Community discussions

MikroTik App

Search found 520 matches

  • 1
  • 2
by nickshore
Tue Feb 27, 2024 3:49 pm
Forum: General
Topic: Mikrotik Professionals Conference in Prague March 7th-8th 2024
Replies: 12
Views: 1707

Re: Mikrotik Professionals Conference in Prague March 7th-8th 2024

Great ! Anyone else ?

Looks like lots of interesting speakers:

https://mtpc.world/conference-agenda/
by nickshore
Tue Jan 30, 2024 7:02 pm
Forum: General
Topic: Mikrotik Professionals Conference in Prague March 7th-8th 2024
Replies: 12
Views: 1707

Mikrotik Professionals Conference in Prague March 7th-8th 2024

Is anyone else going to the Mkrotik Professionals conference in Prague ?

Be great to meet up there !

https://mtpc.world/
by nickshore
Mon Jan 15, 2024 1:52 pm
Forum: General
Topic: MUM plans for 2023?
Replies: 52
Views: 8953

Re: MUM plans for 2023?

So who fancies meeting for beer in Prague ? March 7th and 8th https://mtpc.world/
by nickshore
Fri Jan 12, 2024 6:22 pm
Forum: Beginner Basics
Topic: Two networks on one router.
Replies: 2
Views: 652

Re: Two networks on one router.

The devices will only reply to each other if they have the IP of the mikrotik as their default route, or they have specific static routes for the other subnet via the mikrotik IP address.
by nickshore
Fri Jan 12, 2024 6:20 pm
Forum: General
Topic: Mikrotik rb750gr3 internet speed is slow
Replies: 11
Views: 991

Re: Mikrotik rb750gr3 internet speed is slow

You have disabled fasttrack, and also have an over complicated mangle setup.

Try enabling fast track, and disabling the mangle rules.
by nickshore
Thu Jan 11, 2024 3:23 pm
Forum: General
Topic: MUM plans for 2023?
Replies: 52
Views: 8953

Re: MUM plans for 2023?

Looking forward to seeing everyone in Prague in March !
by nickshore
Thu Jan 11, 2024 3:19 pm
Forum: Beginner Basics
Topic: hEx not routing between hosts in same lan [SOLVED]
Replies: 18
Views: 1965

Re: hEx not routing between hosts in same lan [SOLVED]

Traffic on the LAN does not go via the firewall, unless you have bridge filtering enabled. Have you checked things like you have the correct subnet mask etc eg the IP on the bridge should be 192.168.88.1/24 Also check the DHCP leases. Check on the connected machines that they also are getting the co...
by nickshore
Wed Sep 06, 2023 1:21 pm
Forum: RouterBOARD hardware
Topic: UK Power Supply for hAP AX3
Replies: 20
Views: 4550

Re: UK Power Supply for hAP AX3

We supply the hAP AX3 with the following UK Mikrotik PSU as standard:

https://linitx.com/product/mikrotik-24v ... hite/16601

Hope that helps
Nick
by nickshore
Fri Aug 25, 2023 5:41 pm
Forum: Forwarding Protocols
Topic: How to prefer OSPF routes over BGP routes
Replies: 3
Views: 2332

Re: How to prefer OSPF routes over BGP routes

The closest subnet will be used for each route match, so if you don't have the equivalent routes in for ospf as well as BGP then only the BGP route will be used. You could just filter routes and only accept a default route from each BGP peer, then there will be 3 default routes and you can control t...
by nickshore
Wed Aug 09, 2023 3:21 pm
Forum: General
Topic: 2 WAN to 2 LAN
Replies: 6
Views: 1068

Re: 2 WAN to 2 LAN

If you have added a routing rule using a new routing table, make sure you have a copy of the connected route to subnet 2 in the new table. Also make sure that it is not caught by any outgoing src-nat rule when going to subnet 2 Yes this is true. So what client ask is that one subnet goes through WAN...
by nickshore
Mon Aug 07, 2023 5:48 pm
Forum: Beginner Basics
Topic: Port forwarding not working on HAP ac2
Replies: 6
Views: 1195

Re: Port forwarding not working on HAP ac2

Do not specify to-ports on your dst-nat rules !
by nickshore
Tue Jun 20, 2023 2:49 pm
Forum: Wireless Networking
Topic: CAPsMAN with WifiWave2
Replies: 32
Views: 14034

Re: CAPsMAN with WifiWave2

I setup a 5009 as a capsman and a hap ax2 as the cap, see below for my config: CAPSMAN: /interface wifiwave2 security add disabled=no name=sec1 .... /interface wifiwave2 configuration add channel.band=2ghz-ax country="United Kingdom" disabled=no name=2ghz security=sec1 ssid=CapsmanTest2 ad...
by nickshore
Fri Mar 17, 2023 5:22 pm
Forum: Beginner Basics
Topic: Router itself can not access Internet but IP-s behind him can
Replies: 11
Views: 1451

Re: Router itself can not access Internet but IP-s behind him can

You can use one of the spare IPs from the /28 set it with /32 on the end, on the WAN interface, and then use a src-nat rule to src-nat the traffic to that IP when going out on that interface
by nickshore
Mon Jul 11, 2022 5:51 pm
Forum: Wireless Networking
Topic: DynaDish 5 PtP connection not working...
Replies: 2
Views: 579

Re: DynaDish 5 PtP connection not working...

You probably need station-bridge on one end and bridge on the other
by nickshore
Fri Dec 10, 2021 2:46 pm
Forum: General
Topic: hAP ac LAN speed
Replies: 11
Views: 1382

Re: hAP ac LAN speed

When I test with BTest over local network (i have two cAP ac in attic and second one on 1st floor) I noticed that my main router CPU stays all the time at 100%. I had a quick look at your config and although you have the LAN ports in the bridge, you don't seem to be using hardware offload, so all L...
by nickshore
Wed Nov 10, 2021 5:11 pm
Forum: Wireless Networking
Topic: Poor CAPsMAN performance
Replies: 19
Views: 6532

Re: Poor CAPsMAN performance

You should set Extension Channel to be disabled.
by nickshore
Tue Nov 09, 2021 5:53 pm
Forum: Beginner Basics
Topic: RB5009 not able to factory reset
Replies: 7
Views: 9797

Re: RB5009 not able to factory reset

If you fully reset a routerboard, and select no default config then it will have no IP address.

You will need to use winbox and click on the mac address when it appears in neighbours.

Also if you don't see it when connected to ether1, try a different port.
by nickshore
Thu Apr 22, 2021 2:05 pm
Forum: General
Topic: Unstable MAC Winbox connection
Replies: 14
Views: 5042

Re: Unstable MAC Winbox connection

Do you also have wireless enabled on the laptop ?

Try switching it off.
by nickshore
Fri Mar 26, 2021 2:47 pm
Forum: General
Topic: Setting the distance for the l2tp connection route [SOLVED]
Replies: 2
Views: 999

Re: Setting the distance for the l2tp connection route [SOLVED]

You can specify it when you create the l2tp-client:
 /interface l2tp-client add add-default-route=yes default-route-distance=10
by nickshore
Fri Mar 19, 2021 5:43 pm
Forum: General
Topic: Mikrotik Switch Recommendation for newbie
Replies: 22
Views: 3142

Re: Mikrotik Switch Recommendation for newbie

You should read up on the features available in the different ranges: https://help.mikrotik.com/docs/display/ROS/Switch+Chip+Features https://wiki.mikrotik.com/wiki/Manual:CRS1xx/2xx_series_switches#Summary https://wiki.mikrotik.com/wiki/Manual:CRS3xx_series_switches#Features https://wiki.mikrotik.c...
by nickshore
Tue Mar 02, 2021 6:26 pm
Forum: Wireless Networking
Topic: 60Ghz Bug May - Could be..
Replies: 5
Views: 1869

Re: 60Ghz Bug May - Could be..

Signal level is not great, might be better choosing a higher frequency channel.

Also not clear which routeros version you are running, some versions are more stable than others, and there have been quite a lot of fixes listed in the changelogs.

Regards
Nick
by nickshore
Wed Jan 06, 2021 6:03 pm
Forum: Beginner Basics
Topic: Substring ( URI?) firewall filter
Replies: 8
Views: 1265

Re: Substring ( URI?) firewall filter

You may be able to do it using the proxy:

https://wiki.mikrotik.com/wiki/Manual:IP/Proxy
by nickshore
Tue Dec 08, 2020 11:55 am
Forum: RouterBOARD hardware
Topic: UK DSL Modem recommendations [SOLVED]
Replies: 6
Views: 1961

Re: UK DSL Modem recommendations [SOLVED]

Vigor 130 are still good.

Also worth looking at refurb HG612 from ebay, they just work :)
by nickshore
Wed Nov 25, 2020 2:01 pm
Forum: Beginner Basics
Topic: No way to get safe wpa wireless working on hapac2 [SOLVED]
Replies: 10
Views: 2042

Re: No way to get safe wpa wireless working on hapac2 [SOLVED]

Looks like the wifi password might be too short ?
by nickshore
Thu Nov 12, 2020 4:57 pm
Forum: Beginner Basics
Topic: What doI have to do to get my first post to show up?
Replies: 1
Views: 470

Re: What doI have to do to get my first post to show up?

We have a lot of posts to moderate, and we are mostly volunteers, so it can take a little time.

regards
Nick
by nickshore
Wed Nov 11, 2020 1:37 pm
Forum: General
Topic: Marking connection for some time
Replies: 4
Views: 789

Re: Marking connection for some time

You can add the IP into an address list with a timeout, and then use the address list to mark the packets
by nickshore
Fri Oct 30, 2020 4:40 pm
Forum: General
Topic: A Couple of Configuration Questions
Replies: 2
Views: 653

Re: A Couple of Configuration Questions

For static dhcp leases, you can go into IP -> DHCP Server -> Leases and select an assigned lease and click Make static. Once you have done that you can even change the IP, eg if you want all static to be in a certain range. You can also use the address list feature on a lease to add this IP into an ...
by nickshore
Fri Aug 14, 2020 5:40 pm
Forum: Beginner Basics
Topic: Having Trouble with Port Forwarding
Replies: 2
Views: 1622

Re: Having Trouble with Port Forwarding

If you are not changing the port then you don't need to specify to-ports.

