Schlagwort: network

Leave a reply

WireGuard VPN – Ubuntu Server

WireGuard is the most modern and easiest way to go if you want to create an VPN Server. The guys from PiVPN created a great installer for RaspberryPi’s. But I need some more Power 🙂 So here is the fast installation guide for this:

Update and Upgrade your Server

sudo apt update
sudo apt full-upgrade

Install all needed packages

sudo apt-get install --assume-yes iptables-persistent dnsutils iptables-persistent wireguard-tools qrencode  net-tools

Now you can use the script to install

curl -L | bash

After the successful install you can create the user by typing

sudo pivpn -a

now you can edit the user profile you have created right now

nano /home/pi/configs/vs_mbp.conf 

If you leave the last line „AllowedIPs =, ::0/0“ like it is. Every traffic will be routed in your WireGuard VPN. If you want to have only the packages for the destination network routed you have to change it to your ip address range. For example: AllowedIPs =

PrivateKey = kPcrDnyRhjhNh+g6x3iqSR6DrFj0jRiR2GbUNgc1qFDxx=
Address =
DNS =,

PublicKey = YoKGLSuXRxv2WcaSzyVCDkIRqCW+BxHuK5VYvZg/7w0=
PresharedKey = hPvRvm5DqEreE8EXydEczi9R7Ygn4qKcrVKAVxvgH+W8=
Endpoint = X.X.X.X:51820
AllowedIPs =, ::0/0

I tested this installer with an Synology Virtual Machine Manager and Proxmox installation

If you don’t install the needed packages then you get following errors:

::: sudo will be used for the install.
::: Hostname length OK
::: Verifying free disk space...
::: Checking apt-get for upgraded packages.... done!
::: Your system is up to date! Continuing with PiVPN installation...
:::    Checking for git... already installed!
:::    Checking for tar... already installed!
:::    Checking for wget... already installed!
:::    Checking for curl... already installed!
:::    Checking for grep... already installed!
:::    Checking for dnsutils... not installed!
:::    Checking for whiptail... already installed!
:::    Checking for net-tools... not installed!
:::    Checking for bsdmainutils... already installed!
:::    Checking for iptables-persistent... not installed!
/usr/bin/debconf-apt-progress: can't open /tmp/tmp.0xfbAZFK8b: Permission denied at /usr/bin/debconf-apt-progress line 249, <STDIN> line 3.
:::    Failed to install dnsutils!
:::    Failed to install net-tools!
:::    Failed to install iptables-persistent!

Leave a reply

Network Monitoring with Zabbix

My home network is not the network normal people have.
I have 2 different locations which are booth equipped with Zyxel USG Firewalls and a Site-to-Site VPN. I do my Synology Backups into the other location or use the Smart Home over booth places. Often my mother in law (she is living in one of the locations too) is telling me that the network is not good. With this error message it is not very easy to discover the problem. Sometimes it is the internet itself but often it is the wifi or even her internet radio device (Bose Soundtouch) . After installing a RaspberryPi with the speedtest-cli its starting to get easier for me to discover if the internet is slow. But i want more 🙂 So I started to use Zabbix.
Zabbix is an Open-Source-Network-Monitoring-System. It is similar to Nagios but gives you the opportunity to manage everything over the web-interface. So my basic plans are:

  1. Install Zabbix on my Synology with Docker
  2. Install Zabbix Proxy on a RaspberryPi for the second location
  3. Create Backup from Zabbix Database

1 Install Zabbix on my Synology with Docker (via Terminal, if you want to do it with the GUI please follow this LINK. First you have to create the folders in the Folder „/volume1/docker/Zabbix/“. If you are using more than one Volume please make sure that you have the correct path. Create then Zabbix folder in the docker folder. Then download this folder-preset DOWNLOAD and load them into the Zabbix folder. Now you can access your Synology via SSH an copy following command.

