Community discussions

MikroTik App

Search found 333 matches

  • 1
  • 2
by jaytcsd
Sat May 13, 2023 8:48 am
Forum: General
Topic: SwOS port mirroring
Replies: 4
Views: 744

Re: SwOS port mirroring

CSS326-24G is my main one, also got an RB260GS to test a fiber connection between the 2.
I noticed the screens are different.
by jaytcsd
Sat May 13, 2023 3:01 am
Forum: General
Topic: SwOS port mirroring
Replies: 4
Views: 744

Re: SwOS port mirroring

CSS326-24G is my main one, also got an RB260GS to test a fiber connection between the 2.
I noticed the screens are different.
by jaytcsd
Fri May 12, 2023 10:50 pm
Forum: General
Topic: SwOS port mirroring
Replies: 4
Views: 744

SwOS port mirroring

Just bought my first Mikrotik switches to learn VLANs and mirroring. I have 2 radios that talk to each other through IP so I need to mirror one port (I think) to a PC running wireshark so I can see what the traffic looks like. I see the forwarding tab in the browser but I wanted to be sure I got thi...
by jaytcsd
Fri May 12, 2023 10:39 pm
Forum: General
Topic: NTP server issue?
Replies: 2
Views: 440

Re: NTP server issue?

Are you sharing your NTP server with the underserved? Be careful how you answer, governor gruesome is watching....
by jaytcsd
Tue May 09, 2023 6:47 pm
Forum: General
Topic: NTP server issue?
Replies: 2
Views: 440

NTP server issue?

may/06 13:36:52 system,critical,info ntp change time May/06/2023 13:36:52 => May/07/2023 12:30:20 I've never seen a change more than a few seconds that I recall, but I seldom have to reboot the hAP ac. I didn't realize my 2nd server seems to be the active one until I ran this command. /system/ntp/cl...
by jaytcsd
Sun Feb 05, 2023 9:18 pm
Forum: Beginner Basics
Topic: fiber cable to connect 2 routers
Replies: 6
Views: 667

Re: fiber cable to connect 2 routers

I heard about DWDM but BiDi is new, thanks for all your help.
by jaytcsd
Sun Feb 05, 2023 9:45 am
Forum: Beginner Basics
Topic: fiber cable to connect 2 routers
Replies: 6
Views: 667

Re: fiber cable to connect 2 routers

My first exposure to fiber was in multimode days when a pair was needed since fiber was one way. It wasn't until last week while working at winter X games that I found out single mode was bidirectional. The IT vendor used Mikroik routers and switches so I got my first exposure to single mode. Most o...
by jaytcsd
Fri Feb 03, 2023 2:23 am
Forum: Beginner Basics
Topic: fiber cable to connect 2 routers
Replies: 6
Views: 667

fiber cable to connect 2 routers

I'm new to fiber optics and ordered 2 Mikrtotiks with SFP. I got the S-3553LC20D LC adapter and wanted to make sure this cable would work. https://www.ebay.com/itm/125665725634?hash=item1d4242ccc2:g:xNQAAOSwQlZjm1oZ&amdata=enc%3AAQAHAAAA8EDOAWb8R2ODGFU7JAdvBavKVoRzsMBflv5Npnp%2BR8eobM2%2ByUTcg5H...
by jaytcsd
Mon Nov 28, 2022 2:19 am
Forum: Beginner Basics
Topic: wireguard works NAS to remote NAS but not windows explorer
Replies: 2
Views: 391

wireguard works NAS to remote NAS but not windows explorer

Home is 192.168.100.0/24, office is 192.168.200.0/24 home NAS is 192.168.100.15, office is 192.168.200.25. I can see the office NAS from home but file / windows explorer using \\192.168.200.60 to an office PC does not work. VNC works both ways. The NAS drives are western digital and Seagate running ...
by jaytcsd
Mon Jun 20, 2022 6:41 am
Forum: Beginner Basics
Topic: 2.4 GHz not giving IPs
Replies: 1
Views: 283

2.4 GHz not giving IPs

I have the same setup on 2 RB-962 / hAP ac routerboards but for some reason the 2.4 GHz interface isn't working on the one I'm on now. I've rebooted the router a few times but no change. My phone sees the 2.4 guest SSID but can't get an IP, this works fine on my home router. The 2.4 GHz interface sh...
by jaytcsd
Wed Jun 15, 2022 12:54 am
Forum: General
Topic: DC power jack specs
Replies: 4
Views: 1621

DC power jack specs

The standard Mikrotik power supply fits my video camera and switcher. I want to buy spare 12v 3 amp power supplies but need to know the mm specs on the plug.
Looked at the specs for my RBs and the wall wart but didin't see it listed.

thanks
by jaytcsd
Tue Mar 01, 2022 4:44 am
Forum: Wireless Networking
Topic: LtAP mini LTE won't upgrade
Replies: 1
Views: 456

Re: LtAP mini LTE won't upgrade

Never mind, I was logged in in read only mode.
by jaytcsd
Tue Mar 01, 2022 4:09 am
Forum: Wireless Networking
Topic: LtAP mini LTE won't upgrade
Replies: 1
Views: 456

LtAP mini LTE won't upgrade

Winbox's check for updates button gives
"download & install error - not permitted (9)"
when I try to download and install, get a similar error for download only.

Channel only shows stable versions.
by jaytcsd
Tue Mar 01, 2022 12:51 am
Forum: Wireless Networking
Topic: North America 4G/LTE
Replies: 3
Views: 1397

Re: North America 4G/LTE

Welcome to the USA. I just bought a Verizon sim and found out they don't like the IMEI from my LTAP mini but a T mobile sim works. I have a Verizon account and was hoping to use my LTAP to replace a 5 year old mifi that died. I paid about $20 for the T mobile sim and 2 gigs of data just to test the ...
by jaytcsd
Sun Feb 27, 2022 10:18 am
Forum: Beginner Basics
Topic: using safe mode to setup wireguard
Replies: 27
Views: 6148

Re: using safe mode to setup wireguard

This rule was blocking wireguard from working. ;;; defconf: drop all from WAN not DSTNATed chain=forward action=drop connection-state=new connection-nat-state=!dstnat in-interface-list=WAN log=no log-prefix="" so I put this in just above it chain=forward action=accept src-address=10.0.0.0/...
by jaytcsd
Thu Feb 17, 2022 6:17 am
Forum: General
Topic: same MAC with 2 IPs
Replies: 4
Views: 567

Re: same MAC with 2 IPs

# ADDRESS MAC-ADDRESS HOST-NAME SERVER STATUS LAST-SEEN

13 192.168.100.245 00:40:7F:83:D7:2F LHV2008
by jaytcsd
Tue Feb 15, 2022 8:38 am
Forum: General
Topic: same MAC with 2 IPs
Replies: 4
Views: 567

same MAC with 2 IPs

DHCP lease says 192.168.100.245 is enabled and bound when I hit the check status button, but you can see ping says otherwise. Good thing Normis and friends put the IP ARP table in or I would not have found my DVR at 192.168.100.210. What's really weird is this DVR is hard coded to .245 and up until ...
by jaytcsd
Mon Feb 14, 2022 9:33 am
Forum: Beginner Basics
Topic: using safe mode to setup wireguard
Replies: 27
Views: 6148

Re: using safe mode to setup wireguard

[quote=holvoetn post_id=912860 time=1644813568 user_id=185526] It worked before, right ? What happens if you go back to previous version ? What else did you change (since you mention change of IP subnet) ? What was changed to what ? [/quote] I don't recall changing anything, it did work before, I wa...
by jaytcsd
Mon Feb 14, 2022 1:25 am
Forum: Beginner Basics
Topic: using safe mode to setup wireguard
Replies: 27
Views: 6148

Re: using safe mode to setup wireguard

Thanks but that did not help. Both side are sending data What is odd is that torch on wireguard1 on the remote router shows a non existent IP, 192.168.100.240, trying to reach one of my PCs. My printer use to be 192.168.100.240 but I changed all IPs at my remote site to 192.168.200.xxx so wireguard ...
by jaytcsd
Sun Feb 13, 2022 9:10 am
Forum: Beginner Basics
Topic: using safe mode to setup wireguard
Replies: 27
Views: 6148

Re: using safe mode to setup wireguard

Lost my link between the units after upgrading to 7.1.2, anyone else seen that?
I checked my WAN IPs and public keys, nothing changed.
by jaytcsd
Sun Feb 13, 2022 7:09 am
Forum: Announcements
Topic: v7.1.2 is released!
Replies: 127
Views: 39073

Re: v7.1.2 is released!

Both my hAP ac routers upgraded but lost their wireguard links to each other.
by jaytcsd
Mon Feb 07, 2022 6:57 am
Forum: Beginner Basics
Topic: using safe mode to setup wireguard
Replies: 27
Views: 6148

Re: using safe mode to setup wireguard

Oh boy what an idiot I am. I was pinging 10.10.10.2 when I needed 10.0.0.2.
It's working now.

@Jeff - I'd like to ask you some P25 questions, can you email me - your call sign at vtn55.org
thanks
by jaytcsd
Mon Feb 07, 2022 6:07 am
Forum: Beginner Basics
Topic: using safe mode to setup wireguard
Replies: 27
Views: 6148

Re: using safe mode to setup wireguard

thanks for the quick reply.
Both IPs are public and pingable from the tools / ping function in winbox.

working on editing the configs to remove private stuff
by jaytcsd
Mon Feb 07, 2022 12:08 am
Forum: Beginner Basics
Topic: using safe mode to setup wireguard
Replies: 27
Views: 6148

Re: using safe mode to setup wireguard

I had to do a hard reset on site 1 this week after I lost internet access, turned out to be a cable modem / ISP issue where I was getting a 192.168.100.1 address for my WAN which kept me from getting into the hAP. site 1 WAN 72.xxx.xxx.xxx /ip/address> pr # ADDRESS NETWORK INTERFACE 1 192.168.100.1/...
by jaytcsd
Wed Jan 19, 2022 4:30 am
Forum: Beginner Basics
Topic: using safe mode to setup wireguard
Replies: 27
Views: 6148

Re: using safe mode to setup wireguard

thanks SOB, I'll look at the rules and post them if nothing stands out, which it probably won't.
Really appreciate you and sindy taking time to help out in this forum.
by jaytcsd
Wed Jan 19, 2022 4:28 am
Forum: Beginner Basics
Topic: using safe mode to setup wireguard
Replies: 27
Views: 6148

Re: using safe mode to setup wireguard

[quote=k6ccc post_id=906116 time=1642404226 user_id=89501]
I run a regional P-25 system for a living...
[/quote]
LA-RICS?
by jaytcsd
Mon Jan 17, 2022 6:19 am
Forum: Beginner Basics
Topic: using safe mode to setup wireguard
Replies: 27
Views: 6148

Re: using safe mode to setup wireguard

[quote=Sob post_id=905797 time=1642269571 user_id=33312] So you had a nice trip? ;)[/quote] Yes except for the 40 degree drop in daily high temps. What's weird is I can put //192.168.100.225 in IE and see my video camera system at the main site from here at the remote site which is now 192.168.200.0...
by jaytcsd
Mon Jan 17, 2022 6:00 am
Forum: Beginner Basics
Topic: using safe mode to setup wireguard
Replies: 27
Views: 6148

Re: using safe mode to setup wireguard

[quote=k6ccc post_id=905806 time=1642270786 user_id=89501] Another option (just in case) is to have access to a PC at the remote location that has remote access software such as TeamViewer, AnyDesk, etc. [/quote] I used team viewer and then went with anydesk, but around Christmas they bombarded me w...
by jaytcsd
Sat Jan 15, 2022 8:15 am
Forum: Beginner Basics
Topic: using safe mode to setup wireguard
Replies: 27
Views: 6148

Re: using safe mode to setup wireguard

>>So no matter how much you mess up remote LAN, it shouldn't affect your ability to connect to router and correct it. Maybe for a normal person but I always find a way to shoot myself in the foot. I had a rule blocking me from WAN access, once I figure that out I was able to get in that way. Being a...
by jaytcsd
Sun Dec 12, 2021 8:54 pm
Forum: Beginner Basics
Topic: using safe mode to setup wireguard
Replies: 27
Views: 6148

using safe mode to setup wireguard

My remote Mikrotik is 1500 miles away and I want to try wireguard. My problem is both LANs are 192.168.100.0/24 so I need to change the remote site from my understanding. I'm going to try changing the devices to 192.168.200.xxx to keep it simple. My DHCP server assigns IPs based on MAC so I think I ...
by jaytcsd
Sun Dec 12, 2021 10:21 am
Forum: Beginner Basics
Topic: hap Lite
Replies: 1
Views: 917

Re: hap Lite

viewtopic.php?t=178063
Devices that support this feature:
RB4011
RB3011
RB1100AHx4
RB450Gx4
Audience
hAP ac³ (non LTE)
by jaytcsd
Sun Feb 28, 2021 9:59 pm
Forum: General
Topic: router under attack on L2TP tunnel?
Replies: 2
Views: 1744

Re: router under attack on L2TP tunnel?

