userdoc:tt_edgerouter-x

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
userdoc:tt_edgerouter-x [2018/12/25 08:30]
abelbeck
userdoc:tt_edgerouter-x [2022/08/29 07:23] (current)
mkeuter [Flash ER-X with OpenWrt using AstLinux]
Line 3: Line 3:
 AstLinux supports many different x86 (32-bit and 64-bit) hardware devices, so when a remote VPN endpoint is desired in your AstLinux constellation it makes sense to first consider yet another AstLinux solution.  Quite often AstLinux is the best solution ... familiarity, full-system firmware upgrades, and if true, you can quit reading any further. AstLinux supports many different x86 (32-bit and 64-bit) hardware devices, so when a remote VPN endpoint is desired in your AstLinux constellation it makes sense to first consider yet another AstLinux solution.  Quite often AstLinux is the best solution ... familiarity, full-system firmware upgrades, and if true, you can quit reading any further.
  
-As an alternative for a remote VPN endpoint, the Ubiquiti Networks [[https://www.ubnt.com/edgemax/edgerouter-x/|EdgeRouter-X]] occupies a special sweet-spot of quality hardware and low price  (currently, January 2019). While similarly priced to a [[https://www.raspberrypi.org/|Raspberry Pi]] complete system, the EdgeRouter-X has quality hardware designed for networking, including a built-in 5-port Gbit ethernet switch.  Additionally, the EdgeRouter-X is only 40%-50% of the cost of the **least** expensive multi-NIC x86 system required by AstLinux.+As an alternative for a remote VPN endpoint, the Ubiquiti Networks [[https://www.ubnt.com/edgemax/edgerouter-x/|EdgeRouter-X]] occupies a special sweet-spot of quality hardware and low price  (currently, January 2019). While similarly priced to a [[https://www.raspberrypi.org/|Raspberry Pi]] complete system, the EdgeRouter-X has quality hardware designed for networking, including a built-in 5-port Gbit ethernet switch.  Additionally, the EdgeRouter-X is less-than-half the cost of the **least** expensive multi-NIC x86 system required to run AstLinux.
  
 {{:userdoc:edgerouter-x-photo.png?nolink|EdgeRouter-X}} {{:userdoc:edgerouter-x-photo.png?nolink|EdgeRouter-X}}
  
-Since the EdgeRouter-X is not x86 hardware, AstLinux will not run on it.  The default EdgeRouter-X firmware is EdgeOS, documentation found here: [[https://www.ubnt.com/downloads/guides/edgemax/EdgeOS_UG.pdf|EdgeOS User Guide]].  The WireGuard VPN is currently available for EdgeOS as a third-party ''.deb'' package found here: [[https://github.com/Lochnair/vyatta-wireguard|vyatta-wireguard]].+Since the EdgeRouter-X is not x86 hardware, AstLinux will not run on it.  The default EdgeRouter-X firmware is EdgeOS, documentation found here: [[https://www.ubnt.com/downloads/guides/edgemax/EdgeOS_UG.pdf|EdgeOS User Guide]].  The WireGuard VPN is currently available for EdgeOS as a third-party ''wireguard-e50-<revision>.deb'' package found here: [[https://github.com/Lochnair/vyatta-wireguard|vyatta-wireguard]].
  
-Alternatively, the [[https://openwrt.org/toh/ubiquiti/ubiquiti_edgerouter_x_er-x_ka|OpenWrt Project]] offers firmware specifically built for the EdgeRouter-X with impressive performance.  The current standard ''18.06.1'' release performs NAT routing at near 1 Gbps line speed, and WireGuard VPN performance at around 180 Mbps.  Quite impressive for a 880 MHz CPU.+Alternatively, the [[https://openwrt.org/toh/ubiquiti/ubiquiti_edgerouter_x_er-x_ka|OpenWrt Project]] offers firmware specifically built for the EdgeRouter-X with impressive performance.  The current standard ''18.06.1'' release performs NAT routing at near 1 Gbps line speed, and WireGuard VPN performance at around 180 Mbps.  Quite reasonable for a 32-bit, 880 MHz CPU.
  
 It could be said that the EdgeRouter-X with OpenWrt and the WireGuard VPN in the kernel is an ideal solution for a remote VPN endpoint.  The rest of this documentation describes how to install the current release of OpenWrt ''18.06.1'' on a Ubiquiti Networks EdgeRouter-X (ER-X). It could be said that the EdgeRouter-X with OpenWrt and the WireGuard VPN in the kernel is an ideal solution for a remote VPN endpoint.  The rest of this documentation describes how to install the current release of OpenWrt ''18.06.1'' on a Ubiquiti Networks EdgeRouter-X (ER-X).
Line 23: Line 23:
 It is assumed the 1st LAN network of AstLinux is ''192.168.101.1/24'', adjust accordingly below if yours is different. It is assumed the 1st LAN network of AstLinux is ''192.168.101.1/24'', adjust accordingly below if yours is different.
  
-Do not connect power to the ER-X, yet.+!!Do not connect power to the ER-X, yet.!!
  
 Connect the ER-X ''eth0'' port to the AstLinux LAN ''192.168.101.1/24'' network (yellow cable). Connect the ER-X ''eth0'' port to the AstLinux LAN ''192.168.101.1/24'' network (yellow cable).
Line 60: Line 60:
  
 With the "System Load Linux to SDRAM via TFTP" chosen, you need to specify two IP addresses and the name of the TFTP filename ''openwrt.bin'', as show above. With the "System Load Linux to SDRAM via TFTP" chosen, you need to specify two IP addresses and the name of the TFTP filename ''openwrt.bin'', as show above.
 +
 +!!Note ->!! Some OpenWRT devices work exclusively with ''192.168.1.1'' + ''192.168.1.2'' as the device + server IP addresses! ((use e.g.\\  ''ifconfig eth1:1 192.168.1.2 netmask 255.255.255.0 up''\\ to add an additional virtual address to the server))
  
 Type RETURN and the ER-X should reboot into the factory initramfs-kernel of OpenWrt.  After the dmesg logs appear to stop, type RETURN again, you should see a login as shown below: Type RETURN and the ER-X should reboot into the factory initramfs-kernel of OpenWrt.  After the dmesg logs appear to stop, type RETURN again, you should see a login as shown below:
Line 217: Line 219:
 {{:userdoc:edgerouter-x-firewall-wg-interface.png?nolink|Firewall WireGuard Interface}} {{:userdoc:edgerouter-x-firewall-wg-interface.png?nolink|Firewall WireGuard Interface}}
  
 +===== Alternatives to the EdgeRouter X =====
  
 +The EdgeRouter-X is sometimes hard to get. Kind of alternatives are the "travel router" devices from [[https://www.gl-inet.com/products/|GL.inet]] as they are already based on OpenWRT (plus an additional GL.inet WebGUI) and already include WireGuard and OpenVPN. But they are using plastic cases. You can also easy switch directly to Luci.
 +
 +
 +\\ 
 +\\
 +----
  • userdoc/tt_edgerouter-x.1545748222.txt.gz
  • Last modified: 2018/12/25 08:30
  • by abelbeck