Community discussions

MikroTik App

Search found 37 matches

by RomelSan
Sun Jan 24, 2021 5:52 am
Forum: General
Topic: Double NAT & no public IP for VPN [SOLVED]
Replies: 10
Views: 8273

Re: Double NAT & no public IP for VPN [SOLVED]

I am in the same scenario and solved by: |Site 1| --> |Internet| --> |Ubuntu OpenVPN| --> |Site 2|, |Site 3|, |Site 4| All of them can ping the other sites. 1. Use VPS (Ubuntu LTS) with a static public IP. --> Mine is vultr.com get the cheapest VPS that give you a static IPv4 2. Install OpenVPN 3. C...
by RomelSan
Fri Aug 10, 2018 9:04 pm
Forum: General
Topic: IPv6 and DNS
Replies: 1
Views: 3110

IPv6 and DNS

Is there a way to set an IPv6 DNS address like the ipv4 dns option... example: "IP > DHCP Server > Networks > Choose an Address > Set DNS Servers"? Is there an IPv6 equivalent option? or it will be a feature? I am asking because if i set SLAAC with DHCPv6 Server then my devices picks the I...
by RomelSan
Fri Jul 20, 2018 4:36 am
Forum: Beginner Basics
Topic: Deploying IPv6 on a home/hobbyist/small business network?
Replies: 8
Views: 6599

Re: Deploying IPv6 on a home/hobbyist/small business network?

You don't need static DNS. Some devices already support DNS from RA (Linux, even Windows 10 for about a year now), but RouterOS doesn't have many configuration options for that (it just takes what's in "/ip dns"). But stateless DHCPv6 works in RouterOS and few versions back, DHCPv6 option...
by RomelSan
Fri Jul 20, 2018 2:37 am
Forum: Beginner Basics
Topic: IPv6 Home problem [SOLVED]
Replies: 11
Views: 3923

Re: IPv6 Home problem [SOLVED]

I remember it used to be recommended to give /48 to every customer. It's easy to work with (whole one part between two colons belongs to customer for subnetting) and while it's huge overkill for most customers, there's enough addresses to go around. Regular ISP starts with /32, it's enough for 65k ...
by RomelSan
Fri Jul 20, 2018 2:24 am
Forum: Beginner Basics
Topic: IPv6 Home problem [SOLVED]
Replies: 11
Views: 3923

Re: IPv6 Home problem [SOLVED]

A /64 provision is a little mean from your ISP. I guess at one level you should be happy that the ISP provides any IPv6 connectivity, many still don't. The ISP I use provides a routed /48, with a seperate /64 Network Discovery Prefix. This is used to automatically address the WAN interface of my Ro...
by RomelSan
Fri Jul 20, 2018 2:11 am
Forum: Beginner Basics
Topic: IPv6 Home problem [SOLVED]
Replies: 11
Views: 3923

Re: IPv6 Home problem [SOLVED]

It's good that it works, but only /64 sucks. It looks like awful lot of addresses at first (and it is), but yes, it's one subnet and it's not supposed to be divided in smaller ones. While possible, many devices know only how to work with /64 and autoconfiguration (I mean, if they support IPv6 at al...
by RomelSan
Thu Jul 19, 2018 8:31 pm
Forum: Beginner Basics
Topic: Deploying IPv6 on a home/hobbyist/small business network?
Replies: 8
Views: 6599

Re: Deploying IPv6 on a home/hobbyist/small business network?

Also keep in mind that if you are in SLAAC mode only, then you have to set static DNS for ipv6 in your computers.
OpenDNS 	
2620:0:ccc::2
2620:0:ccd::2

Google 	
2001:4860:4860::8888
2001:4860:4860::8844
by RomelSan
Thu Jul 19, 2018 8:07 pm
Forum: Beginner Basics
Topic: Deploying IPv6 on a home/hobbyist/small business network?
Replies: 8
Views: 6599

Re: Deploying IPv6 on a home/hobbyist/small business network?

