MikroTik

stefanosp

Please, how do you solve the problem of having MORE-THEN-ONE internal servers, on different internal IPs? For example, one web server 192.168.88.100 listening on port 443 and one mail server 192.168.88.101 on port 25. From the outside they are both reachable on the same DomainName "www.mydomain...

stefanosp

To bypass the problem, I'm using 2 Routerboards in the same LAN

in the first router, DNS is configured with FWD entries and /ip dns set servers=<the second MIkrotik's IP>
in the second one, DNS is configured with DoH.

It works.

stefanosp

I can forward to DNS servers that are in my LAN or accessible via VPN... No leakage of sensitive information there.

exactly my setup.

I found the entry in the Help Page at https://help.mikrotik.com/docs/display/ROS/DNS

The term "Currently" makes me hope for the future.

stefanosp

would anyone have any ideas to help me please?

Thank you

stefanosp

I've found (in 6.48.4 and in LongTerm 6.47.10) that if I setup a DoH server (in my case, NextDNS), DNS static entries of type "FWD" stops working If I remove DoH server and setup a "normal" DNS server (like 1.1.1.1), DNS FWD static entries work normally. is this normal behavior? ...

stefanosp

Clever solution. Here is a small update. You can declare variable first time its used. Added leading "0" to look better if its only one digit. { :local otp ([/certificate scep-server otp generate minutes-valid=0 as-value]->"password") :local a [:pick "$otp" 0 1] :local...

stefanosp

Thank you. I coded this and it seems to work :local otp ([/certificate scep-server otp generate minutes-valid=0 as-value]->"password") :local a :local b :local c :local hour :local min :local sec :local rndTime :set $a [:pick "$otp" 0 1] :set $b [:pick "$otp" 1 2] :set ...

stefanosp

Goodmorning everyone, I'm writing a script (01) which will then be applied on various different routers. This script (01) adds in routeros a script (02) and a scheduler that activates this script (02). I would like the execution time of this new script (02) to be differentiated on each of the router...

stefanosp

what 6.48 did to my RBD52G-5HacD2HnD config:

resetted both wireless interfaces
removed the bridge
removed SSTP-client interface
..

too bad for a MT fan.

stefanosp

Thank you

stefanosp

We inherited the management of a wireless data network, completely Layer 2, composed by: Mikrotik wireless devices (about 100 devices) Layer 2 switches, Mikrotik and 3rd party. We do not have a network topology scheme. Is there a way to automatically reconstruct the network topology using The Dude? ...

stefanosp

https://www.facebook.com/eolo.it/videos ... 236643428/

min 2.05

stefanosp

I found that high CPU load is due to inactive secrets. I've configured a dozen of users (ppp secret), usually all disabled. On the other sites, I have one Mikrotik router each site that try to connect via SSTP with my central router RB2011L When I need do connect to one remote site, I enable that us...

stefanosp

Thank you jarda,
L2TP (no IPsec) doesn't cause high CPU load. I used L2TP tunnels since a year ago, but I was planning to move to SSTP for encryption level.
Does L2TP (with IPsec) have the same encryption level?

TIA

stefanosp

Hello ,I'm using a RB2011L since I started using SSTP server in early November, the CPU load has progressively increased, even if no SSTP tunnels are active. HIgh CPU load is due to SSL(tool profile) If I disable e re-enable SSTP server, CPU returns to high load in a few seconds, even if no tunnels ...

stefanosp

Hello. For a school I need to block all the websites except for 1 URL https://web.@@@@@@@.it"

That URL is resolved with hundreds of different IP addresses that change every DNS query.

How can I permit only this website?

Thank you...

stefanosp

Hello, I've installed Routeros 6.38.1 x86 on an old Supermicro server, with 2x Intel 82574L LAN cards (onboard). When LAN cables are plugged in, all works ok, but if I unplug network cables, RoutersOS detects interfaces as UP. Do you have any ideas to make RouterOS detects NIC UPs and DOWNs? I read ...

stefanosp

It works. Thank you
May the FSM serve you a cold beer

stefanosp

thank you for your answer.

in the Log windows i can find all the info logs, including L2TP logs.
I'd like to separate L2TP logs from all the other logs.

