Community discussions

MikroTik App

Search found 108 matches

by w4rh0und
Fri Dec 02, 2022 6:59 pm
Forum: RouterBOARD hardware
Topic: CCR1009 Rebooting
Replies: 78
Views: 11588

Re: CCR1009 Rebooting

I've enabled logging yesterday as well, and all packets are received from 167.114.50.149 which is US
by w4rh0und
Fri Dec 02, 2022 8:24 am
Forum: RouterBOARD hardware
Topic: CCR1009 Rebooting
Replies: 78
Views: 11588

Re: CCR1009 Rebooting

I've created a RAW sctp block rule
/ip firewall/raw/add action=drop chain=prerouting comment="Drop all SCTP" in-interface-list=WAN protocol=sctp
So far no reboot for the past 11 hours.

If nothing else changes I might delay the upgrade until 7.7 full is released
by w4rh0und
Thu Dec 01, 2022 10:50 am
Forum: RouterBOARD hardware
Topic: CCR1009 Rebooting
Replies: 78
Views: 11588

Re: CCR1009 Rebooting

The provided ROS7.7alpha255 nightly has fixed the issues for us. 7 hours no crashes. Thanks to the support's quick assist! Quick couple of questions: I've received the file from support as well. I just copy it on the router and reboot? Do I also have to upgrade the firmware? ( /system/routerboard/u...
by w4rh0und
Wed Nov 30, 2022 11:36 pm
Forum: RouterBOARD hardware
Topic: CCR1009 Rebooting
Replies: 78
Views: 11588

Re: CCR1009 Rebooting

I am having this issue as well since a few days ago We have been on version 7.4.1 since August, and now we started with the reboot. I've raised a task with support. routerboard: yes model: CCR1009-8G-1S-1S+ serial-number: 4AB1041DBDBD firmware-type: tilegx factory-firmware: 3.18 current-firmware: 7....
by w4rh0und
Sat Aug 20, 2022 5:22 pm
Forum: General
Topic: Old CCR router upgrade path
Replies: 3
Views: 556

Re: Old CCR router upgrade path

Should I upgrade the firmware from 3.22 to 6.27 first? yes, update this an reboot to apply this update check for users, scheduler and scripts created by external malicious actors i recommend this path: make backup and export and store them in your PC update to 6.40.9 (last version with old bridge (...
by w4rh0und
Thu Aug 11, 2022 12:09 am
Forum: General
Topic: Old CCR router upgrade path
Replies: 3
Views: 556

Old CCR router upgrade path

Hi everyone I have a new client which has an ancient ROS on his Mikrotik CCR1009 ROS MikroTik RouterOS 6.27 (c) 1999-2015 Firmware /system routerboard print routerboard: yes model: CCR1009-8G-1S-1S+ current-firmware: 3.22 upgrade-firmware: 3.22 Can someone recommend me the upgrade path? Should I upg...
by w4rh0und
Tue Apr 05, 2022 11:19 pm
Forum: General
Topic: Fail2Ban
Replies: 21
Views: 3292

Re: Fail2Ban

is there anything that can be done in my case ? This might help you: Tune the timers for your own need. Add known static ip clients to the PPTP_Allow list These rules have to be on your firewall before the pptp rule that allows the traffic The idea is that a client should connect from the 1st attem...
by w4rh0und
Sat Mar 05, 2022 12:35 pm
Forum: Announcements
Topic: v7.1.3 is released!
Replies: 251
Views: 55660

Re: v7.1.3 is released!

Report. OpenVPN connection in UDP mode on CCR1009-7G-1C-1S+ still causes CCR1009 to reboot, like on 7.1.2 version. Very bad. I confirm on CCR1009-8G-1S-1S+, upgraded ROS and firmware to 7.1.3 from RouterOS 6.48.5 OpenVPN on UDP was one of the reason i've upgraded. It connected, i just tried a trace...
by w4rh0und
Thu Nov 11, 2021 11:15 am
Forum: General
Topic: Feature Request: IPSEC Improvements
Replies: 148
Views: 44624

Re: Feature Request: IPSEC Improvements

+1 VTI
Policy based is a PIA for serious networks, also it is ancient as design.
Adding IPSEC on top of a tunnel interface like GRE/IPIP is a huge overhead
Also it would help to use these VTI interfaces in FW rules lists.
by w4rh0und
Wed Nov 10, 2021 9:09 am
Forum: RouterBOARD hardware
Topic: Firmware upgrade issues with 6.48.5 and 6.49
Replies: 4
Views: 4159

Re: Firmware upgrade issues with 6.48.5 and 6.49

Thank you mducharme

Probably why it happened.
by w4rh0und
Sat Nov 06, 2021 12:14 pm
Forum: RouterBOARD hardware
Topic: Firmware upgrade issues with 6.48.5 and 6.49
Replies: 4
Views: 4159

Firmware upgrade issues with 6.48.5 and 6.49

Hi guys I never had issues with any device new or old performing upgrades and i've done it across multiple platforms from CCR to RB750, csr, etc I even jumped from really old ROS and no issue whatsoever even on devices i actually prayed to fail so we can replace them with newer models. But lately i ...
by w4rh0und
Thu May 13, 2021 10:33 am
Forum: General
Topic: VRRP on WAN
Replies: 1
Views: 1395

VRRP on WAN

Hi I have a setup with 2xCCR1009. I've set up multiple VRRP interfaces under multiple VLAN's. From an outgoing point of view, In case a CCR goes down, i should still have outbound traffic. My problem comes inbound: We have multiple public IP's from the same provider on 3 separate subnets which have ...
by w4rh0und
Wed Apr 07, 2021 12:13 pm
Forum: General
Topic: Multiple Trunk setup performance issues
Replies: 13
Views: 1464

Re: Multiple Trunk setup performance issues

Is it better to be leave as is instead of making sure the tag is added on the port or you want to make sure that if the case, untagged traffic could run through the trunk?
by w4rh0und
Tue Apr 06, 2021 2:15 pm
Forum: General
Topic: Multiple Trunk setup performance issues
Replies: 13
Views: 1464

