Community discussions

MikroTik App

Search found 1191 matches

by samsung172
Mon Mar 18, 2024 10:19 pm
Forum: General
Topic: A strange day - VRRP/Wireguard
Replies: 5
Views: 426

Re: A strange day - VRRP/Wireguard

After some job i was able to conclude that the error is indeed wireguard that dont know what to do with egress when there are floating IP at vrrp redundancy. Trafffic is comming in via the correct interface and IP, but egress will use the other ip in the VRRP setup. Problem solved by puting a 3. rou...
by samsung172
Mon Mar 18, 2024 9:27 am
Forum: General
Topic: A strange day - VRRP/Wireguard
Replies: 5
Views: 426

Re: A strange day - VRRP/Wireguard

Thank you for the reply. The link to the other post gave me some clues - but not the solution itself. I'm wondering if the WireGuard handshake behaves a bit differently than other stuff in the routers regarding egress traffic? My setup is as simple as possible - with kinda nothing special. No BGP o...
by samsung172
Mon Mar 18, 2024 3:11 am
Forum: General
Topic: A strange day - VRRP/Wireguard
Replies: 5
Views: 426

A strange day - VRRP/Wireguard

Hello! Long time no see - it's been a while since I was here now - but today has been my strangest MikroTik day in some years - so I need to ask you guys for some tips. I had a major failure at my data center today - it's actually the 3rd time in a year now this is happening - so I was rebuilding m...
by samsung172
Fri Jul 08, 2022 1:40 am
Forum: General
Topic: CHR on Amazon Cloud ROS 7 upgrade server crash
Replies: 8
Views: 1618

Re: CHR on Amazon Cloud ROS 7 upgrade server crash

I have done this quite some times now. Its seems like there is some bug stopping the AWS instance if you upgrade from ros 7.x to 7.x. from 6.x to 7.x its ok. I have crashed about 5 instances now, same happening every time.
by samsung172
Thu Nov 11, 2021 1:23 am
Forum: General
Topic: Having RouterOS boot faster [SOLVED]
Replies: 15
Views: 3800

Re: Having RouterOS boot faster [SOLVED]

Sounds like you have never waited for a cisco to bootup? :D
by samsung172
Thu Nov 11, 2021 1:15 am
Forum: Wireless Networking
Topic: WDS between omnitiks and sxt
Replies: 2
Views: 1870

Re: WDS between omnitiks and sxt

Just put all Omnitik as AP bridge, with dynamic wds. Then i recomend to copy the dynamic WDS interface so it become static, rename it, and add it to a bridge. This is the old rock solid way of doing this, and if someone try to connect with wds, they are not automaticly added to a bridge. This also m...
by samsung172
Thu Nov 11, 2021 12:57 am
Forum: Beginner Basics
Topic: Kid Control IP Addresses
Replies: 6
Views: 2860

Re: Kid Control IP Addresses

I always set kid controlled devices to statcic in the dhcp server
by samsung172
Thu Nov 11, 2021 12:55 am
Forum: Beginner Basics
Topic: DHCP Client issue
Replies: 13
Views: 4786

Re: DHCP Client issue

How can you possibly add a route without a gateway or destination address?? If you are using LTE passthough to another device, so the WAN address is terminated there, the LTE Mikrotik has no access to the WAN - you have to provide access via the other device. A sketch showing what you are attemptin...
by samsung172
Mon Sep 27, 2021 10:46 pm
Forum: General
Topic: 2 PPOE Server Links in a Single Line
Replies: 2
Views: 639

Re: 2 PPOE Server Links in a Single Line

Looks like you should setup 2 separate nets. One for each pppoe. Easiest way is to just use 2 routers, but its possible with some rules to have 2 going.

You can use vlan if you just have one link down to switch.
by samsung172
Mon Sep 27, 2021 10:44 pm
Forum: General
Topic: DHCP address assignment based on VLAN
Replies: 2
Views: 524

Re: DHCP address assignment based on VLAN

Its possible, but you need to run one dhcp server per vlan.
by samsung172
Mon Sep 10, 2018 8:51 pm
Forum: General
Topic: Assigning Static IP to VLAN's
Replies: 1
Views: 1641

Re: Assigning Static IP to VLAN's

1. Add the vlans to your interface pointing to the AP's. Bridge - one and one, or how you want to transport the vlan to the AP's. 2. Add the vlan to the AP's and add the static IP you want. If you want separate vlan's, i assume you dont want the vlan bridged - so you need to setup in some kind of su...
by samsung172
Sat Aug 04, 2018 4:43 pm
Forum: Beginner Basics
Topic: Understanding VPN - can't access remote resources
Replies: 2
Views: 1919

Re: Understanding VPN - can't access remote resources

You somehow need to route trough our vpn, to your desired site(s) . Maybe 0.0.0.0/0 - maybe just a pool like 192.168.0.0/16 - or something like that. Windows will not know your routes automaticly. Its possible to add a route option in l2tp.
by samsung172
Sat Aug 04, 2018 1:04 am
Forum: Beginner Basics
Topic: Ethernet over power and PPPOE
Replies: 3
Views: 1165

Re: Ethernet over power and PPPOE

poe = Power - Dont apply to dhcp, static or pppoe ip - thats a different thing. Poe - You can have from whatever poe device you use. With or without ethernet connection. If you provie a ethernet connection - let say gigabit ethernet ( layer1 ) you can have a dhcp,pppoe, static ip (l3) - or whatever ...
by samsung172
Sat Aug 04, 2018 1:00 am
Forum: Beginner Basics
Topic: VPN Routing
Replies: 3
Views: 1201

Re: VPN Routing

then you need to add a route. :D (and delete default)
by samsung172
Sat Aug 04, 2018 12:58 am
Forum: General
Topic: Feature request: radius accounting on login also for local users
Replies: 3
Views: 1999

Re: Feature request: radius accounting on login also for local users

then remove local user - and just use the radius user. then it will work for you. :)
by samsung172
Sat Aug 04, 2018 12:56 am
Forum: General
Topic: Route all Office365 traffic via VPN
Replies: 1
Views: 1094

Re: Route all Office365 traffic via VPN

make a stright forward firewall rule. Tell what you want to do - and it does the job. Eg, if you want all traffic to mymailserver.mail to route trough a interface - tell the firewall to eather send(route) trough another interface - or make it nat - to that ip/interface.
by samsung172
Sat Aug 04, 2018 12:55 am
Forum: General
Topic: Xiaomi Mi WiFi Router 3 and Mikrotik rb750gr3 connect
Replies: 1
Views: 1985

Re: Xiaomi Mi WiFi Router 3 and Mikrotik rb750gr3 connect

bridge the AP so that users have a l2 connection to your hotspot.
by samsung172
Sat Aug 04, 2018 12:53 am
Forum: General
Topic: Installer Hand Tool
Replies: 1
Views: 989

Re: Installer Hand Tool

Its developed a lot of tools and devices for this purpose. You can use a script that make sounds if signal strength goes up. We also have devloped a device that have poe and a signal meter displayed on lcd. Its a lot of options - but no mainstream solution from mikrotik.
by samsung172
Sat Aug 04, 2018 12:49 am
Forum: Wireless Networking
Topic: nstreme protocol security
Replies: 3
Views: 1773

Re: nstreme protocol security

/interface wireless security-profile
by samsung172
Sat Aug 04, 2018 12:45 am
Forum: Forwarding Protocols
Topic: MPLS Hops in VRF not visible
Replies: 3
Views: 1656

Re: MPLS Hops in VRF not visible

they wont get this ip's if they are no routable from customer - like CPE have a public ip - the hops have rfc1918 address - and you do not have a route to the rfc1918 from cpe.
by samsung172
Tue Jul 31, 2018 11:19 am
Forum: General
Topic: Authenticate router on the network with pppoe with hotspot?
Replies: 2
Views: 1029

Re: Authenticate router on the network with pppoe with hotspot?

its no problem having a mixed dhcp and pppoe at same out interface. (if this was your question) you can have some device that get an ip via dhcp (or have a manual set ip) mixed with pppoe for authentiation. You can also have ip to CPE's from the same pool of ip's
by samsung172
Tue Jul 31, 2018 11:16 am
Forum: Beginner Basics
Topic: Help with Basic VLAN [SOLVED]
Replies: 30
Views: 6910

Re: Help with Basic VLAN [SOLVED]

just add a vlan to your bridge and add an ip to this new interface. next you need to tag the vlan at your ubnt device, and use it for your requirements.
by samsung172
Tue Jul 31, 2018 11:10 am
Forum: General
Topic: Transfer of licence to new HDD
Replies: 1
Views: 944

Re: Transfer of licence to new HDD

This is not possible doing yourself. The only way for transfer licence it to contact mikrotik support.
by samsung172
Wed Jul 04, 2018 12:21 am
Forum: General
Topic: BGP Failover
Replies: 3
Views: 1230

Re: BGP Failover

its 2 bgp peers? - use distance
by samsung172
Wed Jul 04, 2018 12:18 am
Forum: General
Topic: CCR1036-8G-2S+ router restart itself problem
Replies: 1
Views: 1192

Re: CCR1036-8G-2S+ router restart itself problem

you need to reinstall ros
by samsung172
Wed Jul 04, 2018 12:17 am
Forum: Forwarding Protocols
Topic: OSPF cause high cpu usage?
Replies: 1
Views: 1503

Re: OSPF cause high cpu usage?

4 /24's in /32 should not give you more than maximum 1% cpu increase
by samsung172
Wed Jul 04, 2018 12:16 am
Forum: General
Topic: CRS125 and SFP DDM
Replies: 1
Views: 1106

Re: CRS125 and SFP DDM

never seen this problem. Wrong sfp type?
by samsung172
Wed Jul 04, 2018 12:14 am
Forum: General
Topic: Mikrotik Support is not reacting at all! - WIFI issues with realtime TCP applications
Replies: 11
Views: 2873

Re: Mikrotik Support is not reacting at all! - WIFI issues with realtime TCP applications

@OP, you are now in very good hands with sindy and I can guarantee you, by providing all info requested, you will get to the bottom of your problem. @sindy, thank you for taking note and assist and I am looking forward to learning from you during this process. @samsung172, I had issues with Apple d...
by samsung172
Wed Jun 27, 2018 10:39 am
Forum: General
Topic: Using /export compact file=xxx Over API
Replies: 1
Views: 1269

Re: Using /export compact file=xxx Over API

api have true/false and mikrotik use yes/no. Its the same stuff. You se the same in many other stuff like in your config - auto-mac. I dont think its intended to have a full config export from api - and then a full import - without changing parameters.
by samsung172
Tue Jun 26, 2018 9:23 pm
Forum: General
Topic: IP NAT only when connecting to specific IP [SOLVED]
Replies: 2
Views: 1512

Re: IP NAT only when connecting to specific IP [SOLVED]

here i actualy cant understand what you mean. If you connect to ip xxx.yyy.zzz.aaa port 80 - there is no more "outgoing" ip. This server will respond, and send traffic back to you.
by samsung172
Tue Jun 26, 2018 9:16 pm
Forum: General
Topic: EoIP bridge configured as a backup
Replies: 2
Views: 1302

Re: EoIP bridge configured as a backup

I would split the managment net into 2 subnets, and route one side of the licensed link trough a VPN on side A. Its also possible to do with a eoip - but you need some kind of loop protection like rstp.
by samsung172
Tue Jun 26, 2018 9:12 pm
Forum: General
Topic: ERROR: bad HTTP response while trying to update
Replies: 5
Views: 3404

Re: ERROR: bad HTTP response while trying to update

ping a url. not ip. You might have a dns problem.
by samsung172
Tue Jun 26, 2018 9:09 pm
Forum: General
Topic: Some HTTPS web sites won't work!
Replies: 10
Views: 4399

Re: Some HTTPS web sites won't work!

/ip firewall mangle add out-interface=YOUR_WAN_INTERFACE protocol=tcp tcp-flags=syn action=change-mss new-mss=1300 chain=forward tcp-mss=1301-65535 Try this on router, and see if its helps. Does your ISP use pppoe'? Then you need to change MTU I've tried your firewall rule and it still times out wh...
by samsung172
Tue Jun 26, 2018 1:20 am
Forum: Wireless Networking
Topic: Wireless disconnected, group key exchange timeout
Replies: 68
Views: 75320

Re: Wireless disconnected, group key exchange timeout

this is a old issue. its 99% sure due to bad signal.
by samsung172
Tue Jun 26, 2018 1:17 am
Forum: Beginner Basics
Topic: Backup port
Replies: 1
Views: 2336

Re: Backup port

this is due to a loop in your network (bridge), and (r)stp fix this :)
by samsung172
Tue Jun 26, 2018 1:14 am
Forum: Beginner Basics
Topic: Vlans ,PPOE and external Radius Server
Replies: 3
Views: 1127

Re: Vlans ,PPOE and external Radius Server

use horizion on the bridge bridging the vlans to the NAS.

Dont route between the subnets.
by samsung172
Tue Jun 26, 2018 1:12 am
Forum: General
Topic: Mikrotik Support is not reacting at all! - WIFI issues with realtime TCP applications
Replies: 11
Views: 2873

Re: Mikrotik Support is not reacting at all! - WIFI issues with realtime TCP applications

well. I have newer figured out why apple devices acct like this. I have read a lot of capture etc - and can just tell that dissabeling security will do magic to apple devices. If ita a apple or mikrotik bug - i dont know. Im quite a miktorik evangalist - but to wlan where i dont have 100% control of...
by samsung172
Tue Jun 26, 2018 1:07 am
Forum: General
Topic: firewall rules not work for some specific reason
Replies: 10
Views: 1832

Re: firewall rules not work for some specific reason

it seems like you try to do a l3 firewall rule on a l2 interface? does your router route in and out of the vlan? if not - you must use bridge firewall and/or queues
by samsung172
Tue Jun 26, 2018 1:01 am
Forum: General
Topic: LHG AC restart with kernel reboot msg in log
Replies: 7
Views: 2333

Re: LHG AC restart with kernel reboot msg in log

as long as nv2/80211 is choosen there is no problem, but setting nstreme renders device
into dead end -> kernel failure.




this is a old known problem - i think we se this first time in 2.9.xx version of ros.
by samsung172
Tue Jun 26, 2018 12:51 am
Forum: General
Topic: Mikrotik Support is not reacting at all! - WIFI issues with realtime TCP applications
Replies: 11
Views: 2873

Re: Mikrotik Support is not reacting at all! - WIFI issues with realtime TCP applications

Try to dissable wlan security. This is sometimes magic to apple devices.
by samsung172
Tue Jun 26, 2018 12:41 am
Forum: General
Topic: 2 Wan but wich is the primary ?? [SOLVED]
Replies: 5
Views: 2743

Re: 2 Wan but wich is the primary ?? [SOLVED]

change your distance. Have the lowest number to your main connection
by samsung172
Tue Jun 26, 2018 12:33 am
Forum: General
Topic: Routing
Replies: 16
Views: 3714

Re: Routing

I have in the last 5 years or so - used rfc1918 addresses to run internal network - with no nat etc at all. Then you are 99% secure from someone accessing your devices, and you dont need big firewalls, patches etc. I have used 2 types of network inside rfc1918 - VPLS or vrf. A typical setup - eBGP/G...
by samsung172
Tue Jun 26, 2018 12:18 am
Forum: General
Topic: Routing
Replies: 16
Views: 3714

Re: Routing

As long as rfc1918 is just used as transport - it will work. ICMP packet's will not work . but traffic in TCP/IP will work. If you use a rfc1918 address as dst inside your net - you need to use nat to have it working. Just to clarify for those following along - ICMP will be forwarded through rfc191...
by samsung172
Tue Jun 26, 2018 12:02 am
Forum: Beginner Basics
Topic: Two ISP and dns monitoring
Replies: 6
Views: 1772

Re: Two ISP and dns monitoring

... or now Cloudflare DNS - 1.1.1.1 / 1.0.0.1
unless using an isp having 0.0.0.0/8 for some kind of internal stuff :D
by samsung172
Tue Jun 26, 2018 12:00 am
Forum: General
Topic: Routing
Replies: 16
Views: 3714

Re: Routing

You cant route public ip's trough rfc1918. You need to ether use nat - or bridge to your internal ip. That's actually not true at all. You can have rfc1918 addresses on links and forward public IP addresses across these links just fine. I used to work for a company whose entire backbone was un-natt...
by samsung172
Mon Jun 25, 2018 11:57 pm
Forum: General
Topic: Routing
Replies: 16
Views: 3714

Re: Routing

Its a lot of possibilities. :D Its possible to "hack" - just have a regular routing table inside ingress from isp. You have to route your public ip's inside rfc1918 - its stight forward - but - a hack. :D ITs possible to use Eoip - and its a good easy solution. You might suffer from packe...
by samsung172
Mon Jun 25, 2018 11:50 pm
Forum: Forwarding Protocols
Topic: Urgent: MPLS VPN Layer 3 not working propoerly
Replies: 1
Views: 1269

Re: Urgent: MPLS VPN Layer 3 not working propoerly

I am able to ping from the VRF of A to VRF of C but not from C to A. It seems like you are missing some routes in C and/or A check the routing table and that its not missing any routes. (forget vrf in first place, that is its own routingtable, and you cant mix vrf and managment traffic on a router. ...
by samsung172
Mon Jun 25, 2018 11:45 pm
Forum: General
Topic: Some HTTPS web sites won't work!
Replies: 10
Views: 4399

Re: Some HTTPS web sites won't work!

/ip firewall mangle
add out-interface=YOUR_WAN_INTERFACE protocol=tcp tcp-flags=syn action=change-mss new-mss=1300 chain=forward tcp-mss=1301-65535


Try this on router, and see if its helps. Does your ISP use pppoe'? Then you need to change MTU
by samsung172
Mon Jun 25, 2018 11:40 pm
Forum: Beginner Basics
Topic: Two ISP and dns monitoring
Replies: 6
Views: 1772

Re: Two ISP and dns monitoring

add google dns? 8.8.8.8 and 8.8.4.4
by samsung172
Mon Jun 25, 2018 11:37 pm
Forum: Wireless Networking
Topic: My 5GHz is unused, is there some error?
Replies: 7
Views: 2228

Re: My 5GHz is unused, is there some error?

5ghz does have a lot shorter range than 2,4ghz. this is wlan theory laws :D Remember to use correct channel. I dont know about your chipset, but some chipset might just use some channels and not all avalible in mikrotik. Never use superchannel, unless you know 100% what you are doing. use correct co...
by samsung172
Mon Jun 25, 2018 11:32 pm
Forum: General
Topic: Routing
Replies: 16
Views: 3714

Re: Routing

Its a lot of possibilities. :D Its possible to "hack" - just have a regular routing table inside ingress from isp. You have to route your public ip's inside rfc1918 - its stight forward - but - a hack. :D ITs possible to use Eoip - and its a good easy solution. You might suffer from packet...
by samsung172
Thu Jun 21, 2018 12:34 am
Forum: General
Topic: Routing
Replies: 16
Views: 3714

Re: Routing

You cant route public ip's trough rfc1918. You need to ether use nat - or bridge to your internal ip.

The only routes you need - it seesm like a default route from your rfc 1918 address , and via nat to internet.
by samsung172
Thu Jun 21, 2018 12:21 am
Forum: Wireless Networking
Topic: My 5GHz is unused, is there some error?
Replies: 7
Views: 2228

Re: My 5GHz is unused, is there some error?

Try to have different ssid. Check that you use standard channel.
by samsung172
Tue Jun 19, 2018 10:42 pm
Forum: Wireless Networking
Topic: Connecting QRT5 ac and LGH5 on a 16Km link? Is it possible?
Replies: 8
Views: 2626

Re: Connecting QRT5 ac and LGH5 on a 16Km link? Is it possible?

ITs possible to force a device to specific power level. But remember - in noisy environment - You will also amplify the noice. Now this needs a little explanation since it makes no sense. IMHO the noise gets amplified on supplemental Rx amplification, not on Tx, where only the S/N ratio gets booste...
by samsung172
Sun Jun 17, 2018 10:14 pm
Forum: General
Topic: CCR1016-12S-1S+ bricked?
Replies: 4
Views: 2556

Re: CCR1016-12S-1S+ bricked?

actualy i have not tried netboot this. What do the screen tell you if you press a key? Maybe you need to install the https://i.mt.lv/routerboard/files/tilegx_3.41.fwf via console cable.
by samsung172
Sun Jun 17, 2018 10:04 pm
Forum: Wireless Networking
Topic: Connecting QRT5 ac and LGH5 on a 16Km link? Is it possible?
Replies: 8
Views: 2626

Re: Connecting QRT5 ac and LGH5 on a 16Km link? Is it possible?