Have you added a firewall rule in the forward chain to allow traffic from outside to get to the internal IP on that port ?
by nickshore
Fri Aug 14, 2020 5:37 pm
Forum: Wireless Networking
Topic: Virtual SSID ip problem. [SOLVED]
Replies: 2
Views: 2187

Re: Virtual SSID ip problem. [SOLVED]

Did you make sure that you added the new wlan interfaces into the bridge where the DHCP server is ?
by nickshore
Fri Aug 07, 2020 3:55 pm
Forum: General
Topic: Audience syncs to main unit not nearest
Replies: 5
Views: 1723

Re: Audience syncs to main unit not nearest

I haven't looked yet, but I'm guessing you could turn off the default authenticate on the station bridge interface in C and add a connect list entry for the mac address of B

Hope that helps
Nick
by nickshore
Wed Aug 05, 2020 12:47 pm
Forum: Wireless Networking
Topic: Bad performance/lag using CAPsMAN - AP in standalone mode fine
Replies: 12
Views: 5480

Re: Bad performance/lag using CAPsMAN - AP in standalone mode fine

If your data is on local forwarding then it is going across the bridges on the LAN between the CAP and your main router, so check the bridge config on both, could be related to STP settings, also make sure bridges have an admin-mac set. Well i "played" as well with my caps configuration an...
by nickshore
Fri Jul 03, 2020 3:23 pm
Forum: RouterBOARD hardware
Topic: Mikrotik 4G LTE recommendation
Replies: 10
Views: 4480

Re: Mikrotik 4G LTE recommendation

Bear in mind that current SXT and LHG models are limited to 100Mbps ethernet port.

See https://mikrotik.com/products/group/lte ... abit%22]#! for a list of LTE with Gigabit

Hope that helps
Nick
by nickshore
Thu Jun 11, 2020 5:04 pm
Forum: Beginner Basics
Topic: Trying to connect to BT Infinity
Replies: 4
Views: 1768

Re: Trying to connect to BT Infinity

You should create a pppoe client on the ethernet connected to the modem. MTU should probably be 1492, but if that fails try 1480. If you open up the pppoe interface in winbox and click the status tab, you will see the status. If you are using the default mikrotik config, you will also need to add th...
by nickshore
Thu May 28, 2020 7:06 pm
Forum: Beginner Basics
Topic: Fasttrack with Simple Queue
Replies: 1
Views: 1895

Re: Fasttrack with Simple Queue

I use a mangle rule to mark the connections, and then use the mark to avoid fasttrack /ip firewall mangle add action=mark-connection chain=prerouting comment="no fasttrack list" connection-mark=no-mark \ connection-state=new new-connection-mark=nofastrack passthrough=no src-address-list=no...
by nickshore
Fri May 22, 2020 2:57 pm
Forum: Forwarding Protocols
Topic: how to access to a routerboard throug other one
Replies: 4
Views: 1764

Re: how to access to a routerboard throug other one

You need to route the traffic. so on RB1 set the IP on eth1 to be 50.50.50.1/24 PC is on 50.50.50.2 Now on RB1 set IP on eth4 to be 50.50.60.1/24 Now on RB2 set IP on its eth1 to be 50.50.60.2/24 Make its default route 50.50.60.1 Now on PC you can get to 50.50.60.2 (assuming PC has default route via...
by nickshore
Thu May 21, 2020 2:02 pm
Forum: RouterBOARD hardware
Topic: CRS326--CRS326, SFP+ only ~700mbit via 10gbit link. Slow performance or bottleneck?
Replies: 7
Views: 3678

Re: CRS326--CRS326, SFP+ only ~700mbit via 10gbit link. Slow performance or bottleneck?

You are testing on the device itself ?

You need to test from devices connected beyond the switches, eg iperf between PCs, the CRS does not have enough CPU to run btest.

regards
Nick
by nickshore
Fri May 15, 2020 6:15 pm
Forum: Beginner Basics
Topic: Help setting up EE 4g. on LHG LTE 4G
Replies: 10
Views: 7745

Re: Help setting up EE 4g. on LHG LTE 4G

The simplest method to setup LTE is actually to use quickset. (normally I don't like quickset)

I would suggest you reset back to the default config, by going to System -> Reset Configuration..

Then once it has rebooted, use the quickset page to set up as LTE CPE

Hope that helps
Nick
by nickshore
Thu Apr 23, 2020 12:06 pm
Forum: Wireless Networking
Topic: Cap AC wifi speed is terrible bad.
Replies: 80
Views: 32013

Re: Cap AC wifi speed is terrible bad.

Make sure that you have disabled power saving on the Intel Wifi card.

Regards
Nick
by nickshore
Tue Apr 21, 2020 3:37 pm
Forum: General
Topic: 802.3ad bond running when link down
Replies: 13
Views: 4397

Re: 802.3ad bond running when link down

Did you try using arp monitoring with active-backup mode ?

https://wiki.mikrotik.com/wiki/Manual:I ... Monitoring

mii monitoring only monitors physical interfaces.
by nickshore
Wed Mar 25, 2020 6:38 pm
Forum: RouterBOARD hardware
Topic: Bridge between Wifi and LAN + HW for that [SOLVED]
Replies: 2
Views: 14512

Re: Bridge between Wifi and LAN + HW for that [SOLVED]

Yes you can use the mAP2nD for that

1) make a bridge
2) put all 3 ports in the bridge
by nickshore
Wed Mar 25, 2020 6:35 pm
Forum: RouterBOARD hardware
Topic: Number of ether interfaces ? [SOLVED]
Replies: 8
Views: 16332

Re: Number of ether interfaces ? [SOLVED]

You can use them as separate interfaces, but some have shared bandwidth to the CPU.
by nickshore
Wed Mar 25, 2020 6:34 pm
Forum: Beginner Basics
Topic: Noob: Data monitoring needed
Replies: 2
Views: 1624

Re: Noob: Data monitoring needed

Use the Torch tool on your LAN interface, it will show what is being used
by nickshore
Thu Feb 20, 2020 11:57 am
Forum: General
Topic: What is the point of having a `MikroTik` tag?
Replies: 3
Views: 1794

Re: What is the point of having a `MikroTik` tag?

I found the original post here:

https://networkengineering.meta.stackex ... krotik-tag

Not sure why the poster is posting it, but of course paid support is available from distributors such as ourselves :)

Regards
Nick
by nickshore
Wed Nov 13, 2019 6:59 pm
Forum: Wireless Networking
Topic: Simple Wireless Bridge for a 50-100m point-to-point connection
Replies: 21
Views: 5021

Re: Simple Wireless Bridge for a 50-100m point-to-point connection

Yes it is weatherproof, and ideal for this distance.
by nickshore
Fri Oct 11, 2019 2:39 pm
Forum: Wireless Networking
Topic: Audience vs Eero?
Replies: 40
Views: 15640

Re: Audience vs Eero?

I tested the meshing a couple of days ago. 1) power up the 1st Audience which you will use as the main AP 2) press the wps-sync button briefly, the light on the front starts flashing green 3) power up the next Audience device whilst holding the wps-sync button, keep holding until the light on the fr...
by nickshore
Tue Oct 08, 2019 11:38 am
Forum: RouterBOARD hardware
Topic: DISC Lite5 ac PtP NV2 Hickups and generally disapointing performance
Replies: 19
Views: 10870

Re: DISC Lite5 ac PtP NV2 Hickups and generally disapointing performance

Antenna gain on a Disc should be set to 21, you are running far too much power for a short link.

I could add antenna gain in the interface setting, do you think it is a good idea?
by nickshore
Fri Sep 20, 2019 4:13 pm
Forum: General
Topic: One public address per LAN
Replies: 16
Views: 3478

Re: One public address per LAN

Nick, any practical example of rule ? i.e. : 192.168.1.0/24 (ether4) will use 10.20.30.1/29 on ether1 192.168.2.0/24 (ether5) will use 10.20.30.2/29 on ether1 and so on... Still masquerade rule needed ? Thank you Try /ip firewall nat add chain=srcnat place-before=1 src-address=192.168.1.0/24 action...
by nickshore
Wed Sep 18, 2019 3:44 pm
Forum: General
Topic: One public address per LAN
Replies: 16
Views: 3478

Re: One public address per LAN

Put the /29 IPs on the interface and then use a srcnat rule for each subnet to srcnat to the IP address you wish to use.

Regards
Nick
by nickshore
Fri Sep 13, 2019 5:07 pm
Forum: Beginner Basics
Topic: Router cannot reach certain websites.
Replies: 2
Views: 1388

Re: Router cannot reach certain websites.

If you show us your config it would help.

use /export and then we can see what is wrong.

Also provide the output of /ip route print

Regards
Nick
by nickshore
Wed Sep 11, 2019 1:58 pm
Forum: Wireless Networking
Topic: Bit confused by the existence of the hAP AC Lite?
Replies: 15
Views: 6271

Re: Bit confused by the existence of the hAP AC Lite?

My confusion was not so much over price as to why this model exists at all and what are the usage cases. I guess here in the UK if you're lucky enough to get near the maximum VDSL2 speed (80Mbps), then it would be useful as the most as I could get out of my little hAP mini (which I'm using for teac...
by nickshore
Fri Sep 06, 2019 5:47 pm
Forum: General
Topic: RouterOS v7.0beta1 (ARM)
Replies: 203
Views: 101073

Re: RouterOS v7.0beta1 (ARM)

Try putting your router on latest v6 Stable or Testing release before upgrading to the v7 beta



Labtest beta? I tried the link on the first page. http://mt.lv/v7
by nickshore
Thu Sep 05, 2019 6:40 pm
Forum: Wireless Networking
Topic: Cap interface down/up [SOLVED]
Replies: 3
Views: 2506

Re: Cap interface down/up [SOLVED]

The interface will be marked down when there are no clients connected.
by nickshore
Wed Sep 04, 2019 5:23 pm
Forum: Wireless Networking
Topic: SXT LTE not connecting to LTE
Replies: 2
Views: 2084

Re: SXT LTE not connecting to LTE

Can you tell which band your phone is using ?

Which bands do you have selected on the SXT ?
by nickshore
Wed Jul 24, 2019 2:12 pm
Forum: Wireless Networking
Topic: Wifi equipment for 70m distance behind windows
Replies: 14
Views: 3242

Re: Wifi equipment for 70m distance behind windows

We have a 60m wireless wire link here with one end in a window, and the other outside which works fine.

However it may not work depending on the type of glass.

Regards
Nick
by nickshore
Thu Jul 11, 2019 6:26 pm
Forum: General
Topic: CCR1036-12G-4S dual PSU or not?
Replies: 3
Views: 1376

Re: CCR1036-12G-4S dual PSU or not?

The dual PSU version has r2 at the end of the model number on the product sticker.

They have only recently started shipping the revised model with dual PSU.

Regards
Nick
by nickshore
Mon Jun 03, 2019 12:44 pm
Forum: RouterBOARD hardware
Topic: RB3011 POE-In Not Working
Replies: 2
Views: 2606

Re: RB3011 POE-In Not Working

The 3011 only takes passive PoE between 10 and 30V, but your switch is an 802.3af PoE switch, so won't power it.

You can use a PoE converter to do this, https://mikrotik.com/product/rbgpoe_con_hp

Hope that helps
Nick
by nickshore
Tue May 28, 2019 2:07 pm
Forum: RouterBOARD hardware
Topic: S+2332LC10D Availability ?
Replies: 2
Views: 1677

Re: S+2332LC10D Availability ?