All right. I have: Upgraded RouterOS to latest version (6.42.6). Enabled the IPv6 package. Set up a DHCP client entry on WAN1 requesting an address and prefix; it has received an address and prefix which correspond to what my ISP is showing in my Internet gateway. Set up a DHCP server entry on the ...
by RomelSan
Thu Jul 19, 2018 7:59 pm
Forum: Beginner Basics
Topic: IPv6 Home problem [SOLVED]
Replies: 11
Views: 3923

Re: IPv6 Home problem [SOLVED]

Finally fixed...
The solution was to put the ISP router in bridge mode, because the /64 is for one subnet only.
The ISP router was already using the only /64 available to me, so the Mikrotik did not get a chance to see the internet.
Thanks for helping.
by RomelSan
Thu Jul 19, 2018 7:51 pm
Forum: Beginner Basics
Topic: IPv6 Home problem [SOLVED]
Replies: 11
Views: 3923

Re: IPv6 Home problem [SOLVED]

Unchecked managed-address-configuration. --> Thanks.
There are no other routers in my LAN.
by RomelSan
Thu Jul 19, 2018 12:46 am
Forum: Beginner Basics
Topic: IPv6 Home problem [SOLVED]
Replies: 11
Views: 3923

Re: IPv6 Home problem [SOLVED]

I did that configuration...
I don't know if the problem is because the prefix the ISP gave me is a /64.
Also the ISP router is in routing mode and not in bridge mode.
Can that be a problem?
by RomelSan
Wed Jul 18, 2018 10:23 pm
Forum: Beginner Basics
Topic: IPv6 Home problem [SOLVED]
Replies: 11
Views: 3923

IPv6 Home problem [SOLVED]

I can get IPv6 addresses on my computers, but i can not ping or browse the internet using IPv6. My current configuration is as follows: 1) Get Ipv6 prefix /ipv6 dhcp-client add add-default-route=yes interface=internet-ether10 pool-name=internet-ipv6 request=prefix use-peer-dns=no Then in pool i can ...
by RomelSan
Tue Mar 26, 2013 7:25 pm
Forum: Beginner Basics
Topic: Bandwidth monitoring per IP (What are u using?)
Replies: 3
Views: 3534

Re: Bandwidth monitoring per IP (What are u using?)

I already setup a Raspberry Pi to monitor my home network. (Monitoring via Web) Using NFDUMP and NfSen. Setup example: http://terraltech.com/installation-and-configuration-of-nfdump-and-nfsen-on-ubuntu/ Notes: I had to copy 3 files to the bin directory. (Do this if you get an installation error 'fro...
by RomelSan
Mon Mar 25, 2013 4:10 am
Forum: Beginner Basics
Topic: Bandwidth monitoring per IP (What are u using?)
Replies: 3
Views: 3534

Bandwidth monitoring per IP (What are u using?)

Hi guys, I am using mikrotik Os v5.24, and i want to monitor my traffic and keep the record stored in a file or a database. (No packet capture) I am looking for something like this: http://farm6.static.flickr.com/5181/5621641846_707c8783eb_b_d.jpg Via web or application. I want a freeware tool that ...
by RomelSan
Mon Jan 07, 2013 4:27 pm
Forum: Beginner Basics
Topic: Simple QOS for apartment
Replies: 2
Views: 1799

Re: Simple QOS for apartment

Hi, you need in your QoS to set Type PCQ. I have a website with this setup example: look this: http://mikrotik.romelsan.com/ then the example: http://mikrotik.romelsan.com/home/qos-tree There is the example code, and the screenshots... you just have to change the IPs , interface , and the bandwidth ...
by RomelSan
Mon Jan 07, 2013 4:09 pm
Forum: Beginner Basics
Topic: Port Forwarding setup frusterations with Dynamic IP (Home)
Replies: 16
Views: 63985

Re: Port Forwarding setup frusterations with Dynamic IP (Hom

Test it from outside your network... If you want to test this from inside too, then you must Hairpin NAT.

http://wiki.mikrotik.com/wiki/Hairpin_NAT
by RomelSan
Mon Oct 15, 2012 8:24 am
Forum: Beginner Basics
Topic: How to make queues per source/dst ip?
Replies: 3
Views: 1940

Re: How to make queues per source/dst ip?

I don't Know if this will help, but anyway take a look, and configure it to your needs:
It uses PCQ

http://mikrotik.romelsan.com/home/qos-tree
by RomelSan
Wed Sep 26, 2012 8:43 am
Forum: Beginner Basics
Topic: changing the default LAN network address?
Replies: 2
Views: 3151

Re: changing the default LAN network address?

