Community discussions

MikroTik App

Search found 95 matches

by greencomputing
Thu Aug 29, 2013 11:44 pm
Forum: Wireless Networking
Topic: compression=yes in ppp profile
Replies: 0
Views: 1637

compression=yes in ppp profile

Hi folks! hoping you are doing well! I'm struggling on trying to use the compression=yes settins while setin up a ptp between 2 mikrotik router. I tried this using pptp, l2tp and pppoe without detecting any improvement.. My open questions are : 1) under ppp profile , compression=yes what willreally ...
by greencomputing
Thu Aug 29, 2013 11:33 pm
Forum: Wireless Networking
Topic: One usermanager hotspot and some hotspots.
Replies: 2
Views: 1203

Re: One usermanager hotspot and some hotspots.

Hi there did you added the 2 router ip entries on the usermanger corresponding to the 2 NAS : / radius add service=hotspot address=y.y.y.y secret=123456 / radius add service=hotspot address=z.z.z.z secret=123456 did you increase the Radius timeout on the nas / hotspot side? If this didn't help , may...
by greencomputing
Thu Jul 11, 2013 11:56 am
Forum: Wireless Networking
Topic: nv2 QoS in details
Replies: 0
Views: 1922

nv2 QoS in details

Hi there, I was trying to use nv2 qos on a p2mp architecture where ap and cpes are mikrotik devices, all of them equipped with RouterOs 5.25. My needing is to give high priority to traffic coming and sent to a specific CPE among the others. reading the docs is not clear to me if nv2 qos queue are ma...
by greencomputing
Wed Jul 10, 2013 6:00 pm
Forum: Wireless Networking
Topic: NV2 qos priority mapping
Replies: 1
Views: 1590

Re: NV2 qos priority mapping

Hi there

based on our experience, the correct ones are listed on the wiki. in the other case you emntion may be a typo created the different mapping
by greencomputing
Thu Feb 28, 2013 4:49 pm
Forum: General
Topic: how to get the "avg-rtt" value of command "ping" [SOLVED]
Replies: 4
Views: 4716

Re: how to get the "avg-rtt" value of command "ping" [SOLVED]

Hi sir the ping retun value is defined to be related to the # of count set in the ping command . That is the theory ... but you need some effective and working solution so I'll stop here the words and now the substances to get the rtt on the average I used a workaround using the /tool flood-ping uti...
by greencomputing
Thu Feb 14, 2013 6:20 pm
Forum: General
Topic: log lines lost when sent to remote syslog server via script
Replies: 0
Views: 947

log lines lost when sent to remote syslog server via script

hi there if you set info topics to be logged remotely and try to execute the following simple mikrotik script ( several RouteOS 5.x tested), at least at the first execution, you will receive on the remote syslog server just 1 line , eg remote log test 1 . the other lines generated will not be send a...
by greencomputing
Sat Dec 01, 2012 11:55 am
Forum: General
Topic: Huawei E169
Replies: 15
Views: 7704

Re: Huawei E169

Thanks a lot giopao, your help is still effective nowdays!!! with huge amount of E169 internet key it's working like a charme.
by greencomputing
Thu Oct 11, 2012 2:06 am
Forum: Wireless Networking
Topic: Wireless Bridge between 2 SXT
Replies: 1
Views: 1585

Re: Wireless Bridge between 2 SXT

Hi sir

did you try to bridge in wds mode? that's working very good here.

please try it using this receipt :

http://wiki.mikrotik.com/wiki/Transpare ... o_Networks

have fun

greencomputing
by greencomputing
Mon Oct 01, 2012 4:02 pm
Forum: General
Topic: L2TP link with high latency (300 ms)
Replies: 1
Views: 1669

L2TP link with high latency (300 ms)

Hi there I'm setting up a ptp link using l2ptp in order to merge two remote branch offices trough public Internet. I made this several times int he past and everything was runnin like a charm but ... today a ping test between the two sites it's giving me up to 300 ms usinf the ip assigned to the lt2...
by greencomputing
Wed Sep 26, 2012 6:38 pm
Forum: General
Topic: Problem with VoIP Server Over mikrotik
Replies: 4
Views: 2089

Re: Problem with VoIP Server Over mikrotik

Hi there
did you solved the issue? morover did you disable firewall on the OS where 3cx client is running? And did you disable SIP helper on mikrotik rb?

Let me know the staus of this issue for you case
have a nice day
by greencomputing
Fri Aug 31, 2012 6:38 pm
Forum: General
Topic: RouterBOARD setup connect two networks over bridge
Replies: 3
Views: 1210

Re: RouterBOARD setup connect two networks over bridge

Hi Sir
where is the issue you are having?

thanks in advance
by greencomputing
Fri Aug 24, 2012 11:17 am
Forum: RouterBOARD hardware
Topic: rb1200 port names
Replies: 3
Views: 1551

Re: rb1200 port names

Hi there
we solved it performing a netinstall

hoping this will help
by greencomputing
Fri Aug 24, 2012 10:43 am
Forum: General
Topic: Multiple PPPoEs without load balancing.
Replies: 3
Views: 1117

Re: Multiple PPPoEs without load balancing.