Thank you

stefanosp

Hello, I have several "l2tp, ppp, info" logs in my Log Windows. They come from the L2TP-client that cannot auth himself to the L2TP server. Please, how can I separate those logs from the remeaning "info" logs? I tried with /system logging action add disk-file-name=l2tp name=L2TP ...

stefanosp

I have 3 MT Routers in a triangle redundant topology, configured with RIP.

How can I monitor link states,? I'd like to be notified when active route is changing.
I cannot use ping or netwatch, of course thank you to redundancy

TIA

stefanosp

thank you both!

stefanosp

hello I'd like to find a type of tunnel that allows me to connect my lan to several remote Natted lans. remote networks are natted with dynamic Public IPs (typically 3G connections), And I cannot configure port forwarding on remote routers. In my side I have a Mikrotik internal router , and a 3rd pa...

stefanosp

Hello

i Have a routerOS Access Point (ap-bridge)

How can I read single wireless links used bandwidht?

thank you.

Stefano

stefanosp

thank you!

stefanosp

Hello,

I need to concentrate about 100 EoIP tunnels on a single Routerboard router, And I need a suggestion for hardware to choose.

Global bandwidth in not over 70/100Mbit/s.

Is it enought powerful a RB3011UiAS-RM?

If not, what routerboard do you suggest?
thank you.

Stefano

stefanosp

Hello I recently built this setup Presentazione standard1.png There's 2 sites [connected via Wireless link] Each site has a default gateway (192.168.0.1 and 10.10.0.254) The Technician (not me) programmed a static route in each gateway router - 192.168.0.0 mask 255.255.255.0 10.10.0.253 for left rou...

stefanosp

HI,

I need to build the attached setup: connect remote sites with multiples redudant wireless link, to achieve automatic backup lines in case of 1 wireless link failure.

I'm not shure I can achieve that only with RSTP an all wireless boards and switches.

Any opinion?
Thank you in advance

Stefano

stefanosp

I Think with "no-radar-detect"

stefanosp

I tried the 2nd option some time ago. This time i'll go for a config rebuild . Thank you

stefanosp

Hello,

with my RB951G-2HnD I have a strange problem

When I run "system backup" command, the result is a very large file that increases until it uses all the free space.

any idea to solve the problem?

TIA

stefanosp

Or enable RIP

/routing rip
set distribute-default=always redistribute-bgp=yes redistribute-connected=yes \
redistribute-ospf=yes redistribute-static=yes
/routing rip interface
add send=v1-2

stefanosp

I think you have to:

BASE
ip route
del 2
add dst-address=192.168.3.0/24 gateway=192.168.2.1

stefanosp

In our company we have a WAN router (PPPoE client router with Public IP Addresses xx.yy.zz.32/29). PPPoE client receives another IP address. (aa.bb.cc.dd/32) MY Provider only routes public IP addresses to my router. So I have to masquerade my "output" packets with public IP address. (forwa...

stefanosp

routeros 6.22 on 951G-2HnD.

every time in Winbox- terminal or via telnet I use the "/export" command, Terminal or Telnet disconnects immediately.

Any idea?
TIA

stefanosp

afaik, In Italy provider BiGTLC uses Mikrotik powered devices.

stefanosp

I Have -118dB on RB711

stefanosp

Good morning and happy ROS6 ! :-) I'll have a router with 1 WAN interface and 3 LAN interfaces. I'd like to achieve a "load balancing" between my LAN interfaces, in such a manner that even in case of intensive use of the network by one of the LAN interfaces, I'll preserve bandwidth for the...

stefanosp

alireza6918, did you solved the problem? I have the same one!