I had a tunnel between 2 MTs but it failed after a version upgrade so I thought I had deleted it but obviously left this interface on. I turned off the L2TP server as as soon as I saw the log entries and did the same IP trace you did (findip-address.com). Thanks for the reply, do you have a blog or ...
by jaytcsd
Sun Feb 28, 2021 9:22 am
Forum: General
Topic: router under attack on L2TP tunnel?
Replies: 2
Views: 1744

router under attack on L2TP tunnel?

never seen this before. feb/27 20:47:03 l2tp,debug,packet L2TPDBG===>: rcvd control message from 146.88.240.4:1701 to xxx.xxx.138.202:1701 feb/27 20:47:03 l2tp,debug,packet L2TPDBG===>: tunnel-id=0, session-id=0, ns=0, nr=0 feb/27 20:47:03 l2tp,debug,packet L2TPDBG===>: (M) Message-Type=SCCRQ feb/27...
by jaytcsd
Thu Feb 04, 2021 5:23 am
Forum: General
Topic: anyone using LtAP mini on Verizon is the US?
Replies: 8
Views: 1577

Re: anyone using LtAP mini on Verizon is the US?

My local Verizon store gave me an adapter and I got the SIM in the Mikrotik, now my LTE interface shows a MAC, network modes and IMEI but the status tab has
SIM not inserted. The SIM is in as far as it will go, the locking lever is about the 10 o'clock position.
by jaytcsd
Tue Jan 26, 2021 9:28 pm
Forum: General
Topic: anyone using LtAP mini on Verizon is the US?
Replies: 8
Views: 1577

Re: anyone using LtAP mini on Verizon is the US?

Michael, I think I met you in the Pittsboro post office 2 years ago, I use to do the teams and tracks 2 way radios. I have a Verizon SIM from a mifi but it's too small, I put it in the slot and it disappeared, had to use a very small screwdriver to get it out. I have a broken mifi but it's back ther...
by jaytcsd
Tue Jan 26, 2021 9:03 am
Forum: General
Topic: anyone using LtAP mini on Verizon is the US?
Replies: 8
Views: 1577

Re: anyone using LtAP mini on Verizon is the US?

Thanks, I really hate doing business with AT+T but might be stuck with them.
Did you get a firstnet card or regular consumer one?
by jaytcsd
Mon Jan 25, 2021 10:50 pm
Forum: General
Topic: anyone using LtAP mini on Verizon is the US?
Replies: 8
Views: 1577

anyone using LtAP mini on Verizon is the US?

Their IMEI site says it won't, T mobile says maybe on one page and won't respond on another.

AT+T wants my birthday before I can sign up so I'm hoping to avoid them.
Anyone got a good data SIM plan they use with this?
by jaytcsd
Tue Dec 29, 2020 3:57 am
Forum: General
Topic: LtAP mini LTE kit-US and T mobile
Replies: 0
Views: 1319

LtAP mini LTE kit-US and T mobile

I'm looking at getting the LtAP mini to use on T mobile, anyone got any feedback on this?
This device looks like it does what a net motion or Cradlepoint router does, am I missing something?

thanks
by jaytcsd
Sat Sep 19, 2020 3:10 am
Forum: Beginner Basics
Topic: Some probably dumb questions... [SOLVED]
Replies: 6
Views: 1433

Re: Some probably dumb questions... [SOLVED]

I run XP in a VirtualBox VM for almost all browsing in a standard user setting to avoid web based attacks. I changed the default port for router access and don't have those settings saved in winbox so there is no clue how to get into the router. If you want to get really sneaky you can designate an ...
by jaytcsd
Sat Sep 19, 2020 2:48 am
Forum: Announcements
Topic: Expected down time for this forum SEPT 11
Replies: 42
Views: 18787

Re: Expected down time for this forum SEPT 11

is the help site down?
My hAP lite rebooted and failed to come up so I pulled the power cord to get it back up and made a support.rif but can't get into the service desk page, just get a spinning circle.
This happens on the sign up and resister pages, tried 2 browsers on one PC and one on a 2nd PC.
by jaytcsd
Tue Jun 02, 2020 4:09 pm
Forum: Beginner Basics
Topic: [solved] dhcp-client at WAN is stuck with status searching [SOLVED]
Replies: 11
Views: 26578

Re: [solved] dhcp-client at WAN is stuck with status searching [SOLVED]

A friend was setting up folders for equipment in his database. He used valves, pipes, pumps, etc as folder names, but he could never access any files in the pipes folder.
It turned out pipes was a reserved word in the operating system.
by jaytcsd
Tue Jun 02, 2020 3:53 pm
Forum: General
Topic: lost wireless clients after upgrade to 6.46.6
Replies: 1
Views: 827

Re: lost wireless clients after upgrade to 6.46.6

As I was getting ready to post my config I noticed the bridge from wlan1 had been disabled during the upgrade.
by jaytcsd
Tue Jun 02, 2020 11:19 am
Forum: General
Topic: lost wireless clients after upgrade to 6.46.6
Replies: 1
Views: 827

lost wireless clients after upgrade to 6.46.6

RB751U-2HnD was connected to 5 trend net THA-101 lamp modules, after I upgraded none of them connect now. 00:50:08 wireless,info 0C:72:D9:3E:D2:28@wlan1: connected, signal strength -47 00:50:18 wireless,info 00:23:15:5B:D4:5C@wlan1: connected, signal strength -41 00:50:45 wireless,info 0C:72:D9:3E:D...
by jaytcsd
Tue May 26, 2020 11:43 am
Forum: Beginner Basics
Topic: OVPN Site-to-site with remote clients [SOLVED]
Replies: 4
Views: 6061

Re: OVPN Site-to-site with remote clients [SOLVED]

which tutorial did you use? I've tried 3 or 4 and never get it to work, thanks
by jaytcsd
Sun Jan 12, 2020 5:07 am
Forum: General
Topic: creating l2tp server
Replies: 17
Views: 10928

Re: creating l2tp server

I asked about a forum just for VPNs way back, like you said this info is scattered around. I've found some good videos and some that seem like they are an excuse
to put someone's personal music playlist on.
by jaytcsd
Thu Oct 10, 2019 7:13 am
Forum: General
Topic: DHCP server question
Replies: 1
Views: 830

DHCP server question

All devices on this router are wireless. I'm trying to figure out why the server says 4 devices are bound when only 2 show up in quick start and ping.
by jaytcsd
Thu Oct 10, 2019 7:05 am
Forum: General
Topic: Best VPN for Mikrotik Router
Replies: 20
Views: 8142

Re: Best VPN for Mikrotik Router

Since v7 and Spinrite 6.1 seem to be a long way off, what is a good secure Mikrotik to Mikrotik VPN that also lets road warriors in, or are we talking 2 different situations?

thanks
by jaytcsd
Tue Sep 17, 2019 5:30 am
Forum: General
Topic: lost internet access after upgrade
Replies: 2
Views: 2217

Re: lost internet access after upgrade

I never used the reset button but that's good info to know, thanks.
by jaytcsd
Mon Sep 16, 2019 11:52 pm
Forum: General
Topic: Multiple Road Warrior L2TP/IPsec clients behind NAT - solved
Replies: 98
Views: 83379

Re: Multiple Road Warrior L2TP/IPsec clients behind NAT - solved

Very informative, I just skimmed over it and will dive into it later today.
I had L2TP IPSEC working in 2011 under 5.4 but as the OS was updated I kept having to chase the changes to make it work, finally I gave up.
by jaytcsd
Mon Sep 16, 2019 6:51 pm
Forum: General
Topic: L2TP/IPSec VPN can access LAN but not Router [SOLVED]
Replies: 12
Views: 11376

Re: L2TP/IPSec VPN can access LAN but not Router [SOLVED]

I started copying all the info sindy puts in these posts into a 'sindy says' text file for future reference.
by jaytcsd
Mon Sep 16, 2019 5:48 pm
Forum: General
Topic: lost internet access after upgrade
Replies: 2
Views: 2217

lost internet access after upgrade

hAP ac running 6.45.6 I did the quick check / check for updates routine which brought me up to 6.45.6. When the router rebooted it beeped once and then once again instead of a double beep the second time. I could not get in using the router's IP address so I pulled the power cable to reset it. After...
by jaytcsd
Mon Sep 16, 2019 7:26 am
Forum: General
Topic: cable test shows short with open cable
Replies: 0
Views: 1808

cable test shows short with open cable

I'm trying to use my mAPlite as a cable tester but when I test the RJ45 interface using a 3' cable with nothing on it I get a 0m short reading. I was expecting a 1m open reading. My RB751U-blah blah blah (Normis your model numbers don't fit on a 22" screen....) shows 2m open. A 100' cable shows...
by jaytcsd
Sun Dec 02, 2018 7:45 am
Forum: General
Topic: CoDel support?
Replies: 46
Views: 20425

Re: CoDel support?

thanks for the tip Steve
by jaytcsd
Wed Nov 07, 2018 9:52 am
Forum: General
Topic: new EOIP tunnel won't run
Replies: 2
Views: 2671

new EOIP tunnel won't run

Used the same commands on my hAP ac lite (site 2) as I did on my hAP ac but the tunnel won't run at site 2. I deleted it and created it again, same thing. site 1 /interface eoip> pr Flags: X - disabled, R - running 0 R name="eoip-tunnel_1" mtu=auto actual-mtu=1408 l2mtu=65535 mac-address=0...
by jaytcsd
Mon Oct 29, 2018 4:40 am
Forum: General
Topic: address shows in scan but not ping
Replies: 1
Views: 739

address shows in scan but not ping

Why does 192.168.100.52 not show in the ping window?
by jaytcsd
Sat Jun 23, 2018 7:48 am
Forum: Beginner Basics
Topic: Confused about L2TP and IPSec VPNs
Replies: 21
Views: 4924

Re: Confused about L2TP and IPSec VPNs

What changes between the wiki article and what ended up working did you do?
by jaytcsd
Fri Jun 15, 2018 3:36 am
Forum: General
Topic: LHG 60 project in Hawaii
Replies: 99
Views: 38007

Re: LHG 60 project in Hawaii

@JAINGE - How many hours of flight time did you spend getting to Berlin?
by jaytcsd
Sun Apr 15, 2018 7:10 am
Forum: Beginner Basics
Topic: BLock IP camera output connection
Replies: 10
Views: 3924

Re: BLock IP camera output connection

I put my security camera DVR on a separate Mikrotik, the DVR is 192.168.100.245 with a 255.255.255.248 subnet, that way it can't see into my
PCs and NAS addresses from .1 to .100. The 'insecure' Mikrotik is 192.168.100.241, it's on LAN port 5 on my main Mikrotik.
by jaytcsd
Sun Apr 15, 2018 6:20 am
Forum: Beginner Basics
Topic: look like someone trying to access my router,... [SOLVED]
Replies: 14
Views: 19218

Re: look like someone trying to access my router,... [SOLVED]

Another trick is to change the default port from 8291 to a random one.
Look at port knocking.
https://mum.mikrotik.com/presentations/US10/discher.pdf

https://wiki.mikrotik.com/wiki/Port_Knocking
by jaytcsd
Sat Mar 17, 2018 5:34 am
Forum: Beginner Basics
Topic: Complete overhaul of Existing network
Replies: 8
Views: 1875

Re: Complete overhaul of Existing network

http://gregsowell.com/?p=5748

Greg is a Mikrotik guru
by jaytcsd
Tue Feb 27, 2018 1:09 am
Forum: General
Topic: L2TP/IPSec for Road Warrior
Replies: 93
Views: 49897

Re: L2TP/IPSec for Road Warrior

Can a mAP be used to tunnel to a Mikrotik using IPIP or EOIP with the mAP letting multiple users in?
I tried this about a year ago but never did get it to work. I think my stumbling point was trying to get the mAP into a motel wifi for the WAN side.
by jaytcsd
Thu Feb 22, 2018 8:28 am
Forum: Announcements
Topic: v6.41.2 [current]
Replies: 124
Views: 52252

Re: v6.41.2 [current]

My hAPlite locked up after upgrading from 6.3 something using quickset to download and install. I upgraded winbox through the tool option first, it crashed. It worked when I restarted it and I got into the router to run quickset. It rebooted OK, I got in and was looking at the log when it died. I've...
by jaytcsd
Wed Jan 31, 2018 8:08 am
Forum: Beginner Basics
Topic: Why does this firewall rule block my internet? [SOLVED]
Replies: 3
Views: 1434

Re: Why does this firewall rule block my internet? [SOLVED]

>>but if I enable add chain=forward src-address=192.168.0.0/16 action=drop I can no longer access the internet.