We have stock:
https://linitx.com/product/mikrotik-pai ... 10d)/14558

and they are still also available to order more from Mikrotik.

regards
Nick
by nickshore
Fri May 17, 2019 2:23 pm
Forum: Scripting
Topic: Setting up mikrotik in enterprise environment
Replies: 1
Views: 1155

Re: Setting up mikrotik in enterprise environment

On each device you should have the ethernet and the wlan in a bridge

You should have a dhcp-client on the bridge

On the wireless set one end as Bridge, and the other as station bridge, then they will just be a transparent layer 2 bridge.

Hope that helps
Nick
by nickshore
Tue Apr 23, 2019 6:28 pm
Forum: Beginner Basics
Topic: internet not working despite pingable addresses
Replies: 10
Views: 1876

Re: internet not working despite pingable addresses

If you just make sure that the in interface on those 2 rules is set to be your WAN interface then only traffic coming in on the WAN will be affected by them, without that the rules will intercept the traffic on all interfaces.

Regards
Nick
by nickshore
Tue Apr 23, 2019 4:13 pm
Forum: Beginner Basics
Topic: internet not working despite pingable addresses
Replies: 10
Views: 1876

Re: internet not working despite pingable addresses

Looks like you are NATing all port 80 and 443 traffic to an internal IP
add action=dst-nat chain=dstnat dst-port=80 protocol=tcp to-addresses=192.168.50.7 to-ports=80
Try setting an in interface on these rules.

Regards
Nick
by nickshore
Mon Mar 11, 2019 2:31 pm
Forum: General
Topic: RoMON function
Replies: 6
Views: 2777

Re: RoMON function

You may need to check any filtering settings on the switch.

It sounds like the switch is filtering all packets in 01:80:c2:00 rather than just the range which is supposed to be excluded.

Only this part should be filtered 01-80-C2-00-00-00 to 01-80-C2-00-00-0F

Regards
Nick
by nickshore
Tue Feb 12, 2019 3:31 pm
Forum: Announcements
Topic: v6.42.12 [long-term] is released!
Replies: 27
Views: 25862

Re: v6.42.12 [long-term] is released!

What does this mean ?

*) wireless - improved antenna gain setting for devices with built in antennas;

It would be nice if it knew the antenna gain of the device, just tested on a 4011 with wireless, and nothing obvious in winbox.
by nickshore
Tue Jan 29, 2019 2:11 pm
Forum: Beginner Basics
Topic: Port forwarding doesn't work over SSH [SOLVED]
Replies: 16
Views: 7886

Re: Port forwarding doesn't work over SSH [SOLVED]

Firstly, no need to set to-ports in the nat rule, only use this if you are changing the to-port

Secondly, the filter rule needs to use the IP of the internal device, eg after the NAT has happened.

Hope that helps
Nick
by nickshore
Wed Jan 02, 2019 6:48 pm
Forum: General
Topic: Hacked Board
Replies: 15
Views: 4817

Re: Hacked Board

If services were available from the LAN, then an infected PC on the LAN could exploit the router from the LAN side.
by nickshore
Thu Dec 20, 2018 3:44 pm
Forum: Beginner Basics
Topic: Port forwarding problem
Replies: 2
Views: 951

Re: Port forwarding problem

1) don't specify the to-port=80, you don't need to if the port is the same.

2) check that you have an ip filter forward chain rule which allows the traffic to port 80 on 10.0.0.101

3) check that the device 10.0.0.101 has a default route back to the routerboard.
by nickshore
Thu Dec 20, 2018 3:41 pm
Forum: Beginner Basics
Topic: Neighbors problems
Replies: 3
Views: 2659

Re: Neighbors problems

Turn off neighbour discovery on the CPE interface, or use a bridge filter to control the MNDP packets.
by nickshore
Thu Dec 20, 2018 3:39 pm
Forum: Beginner Basics
Topic: fallback partition
Replies: 3
Views: 1142

Re: fallback partition

When the router boots it uses the active partition, if that fails then it tries the next partition. That is all it does.
by nickshore
Fri Dec 14, 2018 1:24 pm
Forum: Wireless Networking
Topic: Wireless allowing only one client
Replies: 2
Views: 2373

Re: Wireless allowing only one client

It sounds like you have the wireless mode set to Bridge.

It needs to be AP Bridge.

Hope that helps
Nick
by nickshore
Tue Dec 11, 2018 1:20 pm
Forum: Wireless Networking
Topic: Newbie: LHG 5ac only hitting 100mbps
Replies: 30
Views: 6791

Re: Newbie: LHG 5ac only hitting 100mbps

Ceee means 1 control channel plus 3 extension channels so a total of 80MHz, in fact your status screen shows 80MHz When you btest you should not btest on the devices, the CPU will max out, you should btest between other devices connected to both ends. Also the signals are much too high, which will n...
by nickshore
Mon Dec 10, 2018 6:28 pm
Forum: General
Topic: Cannot upgrade at all!
Replies: 7
Views: 1604

Re: Cannot upgrade at all!

Make sure you have set the logging to disk and try again
by nickshore
Mon Dec 10, 2018 5:55 pm
Forum: General
Topic: Cannot upgrade at all!
Replies: 7
Views: 1604

Re: Cannot upgrade at all!

Is there anything in the logs ?
by nickshore
Mon Dec 10, 2018 4:37 pm
Forum: RouterBOARD hardware
Topic: hardware idea for a multiport switch
Replies: 90
Views: 122485

Re: hardware idea for a multiport switch

Cabling nightmare ?
by nickshore
Mon Nov 12, 2018 1:02 pm
Forum: RouterBOARD hardware
Topic: hAP AC2 availability
Replies: 26
Views: 8588

Re: hAP AC2 availability

We are the biggest UK distributor for MikroTik and we have stock:

https://linitx.com/product/mikrotik-rou ... hape/15370


Hope that helps
Nick
by nickshore
Wed Oct 24, 2018 5:32 pm
Forum: General
Topic: CRS125 poor throughput & low cpu load [SOLVED]
Replies: 41
Views: 8525

Re: CRS125 poor throughput & low cpu load [SOLVED]

I have problem with my CRS125 and ethernet throughput. I can reach roughly 50mbit/s to my WAN port. I'm having NAT in WAN, I have enabled fasttrack and changed WAN port queue type to ethernet-default. CPU load is about 30-40% and still I can't reach even close of my Internet connection speed (250mb...
by nickshore
Thu Oct 18, 2018 4:13 pm
Forum: General
Topic: Problem with speed limitations
Replies: 3
Views: 1390

Re: Problem with speed limitations

I would suggest that you look at the perfomance test results for this device:

https://mikrotik.com/product/CRS112-8G- ... estresults

This is not a fast router, it is mainly a switch, so you don't really have the right device for a 1Gig internet feed.

Nick
by nickshore
Sat Oct 13, 2018 11:50 am
Forum: Scripting
Topic: Portknocking by script.
Replies: 10
Views: 9185

Re: Portknocking by script.

You could use a variation on port knocking but using icmp and various packet sizes.

Then the client can use the ping command with size set to execute the knock

Hope that helps
Nick
by nickshore
Thu Oct 11, 2018 5:40 pm
Forum: Beginner Basics
Topic: How can I check if my CAP is correctly provisioned by the CAPsMAN?
Replies: 2
Views: 1517

Re: How can I check if my CAP is correctly provisioned by the CAPsMAN?

Looks like you have it set on channel 3, and only g, what did you set it to on the capsman ?

You should make sure you are using non-overlapping channels, and the correct 802.11 protocols, such as g/n

Nick
by nickshore
Tue Sep 25, 2018 6:16 pm
Forum: Beginner Basics
Topic: wAP LTE kit setup
Replies: 3
Views: 6880

Re: wAP LTE kit setup

Modem isn't configured yet normally means the SIM is not in place correctly.

Are you using the correct sim size ?
by nickshore
Fri Aug 24, 2018 5:03 pm
Forum: RouterBOARD hardware
Topic: Please give a remote hard reset option!!!
Replies: 11
Views: 5174

Re: Please give a remote hard reset option!!!

i am currently facing a situation where the device needs to be reset but the rains and winds are too strong to climb the tower and the client has his entire production machines cutoff from the server as the PTP link is down.


And you can't just mac-telnet in ?
by nickshore
Wed Jun 13, 2018 6:04 pm
Forum: Wireless Networking
Topic: CAPsMAN unable to manage its own Wireless interface
Replies: 16
Views: 9199

Re: CAPsMAN unable to manage its own Wireless interface

Did you make sure the interface was removed from capsman ?

The only time it should be doing it by IP is if you specify the IP of the capsman when setting up the cap.
by nickshore
Wed Jun 13, 2018 4:13 pm
Forum: Wireless Networking
Topic: CAPsMAN unable to manage its own Wireless interface
Replies: 16
Views: 9199

Re: CAPsMAN unable to manage its own Wireless interface

You don't seem to have a discovery interface selected, probably because you are trying a layer3 connection. I use: /interface wireless cap set discovery-interfaces=bridge1 enabled=yes interfaces=wlan1 In your case it is probably bridge-local, and remove the capsman IP, then it will use L2 to find th...
by nickshore
Wed May 16, 2018 6:32 pm
Forum: Beginner Basics
Topic: Request help! RouterOS Configuration screwed up. [SOLVED]
Replies: 25
Views: 6314

Re: Request help! RouterOS Configuration screwed up. [SOLVED]

Please remember that you should stick with bugfix channel for production routers.
by nickshore
Tue May 15, 2018 5:53 pm
Forum: Wireless Networking
Topic: HAP AC and HAP AC Lite WiFi issues 6.42.1?
Replies: 14
Views: 5376

Re: HAP AC and HAP AC Lite WiFi issues 6.42.1?

Yes it is in the additional packages download.
by nickshore
Tue May 15, 2018 11:16 am
Forum: Wireless Networking
Topic: HAP AC and HAP AC Lite WiFi issues 6.42.1?
Replies: 14
Views: 5376

Re: HAP AC and HAP AC Lite WiFi issues 6.42.1?

For production systems you should use the bugfix branch, which is currently on 6.40.8

Bugfix includes any security fixes.

Nick
by nickshore
Fri May 11, 2018 4:49 pm
Forum: General
Topic: Can route to internet but not between local Subnets
Replies: 10
Views: 2172

Re: Can route to internet but not between local Subnets

It is best if you export the whole config so that we can see it.

I am guessing it is related to NAT rules.

Nick
by nickshore
Fri May 11, 2018 12:23 pm
Forum: Wireless Networking
Topic: WAP60G 60 Ghz P2P Range and deployment advice
Replies: 22
Views: 7349

Re: WAP60G 60 Ghz P2P Range and deployment advice

Currently only available in PtP and needs a minimum antenna gain of 30dBi, which the WAP60 does not have.

Ofcom have recently consulted on 60GHz PtMP usage and micro cells, (lower antenna gain requirements) but they have not yet issued any actions/changes.

Nick
by nickshore
Thu May 10, 2018 12:35 pm
Forum: General
Topic: Winbox Login over Windows Server RADIUS [SOLVED]
Replies: 15
Views: 8934

Re: Winbox Login over Windows Server RADIUS [SOLVED]

I don't know about radius on windows, but on freeradius we send a radius reply containing:
MikroTik-Group=full
which maps onto the user group on the Router.

