Show ARP table: ip neigh show


https://help.ui.com/hc/en-us/articles/204960094-EdgeRouter-Configuration-and-Operational-Mode

Some great shortcuts from here: https://www.reddit.com/r/Ubiquiti/comments/9dwok0/edgerouter_cli_guide_quick_and_concise_howto_with/

terminal length 0 will show all the output without segmenting them, so you don't have to press spacebar to see the next page.

show configuration will show how the router is configured.

show configuration commands will show all the commands to reconfigure the router to exactly how it currently is. This is useful if you log the printable output in Putty, so you can copy/paste the commands later, or even edit them in a text file and then paste them into the router.

configure enter configuration mode where you can make changes to the router. When you're inside this mode, you can type show and it'll be equivalent to type show configuration. You can type exit to leave this mode.

commit will apply the changes you've made.

save will save the changes so they're reflected upon reboot. This is useful to omit if you want to test the router with commit changes, and if it breaks something, a simple reboot will bring it back to the previous config.

; allows you to chain commands together. Example: commit;save;exit will execute those 3 in order.

? will show all available commands in the current context. Example: if I type set ? it will display all the possible things I can set/change. If I type set interfaces ? it will show all the interfaces that I can set/change. So on and so forth. It's a great way to figure out where things are and how they're set, etc.

TAB will autofill the rest of whatever commands are available. Example, if I type set inteTAB it'll autofill to set interfaces.

One way to think of the CLI is a bunch of sub-directories as you go through them. Example, let's say I want to change the description of eth0 port to 'my wan'.

set interfaces ethernet eth0 description 'my wan'
set indicates I'm going to add or change something; set something.

interfaces means I want to change one of the interfaces. Again, think of it like a directory: I'm going to look into the interfaces folder.

ethernet which interfaces do I want to set? The ethernet interfaces. Go into the ethernet folder.

eth0 which ethernet interface? eth0

description what do I want to change? The description.

'my wan' the quotations are needed for anything >1 word.

Keep in mind you can type ? anywhere along the commands to find out what the next "folder"/context command is. Example: if I type set interfaces ethernet ? it will show all the ethernet interfaces that are available.

https://community.ui.com/questions/Per-IP-Bandwidth-Limit/b0e166f7-ba01-4db9-9fd5-05576728d4f3

https://help.ui.com/hc/en-us/articles/115015971688-EdgeRouter-OpenVPN-Server

https://help.ui.com/hc/en-us/articles/204952134-EdgeRouter-Hairpin-NAT


configure

edit service nat rule 1
set description HTTPS
set inside-address address 172.16.20.20
set inside-address port 443
set log disable
set protocol tcp
set type destination


set inbound-interface eth+
set destination address 0.0.0.0
set destination port 443
top

edit service nat rule 5001
set description Hairpin_MASQ
set destination address 172.16.20.0/24
set source address 172.16.20.0/24
set log disable
...<Too long, click to read the rest>

https://help.ui.com/hc/en-us/articles/204911404-EdgeRouter-Traffic-Policies-Shaper-for-Upload-Download-and-VoIP

This will setup a L2TP with preshared key of preshared123, username of username1 and password of password1

configure

set firewall name WAN_LOCAL rule 270 action accept
set firewall name WAN_LOCAL rule 270 description IKE
set firewall name WAN_LOCAL rule 270 destination port 500
set firewall name WAN_LOCAL rule 270 log disable
set firewall name WAN_LOCAL rule 270 protocol udp

set firewall name WAN_LOCAL rule 240 action accept
set firewall name WAN_LOCAL rule 240 description L2TP
set firewall n...<Too long, click to read the rest>

This is the basic procedure to get OpenVPN server working on your Edgerouter. You should only use one computer per config file, since they will share an IP, having multiple connections using a single client config file will cause issues.

## Install OpenVPN on Windows using file from this website. If you are going to generate the keys/certificates on this computer, during install make sure you install the Easy RSA scripts.
https://openvpn.net/community-downloads/


## Open Powershell/cmd.exe as Admin
...<Too long, click to read the rest>

This is old VPN technology, I don't recommend using this.


configure
set vpn pptp remote-access authentication mode local
set vpn pptp remote-access authentication local-users username username1 password laksdfjklsjkldf
set vpn pptp remote-access authentication local-users username username2 password abcdabcd
set vpn pptp remote-access client-ip-pool start 172.16.20.200
set vpn pptp remote-access client-ip-pool stop 172.16.20.210
set vpn pptp remote-access dns-servers server-1 4.2.2.2
commit
sav...<Too long, click to read the rest>

https://help.ui.com/hc/en-us/articles/205145990-EdgeRouter-WAN-Load-Balancing#4

https://community.ui.com/questions/Dual-WAN-Fail-Over-Load-Balancing-Wizard/cb82bdc2-c225-482f-a8c8-6a7caf957177



Show status of WAN failover:
show load-balance status
show load-balance watchdog
show load-balance config

show ip route
show ip route table 201
show ip route table 202


Change percentage of traffic for WAN interfaces when both are working:
set load-balance group G interface eth4 weight 70
set ...<Too long, click to read the rest>