That means your LAN is using that IP range.
I use a similar rule to block individual PCs when I first install new software to see if they try to 'phone home' after install.
by jaytcsd
Fri Dec 29, 2017 8:17 am
Forum: General
Topic: VPN - unable to ping win10 PC's, other devices = no problem....
Replies: 2
Views: 974

Re: VPN - unable to ping win10 PC's, other devices = no problem....

Since the Mikrotik can ping the win 10 PCs it seems like it's blocking responses with a forward rule.
Can the win 10 PCs ping each other?
by jaytcsd
Thu Dec 28, 2017 2:45 am
Forum: General
Topic: Public-Mikrotik-Bandwidth-Test-Server(s)
Replies: 1009
Views: 1119502

Re: Public-Mikrotik-Bandwidth-Test-Server(s)

I was able to do a send test from my cable ISP but my DSL hung. both worked on RX mode.
Now my PC is on my cable router to feed my cloud backup from my NAS, this test helped me cut upload time.
by jaytcsd
Sun Oct 08, 2017 8:39 am
Forum: Beginner Basics
Topic: L2TP/IPsec with firewall rule
Replies: 6
Views: 40781

Re: L2TP/IPsec with firewall rule

Try it now, I moved to a new hosting site and forgot to change indexing permissions.
by jaytcsd
Fri Sep 08, 2017 8:45 am
Forum: Beginner Basics
Topic: Site to Site VPN (on both sides same ip subnet)
Replies: 17
Views: 14874

Re: Site to Site VPN (on both sides same ip subnet)

I had an EoIP tunnel between 2 RB750s, both were on 192.168.100.0/24. I only ran DHCP on one router since most PC are static IPs. This worked fine for over a year and then it quit after an update. I was busy at the time and didn't try to figure out what happened, then I started firmware upgrades thi...
by jaytcsd
Tue Jun 20, 2017 8:44 pm
Forum: Beginner Basics
Topic: Site to Site IpSec Tunnel
Replies: 23
Views: 31967

Re: Site to Site IpSec Tunnel

[quote]That is a *really bad* idea! Renumber one of the networks.[/quote]

but it worked for almost a year.

Yesterday was my anniversary so I paid more attention to my wife than my routers, it's better for my mental and physical health that way.
by jaytcsd
Mon Jun 19, 2017 6:44 am
Forum: Beginner Basics
Topic: Site to Site IpSec Tunnel
Replies: 23
Views: 31967

Re: Site to Site IpSec Tunnel

Diving into this project now, thanks for the info, if you do that with an "idle mind" I can't imagine what happens when you drop the clutch at 4,000 rpm.
by jaytcsd
Sun Jun 18, 2017 10:11 pm
Forum: Beginner Basics
Topic: Site to Site IpSec Tunnel
Replies: 23
Views: 31967

Re: Site to Site IpSec Tunnel

For my simple setup of a home office to home office does the MTU advantage of IPIP over GRE make much difference? My understanding is that a larger MTU gives more bandwidth due to greater % of data passing by not needing so much overhead due to few packet required. I just noticed that Greg's example...
by jaytcsd
Sun Jun 18, 2017 5:32 pm
Forum: Beginner Basics
Topic: Site to Site IpSec Tunnel
Replies: 23
Views: 31967

Re: Site to Site IpSec Tunnel

Does GRE have any security advantages over IPIP? I had EOIP working for almost a year and then it quit after an upgrade, gave up trying to fix it. Greg Sowell has an IPIP example using IPsec so I'm going to try that next. The manual says IPIP can be used with IPv6. "IP/IPv6 over IPv6 tunnel fun...
by jaytcsd
Sun Jun 18, 2017 8:34 am
Forum: Beginner Basics
Topic: Site to Site IpSec Tunnel
Replies: 23
Views: 31967

Re: Site to Site IpSec Tunnel

@ pe1chl - Any idea is GRE is less or more processor intensive than EOIP?
by jaytcsd
Sun May 07, 2017 1:43 am
Forum: General
Topic: STOP WINBOX DISCOVERY
Replies: 5
Views: 4277

Re: STOP WINBOX DISCOVERY

@k6ccc - What is the bottom flag in your profile pic?
by jaytcsd
Sun Apr 09, 2017 7:30 am
Forum: General
Topic: L2TP VPN
Replies: 2
Views: 971

Re: L2TP VPN

I noticed the screens for IPsec peer changed in winbox during a recent upgrade, port was 500 in my old version but has been reset after the upgrade.
by jaytcsd
Sun Apr 09, 2017 7:23 am
Forum: General
Topic: EOIP tunnel quit working
Replies: 0
Views: 874

EOIP tunnel quit working

I have an RB750 and RB751U that worked fine using EOIP and IPSEC, then quit one day. MT support looked in each end and said there is no problem, but I can't ping addresses from one site to the other. I have IPsec SAs on each end so the tunnel part is working. /ip ipsec installed-sa> pr Flags: A - AH...
by jaytcsd
Sun Jan 29, 2017 1:31 am
Forum: Beginner Basics
Topic: My first VPN
Replies: 3
Views: 1353

Re: My first VPN

I use IPsec over EOIP between 2 Mikrtotiks and until I upgraded to 6.38 it worked fine. I used the wiki and Greg Sowell's examples. I have some winbox screen prints here for how I did my setup. http://eoip.patokatech.com/ 192.168.100.1 and 192.168.100.10 are the router IPs. 2 weeks ago the VPN quit,...
by jaytcsd
Sun Nov 13, 2016 12:42 am
Forum: General
Topic: L2TP through IPSEC problem
Replies: 4
Views: 1782

Re: L2TP through IPSEC problem

I seem to recall having this problem, I think I had to allow 500, 1701 and 4500 in my forward rules.
by jaytcsd
Sun Nov 13, 2016 12:31 am
Forum: Beginner Basics
Topic: The correct order of the rules in the firewall.
Replies: 2
Views: 1586

Re: The correct order of the rules in the firewall.

A list of if/then rules should run faster than a list of if/mark because you have to execute all the mark rules before you start
processing them.
Putting rules most likely to be seen first will cut down on the processing time.
by jaytcsd
Sun Oct 23, 2016 8:00 pm
Forum: Beginner Basics
Topic: RDP not working over Ipsec site-2-site
Replies: 4
Views: 3315

Re: RDP not working over Ipsec site-2-site

RDP works on EOIP / IPSEC between my 2 Mikrotiks. I don't have as many firewall rules as you do, I'd disable from # 8 on and see if that works, then start enabling them one at a time. If I had a dime for each time my Mikrotik did what I told it to do instead of what I wanted it to do I'd be a millio...
by jaytcsd
Sun Oct 02, 2016 8:26 am
Forum: General
Topic: IPSec dual links
Replies: 6
Views: 1916

Re: IPSec dual links

[quote]In your IPSec Policy, General Tab -- look for the Protocol Field. [/quote]

Any idea if tunnel security or speed is increased by limiting to a specific protocol?
by jaytcsd
Sun Oct 02, 2016 8:19 am
Forum: Beginner Basics
Topic: EoIP and DHCP question
Replies: 2
Views: 1377

Re: EoIP and DHCP question

I have 2 Mikrotiks linked over an EOIP tunnel, both are on 192.168.100.0/24. Each router runs DHCP with different pools. I tried using just one DHCP server but if the tunnel goes down (it does when my ISP changes my WAN address every couple of months) the far end can't get to the internet which mean...
by jaytcsd
Sun Oct 02, 2016 3:36 am
Forum: Beginner Basics
Topic: L2TP Firewall Issue [Solved while writing post]
Replies: 2
Views: 2951

Re: L2TP Firewall Issue [Solved while writing post]

[code]add action=drop chain=forward connection-nat-state=!dstnat connection-state=\
new in-interface=ether2-ufb [/code]

First time I've seen that, is that VPN only or another way to prevent router intrusion?
by jaytcsd
Sun Sep 25, 2016 6:06 am
Forum: General
Topic: Does L2TP with IPSec actually work?
Replies: 10
Views: 14831

Re: Does L2TP with IPSec actually work?

Never used PPTP, can't help you there.
by jaytcsd
Sun Sep 18, 2016 8:35 am
Forum: General
Topic: Does L2TP with IPSec actually work?
Replies: 10
Views: 14831

Re: Does L2TP with IPSec actually work?

[quote]running L2TP/IPSEC on it is not the best idea.[/quote] I have it working both from a win 7/8/10 client and by EOIP tunnel between 2 Mikrotiks. I don't use certs, just passwords. How would I know if my tunnel is not secure? I log into the router and add my temporary WAN IP to the input firewal...
by jaytcsd
Sun Sep 18, 2016 8:22 am
Forum: General
Topic: Frequent Watchdog Reboots
Replies: 9
Views: 3949

Re: Frequent Watchdog Reboots

Dave - do the routers reboot on 12 v if the watchdog is off?
by jaytcsd
Sun Sep 18, 2016 6:37 am
Forum: Beginner Basics
Topic: SIMPLE SITE_SITE VPN
Replies: 3
Views: 1327

Re: SIMPLE SITE_SITE VPN

I got EOIP working after trying IPIP, never could make it work. I have 192.168.100.0/24 at both sites, most examples I saw had 2 separate IP schemes which I didn't want.

Greg Sowell has good examples on his site.
http://gregsowell.com/?page_id=951
by jaytcsd
Mon Aug 15, 2016 8:32 am
Forum: General
Topic: Possible YouTube video ideas
Replies: 28
Views: 7281

Re: Possible YouTube video ideas

Site to site VPN comparisons of PPTP, L2TP, EOIP, EIEIO, IPIP tunnels.

Like a lot of users I'm self taught in IP and Mikrotik, I cut and past many of your examples.

PLEASE don't put music on the video.
by jaytcsd
Mon Aug 01, 2016 10:38 pm
Forum: General
Topic: Mapped folder not resolving in windows
Replies: 6
Views: 1804

Re: Mapped folder not resolving in windows

I don't have v6 installed on the RB nor do I have it enabled on any PC, that's what makes this weird.
by jaytcsd
Mon Aug 01, 2016 9:31 pm
Forum: General
Topic: Mapped folder not resolving in windows
Replies: 6
Views: 1804

Re: Mapped folder not resolving in windows

When I ping PC 'R935' on that PC I get an IPv6 reply but get v4 addresses from other PCs. R935 has v6 disabled.
I never realized names could be pinged, I always used \\pcname in file explorer to verify.
by jaytcsd
Mon Aug 01, 2016 9:15 pm
Forum: General
Topic: wifi bands in the USA
Replies: 2
Views: 1940

wifi bands in the USA

My RB751 has a full country list for wifi bands. I've always used United States but see US 2 and 3 listed along with some other US ranges. I have not seen what US 2 or 3 cover and in light of the FCC's $200,000 fine to TP Link for allowing Americans to use illegal power levels was wondering if Mikro...
by jaytcsd
Mon Aug 01, 2016 5:22 am
Forum: General
Topic: Mapped folder not resolving in windows
Replies: 6
Views: 1804

Re: Mapped folder not resolving in windows

Netbios names won't go across a VPN unless you use EOIP, but they work on my LAN without any special rules.
by jaytcsd
Sun Jul 17, 2016 6:28 am
Forum: General
Topic: Need IPSEC + GRE Performance Help
Replies: 8
Views: 3165

Re: Need IPSEC + GRE Performance Help

My EOIP tunnel pings went from 500-700 ms to over a second in the last few months, not sure what happened. I will give your ideas a try.

See if this program will help with your speed testing.

http://nutsaboutnets.com/netstress/
by jaytcsd
Sun Jul 17, 2016 6:15 am
Forum: Beginner Basics
Topic: VPN Ping is working only with gateway
Replies: 3
Views: 1612

Re: VPN Ping is working only with gateway

http://l2tp.patokatech.com/

This is my setup for L2TP VPN, maybe you'll find something that will help, I don't mess with PPTP.
 
by jaytcsd
Tue May 24, 2016 8:22 am
Forum: Beginner Basics
Topic: L2TP/IPsec with firewall rule
Replies: 6
Views: 40781

Re: L2TP/IPsec with firewall rule

http://l2tp.patokatech.com/

screen prints of my L2TP setup, win 7, 8 and droid phone all work.
by jaytcsd
Tue May 24, 2016 8:19 am
Forum: Beginner Basics
Topic: What's the difference between EoIP, L2TP?
Replies: 4
Views: 7287

Re: What's the difference between EoIP, L2TP?