sudo docker run -d --restart always --name Zabbix-Server -e PHP_TZ:Europe/Vienna -e ZBX_CACHESIZE=1000M -e ZBX_SERVER_NAME:VSZabbixServer -v /volume1/docker/Zabbix/alertscripts:/usr/lib/zabbix/alertscripts  -v /volume1/docker/Zabbix/externalscripts:/var/lib/zabbix/externalscripts  -v /volume1/docker/Zabbix/modules:/var/lib/zabbix/modules  -v /volume1/docker/Zabbix/enc:/var/lib/zabbix/enc  -v /volume1/docker/Zabbix/ssh_keys:/var/lib/zabbix/ssh_keys  -v /volume1/docker/Zabbix/ssl/certs:/var/lib/zabbix/ssl/certs  -v /volume1/docker/Zabbix/ssl/keys:/var/lib/zabbix/ssl/keys -v /volume1/docker/Zabbix/ssl/ssl_ca:/var/lib/zabbix/ssl/ssl_ca -v /volume1/docker/Zabbix/snmptraps:/var/lib/zabbix/snmptraps -v /volume1/docker/Zabbix/mibs:/var/lib/zabbix/mibs -v /volume1/docker/Zabbix/nginx:/etc/ssl/nginx -p 10052:443 -p 10050:80 -p 10051:10051 -d zabbix/zabbix-appliance:ubuntu-4.4-latest

Now you can login to the Zabbix Webinterface using the Synology IP and the port 10050

Username: Admin
Passwort: zabbix

Connecting to the Zabbix Docker via bash is able with following command:

docker exec -ti Zabbix-Server /bin/bash

Getting the logs with following

 docker logs Zabbix-Server

Backup the Database:
The most important settings are all stored in the Database. The easiest and most secure way to save them is to export all the Data at a specific time and store them on the Synology Raid. Please do not forget to follow this help LINK

Zabbix PROXY

With a Zabbix Proxy you can monitore a network remote without having access to the lokal network from your Zabbix Server. If you are using hardware which can use Docker I would recommend to install it with this script DOWNLOAD. Then you can use following command. Do not forget to change
ZBX_HOSTNAME=“you have to set this name in the Zabbix Server too „
ZBX_SERVER_HOST=“IP Adress of the Zabbix Server“

docker run -d --restart always --name some-zabbix-proxy-sqlite3 -e ZBX_HOSTNAME=2100-BigMama-Proxy -e ZBX_SERVER_HOST= -d zabbix/zabbix-proxy-sqlite3:ubuntu-4.4-latest

If you want to use a RaspberryPi you have to install it without Docker. Here is my solution for a fast install including the setup for the agent Download
Do not forget to change

# automated install csript for zabbix 4.4 Install
# helped by
# check the client zabbix version with this link:
#Don't forget to change following:

hostname=$(hostname -s)

sudo apt install -y snmp-mibs-downloader
sudo wget
sudo dpkg -i zabbix-release_4.4-1+buster_all.deb
apt update
apt install -y zabbix-proxy-sqlite3 zabbix-agent zabbix-sender zabbix-get

#create RAM Disk
sudo echo "tmpfs /var/ramdisk tmpfs nodev,nosuid,relatime,size=100M 0 0" >> /etc/fstab
sudo mkdir -p /var/ramdisk
sudo chmod 0777 /var/ramdisk
sudo mount -a

#configure ProxyServer
sudo echo -e "Server=$ZabbixDestinationServer \nHostname=$ZabbixProxyHostName \nTimeout=30 \nEnableRemoteCommands=1 \nLogRemoteCommands=1 \nLogFile=/var/ramdisk/zabbix_proxy.log \nLogFileSize=4 \nDBName=/var/ramdisk/zabbixproxy.db" >> /etc/zabbix/zabbix_proxy.conf
sudo systemctl enable zabbix-proxy.service
sudo systemctl start zabbix-proxy
#LOG ls -l /var/ramdisk/

#confige Agent
#sudo sed -i 's/Server='$ZabbixDestinationServer'/g' /etc/zabbix/zabbix_agentd.conf
sudo echo -e "Hostname=$hostname \nLogFile=/var/ramdisk/zabbix_agentd.log \nLogFileSize=1 \nTimeout=30 \nUnsafeUserParameters=1 \nEnableRemoteCommands=1 \nLogRemoteCommands=1" >> /etc/zabbix/zabbix_agentd.conf
sudo systemctl enable zabbix-agent.service
sudo systemctl start zabbix-agent.service
#LOG cat /var/ramdisk/zabbix_agentd.log