ITs possible to force a device to specific power level. But remember - in noisy environment - You will also amplify the noice.
by samsung172
Mon Jun 11, 2018 12:07 am
Forum: RouterBOARD hardware
Topic: 0_о
Replies: 6
Views: 2309

Re: 0_о

dont use quickset :)
by samsung172
Sun Jun 10, 2018 11:30 pm
Forum: General
Topic: Running RouterOS CHR as a VPN server
Replies: 7
Views: 3509

Re: Running RouterOS CHR as a VPN server

just add a default route trough vpn at your client device.
by samsung172
Sun Jun 10, 2018 11:29 pm
Forum: Beginner Basics
Topic: SSTP 443 port sharing
Replies: 4
Views: 3034

Re: SSTP 443 port sharing

you can setup a l7 firewall rule - but its not a easy setup. Its better to somehow use different port for different services if you only have one ip.
by samsung172
Sun Jun 10, 2018 11:23 pm
Forum: Forwarding Protocols
Topic: VPLS TE multiple loopback
Replies: 3
Views: 1736

Re: VPLS TE multiple loopback

This i have never tried - but its possible -but i dont think a 2 loopback is the clue.... maybe if you have static routes, but in a ospf enviroment - i dont think its possible to have 2 ways 2 core at the same time. but maybe with a small "hack". You need to use ospf cost in order to know ...
by samsung172
Sun Jun 10, 2018 4:53 pm
Forum: General
Topic: PPTP VPN with Failover Dual WAN HO, 2 Branches with failover LTE
Replies: 2
Views: 1942

Re: PPTP VPN with Failover Dual WAN HO, 2 Branches with failover LTE

if i understand your q correctly - the answer is that it depends on your setup. if a connection goes down - the other ip will with distance in route be the "main" ip that respond to connection. If you have some kind of dynamic dns setup its no problem, but if its dynamic ip's there is no w...
by samsung172
Sun Jun 10, 2018 4:44 pm
Forum: General
Topic: CCR1016-12S-1S+ bricked?
Replies: 4
Views: 2556

Re: CCR1016-12S-1S+ bricked?

its bricked. Do like the console tell you to. Press a key after maximun 2 sec to access the boot menu. Then choose netboot - and netinstall via your computer.
by samsung172
Sun Jun 10, 2018 4:41 pm
Forum: Forwarding Protocols
Topic: VPLS TE multiple loopback
Replies: 3
Views: 1736

Re: VPLS TE multiple loopback

hmmm. it sounds a bit off in config. Do you have full MPLS support between devices? ospf? Then you should just have 1 loopback at each device, a link net - and MPLS enabled and connect VPLS to the loopback ip. Not make one more loopback etc..
by samsung172
Sun Jun 10, 2018 4:37 pm
Forum: General
Topic: SMS sending strange issue
Replies: 3
Views: 2189

Re: SMS sending strange issue

Problem seems to be at your provider. Font call 1 line suppoert - try to ask a 3 line. Then you should get a better answer :D
by samsung172
Sun Jun 10, 2018 4:35 pm
Forum: General
Topic: VLAN, Trunk and access port help requested with 6.41 changes
Replies: 10
Views: 3617

Re: VLAN, Trunk and access port help requested with 6.41 changes

do it the old way... RB3011 connections ether1 - WAN ether2 - Trunk 1 (V100, V200, V300) ether3 - Trunk 2 (V100, V200, V300) ether4 - access port vlan 100 ether5 - access port vlan 200 1. make a bridge. br1 2. add ether2 and 3 to the bridge. 3 make vlan 100 and 200 as port to the bridge. vlan100_br1...
by samsung172
Fri Jun 08, 2018 11:36 pm
Forum: Wireless Networking
Topic: Export from DHCP Leases, Access List, Registration Table
Replies: 2
Views: 1804

Re: Export from DHCP Leases, Access List, Registration Table

/ip dhcp-server lease print Flags: X - disabled, R - radius, D - dynamic, B - blocked # ADDRESS MAC-ADDRESS HOST-NAME SERVER RATE-LIMIT STATUS 0 D 192.168.100.248 4C:5E:0C:52:1F:E9 laave dhcp1 bound 1 D 192.168.100.213 4C:5E:0C:C9:38:9E r1.jtla.no dhcp1 bound 2 D 192.168.100.164 38:59:F9:71:66:A7 DE...
by samsung172
Fri Jun 08, 2018 11:34 pm
Forum: RouterBOARD hardware
Topic: 0_о
Replies: 6
Views: 2309

Re: 0_о

maybe a bug....... but still its 20 mhz.... and 40....:)
by samsung172
Fri Jun 08, 2018 11:33 pm
Forum: Wireless Networking
Topic: Multicast and wireless
Replies: 2
Views: 1172

Re: Multicast and wireless

bridge all ports you want to use. im99% sure you dont want the wlan to do annything else to muklticast than forward to next device,
by samsung172
Fri Jun 08, 2018 11:31 pm
Forum: General
Topic: SMS sending strange issue
Replies: 3
Views: 2189

Re: SMS sending strange issue

ask your sim provider
by samsung172
Fri Jun 08, 2018 11:30 pm
Forum: Beginner Basics
Topic: connect two mikrotik sextant
Replies: 1
Views: 887

Re: connect two mikrotik sextant

from what i remember sextand does not have the l4 licence - amd it cannot be a AP. Then you need to use it as a bridge. Put AP as a bridge dynamic wds with default bridge bridge - and put ethernet to bridge. then have the client as wds-client. put wlan and ethernet to a bridge interface. samme ssid ...
by samsung172
Fri Jun 08, 2018 11:27 pm
Forum: Scripting
Topic: Backups
Replies: 1
Views: 937

Re: Backups

make a script making a backup and send it to you. email, ftp or whatever you want. in sheduler. setup how often you want the file. do a /export and / backup. / export you will nedd if changing to another type of board.
by samsung172
Fri Jun 08, 2018 11:25 pm
Forum: Wireless Networking
Topic: nv2 vs nstreme in nosiy environment
Replies: 2
Views: 1725

Re: nv2 vs nstreme in nosiy environment

reduce power - and nv2 should perform better. :D
by samsung172
Fri Jun 08, 2018 11:24 pm
Forum: RouterBOARD hardware
Topic: 0_о
Replies: 6
Views: 2309

Re: 0_о

... whst is your q?
by samsung172
Fri Jun 08, 2018 11:23 pm
Forum: General
Topic: Mikroitk Attacks on version 6.39.XX and 6.41.XX
Replies: 1
Views: 1144

Re: Mikroitk Attacks on version 6.39.XX and 6.41.XX

this should be default on public ip
by samsung172
Fri Jun 08, 2018 11:21 pm
Forum: SwOS
Topic: Exclude local network traffic from PPPoe bandwidth quota
Replies: 2
Views: 2902

Re: Exclude local network traffic from PPPoe bandwidth quota

here you need to provide more information. :D
by samsung172
Fri Jun 08, 2018 11:20 pm
Forum: General
Topic: Torch output and line parsing problem
Replies: 1
Views: 990

Re: Torch output and line parsing problem

do a packet sniffer?
by samsung172
Fri Jun 08, 2018 11:18 pm
Forum: Wireless Networking
Topic: PTP Bridge between (wAP : RBwAP2nD) and hAP [SOLVED]
Replies: 2
Views: 1873

Re: PTP Bridge between (wAP : RBwAP2nD) and hAP [SOLVED]

PTP like wds or PTP like VPN?

PTP like wds = AP - wds mode. Client = wdsclient. Then add the WDS interface (_not wlan) to bridge at AP. Then its ok. _(wlan interface to bridge at client)

ptp like VPN - Use eoip. And bridge interfaces.
by samsung172
Fri Jun 08, 2018 11:16 pm
Forum: General
Topic: Implement a solution with PPPoE link on the provider [SOLVED]
Replies: 2
Views: 1360

Re: Implement a solution with PPPoE link on the provider [SOLVED]

from what i cvan read. you try to connect to mikrotik devices via VPN, but the routers (VPN servers) are chaning ip constantly. ? If correct. try to do the opposit way. connect to a mikrotik server from this devices,. If this dont work - put a mikoritk VPN server to a provider that have a static IP....
by samsung172
Fri Jun 08, 2018 11:13 pm
Forum: General
Topic: VLAN, Trunk and access port help requested with 6.41 changes
Replies: 10
Views: 3617

Re: VLAN, Trunk and access port help requested with 6.41 changes

its easy to trunk 2 ports in mikrotik. just bridge em...... if you need traffic from one of the vlan inside trunk - add the vlan to the bridge interface
by samsung172
Fri Jun 08, 2018 11:09 pm
Forum: General
Topic: IPv6 WAN links fail over
Replies: 10
Views: 3725

Re: IPv6 WAN links fail over

Like in ipv4 - add 2 default routes , and have different distance to them. also add a check gateway. That's not viable in IPv6 because there's no NAT functionality for IPv6 in ROS. If they did at least offer prefix translation, then you could use NAT-prefix-translation (I forget which NAT acronym i...
by samsung172
Fri Jun 08, 2018 11:08 pm
Forum: General
Topic: Download speed issue
Replies: 6
Views: 1736

Re: Download speed issue

Both PPPoE and HTTP login. It seems like a mtu issue..... run 1480 as mtu at pppoe interface. its like if you send a 1500 byte packet in tcp - it would be fragmented into 2 packages. if you maximum is let say 1000 packet per second, you reduce to 500 per sec when fragmenting into 2 packages. try to ...
by samsung172
Wed Jun 06, 2018 1:28 am
Forum: General
Topic: Troubleshooting performance issues
Replies: 8
Views: 2274

Re: Troubleshooting performance issues

Try to add a new network to another ethernet and dont put interface to bridge. then do the test. also check fastpath and connection trackning. check mtu and that you dont fragment packages. I´m having some performance issues that I cannot find the cause of. RB1200 with FW 6.42.1 100 Mbps Internet co...
by samsung172
Wed Jun 06, 2018 1:25 am
Forum: General
Topic: Troubleshooting performance issues
Replies: 8
Views: 2274

Re: Troubleshooting performance issues

It doesn't matter so much whether it is professional or not, what does matter is whether it is safe, and that depends on the circumstances. Measuring throughtput this way when the network is protected some other way is normal, doing the same when the Mikrotik is connected directly to the internet i...
by samsung172
Wed Jun 06, 2018 1:23 am
Forum: General
Topic: configuration for multiple routers
Replies: 3
Views: 2592

Re: configuration for multiple routers

1. depends on what you neeed to change. Capsman for wifi can be changed at multiple devices at same time.
2. You cant configure from dude.


There is no problem making a script, api connection etc to configure a bounch of routers, but it starts to get a bit advanced.
by samsung172
Wed Jun 06, 2018 1:20 am
Forum: The Dude
Topic: putting the Dude on a gateway router... (security)?
Replies: 1
Views: 2202

Re: putting the Dude on a gateway router... (security)?

Nothing at all. if any - connection to dude port - default 8291. If you are really concerned - block all traffic to the port and connect trough a VPN. If a bit less concerned - open acces to spesific ip/range. in practic use - just run it open. Its no problem with that (unless you are a new preciden...
by samsung172
Wed Jun 06, 2018 1:16 am
Forum: General
Topic: Overworking RouterBoard
Replies: 2
Views: 1168

Re: Overworking RouterBoard

0-99% CPU is ok. only 100% is "overwork"
by samsung172
Wed Jun 06, 2018 1:14 am
Forum: Scripting
Topic: Run Script on Login of any user
Replies: 5
Views: 3772

Re: Run Script on Login of any user

Tell all tech to make a backup after login. setup a syslog server - make user/pass to all of your staff - and have em login by that. (radius is a nice thing) if syslog server have a login but no backup - fire the employee - and hire someone taking the job seriously.
by samsung172
Wed Jun 06, 2018 1:09 am
Forum: General
Topic: MTU Mismatch?
Replies: 1
Views: 888

Re: MTU Mismatch?

this depends on whatever you need l2mtu bigger than 1519 or not. If you not running MPLS, q in q or some other large mtu demanding stuff - you should be ok. Do you see problems? -if not - its no problem. If your goal is to tune the network to not fragment, run big l2mtu packet etc, try to figure out...
by samsung172
Wed Jun 06, 2018 1:03 am
Forum: RouterBOARD hardware
Topic: Are MikroTik 10G DAC cables "standard"? [SOLVED]
Replies: 7
Views: 6622

Re: Are MikroTik 10G DAC cables "standard"? [SOLVED]

the cable is with the "sfp" module. so its just a matter if your other wenndor equipment will accept the module. it will act as a standard sfp(+) module - and if other mikroptik is ok - this should also be ok. If you need another codek - you cant use this - and need to use vendor spesific ...
by samsung172
Wed Jun 06, 2018 1:00 am
Forum: General
Topic: Routing more than one lan through IPSEC
Replies: 8
Views: 1537

Re: Routing more than one lan through IPSEC

just add routes

add 10.0.127.2 to your routers via 192.168.2.254

add 192.168.1.0/24,192.168.2.0/23 and 192.168.4.0/24 via 192.168.2.254 (or l2tp ((ipsec))) to 10.0.127.2
by samsung172
Tue May 29, 2018 1:53 am
Forum: General
Topic: Download speed issue
Replies: 6
Views: 1736

Re: Download speed issue

You provide a bit to less info to say whats wrong.. How is CPU? do you use nat? Do you have fragmentation of packet? do the btest use udp or tcp? etc. You will need to provide more information to have an correct answer.
by samsung172
Tue May 29, 2018 1:51 am
Forum: General
Topic: Need help finding a switch with 10g SFP+ support
Replies: 1
Views: 991

Re: Need help finding a switch with 10g SFP+ support

I have had several 10g setups, and its no problem in auto - or static setup.
by samsung172
Tue May 29, 2018 1:48 am
Forum: General
Topic: Can access via webfig, no access via dude/winbox
Replies: 3
Views: 1332

Re: Can access via webfig, no access via dude/winbox

chseck your user/pass. Then check it again. If not ok - check if yopu have the correct rights to the user
by samsung172
Tue May 29, 2018 1:47 am
Forum: General
Topic: Route all LAN traffic through OpenVPN
Replies: 3
Views: 7065

Re: Route all LAN traffic through OpenVPN

You need a ip route in and out (both sides) - if not using nat - then you only need out.
by samsung172
Tue May 29, 2018 1:45 am
Forum: General
Topic: Block ICMPv6 Neighbor Advertisement packets on bridged EOIP interface [SOLVED]
Replies: 2
Views: 1654

Re: Block ICMPv6 Neighbor Advertisement packets on bridged EOIP interface [SOLVED]

you will se the packages comming in, in tourch, but firewall still blocking packages. You will se it in in interface, but not in the out interface.
by samsung172
Sun May 13, 2018 3:12 am
Forum: General
Topic: Bug: CRS317 cuts off C-tag in qinq packets
Replies: 27
Views: 7204

Re: Bug: CRS317 cuts off C-tag in qinq packets

I cant se your C tag in your setup. A ctag is a vlan to a vlan interface... You need to paste your complete setup with vlan tagged to another vlan interface.
by samsung172
Sun May 13, 2018 3:03 am
Forum: Forwarding Protocols
Topic: packets lost inside VPLS but not outside
Replies: 16
Views: 3993

Re: packets lost inside VPLS but not outside

You need to problem shoot all links between the VPLS sites. Do you use MPLS? - have you checked your l2mtu on all links? Its not common to drop packed in a VPLs, and not a regular ICMP ping or something like this. Is there anny different in recived packed MPLS compared to ICMP? - IF ICMp is good - a...
by samsung172
Sun May 13, 2018 3:00 am
Forum: The Dude
Topic: Monitor Dual WAN with Dude
Replies: 3
Views: 3106

Re: Monitor Dual WAN with Dude

Just make a script pinging the desired ip's - and have it logged to syslog. Setup a syslog reciver - like the dude. Setup a alarm on the dude - emailing, smsm'ing or what you prefeer reciving the messages.
by samsung172
Fri May 11, 2018 1:52 am
Forum: Beginner Basics
Topic: Can't access ipcam from my modem router behind mikrotik
Replies: 11
Views: 2846

Re: Can't access ipcam from my modem router behind mikrotik

Here you go: book.png LMFAO, but do I get royalties? ;-) By the way, thats the old first edition, The more recent second edition has all my favourite questions again....... EVERYTHING you ever wanted to ask about networking... ...anav already asked twice! :lol: :lol: :lol: :lol: :lol:
by samsung172
Fri May 11, 2018 1:50 am
Forum: Forwarding Protocols
Topic: OSPF full to down for no reason?
Replies: 23
Views: 7331

Re: OSPF full to down for no reason?

10.10.10.4 is the switch - what kind of switch=? Doeas it use rstp? . Then dissable it on all devices. You dont need it if you have control to your networkm and ypu dont have loop.
by samsung172
Fri May 11, 2018 1:47 am
Forum: General
Topic: PPPoE Server on EOIP interface.
Replies: 3
Views: 1745

Re: PPPoE Server on EOIP interface.

First of all, I'm not a fan of bridging anything. ; Why not? 1. Bridge the AP's ether and WLAN interface Then add all the ports of the tower router that connects to ap's on that bridge Setup the PPPoE server on the Bridge on the tower router. Its possible to have each connection as a vlan or someth...
by samsung172
Fri May 11, 2018 1:37 am
Forum: General
Topic: 2 wan config with mAP as PTP bridge
Replies: 2
Views: 983

Re: 2 wan config with mAP as PTP bridge

when you traceroute from your router in interface is not ; in-interface=Bridge-LANm and the ruleset does not apply.
by samsung172
Fri May 11, 2018 1:22 am
Forum: General
Topic: Switch with low performance!
Replies: 21
Views: 8973

Re: Switch with low performance!

https://wiki.mikrotik.com/wiki/Manual:Switch_Chip_Features Well, if linking to manuals, this link is more appropriate. I don't like the /interface vlan name=vlan500-mngt to be attached directly to interface=bond1 directly while all other /interface vlan are attached to the /interface bridge name=br...
by samsung172
Fri May 11, 2018 1:16 am
Forum: RouterBOARD hardware
Topic: 10GBASE-T for Mikrotik
Replies: 13
Views: 4850

Re: 10GBASE-T for Mikrotik

No. explane how your nas or gaming station use the 10 ge interface better than 1gig interface. How fast do you write to diks in the nas? How fast does the game machine receive packets - and last - how fast is your internet connection. :) There is no need for more than 1 gig connection at anny homes....
by samsung172
Fri May 11, 2018 1:10 am
Forum: General
Topic: Need Help on NAT on WAN link with Multiple Public IP
Replies: 17
Views: 5107

Re: Need Help on NAT on WAN link with Multiple Public IP

@CZFan: If customer is already connected and you as ISP want to give another /29 to them, it's better to really route it to them, i.e. "/ip route add dst-address=2.2.2.0/29 gateway=1.1.1.2" on your side. If you add 2.2.2.1/29 to your router, then you waste three of eight addresses (networ...
by samsung172
Thu May 10, 2018 12:12 am
Forum: Forwarding Protocols
Topic: OSPF full to down for no reason?
Replies: 23
Views: 7331

Re: OSPF full to down for no reason?

You dont have anny more setup than you provided in this post? - Eg a way for ospf to reach first router without going trough your airfiber. I have seen this before - if a router behind for some reasion provide the /xx routes tor first router but make it self the gateway. If not. there is also a poss...
by samsung172
Wed May 09, 2018 11:48 pm
Forum: Beginner Basics
Topic: 2 WAN same ip to 2 LAN help please
Replies: 17
Views: 3553

Re: 2 WAN same ip to 2 LAN help please

make a call to your isp - and ask if its possible to bridge your modem(s) this is the easiest way. i dont know in your contry, but here .- in Norway, i think all ISP's provide a bridged modem and a public ip inside if asked.
by samsung172
Wed May 09, 2018 11:44 pm
Forum: Beginner Basics
Topic: Can't access ipcam from my modem router behind mikrotik
Replies: 11
Views: 2846

Re: Can't access ipcam from my modem router behind mikrotik

Just Ask the local IT guy on the corner.... He is a network specialist....... and can tell you about ip/netmask and routing/nat eg..................................................................................... no im just kidding. the stuff that was boring, ip/netmask mac address eg, is importa...
by samsung172
Wed May 09, 2018 11:34 pm
Forum: General
Topic: Need Help on NAT on WAN link with Multiple Public IP
Replies: 17
Views: 5107

Re: Need Help on NAT on WAN link with Multiple Public IP

just add dst nat - with dst-address and port to fit your needs and action dst-nat to your internal ip with correct port. Also add correct protocol TCP/UDP eg eg. let say you have 2 web servers at 10.10.10.1 and 10.10.10.2 And you have the public ip - 100.100.100.1 and 100.100.100.2 You want internal...
by samsung172
Wed May 09, 2018 11:20 pm
Forum: The Dude
Topic: The Dude - real world examples? How do *you* use it?
Replies: 13
Views: 9280

Re: The Dude - real world examples? How do *you* use it?

Setup your network as connected in layer1/2 and you have a full map of all devices. The Duse is really powerful. and you can use it to a lot of managment, overwiew and other tasks. You can make scripts, send alerts like email - or with a small script - sms, and have sound alarm if something goes dow...
by samsung172
Wed May 09, 2018 11:11 pm
Forum: General
Topic: Migrating 10 Mikrotik devices to 2 devices
Replies: 2
Views: 959

Re: Migrating 10 Mikrotik devices to 2 devices

You will see this in winbox. Go to ip firewall nat/mangle etc and se what counting and not. to combine 10 routers to 2 - is a lot of work. :D , but its possible to do a compare in some kind of editor - combine r1 firewall config to r2 firewall config - and deleate duplikated entries. Then you should...
by samsung172
Wed May 09, 2018 11:07 pm
Forum: Forwarding Protocols
Topic: Force proxy traffic with BGP
Replies: 1
Views: 1126

Re: Force proxy traffic with BGP

You need to do this in firewall.

Mark packet, dst-ip's, src-ip's, url's or whatever your need i to havetrough another gateway.
Do something with this marked packets - like send trough gateway xxxx. Its a kind of same as bonding with mangle etc.

Read https://wiki.mikrotik.com/wiki/Manual:PCC
by samsung172
Wed May 09, 2018 11:02 pm
Forum: RouterBOARD hardware
Topic: 10GBASE-T for Mikrotik
Replies: 13
Views: 4850

Re: 10GBASE-T for Mikrotik

Try a sfp(+) module
by samsung172
Fri Apr 20, 2018 12:23 am
Forum: General
Topic: hAP ac² LAN->WiFi 5GHz performance issue.
Replies: 23
Views: 11384

Re: hAP ac² LAN->WiFi 5GHz performance issue.

You can always hire a mikrotik consulant to try solve your problem, and you have a big issue here. 12dbm different signal in chain 0 and 1. this is BIG difference. you also have CCQ at 88. This mean that there is wifi issue here. Your client have -46 in signal. This is to "loud" to have pe...
by samsung172
Fri Apr 20, 2018 12:20 am
Forum: General
Topic: Feature requests
Replies: 1740
Views: 631685

Re: Feature requests

Feature Request: Actually it's possible to get a total number of active PPPoE sessions via SNMP using this OID: 1.3.6.1.4.1.9.9.150.1.1.1.0 But if we could get this number in a per interface (or PPPoE Server name) basis, should help to detect and troubleshoot issues when using Mikrotik routers as B...
by samsung172
Fri Apr 20, 2018 12:16 am
Forum: General
Topic: kid-control ideas
Replies: 9
Views: 3315

Re: kid-control ideas

A really good layer 7 firewall would fit your needs. But maybe you need a turn on turn off switch. then you might script something, or make a website with an on/off switch on another device, connectiong trough api, ssh or something, and run some commands enabeling and disabeling your need. This also...
by samsung172
Fri Apr 20, 2018 12:08 am
Forum: Wireless Networking
Topic: Bridging the same subnet
Replies: 5
Views: 1913

Re: Bridging the same subnet

WDS is the simplest and most common way of doing this. There is no need for setup MPLS to bridge 2 networks.

https://wiki.mikrotik.com/wiki/Transpar ... o_Networks
by samsung172
Fri Apr 20, 2018 12:06 am
Forum: RouterBOARD hardware
Topic: 1Gb SFP failing in SPF+ slots
Replies: 4
Views: 2723

Re: 1Gb SFP failing in SPF+ slots

try to force 1G connection at interface.
by samsung172
Thu Apr 19, 2018 11:59 pm
Forum: Beginner Basics
Topic: Multiple AP with multiple tagged VLANs
Replies: 3
Views: 1124

Re: Multiple AP with multiple tagged VLANs

What else do you have in your switch? - If its "clean" dissable rstp on your bridge. It seems like you somehow dissable port, or got a loop.
by samsung172
Thu Apr 12, 2018 11:13 pm
Forum: General
Topic: multiple clients behind two routers using different pppe
Replies: 3
Views: 1079

Re: multiple clients behind two routers using different pppe

I dont really understand how your setup is. Do you have multiple office, connecting via pppoe to one core router?, and you want the offices connecting to eachother?. There is multiple ways of doing this - but i would advice to separate office and core net. If the offices are connecting to the same W...
by samsung172
Tue Apr 10, 2018 9:26 pm
Forum: General
Topic: netinstall defaul configuration
Replies: 7
Views: 2430

Re: netinstall defaul configuration

Your script always need to have ethernet names as default. /interface ethernet set [ find default-name=ether2 ] poe-out=off Its better to use /interface ethernet set [find] poe-out-off and remove all other lines. I would make your script like this : /interface bridge add fast-forward=no name=bridge-...
by samsung172
Tue Apr 10, 2018 9:19 pm
Forum: The Dude
Topic: Dude basic troubleshooting
Replies: 3
Views: 2341

Re: Dude basic troubleshooting

Thanks a lot for your answer I remain 2 questions: About the 3º question, I can use the color to know the state in real time, but I was wondering about a history (For example, What happened in the last day). I know I can double click on a device and see the time of response of any service on "H...
by samsung172
Tue Apr 10, 2018 9:09 pm
Forum: Forwarding Protocols
Topic: BGP wierdness?
Replies: 5
Views: 2164

Re: BGP wierdness?

Still - I read your post as you trying to connect BGP's trough ospf learned path. R1 connect to R2 - but it know about R2 couse of OSPF learned routes. Its not l2 since you have the loopback ip connecting. if you run bgp with confederation, MPLS and vpnv4/l2tp-cisco you will get the routing table tr...
by samsung172
Mon Apr 09, 2018 10:14 am
Forum: General
Topic: failure: other tool running
Replies: 3
Views: 5257

Re: failure: other tool running

/tool profile
by samsung172
Mon Apr 09, 2018 1:39 am
Forum: The Dude
Topic: RB1100AHx4 Dude Edition no USB port???
Replies: 4
Views: 2848

Re: RB1100AHx4 Dude Edition no USB port???

there is always possible to send sms trough some kind of API or home made script. eg take a look at https://wiki.mikrotik.com/wiki/Manual:T ... am_Example
by samsung172
Mon Apr 09, 2018 1:33 am
Forum: General
Topic: Very slow wan upload speed over RB750G
Replies: 10
Views: 4590

Re: Very slow wan upload speed over RB750G

try to dissable all your firewall rules. Then just add a src-nat masqurade and test bandwith. I think this might have somethig to do with your packetflow. Best is to just have the setup: Wan ip Lan ip nat No other settings at all. Then try. If this is ok. try to add your setup on parameter at the ti...
by samsung172
Mon Apr 09, 2018 1:25 am
Forum: Wireless Networking
Topic: One bridge AP and multiple station APs
Replies: 1
Views: 1252

Re: One bridge AP and multiple station APs

You will need to use WDS. You the bridge wds interfaces to your bridge at AP.

Eg - AP:

wds1,2,3,4,5,6 bridged to bridge and ether1

client - lan bridged to wan.


client = station-wds
AP - AP-bridge and wds enabled - dynamic bridge - bridge
by samsung172
Mon Apr 09, 2018 1:24 am
Forum: General
Topic: netinstall defaul configuration
Replies: 7
Views: 2430

Re: netinstall defaul configuration

I think this is due to an error in your script. If script somehow fail - it will stop.
by samsung172
Mon Apr 09, 2018 1:09 am
Forum: Forwarding Protocols
Topic: BGP wierdness?
Replies: 5
Views: 2164

Re: BGP wierdness?

In your setup - it seems like failover should come from ospf - and not BGP. If a link goes down - the bgp need to know its peer by your ospf routes. Try to experiment with your OSPF cost. A simple setup is to se the net as circle. Core is circle 1- All devices connected to this - circle2 - all devic...
by samsung172
Mon Apr 09, 2018 12:57 am
Forum: General
Topic: multiple clients behind two routers using different pppe
Replies: 3
Views: 1079

Re: multiple clients behind two routers using different pppe

this is not how to do this. Do you want a VPN setup with pppoe "VPN's"? Or just several routes? There is several ways to make this routing, using eoip, vpls/mpls, routing trough one pppoe, or just a l2tp or other VPN - if you dont have the routes in your core. If you have routing in core ....
by samsung172
Mon Apr 09, 2018 12:54 am
Forum: General
Topic: failure: other tool running
Replies: 3
Views: 5257

Re: failure: other tool running

Stop other tools running at the same time :D
by samsung172
Mon Apr 09, 2018 12:45 am
Forum: RouterBOARD hardware
Topic: CCR1072-1G-8S+ max number of routes
Replies: 5
Views: 3885

Re: CCR1072-1G-8S+ max number of routes

there should be no problem with serveral global routingtables in the CCR. I cant tell how manny 100% on the 1072 - i have never used it for eBGP - but the 1036 can handle 2 full global tables, at low cpu and memory usage with no problem. Maybe the 1072 support a full global table at each port? (just...
by samsung172
Thu Apr 05, 2018 11:44 pm
Forum: The Dude
Topic: Dude basic troubleshooting
Replies: 3
Views: 2341

Re: Dude basic troubleshooting

1) Are there any tutorial or guide to troubleshoot a network? You dont trobleshoot in the dude. Dude only show you whats up and down, and some other parameter, like cpu usage, bandwith etc. Its a tool that make you have the overview of manny devices, but not 100% exactly whats wrong. It can tell you...
by samsung172
Thu Apr 05, 2018 11:37 pm
Forum: General
Topic: Maxxed out CPU on CloudCore routers?
Replies: 4
Views: 1521

Re: Maxxed out CPU on CloudCore routers?

a missconfigured firewall could sometimes make an attack even worse. You can for example run every packet attacking trough connection tracking. Check your rule set, and what rule that have a lot of hits when under attack. Check also the profile for what "app" using your CPU resources.
by samsung172
Sat Mar 31, 2018 1:58 am
Forum: Beginner Basics
Topic: Web site that won't resolve
Replies: 5
Views: 1205

Re: Web site that won't resolve

fix dns problem. :D 1. no site is responding - dns problem 2. all site responding - No problem 3. Some responding - some - or one does not. Then you need to check your and site dns. also check that its dns-ip that is not worksing. webserver can be with no response for several resionv-vbut dns is wor...
by samsung172
Thu Mar 29, 2018 1:49 am
Forum: Beginner Basics
Topic: DHCP Server Error
Replies: 4
Views: 4960

Re: DHCP Server Error

check that mac address dont actually somehow change. in a dynamic bridge. its common to change mac.
by samsung172
Thu Mar 29, 2018 1:46 am
Forum: General
Topic: Multiple PPPoE Logons FromSingle Client
Replies: 1
Views: 722

Re: Multiple PPPoE Logons FromSingle Client

check the one session per host setting in pppoe server
by samsung172
Thu Mar 29, 2018 1:43 am
Forum: Beginner Basics
Topic: ipv6 communication over two bridges
Replies: 1
Views: 665

Re: ipv6 communication over two bridges

1. if possible - bridge the bridges.
2. if not. route the ipv6
by samsung172
Thu Mar 29, 2018 1:42 am
Forum: General
Topic: PPPoE users generating random traffic
Replies: 2
Views: 1042

Re: PPPoE users generating random traffic

broadcast?
by samsung172
Thu Mar 29, 2018 1:40 am
Forum: Beginner Basics
Topic: Multiple AP with multiple tagged VLANs
Replies: 3
Views: 1124

Re: Multiple AP with multiple tagged VLANs

to "switch" between tagged and untagged - you need to have the untagged bridged to bridge1 (i would think this is a ethernet interface) and the tagged frame to bridge 2 (this is a vlan). Then you need to bridge the 2 bridges, by a vlan 3. its a pain setup. :D its possible in some setup to ...
by samsung172
Tue Mar 06, 2018 11:41 pm
Forum: RouterBOARD hardware
Topic: MikroTik hAP Lite Ports 2 and 4 Shows links
Replies: 4
Views: 1920

