Edgerouter lite & D-Link DAP-2660 first setup

[soehest]

Originated from these threads:
Questions about new network setup.

D-Link DAP-2660 vs Linksys LAPAC1200 VS ??

i ended up buying the following:
D-Link DAP-2660
Ubiquity edgerouter lite
TP-Link Poe Injector

Already owned:
D-Link DGS-1210-20

In this thread i will tell a bit about my experience with the above setup as a first time user of both the edgerouter and my first ever "real" access point.

Ubiquity edgerouter lite:
My concerns with this router was that reading reviews etc people say that it is hard to configure. Some would also say that does not apply for later versions of the firmware. Powering up i managed to brick it within 20 minutes of use during the upgrade process. Gui told me to reboot which i did and i could no longer connect. I spent the next 4-5 hours cursing at Ubiquity for having a prompt telling one to reboot when the manual clearly states that one should not reboot during a firmware upgrade. Thinking about my options. Rma which could take like forever or try to fix it by taking it apart and mounting the USB drive which sits inside the case. I chose the latter as i was sure that the filesystem was messed during the reboot. Mount the drive and checking the filesystem did not show any errors. Luckily and old version of the firmware will apparently be written on disk:

lost+found
squashfs.img
squashfs.img.md5
squashfs.o
squashfs.o.md5
version
version.o
w
w.o
www

As seen there are files with the letter o which are the old firmware version. I ended up with deleting the new files and renaming the old by removing the o. I was happy when the router booted again. Leaving me a bit puzzled as nothing actually seemed wrong with the new firmware files logic would say that the only culprit of this was the firmware itself. Minutes later i realized that i made a huge error. I had tried to install the firmware from the Edgerouter ER8 which uses a different cpu. The edgerouter lite does not fancy that ;-) Would have been nice with a check for valid firmware before allowing uploads. But the brick was all on my part. Uploading the correct firmware and the gui told me to reboot got me scared. But this time it worked and router was now upgraded to newest firmware (1.5) Above should not scare you. It was a error on my part, but pay attention i clearly did not.

Having spent some time on my own mistake i prepared to spent hours getting this thing to actually route the internet. I was in for a huge surprise. I chose the wizard from the gui named WAN+2LAN. Connected cable to the wan port and rebooted. That was it. It worked and if i had taken care it would have taken me literally minutes to get the router working instead of many hours with a bricked router. The routers interface seem fast, but does not have many options. Includes a wizard for upnp which i after trial and error concluded was the old implementation of upnp which have had trouble with multiple xbox'es. I needed the new one based on miniupnd so I had to visit the CLI for the first time. The CLI is accessible from the web interface. To show what the cli could be used for is the commands to enable the service upnp2

configure
set service upnp2 listen-on eth0
set service upnp2 wan eth1
commit
save
exit

Until now that has been the most advanced command i have used in the cli. Gui also has port forwarding so you do not need the cli to do that.

I like the edgerouter a lot. The simplicity is powerfull (less is more) and the fact that it only took minutes to connect to the internet is nice. Having the config in a config file also makes sharing settings much easier and helps in debugging trouble. Having said that, the edgerouter can do network stuff on a very advanced level with cli commands only the most hardcore network enthusiast would know. I think if you have a need for those commands the edgerouter would feel like home anyway (hope the above made sense) Point is that "normal" people like me would not need to use the cli very much (if any) to get a setup which would equal one you get with a "standard" router from asus, netgear etc.

D-Link DAP-2660
This the the wireless access point. Plugged it into the switch and within a minute i could connect to the access point on the default unencrypted ssid called dlink. I spent a few hours actually logging in to the damn thing. I could not see the mac address on the edgerouter so i could not find the ip. The odd thing was that it was running great. Finally looking at the manual i realized that the AP is setup with a static ip adresss 192.168.0.50 which is not a part of my subnet. Hooking it up to my laptop i changed it to get the ip from dhcp server which allowed me to log in and configure the wireless part. My previous range problem was solved with this but having the possibility to place it dead center of our house could have been enough. It is much easier to place an poe powered ap than a huge thing with antennas and requiring a power supply.

Conclusion.
I am very happy with this new setup even though i still have a way to go. I have solved my range problems. Wife is happy as the old (and ugly) router now is gone. I have a network separated in routing and wireless with good possibilities to expand. I hope it will be so stable that i will never have to reboot the router or AP again but only time will show. If the setup is viable depends on several factors. I did not save a single dollar. On the contrary i spent more than the ASUS-RTA87U which i returned cost me. I did not get more speed than my old and aging ASUS-RTN66U. The ASUS-RTA87U did not do that either. This is something to remember when considering buying a new router. Depending on devices connected to the router chances are that upgrading to the newest router will give you nothing. It does not take dual core 1 ghz cpu's to route the net but manufactures claim you will as a user benefit.

Please feel free to ask question. And sorry for the long read.

Regards

 

[NHgranite]

Thanks for the good review.

I also purchased an ERL, but I have not mounted it into my network (yet). Maybe because I'm a bit intimidated by the set-up process or perhaps I'm concerned about how to test my configuration. I would hate to find out after going live that I accidentally left my network vulnerable to a simple attack...