That's working here. May you show us which host you ping ,routing tables used and nat rules ?
by greencomputing
Fri Aug 24, 2012 10:23 am
Forum: General
Topic: youtube in multiple WAN
Replies: 2
Views: 2671

Re: youtube in multiple WAN

Hi sir you can accomplish this using policy based routing concepts in a standard way on the mikrotik. The idea is to select all youtube traffic and routing mark it in such way, youtube will use only the link you decide. Creating dynamic youtube ip address list Youtube like facebook and other sites/w...
by greencomputing
Thu Aug 23, 2012 10:36 am
Forum: The User Manager
Topic: Please Help Me
Replies: 8
Views: 3671

Re: Please Help Me

HI Sir on Mikrotik side you need to enable netflow . this is an example : /ip traffic-flow set active-flow-timeout=30m cache-entries=512k inactive-flow-timeout=15s interfaces=all /ip traffic-flow target add address=172.19.20.23:9996 v9-template-refresh=20 v9-template-timeout=30m version=5 for furthe...
by greencomputing
Tue Aug 21, 2012 6:21 pm
Forum: General
Topic: Qos Implementing for voip traffics
Replies: 1
Views: 785

Re: Qos Implementing for voip traffics

sounds interesting. may you give here http://forum.mikrotik.com/viewtopic.php?f=2&t=62958 your contribution?
have a nice day
by greencomputing
Fri Aug 17, 2012 6:12 pm
Forum: General
Topic: Give Hotspot A Pool Different Than LAN Subnet
Replies: 5
Views: 2697

Re: Give Hotspot A Pool Different Than LAN Subnet

That's not elegant I know but it's working fine. On the other hand we didn't succed, right now, to find better solution to apply on production systems.
by greencomputing
Fri Aug 17, 2012 5:28 pm
Forum: General
Topic: Give Hotspot A Pool Different Than LAN Subnet
Replies: 5
Views: 2697

Re: Give Hotspot A Pool Different Than LAN Subnet

That's possible as it is possible to assign ip addresses from the same subnet to different interfaces. amazing but possible :)
take a look for example at : http://wiki.mikrotik.com/wiki/Manual:Lo ... bnet_links

have a nice day
by greencomputing
Fri Aug 17, 2012 5:00 pm
Forum: General
Topic: Give Hotspot A Pool Different Than LAN Subnet
Replies: 5
Views: 2697

Re: Give Hotspot A Pool Different Than LAN Subnet

Hi there did you assign an ip of class 10.10.10.0/24 to the ether/wlan interface on which the hotspot is running? Moreover to have a determinstic result try to : 1) define the HS pool and set the DHCP to use it 2) assign to proper ethernet /wlan port one of the ip belonging to the HotSpot 3) execute...
by greencomputing
Fri Aug 17, 2012 12:32 pm
Forum: General
Topic: Super Webfig proof of concept
Replies: 4
Views: 4010

Re: Super Webfig proof of concept

Thanks to share with us this. It's summarize what we also feel it's missing here.
by greencomputing
Fri Aug 17, 2012 12:09 pm
Forum: Beginner Basics
Topic: Bridge Works but fails to limit bandwidth
Replies: 9
Views: 14163

Re: Bridge Works but fails to limit bandwidth

just a question : In the queue definition you are asserting that 192.168.105.71 is reachable trough interface External-Traffic. is this correct? may you remind me how the bridge is definedi in terms of ports?
by greencomputing
Fri Aug 17, 2012 10:35 am
Forum: The User Manager
Topic: Web Statitics
Replies: 4
Views: 3074

Re: Web Statitics

An external Netflow capable host is needed . On the other hand you can browse accounting information that is generated on the mikrotik under /ip accounting and enabled web access under /ip accounting web-access . Of course you will find just textual information like the following : [admin@MikroTik] ...
by greencomputing
Thu Aug 16, 2012 5:41 pm
Forum: The User Manager
Topic: Web Statitics
Replies: 4
Views: 3074

Re: Web Statitics

Hi sir interesting statistics could be collected activating NetFlow on mikrotik rouetboard side and the collect the flows on a server using for example nfdump and Nfsen amazing tools. For nfdump take a look to http://nfdump.sourceforge.net/ While on how to enable NetFlow on RouterOS side, pleaser ef...
by greencomputing
Thu Aug 16, 2012 4:58 pm
Forum: Beginner Basics
Topic: Bridge Works but fails to limit bandwidth
Replies: 9
Views: 14163

Re: Bridge Works but fails to limit bandwidth

you are welcome

happy to hear it works!
by greencomputing
Thu Aug 16, 2012 3:40 pm
Forum: Beginner Basics
Topic: Bridge Works but fails to limit bandwidth
Replies: 9
Views: 14163

Re: Bridge Works but fails to limit bandwidth

Hi sir
did you check that use-ip-firewall is enabled?