Re: MikroTik hAP Lite Ports 2 and 4 Shows links

Your port seems boken. But try with a new cable directly connected. If this show the same. it may be lightning, something with poe to cable or something like this that have bruoke your device.
by samsung172
Tue Mar 06, 2018 11:38 pm
Forum: Wireless Networking
Topic: is my network being hacked? (Hap AC Lite)
Replies: 14
Views: 3788

Re: is my network being hacked? (Hap AC Lite)

CPE's can connect without having userpass to a walled garden. It's not you been hacked. It can be - but then you need to check if the users are using your net. Take a packet dump or somethig like that, and check the users traffic.
by samsung172
Tue Mar 06, 2018 11:27 pm
Forum: Scripting
Topic: Problem while changing pppoe-client comment
Replies: 4
Views: 1713

Re: Problem while changing pppoe-client comment

comment change the settings. it should not be like this - and should be reported as a bug of feature request.
by samsung172
Tue Mar 06, 2018 11:25 pm
Forum: General
Topic: hAP lite Vlan Configuration
Replies: 5
Views: 6107

Re: hAP lite Vlan Configuration

try to change your vlan 1 to something like vlan 10 or something else. It use to be a pain to have vlan1 as tagged. after this make vlan2 bridged to your wlan interface, and vlan 0 to a loopback (bridge) with njust a ip) eg. ether_vlan10 bridged to loopback_lan (bridge interface) managment ip to thi...
by samsung172
Sun Mar 04, 2018 12:03 am
Forum: Scripting
Topic: Problem while changing pppoe-client comment
Replies: 4
Views: 1713

Re: Problem while changing pppoe-client comment

you change a setting, and it would then reintitialise. i think its normal behavior.
by samsung172
Sat Mar 03, 2018 1:24 am
Forum: Beginner Basics
Topic: 2nd router no internet access [SOLVED]
Replies: 41
Views: 11565

Re: 2nd router no internet access [SOLVED]

check that you have wan port. check that you have a default GW and ip to wan port. . manualy set, or by dhcp. (on wan) in your setup it seems like your wan port should have a 192.168.88.x address and 192.168.88.1 as GW, check that you are doing nat (src-nat masqurade) check that your lan bridge have...
by samsung172
Sat Mar 03, 2018 1:19 am
Forum: RouterBOARD hardware
Topic: RB1100AHx4 vs CCR1009 as PPPoE server
Replies: 6
Views: 3786

Re: RB1100AHx4 vs CCR1009 as PPPoE server

if you have 600mbps per customer, you will have a problem with 300 :) but cpu will not be a problem, if the only thing you do is to let them have a ip from pppoe with their user / pass if you do some more cpu intensive opperation like queues , you just have to try. I have not seen customer as a prob...
by samsung172
Tue Feb 27, 2018 9:01 pm
Forum: General
Topic: Config script after button reset
Replies: 2
Views: 971

Re: Config script after button reset

branding package is provided in your mikrotik account if you are registrated as a reseller (i think). Netinstall is the way to go if you dont have the branding feature in your login. Its possible to ask someone who have the access (i do) to have a branding package, but mostppl would provide this as ...
by samsung172
Tue Feb 27, 2018 8:58 pm
Forum: RouterBOARD hardware
Topic: RB1100AHx4 vs CCR1009 as PPPoE server
Replies: 6
Views: 3786

Re: RB1100AHx4 vs CCR1009 as PPPoE server

problem would be interface speed. a 1gig interface would max out fast.
by samsung172
Tue Feb 27, 2018 8:54 pm
Forum: General
Topic: Mirotik Router for 1000 user
Replies: 2
Views: 3993

Re: Mirotik Router for 1000 user

There is no answer to this. You need to have more info about what the 1000 users are using the router for. To just forward public ip's, or shaping with nat ...eg. It will differ a lot. A pppoe NAS with 1000 cpe's would probobly max out interface ( 1000 users = 1mbps max per port) In practical use i ...
by samsung172
Wed Feb 14, 2018 12:55 am
Forum: Beginner Basics
Topic: Static Router Config
Replies: 12
Views: 3127

Re: Static Router Config

1. make sure you have ping to your ISP gateway. If not - resolve it. (layer 2 between you and isp) eg - you are 1.1.1.2/30 and isp are 1.1.1.1/30 you should have ping from 1.1.1.1 2. when ping is ok . make sure you have the route desired to your isp. eg default. 0.0.0.0/0 gw 1.1.1.1 Then router shou...
by samsung172
Wed Feb 14, 2018 12:49 am
Forum: General
Topic: CCR1009 and NAND memory
Replies: 5
Views: 2026

Re: CCR1009 and NAND memory

/system check-disk
by samsung172
Wed Feb 14, 2018 12:48 am
Forum: General
Topic: P2P connection to security camera recorder behind MTik
Replies: 13
Views: 6172

Re: P2P connection to security camera recorder behind MTik

I think you need to tell a bit more about what you mean by p2p, what are phone doning, what are carmera doing, what are the router doing eg.
by samsung172
Wed Feb 14, 2018 12:37 am
Forum: General
Topic: VPN - domain computers?
Replies: 2
Views: 953

Re: VPN - domain computers?

You can setup VPN from mikrotik to authenticate with user/pass from a RAS server (or whatever its called in new windows NPS? (i havent used this since old times))- but still radius in windows, and have the domain name and password as access to your pptp,l2tp etc. Setup almost just like a pppoe-radiu...
by samsung172
Sat Jan 27, 2018 10:39 pm
Forum: Wireless Networking
Topic: Does Wireless Wire transmit LACP Frames?
Replies: 1
Views: 753

Re: Does Wireless Wire transmit LACP Frames?

If you use wds, it works.
by samsung172
Sat Jan 27, 2018 10:37 pm
Forum: General
Topic: Possible to override DHCP lease time sent by server
Replies: 3
Views: 2057

Re: Possible to override DHCP lease time sent by server

there is no automatic way to do this, but you can script something to ping your isp, and renew if there is no resopnse. You can also enable/dissable dhcp in a script, and it will work like the pfsence feature.
by samsung172
Sat Jan 27, 2018 10:35 pm
Forum: Beginner Basics
Topic: sxt r2 5nd
Replies: 1
Views: 718

Re: sxt r2 5nd

interface wireless scan
by samsung172
Sat Jan 27, 2018 10:34 pm
Forum: Forwarding Protocols
Topic: Multiple ISP's, Remote sites, OSPF,MPLS,IBGP [SOLVED]
Replies: 5
Views: 2893

Re: Multiple ISP's, Remote sites, OSPF,MPLS,IBGP [SOLVED]

there is no easy answer to the question here. BGP, MPLS-TE and Other metodes can be used in your setup. But you should read about loadbalancing. https://wiki.mikrotik.com/wiki/Load_Balancing
by samsung172
Sat Jan 27, 2018 10:29 pm
Forum: Forwarding Protocols
Topic: Route OSPF error: Discarding packet locally originated
Replies: 2
Views: 4790

Re: Route OSPF error: Discarding packet locally orginitated

add a loopback id/ip to your router. eg add bridge interface called loopback on all routers. Eg 1.1.1.1 at nr1 1.1.1.2 at number 2 , 1.1.1.3 at 3 eg.

Then add ospf to have this id/ip at routerid in instances.. use network type ptp or ptmp. never run interface all.
by samsung172
Sat Jan 27, 2018 10:24 pm
Forum: General
Topic: ccr1072 memory leak
Replies: 3
Views: 1270

Re: ccr1072 memory leak

Try another Ros version. Do you use TCP in b-test? - If speed on interface is good enough - router will go to 100% CPU. You dont say anything about traffic from the 3000 customer. Do you have it troug firewall (connection trackning) - Then it will use a lot of CPU/memory. I cant se a standard bug in...
by samsung172
Sat Jan 27, 2018 10:20 pm
Forum: Wireless Networking
Topic: Four Access Points with Ethernet, is WDS useful?
Replies: 1
Views: 788

Re: Four Access Points with Ethernet, is WDS useful?

No. Its only useful if you want to have another ethernet between an AP. Eg - Computer 1,2,3,4 -switch - AP -WDS- Client - Switch - Computer ,6,7,8, New AP etc.
by samsung172
Sat Jan 27, 2018 10:17 pm
Forum: Beginner Basics
Topic: Accessing OpenVPN clients from LAN
Replies: 2
Views: 1347

Re: Accessing OpenVPN clients from LAN

try to enable src-nat, masq and se if it is working. probobly your vpn client is missing a route to your subnet. add "lanipsubnet/24 to yourrouterip"
by samsung172
Sat Jan 27, 2018 10:12 pm
Forum: General
Topic: switch vlan missconfig
Replies: 2
Views: 988

Re: switch vlan missconfig

Dont tagg vlan1, its never a good setup. Rather change whole setup to use vlan100 and vlan200 or something like that, and bridge it with an interface haveing vlan1 untagged where you want that. and upgrade to newest ros. The vlan/switch setup is easyer to understand. Ikke bruk vlan1 tagget. Det er v...
by samsung172
Thu Feb 23, 2017 12:33 am
Forum: The Dude
Topic: a small tribute to Mikrotik
Replies: 2
Views: 1311

a small tribute to Mikrotik

A thank you to Mikrotik. We use to write about problems in here - but now i want to write a post about a really positive thing. We have had problems for years running dude, that over the years have grown large, - having about 4000 Devices registrated - AP's Routers and fibers. ITs currently about 50...
by samsung172
Thu Feb 23, 2017 12:25 am
Forum: Beginner Basics
Topic: New to Mikrotik and firewalls
Replies: 1
Views: 807

Re: New to Mikrotik and firewalls

Try to use the quick setup menu. Dont think its possible to use anny vendors "advanced" features, after using product for 2 days, unless you are a general expert in the stuff. You need to try, fail and teach about mikrotik. Its quite basic, but maybe a bit more basic basic than a lot of ne...
by samsung172
Thu Feb 23, 2017 12:22 am
Forum: General
Topic: RADIUS server is not responding
Replies: 2
Views: 1100

Re: RADIUS server is not responding

Then it does not respond. :D Try ping the server. might it be a network issue? - is the server running? - is the port open in firewalls, eg,eg.
by samsung172
Wed Dec 07, 2016 10:12 am
Forum: Beginner Basics
Topic: New setup with questions
Replies: 1
Views: 631

Re: New setup with questions

You have no link to this port. Check cable etc.
by samsung172
Wed Dec 07, 2016 10:11 am
Forum: The User Manager
Topic: Sms authentication or two-factor authentication
Replies: 3
Views: 4684

Re: Sms authentication or two-factor authentication

Then you need to use a radius solution where you authenticate in your own platform - and connect mikrotik to this "setup".
by samsung172
Wed Dec 07, 2016 10:09 am
Forum: General
Topic: Multiple WPA keys per SSID
Replies: 6
Views: 2342