Any insight to my concerns?

 

[Rony]

I had a similar positive experience with the Ubiquiti ERL.

Before I was using a Asus RT-AC66U which dropped the WAN connection every so often and finally stopped working all together after one year. I then also decided to split the routing part and the wireless handling.

For the routing part I used the ERL. The upgrade to EdgeOS v1.5 was painless. I further also used the wizard for setting up the router. It went like a breeze, including DDNS and port forwarding.

I just needed the CLI for pptp and L2TP but the instructions for this can easily be found on the UBNT support site.

The only reference I found to potential vulnerabilities was somewhere on this forum where it was mentioned that SSH could be used from the WAN site, but the CLI instruction to block this was included. Anyhow I believe the firewall should block this also.

The router is now working for two months without any hiccups. I never had to reboot it. The only slightly negative I could find is the download speed when I tested PPTP and L2TP. The maximum I could get is about 15MB for PPTP and 25MB for L2TP. Then again, that is not a real world problem when using hotel lines to dial in.

For wireless I used two Apple Airport Extremes with the same SSID. This ensure compatibility with all the Apple devices and Airplay devices around. The only drawback of this setup which I do not count on was that the Airport Extreme does not do guest networking when in bridge mode. So when there are guests visiting I need to switch on an old router to provide for their networking.

 

[OP06D]

For info on SSH and the WAN port check this post:

http://forums.smallnetbuilder.com/showthread.php?t=19745

 

[soehest]

For info on SSH and the WAN port check this post:

http://forums.smallnetbuilder.com/showthread.php?t=19745

For even more info check the thread again

 

[soehest]

Thanks for the good review.

I also purchased an ERL, but I have not mounted it into my network (yet). Maybe because I'm a bit intimidated by the set-up process or perhaps I'm concerned about how to test my configuration. I would hate to find out after going live that I accidentally left my network vulnerable to a simple attack...

Any insight to my concerns?

As a first time user i have been surprised that it only took me minutes to get it online using the included setup wizard. Depending on your setup you can be lucky. My setup is simple though. My internet is connected to WAN port where the dhcp client will take care of connectivity. Rest is connected to a switch. To test your configuration could be as simple as seeing if internet works. Regarding security i have no concerns. With the default WAN+2LAN setup router will have a stateful firewall much like "normal" routers. It will be safe to a point but as a stateful firewall will allow any outgoing connections security is not security at the maximum level. Most people will never use anything other than a stateful firewall and live happily ever after. A small note when not using Edgemax 1.6.x is the Bash Shellshock vulnerability. 1.5.x is affected. Look here for a quick fix.

 

[NHgranite]

Thanks for the info. Good stuff.

 

[soehest]

Sorry for bumping my own thread but i feel i need to do a small update on this topic:

Have been using the Edgerouter Lite for some time now and want to give a small status update. My aging Asus rt-n66u which I replaced with this one is now back managing the routing of my system. I has the two radios (2.4 & 5ghz) disabled though.

The first days with the ERL were all good and I was happy with general usage and ease of setup. Getting further down in the details I did experience some problems. I did update to 1.6.0 which probably was not a very good idea. It does have some bugs where some may be more serious than other. Personally I did feel that everything ran slower and did spent days to trying to nail down the reason of this. I never succeeded even when writing up scripts to time web downloading etc. We are not talking seconds slower but rather milliseconds. I think this may be what can be called perceived internet speed. Also my only online game seemed to be suddenly lagging. At the end I did settle for this and blamed my own head (which actually may just be the cause on this) The real issue came down to getting multiple xbox's to connect. I simply could not get it to work no matter what I did. Sometimes disabling part of the hardware offloading mechanisms seemed to help but as I did run out of time and energy I really did not want to spent more time on this I switched the routers and now everything is running nicely. It should be noted that I did not seek support on any of the above issues, but a quick glance at support forum shows that the device is probably not as bug free and stable as some reviews says. I have not given up completely on the ERL but for now it will be disconnected until i get some more time at hand.

 

[Red Hazard]

DAP-2660 Scheduling Warning

Our DAP-2660 would randomly turn itself off but the green LED would indicate all was fine. A call to D-Link support revealed that the scheduling feature most not be used and that a F/W update would (someday) be issued to correct the problem. It's always risky buying products that are not AT LEAST a year old from the release date unless one wants to be relegated to being an unpaid beta tester purchaser.

 

[inline]

So, if I understand right, you enabled the scheduling feature to turn the DAP-2660 off and that caused the issue. Translation, if I don't use this, I won't have a problem?

Also curious on the stability of those using the DAP-2660 and how well the band steering, internal radius, etc. works on these units. I was looking at the Ubiquiti UAP-AC's but I am leery based on what I've read in terms of heat issues, and the lack of releasing things promised over a year ago (Zero Handoff mode (not that I'd use this, but still, the "real soon now" is troubling)).

Currently using a RT-AC68U in AP mode, but looking for dedicated 802.11AC AP that doesn't get too crazy price wise (read - no dedicated wireless controller, etc).