[greencomputing@woderland] > /interface bridge settings print 
            use-ip-firewall: yes
   use-ip-firewall-for-vlan: no
  use-ip-firewall-for-pppoe: no
Hoping it could help you

have a nice day
by greencomputing
Thu Aug 16, 2012 1:21 pm
Forum: Forwarding Protocols
Topic: Policy Based Routing
Replies: 4
Views: 2027

Re: Policy Based Routing

Hi sir the rule will route all your internet traffic trough client vpn so you need to specify also the client dst address/network to be sure that only traffic to the client network will be routed trough VPN. So the idea is, if you know that client private ip/network is CLIENT_IP or CLIENT_NETWORK, t...
by greencomputing
Thu Aug 16, 2012 1:02 pm
Forum: The User Manager
Topic: Please Help Me
Replies: 8
Views: 3671

Re: Please Help Me

Hi sir what you are asking is not achievable using Radius on PPPoE becasue as a standard NAS the mikrotik routeboard is sending cumulative interface statistics to the Radius Server as counters so here is no way to differentiate traffic based on dst ip or port or other flow characteristics. Something...
by greencomputing
Thu Aug 16, 2012 11:57 am
Forum: Beginner Basics
Topic: Need Help Passing Public IP's To Customers (New to the Tik)
Replies: 3
Views: 4399

Re: Need Help Passing Public IP's To Customers (New to the T

Hello with the condition that we want to preserve the current network configuration/design, I suggest you to use NAT on RB750GL. The idea is to assign the public IPs to the RB 750GL and when receivng traffic , change dst nat to reach the real end client host that "own" the IP. Lets say tha...
by greencomputing
Thu Aug 16, 2012 1:34 am
Forum: General
Topic: Central DHCP Server
Replies: 2
Views: 1440

Re: Central DHCP Server

Hi there

I suggest you to perform a load test using BCP instead of eoip. For further informations :
http://wiki.mikrotik.com/wiki/Manual:BC ... _bridging)

hoping this will help you
have a nice day
by greencomputing
Thu Aug 16, 2012 1:18 am
Forum: General
Topic: Problem in Simple queue with PCQ
Replies: 2
Views: 1021

Re: Problem in Simple queue with PCQ

Hello
1Mb is the max-limit on the queue or the pcq-rate? While pcq-rate is unspecified, define max-limit or viceversa or both(define both max-limit and pcq-rate ) otherwise the pcq queue behaviour can have unpredictable effects.

hoping this will help you
have a nice day
by greencomputing
Thu Aug 16, 2012 1:03 am
Forum: General
Topic: Use API over Internet. It is secure?
Replies: 11
Views: 5500

Re: Use API over Internet. It is secure?

Hi sir
that configuration was really helpful! thanks avlot for sharing t with us

have a nice day
by greencomputing
Wed Aug 15, 2012 10:20 am
Forum: General
Topic: How do I redirect port 80 to another server, LAN side?
Replies: 3
Views: 7867

Re: How do I redirect port 80 to another server, LAN side?

Hi sir

this work as requested .
/ip firewall nat 
add action=dst-nat chain=dstnat disabled=no dst-port=80 protocol=tcp \
    to-addresses= 192.168.0.2

add action=masquerade chain=srcnat disabled=no dst-address=192.168.0.2 \
    dst-port=80 protocol=tcp
let me<know and have a nice day
by greencomputing
Wed Aug 15, 2012 1:50 am
Forum: General
Topic: Simple QUEUE
Replies: 1
Views: 4342

Re: Simple QUEUE

Hi sir to have simple queue working in a deterministic way as expected, please define both properties target-addresses and interface . Doing so you will observe a queue behaviour as expected. As reported by wiki http://wiki.mikrotik.com/wiki/Manual:Queue : Be careful to configure both of these optio...
by greencomputing
Wed Aug 15, 2012 1:40 am
Forum: Wireless Networking
Topic: Can Mikrotik RB751U-2HnD handle 200 users at the same time?
Replies: 7
Views: 3888

Re: Can Mikrotik RB751U-2HnD handle 200 users at the same ti

An AP with 200 wireless client in my experience can offer limited quality of service under daily life condition like: 1) if use NV2 the latency will be be influenced by the number of active client. if you use 802.11 wireless protocol collision model will be dramatically influecned by number of users...
by greencomputing
Wed Aug 15, 2012 1:14 am
Forum: Beginner Basics
Topic: Tunnel OVPN Mikrotik Client - Error DES-EDE3
Replies: 1
Views: 2184

Re: Tunnel OVPN Mikrotik Client - Error DES-EDE3

Hi sir RouterOS OpenVPN does not support LZO compression so disable it on Linux server side and it will work as expected. from openvpn config file # This option defines whether to use LZO compression. # If enabled, it must be enabled at both ends of the VPN connection. #comp-lzo hoping this will hel...
by greencomputing
Tue Aug 14, 2012 1:21 pm
Forum: General
Topic: Router Lockup
Replies: 1
Views: 882

Re: Router Lockup

getnextgetbulk 1.3.6.1.2.1.2.2.1.1.226 means that an snmpwalk is running on some snmp agent inspecting your router. Do you have Dude gathering routerboard info via snmp to monitor your system or Zabbix? Try to disable /ip snmp and see if the system become stable.
by greencomputing
Tue Aug 14, 2012 1:06 pm
Forum: Forwarding Protocols
Topic: Two routers in one subnet
Replies: 5
Views: 3420

Re: Two routers in one subnet

When you say that mikrotik send packet direct to the client , this means that mikrotik has tre legs one for each VLAN? If so, why you didn't set as gateway on the 3 VLAN clients as default gateway the mikrotik router?
by greencomputing
Tue Aug 14, 2012 2:30 am
Forum: General
Topic: how to get srcnat modified src ip/port after postrouting
Replies: 5
Views: 1878

Re: how to get srcnat modified src ip/port after postrouti

Hi peson

it's working :)

thank you so much for the effort you applied to solve my problem.

really appreciated.

have a nice day!
by greencomputing
Mon Aug 13, 2012 6:39 pm
Forum: Beginner Basics
Topic: ADLS configuration and internet in lan
Replies: 3
Views: 2171

Re: ADLS configuration and internet in lan

hi there I recommend you to apply masquerade specifying out-interface the pppoe created interface ( in the example I named it pppoe-WAN. here an example. /ip firewall nat add action=masquerade chain=srcnat disabled=no out-interface=pppoe-WAN hoping this will help you completing the task have a nice ...
by greencomputing
Mon Aug 13, 2012 6:00 pm
Forum: General
Topic: RB450- Timeout issues
Replies: 1
Views: 1241

Re: RB450- Timeout issues

Hi sir the never expiring session could be related to undeleted cookies. Be sure that under /ip hotspot profile you are using a profile with cookie auhthentication disabled . morevoer under /ip hotpost cookies delete any entry you 'll find. here you have an example based on http-chap /ip hotspot pro...
by greencomputing
Mon Aug 13, 2012 5:24 pm
Forum: Scripting
Topic: login using ssh keys problem!
Replies: 9
Views: 8990

Re: login using ssh keys problem!

as promised here you ahve a working example of sshd_config file used on one of my test server : root@greencomputing:/etc/ssh# more sshd_config # Package generated configuration file # See the sshd_config(5) manpage for details # What ports, IPs and protocols we listen for Port 22 # Use these options...
by greencomputing
Mon Aug 13, 2012 5:08 pm
Forum: General
Topic: Bugreport: dns does not use dinamicly set dns-es from dhcp
Replies: 3
Views: 1595

Re: Bugreport: dns does not use dinamicly set dns-es from dh

Really interesting ... I tried the same test on a 532 miple equipped with RouterOs 5.19 but I was not able to reproduce your problem. I'm becoming blind .. where is the difference ? [greencomputing@dreamland] /ip dns cache> /system resource print uptime: 19m49s version: 5.19 free-memory: 11820KiB to...
by greencomputing
Mon Aug 13, 2012 4:05 pm
Forum: Scripting
Topic: API Command to edit Radius IP address
Replies: 4
Views: 2727

Re: API Command to edit Radius IP address

Hi Sir the command is not working because you need to get and specify the entries id to run the set ip command. In the following example, we read the list of radius entries with the assumptions that we are interested to the only one row occurring, and thus we use the id we get in the read , to build...
by greencomputing
Mon Aug 13, 2012 3:46 pm
Forum: General
Topic: how to get srcnat modified src ip/port after postrouting
Replies: 5
Views: 1878

Re: how to get srcnat modified src ip/port after postrouti

if it help to describe the solution , yes, think that we already know the src priavte ip/port and dst /port and we want to know the modified public src ip/port as built by src nat rule. The reqirement is that this natted src ip/port must be recorded/logged automaically by a firewall/filter/nat rule.
by greencomputing
Mon Aug 13, 2012 1:24 pm
Forum: General
Topic: how to get srcnat modified src ip/port after postrouting
Replies: 5
Views: 1878

how to get srcnat modified src ip/port after postrouting

Hi folks do you think is possible to create a new chain, may be using a sort of trick (trough virtual interfaces, brdiges,etc) , to have extra processing just after srcnat rules (immediately after postrouting). My goal is to discover the ip used as src ip /port as applied by the src nat rules. To cl...
by greencomputing
Mon Aug 13, 2012 11:52 am
Forum: Forwarding Protocols
Topic: Mikrotik 450G Version 5.18 few web sites are not working
Replies: 1
Views: 1777

Re: Mikrotik 450G Version 5.18 few web sites are not working

Hi there basically I see 2 possibility. 1) you have encountered the dns caching issue affecting routeros as described in this interesting topic : http://forum.mikrotik.com/viewtopic.php?f=2&t=58243 5.19 doesn't solve the issue. As workaround , disable DNS caching using external ones. 2) If you a...
by greencomputing
Mon Aug 13, 2012 11:22 am
Forum: Beginner Basics
Topic: Multiple L2TP/IPsec sessions from one WAN IP
Replies: 2
Views: 4715

Re: Multiple L2TP/IPsec sessions from one WAN IP

Hi Sir maybe it's a license issue. If you have a Free Level RouterOS license, the maximum number of L2TP concurrent tunnels is 1. another check is to use different l2tp accounts and assign to each one differents remote ip under /ppp secret If this doesn't help , share the configuration so we can loc...
by greencomputing
Mon Aug 13, 2012 2:40 am
Forum: General
Topic: traffic shaping with one interface
Replies: 3
Views: 2292

Re: traffic shaping with one interface

Hi there to implement traffic shaping quickly you can use simple queue, specifically one queue for each VM. Suppose that the mikrotik router has 190.190.190.1 ip on interface ether1 (where reside the other VMs) . You can define just 100 queue one for each Vm as in the following : [admin@greenComputi...
by greencomputing
Mon Aug 13, 2012 2:22 am
Forum: Scripting
Topic: login using ssh keys problem!
Replies: 9
Views: 8990

Re: login using ssh keys problem!

