Advertisement

Saturday, December 23, 2017

Setting up an EdgeRouter, Part I

Introduction
Ever since my kids got devices that could get on the internet, I have been looking for ways to manage and monitor their access.  We do randomly check their devices for "bad stuff" and we talk about what they should not be doing on the internet.  Those are good, basic steps that any good parent should take.

I always point my routers to OpenDNS as the DNS server to filter out objectionable content.  I am sure that helps, but savvy kids could install VPN apps to get around this.

Finally, the wireless AP is setup to turn off the wireless radios at 10:00pm until 4:00am.  This keeps the kids off of the internet on their phones overnight since they don't have data plans.  Also, they are supposed to leave their phones downstairs for charging overnight so they can't play offline games.  The downside is that all wireless devices are affected by this and not just the kid's phones.

What I need is a router that
  1. allows me to block internet access at specific times for specific devices
  2. allows me to see what sites people are going to
  3. allows me to block access to VPN by device. I sometimes need to login to work using VPN.  I can't just block all VPN access.
Hopefully, the EdgeRouter X by Ubiquiti will let me do everything I want.

I bought an EdgeRouter X on Amazon for about $50.  There are more expensive models but this one seemed like it would do everything I wanted.  Plus, we have Amazon Prime right now so shipping was free.  Some people said that the router stopped working after a few days.  Amazon offered buyer protection for <$2, so I paid for that as well.  If I get a lemon, I hope they will give me my money back.

Initial Thoughts
If you read reviews of the EdgeRouter, some people complain that it is hard to setup.  I did not find that to be true at all.  I am in IT but I am not a network engineer and do not work with routers normally.  So, configuring the EdgeRouter is by no means something I can do without help.

The manual that the router comes with is simply a quick start guide.  It explains how to plug everything in and nothing more.  You need the full user guide to get anywhere.  Fortunately, that can be downloaded from the Ubiquity website.  I have not read much of it yet but, at 104 pages, it appears to be pretty comprehensive.  Also, I have had good luck googling things.  Some of the information Google finds is outdated but still helpful.

Setting up to Connect to the Internet
The main thing I need the EdgeRouter to do is connect my home network to the internet through my cable modem.  This was very easy to setup. 

First, I followed the instructions in the quick start guide to power up the EdgeRouter.  I plugged a network cable from my laptop into port ETH0.  Then, I configured the Ethernet port on my laptop to have a fixed IP address of 192.168.1.1.  I brought up the web configuration interface and logged in as the ubnt user.

There is a wizard to configure the device to connect to the internet.  The user guide says that the wizard is named, "Basic Setup".  However, my device did not have a wizard with that name.  Fortunately, the "WAN+2LAN2" wizard is the same as the Basic Setup wizard.  I used the WAN+2LAN2 wizard and followed the instructions in the user guide for the Basic Setup wizard.

For the internet port choices, I left the defaults.



The wizard screen also has a section to setup the LAN.  You need to expand the section at the bottom of the screen to see the choices.  One thing that through me off a bit is the DHCP setup.  The address box is for the default address of the switch for the LAN.  This is the address that DHCP will give to the clients as the router address.  At first, I thought that this box was for the lower IP address setting.  I set the address as 192.168.0.1.



Also, by default, the software starts the DHCP IP range at .38 and ends it at .243.  That is more than enough for a home network.

The last step is to click the Apply button and reboot the router.

Physically Connecting to the Cable Modem
It took a bit of fiddling to get the router installed on my network.  I connected the Ethernet cable from the cable modem to eth0 on the EdgeRouter and powered up the EdgeRouter.  The cable modem's network light lit up to indicate that the EdgeRouter was connected.  However, I could not get to the internet even though I could see that the EdgeRouter had a routable IP from my ISP and was downloading traffic.  A simple reboot of the cable modem and the EdgeRouter fixed the problem.

OpenDNS
Setting up the EdgeRouter to use OpenDNS was a bit harder but still pretty easy.  The user guide does not specify how to do this.  Fortunately, I am not the only one who tried to do this.  Google to the rescue.

Part of the configuration can be done with the gui tools in the EdgeOS.  Part of the configuration must be done by entering unix commands into the Command Line Interface (CLI).

First, I clicked on the System button in the bottom-left corner of the screen.  This brings up the System configuration screen.  I entered the two OpenDNS server IP addresses in the system name server box.  Those addresses are 208.67.222.222 and 208.67.220.220.  I also added the local IP address of 127.0.0.1 and saved those changes.



Next, I opened up the CLI interface and logged in as an administrator.  I entered the following commands in the interface.
configure
set service dns forwarding system
commit
save
exit
exit

Finally, I had to go to the OpenDNS web site and refresh my network's IP address.  It took about five minutes for the OpenDNS servers to propagate my changes but eventually OpenDNS was doing it's job.

That's it for now.  I have my EdgeRouter connected to my cable modem.  I can get to the internet and am using OpenDNS for the DNS servers.  

Next, I want to configure the router to block specific devices from accessing the internet at specific times.


1 comment: