I got 99 problems but my WiFi ain't one

TIL: there's a button on my Asus that turns all the flashing status lights off.

it's the power button, right?

It IS to the right of the power button. But only if you're looking from the front.

Wait a minute, I see what you did there!

https://www.asus.com/support/FAQ/1048830

Not sure of the right thread for this but I guess it is network related.

I've got shh tunnelling with a VPS to my network working fine but I'd like to get some of the connections (particularly home assistant) working with a secure connection.

I tried adding a certificate to the VPS but that doesn't work as it is expecting a certificate from the endpoint and tells me that the certificates aren't matching. Do I just need to copy the same certificate into home assistant or should I create a new certificate for home assistant (and if so for what domain) or something else?

I can't imagine I'm the only one with this issue but I don't think I know the right terminology to search for a solution. Cheers

SSH tunnels don't need certificates in themselves - at least, I don't have any for the ones I use.

What's the setup you have (where is the HA instance hosted, how are you trying to access it, and where from)?

Home Assistant is on my home network on a raspberry pi.

At home I access it on the local network, remotely I can access it through SSH tunnel port forwarding. Both are fine but only through http, not https.

There are some integrations (Alexa and Samsung off the top of my head) that require an external, secure connection to Home Assistant to work which I don't think I have at the moment.

Got you.

It's the server that's hosting HA that needs the certificate, which is all done with the http integration* - although unless you're using a domain / DNS record, you can't use letsencrypt.

You might find that other integrations don't like self-signed certificates either (without a lot of fucking about).

As a caveat - I had it all set up locally, and had it forwarded to a domain, so used letsencrypt. I stopped bothering after a while though, as I didn't I don't need it exposed externally that much.

* I just have two lines in http.yaml with

ssl_certificate: /pathto/fullchain.pem
ssl_key: /pathto/privkey.pem

iirc there was dicking about with formatting the keys and certificates correctly

Cheers. I do have it forwarded to a domain so guess I should be able to use letsencrypt.

Although I do seem to remember that the Alexa integration looked pretty complex so there is still every chance I won't get round to it.

So BT have upgraded a friend to the latest superhub 2 as there phone is now voip. Seems there is no longer a way to split the WiFi channels.

There does seem to be issues with WiFi around their flat. Which the splitting helped so you could choose a stronger WiFi network channel.

Google doesn't come up with anything helpful. Any ideas?

Turn the WiFi off. Get some proper APs of some sort.

Has anyone measured their router with the aerials in different positions? Do they impact anything? I've got three aerials out the top of my box - is there any optimum position for them?

Has anyone either got a WiFi pod or the promised 100 pound from Virgin Media if the WiFi speeds are lower than promised?

From my lengthy interactions with VM where I've been repeatedly fobbed off I feel like they are both fake

My experience with VM was that the hub is shit and customer service was really shit.

Probably not what you want to hear but I just bought my own router.

VM are the devil

the conclusion I've come to.

Yes, to an extent. I had a Draytek router at my last job that had had the antennas split between 2.4GHz and 5GHz ranges.

https://www.draytek.co.uk/support/guides/kb-wlan-replacing-antennas

Pointing the 2.4GHz horizontally antenna made a big difference for better signal on 2.4GHz on the floors above/below.

https://www.draytek.co.uk/support/guides/kb-vigor-wlan-antenna-theory

Probably not what you want to hear but I just bought my own router

You fully replaced their router?

Or you put the hub in modem mode and then just connected it to something that could do DHCP locally?

Put the hub into modem mode and used a unifi router (plus some APs) connected to that.

The hub seemed stable enough in modem mode, was crap when it was asked to do everything.

Cheers. I've laid one of the 'rabbit ears' flat for shit and Gigabitles.

trying to set up Wake on LAN on some machines ata work, Virgin business hub router won't accept xxx.xxx.0.255 as a target IP address for port forwarding, that's my only option to broadcast to the whole network right?

Currently can't get it working to a specific IP either. edit got it working to one specific PC forwarding ports to just that one

double edit: seems you can't forward a port to more than one IP, which makes sense I guess, so I need that broadcast IP somehow.

Forwarding to broadcast mostly got turned off as it was an early source of DoS attacks (send a single spoofed packet to a broadcast address, hundreds of devices send a reply to your target that gets swamped with traffic). Lots of devices will not let you enable it because it is considered dangerous. I'd put something on the LAN which is always on and originate the WOL packets from that.

I've lost you a little bit, I thought my issue was less sending the packets, but rather them finding their way through the network to the intended recipients. If we assume that 1 computer is always on (the computer I'm remoting in to) then the issue is getting our render nodes to boot when no one is in the office. Assuming network card and bios are set up correctly on those machines what would that solution look like? I thought the magic packets had to be sent to broadcast on port 9. I can't set up multiple IPs as the recipient of port 9 it seems.

In case you can't tell I'm fairly networking illiterate.

A Wake-on-LAN packet can be almost anything, it just has to have the target computer MAC address in it, 16 times, and somehow get to the off computer.

As the computer is off you can't assume a local router will have an ARP entry for it and you can't assume the switches will have seen any data from it recently so will not have a forwarding entry for it's MAC. Hence usually sending the magic packets to a broadcast or multicast address that will be flooded everywhere including the target.

If you have a computer on the same broadcast domain as the render nodes then you can send the magic packets with a utility directly to the LAN broadcast address. You will need to send (at least) one packet for each computer you want to wake.

The Wikipedia article lists a bunch of example software that will send the packets or a bit of Python code if that is your thing. https://en.wikipedia.org/wiki/Wake-on-LAN#Creating_and_sending_the_magic_packet

Nice one, installed something I found in the microsoft store and it seems to work without port-forwarding. Trouble is one of the machines doesn't seem to have any options for WoL in its network adapter settings and doesn't seem the see (hear?) the packets. Intel 82574L Gigabit Network Connection.

Trouble is one of the machines doesn't seem to have any options for WoL in its network adapter settings and doesn't seem the see (hear?) the packets. Intel 82574L Gigabit Network Connection.

Some suggestions that WoL is 'always on' with that NIC. Other people say it doesn't work post Win8. If it is on a PCI card I'd probably just swap the NIC with a model that is working for you elsewhere.