Hope that helps
Nick
by nickshore
Thu May 03, 2018 12:34 pm
Forum: Beginner Basics
Topic: Conditional 'Mark Routing' only if interface available
Replies: 6
Views: 2332

Re: Conditional 'Mark Routing' only if interface available

Just add the fallback route with a greater distance into this L2TPVPN table.

Then when the l2tp interface is down the first route won't be used.

Hope that helps
Nick
by nickshore
Mon Mar 26, 2018 12:28 am
Forum: Beginner Basics
Topic: DHCP Server use different DNS on specified IPs [SOLVED]
Replies: 6
Views: 8512

Re: DHCP Server use different DNS on specified IPs [SOLVED]

You can add /32s into the DHCP network settings so that you can override settings for individual IPs
by nickshore
Thu Feb 22, 2018 7:09 pm
Forum: General
Topic: Bridge Fast-Forward
Replies: 2
Views: 14586

Re: Bridge Fast-Forward

It is only available when there are only 2 interfaces in the bridge, no more, no less.
by nickshore
Tue Jan 09, 2018 11:43 am
Forum: General
Topic: Issue with Getting DHCP IP using Bridge interface.
Replies: 5
Views: 5950

Re: Issue with Getting DHCP IP using Bridge interface.

Did you make sure that you set an admin-mac on the bridge ?
by nickshore
Fri Dec 08, 2017 9:10 pm
Forum: RouterBOARD hardware
Topic: RBM33G who is selling
Replies: 2
Views: 1424

Re: RBM33G who is selling

They haven't shipped any M33G yet.

We have them on backorder, but Mikrotik are currently saying no availability until end of Dec, so we hope to see them in January

Nick
by nickshore
Wed Dec 06, 2017 5:21 pm
Forum: Beginner Basics
Topic: IPv6 on WAN no cimp
Replies: 15
Views: 2720

Re: IPv6 on WAN no cimp

Did you add a default route ? Maybe if you show us an export of your /ipv6 that will help
by nickshore
Mon Nov 27, 2017 5:53 pm
Forum: General
Topic: Mikrotik with external free radius server
Replies: 3
Views: 1060

Re: Mikrotik with external free radius server

Have you added your routerboard as a NAS on the freeradius server ?
by nickshore
Thu Nov 16, 2017 6:41 pm
Forum: RouterBOARD hardware
Topic: Mikrotik VDSL / DSL Modem?
Replies: 381
Views: 199289

Re: Mikrotik VDSL / DSL Modem?

I have been testing a 180-T but it seems to resync every 10-12 hours.

It does sync at a high speed on my line, and latency is low when it is working, but drops twice a day.

Has anyone else seen this sort of instability ?

Nick
by nickshore
Wed Nov 15, 2017 7:07 pm
Forum: General
Topic: Buying Advice
Replies: 5
Views: 1531

Re: Buying Advice

by nickshore
Wed Oct 25, 2017 5:45 pm
Forum: General
Topic: Winbox Profile TACAS or Raduis
Replies: 2
Views: 1192

Re: Winbox Profile TACAS or Raduis

See https://wiki.mikrotik.com/wiki/Manual:R ... Remote_AAA for RADIUS

You can set a default user group for all logins, maybe read only, and then override that in the radius response.

eg set MikroTik-Group = full

Hope that helps
Nick
by nickshore
Fri Oct 20, 2017 4:06 pm
Forum: RouterBOARD hardware
Topic: SXT Lite5 ac 2.4GHz interface
Replies: 3
Views: 2238

Re: SXT Lite5 ac 2.4GHz interface

The 2.4GHz interface is only really meant for management.

The level 3 licence means that only one client can connect, you have to use Bridge mode, not AP Bridge.

Also the antenna gain on the 2.4GHz is only 1.5 dBi which will not provide much range.

Nick
by nickshore
Fri Sep 29, 2017 1:52 pm
Forum: General
Topic: Upgrading of historical boards - can't get to 4.x
Replies: 4
Views: 1370

Re: Upgrading of historical boards - can't get to 4.x

From memory you need to get it to 3.30 first
by nickshore
Wed Sep 13, 2017 3:13 pm
Forum: General
Topic: Static Route Metric Logic Problem (in case of using PPPOE and PPTP connection concurrently) [SOLVED]
Replies: 2
Views: 1954

Re: Static Route Metric Logic Problem (in case of using PPPOE and PPTP connection concurrently) [SOLVED]

The route selected is first decided based on the smallest subnet mask which matches.

Only if 2 identical routes are available is the metric used.

Nick
by nickshore
Tue Sep 12, 2017 2:05 pm
Forum: General
Topic: Using SFP port as regular rj-45 port [SOLVED]
Replies: 2
Views: 1701

Re: Using SFP port as regular rj-45 port [SOLVED]

Yes you can use an RJ01 to do this.
by nickshore
Mon Jul 24, 2017 3:42 pm
Forum: Beginner Basics
Topic: [SOLVED] Assign Static IPs in RB3011 to four RB952 serving as access points
Replies: 7
Views: 1933

Re: Assign Static IPs in RB3011 to four RB952 serving as access points

:) Yes thats the one, you can see above that it has chosen a mac address of one of the interfaces assigned to the bridge. If you take the mac address it is currently using, which starts 6C and make it start 6E instead then you will have set a special private admin mac which will be unique and won't ...
by nickshore
Mon Jul 24, 2017 2:23 pm
Forum: Beginner Basics
Topic: [SOLVED] Assign Static IPs in RB3011 to four RB952 serving as access points
Replies: 7
Views: 1933

Re: Assign Static IPs in RB3011 to four RB952 serving as access points

I'm guessing that you have put the dhcp-client on the bridge on the APs. The DHCP client will use the mac address of the bridge. If you have not set an admin mac on the bridge then the bridge will pick a mac from the interfaces in the bridge, and that can change. So the answer is, set an admin mac o...
by nickshore
Fri May 12, 2017 4:39 pm
Forum: General
Topic: LNS for PPP termination
Replies: 12
Views: 4986

Re: LNS for PPP termination

Can you post an example config for this ?
by nickshore
Thu May 11, 2017 7:05 pm
Forum: General
Topic: Firewall rules only using one CPU
Replies: 8
Views: 2727

Re: Firewall rules only using one CPU

If they are already in your address list then don't match them again on the L7 matcher !
by nickshore
Tue Mar 28, 2017 5:16 pm
Forum: Beginner Basics
Topic: dual SSID
Replies: 7
Views: 1948

Re: dual SSID

You need to use a Virtual Wireless interface for each extra SSID

See
https://wiki.mikrotik.com/wiki/Manual:I ... #VirtualAP

Nick
by nickshore
Thu Mar 16, 2017 4:00 pm
Forum: General
Topic: Yet another "dhcp,warning offering lease without success" issue
Replies: 38
Views: 27752

Re: Yet another "dhcp,warning offering lease without success" issue

I have seen this happen where the DHCP server is on a bridge, and the admin-mac has not been set on the bridge.

It is always good practice to set an admin-mac

Nick.
by nickshore
Tue Mar 14, 2017 5:10 pm
Forum: Wireless Networking
Topic: Considering setting up ptp link between my parents house to my house, any advice?
Replies: 13
Views: 2973

Re: Consider setting up ptp link between my parents house to my house, any advice?

You can use Bridge mode on an SXT lite5 which allows 1 client to connect.
by nickshore
Tue Feb 21, 2017 6:14 pm
Forum: General
Topic: Hairpin nat weirdness
Replies: 24
Views: 6986

Re: Hairpin nat weirdness

Its very hard to work out what is happening when you hide the IPs with XX.XX.XX.XX

Normally to avoid the need for hairpin NAT you use internal static dns to point at the internal IPs instead.
by nickshore
Mon Jan 30, 2017 1:45 pm
Forum: Beginner Basics
Topic: Routing two Networks on one CRS125-24G-1S
Replies: 2
Views: 1128

Re: Routing two Networks on one CRS125-24G-1S

The modem needs to be able to reply to an IP which is not in its subnet. If you can add a static route on the modem for 192.168.1.0/24 via 192.168.0.1 then this will work. Otherwise add a srcnat masquerade rule on the mikrotik for dst address 192.168.0.2 Then the modem will see traffic from 192.168....
by nickshore
Thu Dec 08, 2016 3:52 pm
Forum: General
Topic: How to Schedule blocking a client connected to external AP?
Replies: 2
Views: 985

Re: How to Schedule blocking a client connected to external AP?

The input chain is for traffic to the router.

To restrict traffic going through the router to the client you should use the forward chain.

Nick
by nickshore
Wed Dec 07, 2016 6:32 pm
Forum: General
Topic: input drop all rule - moved by accident!!
Replies: 18
Views: 5779

Re: input drop all rule - moved by accident!!

there is an rj45 on the back or just use winbox to a mac address if you are plugged into one of the ethernets
by nickshore
Fri Dec 02, 2016 6:17 pm
Forum: Wireless Networking
Topic: CAPsMan question
Replies: 3
Views: 1427

Re: CAPsMan question

Power level is managed using the antenna gain setting on wireless settings of the AP, and the region setting in capsman.
by nickshore
Mon Oct 31, 2016 6:12 pm
Forum: RouterBOARD hardware
Topic: RB3011UiAS-RM hard to find one
Replies: 8
Views: 3126

Re: RB3011UiAS-RM hard to find one

We have new stock arriving in approx 8 days

https://linitx.com/product/mikrotik-rou ... -psu/14584

Nick
by nickshore
Mon Oct 31, 2016 5:38 pm
Forum: Forwarding Protocols
Topic: BGP Full Table time
Replies: 11
Views: 8391

Re: BGP Full Table time

The thing about having 1M+ routes in the table has been search time for me, less about convergence and loading. This is where Cisco and other platforms have killed it over Mikrotik for me - if I want to look up the current active route entry for 8.8.8.8 (for example). the search time on a 1036 with...
by nickshore
Thu Oct 20, 2016 6:52 pm
Forum: Beginner Basics
Topic: Dead Board? [solved]
Replies: 3
Views: 1284

Re: Dead Board?

by nickshore
Thu Oct 20, 2016 4:47 pm
Forum: Beginner Basics
Topic: Please check my setup
Replies: 3
Views: 1757

Re: Please check my setup

You need to work on the problem, by breaking it down into separate parts. eg you mention a PtP link using SXTs, is this reliable can you ping end to end, what are the settings on it etc Then once you have proved the wireless link is ok, can you then ping from the RB across to the other router ? Then...
by nickshore
Thu Oct 20, 2016 2:19 pm
Forum: General
Topic: Horrible experience with wireless. In need of a fix.
Replies: 10
Views: 2777

Re: Horrible experience with wireless. In need of a fix.