I have setup an example LAN using an RB2011.
see http://mikrotik.romelsan.com/
by RomelSan
Wed Sep 26, 2012 8:22 am
Forum: Beginner Basics
Topic: queue priority by tree or parent, sorry for lame question
Replies: 3
Views: 1674

Re: queue priority by tree or parent, sorry for lame questio

Mmm... Anything that have a parent will have the same rules passed to childs... Childs can have their on rules and will not pass to other same level childs. As i am aware of... Priority applies to childs. I have posted an example that creates a Tree QoS using PCQ without affecting Lan connections ju...
by RomelSan
Tue Aug 28, 2012 2:22 am
Forum: Beginner Basics
Topic: NAT Translation Help
Replies: 3
Views: 1747

Re: NAT Translation Help

Thanks, I didn't know that this was called hairpin-nat or Nat/WAN Reflection to some others... Anyway it works 100% Positive Karma for both of you :) So, the solution was: /ip firewall nat add chain=dstnat dst-address=xxx.xxx.xxx.xxx protocol=tcp dst-port=80 \ action=dst-nat to-address=192.168.0.6 a...
by RomelSan
Mon Aug 27, 2012 11:40 pm
Forum: Beginner Basics
Topic: NAT Translation Help
Replies: 3
Views: 1747

NAT Translation Help

My current situation is as follows: I have a mikrotik RB2011 router with routeros 5.20 assigned a public IP. Inside the network is a VLAN and a NAS. So, WAN= xxx.xxx.xxx.xxx (yourname.no-ip.org) LAN = 192.168.0.0/24 NAS = 192.168.0.6 From the LAN i have flawless internet access, and can browse to NA...
by RomelSan
Mon Aug 27, 2012 11:24 pm
Forum: Beginner Basics
Topic: VLAN - Simple Vlan Help
Replies: 6
Views: 2345

Re: VLAN - Simple Vlan Help

Thanks, i understand now... I tested with a Vlan enabled Netgear. And it Works :)
by RomelSan
Mon Aug 27, 2012 5:46 am
Forum: Beginner Basics
Topic: VLAN - Simple Vlan Help
Replies: 6
Views: 2345

Re: VLAN - Simple Vlan Help

There are many reasons: 1) I want to learn about setting up VLANS using (Mikrotik) (I tried the manual but failed) 2) I want to separate ARP. (In other maps) 3) By learning this i will isolate my wireless guest network without using hotspot function. I just need to understand the VLAN basic Setup. I...
by RomelSan
Mon Aug 27, 2012 5:30 am
Forum: Beginner Basics
Topic: VLAN - Simple Vlan Help
Replies: 6
Views: 2345

Re: VLAN - Simple Vlan Help

Do you want the vlans tagged or untagged?
Untagged :)
by RomelSan
Mon Aug 27, 2012 3:27 am
Forum: Beginner Basics
Topic: VLAN - Simple Vlan Help
Replies: 6
Views: 2345

VLAN - Simple Vlan Help

Hi,
How would you setup 3 simple Vlans like this?
Just 1 RouterOs
1 single Vlan per eth port.
All of them must have internet connection, via WAN (eth10)
VLANS Untagged

Image

Thanks,
by RomelSan
Sun Aug 12, 2012 9:20 am
Forum: Beginner Basics
Topic: Restrict bandwidth
Replies: 1
Views: 1178

Re: Restrict bandwidth

QoS Tree is easier... Assuming you want to limit Internet Speed: If not then you can make little changes to suit your needs Change this one part "YOUR_WAN_INTERFACE" to your Internet Interface Name. /ip firewall mangle add chain=prerouting src-address=30.30.246.1/24 action=mark-connection ...
by RomelSan
Fri Aug 10, 2012 7:21 am
Forum: General
Topic: Simple queues not quite doing what I expected them to do
Replies: 2
Views: 1245

Re: Simple queues not quite doing what I expected them to do

Study QoS Tree first, then simple queue rules will be easy, because it also uses a parent child structure. So, Case Example: * Later you will be able to setup rules against services or entire networks Important Device = 192.168.6.100 unlimited speed Secondary Device = 192.168.6.150 limited (Download...
by RomelSan
Fri Aug 10, 2012 6:48 am
Forum: Beginner Basics
Topic: Connecting from WAN via winbox/http
Replies: 4
Views: 43576

Re: Connecting from WAN via winbox/http

I don't recommend HTTP for Wan Administration. Anyway, copy and paste this code to the winbox terminal. /ip firewall filter add action=accept chain=input comment="HTTP WAN Admin" dst-port=80 protocol=tcp Note: It is better to use WinBox, SSH, HTTPS for WAN Administration. Cheers, Dont forg...
by RomelSan
Fri Aug 10, 2012 6:38 am
Forum: Beginner Basics
Topic: Connecting from WAN via winbox/http
Replies: 4
Views: 43576