TIA

stefanosp

Seems ok... Try it and see if it works
Maybe you need also routes defined for your gateways...
something like:

I tried a similar configuration at home, and it works.
Now I'll try on that router.
Thank you

stefanosp

Thank you for your answer What I think to do: /ip firewall mangle add action=mark-routing chain=prerouting disabled=no dst-address=77.xxx.xxx.7 new-routing-mark=to_voip passthrough=yes \ src-address=172.16.50.0/24 add action=mark-routing chain=prerouting disabled=no dst-address=172.16.50.0/24 new-ro...

stefanosp

HI, my router has two WAN IP addresses on the same physical port and 5 LAN IP Addresses /ip address> print Flags: X - disabled, I - invalid, D - dynamic # ADDRESS NETWORK INTERFACE 0 192.168.10.2/24 192.168.10.0 ether4-LAN 1 172.16.40.254/24 172.16.40.0 vlan-2 2 172.16.50.254/24 172.16.50.0 vlan-1 5...

stefanosp

Hi guys, I have two Rb411 boards with the same problem: when powered on (either via PoE or 24V power supply), LD501 to LD504 are steady on, LD505 is always off. Eth0 LED are off, no acoustic signal. And obviously, they're not working at all. Are them recoverable or have I to trash them? Thank you. S...

stefanosp

thank you

stefanosp

I'd like my Wireless Client reboots every 5 days at 7 AM. SNTP client is configured, so routeros is always syncronized is it ok a scheduler entry like this? /system scheduler add disabled=no interval=5d name=reboot_once on-event="/system reboot" \ policy=\ ftp,reboot,read,write,policy,test...

stefanosp

thank you for your answer.

obviously I can double my walled garden entries, including 2rd and nTh level domain matchers but I think that an (hypothetical

) universal matcher works better.

BTW, if there's not an universal matcher I'll go for doubling.

Thank you.

stefanosp

unfortunately

dst-host=*.yourdomain.com

doesn't match http://yourdomain.com, but only 3rd level domains, like http://www.yourdomain.com, http://mail.yourdomain.com and so on .

I'd like to find an universal matcher

TIA

stefanosp

Where can I find all the syntax rules for "walled garden add dst-host" entry? I need to allow an entire 2nd or 3rd level domain I read about *.domainname.ext help command in RouterOs (5.15) terminal reports that " \.)mikrotik\.com$" matches everything under mikrotik.com " bu...

stefanosp

Thank you fo your answer.

stefanosp

A friend of mine have a 192.168.1.0/24 network where 192.168.1.1 is the default gateway (a Zyxel firewall). He wants to add a solution to prevent certain PC/users to connect to certain websites. I'm think to use a RB750. I need that RB750 doesn't perform routing but only bridging. Filtered bridging....

stefanosp

Hello,

I have 2 MIkrotik routers

first have a Public IP Address configured on its WAN
2nd is under 3rd party NAT

I need to estabilish a VPN tunnel over these two routers, but I don't have access to the 3rd party firewall

What's the best type of tunnel purpose?

TIA
Stefano

stefanosp

Hi guys, one of our customers have a CCTV system with several IP Dome cameras, and various Mikrotik APs adn routers. Many presets are configurated on Dome cameras. I can recall Dome camera's presets by calling a url address in the browser. I'd like to schedule this operation by using RouterOS schedu...

stefanosp

Please, I need to know how to run a script that alert me when the tx or rx bandwidht on a specific interface is less than a certain threshold

TIA

stefanosp

Good morning. We have 2 physically separated networks network A: 192.168.19.0/24 network B: 192.168.5.0/24 We need create a link between the networks with the maximum speed. We have already created 2 MIMO 5GHz wireless bridge links, with 711A-5Hn-MMCX devices. Now 711A-5Hn-MMCX have IP addresses wit...

stefanosp

Hi at all.

I need to estabilish a dual wireless link using 2x RB433, and 4x 23dB panel antenna.

What's the best RouterOS version to make this? 4.16 or 5.0rc10?

Is there any step-to-step tutorial that helps me for this?

Thank you in advance

Stefano

Search found 55 matches