Re: Multiple WPA keys per SSID

For this you need to setup VAP - with different SSID - or use some kind of radius auth.
by samsung172
Tue Dec 06, 2016 4:20 pm
Forum: General
Topic: PPPoE Client advanced Configuration
Replies: 4
Views: 1645

Re: PPPoE Client advanced Configuration

Have you put vlan id to your outgoing port?
by samsung172
Wed Oct 05, 2016 4:33 pm
Forum: Forwarding Protocols
Topic: Bridging 2 VLANs
Replies: 6
Views: 2252

Re: Bridging 2 VLANs

add the vlan to your in interface - and bridge them. This is correct for this.
by samsung172
Wed Oct 05, 2016 4:32 pm
Forum: General
Topic: Feature request: Virtual Interface
Replies: 36
Views: 10514

Re: Feature request: Virtual Interface

My concern about this was after buying a quite small - but still big wimax provider. The provider have managed to put q in q to all wimax base stations, and every customer have his own vlan. managment also - only in some cases- have vlan tagged - in other cases - they are untagged. I wanted all CPE ...
by samsung172
Wed Sep 28, 2016 6:53 pm
Forum: General
Topic: Feature request: Virtual Interface
Replies: 36
Views: 10514

Re: Feature request: Virtual Interface

im in for this orginal post. There is no way to easy make bridge bridged together. There is no logical difference between bridging two bridges together / moving the ports off of bridge2 and connecting them to bridge1 instead. There is a performance penalty for bridging the bridges together, as each...
by samsung172
Sat Sep 24, 2016 1:23 am
Forum: Announcements
Topic: v6.37rc [release candidate] is released, only one wireless package!
Replies: 320
Views: 102487

Re: v6.37rc [release candidate] is released, only one wireless package!

 with "radar-detect" enabled will end in endless frequency search loop, even when there is realy no radar That is not true. All countries in the EU, and the USA should have already been using this setting for a long time, and there are no problems like you describe.  I hope taht there wil...
by samsung172
Sat Sep 24, 2016 1:15 am
Forum: Wireless Networking
Topic: N-Devices (QRT5) perform better than AC-Devices (QRT5ac) in noisy environments
Replies: 4
Views: 2098

Re: N-Devices (QRT5) perform better than AC-Devices (QRT5ac) in noisy environments

a tumb rule in noisy enviroment. Lower output power and get more antenna gain.
by samsung172
Thu Sep 01, 2016 12:39 am
Forum: General
Topic: Feature request: Virtual Interface
Replies: 36
Views: 10514

Re: Feature request: Virtual Interface

im in for this orginal post. There is no way to easy make bridge bridged together. There might be some rare situations where this is needed. If you have ether1 - and vlan 100 and 200 on ether1. and want vlan 100 and ether1 untagged bridged to ether2 - you need to somehow bridge bridges together toda...
by samsung172
Tue Jul 12, 2016 2:32 am
Forum: Beginner Basics
Topic: internet problem
Replies: 1
Views: 761

Re: internet problem

are you sure the problem is not at streaming provider?
by samsung172
Tue Jul 12, 2016 2:30 am
Forum: General
Topic: Wireless radius server auth problem
Replies: 5
Views: 1891

Re: Wireless radius server auth problem

setup radius corectly....
by samsung172
Tue Jul 12, 2016 2:29 am
Forum: General
Topic: static ip
Replies: 2
Views: 950

Re: static ip

what is exactly your Q?
by samsung172
Tue Jul 12, 2016 2:27 am
Forum: General
Topic: Is my eth0 port dead? hAP lite RB941-2nD
Replies: 2
Views: 1092

Re: Is my eth0 port dead? hAP lite RB941-2nD

test port 2.... if its the same - try changing cable and or injector.
by samsung172
Tue Jul 12, 2016 2:26 am
Forum: General
Topic: Ccr1009 dual power failure
Replies: 4
Views: 1539

Re: Ccr1009 dual power failure

......... PSU..............
by samsung172
Tue Jul 12, 2016 2:25 am
Forum: General
Topic: Ccr1009 dual power failure
Replies: 4
Views: 1539

Re: Ccr1009 dual power failure

if cpu1 and cpu2 have power -  they will not be affected if 1 or 2 goes down, as far as at least one have power 
by samsung172
Tue Jul 12, 2016 2:23 am
Forum: Forwarding Protocols
Topic: NV2 AP + MPLS Performance requirement
Replies: 4
Views: 1596

Re: NV2 AP + MPLS Performance requirement

This depend on speed that your CPE need. ITs possible to do 1000 CPE - but speed goes down. VPLS/EoMPLS dont have annyting to do with "speed" other thant make the l2 network you would probably use without MPLS goes faster and more smooth. MPLS is just a way to implement routing and layer 2...
by samsung172
Tue Jul 12, 2016 2:18 am
Forum: General
Topic: DHCPv6
Replies: 2
Views: 1258

Re: DHCPv6

possible to set static?
by samsung172
Fri Jun 03, 2016 1:40 am
Forum: General
Topic: pppoe server - pppoe client in bridge customer with public IP
Replies: 2
Views: 1133

Re: pppoe server - pppoe client in bridge customer with public IP

Its not easy to see what you need from post. 1 do you have public ip's to cpe? is it routed? 2 do you need nat? is it enabled? 3 do you run an pppoe server? and is it ok? correct interface? 4. do you hvae settings for the servers from ppp profile? - same as cpe? 5 tried userman? it will fix a lot fo...
by samsung172
Fri Jun 03, 2016 1:25 am
Forum: General
Topic: CCR1036-12G-4S Using 100% of one of its CPU's
Replies: 6
Views: 1936

Re: CCR1036-12G-4S Using 100% of one of its CPU's

check routerboard cpu - what use your cpu to 100%-
by samsung172
Fri Jun 03, 2016 1:24 am
Forum: General
Topic: Trouble creating LACP bond with VLANS in different port group
Replies: 3
Views: 1296

Re: Trouble creating LACP bond with VLANS in different port group

If i undersnd your q - you try to enable LACP between laptop (windows) and mikrotik?
by samsung172
Fri Jun 03, 2016 1:22 am
Forum: The User Manager
Topic: how to create user registration and login page
Replies: 1
Views: 1999

Re: how to create user registration and login page

Try hotspot - userman and some kind of sms solution.
by samsung172
Fri Jun 03, 2016 1:21 am
Forum: General
Topic: spectral-scan: syntax & example
Replies: 2
Views: 4371

Re: spectral-scan: syntax & example

try spectral-history - much better tool. Also set range to 2000-3000 or whatever you want.
by samsung172
Fri Jun 03, 2016 1:20 am
Forum: Scripting
Topic: Script to generat queue tree for pppoe
Replies: 2
Views: 1782

Re: Script to generat queue tree for pppoe

tried radius? Simplest - userman
by samsung172
Fri Jun 03, 2016 1:19 am
Forum: General
Topic: DNS not passing through to third party router
Replies: 4
Views: 1474

Re: DNS not passing through to third party router

Try to change the dns to 8.8.8.8
by samsung172
Thu May 05, 2016 2:58 pm
Forum: General
Topic: IPv6 WAN links fail over
Replies: 10
Views: 3725

Re: IPv6 WAN links fail over

Like in ipv4 - add 2 default routes , and have different distance to them. also add a check gateway.
by samsung172
Thu May 05, 2016 2:55 pm
Forum: Forwarding Protocols
Topic: OSPF and Routing Filters to manage PPPoE Server side failover for routed subnet
Replies: 21
Views: 5246

Re: OSPF and Routing Filters to manage PPPoE Server side failover for routed subnet

have you tried the check-gateway feature? it should enable and dissable default routes if its unavalible
by samsung172
Thu May 05, 2016 2:53 pm
Forum: Wireless Networking
Topic: Wireless Client Bridge
Replies: 3
Views: 2615

Re: Wireless Client Bridge

Do this asus device allow bridge and wds like feature? I think problem is to this device. (use mikrotik and it will work)
by samsung172
Thu May 05, 2016 2:52 pm
Forum: Beginner Basics
Topic: How to allow LAN - LAN connection
Replies: 2
Views: 3233

Re: How to allow LAN - LAN connection

you have a ; Forward LAN >> WAN chain=forward action=accept out-interface=ether1-Public-1 log=no log-prefix="" you need a ; Forward LAN1 >> LAN2 chain=forward action=accept out-interface=LAN-1 log=no log-prefix="" and Forward LAN2 >> LAN1 chain=forward action=accept out-interface...
by samsung172
Thu May 05, 2016 2:47 pm
Forum: General
Topic: 2 VRF's, overlapping networks
Replies: 2
Views: 1036

Re: 2 VRF's, overlapping networks

only way to comunicate between 2 subnets that is the same is to use nat. eg:

192.168.88.0/24 lan side - NAT - 1.1.1.1/29 wan side R1 - R2 1.1.1.2/29 wan side - NAT - 192.168.88.0/24
by samsung172
Sun Apr 24, 2016 12:53 am
Forum: Forwarding Protocols
Topic: VRF configuration
Replies: 4
Views: 3059

Re: VRF configuration

Do you want this network routed, or as a layer2? You can just add the routes - regardless of default gw. vrf is "quite" simple - but you need to do a lot of configurations. And i would not recomand use this, unless you have to. I use it some - using rfc1918 addresses for managment and conf...
by samsung172
Sun Apr 24, 2016 12:44 am
Forum: General
Topic: Feature request: switch-like vlan functionality for rb w/o switch-chip
Replies: 27
Views: 6922

Re: Feature request: switch-like vlan functionality for rb w/o switch-chip

What you really want is to bridge the isp's net together? From what i can se from what you write - you should just bridge all ethernet togetner, and separate by ip. The problem here is your solution. I would recomand that you use vlan in your vmware servers. Make vlan 11 and 12 to esx host 1 Make vl...
by samsung172
Sun Apr 24, 2016 12:35 am
Forum: General
Topic: Multiple VLANs on same subnet question
Replies: 2
Views: 1548

Re: Multiple VLANs on same subnet question

where is your gateway to internet? - Another port in the same bridge? If you use horizon you cant have just two ports. The "main" port should be without - and you isolate the other by using horizion. To have just two vlan bridget together - and put horizion - would be the same as not putti...
by samsung172
Sun Apr 10, 2016 10:20 am
Forum: The Dude
Topic: Web Server on ROS X86
Replies: 8
Views: 3376

Re: Web Server on ROS X86

you cant run a standalone webserver in mikrotik. You can however use metarouter to run webserver - but this will not be a good soulution. Have an own device - can be cheep like rapsberry pi etc, and run a standalone webserver. PS! If you have an old 532 - you can install debian etc, if you just &quo...
by samsung172
Sun Apr 10, 2016 10:13 am
Forum: Beginner Basics
Topic: Need suggestion for hardware.
Replies: 1
Views: 856

Re: Need suggestion for hardware.

