Community discussions

MikroTik App

Search found 33 matches

by jeanbrico
Thu Dec 20, 2012 7:32 am
Forum: General
Topic: [Resolved] failed to get my cert
Replies: 2
Views: 4841

Re: failed to get my cert

It works (thanks to mikrotik hot line). - 1 - To import certificates in router, use New terminal > certificate > import file=serv-1-cert.pem (no graphic console) Do this for: - CA, - key and crt for server 1, - key and crt for server 2. print to verify: for certificates for server 1 and 2, you need ...
by jeanbrico
Tue Nov 13, 2012 11:32 pm
Forum: General
Topic: [Resolved] failed to get my cert
Replies: 2
Views: 4841

[Resolved] failed to get my cert

Excuse me for this very long post, but there is a few days I try to resolve this problem. We have 18 Mikrotk routeur to configure, and my chief become a little impatient... I'm not sure it's a bug (Mikrotik seems to be a good product), but I don't know what's happened. Here is the story. IPSec in Au...
by jeanbrico
Sun Nov 11, 2012 11:16 pm
Forum: General
Topic: Failed to get my CERT
Replies: 8
Views: 5853

Re: Failed to get my CERT

Well. I'm a lot disappointed. "Failed to get my cert" is a racoon message I think. So I've spend a lot of hours to install racoon and tynica on two Debian machines, and I've found how to generate good certificates for Racoon: with Racoon, all is fine: tunnel is working. I don't have the fa...
by jeanbrico
Fri Nov 02, 2012 4:21 pm
Forum: General
Topic: Failed to get my CERT
Replies: 8
Views: 5853

Re: Failed to get my CERT

Thanks for all ... but it doesn't work... Here is the script to create CA (your script if I don't have make mistake): ---------------------- openssl genrsa -out mikroTik.ca.key.pem 2048 openssl req -new -x509 -nodes -days 9999 -key mikroTik.ca.key.pem -out mikroTik.ca.cert.pem ----------------------...
by jeanbrico
Fri Nov 02, 2012 1:32 am
Forum: General
Topic: Failed to get my CERT
Replies: 8
Views: 5853

Re: Failed to get my CERT

In previous post, I've written:
"So I've to create a new format for my server certificate (pem with private key) ?"

I've tried, but it doesn't resolv my problem...
by jeanbrico
Fri Nov 02, 2012 1:00 am
Forum: General
Topic: Failed to get my CERT
Replies: 8
Views: 5853

Re: Failed to get my CERT

With openssl, I've lot of versions of certificates for the same server: - 1 - cert with private key.crt - 2 - private key.key - 3 - cert with private key but without passphrase to decrypt private key.pem2 - 4 - cert without private key with CRL.pem - 5 - cert without private key without CRL.pem - 6 ...
by jeanbrico
Thu Nov 01, 2012 7:40 pm
Forum: General
Topic: Failed to get my CERT
Replies: 8
Views: 5853

Re: Failed to get my CERT

I've used succesfully all writen in http://wiki.mikrotik.com/wiki/Manual:Create_Certificates but the certificates created don't resolve the problem. The error message stays the same... For each certificate, in CN, I've put the public IP address of the router (these two public IP adresses defines the...
by jeanbrico
Thu Nov 01, 2012 11:48 am
Forum: General
Topic: Failed to get my CERT
Replies: 8
Views: 5853

Re: Failed to get my CERT

It seems to be a message like we find in racoon. All posts about racoon tells about "file certificate racoon don't find". So, my questions were: "Are there constraints for files names containing my certificates ? Is the good place to load my certificates with Filezilla ?" Prehaps...
by jeanbrico
Wed Oct 31, 2012 7:10 pm
Forum: General
Topic: Failed to get my CERT
Replies: 8
Views: 5853

Failed to get my CERT

I try to mount IPSec tunnel with "rsa signature". I own certificates and a personal CA that working fine. With Filezilla, I put my certificates and CA certificate in Mikrotik. I'm able to see them in System \ Certificates. The certificates to authenticate machines have private key (I can s...
by jeanbrico
Mon Oct 15, 2012 11:19 am
Forum: Wireless Networking
Topic: Seven - WPA2 Enterprise - Certificate
Replies: 0
Views: 1660

Seven - WPA2 Enterprise - Certificate

I try to connect a Seven Enterprise with certificates to a Win 2003 DC, but it doesn't work. With PEAP it works, but not with certificates. The error message: -------------------------- 09:59:13 radius,debug,packet sending Access-Request with id 10 to 192.168.88.2:1812 09:59:13 radius,debug,packet S...
by jeanbrico
Fri Oct 12, 2012 5:21 pm
Forum: Wireless Networking
Topic: Seven - WPA2 Enterprise - PEAP
Replies: 13
Views: 14548

Re: Radius - NPS

The solution to use "a little" 802.1x with a domain DC win 2003 serveur, and IAS, and a Seven owning wifi, and Mikrotik as an simple AP. Users will be authenticated with their name and passwords registered in AD. Mikrotik configuration (use card 2 to 5 to connect Mikrotik to network as an ...
by jeanbrico
Fri Oct 12, 2012 4:25 pm
Forum: Wireless Networking
Topic: Seven - WPA2 Enterprise - PEAP
Replies: 13
Views: 14548

Re: Radius - NPS

It works !!!!!!!!!!!!!!!!!!!!!!