To make a PtP link like this you would be better off using a pair of SXTs, usually the SXT lite5

Nick
by nickshore
Tue Oct 18, 2016 11:33 am
Forum: Wireless Networking
Topic: Wi-Fi min password length
Replies: 1
Views: 1223

Re: Wi-Fi min password length

WPA has a minimum of 8 characters.
by nickshore
Fri Sep 30, 2016 5:21 pm
Forum: Wireless Networking
Topic: Wireless Upload Speeds
Replies: 7
Views: 1996

Re: Wireless Upload Speeds

what channel width are you using ?

what modulation rates are the clients connected at ?
by nickshore
Thu Aug 04, 2016 12:53 pm
Forum: General
Topic: Fast Bandwidth Test, But Slow Real Throughput
Replies: 5
Views: 2806

Re: Fast Bandwidth Test, But Slow Real Throughput

Have you checked that the links are not causing interference to each other ?
by nickshore
Wed Aug 03, 2016 4:00 pm
Forum: RouterBOARD hardware
Topic: QRT2 - waiting on one since April, problem ?
Replies: 8
Views: 2158

Re: QRT2 - waiting on one since April, problem ?

MikroTik's ordering system says 9th September for the next batch.

Hope that helps

Nick
by nickshore
Fri Jul 15, 2016 12:27 pm
Forum: Wireless Networking
Topic: seamless roaming not working properly
Replies: 12
Views: 4859

Re: seamless roaming not working properly

Add an access-list rule which rejects when the signal is too low.

Have a look at our article :
https://blog.linitx.com/howto-improved- ... t-roaming/


Nick
by nickshore
Thu Jul 14, 2016 6:43 pm
Forum: Beginner Basics
Topic: Basic LAN to LAN
Replies: 4
Views: 1300

Re: Basic LAN to LAN

Have you check that the device on 192.168.0.100 has a default route of 192.168.0.1 ?

Also have you checked that your NAT rule has an out interface specified ?
by nickshore
Thu Jul 14, 2016 6:39 pm
Forum: Beginner Basics
Topic: Performance - Speeds
Replies: 22
Views: 5453

Re: Performance - Speeds

I tried another test .... removed the BT homehub out of the equation and just went ppoe direct from the hAP lite, similar results via ethernet or wifi :( If you see the same speeds on ethernet you must have a config issue. Have you checked the ethernet status to see if it has negotiated correctly ?...
by nickshore
Wed Jul 13, 2016 6:35 pm
Forum: Beginner Basics
Topic: Performance - Speeds
Replies: 22
Views: 5453

Re: Performance - Speeds

Well firstly the hAP AC lite only has 10/100 ports. If you are using the default config, you have probably connected from ether1 on the hap ? If so you will be NATing. Looking at tested speeds http://routerboard.com/RB952Ui-5ac2nD you should be getting close to the limit of the 10/100 ethernet - nor...
by nickshore
Wed Jul 13, 2016 4:11 pm
Forum: Beginner Basics
Topic: Not able to setup equal ports
Replies: 2
Views: 1062

Re: Not able to setup equal ports

Assuming no config: (you can get to this by going to System - Reset-Configuration and selecting no default config) Go to interfaces -> ethernet, and set the master port on each of ether2-ether5 to ether1 Go to Bridge add a bridge Go to Bridge -> Ports add ether1 and wlan1 into the bridge Go to wirel...
by nickshore
Fri Jul 08, 2016 10:58 am
Forum: Wireless Networking
Topic: Two MikroTik's - One WIFI
Replies: 13
Views: 5004

Re: Two MikroTik's - One WIFI

If you use Capsman on your 2011 you can then set the wireless interfaces on the other routers to be CAP, and they will be managed by the 2011.

http://wiki.mikrotik.com/wiki/Manual:CAPsMAN
by nickshore
Wed Jul 06, 2016 11:14 am
Forum: General
Topic: one interface two pppoe-client
Replies: 4
Views: 2528

Re: one interface two pppoe-client

Use one pppoe-client and route the additional IP to it.
You will need to manually assign it on the client RouterBoard.

Nick
by nickshore
Fri Jul 01, 2016 5:14 pm
Forum: Scripting
Topic: WOL over net
Replies: 15
Views: 21353

Re: WOL over net

Most RouterBOARD devices will turn back on after a minute or so. 

I've just shutdown a 951ui to test this, and it hasn't restarted after 10 mins

Which models do this ?

Nick
by nickshore
Wed Jun 29, 2016 6:33 pm
Forum: General
Topic: Upgrade wireless-6.35.4-tile.npk missing
Replies: 10
Views: 2656

Re: Upgrade wireless-6.35.4-tile.npk missing

Check in system packages

You should be using wireless-fp or wireless-cm2 if you are running capsman.

If it is showing that wireless is there then remove it.

Then you should be able to upgrade.

Nick
by nickshore
Tue Jun 28, 2016 6:15 pm
Forum: General
Topic: Router for FTTH autorized with PPPOE and using VLAN
Replies: 13
Views: 3523

Re: Router for FTTH autorized with PPPOE and using VLAN

I would suggest you check your facts

1) you can run RouterOS 6.x on an RB850Gx2

2) see http://routerboard.com/RB850Gx2 for performance specs
by nickshore
Tue Jun 28, 2016 4:28 pm
Forum: General
Topic: Router for FTTH autorized with PPPOE and using VLAN
Replies: 13
Views: 3523

Re: Router for FTTH autorized with PPPOE and using VLAN

Look at RB850Gx2, RB1100AHx2 or CCR1009-8G-1S-PC
by nickshore
Wed Jun 22, 2016 6:26 pm
Forum: General
Topic: New RB3011UiAS-RM - not impressed with throughput...
Replies: 22
Views: 11231

Re: New RB3011UiAS-RM - not impressed with throughput...

What happens when you don't have the bridge ? Nick I see a performance diference between ports. My setup is the following SFP=> Wan (down 800Mb/s up 250Mb/s bandwith) eth1 Master of eth2-5 eth6 Master of eth7-10 bridge eth1 & and eth6 Speedtest with a cable from eth1 ==> 780Mb/s down 240Mb/s up ...
by nickshore
Wed Jun 22, 2016 6:23 pm
Forum: General
Topic: Mikrotik. Traffic-flow
Replies: 5
Views: 2345

Re: Mikrotik. Traffic-flow

You can't do that.

You would need to filter it in the collector

Nick
by nickshore
Fri Jun 17, 2016 5:46 pm
Forum: General
Topic: Congratulations to new moderators !
Replies: 11
Views: 2283

Re: Congratulations to new moderators !

Hi normis

I'm happy to help with moderation

Nick
by nickshore
Thu Jun 16, 2016 6:32 pm
Forum: Beginner Basics
Topic: Egress Filter DNS / Use only DHCP DNS Settings
Replies: 2
Views: 1260

Re: Egress Filter DNS / Use only DHCP DNS Settings

You can also add a nat rule to force dns requests to the router even if a client is sending the request to something else:
/ip firewall nat
add action=redirect chain=dstnat comment="redirect dns to router" dst-port=53 in-interface=localbridge protocol=udp
Hope that helps
Nick
by nickshore
Tue May 24, 2016 4:00 pm
Forum: Beginner Basics
Topic: CAPsMAN and Dual Band APs?
Replies: 6
Views: 3124

Re: CAPsMAN and Dual Band APs?

Click the down arrow next to the interface

Nick
by nickshore
Sat Apr 30, 2016 8:22 pm
Forum: Beginner Basics
Topic: PPPOE IPv6
Replies: 6
Views: 9460

Re: PPPOE IPv6

Use DHCP Client to get the IPv6 prefix:

/ipv6 dhcp-client
add interface=pppoe-isp pool-name=isp request=prefix use-peer-dns=no

Set an IP using the prefix on your local bridge:

/ipv6 address
add disabled=no from-pool=isp interface=localbridge
by nickshore
Sat Apr 30, 2016 2:00 pm
Forum: General
Topic: PPPOE ISP configuration - CCR routers
Replies: 5
Views: 2047

Re: PPPOE ISP configuration - CCR routers

You can make a bridge and put the pppoe server on that, and then add the vlans into the bridge.

But you would need to create the vlans. I can't think of a way to generically strip the tags at the moment.

That seems more of a switch function, and the CCRs don't have switch chips.

Nick
by nickshore
Sat Apr 30, 2016 12:15 pm
Forum: General
Topic: PPPOE ISP configuration - CCR routers
Replies: 5
Views: 2047

Re: PPPOE ISP configuration - CCR routers

Just wondering why you are using per customer VLANs ?

The PPPoE encapsulation keeps customers traffic separate anyway.

Nick
by nickshore
Wed Apr 27, 2016 3:37 pm
Forum: RouterBOARD hardware
Topic: wAP AC (General questions and experience)
Replies: 118
Views: 59418

Re: wAP AC (General questions and experience)

When they arrive they have the default config with firewall on ethernet and open wireless. So if you want to manage them you need to connect to the wifi, or reset them into CAP mode. To reset into CAP mode, power them up whilst holding the reset button in. The wireless lan lights will flash, and aft...
by nickshore
Sat Apr 16, 2016 7:32 pm
Forum: General
Topic: Best way to do subnets for customers?
Replies: 6
Views: 2018

Re: Best way to do subnets for customers?

Better to connect the customers using PPPoE, then you can assign a /32 to them or route a bigger block without wasting IPs.
by nickshore
Sat Mar 26, 2016 2:14 pm
Forum: Wireless Networking
Topic: Zero-handoff using CAPsMAN doesn't work
Replies: 10
Views: 8613

Re: Zero-handoff using CAPsMAN doesn't work

Make sure you send the datapath via the CAPsMAN, then the ARP entry for the client will remain on the central bridge.

NIck
by nickshore
Fri Mar 25, 2016 12:16 am
Forum: Beginner Basics
Topic: CCR1036 not passing data through sfp
Replies: 3
Views: 2533

Re: CCR1036 not passing data through sfp

Try turning auto negotiation on
by nickshore
Sun Feb 21, 2016 7:13 pm
Forum: General
Topic: Does mikrotik support HAProxy style load balancing?
Replies: 2
Views: 6554

Re: Does mikrotik support HAProxy style load balancing?

You should be able to use PCC to mark each connection in turn, and then add multiple dstnat rules, each using a connection mark. The per-connection-classifier keeps each client talking to the same server, but you can choose different methods. Note that this does not test to make sure that the server...
by nickshore
Sun Feb 21, 2016 6:49 pm
Forum: Beginner Basics
Topic: Linking Two RB951
Replies: 7
Views: 1459

Re: Linking Two RB951

Simplest method is to use eth2 on both routers if you are starting from the default config. Make sure you change the IP on the bridge to be 192.168.88.2/24

eth1 is separate in the default config and you need to change it so that is part of the same switch/bridge if you wish to use it.

Nick
by nickshore
Mon Feb 08, 2016 7:36 pm
Forum: Wireless Networking
Topic: Station mode problem
Replies: 2
Views: 1108

Re: Station mode problem

Can't you use Bridge mode on a nearby device and then mac-telnet to it ?
by nickshore
Sat Jan 23, 2016 8:02 pm
Forum: RouterBOARD hardware
Topic: Mikrotik VDSL / DSL Modem?
Replies: 381
Views: 199289

Re: Mikrotik VDSL / DSL Modem?