Re: Connecting from WAN via winbox/http

If you want to gain access from WAN to your WinBox, you have to create a rule in the Firewall Filter section. Ex: Copy and paste this line to your WinBox Terminal /ip firewall filter add chain=input comment="WinBox Wan Administration" dst-port=8291 protocol=tcp action=accept Note: By defau...
by RomelSan
Wed Aug 08, 2012 12:36 am
Forum: Beginner Basics
Topic: Routing requests from LAN back into LAN
Replies: 29
Views: 15078

Re: Routing requests from LAN back into LAN

Good question. Normally you just navigate a server using the local name or local server ip + port. And if you want to test the connection only (No login) it's ok to use external proxy, TOR or VPN. But in your case the rule you set will have Mikrotik Os to resolve the dyndns ip... For Solution Read a...
by RomelSan
Tue Aug 07, 2012 11:41 pm
Forum: Beginner Basics
Topic: QoS tree - Case Study - Home Setup
Replies: 0
Views: 3026

QoS tree - Case Study - Home Setup

QoS Tree by @RomelSan: Case Example. I have: Core LAN: 192.168.6.0/24 ether2-Core Family LAN: 192.168.7.0/24 ether3-Family Guest HotSpot: 192.168.5.0/24 ether4-HotSpot-Cisco WAN: internet-ether10 -------------------------------------------------------- My PC is: 192.168.6.100 Synology NAS: 192.168....
by RomelSan
Sun Aug 05, 2012 1:22 am
Forum: Beginner Basics
Topic: MikroTik Queue
Replies: 8
Views: 2510

Re: MikroTik Queue

Setup example: (This will only adjust WAN traffic) Adjust to your needs. Assuming you have: WAN = 203.x.x.x LAN = 192.x.x.x Then: /queue simple add name=InternetQoS target-addresses=0.0.0.0/0 comment="WAN queue" /queue simple add name=Group1 priority=6 target-addresses=192.168.6.0/24 max-l...
by RomelSan
Tue Jul 17, 2012 6:32 pm
Forum: Beginner Basics
Topic: QoS Help
Replies: 4
Views: 1360

Re: QoS Help

The bandwidth isn't divided into equal parts. You need create PCQ queues for incoming and outgoing traffic. /queue type add name="Download" kind=pcq limit=2M pcq-classifier=dst-address /queue type add name="Upload" kind=pcq limit=400k pcq-classifier=src-address /queue simple set...
by RomelSan
Sun Jul 15, 2012 11:09 pm
Forum: Beginner Basics
Topic: QoS Help
Replies: 4
Views: 1360

Re: QoS Help

Hello! Try this: /queue simple add name=ISP target-addresses=0.0.0.0/0 /queue simple add name=LAN2 priority=6 target-addresses=192.168.7.0/24 max-limit=400k/2M limit-at=400k/2M parent=ISP /queue simple add name=LAN1 priority=7 target-addresses=192.168.6.0/24 parent=ISP /queue simple add name=LAN3 p...
by RomelSan
Sat Jul 14, 2012 3:22 am
Forum: Beginner Basics
Topic: QoS Help
Replies: 4
Views: 1360

QoS Help

Hi, i have the current setup: LAN1: 192.168.6.0/24 Interface: ether2-Core LAN2: 192.168.7.0/24 Interface: ether3-Family LAN3: 192.168.5.0/24 Interface: ether4-Core-Cisco WAN: ISP DHCP Interface: internet-ether10 My Internet Speed is: Download: 6.1mbps Upload: 1.5mbps I followed the wiki documentatio...
by RomelSan
Fri Jul 06, 2012 2:06 am
Forum: Beginner Basics
Topic: RB750GL Remote Access
Replies: 3
Views: 1402

Re: RB750GL Remote Access

gotsprings Thanks!
by RomelSan
Fri Jul 06, 2012 2:03 am
Forum: Beginner Basics
Topic: Port Forwarding setup frusterations with Dynamic IP (Home)
Replies: 16
Views: 63985

Re: Port Forwarding setup frusterations with Dynamic IP (Hom

BackwardsCire! Thanks! My settings works now! Trying for hours :p and for remote administration via WinBox i used: /ip firewall filter add action=accept chain=input comment="WinBox Wan Administration" disabled=no \ dst-port=8291 protocol=tcp It works, but now i am wondering.... How can you...