I have an RB750 tunneled to a 751 using EOIP with L2TP. One Mikrotik is 192.168.100.2, the other is 192.168.100.10. I started out using 192.168.200.x for my second site but could not make it work. EOIP lets me access PCs on the network by their name, ie \\acer2\c, where L2TP from a laptop on a motel...
by jaytcsd
Wed May 04, 2016 9:09 am
Forum: General
Topic: EoIP IPsec Secrect doesn't inherit Security settings from default IPSec Proposal
Replies: 1
Views: 1145

Re: EoIP IPsec Secrect doesn't inherit Security settings from default IPSec Proposal

I just changed my IPsec proposal from 3des to twofish and the installed SAs reflected the change within a minute.

I changed both ends of my EOIP L2TP tunnel.
by jaytcsd
Wed Apr 20, 2016 7:20 am
Forum: Beginner Basics
Topic: Hotel Room Access Page
Replies: 3
Views: 1270

Re: Hotel Room Access Page

I've been trying to do the same thing with my mAP lite but am stuck at the same point you are.
by jaytcsd
Sun Apr 17, 2016 1:01 am
Forum: General
Topic: L2TP/IPSec VPN server config for clients behind NAT
Replies: 8
Views: 12209

Re: L2TP/IPSec VPN server config for clients behind NAT

http://l2tp.patokatech.com/

These are winbox screen prints of my system. I have to add an input rule to allow my IP when I'm using motel wifi.
by jaytcsd
Thu Apr 07, 2016 10:48 am
Forum: General
Topic: L2tp/IPsec is driving me crazy !!!!
Replies: 10
Views: 3400

Re: L2tp/IPsec is driving me crazy !!!!

I got the flu and was offline for a week during recovery. Did you ever get your system working?
by jaytcsd
Thu Apr 07, 2016 10:47 am
Forum: General
Topic: SOLVED - L2TP IPSEC stoped working after Upgrade to 6.18
Replies: 19
Views: 80897

Re: SOLVED - L2TP IPSEC stoped working after Upgrade to 6.18

I ran into this problem after a hardware reset when I lost the ability to get some websites to load. L2TP was working under 6.33 and up to 6.34.2 via quickset upgrades. After the reset I added L2TP but got the pre-process error. While using the terminal to fix this I found a bug in winbox 2.2.18, it...
by jaytcsd
Tue Mar 22, 2016 8:08 am
Forum: General
Topic: L2tp/IPsec is driving me crazy !!!!
Replies: 10
Views: 3400

Re: L2tp/IPsec is driving me crazy !!!!

I will take a look tonight, been busy this week.
I know how frustrating this is, took me a month to get working.

One of my IPs changed last week, even though I changed the rules to reflect that, the tunnel only worked one way until I rebooted it.
by jaytcsd
Sat Mar 19, 2016 7:08 am
Forum: General
Topic: L2tp/IPsec is driving me crazy !!!!
Replies: 10
Views: 3400

Re: L2tp/IPsec is driving me crazy !!!!

http://l2tp.patokatech.com/

winbox screen shots of my router, I can connect with my droid.
You have to allow your iphone's IP access with an input rule if you have a generic 'block all else' rule at the end of the list.
by jaytcsd
Thu Mar 10, 2016 11:04 am
Forum: General
Topic: Unable to make L2TP over IPSec work from Android / iOS / OS X to RouterOS (error phase1 negotiation failed)
Replies: 5
Views: 4671

Re: Unable to make L2TP over IPSec work from Android / iOS / OS X to RouterOS (error phase1 negotiation failed)

Screen prints of my router for L2TP, not fancy but should get you going. http://l2tp.patokatech.com/ My droid works fine, but I have to allow my IP in my input rules before I can access the VPN. The last 2 times I ran whatismyip.com my Verizon droid came up with an IPv6 address, so I temporarily dis...
by jaytcsd
Tue Mar 01, 2016 7:11 am
Forum: General
Topic: mAP lite and motel wifi
Replies: 3
Views: 1082

Re: mAP lite and motel wifi

I used the motel's cat 5 cable and got it to work with 6.34.2 last night, tonight I can't get the sign on page to load. Too tired to mess with it tonight.
by jaytcsd
Sun Feb 28, 2016 8:20 am
Forum: General
Topic: mAP lite and motel wifi
Replies: 3
Views: 1082

mAP lite and motel wifi

Just got my mAP and was wondering if anyone has tips on how to make this work on a motel wifi. I want to use the mAP as a client to the motel's system and as an AP for my PCs so I can use EOIP back to my home RB751. Most motels require a sign in using last name and room number or some other process ...
by jaytcsd
Wed Feb 24, 2016 10:04 am
Forum: Beginner Basics
Topic: IPSec tunnel connects, but unable to ping or connect to remote network [SOLVED]
Replies: 12
Views: 6477

Re: IPSec tunnel connects, but unable to ping or connect to remote network

@ Desjani
Do you want to mark this topic Solved in the subject in case someone else is looking for a solution?
by jaytcsd
Sun Feb 21, 2016 7:01 am
Forum: General
Topic: Ipsec - Overlapping Private Networks
Replies: 5
Views: 3318

Re: Ipsec - Overlapping Private Networks

I have 2 RB751s using an EOIP tunnel, both networks are 192.168.100/24.

One router is 192.168.100.1, the other is .10.

I posted my rules in this post.
http://forum.mikrotik.com/viewtopic.php?f=13&t=104238
by jaytcsd
Wed Feb 17, 2016 10:09 am
Forum: Beginner Basics
Topic: hAP lite Mikrotik VPN
Replies: 2
Views: 1432

Re: hAP lite Mikrotik VPN

Can you log into the VPN?

If you can then you should be able to use windows or file explorer by using the IP address of the PC.
\\192.168.1.15 will work, not \\workgroup\pcname.
by jaytcsd
Wed Feb 17, 2016 10:05 am
Forum: Beginner Basics
Topic: IPsec site 2 site VPN. Ping fails in one direction.
Replies: 36
Views: 21026

Re: IPsec site 2 site VPN. Ping fails in one direction.

These are sites I looked at when I was trying to get IPsec tunnel working. I noticed most seemed to be version 5 software, maybe that's the key. http://wiki.mikrotik.com/wiki/Securing_L2TP_Server_for_IPSec https://www.youtube.com/watch?v=oR4G6SZ3LcM https://www.youtube.com/watch?v=y68Dx8iPikA https:...
by jaytcsd
Wed Feb 17, 2016 9:53 am
Forum: Beginner Basics
Topic: L2TP VPN remote access can't connect
Replies: 3
Views: 1113

Re: L2TP VPN remote access can't connect

My win 10 PC can connect using L2TP to my RB751, that 751 is using an EOIP tunnel to another 751, nothing drops.

Does your log show any error messages?
by jaytcsd
Sun Feb 14, 2016 7:09 am
Forum: Beginner Basics
Topic: L2TP VPN remote access can't connect
Replies: 3
Views: 1113

Re: L2TP VPN remote access can't connect

Make sure your IPsec secret is the same for the tunnel and the VPN client.
by jaytcsd
Fri Feb 12, 2016 10:18 am
Forum: Beginner Basics
Topic: L2TP (IPSec) - key length mismatched, mine:128 peer:256 & authtype mismatched: my:hmac-sha1 peer:hmac-md5
Replies: 2
Views: 5805

Re: L2TP (IPSec) - key length mismatched, mine:128 peer:256 & authtype mismatched: my:hmac-sha1 peer:hmac-md5

Just guessing, are your IPsec proposals and peer encryption algorithms the same in each Mikrotik?
by jaytcsd
Fri Feb 12, 2016 10:13 am
Forum: Beginner Basics
Topic: ipsec vpn - same local subnets
Replies: 10
Views: 3679

Re: ipsec vpn - same local subnets

Have not looked at the video, here are my rules with your IPs site 1 /interface eoip> pr Flags: X - disabled, R - running 0 R name="to site 2" mtu=auto actual-mtu=1424 l2mtu=65535 mac-address=(blanked) arp=enabled local-address=1.1.1.1 remote-address=2.2.2.2 tunnel-id=0 dscp=inherit clamp-...
by jaytcsd
Fri Feb 12, 2016 9:47 am
Forum: Beginner Basics
Topic: IPsec site 2 site VPN. Ping fails in one direction.
Replies: 36
Views: 21026

Re: IPsec site 2 site VPN. Ping fails in one direction.

I have never tried a tunnel from a Mikrotik to any other router.

Greg Sowell has examples of IPsec and IPIP tunnels from Mikrotik to Cisco on his site.

http://gregsowell.com/?p=1290
by jaytcsd
Tue Feb 09, 2016 7:32 am
Forum: Beginner Basics
Topic: ipsec vpn - same local subnets
Replies: 10
Views: 3679

Re: ipsec vpn - same local subnets

On the road for a few days, will look at the video and let you know, maybe, I'm not an expert.
by jaytcsd
Sun Feb 07, 2016 9:50 am
Forum: General
Topic: L2TP through IPSEC problem
Replies: 4
Views: 1782

Re: L2TP through IPSEC problem

Is your client using the L2TP client on his PC or his Mikrotik as the client?

I can use my windows 8 PC through a Mikrotik into a VPN on a remote Mikrotik, the local router can't have any port blocking on 500, 1701 or 4500.
by jaytcsd
Sun Feb 07, 2016 8:41 am
Forum: Beginner Basics
Topic: IPsec site 2 site VPN. Ping fails in one direction.
Replies: 36
Views: 21026

Re: IPsec site 2 site VPN. Ping fails in one direction.

I had the same problem, switched to EOIP tunnels and made both sites the same IP range, working fine now.
by jaytcsd
Sun Feb 07, 2016 8:36 am
Forum: Beginner Basics
Topic: IPSec tunnel connects, but unable to ping or connect to remote network [SOLVED]
Replies: 12
Views: 6477

Re: IPSec tunnel connects, but unable to ping or connect to remote network

I could not ping from inside one tunnel to inside the other using IPsec tunnels, but could ping in the reverse direction, ie 192.168.100.20 could ping 192.168.200.20 but not from 200.20 to 100.20. I don't think EOIP helped that either, spent a long time experimenting to get this working and forgot a...
by jaytcsd
Wed Feb 03, 2016 10:37 am
Forum: Beginner Basics
Topic: ipsec vpn - same local subnets
Replies: 10
Views: 3679

Re: ipsec vpn - same local subnets

I'm running an EOIP tunnel with IPsec between 2 routerboards on 192.168.100.0/24. Site 1 LAN is 192.168.100.1, site 2 is 192.168.100.10. I only have 10 devices so it's easy to keep track of addressing. Site 1 is running dhcp, but most of my devices are static. Site 2 devices use the .10 router as th...
by jaytcsd
Sat Jan 30, 2016 8:17 am
Forum: Beginner Basics
Topic: L2TP IPSec VPN = not working.
Replies: 9
Views: 22400

Re: L2TP IPSec VPN = not working.

/ip firewall filter> pr
Flags: X - disabled, I - invalid, D - dynamic

;;; L2TP
chain=input action=accept protocol=udp src-port=500,1701,4500 log=no
log-prefix=""

this works just as well as 3 separate rules, one for each port.
by jaytcsd
Fri Jan 29, 2016 4:02 am
Forum: Beginner Basics
Topic: IPSec tunnel connects, but unable to ping or connect to remote network [SOLVED]
Replies: 12
Views: 6477

Re: IPSec tunnel connects, but unable to ping or connect to remote network

Site 1 is the opposite of 2, too lazy to post it's rules. site 2 /interface eoip> pr Flags: X - disabled, R - running 0 R name="to site 1" mtu=auto actual-mtu=1396 l2mtu=65535 mac-address=02:xxxxx arp=enabled local-address=(site 2 WAN IP) remote-address=(site 1 WAN IP) tunnel-id=0 dscp=inh...
by jaytcsd
Thu Jan 28, 2016 8:29 am
Forum: Beginner Basics
Topic: IPSec tunnel connects, but unable to ping or connect to remote network [SOLVED]
Replies: 12
Views: 6477

Re: IPSec tunnel connects, but unable to ping or connect to remote network

I had problems with IPsec tunnels but got EOIP with IPsec working very easily.
by jaytcsd
Tue Jan 19, 2016 9:03 am
Forum: General
Topic: LAN-to-LAN IPSEC tunnel, one side with dynamic IPs
Replies: 6
Views: 3363

Re: LAN-to-LAN IPSEC tunnel, one side with dynamic IPs

@MRZ - Does mode conf have an advantage over EOIP?

I have 2 sites connected by EOIP, could not get 192.168.100.0/24 site to see the other site with 192.168.200.0/24, so I changed the 200 network to 100. It's working fine.

thanks
by jaytcsd
Sat Jan 16, 2016 11:34 am
Forum: General
Topic: [RB133] Failed to connect to <IP>, then Miktotik doesn't work
Replies: 4
Views: 998

Re: [RB133] Failed to connect to <IP>, then Miktotik doesn't work

I got netinstall to work on a 532 but not a 133 that locked up after upgrading to 6.33.3.
I think the RB needs to use ETH 1 for netinstall.