In the UK FTTC delivered over VDSL is no longer supplied with a modem.

Its up to the user to provide their own.

So a MikroTIk with builtin adsl/vdsl modem, or even a simple 1port modem would be great.

Nick
by nickshore
Tue Dec 29, 2015 7:27 pm
Forum: Wireless Networking
Topic: SXT Lite2 dies after 15s of wireless connection
Replies: 4
Views: 1289

Re: SXT Lite2 dies after 15s of wireless connection

Have you checked the nv2 key ?
by nickshore
Wed Dec 23, 2015 1:55 pm
Forum: General
Topic: VLAN over PPPoE possible ?
Replies: 2
Views: 2689

Re: VLAN over PPPoE possible ?

You can connect the pppoe into the bridge by using the ppp profile
by nickshore
Thu Dec 10, 2015 1:22 pm
Forum: General
Topic: Family network OpenDNS strategy - any ideas?
Replies: 2
Views: 986

Re: Family network OpenDNS strategy - any ideas?

Set OpenDNS IPs in IP -> DNS servers Use a dstnat chain rule, protocol udp, dst port 53, with action redirect This grabs all dns traffic and forces it via the mikrotik, then you can still use static entries for local machines Use an address list to bypass the redirect, for unfiltered machines, you c...
by nickshore
Tue Dec 08, 2015 6:35 pm
Forum: RouterBOARD hardware
Topic: Uplink is faster than my CRS109 can handle, should I still use QoS?
Replies: 6
Views: 1692

Re: Uplink is faster than my CRS109 can handle, should I still use QoS?

QoS is only useful when the link is congested.

So I would turn it off !
by nickshore
Mon Nov 30, 2015 6:14 pm
Forum: RouterBOARD hardware
Topic: RB3011 Block diagram?
Replies: 230
Views: 73219

Re: RB3011 Block diagram?

Stock of 3011UiAS-RM has now arrived:

http://linitx.com/product/mikrotik-rout ... -psu/14584

They have 6.32.2 installed.

I note that the 6.32.3 combined package is not available for download... maybe MikroTik will make this available soon

Nick
by nickshore
Sat Nov 28, 2015 7:00 pm
Forum: Forwarding Protocols
Topic: Tip about VPLS
Replies: 14
Views: 4738

Re: Tip about VPLS

But, how to make OSPF to advertise all /32 routes from PPPoE clients to the border and make client's traffic to flow thru the VPLS tunnel ? If you want to concentrate the PPPoE tunnels in a single point you will need VPLS tunnels. If you can have several PPPoE server in the network you can do "...
by nickshore
Thu Nov 26, 2015 7:30 pm
Forum: General
Topic: Problem with hopping from one AP to an other
Replies: 7
Views: 1575

Re: Problem with hopping from one AP to an other

Use capsman and tunnel all traffic back to one router.

This reduces delays on switch between APs.

Nick
by nickshore
Wed Nov 25, 2015 9:50 pm
Forum: Scripting
Topic: Better Usage options?
Replies: 2
Views: 1160

Re: Better Usage options?

We use PPPoE and RADIUS accounting
by nickshore
Fri Nov 20, 2015 6:04 pm
Forum: RouterBOARD hardware
Topic: RB3011 Block diagram?
Replies: 230
Views: 73219

Re: RB3011 Block diagram?

http://linitx.com/product/mikrotik-routerboard-3011uiasrm-with-1u-rackmount-case-and-uk-psu/14584 - Interesting LinITX are listing the 3011-RM for start DEC. Might ask them about it if I remember as sometimes the dates on the sites aren't that accurate. The dates we show are confirmed dates from Mi...
by nickshore
Tue Nov 17, 2015 3:02 pm
Forum: Wireless Networking
Topic: hAP Lite wireless channels missing?
Replies: 7
Views: 5745

Re: hAP Lite wireless channels missing?

You should really stick to 20 Mhz channel width on 2.4

Nick
by nickshore
Mon Nov 16, 2015 4:28 pm
Forum: General
Topic: Bring public IPs to PPPoE server through OSPF
Replies: 3
Views: 1694

Re: Bring public IPs to PPPoE server through OSPF

Yes you can do that.

You assign the IPs on the PPPoE servers using secrets or radius, and then announce the /27 in ospf networks

As each client connects OSPF will announce the /32 which has been assigned.

Nick
by nickshore
Mon Nov 16, 2015 1:24 pm
Forum: General
Topic: Accessing Mikrotik when using route-mark
Replies: 4
Views: 1315

Re: Accessing Mikrotik when using route-mark

If you add a mangle rule which matches new connections with in interface WAN2 and marks them, you can the use that connection mark to make sure that return packets are routed out of WAN2. eg: /ip firewall mangle add action=mark-connection chain=input comment="Mark new connections on WAN2" ...
by nickshore
Fri Oct 23, 2015 10:48 am
Forum: Wireless Networking
Topic: mikrotik cAP n2 as repeater bridge
Replies: 4
Views: 3266

Re: mikrotik cAP n2 as repeater bridge

As long as you use normal wireless mode (not capsman) you can put both cap2n in AP Bridge mode.

Then build a WDS link between them, but I wouldn't recommend it, performance is not good in my experience

Nick
by nickshore
Fri Oct 02, 2015 2:58 pm
Forum: General
Topic: PPPoE connection to UK BT ADSL, MTU with RFC 4638
Replies: 4
Views: 4208

Re: PPPoE connection to UK BT ADSL, MTU with RFC 4638

RFC4638 has only just been implemented in the latest RouterOS Release Candidate. 6.33rc16

Changelog says:
*) pppoe - added support for MTU > 1492 on PPPoE;

Which version are you using ?

Nick
by nickshore
Wed Sep 02, 2015 5:02 pm
Forum: Wireless Networking
Topic: CAPsMAN and Antenna Gain
Replies: 11
Views: 6587

Re: CAPsMAN and Antenna Gain

You should set it on the wireless interface before you enable cap.

Nick
by nickshore
Sat Aug 01, 2015 2:18 pm
Forum: Announcements
Topic: 6.31 RC testing
Replies: 41
Views: 22141

Re: 6.31 RC testing

And what about the disabled packages? Elaborate... You enable/disable any package except System and routerOS, you need to reboot to do so. Nooooo. Packages must remain enabled i they were enabled before upgrade. Think in 50 CAP's massively upgraded via capscam never more reachables because dhcp pac...
by nickshore
Mon Jul 27, 2015 7:42 pm
Forum: General
Topic: Queues from Radius, But by Option-82?
Replies: 2
Views: 1013

Re: Queues from Radius, But by Option-82?

Can you use address lists to add the served IP into an address list and then set a queue for that ?
by nickshore
Sat Jul 25, 2015 4:02 pm
Forum: General
Topic: QRT (RB911G-5HPnD) Very Low Throughput - Stuck In NV2 Protocol
Replies: 3
Views: 1545

Re: QRT (RB911G-5HPnD) Very Low Throughput - Stuck In NV2 Protocol

I don't know why you are using WDS Just put one end in Bridge mode, and the other in station-bridge Put the eth1 and the wlan1 in a bridge on each end, remember to set an admin mac on each bridge to prevent issues. You should see better results. Also check that the ethernet ports are negotiating the...
by nickshore
Sun Mar 08, 2015 9:49 pm
Forum: General
Topic: Good signal but no Link on sfp interface
Replies: 4
Views: 3704

Re: Good signal but no Link on sfp interface

Try turning autoneg off or on
by nickshore
Thu Feb 12, 2015 3:35 pm
Forum: Forwarding Protocols
Topic: Routing distance and subnets priority
Replies: 6
Views: 8472

Re: Routing distance and subnets priority

Distance is only considered after subnet size.
by nickshore
Thu Feb 12, 2015 3:19 pm
Forum: Forwarding Protocols
Topic: Routing distance and subnets priority
Replies: 6
Views: 8472

Re: Routing distance and subnets priority

The most specific route is used first, so a /24 will always be used in preference to a /16
by nickshore
Thu Feb 12, 2015 1:51 pm
Forum: General
Topic: Support for PPPoE MTU > 1492 (via RFC4638 PPP-Max-Payload)
Replies: 19
Views: 8797

Re: Support for PPPoE MTU > 1492 (via RFC4638 PPP-Max-Payload)

Any news on including RFC 4683 support ?

This is already available in the linux pppoe code, so it shouldn't be difficult to add ?

Nick
by nickshore
Wed Feb 04, 2015 5:53 pm
Forum: General
Topic: CRS212 availability
Replies: 6
Views: 2069

Re: CRS212 availability

Excellent - yes our stock arrived today.

http://linitx.com/product/mikrotik-clou ... case/14327

Nick
by nickshore
Mon Jan 26, 2015 1:45 pm
Forum: General
Topic: CRS212 availability
Replies: 6
Views: 2069

Re: CRS212 availability

We have some on order which should be here in 11 days time.

We do aim to hold stock of all MikroTik products, but we do have to wait for them to process and deliver our orders !

http://linitx.com/category/mikrotik-clo ... 4/166,1074


Hope that helps

Nick
by nickshore
Mon Jan 19, 2015 2:50 pm
Forum: Wireless Networking
Topic: How to do MAC Filtering?
Replies: 3
Views: 6568

Re: How to do MAC Filtering?

On the Wireless Interface disable Default Authentication

Then add an entry in to the wireless access list for each client.
by nickshore
Sun Nov 30, 2014 4:51 pm
Forum: General
Topic: (Another) Dual WAN Setup Help
Replies: 2
Views: 1445

Re: (Another) Dual WAN Setup Help

If you assign different address ranges to the 2 sets of equipment then you can use a route rule to lookup in a different routing table, and then have a different default route in that table.

To cope with fallback add a 2nd default route via the other connection with a bigger distance

Nick
by nickshore
Wed Nov 26, 2014 3:37 pm
Forum: Forwarding Protocols
Topic: Dual wireless link failover
Replies: 5
Views: 4294

Re: Dual wireless link failover

You can do that using routes with different distances along with check-gateway enabled.