750 users? You need to go to the CCR series.
by samsung172
Sun Apr 10, 2016 2:25 am
Forum: RouterBOARD hardware
Topic: RB2011 <> RB2011 connection over SFP module s-53lc20d
Replies: 6
Views: 2808

Re: RB2011 <> RB2011 connection over SFP module s-53lc20d

what is your TX/RX power level to fiber optic? - look in interface - sfpx menue - and its say TC and RX power. Itt need to be inside sfps spec.
by samsung172
Sun Apr 10, 2016 2:23 am
Forum: Beginner Basics
Topic: Firewall in OSPF network
Replies: 2
Views: 1119

Re: Firewall in OSPF network

drop all - accept what you want is a good firewall. :D ospf have nothing to "say" it all depends on what you run behind
by samsung172
Sun Apr 10, 2016 2:21 am
Forum: General
Topic: How can i add interface to two bridge?
Replies: 21
Views: 15073

Re: How can i add interface to two bridge?

still - my first post. to bridge bridges - add some vlan to the bridges you want to bridge. And bridge the vlan in a new bridge. This is a bit off box thingking, compared to cisco etc - but soooooooooo much more managable. if you add a vlan. a vlan is just a vlan. And can be the same vlan manny time...
by samsung172
Fri Apr 08, 2016 6:13 pm
Forum: Beginner Basics
Topic: Port forwarding problems..
Replies: 2
Views: 1054

Re: Port forwarding problems..

I think you only should need to do a inbound nat - from "internet" to you AP. Outbound should work "out of box" if you enable src-nat masqurade. Add src-nat masqurade add dst nat action dst-nat to port "xxx" protocol "" in interface"waninterface" to ...
by samsung172
Fri Apr 08, 2016 6:06 pm
Forum: General
Topic: How can i add interface to two bridge?
Replies: 21
Views: 15073

Re: How can i add interface to two bridge?

You need to put a vlan in each bridge - and bridge this with the third bridge.
by samsung172
Thu Nov 05, 2015 1:49 am
Forum: General
Topic: Feature request for v7.x
Replies: 296
Views: 106925

Re: Feature request for v7.x

VRF support to features is sooooo missed. The support to choose what routingtable to use for what service. Ability to choose web configuration troug one vrf - and ssh by another. (just as example) . Best would be to support more than one per service.. Also stuff like ospf or bgp - inside a vrf.
by samsung172
Thu Nov 05, 2015 1:40 am
Forum: General
Topic: Upgrading 4 towers to Mikrotik: request for help
Replies: 12
Views: 2334

Re: Upgrading 4 towers to Mikrotik: request for help

1. Use pppoe. 2. use pppoe. 3 use pppoe. 4. use pppoe. :D Its soooo easy, if you want to run an ISP - setup pppoe in your mikrotik. There is 100's of ways doning this - and its only a matter of how you want your network. My suggestion : 1. Setup dude - monitoring your network 2. Setup a router/gatew...
by samsung172
Thu Nov 05, 2015 1:35 am
Forum: General
Topic: VPN Routing issue
Replies: 3
Views: 1238

Re: VPN Routing issue

your route is the problem. You need to specify what you want to go by default, and what to go over the VPN
by samsung172
Thu Oct 15, 2015 1:57 am
Forum: General
Topic: Possible SYN DDOS Attack
Replies: 8
Views: 3733

Re: Possible SYN DDOS Attack

Do you have a virus on a computer behind your router? Do you have cashing on`? - How about block port 8080? Do you use upnp?
by samsung172
Wed Oct 14, 2015 2:50 pm
Forum: Forwarding Protocols
Topic: CISCO/BGP VPLS Tagged Ethernet not working
Replies: 3
Views: 1911

Re: CISCO/BGP VPLS Tagged Ethernet not working

what exactly is your goal? What distribute MPLS ospf or only BGP? My setup that works like a charm: R1 : /mpls set propagate-ttl=no /mpls interface set [ find default=yes ] mpls-mtu=1590 /mpls ldp set enabled=yes lsr-id=172.31.2.76 transport-address=172.31.2.76 /mpls ldp accept-filter add prefix=172...
by samsung172
Wed Oct 14, 2015 2:38 pm
Forum: General
Topic: Is it possible to route PPPoE users via a different router
Replies: 4
Views: 1226

Re: Is it possible to route PPPoE users via a different router

there is also an option in radius server - called routes. If there is only one spesific - customer - its easy to do this by adding just one customer in ppp - secrets. there you have the route option. There is also possible to do this with the framed-route parameter from radius. There is also a lot o...
by samsung172
Tue Oct 13, 2015 9:52 pm
Forum: General
Topic: Is it possible to route PPPoE users via a different router
Replies: 4
Views: 1226

Re: Is it possible to route PPPoE users via a different router

/ip route add dst-address=xxxxx src-address=yyyyy
by samsung172
Fri Oct 09, 2015 10:52 pm
Forum: Forwarding Protocols
Topic: How to test if BGP configuration is correct on my router ?
Replies: 2
Views: 1513

Re: How to test if BGP configuration is correct on my router ?

If you have your own AS from ripe etc- you need bgp - otherwise - no. If not- just put a default route to ISP linknet ip.
by samsung172
Fri Oct 09, 2015 10:51 pm
Forum: RouterBOARD hardware
Topic: conflicting/inaccurate information on routerboard.com website?
Replies: 4
Views: 1348

Re: conflicting/inaccurate information on routerboard.com website?

1. you can set freq from 400mhz to 1200mhz
2. maybe thats what is max at mikrotik? - it does not bottnenek packet per sec - but speed of interface. look at other CCR's - and ou see almoust the same
by samsung172
Fri Oct 09, 2015 10:39 pm
Forum: General
Topic: Known issues and bugs - a list
Replies: 284
Views: 170928

Re: Known issues and bugs - a list

Possible BUG - Not tested more. Today i had a CCR1036 running MPLS, ospf,bgp. It was struggeling and had 100% CPU usage. I booted it - still CPU usage in about 95 to 100%. I see in profile - that "networing" was using all "resorces" and started to do a researc. I found a dissable...
by samsung172
Thu Jul 02, 2015 3:54 pm
Forum: General
Topic: Maipu to Mikrotik LACP
Replies: 6
Views: 2443

Re: Maipu to Mikrotik LACP

I think this is a problem in at your upstream provider's settings
by samsung172
Sat Mar 21, 2015 12:41 pm
Forum: Beginner Basics
Topic: Port/Interface routing.
Replies: 3
Views: 1286

Re: Port/Interface routing.

If you route Source ip . not dst ip -. use rute rule and or Connection/Routing mark in mangle firewall
by samsung172
Sat Mar 21, 2015 1:39 am
Forum: Wireless Networking
Topic: Throughput on SXT AC faster sending from one SXT then sending from other
Replies: 2
Views: 1179

Re: Throughput on SXT AC faster sending from one SXT then sending from other

how do you measure bandwith? - If you use the mikrotik btest tool- it might give you 100% CPU to routerboard - before using all speed possible at wireless link.
by samsung172
Sat Mar 21, 2015 1:37 am
Forum: Beginner Basics
Topic: Novice seeking help
Replies: 1
Views: 996

Re: Novice seeking help

try the wiki. its a good place to start. som spesifik Q? - Ask in forum.
by samsung172
Sat Mar 21, 2015 1:36 am
Forum: Beginner Basics
Topic: Beginner / Novice Help WPA-PSK access
Replies: 1
Views: 921

Re: Beginner / Novice Help WPA-PSK access

se in wireless security tab. enter your parameters to a profile - and choose this profile in security at wlan interface.
by samsung172
Sat Mar 21, 2015 1:34 am
Forum: General
Topic: weird network performance issue (Possible MTU fault)
Replies: 14
Views: 2709

Re: weird network performance issue (Possible MTU fault)

i think the NAS might have a 100% CPU ? 25mb/s over pppoe use a bit CPU power. I dont think this is a mtu issue.

Is your net capable of more than 1500bytes? - Try running 1492 to pppoe server.
by samsung172
Sat Mar 21, 2015 1:30 am
Forum: General
Topic: What does "Firewall Router" checkbox actually mean ?
Replies: 2
Views: 2244

Re: What does "Firewall Router" checkbox actually mean ?

im not sutre- i have never used this (use winbox, and no quickset) - but i would think it setup nat to router.
by samsung172
Sat Mar 21, 2015 1:29 am
Forum: Beginner Basics
Topic: Port/Interface routing.
Replies: 3
Views: 1286

Re: Port/Interface routing.

in /ip route - add interface to desired dst address
by samsung172
Sat Mar 21, 2015 1:27 am
Forum: General
Topic: OSPF Migration
Replies: 3
Views: 1419

Re: OSPF Migration

setup ospf correctly. 1. make sure that you connect routers in a l2 net between them. 2. for ease - make a bridge called loopback and put an /32 ip to this - from a net you dont use. eg 172.31.0.1/32 at first router - 172.31.0.2/32 at router 2 etc. Follow the same if you put more routers in net. - a...
by samsung172
Tue Mar 10, 2015 1:58 am
Forum: General
Topic: Weird IP Address Error in select parts of RouterOS
Replies: 8
Views: 12645

Re: Weird IP Address Error in select parts of RouterOS

If you add a network - 10.10.20.0/22 is correct. 10.10.22.0/22 is just one ip in the 10.10.20.0/22 net . 10.10.20.0 is net - and addresses from 10.10.20.1 to 10.10.23.255 is addresses in this subnet. 10.10.23.255 is the broadcast. PS! you can use 10.10.22.0 as an ip - just like 10.10.20.1 in the 10....
by samsung172
Sun Mar 08, 2015 3:32 am
Forum: Forwarding Protocols
Topic: Database description packet has different master status flag
Replies: 67
Views: 48187

Re: Database description packet has different master status flag

I think the problem is that on unstable links - one of the ends dont recognise the other ends DD sequence number - and mikrotik have chosen to make an error telling about "database flag" . I think this might actually be a bug Database Description packets are OSPF packet type 2. These packe...
by samsung172
Sun Mar 08, 2015 3:26 am
Forum: Beginner Basics
Topic: need help to config router board
Replies: 11
Views: 3268

Re: need help to config router board

this is not the best "first time setup" - Try to read wiki - play around - and dont start to learn mikrotik by bounding interfaces from manny ISP's :D
by samsung172
Sun Mar 08, 2015 3:24 am
Forum: General
Topic: WINDOWS SERVER 2012 active directory & mikrotik
Replies: 1
Views: 1286

Re: WINDOWS SERVER 2012 active directory & mikrotik

You need to provide some more info. :D Windows and mikrotik must be in the same subnet. - And vlan - if not - you have to route.