Re: Multiple Trunk setup performance issues

Hey mkx I tinkered in all directions, anyway i think the issue was that i was not adding the swtich1_CPU in the port rules. This is currently my config, CCR is in switch mode and the 2011 as well, and i can ping the management ip's 172.16.1.1 and 172.16.1.11 I also received ip by DHCP on 2011 port 2...
by w4rh0und
Mon Apr 05, 2021 10:20 pm
Forum: General
Topic: Multiple Trunk setup performance issues
Replies: 13
Views: 1464

Re: Multiple Trunk setup performance issues

Switch chip is not working as expected. I've used the wiki to configure it. I am trying the switch chip in the lab like below CCR config Atheros 8327 Port 1 switch member configured as a trunk (Vlans:1011 management for devices ip 172.16.1.1/24 and Vlan 10) connects physically to a RB2011 router swi...
by w4rh0und
Mon Apr 05, 2021 1:25 am
Forum: General
Topic: Multiple Trunk setup performance issues
Replies: 13
Views: 1464

Re: Multiple Trunk setup performance issues

So would it be possible to configure the Vlans under the switch and on the CRS use bridge vlan filtering? Will that work? So far, once i place the ports in the switch and enable secure port and add tag if missing, i can no longer reach the other device. Unfortuantely in the lab i have CCR1009 and 20...
by w4rh0und
Sat Apr 03, 2021 10:31 pm
Forum: General
Topic: Multiple Trunk setup performance issues
Replies: 13
Views: 1464

Re: Multiple Trunk setup performance issues

@anav It is a test router in a lab environment with no access outside and on the WAN it has private ip address. I've added that rule so i can keep my access from the machine from where i configure it, while i test FW rules. @mkx When i disable vlan filtering on the bridge interface /interface bridge...
by w4rh0und
Sat Apr 03, 2021 7:42 pm
Forum: General
Topic: Multiple Trunk setup performance issues
Replies: 13
Views: 1464

Multiple Trunk setup performance issues

Hi guys I am trying to set up the following network: Main router - CCR1009 Will have a Bridge here with ports 1,2,3,4,Sfp+. I will connect switches in these ports I will have multiple VLANS In which i will connect -Sfp+ - 1xCRS317-1G-16S+ 16X10 - used for storage traffic -ether1 and 2 - 2xCRS326-24G...
by w4rh0und
Tue Jul 14, 2020 1:53 am
Forum: General
Topic: Stealth port scanning protection
Replies: 13
Views: 12020

Stealth port scanning protection

Hi everyone, We are using the following port scanning script on input and forward chains, and it works ok if someone is trying to scan all ports and generates a lot of traffic. add chain=input protocol=tcp psd=21,3s,3,1 action=add-src-to-address-list address-list="port scanners" address-li...
by w4rh0und
Fri Oct 20, 2017 11:14 pm
Forum: General
Topic: IPSEC +GRE issue R6.40.4
Replies: 2
Views: 1450

IPSEC +GRE issue R6.40.4

Hi everyone, I have a spare router and wanted to check the new features of the latest Router Os version. It appears i have a problem with IPSEC + GRE tunnel in this version. With version 6.35.4 i do not experience this issue. The IPSEC is up and running the GRE is up but no traffic is passing throug...
by w4rh0und
Mon Sep 25, 2017 9:01 pm
Forum: Forwarding Protocols
Topic: SonicWall VPN client behind Mikrotik
Replies: 0
Views: 883

SonicWall VPN client behind Mikrotik

Hi

Has anyone managed to set up Sonicwall vpn client behind a Mikrotik router?

The client connects, but gets stuck on Aquiring ip address

I tried all settings possible. With other router brands i was able to connect without a problem.

Please advise.

Thank you
by w4rh0und
Thu Feb 09, 2017 9:57 pm
Forum: Forwarding Protocols
Topic: Routing over IPSEC VPN to remote network
Replies: 3
Views: 9514

Re: Routing over IPSEC VPN to remote network

thank you for the answer.

So route from remote to the subnet behind firewall and add a policy for the remote network as well.

Will try it out
by w4rh0und
Tue Feb 07, 2017 10:47 pm
Forum: Forwarding Protocols
Topic: Routing over IPSEC VPN to remote network
Replies: 3
Views: 9514

Routing over IPSEC VPN to remote network

Hi everyone, I have the following scenario: An IPSEC VPN between a mikrotik CCR1009 and a Fortigate router. Establishing the VPN is not a problem, but the issue i am encountering is routing a packet from a network behind the Mikrotik to a remote network behind the Fortigate. Mikrotik -VPN-Fortigate-...
by w4rh0und
Mon Sep 19, 2016 9:55 pm
Forum: General
Topic: Redirect to FQDN Proxy
Replies: 0
Views: 577

Redirect to FQDN Proxy

Hi everyone,

Is it possible to redirect all traffic for 80/443 to a fqdn proxy server (load balanced service) rather than an ip address?

Please let me know

Thank you
by w4rh0und
Thu May 26, 2016 8:46 pm
Forum: General
Topic: Mikrotik on comcast cable modem issues
Replies: 6
Views: 2529

Re: Mikrotik on comcast cable modem issues

thank you for your answer.

I do not have hairpin nat configured and no d-nat rules are in place

The SNAT rule is configured as below just with ether10 as the connection
chain=srcnat action=masquerade out-interface=ether10
by w4rh0und
Thu May 26, 2016 8:45 pm
Forum: General
Topic: Mikrotik 2011 on comcast connection
Replies: 3
Views: 1004

Re: Mikrotik 2011 on comcast connection

thank you for your answer.

I already tried that but they said that the MTU is 1500.