I give you all the solution before monday.

Thanks for all.
by jeanbrico
Thu Oct 11, 2012 4:33 pm
Forum: Wireless Networking
Topic: Seven - WPA2 Enterprise - PEAP
Replies: 13
Views: 14548

Re: Radius - NPS

With a Seven Enterprise, it's a little better: I obtain a window to enter name and password.

I hope I'll find the solution in a few days and give you good news before monday.

Thanks for all.
by jeanbrico
Wed Oct 10, 2012 2:29 pm
Forum: Wireless Networking
Topic: Seven - WPA2 Enterprise - PEAP
Replies: 13
Views: 14548

Re: Radius - NPS

Sorry. I don't have anything else in the log. All what I've found in the net is confuse, but seems to say one part of the solution is in security-profile: - my security-profile -------------------- /interface wireless security-profiles set [ find default=yes ] eap-methods=passthrough ---------------...
by jeanbrico
Wed Oct 10, 2012 9:56 am
Forum: Wireless Networking
Topic: Seven - WPA2 Enterprise - PEAP
Replies: 13
Views: 14548

Re: Radius - NPS

Yes, I have anything: according to me, link between AP mikrotik and IAS (Microsoft Win 2003) is good: in Mikrotik log, when I create radius: - Config --------------------- /radius add address=192.168.88.2 secret=secret service=wireless - Log ----------------------------- 08:39:41 radius,debug,packet...
by jeanbrico
Tue Oct 09, 2012 10:47 pm
Forum: Wireless Networking
Topic: Seven - WPA2 Enterprise - PEAP
Replies: 13
Views: 14548

Re: Radius - NPS

A mistake I think: I've forgotten to select "service=wireless" in radius:
-----------------------
/radius
add address=192.168.88.2 secret=secret service=wireless
-----------------------

But this new configuration don't change anything.

Thanks for all.

Best regards.
by jeanbrico
Tue Oct 09, 2012 10:36 pm
Forum: Wireless Networking
Topic: Seven - WPA2 Enterprise - PEAP
Replies: 13
Views: 14548

Re: Radius - NPS

I'm very sorry: is it what you want ? If yes, nothing appears when XP is trying to connect: ------------------------------------------ [admin@MikroTik] /system logging> print follow where topics~".radius" Flags: X - disabled, I - invalid, * - default # TOPICS ACTION PREFIX -- Ctrl-C to qui...
by jeanbrico
Mon Oct 08, 2012 10:08 am
Forum: Wireless Networking
Topic: Seven - WPA2 Enterprise - PEAP
Replies: 13
Views: 14548

Re: Radius - NPS

With 2003 server - XP SP3 and a D-Link AP, all is fine: a user on XP can connect on wifi with Radius (IAS) and Active Directory. With WEP Cipher, my XP can connect to mikrotik AP. With Radius and Mikrotik, nothing happens: my XP can't connect to mikrotik AP. Here is my wifi configuration in mikrotik...
by jeanbrico
Fri Oct 05, 2012 4:43 pm
Forum: Wireless Networking
Topic: wifi: XP dont't ping mikrotik
Replies: 9
Views: 2627

Re: wifi: XP dont't ping mikrotik

mikrotik is new for me. It seems to be a good product. The goal is to use Radius Server with Win 2008 (DC) and Seven. But it will be difficult i think. So I begin the most simple as possible. WEP is simple. Now, WEP work "quite" fine. I'll go to configure mikrotik to use Radius Server with...
by jeanbrico
Fri Oct 05, 2012 4:11 pm
Forum: Wireless Networking
Topic: wifi: XP dont't ping mikrotik
Replies: 9
Views: 2627

Re: wifi: XP dont't ping mikrotik

It's working "almost" fine: Here is a configuration that working fine (wifi no secure: no authentication - no cipher - with XP SP3): XP can ping mikrotik: ----------------------------------- [admin@MikroTik] > export compact # jan/02/1970 00:29:03 by RouterOS 5.14 # software id = 2AYL-KERF...
by jeanbrico
Fri Oct 05, 2012 11:02 am
Forum: Wireless Networking
Topic: wifi: XP dont't ping mikrotik
Replies: 9
Views: 2627

Re: wifi: XP dont't ping mikrotik

Here is: ------------------------------------------ [admin@MikroTik] > export compact # jan/02/1970 00:04:52 by RouterOS 5.14 # software id = 2AYL-KERF # /interface wireless set 0 disabled=no l2mtu=2290 mode=ap-bridge ssid=test6 wireless-protocol=802.11 /interface wireless security-profiles set [ fi...
by jeanbrico
Thu Oct 04, 2012 7:26 pm
Forum: Wireless Networking
Topic: wifi: XP dont't ping mikrotik
Replies: 9
Views: 2627