Hi sir the procedure to connect from RouterOS as client to another ssh server is slightly different: 1) you need to import both public and private key under /user ssh-keys private /user ssh-keys private import private-key-file=sshkey public-key-file=sshkey.pub user=connect 2) make sure that you copi...
by greencomputing
Sun Aug 12, 2012 7:37 pm
Forum: General
Topic: Regexp oddity: DHCP
Replies: 1
Views: 1280

Re: Regexp oddity: DHCP

Hi there I repeated your test using the hex representation of the literals S,s,c and I confirm what you had. In my opinion there is a swap in the code between 'S' (upper case ) and 's' (lower case). ASCII encoding says that : hex_value('s')=0x73 hex_value('S')=0x53 while on RouterOS , if you write e...
by greencomputing
Sun Aug 12, 2012 1:30 am
Forum: General
Topic: Authentication of PPPOE sessions when Radius or SQL is down
Replies: 8
Views: 5261

Re: Authentication of PPPOE sessions when Radius or SQL is d

we know that the perfect sys admin has 2 web server, 2 freeradius, 2 router 2 switch and that 2 is better than one in a lot of moment of our daily life but this thread is about a way to mimic the cisco equipment behaviour in case of fall back as described initially by SBastardi
by greencomputing
Sat Aug 11, 2012 4:19 am
Forum: General
Topic: Prioritizing DHCP
Replies: 4
Views: 2998

Re: Prioritizing DHCP

Traffic generated by DHCP server running on the rb is going trough the output chain, using udp port 67 and 68 . To mark it you can use mangle rules: /ip firewall mangle add action=mark-packet chain=output new-packet-mark=DHCP_TRAFFIC protocol=udp src-port=67 add action=mark-packet chain=output new-p...
by greencomputing
Sat Aug 11, 2012 3:34 am
Forum: Beginner Basics
Topic: Hard time getting any port fowarding to work
Replies: 9
Views: 2584

Re: Hard time getting any port fowarding to work

The 3 accept rules 1 chain=input action=accept protocol=tcp dst-port=7778 2 chain=input action=accept protocol=tcp dst-port=8000 3 chain=input action=accept protocol=tcp dst-port=8001 will never be matched because the correct chain is forard and not input . Change the chain to forward and it will wo...
by greencomputing
Sat Aug 11, 2012 3:15 am
Forum: General
Topic: using 2 link like bonding
Replies: 3
Views: 1365

Re: using 2 link like bonding

Hi sir if links terminate on the same switch and has 2 different IP subnet (2 different VLANs), you can use PCC to load balance or ECMP or policy routing . In this case the theoretical 80Mbits (optimal utilization) could be not reached because for example using as PCC the lan client addresses, if th...
by greencomputing
Sat Aug 11, 2012 2:51 am
Forum: General
Topic: Reserving bandwidth with queue trees?
Replies: 2
Views: 1895

Re: Reserving bandwidth with queue trees?

Hi sir Http-in_B will not be used becasue you are using the same packet mark as on Http-in_A. Now if traffic is entering the child queue Http-in_A it will never come back to go also trough Http-in_B queue. On the other hand , in my opinion you do not need queue Http-in_B but just increase the max li...
by greencomputing
Sat Aug 11, 2012 2:09 am
Forum: Beginner Basics
Topic: Hard time getting any port fowarding to work
Replies: 9
Views: 2584

Re: Hard time getting any port fowarding to work

Hi sir
may you show me how did you define the local src-address list (chain=inbound action=accept src-address-list=local )?

Just to be sure that local addresses can forward without be catched by the drop rule


thanks
by greencomputing
Sat Aug 11, 2012 1:47 am
Forum: General
Topic: Authentication of PPPOE sessions when Radius or SQL is down
Replies: 8
Views: 5261

Re: Authentication of PPPOE sessions when Radius or SQL is d

Hi sir We implemented a workaround to mimic that requirement, on a customer network that used a single instance of a radius service + mongoDB running on a linux based freeradius platform. The solution is just for few hundred of subscribers (there was the guarantee of a 400 maximum number of subscrib...
by greencomputing
Sat Aug 11, 2012 1:00 am
Forum: General
Topic: Limit bandwidth on NAT firewall rule
Replies: 2
Views: 6101

Re: Limit bandwidth on NAT firewall rule

Hi sir to limit the bandwidth you can apply simple queue where the target address could be the 192.168.1.10 . The download and upload direction are then defined trough the specification of interface and target address/subnet. For example : [admin@MikroTik]> /queue simple add name=bandwidth_limit tar...
by greencomputing
Fri Aug 10, 2012 1:14 pm
Forum: Wireless Networking
Topic: Roaming in 2AP diferent network
Replies: 12
Views: 4391

Re: Roaming in 2AP diferent network

I see. Whenever you do not need to implement AAA policy, you can just enable a DHCP service on the Wlans (configured accordingly to your already existsig networks pools ) and using the same wireless security profile on both APs. Otherwise, a PPPoE Service running on the AP + Radius Service will be a...
by greencomputing
Fri Aug 10, 2012 1:03 pm
Forum: The Dude
Topic: How to monitor a switch cisco, with rmon
Replies: 2
Views: 3773

Re: How to monitor a switch cisco, with rmon

Hi Masc you can not use Rmon just becasue it's a monitoring methodology (trough snmp MIB) that needs as prerequisite SNMP service running and in your case as you said on Cisco SG200-26 snmp service is not available. Take care that RMON isn't really another protocol but just an SNMP extension implmen...
by greencomputing
Fri Aug 10, 2012 11:39 am
Forum: Wireless Networking
Topic: Roaming in 2AP diferent network
Replies: 12
Views: 4391