Try forcing the PC's NIC to 10 or 100 meg in case auto negotiate is causing a problem.
by jaytcsd
Sat Jan 16, 2016 11:24 am
Forum: Beginner Basics
Topic: Can this System History show a Security issue ?
Replies: 4
Views: 1366

Re: Can this System History show a Security issue ?

http://gregsowell.com/?p=1076

Good router security tips here.
The wiki has info as well.

The demo router has a basic setup.
demo.mt.lv
user demo, no password
by jaytcsd
Fri Jan 15, 2016 11:34 am
Forum: Announcements
Topic: v6.33.5 [current] is released!
Replies: 120
Views: 52877

Re: v6.33.5 [current] is released!

Is this OK for routerboard 133 and 532?
My RB133 died after upgrading to 6.33, now I can't get netinstall to see it to force it back to 6.32 like you suggested.
by jaytcsd
Fri Jan 15, 2016 11:20 am
Forum: Beginner Basics
Topic: L2TP IPsec doesn't work from other city
Replies: 4
Views: 2584

Re: L2TP IPsec doesn't work from other city

I use L2TP with IPsec on my VPNs.
I was in a motel this year that let users print to their kiosk printer by wifi. The IP address was on the printer, just on a whim I put that in my browser and got the non password protected control panel.
by jaytcsd
Sun Jan 10, 2016 10:07 pm
Forum: Beginner Basics
Topic: EOIP tunnel OK until I add IPsec
Replies: 0
Views: 1540

EOIP tunnel OK until I add IPsec

Never mind, figured out what I was doing wrong. This works fine between 2 RB750s on 6.33.3. site1 WAN xx.yy.zz.237 LAN 192.168.90.1 site 2 (garage) WAN xx.yy.zz.80 LAN 192.168.90.3 site 1 /interface eoip> pr Flags: X - disabled, R - running 0 R name="to garage" mtu=auto actual-mtu=1458 l2m...
by jaytcsd
Sun Jan 10, 2016 5:15 am
Forum: Beginner Basics
Topic: L2TP IPsec doesn't work from other city
Replies: 4
Views: 2584

Re: L2TP doesn't work from other city

I gave up using motel wifi because so many seemed to be blocking ports needed to pass VPN traffic.
by jaytcsd
Sun Jan 10, 2016 5:01 am
Forum: General
Topic: IPSec Site2Site VPN not NATting
Replies: 3
Views: 1648

Re: IPSec Site2Site VPN not NATting

I tried IPIP tunnel without any luck, will dive into EOIP and see what happens.
by jaytcsd
Tue Jan 05, 2016 5:51 am
Forum: General
Topic: L2TP VPN problem to connect from Windows 7
Replies: 11
Views: 5347

Re: L2TP VPN problem to connect from Windows 7

http://l2tp.patokatech.com/

This works for win 7, 8 and android phones.
by jaytcsd
Tue Jan 05, 2016 5:09 am
Forum: Beginner Basics
Topic: VPN with Android Mobile to MikroTik RouterOS version 6.13
Replies: 40
Views: 46802

Re: VPN with Android Mobile to MikroTik RouterOS version 6.13

Been busy trying to get site to site IPsec working, haven't had a chance to try this yet.
by jaytcsd
Sat Jan 02, 2016 5:33 am
Forum: Beginner Basics
Topic: IPSEC Site-to-site
Replies: 6
Views: 1975

Re: IPSEC Site-to-site

@ LaRP - what version are you running?
It dawned on me earlier today that the examples I've been looking at are version 5 or earlier, Greg's video is 3.29.
by jaytcsd
Thu Dec 31, 2015 11:45 pm
Forum: Beginner Basics
Topic: IPSEC Site-to-site
Replies: 6
Views: 1975

Re: IPSEC Site-to-site

I have IPsec SAs coming out my ASS in both routers, both can ping the the opposite site's LAN. A laptop on site 2 at 192.168.91.25 can VNC into a site 1 laptop at 192.168.90.25, so I have one way working, still trying to figure out why I can't get both sides working. Last week the PC at 90.25 could ...
by jaytcsd
Thu Dec 31, 2015 12:15 pm
Forum: Beginner Basics
Topic: IPSEC Site-to-site
Replies: 6
Views: 1975

Re: IPSEC Site-to-site

site 1 - router is 192.168.90.1 /ip firewall nat> pr Flags: X - disabled, I - invalid, D - dynamic 0 chain=srcnat action=accept src-address=192.168.90.0/24 dst-address=192.168.91.0/24 log=yes log-prefix="SRC-NAT" 1 ;;; default configuration chain=srcnat action=masquerade out-interface=WAN ...
by jaytcsd
Thu Dec 31, 2015 8:13 am
Forum: Announcements
Topic: Newsletter 69
Replies: 17
Views: 14127

Re: Newsletter 69

[quote]Since you already opened it, there is a download button in the bottom right corner. [/quote]

I use NoScript, my page is black with grayed out text about requiring Javascript to view the page.
by jaytcsd
Wed Dec 30, 2015 7:00 am
Forum: Beginner Basics
Topic: server & printers behind router & VPN
Replies: 7
Views: 2108

Re: server & printers behind router & VPN

http://l2tp.patokatech.com/
These are winbox screen prints of my L2TP VPN setup, I think PPTP should be similar.
by jaytcsd
Wed Dec 30, 2015 2:10 am
Forum: Announcements
Topic: Newsletter 69
Replies: 17
Views: 14127

Re: Newsletter 69

Anyway to read the pdf without running java script from Adobe?
by jaytcsd
Tue Dec 29, 2015 10:23 am
Forum: Beginner Basics
Topic: IPSEC Site-to-site
Replies: 6
Views: 1975

Re: IPSEC Site-to-site

Welcome to the club, there are a number of us with the same problem. I finally was able to ping a PC at the far end of the tunnel and use VNC to control it, but it quit working after I rebooted the PC after windows update. All the youtube and wiki articles seem to only ping from one router LAN IP to...
by jaytcsd
Tue Dec 29, 2015 10:05 am
Forum: General
Topic: VPN connection L2tp. pc to workplace.
Replies: 15
Views: 4004

Re: VPN connection L2tp. pc to workplace.

I'll look at your setup and see if anything stands out.

Can you ping the NAS and IPs from the tools menu in winbox when you connect to its WAN IP?

When you connect with your laptop are you putting
\\10.145.10.253
in file explorer?
That was a stumbling point for me.
by jaytcsd
Mon Dec 28, 2015 11:36 am
Forum: General
Topic: ping can't find addresses IP scan shows
Replies: 5
Views: 3451

Re: ping can't find addresses IP scan shows

This is my first (and probably last) win 10 PC, I guess it's refusing pings by default, I only had it on long enough to install some remote control programs. When I turned it on after reading your reply it said my files were safe and then "we'll be ready soon", that was over an hour ago, l...
by jaytcsd
Sun Dec 27, 2015 11:12 am
Forum: Beginner Basics
Topic: IPsec site to site VPN with problems
Replies: 4
Views: 1542

Re: IPsec site to site VPN with problems

I managed to get to the point you did, I could ping from my 192.168.90.0/24 network to the RB750 at 192.168.91.1 and a win 7 PC at 91.25. Neither the win 7 PC nor the router could ping a win 8 PC at 192.168.90.25. The win 8 PC could ping 91.1 and 91.25. I ran windows update on the win 7 PC and after...
by jaytcsd
Sun Dec 27, 2015 11:01 am
Forum: General
Topic: VPN connection L2tp. pc to workplace.
Replies: 15
Views: 4004

Re: VPN connection L2tp. pc to workplace.

http://l2tp.patokatech.com/ These are screen shots of my winbox settings, I can connect from my win 8 PC and ping any 192.168.100.0/24 address, see my NAS, use VNC to control PCs, etc. This setup is on a routerboard 133, the RB750 has :: for the local address in IPsec peer. If your last firewall inp...
by jaytcsd
Sun Dec 20, 2015 11:19 am
Forum: General
Topic: ping can't find addresses IP scan shows
Replies: 5
Views: 3451

ping can't find addresses IP scan shows

[attachment=0]ping and scan.gif[/attachment]
by jaytcsd
Sun Dec 20, 2015 11:12 am
Forum: General
Topic: Problems with IPSec and Android
Replies: 3
Views: 2192

Re: Problems with IPSec and Android

My droid works fine on 6.23 with these settings. Firewall is set to allow udp 500, 1701 and 4500, plus 50 ipsec-esp. /ppp secret> pr de Flags: X - disabled # NAME SERVICE CALLER-ID PASSWORD PROFILE REMOTE-ADDRESS 0 name="me" service=l2tp caller-id="" password="pissoff" ...
by jaytcsd
Sat Dec 19, 2015 11:18 am
Forum: Beginner Basics
Topic: VPN with Android Mobile to MikroTik RouterOS version 6.13
Replies: 40
Views: 46802

Re: VPN with Android Mobile to MikroTik RouterOS version 6.13

I'll give it a try, thanks for the detailed info.
by jaytcsd
Wed Dec 16, 2015 7:46 pm
Forum: Beginner Basics
Topic: IPsec site to site VPN with problems
Replies: 4
Views: 1542

Re: IPsec site to site VPN with problems

I know what you mean about being close.
I found a youtube video that appeared to have PCs on each Mikrotik that could ping both ways, I can't find it now.

I'll post my rules so you can compare and see what I'm missing since you're a step ahead of me.
by jaytcsd
Mon Dec 14, 2015 11:25 am
Forum: Beginner Basics
Topic: IPsec site to site VPN with problems
Replies: 4
Views: 1542

Re: IPsec site to site VPN with problems

Which kind of tunnel did you use?
I tried Greg's IPsec tunnel and could not ping any IPs behind the router at either end, so you're ahead of me.
by jaytcsd
Mon Dec 14, 2015 11:15 am
Forum: Beginner Basics
Topic: LT2P client with static localIP
Replies: 1
Views: 716

Re: LT2P client with static localIP

I put my static IPs in the PPP secret field, not the profile, works fine. /ppp secret> pr det Flags: X - disabled # NAME SERVICE CALLER-ID PASSWORD PROFILE REMOTE-ADDRESS 0 name="user" service=l2tp caller-id="" password="pissoff" profile=default-encryption local-address...
by jaytcsd
Tue Dec 08, 2015 7:58 pm
Forum: General
Topic: v6.33.3 [current] is released!
Replies: 59
Views: 25798

Re: v6.33.3 [current] is released!

I found a routerboard 532 with 2.95 sitting in a drawer, so far I can't upgrade it by dragging any v5 or 6 .npk file into the files directory and rebooting.
How can I upgrade this?
by jaytcsd
Fri Dec 04, 2015 9:58 am
Forum: Beginner Basics
Topic: Another help me with L2TP/IPSEC proxy-arp...
Replies: 11
Views: 6686

Re: Another help me with L2TP/IPSEC proxy-arp...

At first glance I didn't see any difference in the first digest post than most other sites except he has none for the PFS group in IP sec proposals.

I accidentally changed my IP sec peer to port strict from port override in the generate policy field and lost my site to site tunnel.
by jaytcsd
Sun Nov 29, 2015 10:06 pm
Forum: Beginner Basics
Topic: IPsec VPN site to site
Replies: 3
Views: 2872

Re: IPsec VPN site to site

Have you tried this setup?

http://gregsowell.com/wp-content/plugin ... .php?id=15

I can get the routers to ping but can't get any devices behind them to see the other side of the tunnel.
by jaytcsd
Sun Nov 29, 2015 8:47 pm
Forum: Beginner Basics
Topic: Another help me with L2TP/IPSEC proxy-arp...
Replies: 11
Views: 6686

Re: Another help me with L2TP/IPSEC proxy-arp...

