In this example, the ISP modem is bridged and the USG is receive a public internet IP address If it is double-NAT behind a modem or ISP provided firewall, be sure to change the modem or firewalls internal IP range to something other than what you want your local network to be. Plug the USG in and allow the WAN interface to receive a public internet IP address.Make sure the IP/Subnet is configured correctly and check the “DHCP Server” checkbox and configured the correct DHCP range and click Save.Select “Networks” from the list on the left and click the pencil to edit it.On the external UniFi controller, log in and click on the settings icon (two gears in the lower left corner).So here is what I can add to the config.gateway. When you install nfdump, it automatically sets up a NetFlow collector on port 2055. For the NetFlow collection server, I'm running nfdump on a Raspberry Pi. If you want that, you can read my last post. I won't go over again how to find the file for your gateway or what it is. It can be a little difficult if you want to set up a NetFlow monitoring system yourself, but there are many tools that can ingest NetFlow data. If you're not familiar, NetFlow is a tool used to monitor network traffic to recognize source of congestion, traffic irregularities, and other useful data on the network. This time around, I found myself looking to setup netflow monitoring. Since the UniFi Security Gateway runs the EdgeOS firmware underneath, you can set just about anything that you would be able to configure on an EdgeRouter on the security gateway.
In my last post, I showed how to use the file to setup a conditional forwarder in a UniFi Security Gateway.
0 kommentar(er)