Re: Roaming in 2AP diferent network

Hi sir you can do it using WDS and brigde mechanism offered by Mikrotik APs/RouterOS. Several topics on the forum give interesting and working solution to roaming needs. Just as an example take a look to this : http://forum.mikrotik.com/viewtopic.php?f=7&t=22033 Hoping it helps you have a nice day
by greencomputing
Fri Aug 10, 2012 11:32 am
Forum: General
Topic: mikrotik drops connection
Replies: 19
Views: 13620

Re: mikrotik drops connection

Hi sir
did you check ethernet port setting on both x86 and LAN switch in terms of speed and autonegotiation ? morover did you try to use as test another port on the x86 and/or switch in order to exclude that the eth port is broken?


hoping it helps you
have a nice day
by greencomputing
Thu Aug 09, 2012 3:44 pm
Forum: Beginner Basics
Topic: Router OS Kernel Problem .... Help Please
Replies: 3
Views: 1537

Re: Router OS Kernel Problem .... Help Please

Here we just re-installed using netinstall according to wiki documents as usual. While using netinstall the softID will not be lost . Thus, after re-installing , reconfigure to activate Internet connectivity on the RB and it will download the license key associated with your softID again. Hoping thi...
by greencomputing
Thu Aug 09, 2012 1:19 pm
Forum: Beginner Basics
Topic: Router OS Kernel Problem .... Help Please
Replies: 3
Views: 1537

Re: Router OS Kernel Problem .... Help Please

Hi sir
it could be a bad block issue.

try to netinstall againf RoS from the scratch and pay attention to the % of bad blocks.

It was a solution for us .

If netinstall will succeed, I suggest you to run
/system check-disk 
by greencomputing
Wed Aug 08, 2012 5:09 pm
Forum: General
Topic: How to limit number of concurrent connections in Mikrotik
Replies: 6
Views: 8172

Re: How to limit number of concurrent connections in Mikroti

Hi sir To limit the number of concurrent sessions, you can do it using the property connection-limit under /ip firewall filter. Using an example found on this forum (and on the wiki) : max 100 connection for every host ip (32 bit of netmask) : /ip firewall add chain=forward protocol=tcp tcp-flags=sy...
by greencomputing
Wed Aug 08, 2012 3:17 pm
Forum: General
Topic: Hostname in Firewall
Replies: 2
Views: 1151

Re: Hostname in Firewall

Hi sir you can implement the requirement using routing marking , having a firewall mangle rule that will mark the packets with destination ip = pay4surf website ip here you have a procedure to force the traffic to site with ip xx.yy.zz.ww going trough the ISP for which you already payed. 1) apply ro...
by greencomputing
Wed Aug 08, 2012 1:28 pm
Forum: General
Topic: download speed limit per connection after some time
Replies: 6
Views: 12296

Re: download speed limit per connection after some time

Hi there instead of using a time treshold what about using a volume of bytes already downloaded treshold? The idea is : currently a client downloaded 12 Mbytes of data. As soon as the client will reach the treshold of 15 Mbytes it will loose the current priority 1 and classified as priority 2 until ...
by greencomputing
Wed Aug 08, 2012 12:51 pm
Forum: Beginner Basics
Topic: RB1100 configuration issue
Replies: 1
Views: 912

Re: RB1100 configuration issue

Hi there providng that the ip connection to your ISP is taking place trough the cable connected to the ether2 of your rb you can do this : 1) open winbox and from the left menu anel choose new terminal 2) having a shell cut and past on the prompt the following bold lines: [admin@greencomupting]> /ip...
by greencomputing
Wed Aug 08, 2012 11:49 am
Forum: General
Topic: "Independent Learning" on Switch VLAN
Replies: 2
Views: 11703

Re: "Independent Learning" on Switch VLAN

Good morning sir, the independent-learning you found on vlan configuration is a VLAN learning approach as stated by the IEEE 802.1ad standard. Just to know it's shorted as IVL. When brdiges learn mac address on the switch ports looking on src mac address, they can store this informations on a shared...
by greencomputing
Wed Nov 16, 2011 3:02 pm
Forum: General
Topic: Hotspot and IPv6?
Replies: 1
Views: 1051

Re: Hotspot and IPv6?

Hi there
did you try to configure IPv6 on Hotspot RoS ? If you plan to have dual stack execution you will solve this issue. For example using http://wiki.mikrotik.com/wiki/Setting_up_DHCPv6 to configure dhcv6?