The linksys has 1500 set as MTU and performes fine
by w4rh0und
Thu May 26, 2016 9:42 am
Forum: General
Topic: Mikrotik 2011 on comcast connection
Replies: 3
Views: 1004

Mikrotik 2011 on comcast connection

Hi everyone I've encountered the weirdest issue on a comcast internet connection and i can't find where the issue is: First setup: Comcast was giving private ip 10.1.10.x, the Mikrotik was using 10.1.10.20 and for internal subnet 192.168.9.0/24 - double natting all traffic works except for http/http...
by w4rh0und
Wed Feb 24, 2016 10:28 pm
Forum: General
Topic: Mikrotik on comcast cable modem issues
Replies: 6
Views: 2529

Mikrotik on comcast cable modem issues

Hi everyone, I have a weird situation at one of my clients on Comcast business cable modem in Chicago I have a mikrotik 2011 behind the modem (i have to double nat unfortunately, since on my ether1 i have 10.1.10.x and local network has 192.168.9.0/24) Http/HTTPS traffic is not working, all webpages...
by w4rh0und
Thu Aug 06, 2015 5:04 pm
Forum: Forwarding Protocols
Topic: BGP over GRE
Replies: 6
Views: 5541

Re: BGP over GRE

Thank you for your reply.

The isssue was with how i set up the ip addresses on the IPSEC policies.

/ip ipsec policy
add disabled=yes dst-address=172.16.10.2/32 level=unique proposal=MTMain

I've changed the /32 address to the public ip and BGP starting working.
by w4rh0und
Fri Jul 10, 2015 5:34 pm
Forum: Forwarding Protocols
Topic: BGP over GRE
Replies: 6
Views: 5541

Re: BGP over GRE

It appears that it works over GRE as long as it is not running over IPSEC. Can someone tell me why BGP is not running when GRE is running over IPSEC? this is the ipsec config: /ip ipsec proposal add disabled=yes enc-algorithms=3des name=MTMain /ip ipsec peer add address=1.x.x.x/32 disabled=yes dpd-i...
by w4rh0und
Thu Jul 09, 2015 9:36 am
Forum: Forwarding Protocols
Topic: BGP over GRE
Replies: 6
Views: 5541

Re: BGP over GRE

The Config i have: Mikrotik Main 172.16.1.1/30 172.16.1.0 ether2 1.x.x.x./28 109.166.155.32 ether1 - WAN 192.168.88.1/24 192.168.88.0 ether5 172.16.10.2/30 172.16.10.0 MTMain-Client - this is the tunnel interface 172.16.255.3/32 172.16.255.1 loopback 192.168.88.1/24 192.168.88.0 VRRP1 Simple BGP: /r...
by w4rh0und
Wed Jul 08, 2015 2:32 pm
Forum: Forwarding Protocols
Topic: BGP over GRE
Replies: 6
Views: 5541

BGP over GRE

Hi everyone, Is it possible to have a simple BGP over GRE (GRE running on top of IPSEC) I do not have experience with BGP, only worked with OSPF / RIP before. The setup is like this: Main Office Remote office router 1 (Main router ISP 1) Remote office router 2 (Backup router ISP2) There is a VRRP be...
by w4rh0und
Sat Oct 25, 2014 2:13 am
Forum: Forwarding Protocols
Topic: Multiple sites and multiple subnets over IPSEC issue
Replies: 2
Views: 3258

Re: Multiple sites and multiple subnets over IPSEC issue

Solution is simple use unique instead of required on all VPN's, also increase the SNAT from 10.xxx/8 to 10.xxx/8
by w4rh0und
Wed Oct 22, 2014 11:05 pm
Forum: Forwarding Protocols
Topic: Multiple sites and multiple subnets over IPSEC issue
Replies: 2
Views: 3258

Re: Multiple sites and multiple subnets over IPSEC issue

No One has any idea about multisite VPN?
by w4rh0und
Mon Oct 20, 2014 9:49 am
Forum: General
Topic: Transparent web proxy - slow ping times
Replies: 9
Views: 4463

Re: Transparent web proxy - slow ping times

The DSN settings are correct.
by w4rh0und
Fri Oct 17, 2014 10:08 am
Forum: Forwarding Protocols
Topic: Multiple sites and multiple subnets over IPSEC issue
Replies: 2
Views: 3258

Multiple sites and multiple subnets over IPSEC issue

Hi I have an issue using IPSEC in tunnel mode. the tunnel is between a juniper and a microtil CCR 1009 ROS 6.20 I am only using a VPN between 2 sites, but i will need to use it over 4 sites, and each has 1-4 subnets i have the following Policies define /ip ipsec policy add dst-address=10.1.20.0/24 p...
by w4rh0und
Thu Oct 16, 2014 10:30 pm
Forum: General
Topic: Problem with CCR1009-8G-1S-1S+
Replies: 1
Views: 1393

Problem with CCR1009-8G-1S-1S+

Hi everyone, I just purchased a brand new CCR1009-8G-1S-1S+. Powered it on, worked for 24 hours after which i could see some lights on the network ports all lit like they had link, but the router became a brick. Sent it back to the shop from which i purchased and asked for a new one. They told me th...
by w4rh0und
Fri Jun 27, 2014 9:18 pm
Forum: General
Topic: Hairpin nat over VPN
Replies: 0
Views: 1374

Hairpin nat over VPN

Hello I have a weird configuration, a poor's man redundant link and i was wondering if someone could help me out. The set up: We have 2 offices: Office 1: public ip 192.168.1.1/24 / vpn 172.16.0.1 Office 2: Public ip 192.168.2.2/24 / private ip 10.10.2.0/24 / PPTP vpn 172.16.0.2 There is also a pptp...
by w4rh0und
Mon Aug 12, 2013 10:55 pm
Forum: General
Topic: Bridge traffic shaping help
Replies: 4
Views: 2374

Re: Bridge traffic shaping help

Here are my settings: Ether10 is connected to the main switch Ether9 goes to a useless juniper ssg20 router I also have a management interface set up so i can connect to the router and check the traffic on ports /interface bridge add l2mtu=1598 name=Lan /interface bridge port add bridge=Lan interfac...
by w4rh0und
Thu Aug 08, 2013 9:56 pm
Forum: General
Topic: Bridge traffic shaping help
Replies: 4
Views: 2374

Re: Bridge traffic shaping help

Yes i managed to make it work.