Nick
by nickshore
Mon Nov 24, 2014 5:40 pm
Forum: Beginner Basics
Topic: Can someone explain MIKROTIK_ADDRESS_LIST
Replies: 7
Views: 2845

Re: Can someone explain MIKROTIK_ADDRESS_LIST

You can use the Radius attribute Mikrotik address List to add the assigned IP, which the PPPoE user gets, into an address list on the PPPoE server. This allows you to build queue trees using the address list, or setup firewall rules etc. The IP address which is assigned and then added into the addre...
by nickshore
Thu Nov 13, 2014 6:03 pm
Forum: General
Topic: New forum look & feel
Replies: 64
Views: 13047

Re: New forum look & feel

Please can we have the old theme back !
by nickshore
Thu Oct 16, 2014 4:38 pm
Forum: General
Topic: Firewall is broken in v6.20
Replies: 17
Views: 4404

Re: Firewall is broken in v6.20

It is good practice to drop all traffic, and then add rules in to allow good traffic.
by nickshore
Thu Oct 16, 2014 3:48 pm
Forum: General
Topic: Firewall is broken in v6.20
Replies: 17
Views: 4404

Re: Firewall is broken in v6.20

The 3 rules you say you have in the forward chain are add chain=forward comment="Accept and forward Established connections" connection-state=established add chain=forward comment="Accept and forward Related connections" connection-state=related add action=drop chain=forward comm...
by nickshore
Thu Oct 16, 2014 3:02 pm
Forum: General
Topic: Firewall is broken in v6.20
Replies: 17
Views: 4404

Re: Firewall is broken in v6.20

A normal set of rules in your forward chain might be as follows: /ip firewall filter add chain=forward comment=Established connection-state=established action=accept add chain=forward comment=Related connection-state=related action=accept add chain=forward comment="New from local bridge" c...
by nickshore
Fri Oct 10, 2014 6:20 pm
Forum: Wireless Networking
Topic: CAPs Manager
Replies: 165
Views: 75496

Re: CAPs Manager

if you want to register the onboard wifi interface of the CAPsMAN into the CAPsMAN system you can use the caps-man-addresses=127.0.0.1 in the /interface wireless cap. I tried the caps-man-addresses=127.0.0.1 with registration success in the CAPsMAN but the devices aren´t able to go online via webbr...
by nickshore
Wed Sep 24, 2014 6:52 pm
Forum: Wireless Networking
Topic: Device discovery not working over wireless
Replies: 1
Views: 1330

Re: Device discovery not working over wireless

You shouldn't bridge WAN and LAN, you should route the IPs

Nick
by nickshore
Fri Sep 19, 2014 11:30 am
Forum: Forwarding Protocols
Topic: Enabling MPLS breaks OSPF
Replies: 14
Views: 4396

Re: Enabling MPLS breaks OSPF

I think that you need your transportt-address to be the IP on eth3 not your loopback

Nick
by nickshore
Fri Sep 12, 2014 6:40 pm
Forum: Beginner Basics
Topic: Network Printer not printing or scanning after Mikrotik
Replies: 3
Views: 2827

Re: Network Printer not printing or scanning after Mikrotik

Is the printer connected wirelessly ?

If so you may need to allow forwarding on the wireless interface.

Nick
by nickshore
Wed Sep 10, 2014 6:01 pm
Forum: General
Topic: MikroTik Wiki Radius description seems to be wrong
Replies: 3
Views: 1365

Re: MikroTik Wiki Radius description seems to be wrong

You can't do a coa but you can force a disconnect.

eg
echo "Acct-Session-Id=81e01fb1,User-Name=user1" | radclient -x 10.1.1.2:3799 disconnect radiussecret
The client will then reconnect and get their new radius profile.

Nick
by nickshore
Fri Aug 22, 2014 4:40 pm
Forum: Wireless Networking
Topic: CAPsMAN without Local Forwarding problem
Replies: 2
Views: 1580

Re: CAPsMAN without Local Forwarding problem

I have an RB2011 running capsman and a cap.

I use local forwarding onto my bridge for that traffic.

Nick.
by nickshore
Thu Aug 21, 2014 11:55 am
Forum: Wireless Networking
Topic: SXT G-5HPacD: Can't adjust TX Power
Replies: 4
Views: 3648

Re: SXT G-5HPacD: Can't adjust TX Power

Hello. I noticed that new SXT AC doesn't show the current TX Power (http://forum.mikrotik.com/viewtopic.php?f=7&t=88071&p=442289&hilit=txpower#p442289). I haven't tried yet Netbox, but it must be the same. That's a "minor" bug but... really we can't adjust the TX-Power! You ca...
by nickshore
Mon Aug 18, 2014 2:38 pm
Forum: General
Topic: SXT AC best settings
Replies: 83
Views: 60050

Re: SXT AC best settings

We blogged about our SXT AC testing:

http://blog.linitx.com/mikrotiks-sxt-acs/

Hope you like it !

Nick
by nickshore
Mon Jul 28, 2014 8:41 pm
Forum: Beginner Basics
Topic: Noddy guide for BT Infinity PPPOE setup?
Replies: 2
Views: 1808

Re: Noddy guide for BT Infinity PPPOE setup?

Add input chain rules to only allow access for what you need, specify the pppoe client as the in interface.

You should also have rules to allow established and related packets.

Then add a drop rule at the end of the input chain.

Hope that helps

Nick
by nickshore
Thu Jul 17, 2014 1:46 pm
Forum: RouterBOARD hardware
Topic: CCR1009-8G-1S-1S+ Availability?
Replies: 3
Views: 1637

Re: CCR1009-8G-1S-1S+ Availability?

We have stock:

http://linitx.com/product/mikrotik-clou ... el-6/14113


Hope that helps
Nick
by nickshore
Sat Jun 14, 2014 7:30 pm
Forum: General
Topic: Feature request: route - check gateway via ping to some IP
Replies: 3
Views: 2609

Re: Feature request: route - check gateway via ping to some

You can do this using recursive routes.
by nickshore
Fri Jun 13, 2014 5:32 pm
Forum: General
Topic: AAISP Upstream Bonding
Replies: 2
Views: 1166

Re: AAISP Upstream Bonding

If you join us in our irc channel we may be able to help

Nick
by nickshore
Wed Jun 11, 2014 4:40 pm
Forum: Wireless Networking
Topic: CAPs Manager
Replies: 165
Views: 75496

Re: CAPs Manager

I've just tested on mine and it works with a set of rules like this: /caps-man access-list add action=reject comment="Deny all low signals" signal-range=-120..-60 add action=accept comment="Laptop" mac-address=E0:CA:94:92:D2:AD add action=accept comment=N4 mac-address=40:B0:FA:6D...
by nickshore
Sat Mar 29, 2014 2:21 pm
Forum: Wireless Networking
Topic: BaseBox5 PtP 20km wireless link
Replies: 6
Views: 6336

Re: BaseBox5 PtP 20km wireless link

You should use Bridge - Station Bridge for a transparent L2 link between RBs

There is no need to use wds
by nickshore
Sat Mar 29, 2014 2:03 pm
Forum: Wireless Networking
Topic: CAPs Manager
Replies: 165
Views: 75496

Re: CAPs Manager

I have setup three APs in a CAPsMAN/CAPs test configuration How does one disable the 'default authenticate' in order to apply the access list ? Unfortunately comments in Access list aren't preserved Try adding a reject rule in the access list after your accept rules: /caps-man access-list add actio...
by nickshore
Mon Feb 03, 2014 5:05 pm
Forum: Beginner Basics
Topic: Pure switching on RB2011
Replies: 3
Views: 1474

Re: Pure switching on RB2011

On each interface eth2-eth5 set the master port to be eth1

On each interface eth7-eth10 set the master port to be eth6

Then bridge eth1 to eth6

Then add the IP address to the bridge.

Nick.
by nickshore
Wed Dec 18, 2013 1:47 pm
Forum: General
Topic: 2 LAN 2 gateways
Replies: 6
Views: 3400

Re: 2 LAN 2 gateways

You can do this simply using Routing Rules In winbox go to IP Routes Add default routes with routing marks eg wan1 and wan2, specify the gateway on each one. then go to the Rules tab Then add rules for each subnet, using the src address of the lan, action of lookup and table specifies the routing ma...
by nickshore
Tue Dec 03, 2013 11:31 am
Forum: Wireless Networking
Topic: Low througput with simple p2p SXT link
Replies: 2
Views: 2076

Re: Low througput with simple p2p SXT link

What speeds are showing in Wireless Registrations ?

Did you make sure both chains were enabled ?


Nick.
by nickshore
Sat Nov 30, 2013 10:29 pm
Forum: Forwarding Protocols
Topic: Ospf settings
Replies: 10
Views: 4577

Re: Ospf settings

If the 751 is acting as your border router then you should NAT on there.

I don't think you need a NAT at all on the 951

Can you draw a picture ?

Nick
by nickshore
Sat Nov 30, 2013 10:25 pm
Forum: General
Topic: TCP SynCookie in 6.6 & 6.7
Replies: 2
Views: 2174

Re: TCP SynCookie in 6.6 & 6.7

The TCP SynCookie setting is now in IP Settings


Nick.
by nickshore
Sat Nov 30, 2013 5:06 pm
Forum: Forwarding Protocols
Topic: Ospf settings
Replies: 10
Views: 4577

Re: Ospf settings

You shouldn't need to NAT if your routes are distributing correctly

Can you show the IP Routes from each router ?

Also you seem to mention 2 areas ? you should only need to use backbone for a small network.

Nick.
by nickshore
Wed Nov 27, 2013 11:41 am
Forum: Wireless Networking
Topic: allow one MAC address to access Mikrotik router(AP) RB751
Replies: 4
Views: 5261

Re: allow one MAC address to access Mikrotik router(AP) RB75

You can use an access list entry to do this: 1) Connect the client by wireless to the 751 2) In winbox look in Wireless Registration 3) Double click the entry for the client 4) Click the Copy to Access List button 5) Go to Wireless Interfaces 6) Double click the interface 7) Untick Default Authentic...
by nickshore
Mon Nov 25, 2013 3:06 pm
Forum: RouterBOARD hardware
Topic: RB2011UAS-RM - auto negotiation problem
Replies: 112
Views: 72708

Re: RB2011UAS-RM - auto negotiation problem

I've just been testing FTTC modems with 2011s and 951Gs and the new Cloud Router Switch I have found that the stock we have of 951G-2HnD, RB2011UiAS-RM, and RB2011UAS-2HnD-IN will all connect at 100 Mbps full duplex on their gigabit ports when using the Huwaei. However they will not work properly wi...
by nickshore
Wed Nov 13, 2013 12:27 pm
Forum: RouterBOARD hardware
Topic: RB2011UAS-RM - auto negotiation problem
Replies: 112
Views: 72708

Re: RB2011UAS-RM - auto negotiation problem

I queried options for return. This is what I got. No news yet for 951G owners but I don't hold out much hope. Using RB2011 it is still possible to establish 100Mbit link with BT modem by using ether6-ether10 ports. This incompatibility is not caused by defect in any way, therefore warranty does not...
by nickshore
Wed Oct 16, 2013 8:29 pm
Forum: RouterBOARD hardware
Topic: 2011UiAS no winbox on eth1-eth5, winbox ok on eth6-eth10
Replies: 4
Views: 2000

Re: 2011UiAS no winbox on eth1-eth5, winbox ok on eth6-eth10

Did it come with version 5 on it, I thought they were coming with version 6.

