One part of my project is to set up IPv6 on certain of my VLANs. IPv6 has long been a bit of a mystery to me. While IPv4 is complicated, the addresses can be held in memory, so we’ve all gotten used to memorizing 4 octets. Further, it allows a fairly simple topography in that the subnets are ‘human-sized’. IPv6 is totally different. It has huge numbers and unreadable addresses. I want each of my VLANs to use IPv6 subnets as appropriate, so here is how I did it. It’s not too complex.
Author: Barclay Howe
Keeping the Kids Safe from the Internet with Filtering
This part of the project is easily the most complicated I did, and also took me the most time. There is a quote from a book that I read that ‘information wants to be free’ (a little googling tells me it’s been around for a long time, but I read it in a book by Charles Stross), and this certainly proves it. Trying to make it so kids can’t get to the bad parts of the internet is a good example of this, since you need to do a ton of things to make the filtering work. Here is what I did:
The Goal
The goal is to have a transparent proxy for http and https that keeps my kids away from bad content and redirects them to a friendly error page to tell them that. I wanted to have content screening and filtering, with whitelists to add in what I want them to have access to.
This design is complicated, and it took a while to make me familiar with all the technologies involved. Plus there are some things that I just could not have with my technology.
Continue reading “Keeping the Kids Safe from the Internet with Filtering”
Logging into my Wifi With RADIUS
I have been using my UniFi system for a few months and I’m very pleased. The WiFi is very fast, I can roam around the house seamlessly, and the handoffs are seamless. Now I want to move to the two final stages: advanced access control and then content control for the kids. For access control, I’m going to use RADIUS, specifically pfsense’s freeRADIUS package. I’ve read that this it is a bit arcane, but my experimentation has shown that it’s actually pretty straightforward.
Cleaning Up My Network
I spent the majority of my tinkering time this week creating and solving various network problems. I moved my UniFi devices to a management VLAN, and I also moved my controller again. This time, I moved it to a fresh minimal Ubuntu installation from my old Kubuntu mining rig. Both had pitfalls. Continue reading “Cleaning Up My Network”
Switching my UniFi Controller to Ubuntu and HDMI Problems
I have been troubleshooting a really peculiar problem with my Unifi Setup that perplexed me for several days. Since I use HDMI over IP to stream my cable box to several TVs around the house over cat5, I wanted to isolate the video on its own VLAN. I use Mirabox extenders, and as I was working on my article about putting my video on its own VLAN, I found out that UniFi has a big problem with that. Continue reading “Switching my UniFi Controller to Ubuntu and HDMI Problems”
Setting Up a VLAN in pfSense
I got a reminder today of why my VLAN project will help me out. My 6 year old son had a play date with a friend, whom I’ll call Jake. I left them watching a movie in the attic while I worked around the house, and was very surprised when my wife found me and asked why I had let them surf the web. Here is what had happened:
My son has an old laptop that he uses to ‘write’ in Microsoft Word. Mostly, he writes the word ‘Ninjago’. His friend Jake, however, knows how to google. Jake, as it happens, is also a 6-year-old who is convinced that Bigfoot is real, and apparently took the available laptop and started to google videos about Bigfoot and other ‘cousins of Bigfoot’. I don’t know if there are content filters for cryptozoology, but there will be when this project is done. Continue reading “Setting Up a VLAN in pfSense”
VLANs in the Home
So it’s been a few weeks of selling old video cards (and anything else I could scrounge) to reduce my clutter and to free up funds for my UniFi setup. I now have my 3 APs, and 3 UniFi switches. The icing on the cake is that I also pulled fiber between them, so now I have a really cool setup to play with. Further, my WiFi is noticeably better, especially when wandering around using FaceTime. Now it’s time to implement my VLAN design. Continue reading “VLANs in the Home”
Installing a LetsEncrypt SSL Certificate with pfSense on an Internal Server
Ever since Google announced that Chrome would mark non-https connections as ‘Not Secure’ I’ve begun to fret about ssl certificates. These serve two purposes. First, they encrypt your data and prevent Man-in-the-middle attacks, and secondly, they verify that the site you visit is the site it claims to be. I used to think that the former was more important, but now I am more of the opinion that identity verification is most important, now that phishing attacks are commonplace. LetsEncrypt has recently stepped in to help solve this problem.
With this in mind, when I saw that my UniFi controller was marked:
I wanted to fix it. Continue reading “Installing a LetsEncrypt SSL Certificate with pfSense on an Internal Server”
First Results of my New Ubiquiti UniFi WiFi Installation
First Impressions of Ubiquiti UniFi
I am really pleased with my Ubiquiti Unifi WiFi installation. My first impressions are very positive. The controller is great software. The interface makes all the configuration central and easy. Where I used to have to log into 3 APs (none of which I could keep straight), now I can just log into one place, and see everything.
It lets you see everything that is connected, and its IP information. Further, you can edit the names for them so you can write a descriptive name if the system can’t figure out a DNS name.
The configuration is basically pretty simple, and incredibly comprehensive. Continue reading “First Results of my New Ubiquiti UniFi WiFi Installation”
Installing The Ubiquiti UniFi Controller On My Centos Server
We’re almost at the fun part of my project, but first I’m going to take another detour to show how to install the Ubiquiti UniFi Controller software onto my main Centos file/utility server.
Update 10/14/18: Don’t do this. Bad idea. I do over why in a later post.
I’m going to explain this in a bit of detail. I remember when I started out with Linux (Solaris, actually) and it was so obscure that I found it frustrating. So I’ll try and explain each step. Continue reading “Installing The Ubiquiti UniFi Controller On My Centos Server”