If anyone needs some help i can trow in some examples
by w4rh0und
Thu Aug 08, 2013 5:13 pm
Forum: General
Topic: QOS on master interface
Replies: 0
Views: 704

QOS on master interface

Hi Is it possible to create a transparent bandwidth limiting using master/slave interface instead of using a bridge interface? the setup: /interface ethernet set 2 master-port=ether2 /ip address add address=10.1.20.212/24 interface=ether2 network=10.1.20.0 Ether 3 is the slave port of ether2. the in...
by w4rh0und
Fri Apr 12, 2013 7:16 pm
Forum: Forwarding Protocols
Topic: Layer 2 transparent bridge question
Replies: 3
Views: 4303

Re: Layer 2 transparent bridge question

I know it is for wireless that link, but applies to pptp link as well. I configured that tunnel over pptp since one of the mikrotiks is behind the juniper. I tried BCP/Eoip all work inside the local network, but i need to be able to go on the internet using that tunnel from the new office. And that ...
by w4rh0und
Fri Apr 12, 2013 3:30 pm
Forum: General
Topic: Bridge traffic shaping help
Replies: 4
Views: 2374

Bridge traffic shaping help

Hi I want to limit the traffic on a network, using a mikrotik router as a transparent bridge. I never used traffic prioritization yet so i am trying to learn, but i need some basic examples to understand how to make it work and most examples i found have really complicated queues and once i change s...
by w4rh0und
Fri Apr 12, 2013 2:03 pm
Forum: Forwarding Protocols
Topic: Layer 2 transparent bridge question
Replies: 3
Views: 4303

Re: Layer 2 transparent bridge question

No one can give me any ideas on this?
by w4rh0und
Fri Apr 12, 2013 12:53 am
Forum: General
Topic: Transparent web proxy - slow ping times
Replies: 9
Views: 4463

Re: Transparent web proxy - slow ping times

I have the exact same problem, tried it with 2 routers, i can try it on more, but i am sure it is a routeros bug. This is my post with this problem, but no one answered on it http://forum.mikrotik.com/viewtopic.php?f=2&t=71718 I also tried it with a virtualpc image and it is exactly the same. It...
by w4rh0und
Thu Apr 11, 2013 9:53 pm
Forum: General
Topic: Web Proxy problem
Replies: 0
Views: 1034

Web Proxy problem

Hi I have a problem with the webproxy, once i am using it the CPU of my 750G goes to 100% while doing a bandwidth test and also the reply time from speedtest.net goes from 4 ms (without proxy) to 200++ with proxy on. Is this normal? I am the only one on this router, i just wanted to test it our, but...
by w4rh0und
Tue Apr 09, 2013 8:44 pm
Forum: Forwarding Protocols
Topic: Layer 2 transparent bridge question
Replies: 3
Views: 4303

Layer 2 transparent bridge question

Hi I have a more complicated setup i need some help with, we have to migrate an office with as less downtime as possible and i need some help configuring this: I have used mikrotik routers for some time now, because every time i need a twisted solution i can use them over cisco or other brands. The ...
by w4rh0und
Wed Apr 03, 2013 3:19 pm
Forum: Forwarding Protocols
Topic: VPLS bonding and MUM slides
Replies: 6
Views: 3359

Re: VPLS bonding and MUM slides

Not sure if this is what are you trying to do, but take a look at this:

http://wiki.mikrotik.com/wiki/Transpare ... S_extended
by w4rh0und
Wed Apr 03, 2013 2:59 pm
Forum: General
Topic: RB1100AHX2 Problem
Replies: 2
Views: 1758

Re: RB1100AHX2 Problem

Hi and thank you for the reply. I need to pass 10-20 Mb since the internet bandwidth is only 20 Mb I thought about Eoip 1st but, i tested it and i couldn't get the MTU to get it to work. I couldn't browse the internet from the other end of the Eoip tunnel, the pages were only loading partially or no...
by w4rh0und
Tue Apr 02, 2013 9:36 pm
Forum: General
Topic: RB1100AHX2 Problem
Replies: 2
Views: 1758

RB1100AHX2 Problem

Hi We bought one RB1100AHX2 6 months ago or so, and i am having some big problems with it. The problems started like 1 week ago: /system routerboard print routerboard: yes model: 1100AHx2 serial-number: 34110144B92C current-firmware: upgrade-firmware: 2.39 It does not display the current-firmware. T...
by w4rh0und
Tue Apr 02, 2013 9:30 pm
Forum: General
Topic: MIKROTIK RB2011UAS-2HND performance
Replies: 4
Views: 1928

Re: MIKROTIK RB2011UAS-2HND performance

Well i will have to try it out. Thank for the answers.
by w4rh0und
Sun Mar 31, 2013 2:28 am
Forum: General
Topic: MIKROTIK RB2011UAS-2HND performance
Replies: 4
Views: 1928

MIKROTIK RB2011UAS-2HND performance

Hi I am thinking of buying one of these routers (MIKROTIK RB2011UAS-2HND). Can someone tell me if the wireless performance is good or not and the stability of the wireless? I have used routerboards for years but mostly on cable. I tried a 751 wireless router and a cheap 20$ TP-link had better perfor...
by w4rh0und
Wed Jun 20, 2012 10:47 am
Forum: Wireless Networking
Topic: Wireless seamless roaming with mesh
Replies: 3
Views: 4077

Wireless seamless roaming with mesh

Hi Is there a posibility to create a seamless roaming solution for voip using mikrotik wireless? I saw that mesh accepts ethernet ports as well. Can you also use vlans with it like a bridge so you can have 1 vlan for data and 1 vlan for voice in a mesh? Something like this: Internet | Main RB1100 <-...
by w4rh0und
Tue Mar 20, 2012 10:28 am
Forum: Forwarding Protocols
Topic: How to make port forwarding for dynamic IPs?
Replies: 4
Views: 3354

Re: How to make port forwarding for dynamic IPs?