Hoping it's useful to you
ciao
by greencomputing
Wed Nov 16, 2011 3:25 am
Forum: General
Topic: NAT-T & IPSec Issues still exist
Replies: 25
Views: 15665

Re: NAT-T & IPSec Issues still exist

did you take in consideration to use a weak but light tunneling method like pptp and giving access to remote users just to the services that they really need using further password mechanism. you implemnt sandbox like schema using /ip/fireall/filter and checking that jailed user can just go on some ...
by greencomputing
Wed Nov 16, 2011 3:15 am
Forum: The User Manager
Topic: Differences between Mikrotik User manager and Radius
Replies: 2
Views: 2131

Re: Differences between Mikrotik User manager and Radius

Hi there Mikrotik solution used by userMAnager package is to be used as it is trough the GUI it's offering you. To gtet the picture quickly you can follow the link at http://userman.mt.lv/userman for online demo. The UsermManager is a package thta you can upload and enable in your licensed Mikrotik ...
by greencomputing
Wed Nov 16, 2011 3:07 am
Forum: General
Topic: Problem with PPPoE connection
Replies: 6
Views: 1750

Re: Problem with PPPoE connection

Hi Goran suppose that you have created successfully the ppoe and it's on routerOs Interface menu occuring as interfacewith name pppoe-1 . Just add a default gateway as next hop the pppoe interface and not the other side IP on that interface . For example : /ip route add distance=1 dst-address=0.0.0....
by greencomputing
Thu Nov 10, 2011 2:13 am
Forum: General
Topic: NAT and the Law
Replies: 2
Views: 1254

Re: NAT and the Law

Hi there I'm afraid but NetFlow will not work because intrinsic definition of flows. What you will get will be the communication end-to-end so nothing about the public ip used as NAT public ip. To say : IPs : private ip IPnat : public nat ip IPd : public destinaiton IP. Merely, netflow will send inf...
by greencomputing
Tue May 17, 2011 5:07 pm
Forum: General
Topic: Policy routing
Replies: 3
Views: 1131

Re: Policy routing

Hi there
may you change rule #4 removing the connection-mark=ftpbg setting?
I mean that rule 4 needs to appear as :
 4   chain=prerouting action=mark-connection new-connection-mark=ftpbg passthrough=no dst-address=1.1.1.99 in-interface=ether3-local-master

Ciao
by greencomputing
Sat May 07, 2011 2:24 am
Forum: General
Topic: NAT mapping logging
Replies: 4
Views: 1509

Re: NAT mapping logging

Hi there
yes in case of 1:1 mapping there are no problems, but in case of masquerade for example or in case of a public address pool shared among K times greater private addresses using for example PCC and mangling to assign public ips, the problem could occur.
by greencomputing
Wed May 04, 2011 4:34 pm
Forum: General
Topic: NAT mapping logging
Replies: 4
Views: 1509

Re: NAT mapping logging

Hi Vilius
I had the same requirement as you . On this link http://forum.mikrotik.com/viewtopic.php?f=2&t=41261 I posted my experience. It seems that law requirremtnes are missing around several countries in Europe.

Have a nice day and let me know whenever you will have any news on this!!!
by greencomputing
Mon May 02, 2011 11:09 pm
Forum: General
Topic: is there any way to log NAT?
Replies: 20
Views: 19086

Re: is there any way to log NAT?

Hi there did the last configuraiton meets your requests? I think it will not work because it's related to private client ip and that will not work always (in Itlaly for example that is a problem because privacy/interception law). here an example : 1) think of a scenario where thousands connection ar...
by greencomputing
Fri Feb 18, 2011 2:34 am
Forum: Beginner Basics
Topic: Graphing and related data
Replies: 1
Views: 699

Re: Graphing and related data

Hi joebowen
have you considered to inspect snmp object that contain that informations? you can collect the data you ask simply query snmp specific oid representing the counter you are interested in (usign for example snmpwalk in a job running every 30 second )

have a nice day
by greencomputing
Fri Feb 18, 2011 1:46 am
Forum: General
Topic: Load balancing after routing table lookup
Replies: 2
Views: 1568

Re: Load balancing after routing table lookup

Hi there the idea is to use a mangle rule where you apply PCC to dst address NOT included in an ip address list containing the destination for which you had already defined a preferred rpute in the routing table. Example : if you have already the route for destination 192.168.1.0/24 well, add a new ...
by greencomputing
Fri Feb 18, 2011 1:36 am
Forum: Scripting
Topic: Mikrotik ARP Oid and Cacti
Replies: 1
Views: 2324

Re: Mikrotik ARP Oid and Cacti

Hi there here you have the OID (of course , it's a table) : 1.3.6.1.2.1.4.22.1.2. and example using a simple snmpwalk running : snmpwalk -v 1 -c community -m all X.Y.Z.W .1.3.6.1.2.1.4.22.1.2 RFC1213-MIB::ipNetToMediaPhysAddress.2.17.20.29.4 = Hex-STRING: 00 26 F2 3F 4B 48 RFC1213-MIB::ipNetToMediaP...
by greencomputing
Fri Feb 18, 2011 1:11 am
Forum: The User Manager
Topic: RB493 User Manager install problem
Replies: 2
Views: 1796

Re: RB493 User Manager install problem

Hi interesting issue. May you check the free space on the disk? btw have you created to rebuild the DB? Try to do this /tool user-manager database rebuild Or as reported by Ekkas ( http://forum.mikrotik.com/viewtopic.php?f=10&t=25728 ) , try before to delete also log entries (just if you see a d...
by greencomputing
Tue Jan 11, 2011 2:48 am
Forum: Beginner Basics
Topic: basic bridge setup
Replies: 11
Views: 2369

Re: basic bridge setup

sure you can create a back haul.
In order to create a bridged compund system, please on every RB add ports belonging to the same bridge together. also use wds station for wireless configuraiton section , on the station part
by greencomputing
Thu Dec 23, 2010 6:02 pm
Forum: General
Topic: v4.16 released
Replies: 74
Views: 18464

