Page 5 of 8 FirstFirst 12345678 LastLast
Results 53 to 65 of 96

Thread: VPN Routers

  1. #53
    Join Date
    Jun 2015
    Location
    Pembroke Pines
    Posts
    25
    Post Likes
    I use Tosi Box atm, been using it for a bit and I love it. We are implementing them in every job that we do so we can have access to our customer sites. My last job I use to set up a Cisco 5505 and send it to rackspace which was a bit of a pain. It takes no more than 10 mins to set the tosi box up and I also have it linked to my cell phone which allows me to jump on a site when I am not home.

  2. #54
    Join Date
    Jan 2019
    Posts
    4
    Post Likes
    Have you ever had clients ask to install in residential or mostly commercial applications?

  3. #55
    Join Date
    May 2009
    Location
    SC
    Posts
    2,185
    Post Likes
    Quote Originally Posted by rkruegs View Post
    Have you ever had clients ask to install in residential or mostly commercial applications?
    Mostly commercial though churches are pretty close to residential in a lot of ways, ways they probably shouldn't be but still.

  4. #56
    Join Date
    May 2009
    Location
    SC
    Posts
    2,185
    Post Likes
    Bunch of links regarding wireguard VPN on Ubiquiti Edgerouter. https://www.reddit.com/r/Ubiquiti/co...esource_links/

    EdgeRouter WireGuard Resource Links

    EdgeRouter WireGuard community thread:

    https://community.ui.com/questions/R...a-3ac9d9c22311

    Original ER WG GitHub (no longer active)

    https://github.com/Lochnair/vyatta-wireguard/releases

    Current active ER WG FossoresLP fork from Lochnair

    https://github.com/FossoresLP/vyatta-wireguard

    EdgeRouter WireGuard install/update/remove script (uses new FossoresLP fork)

    https://github.com/mafredri/vyatta-wireguard-installer

    ER script to automate adding WireGuard peers

    https://www.reddit.com/r/WireGuard/c...uard_peers_on/

    Link to ER/WireGuard/mullvad config discussion

    https://www.reddit.com/r/Ubiquiti/co...setup_for_erx/

    Detailed Blog on ER/WG Setup example (note: points to older Lochnair GitHub)

    https://www.erianna.com/wireguard-ubiquity-edgeos/
    So not mainstream enough for production IMO but someone might easily play with this.

  5. #57
    Join Date
    Jan 2008
    Location
    In the work truck
    Posts
    3,250
    Post Likes
    Thread Starter
    Cool Maxburn.

    Is WireGuard ready for production? I keep trading mixed things.

    Edit- Just noticed that it’s not in a package from UBNT so it won’t stay after a firmware upgrade.
    I’ll wait for that LOL.

    I wish they would get WireGuard or OpenVPN in the UI...

  6. #58
    Join Date
    May 2009
    Location
    SC
    Posts
    2,185
    Post Likes
    Quote Originally Posted by Pascone10 View Post
    Cool Maxburn.

    Is WireGuard ready for production? I keep trading mixed things.
    These guys said it better; https://restoreprivacy.com/wireguard/

    and https://courses.csail.mit.edu/6.857/...-WireGuard.pdf

    As far as the Edgerouter specific implementation it's a hard no from me until Ubiquiti rolls it into the base OS. At the moment if I understand it right you need to reinstall it after a firmware update...

  7. #59
    Join Date
    Mar 2001
    Posts
    97
    Post Likes
    There are already so many available open source VPN solutions. So what is the benefit of BACnet/SC?
    IMHO Wireguard or OpenVPN over UDP may be more suitable for BACnet/IP.
    Running connection-less application protocol on a TCP based transport layer is not a good design.
    Carrier CCN Modbus/BACnet gateway
    BACnet router for BIP, MS/TP, Ethernet
    http://www.hvacrcontrol.com/?lang=en

  8. #60
    Join Date
    May 2009
    Location
    SC
    Posts
    2,185
    Post Likes
    In my testing I found that I had fewer trend and alarm dropouts if I put BACnet/IP in a TCP OpenVPN tunnel. To me it made sense that stacking UDP on top of UDP and then sending that over the internet wouldn't be so reliable and testing seems to have born that out. BACnet requests have retries etc but the broadcasts to the server for recording history and events appear to be sent with no confirmation I know of. I haven't looked too closely into this in the BACnet spec to see if this should be the case but it was very plain to see years ago when I did the testing that all the trends and alarms didn't always get there.

    The standard advice for OpenVPN is to use UDP because you don't want to have TCP in TCP and I agree with that, it's just that the advice changes when you want reliable UDP and the language itself doesn't take care of it.

    Another strike against Wireguard in BMS applications, no TCP tunnel option.

    BACnet/SC (and/or some API) in particular gives BMS vendors a chance to settle on something built into the controller.

    Edit; In a Niagara situation that TCP/UDP situation might change because it's not BACnet between the jace and super, it's fox. Maybe fox has some more handshakes to compensate for missing packets?

  9. #61
    Join Date
    Jun 2019
    Location
    Chicago
    Posts
    35
    Post Likes
    Look up a product called Building Operator - It's an alternative to VPN or complex IT setup, secure, works with any BACnet/IP or Modbus systems. Cheaper than Tosibox when you consider >10 users with no dongles needed and scales up nicely.

  10. #62
    Join Date
    May 2009
    Location
    SC
    Posts
    2,185
    Post Likes
    Quote Originally Posted by ProductManagerR View Post
    Look up a product called Building Operator - It's an alternative to VPN or complex IT setup, secure, works with any BACnet/IP or Modbus systems. Cheaper than Tosibox when you consider >10 users with no dongles needed and scales up nicely.
    Never heard of it, name is to generic to turn up relevant search results so I can't find it.

  11. #63
    Join Date
    Mar 2001
    Posts
    97
    Post Likes
    BACnet/SC could only transport BACnet packet, i think it has much less security risk vs. VPN on default configuration.
    Carrier CCN Modbus/BACnet gateway
    BACnet router for BIP, MS/TP, Ethernet
    http://www.hvacrcontrol.com/?lang=en

  12. #64
    Join Date
    Jun 2019
    Location
    Chicago
    Posts
    35
    Post Likes
    It's brand new product launched this year. https://usa.siemens.com/buildingoperator

  13. #65
    Join Date
    May 2009
    Location
    SC
    Posts
    2,185
    Post Likes
    Quote Originally Posted by ProductManagerR View Post
    It's brand new product launched this year. https://usa.siemens.com/buildingoperator
    That's a front end replacement. I think most of us are trying to work within our systems to secure them, not decapitate them and replace the front end the user sees.

    Nice bid for recurring revenue from Siemens though.

Page 5 of 8 FirstFirst 12345678 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
Contracting Business
HPAC Engineering
EC&M
CONTRACTOR