If the private ip that you get from the hotspot is different everytime, you might try to make a dhcp reservation for that ip, to bind it so you get the same private ip address everytime on that host based on mac addess. From the mikrotik the command to make static is: /ip dhcp-server lease make-stat...
by w4rh0und
Fri Mar 16, 2012 11:25 am
Forum: Forwarding Protocols
Topic: How to make port forwarding for dynamic IPs?
Replies: 4
Views: 3354

Re: How to make port forwarding for dynamic IPs?

If i understand correctly what you want, then you don't need to dnat a certain ip you can do it on an interface: Ex: for RDP where Ether1 is the internet connection port and 10.124.175.5 is the private ip you can change Ether1 with the name of your pppoe connection or what interface you have. /ip fi...
by w4rh0und
Fri Feb 24, 2012 2:09 pm
Forum: General
Topic: Multiple public ip addresses problem
Replies: 1
Views: 928

Re: Multiple public ip addresses problem

I managed to solve it. I don't know why it happened, but the fix was like this. Started a ping from the router itself to the default gateway (the ISP) and disabled all the ip's except the one working. Then disabled the one working and enabled the next one. After doing this the 2nd ip started to work...
by w4rh0und
Fri Feb 24, 2012 3:28 am
Forum: General
Topic: Multiple public ip addresses problem
Replies: 1
Views: 928

Multiple public ip addresses problem

Hi I have encountered a strange phenomenon on our new router We had a RB1000 Ros version 4.x before on one of our datacenter with 10 public ip addresses assigned on ether1 (lets say 10.10.10.2->10.10.10.12). We use those public ip to nat to internal servers default gateway 10.10.10.1 We changed that...
by w4rh0und
Mon Feb 20, 2012 6:23 pm
Forum: RouterBOARD hardware
Topic: Question on Ethernet Bypass Mode, RB1100
Replies: 8
Views: 14637

Re: Question on Ethernet Bypass Mode, RB1100

Ok i am a little confused. We just bought a RB1100AH and my questions are: Which ports would be best to connect the ISP lines (we have 2 lines) ports 12 and 13? And on port 11 to have a cable to a backup router? Since ports 1->5 are switch group one and 6-10 are switch group. What i still don't unde...
by w4rh0und
Wed Feb 08, 2012 12:32 pm
Forum: Forwarding Protocols
Topic: Firewall + nat problem
Replies: 2
Views: 2607

Re: Firewall + nat problem

Thanks for the reply, i will have to try it out
by w4rh0und
Sat Jan 07, 2012 1:50 am
Forum: Forwarding Protocols
Topic: Firewall + nat problem
Replies: 2
Views: 2607

Firewall + nat problem

I hit a wall here: What i want: I have a useless exchange server in a network which ofc costs an insane amount of money yet no antipam and stuff so what i am trying to do: My postfix server from building A is the antispam which will filter then relay the mail to the exchange What i am trying to do i...
by w4rh0und
Thu Nov 10, 2011 8:48 pm
Forum: Forwarding Protocols
Topic: IPV6 pppoe configuration help needed
Replies: 3
Views: 1977

Re: IPV6 pppoe configuration help needed

Thanks a lot i will give it a try and see how it goes.
by w4rh0und
Thu Nov 03, 2011 12:42 pm
Forum: Forwarding Protocols
Topic: IPV6 pppoe configuration help needed
Replies: 3
Views: 1977

IPV6 pppoe configuration help needed

Hi My Isp has released an IPV6 test. I am trying to get my head around this on how to configure my mikrotik (version 5.8) to work. I connect using pppoe. Connected directly (without using the router) worked like a charm, no problem With this configuration on my cisco 871 worked like a charm: vpdn en...
by w4rh0und
Fri Oct 28, 2011 11:42 pm
Forum: General
Topic: Proxy slow traffic problem
Replies: 1
Views: 1626

Proxy slow traffic problem

Hi I have a RB493AH with version 5.7 at a client and i need to block facebook/myspace and other social network junk With no proxy the web traffic works perfectly. The moment i enable webproxy the web traffic stops working, the pages are barely getting loaded and i mean www.google.com gets loaded in ...
by w4rh0und
Tue Oct 04, 2011 5:18 pm
Forum: General
Topic: WebProxy problem
Replies: 5
Views: 2181

Re: WebProxy problem

NVM i found out where the problem was: /ip proxy set always-from-cache=no cache-administrator=webmaster cache-hit-dscp=4 cache-on-disk=no enabled=no max-cache-size=none max-client-connections=600 \ max-fresh-time=3d max-server-connections=600 parent-proxy=0.0.0.0 parent-proxy-port=0 port=8080 serial...
by w4rh0und
Tue Oct 04, 2011 5:10 pm
Forum: General
Topic: WebProxy problem
Replies: 5
Views: 2181

Re: WebProxy problem

I have configured the webproxy on my home router since i cannot post any info from a client on the forum I have basically mirrored the needed settings on my home router with basic needed settings for internet action and this "Internet" is the pppoe connection to the ISP. The network cable ...
by w4rh0und
Fri Sep 30, 2011 11:19 pm
Forum: General
Topic: WebProxy problem
Replies: 5
Views: 2181

Re: WebProxy problem

yes it works without a problem, also the dns is working properly, but still when trying those to rules from web proxy it does not work
by w4rh0und
Thu Sep 29, 2011 8:55 pm
Forum: General
Topic: WebProxy problem
Replies: 5
Views: 2181