Zabbix Agent

You can easy install the Zabbix Agent on Linux (Ubuntu/Debian) machines by using following script
Do not forget to change

# automated install script for zabbix agent
# helped by
# check the client zabbix version with this link:
# Don't forget to change following:

hostname=$(hostname -s)

sudo apt install -y zabbix-agent

sudo echo "tmpfs /var/ramdisk tmpfs nodev,nosuid,relatime,size=100M 0 0" >> /etc/fstab
sudo mkdir -p /var/ramdisk
sudo chmod 0777 /var/ramdisk
sudo mount -a

sudo sed -i 's/Server='$zabbix_server'/g' /etc/zabbix/zabbix_agentd.conf
sudo echo -e "Hostname=$hostname \nLogFile=/var/ramdisk/zabbix_agentd.log \nLogFileSize=1 \nTimeout=30 \nUnsafeUserParameters=1 \nEnableRemoteCommands=1 \nLogRemoteCommands=1" >> /etc/zabbix/zabbix_agentd.conf
sudo systemctl enable zabbix-agent.service
sudo systemctl start zabbix-agent.service
#LOG cat /var/ramdisk/zabbix_agentd.log

If you want to create the folder from part 1 with a script you can use following:

# /bin/bash
# create folders for zabbix_server

mkdir -p \
/volume1/docker/Zabbix/alertscripts \
/volume1/docker/Zabbix/externalscripts \
/volume1/docker/Zabbix/modules \
/volume1/docker/Zabbix/enc \
/volume1/docker/Zabbix/ssh_keys \
/volume1/docker/Zabbix/ssl/certs \
/volume1/docker/Zabbix/ssl/keys \
/volume1/docker/Zabbix/ssl/ssl_ca \
/volume1/docker/Zabbix/snmptraps \
/volume1/docker/Zabbix/mibs \

Change 2020 07 16
After getting a lots of „[file:dbconfig.c,line:94] zbx_mem_malloc(): out of me mory “ Errors while starting the stopped Zabbix Server I recognised that it will be an issue with the Cache so i added „-e ZBX_CACHESIZE=1000M“ to the Zabbix Server command

Thanks to Rainhardt Gabriel for the idea

Leave a reply

Zyxel – NXC 2500 / 5500 Wireless Network Roaming

A few settings to get a better roaming between Zyxel Access Points

  1. Activate DCS (dynamic channel selection) more Info
    and set it to a specific time. For example 3 am. Take care that you do not choose the same time on all „Radio Profile’s“
  2. Disable A-MPDU Aggregation and also A-MSDU Aggregation
  3. Set the „Disassociate Station Threshold“ between -70 and -80
  4. Enable „Allow Station Connection after Multiple Retries“ between 3 and 6
  5. In the 2,4 GHz Radio Profile set the Multicast Rate fix and on 11 Mbps
  6. In the 5 GHz Radio Profile set the Multicast Rate fix and on 36 Mbps
  7. If you want to set the 5 GHz Channel Selection Method to „manual“ you should choose following Channel IDs: 100, 108 and 132
NXC Radio Profil 2,4 GHz
NXC Radio Profil 2,4 GHz
NXC Radio Profil 5 GHz
NXC Radio Profil 5 GHz

This information is also working on USG / VPN and ATP Firewall when they are able to control AP’s

Leave a reply

What Is My IP Address? –

If you want to know you official IP address you can use a lot of sites.


BUT this one works great for me

curl	⇒


Durch die weitere Nutzung der Seite stimmst du der Verwendung von Cookies zu. Weitere Informationen

Die Cookie-Einstellungen auf dieser Website sind auf "Cookies zulassen" eingestellt, um das beste Surferlebnis zu ermöglichen. Wenn du diese Website ohne Änderung der Cookie-Einstellungen verwendest oder auf "Akzeptieren" klickst, erklärst du sich damit einverstanden.