Re: wifi: XP dont't ping mikrotik

I've just done a reset of the mikrotik. I've connected my mikrotik with port number 5 on a 2003 server. With winbox, I've connected to the mikrotik successfully. After, I've done: winbox > IP > Addresses > "+" > Address: 192.168.88.1/24 > Interface: ether5. Then my 2003 (192.168.88.2) can ...
by jeanbrico
Thu Oct 04, 2012 2:13 pm
Forum: Wireless Networking
Topic: wifi: XP dont't ping mikrotik
Replies: 9
Views: 2627

wifi: XP dont't ping mikrotik

I have a Mikrotik RB751U-2HnD wifi router. I connect a XP computer with wifi to this AP: I see the XP computer in winbox > Wireless > Registration (with the MAC address of my wifi interface on XP computer). The firewall on XP was desactivated. My XP can't ping my mikrotik (and my mikrotik can't ping...
by jeanbrico
Wed Oct 03, 2012 6:30 pm
Forum: Wireless Networking
Topic: Seven - WPA2 Enterprise - PEAP
Replies: 13
Views: 14548

Seven - WPA2 Enterprise - PEAP

I own a NPS (Radius) server on Windows 2008 server (domaine controler). I have a Mikrotik RB751U-2HnD wifi router. I'd like to use this wifi router as acces point to my wifi users, using radius (and NPS on my 2008 server). With winbox, on Wireless > Security profile > Default > General, I know how t...
by jeanbrico
Sat Sep 01, 2012 4:16 pm
Forum: Beginner Basics
Topic: Dynamic IP on eth1 [Resolved]
Replies: 2
Views: 1855

Re: Dynamic IP on eth1

Yes, it works.

Thanks for all !!!!!!
by jeanbrico
Sat Sep 01, 2012 3:48 pm
Forum: Beginner Basics
Topic: Dynamic IP on eth1 [Resolved]
Replies: 2
Views: 1855

Dynamic IP on eth1 [Resolved]

I've a LAN that owns it's DHCP server and routeur (not a Mikrotik). Accessing to Internet is Ok. I'd like to add a RouterBoard 750 in this LAN. This router will separate my LAN and an other LAN in which we'll make tests: I dont' want this tests to contaminate my production LAN. All is fine on Mikrot...
by jeanbrico
Thu Jul 26, 2012 6:20 pm
Forum: Wireless Networking
Topic: Authentication: open or WEP ?
Replies: 1
Views: 969

Authentication: open or WEP ?

I've an old (and not a lot secure...) wifi network. My XP connects succesfully to the routerboard 751U 2HnD, with the configuration mentioned below: - authentication: "open" (i'm a little surprised, but "WEP" don't work), - cypher: WEP (on key 1), - WEP key: "0000" (tes...
by jeanbrico
Wed Jul 25, 2012 10:24 pm
Forum: General
Topic: Erase configuration [Resolved]
Replies: 3
Views: 2413

Re: Erase configuration

Yes, it works.

Thanks for all.
by jeanbrico
Wed Jul 25, 2012 10:11 pm
Forum: General
Topic: RB750 out of order ? [Resolved]
Replies: 2
Views: 952

Re: RB750 out of order ?

I've plugged: - port 1: I've seen, with Wireshark, DHCP request from RB750 (to ISP in real life, to my test network for me). After, it was possible to ping this port, but nothing else (a firewall on thgis port I presume), - port 5: with wireshark: CISCO Discovery Protocol, but nothing else). - on ot...
by jeanbrico
Wed Jul 25, 2012 9:58 pm
Forum: General
Topic: RB750 out of order ?
Replies: 2
Views: 683

Re: RB750 out of order ?

I apologize.

It was a mistake. I've not understood my post have to be validated before being in line.

Thanks for all.
by jeanbrico
Wed Jul 25, 2012 3:12 pm
Forum: General
Topic: Erase configuration [Resolved]
Replies: 3
Views: 2413

Erase configuration [Resolved]

I own a routerboard RB751. I want to have an "empty" configuration (no interface configured, no IP Address, and so on): as in a virtual machine for example. On a previous version, after a material reset, a windows permit to launch a script that clear all the config. By now (v5.14), this wi...
by jeanbrico
Tue Jul 24, 2012 11:59 pm
Forum: General
Topic: RB750 out of order ? [Resolved]
Replies: 2
Views: 952

RB750 out of order ? [Resolved]

I've unpacked my RB750, and I've seen it with winbox. All was fine. A few minutes later, i've reset it: - I've put a piece of wood on reset hole, - I've powered of the routeur, - I've powered on the routeur, - I've waited all the leds to stop, - I've put off the piece of wood out off the reset hole....
by jeanbrico
Tue Jul 24, 2012 11:53 pm
Forum: General
Topic: RB750 out of order ?
Replies: 2
Views: 683

RB750 out of order ?

I've just unpacked my Routerboard RB750. I've seen it with winbox. All was fine. A few minute later, I reset the router: - I've plugged a piece of wood in the reset button, - I've powered off the routeur, - I've powered on the router, waited for leds to stop, - unplugged the piece of wood from reset...