WebProxy problem

Hi I have encountered a problem on Routeros 5.7 (not sure if it works on earlier versions or not). I have a client which always delays the payment until i disconnect his service so i figured i would try this tutorial: http://wiki.mikrotik.com/wiki/Payment_Reminders My settings at the moment are: /ip...
by w4rh0und
Mon Sep 19, 2011 10:25 pm
Forum: General
Topic: inter-vlan routing problem
Replies: 9
Views: 4393

Re: inter-vlan routing problem

Inter-vlan routing should work by default without a problem, i have a lot of vlans at the office and at home as well and never had problems routing from one vlan to the other since all vlans are with distance 0 directly connected so no need for routes/proxy arp. One thing i have seen when traffic is...
by w4rh0und
Mon Sep 19, 2011 10:04 pm
Forum: General
Topic: Dynamic Vlan
Replies: 3
Views: 1258

Re: Dynamic Vlan

What you are asking for is only available for switches (tried it on cisco/3com and dell), since it is refering to "access ports" (or where you connect the hosts) while you use the router as a "trunk" port (to transport all the vlans and intervlan routing) the mikrotik way to &quo...
by w4rh0und
Mon Jun 06, 2011 11:59 am
Forum: Forwarding Protocols
Topic: Traffic prioritization over eoip
Replies: 3
Views: 2775

Re: Traffic prioritization over eoip

No

The only traffic going through the pptp is the Eoip traffic for the NBX. Nothing else. The rest is the home use internet of the employees for which i don't care. The internet line is ether1 on all routers.
by w4rh0und
Sat Jun 04, 2011 2:59 am
Forum: Forwarding Protocols
Topic: Traffic prioritization over eoip
Replies: 3
Views: 2775

Traffic prioritization over eoip

Hi I have an issue on how can i implement some queues in order to make the voip work correctly The setup is like this: We have a main office with a 3Com NBX (unfortunately for me cause i was forced to use EOIP in order to make it work for ppl using connections from home) All the employees who work f...
by w4rh0und
Thu May 19, 2011 5:48 pm
Forum: Forwarding Protocols
Topic: Pxe Boot over multiple subnets
Replies: 4
Views: 4000

Re: Pxe Boot over multiple subnets

Ty alot i will give it a try and let you know how it went :)
by w4rh0und
Wed May 18, 2011 10:24 pm
Forum: Forwarding Protocols
Topic: Pxe Boot over multiple subnets
Replies: 4
Views: 4000

Pxe Boot over multiple subnets

Hi I have a problem at one of my clients... I have a Mt router with 3 independant subnets: in ether1 - is connected the pxe server with ip 192.168.0.2 in ether2 - there is a unmanaged switch with for subnet 192.168.2.0/24 in ether3 - there is a unmanaged switch with for subnet 192.168.3.0/24 Is ther...
by w4rh0und
Mon Apr 04, 2011 12:22 pm
Forum: Forwarding Protocols
Topic: PPC With 1 on 1 Nat
Replies: 2
Views: 1120

Re: PPC With 1 on 1 Nat

Thank you for the reply.

I will try the config and let you know how it works. For some reason i haven't found that post on my own :(
by w4rh0und
Sat Apr 02, 2011 1:41 am
Forum: Forwarding Protocols
Topic: PPC With 1 on 1 Nat
Replies: 2
Views: 1120

PPC With 1 on 1 Nat

Hi I have followed this guide: http://wiki.mikrotik.com/wiki/PCC My problem is: I have multiple local subnets so i don't know how to add them to these rules for every subnet/interface that i have My subnets/interfaces are: 192.168.1.0/24 subnet_1 interface and 192.168.99.0/24 subnet_99 interface 2 I...
by w4rh0und
Fri Jan 28, 2011 3:25 pm
Forum: Forwarding Protocols
Topic: PPC for multiple local subnets
Replies: 3
Views: 1451

Re: PPC for multiple local subnets

I still have some problems with this setup if i use those rules for all the lan interfaces: add chain=prerouting dst-address-type=!local in-interface=Local per-connection-classifier=both-addresses:2/0 \ action=mark-connection new-connection-mark=wlan1_conn passthrough=yes add chain=prerouting dst-ad...
by w4rh0und
Thu Jan 27, 2011 8:52 pm
Forum: Forwarding Protocols
Topic: PPC for multiple local subnets
Replies: 3
Views: 1451

Re: PPC for multiple local subnets

Thanks you for a very fast answer.
by w4rh0und
Thu Jan 27, 2011 8:03 pm
Forum: Forwarding Protocols
Topic: PPC for multiple local subnets
Replies: 3
Views: 1451

PPC for multiple local subnets

Hi i was reading this wikki article:http://wiki.mikrotik.com/wiki/PCC I have tested it and it works great with 1 local subnet. But what could i do to change it to fit my needs? I have 2 internet lines I have 4 internal interfaces with 4 different subnets for different needs. From what i see the Wan ...
by w4rh0und
Tue Oct 19, 2010 9:53 am
Forum: Forwarding Protocols
Topic: Multicast problem
Replies: 2
Views: 2508

Re: Multicast problem

Nvm i figured it out. I will try and post a how to with cisco and with multiple MT for those interested.
by w4rh0und
Thu Oct 14, 2010 11:04 pm
Forum: Forwarding Protocols
Topic: Multicast problem
Replies: 2
Views: 2508

Multicast problem

Hi I have hit a wall with the multicasting on mikrotik (routeros 4.11) I have like this: Source - subnet 1 (lan1 - interface) - ROUTER A - Wan ip provider 1<----->Wan ip provider 2 ROUTER B - subnet 2 (lan2) 192.168.250.0/24 10.124.175.0/24 In order to get from subnet 1 from router B to the subnet o...
by w4rh0und
Wed Oct 13, 2010 11:10 pm
Forum: Forwarding Protocols
Topic: 2 gateway problems
Replies: 1
Views: 1237