Nick.
by nickshore
Sun Oct 13, 2013 9:28 pm
Forum: RouterBOARD hardware
Topic: RB912UAG-5HPnD-OUT - how to open the case
Replies: 8
Views: 4402

Re: RB912UAG-5HPnD-OUT - how to open the case

There are 2 screws which have small covers on the outside of the case.
by nickshore
Sun Oct 13, 2013 6:47 pm
Forum: General
Topic: Lock to AP MAC function
Replies: 4
Views: 2173

Re: Lock to AP MAC function

If it is a mikrotik client, then add a connect list entry (connect and then copy it from wireless registrations)
and then turn off Default authentication

If you want to control it on the APs, then use an access list entry

Hope that helps
Nick.
by nickshore
Wed Sep 11, 2013 4:00 pm
Forum: General
Topic: About upgrading CCR to v6.3
Replies: 4
Views: 2135

Re: About upgrading CCR to v6.3

by nickshore
Fri Aug 30, 2013 3:49 pm
Forum: Beginner Basics
Topic: One eth to "see" multiple VLANs
Replies: 6
Views: 2073

Re: One eth to "see" multiple VLANs

Make a bridge and put eth3 and both vlans into it.

On each vlan in the bridge ports set the horizon to be the same value eg 1

Then the vlans won't be able to talk to each other, but they will both be able to communicate with the pc on eth3.

Nick.
by nickshore
Thu Aug 22, 2013 6:25 pm
Forum: General
Topic: [SOLVED]How to route all traffic to tunnel pptp,eoip,ipsec
Replies: 5
Views: 4731

Re: How to route all traffic to tunnel (pptp,eoip,ipsec,...)

You can change the DHCP route distance in the DHCP client.

You then need to add a static route for the PPTP endpoint over the WAN ethernet.

Then your PPTP default route will work.

Nick.
by nickshore
Thu Aug 22, 2013 6:07 pm
Forum: Forwarding Protocols
Topic: Very strange issue with BGP and performance
Replies: 10
Views: 3242

Re: Very strange issue with BGP and performance

Did you check the ethernet status to see what speed they are connecting to the switch port at ?

The 2011 has problems negotiating gigabit speeds with some devices.

Nick.
by nickshore
Tue Aug 20, 2013 5:41 pm
Forum: Beginner Basics
Topic: Two SSID-s on RB 951-2n
Replies: 7
Views: 4985

Re: Two SSID-s on RB 951-2n

Did you add a dhcp server to the virtual AP ?
by nickshore
Wed Jul 10, 2013 7:03 pm
Forum: General
Topic: Which Mikrotik supplier to choose?
Replies: 2
Views: 1276

Re: Which Mikrotik supplier to choose?

We are always helpful :)

Nick.
by nickshore
Tue Jun 25, 2013 6:39 pm
Forum: Forwarding Protocols
Topic: ipv6 dhcp pd and interface enumeration on RouterOS 5.20
Replies: 3
Views: 2987

Re: ipv6 dhcp pd and interface enumeration on RouterOS 5.20

You need to specify the address part which will be added to the prefix:

eg
 /ipv6 address add advertise=yes disabled=no interface=ether2-master-local from-pool="pdprefix"  address=::1


Nick.
by nickshore
Tue Jun 18, 2013 11:21 am
Forum: General
Topic: Failover - NAT with Routed IP
Replies: 1
Views: 1150

Re: Failover - NAT with Routed IP

From your description it looks like a masquerade rule with out-interface=ether2 should do the job

Nick.
by nickshore
Fri Jun 14, 2013 4:12 pm
Forum: Beginner Basics
Topic: is this RouterOS error!
Replies: 5
Views: 1669

Re: is this RouterOS error!

can you show the output of
/ip address print
by nickshore
Sun Jun 09, 2013 4:09 pm
Forum: Wireless Networking
Topic: RB951G-2HnD cannot get 300mhz
Replies: 19
Views: 8410

Re: RB951G-2HnD cannot get 300mhz

Disable tkip
by nickshore
Wed Jun 05, 2013 3:48 pm
Forum: RouterBOARD hardware
Topic: RB 2011LS-IN & MIKROTIK GBIC PAIR S-35LC20D
Replies: 7
Views: 3833

Re: RB 2011LS-IN & MIKROTIK GBIC PAIR S-35LC20D

Make sure that autonegotiate is switched on for the interface on the CCR, it defaults to off.

NIck.
by nickshore
Sat Jun 01, 2013 10:03 pm
Forum: Wireless Networking
Topic: LAN and WAN with one DHCP server
Replies: 2
Views: 1486

Re: LAN and WAN with one DHCP server

1) Make a bridge
2) Put both interfaces into a bridge, in Bridge - Ports
3) Assign an IP to the bridge
4) put the DHCP server on the bridge.

Hope that helps

Nick.
by nickshore
Wed May 29, 2013 4:26 pm
Forum: RouterBOARD hardware
Topic: Groove-5Hn, SXT, others --> Availability
Replies: 18
Views: 5749

Re: Groove-5Hn --> Availability

We should have some stock of Groove 52s on around the 12th June.

See http://linitx.com/search.php?keywords=groove

We have sold a lot to customers already, but do have a further 80 available to be reserved.

Nick.
by nickshore
Tue May 28, 2013 7:18 pm
Forum: Beginner Basics
Topic: PPPoE Noob
Replies: 5
Views: 2157

Re: PPPoE Noob

Can you turn off Add Default Gateway on your dhcp client, and turn on Add Default Gateway on your pppoe-client ?

Then see if it works

Nick.
by nickshore
Sat May 25, 2013 10:18 pm
Forum: Beginner Basics
Topic: CCR doesn't have default IP
Replies: 14
Views: 5171

Re: CCR doesn't have default IP

When you add pppoe clients to wan2 and wan3 you should not enable add default route on those either. You need to decide on how to you wish to route. In fact I would not check add default route on any of the pppoe clients, and then I would add one static default route, with all 3 gateways, this is ca...
by nickshore
Sat May 25, 2013 10:00 pm
Forum: Beginner Basics
Topic: CCR doesn't have default IP
Replies: 14
Views: 5171

Re: CCR doesn't have default IP

Looks like you have a DHCP client on ether 1 with add default route checked, turn that off.

You currently have 2 default routes ! and the DAS shows the ether1 route is the active one.

Nick.
by nickshore
Sat May 25, 2013 9:49 pm
Forum: Beginner Basics
Topic: CCR doesn't have default IP
Replies: 14
Views: 5171

Re: CCR doesn't have default IP

open a terminal and do
/ip route print
and
/ip firewall nat print
then show us
by nickshore
Sat May 25, 2013 9:38 pm
Forum: Beginner Basics
Topic: CCR doesn't have default IP
Replies: 14
Views: 5171

Re: CCR doesn't have default IP

you need a src-nat chain masquerade rule for your pppoe interface

do you have add default route set on the pppoe client ?

do you have a default route in IP routes ?
by nickshore
Sat May 25, 2013 6:21 pm
Forum: Beginner Basics
Topic: CCR doesn't have default IP
Replies: 14
Views: 5171

Re: CCR doesn't have default IP

Using winbox go into IP -> addresses and add an IP to an interface,then connect to that interface.

Nick.
by nickshore
Wed May 15, 2013 5:50 pm
Forum: Beginner Basics
Topic: Multiple profiles/subnets on PPTP
Replies: 2
Views: 2266

Re: Multiple profiles/subnets on PPTP

I think you might be able to specify the local and remote address in the radius profile.

Use Framed-IP-Address for the remote IP and Framed-Route for the local address.

I've not tested it yet...

Nick.
by nickshore
Wed May 08, 2013 4:19 pm
Forum: General
Topic: Back leds on sxt lite, don't works, Is normal?
Replies: 9
Views: 2826

Re: Back leds on sxt lite, don't works, Is normal?

AFAIK the LEDs only work in the station modes.

It would be nice if the LEDs worked in Bridge mode (only allows 1 client) as well, but I don't think they do ?

Nick.
by nickshore
Wed May 08, 2013 11:43 am
Forum: General
Topic: NAT forwarding when not default gateway
Replies: 2
Views: 7307

Re: NAT forwarding when not default gateway

The default gateway is used to send packets where the destination address is not in the subnet of the interface. In your example a request packet comes in from outside, lets say 212.212.212.212, and gets sent to 10.0.0.2 It replies to 212.212.212.212 using the only route it has for that address, its...
by nickshore
Sat May 04, 2013 2:56 pm
Forum: General
Topic: Lock to ap mac address?
Replies: 5
Views: 7188

Re: Lock to ap mac address?

For a client MikroTik in station mode use connect list to specify the required AP.
Switch off default authenticate on the wireless interface to only connect to APs in the list.

Hope that helps

Nick
by nickshore
Thu May 02, 2013 10:49 am
Forum: General
Topic: VDSL Connection won't work
Replies: 5
Views: 3587

Re: VDSL Connection won't work

Which speed port on the 2011 are you using ?

We have seen autoneg problems between 2011s and VDSL modems when using the gigabit ports.

Try using one of the 10/100 ports - eg ether10

Nick.
by nickshore
Wed May 01, 2013 11:42 pm
Forum: Beginner Basics
Topic: Help routing problem
Replies: 6
Views: 1970

Re: Help routing problem

Your default route has the wlan interface on it, this only works for ppp type connections.

You need to specify the next hop IP address instead.

Nick.
by nickshore
Wed May 01, 2013 7:02 pm
Forum: General
Topic: PPPoE drops connections when Ethernet port bounces
Replies: 6
Views: 2783

Re: PPPoE drops connections when Ethernet port bounces

Make sure that you have set an admin-mac on the bridge.

Nick.
by nickshore
Wed May 01, 2013 6:59 pm
Forum: General
Topic: Setting up full /25 of public IP's on Network
Replies: 4
Views: 1701

Re: Setting up full /25 of public IP's on Network

You should check in ip firewall filter for rules in the forward chain

You should also check to make sure the device you are trying to access has the correct default route set.


Nick
by nickshore
Tue Apr 30, 2013 3:00 pm
Forum: General
Topic: Setting up full /25 of public IP's on Network
Replies: 4
Views: 1701

Re: Setting up full /25 of public IP's on Network

Put the 66.x.x.154/30 on your WAN interface

Set the default route to 66.xx.xx.153

Put 206.xx.xx.129/25 on your LAN interface

Disable your NAT rules.

Use the rest of the /25 on your devices in your LAN, (by DHCP if you like) and give them a default route of 206.xx.xx.129


Hope that helps

Nick.
by nickshore
Sat Apr 20, 2013 6:57 pm
Forum: Wireless Networking
Topic: Is mikrotik is secured ...
Replies: 14
Views: 4202

Re: Is mikrotik is secured ...

Use an extra layer of strong encryption.

Run WPA2 or NV2 encrytion on the wifi, and then run IPSEC over that

Nick.
by nickshore
Thu Apr 11, 2013 11:34 am
Forum: General
Topic: Give to local device public ip address (without nat)
Replies: 7
Views: 1969

Re: Give to local device public ip address (without nat)

Do you have another IP range for the WAN connection ? a /30 from your ISP ? You can put an IP from the /24 block onto the LAN eg xxx.234.147.1/24 Then you can disable your NAT rule. Then local devices can have an address in xxx.234.147.0/24 and use xxx.234.147.1/24 as their gateway. Hope that helps ...
  • 1
  • 2