Re: v4.16 released

Hi normis
what about nstreame stability on 4.16? is the problem still open? after 3.30 Nstreme for us became a disaster in our wi-network
by greencomputing
Wed Dec 22, 2010 11:50 pm
Forum: General
Topic: 4.x to 3.30 downgrade problem
Replies: 7
Views: 2917

Re: 4.x to 3.30 downgrade problem

Ciao Normis I'm having same problem . I must downgrade urgently that version because it's not working with NSTREME. How can I come back to 3.30? Do you think it's normal to do not have backward compability with packages installation mechanism ? really a pain . Mikrotik help us!!!! I know about hundr...
by greencomputing
Wed Jul 07, 2010 8:37 am
Forum: General
Topic: Help with load balancing setup (dynamic addresses)
Replies: 6
Views: 1719

Re: Help with load balancing setup (dynamic addresses)

Ciao exactly I mean that rules. I'm thinking this : while I exclude local rules to be catched by routing marking using the extra parameter dst-address-type != local, why I need to add also something like : add chain=prerouting dst-address=X.Y.Z.L/24 action=accept in-interface=Local ? where X.Y.Z.L/2...
by greencomputing
Sun Jul 04, 2010 2:23 pm
Forum: General
Topic: Help with load balancing setup (dynamic addresses)
Replies: 6
Views: 1719

Re: Help with load balancing setup (dynamic addresses)

the example was quite self evident... you are answring on something alredy clear . the main question is as already asked : if we use the dst-address-type!=local , why we need to specify also local routes? my question was exactly on all the other scenarios excpet what you emntion (the only alread rea...
by greencomputing
Thu Jul 01, 2010 6:40 pm
Forum: Beginner Basics
Topic: LOG:How to log detailed info on (nattedsrcIP,nattedsrcPORT)
Replies: 3
Views: 1938

Re: LOG:How to log detailed info on (nattedsrcIP,nattedsrcPO

Thanks Feklar but I have to save bandwidth so that work around doesn't fit my case :( Anyway ... I realized RouterOs has no way to perform what I need in elegant way. May be a future release will give the possibility to dump a complete packet in case of action log under filter submenu
by greencomputing
Tue Jun 29, 2010 1:47 am
Forum: Beginner Basics
Topic: LOG:How to log detailed info on (nattedsrcIP,nattedsrcPORT)
Replies: 3
Views: 1938

Re: LOG:How to log detailed info on (nattedsrcIP,nattedsrcPO

Hi there I found something similar to my question here http://forum.mikrotik.com/viewtopic.php?f=2&t=12556&hilit=log+masquerade+public+ip . I can't use torch because there is huge traffic on interfaces and morover ip accounting doesn't help really: there are no port informations. any idea to...
by greencomputing
Tue Jun 29, 2010 12:29 am
Forum: General
Topic: Help with load balancing setup (dynamic addresses)
Replies: 6
Views: 1719

Re: Help with load balancing setup (dynamic addresses)

1) that interesting question . whenever some one will address your local dynamic ip got on local ppoed end, there is a flag that will exclude that it's marked with mangle rule : on all mangle you have dst-address-type=!local . this means that everything sent to local address belonging to the router ...
by greencomputing
Wed Jun 23, 2010 5:32 pm
Forum: General
Topic: How can they get it done?
Replies: 6
Views: 1755

Re: How can they get it done?

In my opinion they use MLPPP having asymmetric xdsl. on on side they do just upload/and managing traffic and on the other 7 ADSL they receive the download. Nice way to optimize adsl usage!!!!
by greencomputing
Wed Jun 23, 2010 2:38 pm
Forum: General
Topic: IP core
Replies: 2
Views: 1345

Re: IP core

are users connected by wlan or eth? in first case are you using WDS? you can filter block using /ip filter and disabling default-forwarding on wlan
interfaces
by greencomputing
Wed Jun 23, 2010 2:28 pm
Forum: General
Topic: hotspot problem!
Replies: 2
Views: 819

Re: hotspot problem!

did you checked that DNS configruation is fullfilled with some dns . what about dns cache content: is there a static entry with your hotspot dns name you choose at configuration time? Please let us know more information about confiuration status oin order to have it corretly working
by greencomputing
Wed Jun 23, 2010 2:03 pm
Forum: Beginner Basics
Topic: Send message to all active users
Replies: 6
Views: 5723

Re: Send message to all active users

Hi do you mean pop up message on a http browser when users try to surf on the Web. It this is the case you can enable ip-proxy feature on your RouterOS and then force all connection with dst port 80 (for example ) to be redirect to local proxy (in order to have transparent . hoping this will address...
by greencomputing
Wed Jun 23, 2010 1:35 pm
Forum: Beginner Basics
Topic: LOG:How to log detailed info on (nattedsrcIP,nattedsrcPORT)
Replies: 3
Views: 1938

LOG:How to log detailed info on (nattedsrcIP,nattedsrcPORT)

Hi there I need to log src nat information about udp/tcp sessions leaving my routeros (a 750 rpouterboard equipped with 4.9 RoS). On ehternet1 I have a public IP XX.YY.ZZ.LL On ehternet2 I have a private IP 192.168.1.1 used in my private network 192.168.1.0/24 as default gateway to access the public...