I found out what was causing me the same problem, proxy arp on the bridge interface got turned off.
by jaytcsd
Sun Nov 29, 2015 9:14 am
Forum: General
Topic: IPSec Site2Site VPN not NATting
Replies: 3
Views: 1648

Re: IPSec Site2Site VPN not NATting

I have the same problem. I copied Greg Sowell's example from https://www.youtube.com/watch?v=oR4G6SZ3LcM but can't ping any addresses other than the routers. I did see a youtube example that looked to be the same as Greg's but the guy did ping PCs on each end of the tunnel from a PC at the other, so...
by jaytcsd
Wed Nov 11, 2015 9:50 pm
Forum: Beginner Basics
Topic: VPN with Android Mobile to MikroTik RouterOS version 6.13
Replies: 40
Views: 46802

Re: VPN with Android Mobile to MikroTik RouterOS version 6.13

I looked at open VPN but couldn't figure out the cert process, looks like you stuck it out.
by jaytcsd
Sun Nov 08, 2015 9:49 pm
Forum: Beginner Basics
Topic: SSTP VPN CA certificate import problem
Replies: 2
Views: 1914

Re: SSTP VPN CA certificate import problem

I don't have much luck with the wikis. This site may have the answer, have not had a chance to try his way. I tried 3 or 4 wiki articles on SSTP and never got it working. http://www.nasa-security.net/mikrotik/sstp/ I found a youtube video for site to site SSTP VPN last week but did not bookmark it a...
by jaytcsd
Sun Nov 08, 2015 9:30 pm
Forum: Beginner Basics
Topic: VPN setup between 2 mikrotik routers
Replies: 2
Views: 4204

Re: VPN setup between 2 mikrotik routers

I used Greg Sowell's examples to setup tunnels between Mikrotiks. http://gregsowell.com/?page_id=951 I can ping the router's LAN IPs but not any PC on the LAN at the opposite end of the tunnel, still working on that. I also tried setting up one RB as a client to the other and still have the same pro...
by jaytcsd
Sun Nov 08, 2015 8:50 pm
Forum: Beginner Basics
Topic: VPN with Android Mobile to MikroTik RouterOS version 6.13
Replies: 40
Views: 46802

Re: VPN with Android Mobile to MikroTik RouterOS version 6.13

I have an L2TP VPN connection on a Verizon droid to an RB751 running 6.32.3.
by jaytcsd
Sun Nov 08, 2015 8:26 pm
Forum: Beginner Basics
Topic: L2TP VPN - need help
Replies: 3
Views: 954

Re: L2TP VPN - need help

I have L2TP VPN working on a droid, when I make my connection and go to whatismyip.com it shows the IP of the RB751, not my Verizon IP.

I don't have access to a Microsoft phone but I'm assuming your phone settings should be like a Windows PC.
by jaytcsd
Sat Nov 07, 2015 5:22 am
Forum: General
Topic: Is it possible for ISP to access my MikroTik?
Replies: 8
Views: 2917

Re: Is it possible for ISP to access my MikroTik?

[quote]Your ISP is technically able to detect which router you are using. [/quote] How? I turn off all services except winbox and that is not the default port. I guess someone could use winbox and try every port if they suspect Mikrotik. A routerboard will show up by the MAC address but running Mikr...
by jaytcsd
Sun Nov 01, 2015 8:34 am
Forum: General
Topic: error in wiki article?
Replies: 1
Views: 651

error in wiki article?

http://wiki.mikrotik.com/wiki/Testwiki/ ... e_Networks

Figure 9.3 has a PC at 192.168.8.2 in LAN 1 and a PC with the same address in LAN 2.
Since this is a bridged network how can 2 PCs have the same address?
by jaytcsd
Wed Oct 28, 2015 11:54 am
Forum: General
Topic: IPIP tunnel vs L2TP with IPsec
Replies: 0
Views: 1279

IPIP tunnel vs L2TP with IPsec

I finally got 2 RB 750s linked using an IPsec tunnel. I can only ping the far side LAN IPs on the routers and no other devices which means my next step is to add that ability by using L2TP. I need to keep my L2TP VPN servers working so I can use the VPN from a PC on the road. I think I need an IPIP ...
by jaytcsd
Mon Oct 26, 2015 10:38 pm
Forum: General
Topic: IPsec tunnel error with error Ignore because is not listening on ip address (Public Address)
Replies: 5
Views: 2888

Re: IPsec tunnel error with error Ignore because is not listening on ip address (Public Address)

I did hardware resets on an RB750 and 751U, updated to 6.32.3 and changed the 750 to 192.168.90.0/24. I disabled the WAN firewall rules and used Greg's guide for IPsec tunnel from Mikrotik to Mikrotik. The 750 is on my DSL system for its public IP, the 751 is on my cable modem. I can ping 192.168.88...
by jaytcsd
Mon Oct 26, 2015 3:35 am
Forum: General
Topic: IPsec tunnel error with error Ignore because is not listening on ip address (Public Address)
Replies: 5
Views: 2888

Re: IPsec tunnel error with error Ignore because is not listening on ip address (Public Address)

I tried Greg Sowell's method for IPsec tunnel between 2 Mikrotiks and have the same problem you do, can't ping or use VNC from one network to the other. I do see the public IPs in remote peers under IPsec. My stats show 'no state' and 'state sequence' errors. I have "invalid length of payload&q...
by jaytcsd
Sun Oct 18, 2015 10:28 pm
Forum: Wireless Networking
Topic: Set Wireless to Station + AP Mode Simultaneous? WISP Client?
Replies: 78
Views: 80605

Re: Set Wireless to Station + AP Mode Simultaneous? WISP Client?

I've been wanting this dual RF ability so I can use the motel wifi and use the Mikrotik as a VPN client so my traffic is protected.

I have not used the hAP or mAP, do you think the mAP would work in a back to back config like you are going to do with the hAP?
by jaytcsd
Sun Aug 23, 2015 5:00 am
Forum: General
Topic: Some websites don't load
Replies: 1
Views: 749

Re: Some websites don't load

I had similar problems with my RB133, turned out I had unchecked "allow remote requests" by mistake while changing DNS addresses, drove me nuts.
by jaytcsd
Fri Aug 21, 2015 2:17 pm
Forum: General
Topic: L2TP works on one RB751 but not on a different firmware version
Replies: 0
Views: 685

L2TP works on one RB751 but not on a different firmware version

RB751U-2HnD vpn using L2TP 6.27 RB firmware 3.22 works fine from 2 PCs running windows 8.1, but 6.31 RB 3.24 gives this error. 03:56:39 ipsec,debug,packet IPSEC: seen nptype=5(id) 03:56:39 ipsec,debug IPSEC: invalid length of payload 03:56:39 ipsec,debug IPSEC: possible cause: wrong password I've tr...
by jaytcsd
Fri Jul 10, 2015 11:58 am
Forum: General
Topic: More MikroTIk HowTo's
Replies: 3
Views: 2103

Re: More MikroTIk HowTo's

found a few typos MikroTik RoMON Feature Added to RouterOS "I have sen some instability" These are the ones I talked to you about a few weeks ago. Another Way to do Automatic Failover with MikroTik RouterOS "Please not you must set up your email server IP," This confuses me, I th...
by jaytcsd
Tue Jun 23, 2015 7:50 am
Forum: General
Topic: Mikrotik Site to Site VPN issue
Replies: 2
Views: 1504

Re: Mikrotik Site to Site VPN issue

I tested a MT to MT vpn a few years ago but only use win clients to a router now.
Have you looked in the log to see if traffic is coming in from the Watchguard?

Greg Sowell has a video on vpn setup, maybe you will find something here.
http://gregsowell.com/?p=1290
by jaytcsd
Sun Jun 21, 2015 8:42 am
Forum: General
Topic: lost L2TP vpn after upgrade
Replies: 1
Views: 1132

Re: lost L2TP vpn after upgrade

Just figured out that XP will connect from a Virtualbox VM under windows 8, so I thought something in win 8 must have changed with an update. For reasons totally unknown to me I tried connecting from win 8 while the vpn was still connected in the VM and it worked. I dropped the VM connection and hav...
by jaytcsd
Thu Apr 30, 2015 6:31 am
Forum: General
Topic: IPSec tunnel to Cisco Router behind NAT
Replies: 2
Views: 1954

Re: IPSec tunnel to Cisco Router behind NAT

http://gregsowell.com/

Greg knows Cisco and Mikrotik very well, might have some examples on his site.
by jaytcsd
Thu Apr 30, 2015 6:27 am
Forum: General
Topic: PPTP/L2TP VPN
Replies: 3
Views: 1586

Re: PPTP/L2TP VPN

These configs work for me on RB 133 and 750, but I can't get win 8.1 working on the 750.

http://mikrotik.patokatech.com/
by jaytcsd
Thu Apr 30, 2015 6:14 am
Forum: General
Topic: VPN (IPSec, L2TP) - error 810 when using certificates
Replies: 4
Views: 3619

Re: VPN (IPSec, L2TP) - error 810 when using certificates

Maybe Mikrotik can start a separate forum category for VPN stuff, lots of posts with unanswered questions.
by jaytcsd
Wed Apr 29, 2015 8:40 pm
Forum: General
Topic: windows 8.1 fail with vpn authentication
Replies: 3
Views: 4410

Re: windows 8.1 fail with vpn authentication

I tried the reg edit but it doesn't work. I can use win 8.1 to connect with L2TP to a routerboard 133 running 6.28 but not to an RB751U 2HnD. Both routers have identical firewall rules, which I've disabled during the tests. I get an "ipsec - invalid length of payload" error. Win 8 and droi...
by jaytcsd
Wed Apr 22, 2015 6:53 am
Forum: General
Topic: L2TP blocked by Verizon but works on motel wifi
Replies: 0
Views: 613

L2TP blocked by Verizon but works on motel wifi

Most motel wifi systems connect with no problem but unless I remote into a PC and add my Verizon IP to an input accept rule using winbox I can't get a VPN connection. Are they blocking ports? Can't come up with any other reason.
My mifi device has IPSec VPN Pass Through enabled.

thanks
by jaytcsd
Sun Apr 19, 2015 8:15 pm
Forum: General
Topic: odd DHCP request in log
Replies: 2
Views: 846

Re: odd DHCP request in log

I wonder if this was from my cable modem before I put the Mikrotik online, it's a Motorola.
Thanks for the reply.
by jaytcsd
Sun Apr 19, 2015 6:23 pm
Forum: General
Topic: odd DHCP request in log
Replies: 2
Views: 846

odd DHCP request in log

10:40:40 firewall,info gateway 1 input: input: in:WAN out:(none), src-mac 00:1d:70:cc:a9:d9, proto 2, 10.62.96.1->224.0.0.1, len 28 10:40:46 firewall,info gateway 1 input: input: in:WAN out:(none), src-mac 00:1d:70:cc:a9:d9, proto UDP, 10.62.96.1:67->255.255.255.255:68, len 389 10:40:50 firewall,inf...
by jaytcsd
Sat Apr 04, 2015 10:23 am
Forum: General
Topic: lost L2TP vpn after upgrade
Replies: 1
Views: 1132

lost L2TP vpn after upgrade

Had it working from a win 8 client to my RB133 but lost the ability to connect after moving to 6.27. Same config works on my RB751U. Update - the 751 can connect as an L2TP client to the 133. This is the error log apr/03 23:41:14 ipsec,debug,packet ipsec: ========== apr/03 23:41:14 ipsec,debug,packe...
by jaytcsd
Sat Jan 03, 2015 8:47 pm
Forum: General
Topic: VPN - L2TP/IPSEC
Replies: 5
Views: 2057

Re: VPN - L2TP/IPSEC

The MAC accept input rule did work, I thought I had tried that before. I never could get my Droid Razr M to work, but my Droid mini hooked up the first time.

After further testing the only mac address that works is the wifi address of the Droid. I can't connect with my Mifi or Droid's LTE network.
by jaytcsd
Sat Jan 03, 2015 5:39 am
Forum: General
Topic: VPN - L2TP/IPSEC
Replies: 5
Views: 2057

Re: VPN - L2TP/IPSEC

My Droid connects using the standard settings.
The only problem I have is that I need to add an input rule to the firewall to allow the IP address I get from my carrier since my last input rule is block anything not specified to pass.

I don't know a way around this.
by jaytcsd
Sun Dec 28, 2014 10:57 am
Forum: General
Topic: VPN - L2TP/IPSEC
Replies: 5
Views: 2057

Re: VPN - L2TP/IPSEC

by jaytcsd
Mon Dec 22, 2014 2:47 am
Forum: General
Topic: NTP not working on client machines
Replies: 1
Views: 1249

Re: NTP not working on client machines

I don't have any firewall rules for port 123 and windows 8 and 8.1 all sync with time.nist.gov.
My win 7 stater netbook had an error message about not syncing, so I changed the server from time.windows.com to time.nist.gov but it still did not sync.

