that I call the police and try to get them to come out and ticket people. Our police are overworked and they have better things to do than sit at a stop sign; the reasoning was that the route is used by locals and after a few tickets are issued, people would get the message. I don't believe it, but whatever.

    I've done my part to try to get people to do the right thing with respect to actually stopping, but without enforcement, the practice will continue. In speaking with a few neighbors who run it, they say that they can see in all directions and it isn't hurting anyone. That may well be the case, but there will be that one time when someone doesn't stop and there will be a serious accident.

  • Apr 25, 2016

    Conserving Water with Rain Barrels

    A few months ago, my wife saw that the city and water district were offering rebates on rain barrels. The rebates were significant enough to pay the entire cost of the barrels, so I decided to purchase 2 of them at Home Depot. Installig the barrels was easy as all I had to do was make Some slight modifications to my downspouts, attach an overflow hose and replace the spigot with a brass one as the cheap plastic one that came with the barrel would break easily.

    After a major rain, I was able to fill up and then empty the 2 50 gallon barrels. We had another rain that filled up the barrels, so now I have another 100 gallons of water to use.

    This got me thinking about how little having these 2 barrels will do to conserve water. First off, here in San Diego, we typically get rain in a concentrated window which wouldn’t really allow me to collect and empty water more than a few times a year. If I had barrels that collected 600 gallons, I could probably water all our plants for the entire growing season. Second, if I can fill up 400 gallons of water a year (best case scenario), I would save about $2 based on the cost of water.

    While the rain barrels look nice and let me collect a little water, they are not cost effective (if I had to pay for them) and really won’t put a dent in my water usage. I can just feel a little bit better knowing that I’m trying to help.

  • Apr 24, 2016

    Conveniently Charging Devices

    When we remodeled our house 3 years ago, we created a very open floor plan on our main living level by removing a wall. So now we have our kitchen, dining area (it isn’t a formal dining room as we never used one), and living room all together. This has worked out well, but during the planning stages, we realized that there would be a slight issue and that is based on how we wanted our couches, there would be no walls around them to plug in a lamp, charge devices, etc. We decided to put an outlet in the floor (the concrete had to be cut to put in the outlet which was being done anyway for our kitchen island). This outlet turned out to be a great decision.Floor Outlet

    We started by plugging in a lamp into the outlet (the lamp is less harsh than the overhead lights) and then when I added a 5.1 surround system, I plugged the wireless subwoofer/rear speakers into the outlet. Of course, we only put a duplex outlet into the floor so when my wife wanted to charge her iPad there (she tends to use it most while sitting on the couch), I dug out a Y outlet and used that.

    One device turned into 2 and then turned into more where we had to keep swapping out the cable. After purchasing a few of the Anker 5-Port USB Charger PowerPorts, I thought that using one of these on a table near the couch would solve my problem.

    So I bought a small power strip, used industrial strength Velcro to mount it under an end table, and then mounted an Anker 6-Port USB Charger PowerPort under the table as well. Now I had 6 USB ports easily accessible near the couches.

    I quickly realized that this solution was ingenious, if I do say so myself! It turns out we have a bunch of devices that occasionally need charging including an Apple TV Remote, a SteelSeries gaming controller, an Aeon Labs Z-Wave remote, an iPhone used as an automation remote, a pair of Bluetooth headphones that I sometimes use with the TV, and a few iPads. I’ve plugged in 2 30-pin cables, 2 lightning cables, a micro USB cable, and a mini USB cable into the Anker. This lets me easily grab a cable and be able to charge anything.

    Device Power

    Device Power

    I’m still not quite sure what to do with the cables, but for now they’re all hanging together.