2 gateway problems

Hi On one of the routers i have 2 internet connections: public_1: lets say 172.16.0.1 Wan1 public_2 172.17.0.1 Wan2 And i have 2 private subnets 192.168.1.0/24 on Lan1 interface and 10.10.10.0/24 on Lan2 interface What i want is to have 192.168.1.0/24 route out through 172.16.0.1 (basically this to ...
by w4rh0und
Mon Sep 27, 2010 11:23 pm
Forum: Forwarding Protocols
Topic: Multicast
Replies: 4
Views: 1835

Re: Multicast

thanks, found the pack :).
by w4rh0und
Mon Sep 27, 2010 9:23 pm
Forum: Forwarding Protocols
Topic: Multicast
Replies: 4
Views: 1835

Multicast

Hi I have never configured multicast before, but hey there is always a start. My questions is: i have read this wiki:http://wiki.mikrotik.com/wiki/Manual:Multicast_detailed_example But i don't have a /routing pim command: routing pim interface add bad command name pim (line 1 column 9) Ro Version is...
by w4rh0und
Tue May 25, 2010 1:32 pm
Forum: General
Topic: Mikrotik packet sniffer
Replies: 3
Views: 3566

Re: Mikrotik packet sniffer

Yes but how can i filter out so i can see the actual traffic only from that ip tunnel? I have used wireshark/tcpdump before locally, but this is the 1st time that i use it with streaming from another device, and i have no ideea how to filter so i can see the traffic between 192.168.2.0/24 and 172.16...
by w4rh0und
Tue May 25, 2010 12:17 pm
Forum: General
Topic: Mikrotik packet sniffer
Replies: 3
Views: 3566

Mikrotik packet sniffer

Hello I tried to use the packet sniffer on the mikrotik. My question is how can i make it work with wireshark because i cannot log all the information on a RB??? I have seen the option bellow but for some reason i can make it work :( 1. configure sniffer to stream to device running wireshark: /tool ...
by w4rh0und
Tue Apr 27, 2010 6:26 pm
Forum: Wireless Networking
Topic: Mikrotik roaming solution
Replies: 14
Views: 6477

Re: Mikrotik roaming solution

And i don't configure any ip addresses on the AP bridge interfaces?

I add a different ip address for management only right?

But will i configure the same ssid on every AP?

What about when they move from 1 ap coverage to the next 1? won't that create a layer 2 loop or something ?
by w4rh0und
Thu Apr 22, 2010 2:16 pm
Forum: Wireless Networking
Topic: Mikrotik roaming solution
Replies: 14
Views: 6477

Re: Mikrotik roaming solution

Thanks a lot for the reply

Are the AP also in a WDS ? or you use non overlapping channels? Or how you manage not to interfere one with another?
by w4rh0und
Fri Apr 16, 2010 11:07 pm
Forum: Wireless Networking
Topic: Mikrotik roaming solution
Replies: 14
Views: 6477

Re: Mikrotik roaming solution

I've done something similar in several buildings here. Essentially by ip bridging the ports that the ap's are connected to on the main router and then binding each ap to the hotspot worked for me. Hope this helps :) Darci Can you please elaborate a little on the solution? So u have the main router ...
by w4rh0und
Fri Apr 09, 2010 10:34 pm
Forum: Wireless Networking
Topic: Mikrotik roaming solution
Replies: 14
Views: 6477

Re: Mikrotik roaming solution

So then what can i do then? Since WDS is only suitable over wireless, and i would have to double the wireless network card for wds otherwise the traffic would be really low...

On a cisco wireless i tried it and i used same SSID and key + non overlapping channels and it worked like a charm.
by w4rh0und
Fri Apr 09, 2010 8:22 pm
Forum: Wireless Networking
Topic: Mikrotik roaming solution
Replies: 14
Views: 6477

Mikrotik roaming solution

Hi I have a new project and i need some guidance in which direction to go: My setup will be something like this: I have a main router and i have the entire building cabled. I will have 5 AP all connected to the main router with cables. I need a way so i can cover the entire building, but when a wire...
by w4rh0und
Sun Apr 04, 2010 12:37 pm
Forum: General
Topic: Vlan access ports
Replies: 4
Views: 3271

Re: Vlan access ports

Thanks alot. I will give it a try and let you know how it went :)
by w4rh0und
Sat Apr 03, 2010 12:51 pm
Forum: General
Topic: Vlan access ports
Replies: 4
Views: 3271

Re: Vlan access ports

Thx for the reply. What i want to do: I have 2 public addresses: 1 for the mikrotik router 1 for a vpn concentrator 1 is the ISP gw router So i want to add: ether 1 ISP router ether 2 vpn concentrator And where do i configure the ip address of the mikrotik? On vlan1 interface or on ether 3 interface...
by w4rh0und
Fri Apr 02, 2010 4:34 am
Forum: General
Topic: Vlan access ports
Replies: 4
Views: 3271

Vlan access ports

Hi I have a question regarding vlans and mikrotik routers I managed to create a trunk between a mikrotik and a cisco 2960 and it is working fine, but is there a way in which i can configure a few ports in access mode in the same vlan just like i can do on a cisco switch? Because until now i wasn't a...
by w4rh0und
Fri Feb 26, 2010 1:18 am
Forum: General
Topic: Taffic problems between mikrotiks
Replies: 3
Views: 957

Re: Taffic problems between mikrotiks

I have tested between an RB1000 and a RB433UAH. I don't have any firewal rules between them, i only have a no nat rule so i don;t nat the traffic over the tunnel i just route it directly. the rb433uah was at 40-60% the rb1000 was at 100% when rb1000 was sending and when the RB1000 was receiving the ...
by w4rh0und
Fri Feb 26, 2010 12:26 am
Forum: General
Topic: Taffic problems between mikrotiks
Replies: 3
Views: 957

Taffic problems between mikrotiks

Hello I have encountered a big problem between mikrotik routers: We have like 15 mikrotik routers and we have pptp tunnels between their locations and our main site. I have conducted a series of tests with the bandwidth tool: If i test between the Wan connections: public ip <------------------------...
by w4rh0und
Mon Nov 23, 2009 5:40 pm
Forum: Forwarding Protocols
Topic: Ospf passive interface
Replies: 0
Views: 2298