I went to time-a.nist.gov and that did work.
by jaytcsd
Sun Dec 14, 2014 11:09 am
Forum: General
Topic: NTP not working
Replies: 4
Views: 1881

Re: NTP not working

I had problems after upgrading from early version 6s.

http://forum.mikrotik.com/viewtopic.php?f=2&t=88545

RB133, 750 and 751 are all working now.
by jaytcsd
Wed Dec 10, 2014 7:29 am
Forum: General
Topic: Winbox 3 beta
Replies: 243
Views: 145955

Re: Winbox 3

In 1280 x 768 mode I can't see any fields below lifetime in the IPsec / peer window, the 3 missing fields do show up in 1280 x 1024.
by jaytcsd
Mon Dec 08, 2014 6:18 am
Forum: General
Topic: SSTP: no access to Windows shares
Replies: 1
Views: 1174

Re: SSTP: no access to Windows shares

I have to use \\192.168.100.15\Public to access my NAS through L2TP. I have this note from this forum from 2009. "'Network Neighbourhood' works only in the range of one broadcast domain. so forget about that. use "\\ip-address" instead of "\\computer-name" to access shared f...
by jaytcsd
Tue Nov 25, 2014 8:41 am
Forum: General
Topic: VPN works through wifi but not cat 5
Replies: 0
Views: 657

VPN works through wifi but not cat 5

windows 8 PC - I can connect to my VPN on an RB-133 through an RB-751U by using the built in AP, but if I use the NIC on the PC to the 751 it never connects. The PC's IP is static in the same range as the DHCP pool on the wireless.
by jaytcsd
Fri Nov 21, 2014 10:42 am
Forum: General
Topic: L2TP VPN problem with Android Client
Replies: 1
Views: 1764

Re: L2TP VPN problem with Android Client

I can't get my droid phone to connect using L2TP and pre-shared key.

this posting claims to have the answer

http://forum.mikrotik.com/viewtopic.php?t=67746

skip down to "Alright, got it working completly now." to bypass the commentary.
by jaytcsd
Sun Nov 02, 2014 10:56 pm
Forum: General
Topic: Now it won't route!
Replies: 16
Views: 4449

Re: Now it won't route!

Are you using the Mikrotik as the link from the Dlink AP to the upstairs PC? Ubiquity calls this station mode on their wireless gear, basically the same as a USB wifi adapter. I'm no Mikrotik expert but I think you need the MT bridged from the wlan to the lan so the upstairs PC is on the same networ...
by jaytcsd
Sun Nov 02, 2014 10:21 pm
Forum: General
Topic: IPSec VPN behind NAT
Replies: 2
Views: 1377

Re: IPSec VPN behind NAT

this is what I use to connect from windows 8 clients.
by jaytcsd
Mon Sep 01, 2014 11:03 am
Forum: General
Topic: L2TP/IPSec for Road Warrior
Replies: 93
Views: 49897

Re: L2TP/IPSec for Road Warrior

http://mikrotik.patokatech.com

this works for me from Win 7 and 8. these screen shots are from version 5.??, I have upgraded to
6.19 and it still works.

Generate policy is Port Override in 6.19, I have not updated my screen shots yet.

Only one user can log in at a time.
by jaytcsd
Sat Aug 30, 2014 11:07 pm
Forum: General
Topic: SNTP bad in 6.19?
Replies: 9
Views: 3937

Re: SNTP bad in 6.19?

Upgraded the 751 to 6.19 and the clock and date are wrong.

I changed the servers to the same as demo.mt.lv and it's working.

I verified on 3 routerboard 133s and one 750 that static IPs for primary and secondary work before upgrading to 6 but not after.
by jaytcsd
Sat Aug 30, 2014 8:27 pm
Forum: General
Topic: SNTP bad in 6.19?
Replies: 9
Views: 3937

Re: SNTP bad in 6.19?

I put 0.pool.ntp.org as my primary and it resolved to 50.7.96.4. I swear I used that url once before and got an error saying the field needed to be an IP address, maybe that was ntp. My RB133 says its last bad packet was from 93.180.5.26 with no last update or adjustment info. My RB751 is running 5....
by jaytcsd
Sat Aug 30, 2014 10:08 am
Forum: General
Topic: SNTP bad in 6.19?
Replies: 9
Views: 3937

Re: SNTP bad in 6.19?

I removed the ntp packge and went back to sntp but still don't have the time or date. /system ntp client> pr enabled: yes primary-ntp: 159.148.172.205 secondary-ntp: 128.138.141.172 mode: unicast poll-interval: 16s active-server: 159.148.172.205 I see other posts with the same problem. http://forum....
by jaytcsd
Fri Aug 29, 2014 4:55 am
Forum: General
Topic: IPsec/L2TP connection dropping every 48 minutes
Replies: 4
Views: 4244

Re: IPsec/L2TP connection dropping every 48 minutes

I had some problems upgrading from 6.7 or .8. Look at IPSEC / peers and see what you have for generate policy, mine says port override, I think I had to change that from the default, I don't recall it existing in the early versions. I get in fine with my win 8 PC but can't with my wife's new 8.1 PC,...
by jaytcsd
Thu Aug 28, 2014 11:54 pm
Forum: General
Topic: VPN MikroTik-Draytek: Problems with L2TP
Replies: 7
Views: 8051

Re: VPN MikroTik-Draytek: Problems with L2TP

I only allow mschap 2 and have VJ compression = default.

I only use windows clients to connect.

[url]mikrotik.patokatech.com[/url] has screen shots of winbox settings if that helps.
by jaytcsd
Thu Aug 28, 2014 6:46 pm
Forum: General
Topic: SNTP bad in 6.19?
Replies: 9
Views: 3937

Re: SNTP bad in 6.19?

I had tried dragging and dropping the ntp package over after I upgraded but it never enabled. I found the file had put itself under the hotspot folder. Once I got it out of there and rebooted I got ntp client and server and sntp was gone. I can ping the servers from winbox, but my date is still 1970...
by jaytcsd
Thu Aug 28, 2014 11:17 am
Forum: General
Topic: SNTP bad in 6.19?
Replies: 9
Views: 3937

Re: SNTP bad in 6.19?

I upgraded from 6.7 or 6.8, sntp was working then.

I just noticed that I can't ping the server from winbox but can from my PC.

I don't recall making any firewall changes, any idea why I can't get to the ntp servers?
by jaytcsd
Thu Aug 28, 2014 10:33 am
Forum: General
Topic: SNTP bad in 6.19?
Replies: 9
Views: 3937

SNTP bad in 6.19?

Just upgraded from 6.18 and noticed my date and time are off. I used the auto upgrade and then manually copied 6.19npk into winbox and rebooted. /system package> pr Flags: X - disabled # NAME VERSION SCHEDULED 0 routeros-mipsle 6.19 1 system 6.19 2 X wireless-fp 6.19 3 X ipv6 6.19 4 wireless 6.19 5 ...
by jaytcsd
Mon Aug 25, 2014 9:35 am
Forum: General
Topic: *NEED HELP* L2TP client connection + Secret question
Replies: 9
Views: 3532

Re: *NEED HELP* L2TP client connection + Secret question

http://wiki.mikrotik.com/wiki/L2TP_%2B_IPSEC_between_2_Mikrotik_routers the shared secret is the word "test" in this example /ip ipsec peer add address=10.0.16.9/32 auth-method=pre-shared-key dh-group=modp1024 \ disabled=no dpd-interval=disable-dpd dpd-maximum-failures=1 enc-algorithm=3des...
by jaytcsd
Sun Aug 24, 2014 9:17 am
Forum: General
Topic: maximize window icon
Replies: 0
Views: 745

maximize window icon

the maximize window icon is missing, I want my firewall rules opening full screen.
by jaytcsd
Sun Aug 24, 2014 9:02 am
Forum: General
Topic: *NEED HELP* L2TP client connection + Secret question
Replies: 9
Views: 3532

Re: *NEED HELP* L2TP client connection + Secret question

Did you try adding it under IP / IPsec / Peer?
I know that's where it's used as an L2TP server.
by jaytcsd
Sun Aug 24, 2014 3:06 am
Forum: General
Topic: SOLVED - L2TP IPSEC stoped working after Upgrade to 6.18
Replies: 19
Views: 80897

Re: SOLVED - L2TP IPSEC stoped working after Upgrade to 6.18

this works from win 8 but not from 8.1, I think I have a firewall issue on 8.1. /ip ipsec peer> pr Flags: X - disabled, D - dynamic 0 address=0.0.0.0/0 local-address=0.0.0.0 passive=no port=500 auth-method=pre-shared-key secret="monkee" generate-policy=port-override exchange-mode=main-l2tp...
by jaytcsd
Sun Jun 01, 2014 10:31 am
Forum: General
Topic: MAC ping
Replies: 8
Views: 4117

Re: MAC ping

IP / neighbor list shows my Nanostation
by jaytcsd
Mon May 26, 2014 6:21 pm
Forum: General
Topic: RB450 bricked after RouterOS upgrading. Any solution Pls?
Replies: 21
Views: 5316

Re: RB450 bricked after RouterOS upgrading. Any solution Pls

Even if hypter terminal has the wrong settings for baud and parity you should see characters being echoed or displayed. The manual says 9600 but I had to use 115,200, 8, none, 1 and none. use VT100 emulation. The 'connected' indicator is worthless, mine shows connected without a cable on the serial ...
by jaytcsd
Thu May 22, 2014 11:04 pm
Forum: General
Topic: help logging into RB133 by serial port
Replies: 2
Views: 1063

Re: help logging into RB133 by serial port

I had tried almost every speed but 115k, that was the trick to making it work.

For some reason I had made a note the router would not connect at that speed.

>>I'm Italian, not English. Sorry for my imperfect grammar.

Your English is better than my Italian.
by jaytcsd
Thu May 22, 2014 4:11 am
Forum: General
Topic: help logging into RB133 by serial port
Replies: 2
Views: 1063

help logging into RB133 by serial port

both my RB133s went offline today, I can't ping either of them. I'm trying to access them by the serial port but can't get any recognizable characters, only symbols. I put a 751 on and tried using Winbox to search for them, that doesn't work nor does IP neighbors. What terminal type do I need to use...
by jaytcsd
Mon Apr 21, 2014 7:55 am
Forum: General
Topic: L2TP/IPSEC VPN cannot connect from overseas
Replies: 2
Views: 1768

Re: L2TP/IPSEC VPN cannot connect from overseas

Could be port blocking, I can't connect to my VPN from over half the airport and motel hotspots I use, even
Verizon's Mifi won't work, but Sprint does.
by jaytcsd
Wed Apr 02, 2014 2:36 am
Forum: General
Topic: VPN over L2TP/IPSEC
Replies: 23
Views: 5992

Re: VPN over L2TP/IPSEC

I based my VPN setup on a wiki article and tips from this forum.

If you want to try SSTP maybe we can figure that out together.
by jaytcsd
Tue Apr 01, 2014 7:36 am
Forum: General
Topic: VPN over L2TP/IPSEC
Replies: 23
Views: 5992

Re: VPN over L2TP/IPSEC

I'd like to see if SSTP can be based on a MAC address instead of certificates, I have not been able to get that working.

My experience is that about half of the motel or free hotspots don't allow L2TP due to port blocking.
by jaytcsd
Mon Mar 31, 2014 11:18 am
Forum: General
Topic: VPN over L2TP/IPSEC
Replies: 23
Views: 5992

Re: VPN over L2TP/IPSEC

This is what I used to setup L2TP on my RB133.
http://mikrotik.patokatech.com/
by jaytcsd
Tue Mar 18, 2014 1:25 am
Forum: General
Topic: multiple l2tp ipsec connections from same ip address
Replies: 4
Views: 9354

Re: multiple l2tp ipsec connections from same ip address

This is a known problem / limitation / undocumented feature but rumors are that help is on the way.

http://forum.mikrotik.com/viewtopic.php ... 56#p415456
by jaytcsd
Tue Mar 18, 2014 1:20 am
Forum: General
Topic: IPSEC NAT limitation
Replies: 6
Views: 2280

Re: IPSEC NAT limitation

According to this post it will be fixed.

http://forum.mikrotik.com/viewtopic.php ... 56#p415456
by jaytcsd
Mon Mar 17, 2014 5:01 am
Forum: General
Topic: L2TP/IPsec VPN routing problem
Replies: 4
Views: 3472

Re: L2TP/IPsec VPN routing problem

When it comes to Mikrotik OS I'm no expert even though I've been using it since 2.8.