Any thoughts/input appreciated.

 

[System Error Message]

The alternative or competitor to ubiquiti would be mikrotik since both actually have products in the same ranges. Mikrotik uses the same OS between all their devices. If you want a dedicated AP without crazy prices i would recommend either ASUS or the newer mikrotik RB911x (below $100) that have wireless AC integrated for indoors.

 

[Trip]

As has been said earlier, I find it's usually best to wait on any consumer and even most SMB gear for a full year or more after its release, to allow for the first few firmware updates to smooth out the rough edges. The EnGenius ECB1750 probably falls into that category, otherwise I'd recommend it wholeheartedly.

 

[soehest]

As i have received a few pm's about the dlink dap 2660 i thought i better share my experience until now

The Dlink DAP-2660 has been running since i bought it 3.5 months ago. It is very stable and never had any issues with it. It would have been at uptime 3.5 months if it had not been for two firmware updates. Which I must mention did not improve anything as i really had zero issues with it. For the range which i imagine is one of the most important factors for people reading i am sad to say i can't be of much help. The AP has been moved to the middle of our house (which was the idea of the buy) So comparing with the old router is no longer possible. If i had to say something i would say that range is smaller than my Asus rt-n66u but not much. but as mentioned, with the dlink you can place it in a a better position than a unit requiring power adapter with huge antennas so it is a win win situation.

Regards

 

[coxhaus]

Originated from these threads:
D-Link DAP-2660
. The odd thing was that it was running great. Finally looking at the manual i realized that the AP is setup with a static ip adresss 192.168.0.50 which is not a part of my subnet.

Did you figure this out? I would not want my router to route any old IP addresses out to the internet, I am interested and have been following the edge router a little bit.

Do you think maybe you had a mask on the router which would encompass the original IP address on the AP and that is how it worked? Otherwise this sounds like a bug to me.

 

[soehest]

Did you figure this out? I would not want my router to route any old IP addresses out to the internet, I am interested and have been following the edge router a little bit.

Do you think maybe you had a mask on the router which would encompass the original IP address on the AP and that is how it worked? Otherwise this sounds like a bug to me.

Well i did figure it out. As mentioned I just had to configure the dlink dap 2660 to get ip address from dhcp instead of using the default one. I am not sure if any bugs are existing actually. The AP was connected to a layer 2 dlink switch. I have limited network knowledge but i think mac addresses are being used so the switch really doesn't care much about which ip the ap has. At least that is my working theory to why it worked One would of course need to login to the AP to set password enable 5ghz etc which would require the AP to be on the same subnet.

I did not give completely up on the Edgerouter but think i will wait until 1.7.0 is released before giving it another go. My current routing solution works wells and is quite flexible.

Regards

 

[GainfulShrimp]

This thread is extremely interesting to me, as I'm considering a similar setup (thanks!)...

I've been looking at combining the Ubiquiti Edgerouter Lite with a DAP-2695 or similar - I'm looking for AC 3x3, not ceiling mounting mine and I think external antennas do help with range a bit.

It's a bit disappointing that you couldn't get the ERL to work perfectly for your particular situation. I don't plan to enable UPNP of any flavour in my case, as I don't think I need it for anything, so hopefully I won't hit the same issue.

Judging by what I ask from my current Draytek wifi router, my requirements for the ERL are pretty simple: DHCP (including quite a few static allocations), NAT (inc hairpin/loopback), a bit of port forwarding and a VPN server (probably IPSEC/L2TP, as OpenVPN isn't natively supported by my iPhone and also requires faffing about with certificates). IPSEC also has the advantage that it's offloaded/accelerated by the ERL hardware, unlike OpenVPN.
I'll be disabling the third port, I think, as I'd rather have the hardware acceleration rather than two (software) bridged ports... I'll just plug a switch into the LAN port (and plug my AP into the switch).

Do you have any other comments or tips on what I should look out for with this setup?

 

[soehest]

This thread is extremely interesting to me, as I'm considering a similar setup (thanks!)...

Do you have any other comments or tips on what I should look out for with this setup?

Now this is not a easy question actually ;-) My time with the Edgerouter lite has made my opinion biased. I gave firmware 1.7.0 alpha2 a quick spin the other day and ended up with pulling it out after a few hours. Still upnp problems (with multiple xbox) Even tried a portforward being overwritten by a upnp request :/ In my world getting a router to work with 2 xbox is not exactly rocket science but somehow when using the Edgerouter lite it is. I do blame the hardware offload but have not proof of this. Point being that if a simple thing like that doesn't work. What else will not work. For me this router is a prototype of something that could be a dream but at this time it isn't. I do not know anything about IPSEC but you want to visit ubnt forum and ask if the Edgerouter will actually do what you want. Depending on your needs the Edgerouter may very well run perfectly, but you also risk running into odd bugs still waiting to be fixed.

Regards

 

[BigTy]

So checking in on this post how is the DAP-2660 holding up for you? Also I didn't see a response tot he question on band-steering? Is it pushing the AC clients to the 5G network well?

Thanks you