Ospf passive interface

Hello I have a question: Is it ok (is it correctly the way i am configuring) if i configure OSPF like this? I have 3 subnets: i have the wan subnet 96.x.x.x i have a 172.16.0.0/30 subnet for a vpn tunnel i have 192.168.1.0/24 local net I have some vpn tunnels between a couple of routers when i add i...
by w4rh0und
Wed Nov 18, 2009 7:16 pm
Forum: Forwarding Protocols
Topic: Rip updates over ipsec tunnels
Replies: 10
Views: 4053

Re: Rip updates over ipsec tunnels

I pretty much got all figure it out: I can filter the public ip not to be redistribuited with OSPF But i still have 1 problem which i cannot shake: client 2 | location 1-----------------------------------------location 2--------------------------client 1 | client 3 location 1: 192.168.1.0/24 locatio...
by w4rh0und
Fri Nov 13, 2009 7:48 pm
Forum: Forwarding Protocols
Topic: Rip updates over ipsec tunnels
Replies: 10
Views: 4053

Re: Rip updates over ipsec tunnels

Ok i added the other end of the tunnel ip. and i added redistribute connected, but how can i filter some networks? I want connected 192.168.1.0/24 and 10.124.0.0/16 for example , but i don't want to redistribute the WAN ip over the tunnel. and how can i add certain networks over 1 tunnel while other...
by w4rh0und
Fri Nov 13, 2009 5:21 am
Forum: Forwarding Protocols
Topic: Rip updates over ipsec tunnels
Replies: 10
Views: 4053

Re: Rip updates over ipsec tunnels

Add network is not enough since that will not work over at VPN tunnel How can i configure ospf over a tunnel? Cause if i add a directly connected route (add network 192.168.2.0/24) i will see the ether5 interface in the ospf interface menu, while tunnel1 is still down. Anyone knows how to configure ...
by w4rh0und
Tue Nov 10, 2009 11:12 pm
Forum: Forwarding Protocols
Topic: Rip updates over ipsec tunnels
Replies: 10
Views: 4053

Re: Rip updates over ipsec tunnels

It seams it got updated in v 4.2. Added a test network and it got updated. I haven't tried ospf, seams really complicated on the router os. I used ospf on cisco and it was easy mode to configure with 1 area, but here it is sooo complicated. Might try it though.
by w4rh0und
Tue Nov 10, 2009 8:14 pm
Forum: Forwarding Protocols
Topic: Cisco PPTP - Mikrotik
Replies: 3
Views: 35634

Re: Cisco PPTP - Mikrotik

Upgraded to 4.2 and still doen't work. What annoys me the most is that i don't see anything. Logs like initializing/dialing r useless. Isn't there a debug to check what is actually going on?
by w4rh0und
Tue Nov 10, 2009 7:06 pm
Forum: Forwarding Protocols
Topic: Cisco PPTP - Mikrotik
Replies: 3
Views: 35634

Cisco PPTP - Mikrotik

Mikrotik - pptp -Cisco Mikotik V3.29 Hello I have some issues trying to configure a PPTP vpn between a mikrotik and a cisco 871 From windows i can make a connection and it works, but from mikrotik it is not working and i have no ideea why. I don't see anything in the debug except for: Vi2 PPP: Outbo...
by w4rh0und
Tue Nov 10, 2009 12:54 pm
Forum: Forwarding Protocols
Topic: Rip updates over ipsec tunnels
Replies: 10
Views: 4053

Re: Rip updates over ipsec tunnels

Version 3.29 and on packages it is 3.29 as well on routing
by w4rh0und
Tue Nov 10, 2009 12:23 am
Forum: Forwarding Protocols
Topic: Rip updates over ipsec tunnels
Replies: 10
Views: 4053

Rip updates over ipsec tunnels

Hello It seams there is a problem on router os regarding RIP updates. I added /routing rip network add 10.2.0.0/24 on router 2 It only appeared in router 1 after rebooted router 2. Is there any other way ? RIp should send the update automatically every 30 secs Is it any other way besides this? I rea...
by w4rh0und
Mon Nov 09, 2009 10:46 pm
Forum: Forwarding Protocols
Topic: Ipsec between 2 mikrotik routers
Replies: 0
Views: 934

Ipsec between 2 mikrotik routers

Hello I followed this doc step by step and it is not working: tried to ping the gateways (10.1.0.1\10.2.0.1) and it is not working It is from the official doc. I am using routerOS3.29 Is this doc deprecated? or what is hapening? i cannot see anything in logs either .. on cisco routers there is debug...
by w4rh0und
Sun Nov 08, 2009 2:34 pm
Forum: General
Topic: Mikrotik/cisco VPN with dynamic ip
Replies: 2
Views: 1918

Mikrotik/cisco VPN with dynamic ip

Hello I was wondering how i could make a VPN between my Cisco 871 and the mikrotik at work? Ipsec will not allow me to add remote-adress="test.dyndns.org" And i cannot configure Cisco to be a PPTP client to connect to the mikrotik pptp server So anyone knows how i could trick this? I reall...
by w4rh0und
Sat Oct 17, 2009 1:28 am
Forum: General
Topic: Nagios monitor
Replies: 3
Views: 3339

Re: Nagios monitor

It is the client ... the server is at my location. Problem is that the interface counter is increased and a snmp status check becomes obsolete. Which makes the only way to check if the VPN is up a simple ping.
by w4rh0und
Fri Oct 16, 2009 11:02 pm
Forum: General
Topic: Nagios monitor
Replies: 3
Views: 3339

Nagios monitor

Hello i have a problem with when it comes to monitor the router. I have some pptp vpn connections to a central server, and i cannot monitor the vpn connection state: I am trying to get the snmp state of the vpn connection: ifOperStatus.x and everytime the connection will go down then reconect it wil...