I don't bridge any interfaces, my setup is very close to the demo router plus some tip from the forum and wiki.
by jaytcsd
Mon Mar 17, 2014 4:38 am
Forum: General
Topic: L2TP/IPSec for Road Warrior
Replies: 93
Views: 49897

Re: L2TP/IPSec for Road Warrior

I can get it working if the ISP isn't port blocking, which in my travels is seen quite often, but as you noticed only one PC can connect at a time. I tried SSTP but have not been successful, the step by step examples in the wiki are lacking. Have you seen this? http://tinc-vpn.org/ I just read about...
by jaytcsd
Thu Mar 06, 2014 9:36 am
Forum: General
Topic: L2TP/IPsec VPN routing problem
Replies: 4
Views: 3472

Re: L2TP/IPsec VPN routing problem

http://mikrotik.patokatech.com/ This is my config, I connect from a Sprint EVDO card and some wifi systems without any problems. I can copy files over the VPN, use VNC and RDP to control PCs, etc. I did not see a difference between arp or proxy arp on the public interface. Exchange mode under IPsec ...
by jaytcsd
Wed Mar 05, 2014 12:26 pm
Forum: General
Topic: SSTP cert questions
Replies: 0
Views: 777

SSTP cert questions

http://wiki.mikrotik.com/wiki/Manual:Create_Certificates says If everything is imported properly then certificate should show up with KR flag. [admin@test_host] /certificate> print Flags: K - decrypted-private-key, Q - private-key, R - rsa, D - dsa 0 KR name="cert1" subject=C=LV,ST=RI,L=Ri...
by jaytcsd
Wed Mar 05, 2014 12:13 pm
Forum: General
Topic: Help needed to setup L2TP with IPSEC
Replies: 12
Views: 3202

Re: Help needed to setup L2TP with IPSEC

I'm only running one MT, this works for me, your screen prints look very similar.

http://mikrotik.patokatech.com/
by jaytcsd
Fri Nov 29, 2013 7:30 am
Forum: General
Topic: IPSec Road Warrior
Replies: 9
Views: 11848

Re: IPSec Road Warrior

What advantages does Shrew offer over the windows client?
by jaytcsd
Tue Sep 17, 2013 12:12 am
Forum: General
Topic: VPN into work network.
Replies: 2
Views: 1450

Re: VPN into work network.

I have L2TP working from XP, 7 and 9 netbooks.

These are screen prints from winbox.

http://mikrotik.patokatech.com/

I use \\192.168.100.45 in windows explorer to see shared drives, there are other methods if you have a WINS server.
by jaytcsd
Mon Sep 02, 2013 5:22 am
Forum: General
Topic: Connect through L2TP
Replies: 13
Views: 3538

Re: Connect through L2TP

[quote="alex_rhys-hurn"]You might be interested in this video at MUM [/quote]

I don't see a link.
by jaytcsd
Mon Sep 02, 2013 4:46 am
Forum: General
Topic: Broadcast traffic not being sent over L2TP
Replies: 5
Views: 4675

Re: Broadcast traffic not being sent over L2TP

The only way I got shares on an XP pc to work over the VPN from a win7 client was using this convention.

\\192.168.100.45
by jaytcsd
Mon Sep 02, 2013 2:46 am
Forum: General
Topic: Building secure firewall
Replies: 7
Views: 6468

Re: Building secure firewall

I used the rules on the demo router as a start.

demo2.mt.lv

I added chain=input action=drop protocol=tcp dst-port=0-65535 port=""
to avoid port scans.
by jaytcsd
Sun Aug 04, 2013 12:48 am
Forum: General
Topic: Winbox dead in Windows 8
Replies: 13
Views: 9533

Re: Winbox dead in Windows 8

Runs on my win 8 Toshiba laptop, 64 bit i3-3110M processor
by jaytcsd
Mon Jun 24, 2013 7:33 am
Forum: General
Topic: l2tp over ipsec - Can't connect more then 1 client...
Replies: 4
Views: 1632

Re: l2tp over ipsec - Can't connect more then 1 client...

I had this happen last week on a hotel wifi.
Using a sprint card in one PC and verizon in a 2nd lets both in at the same time.
This was on 6.1 which I've downgraded to 6.0 but haven't tested.
by jaytcsd
Mon Jun 24, 2013 2:13 am
Forum: General
Topic: 6.1 dropped WAN speeds from 3mb to 290Kb
Replies: 1
Views: 1008

6.1 dropped WAN speeds from 3mb to 290Kb

Two RB133s upgraded from 6.0 to 6.1, speedof.me only gets 290K now vs 2.97M before. Downgraded one of my 2 routers and confirmed 6.0 works fine. Normis, how can I help you guys fix this? I can keep 6.1 on for a day or 2 on the backup router. L2TP vpn did work on 6.1 from both win 7 and XP home clien...
by jaytcsd
Thu Apr 18, 2013 12:17 pm
Forum: General
Topic: No traffic to VPN client from internal network
Replies: 5
Views: 2944

Re: No traffic to VPN client from internal network

Can you ping 192.168.10.223 but not 192.168.5.120?

Have you tried making the LAN a /16 network?
by jaytcsd
Fri Feb 22, 2013 8:09 pm
Forum: General
Topic: dhcp server check status command working?
Replies: 0
Views: 940

dhcp server check status command working?

I have a 750 running 6rc11 and a 133 running 5.23. DHCP server is off in the 750 but the the server leases window in winbox shows my laptop at 192.168.88.254, bound, last seen "sometime". Clicking on the check status button does nothing, I don't get any response to the same command in a te...
by jaytcsd
Thu Feb 21, 2013 7:54 pm
Forum: General
Topic: sstp and win 7 client
Replies: 4
Views: 3156

Re: sstp and win 7 client

http://wiki.mikrotik.com/wiki/Manual:Cr ... rtificates

Did you use this method to create your certs?

" When filling CN remember that it must not match on CA and server certificate otherwise later naming collision will occur. "

This is what is confusing me.

thanks
by jaytcsd
Tue Feb 19, 2013 6:48 pm
Forum: General
Topic: sstp/pptp stops working frequently
Replies: 8
Views: 2648

Re: sstp/pptp stops working frequently

kosztyua - Are you using the windows 7 sstp connection from a PC or MikroTik to MikroTik?
I have not found a working example for a windows 7 client.
by jaytcsd
Tue Feb 19, 2013 10:21 am
Forum: General
Topic: sstp and win 7 client
Replies: 4
Views: 3156

sstp and win 7 client

I'm trying to setup SSTP because I find wifi spots that block L2TP ports. I get an 0x8007274C error. From what I've seen here and on other pages it looks like my self signed cert is being rejected. I found one post that says the CN in the cert must match the IP address of the router. Since mine does...
by jaytcsd
Tue Feb 12, 2013 7:20 pm
Forum: General
Topic: USB or Serial Thermometers
Replies: 1
Views: 1523

Re: USB or Serial Thermometers

http://www.dataq.com/temperature-data-l ... ogger.html

I use the EL-2 temp and humidity sensors. These require a PC for setup and data download.
by jaytcsd
Mon Jan 21, 2013 9:04 am
Forum: General
Topic: How to get 2 and more dhcp address from ISP to one interface
Replies: 1
Views: 838

Re: How to get 2 and more dhcp address from ISP to one inter

I have 5 public dhcp IPs from my ISP, my modem goes to a switch, then feeds 2 rouberboard 133s.
For a test I used 2 of the NICs on one RB133, assigned each a dhcp client and got separate IPs on that router.
by jaytcsd
Mon Jan 21, 2013 8:37 am
Forum: General
Topic: vpn disconnects with 'administrator request' message in log
Replies: 0
Views: 1042

vpn disconnects with 'administrator request' message in log

I've screwed up my VPN setup somehow, I can login OK but when I try to start browsing on my netbook over the VPN I get these log messages and the VPN drops. I can't log back in until I reboot the router (RB133) running v5.2. 05:59:30 l2tp,info first L2TP UDP packet received from 70.6.88.254 05:59:31...
by jaytcsd
Tue Dec 18, 2012 7:01 am
Forum: General
Topic: dhcp server check status button not working?
Replies: 0
Views: 788

dhcp server check status button not working?

My check status windows shows a PC that has not been on my network for a week now. When I click on the check status button in the leases tab it says bound, last seen "sometime".
by jaytcsd
Fri Dec 14, 2012 3:12 am
Forum: General
Topic: [Solved] L2TP/IPSec with Android
Replies: 61
Views: 76879

Re: [Solved] L2TP/IPSec with Android

tomaskir - This is what I have and it works from a Win 7 netbook but not for my Droid. Going to use your rules and see what happens. Not sure why my rules work when a Droid won't. [code] /ppp profile> pr Flags: * - default 0 * name="default" remote-ipv6-prefix-pool=none use-ipv6=yes use-mp...
by jaytcsd
Thu Oct 11, 2012 10:27 am
Forum: General
Topic: L2TP IPSec with Samsung Galaxy S2
Replies: 8
Views: 4776

Re: L2TP IPSec with Samsung Galaxy S2

These rules work for my netbook running Windows 7.

http://mikrotik.patokatech.com/
by jaytcsd
Thu Sep 20, 2012 6:09 pm
Forum: General
Topic: IPSEC road warrior config help
Replies: 8
Views: 3936

Re: IPSEC road warrior config help

I did screen prints for my Win 7 netbook connecting to a routerboard 133.

http://mikrotik.patokatech.com/
by jaytcsd
Thu Sep 20, 2012 7:39 am
Forum: General
Topic: CoDel support?
Replies: 46
Views: 20425

Re: CoDel support?

I'd like to see CoDel too.
by jaytcsd
Thu Sep 20, 2012 7:22 am
Forum: General
Topic: mikrotik CPU 100% usage
Replies: 8
Views: 2548

Re: mikrotik CPU 100% usage

I have an RB-133 that jumps to 100% for no apparent reason and stays there. About an hour ago I was using a L2TP VPN into the router when my connection dropped. The RB dropped its public IP and went to 100%. I tried renewing the IP, then disabled and enabled the interface but still could not pull an...
by jaytcsd
Tue Aug 28, 2012 4:47 pm
Forum: General
Topic: L2TP/IPSec with Windows 7. Simple guide?
Replies: 3
Views: 13865

Re: L2TP/IPSec with Windows 7. Simple guide?

This works also. /ip ipsec peer> pr Flags: X - disabled 0 address=0.0.0.0/0 port=500 auth-method=pre-shared-key secret="hey_moe" generate-policy=yes exchange-mode=main send-initial-contact=yes nat-traversal=yes my-id-user-fqdn="" proposal-check=obey hash-algorithm=sha1 enc-algori...
by jaytcsd
Tue Aug 28, 2012 6:46 am
Forum: General
Topic: L2TP/IPSec with Windows 7. Simple guide?
Replies: 3
Views: 13865

Re: L2TP/IPSec with Windows 7. Simple guide?

I used the wiki examples on my Win 7 starter netbook. I can connect to my VPN and use remote desktop but I can't copy files like I could under XP. I'm guessing this is a win 7 networking issue but have not found a solution so far. No one here has been able to help. I'm going to try SSTP to see if th...
by jaytcsd
Thu Apr 19, 2012 7:50 am
Forum: General
Topic: file sharing from win 7 through vpn
Replies: 1
Views: 874

file sharing from win 7 through vpn

I had file sharing working on XP by using \\192.168.1.45 in windows explorer, but 7 can't find the PC at that address. I can ping it from the netbook.
Any ideas what 7 has changed?
by jaytcsd
Wed Mar 28, 2012 12:14 am
Forum: General
Topic: long uplink buffer times - Mikrotik or ISP problem?
Replies: 4
Views: 1481

Re: long uplink buffer times - Mikrotik or ISP problem?

My ISP uses AT+T lines, and we all know how much they care.

Thanks for running the test.
by jaytcsd
Tue Mar 27, 2012 5:39 am
Forum: General
Topic: long uplink buffer times - Mikrotik or ISP problem?
Replies: 4
Views: 1481

Re: long uplink buffer times - Mikrotik or ISP problem?

I only have the default queues, I wanted to make sure that I wasn't missing some other setting that could affect this. I tried the test with 2 RB133s and a 750. My ISP says they can't do anything, which might be a case of they won't bother to try to do anything because someone might have to stop and...
by jaytcsd
Mon Mar 26, 2012 4:30 am
Forum: General
Topic: long uplink buffer times - Mikrotik or ISP problem?
Replies: 4
Views: 1481

long uplink buffer times - Mikrotik or ISP problem?

http://netalyzr.icsi.berkeley.edu/ This test says my uplink buffer times are 2.8 to 3.4 seconds on my dsl provider. A test from a friend's house on cable has 560 msec. From what I've been reading https://www.grc.com/sn/sn-345.htm this long delay is probably due to the router on my dsl provider's end...
by jaytcsd
Thu Nov 17, 2011 8:52 am
Forum: General
Topic: check status in dhcp server doesn't seem to work
Replies: 1
Views: 2287

check status in dhcp server doesn't seem to work

The check status function in winbox and terminal shows an IP address for a laptop (birdcage) which has not been on the network for over 2 weeks. [admin@MikroTik] /ip dhcp-server lease> pr Flags: X - disabled, R - radius, D - dynamic, B - blocked # ADDRESS MAC-ADDRESS HOST-NAME SERVER RATE-LIMIT STAT...
by jaytcsd
Mon Nov 07, 2011 3:52 am
Forum: General
Topic: multiple chains faster that fewer chains with more rules?
Replies: 3
Views: 1139

multiple chains faster that fewer chains with more rules?

I noticed that the demo router's virus list differs from the example list in the wiki (http://wiki.mikrotik.com/wiki/Manual:IP/Firewall/Filter). There are some duplicates between the two, which made me wonder if it's less or more processor intensive to process a single chain of viruses than multiple...
  • 1
  • 2