Community discussions

MikroTik App

Search found 634 matches

by hilton
Fri Jul 26, 2019 1:46 pm
Forum: RouterBOARD hardware
Topic: RB1100 Bypass Ports: Application Example
Replies: 1
Views: 10665

Re: RB1100 Bypass Ports: Application Example

Thanks, this was a great post!
by hilton
Thu May 09, 2019 2:58 pm
Forum: General
Topic: firewall src add and dst add
Replies: 38
Views: 8605

Re: firewall src add and dst add

Yes, it respects TTL and when it times out, it resolves records again.
Thank you!
by hilton
Thu May 09, 2019 9:11 am
Forum: General
Topic: firewall src add and dst add
Replies: 38
Views: 8605

Re: firewall src add and dst add

Do the
/ip firewall address-list
DNS entries update if the registered IPs change?
by hilton
Wed Feb 13, 2019 10:47 am
Forum: Scripting
Topic: Useful scripts
Replies: 116
Views: 295735

Re: Useful scripts

Would this not work?
/ppp secret export file=secrets
by hilton
Wed Aug 22, 2018 9:14 am
Forum: Scripting
Topic: Blacklist Filter (Development Topic)
Replies: 188
Views: 61901

Re: Blacklist Filter (Development Topic)

Dave does this script replace your old 'blacklistUpdate' script that was scheduled? Must I just schedule this new script as per before?
Hi, I'm not Dave but:
Yes and Yes :)
Ta!
by hilton
Tue Aug 21, 2018 12:18 pm
Forum: Scripting
Topic: Blacklist Filter (Development Topic)
Replies: 188
Views: 61901

Re: Blacklist Filter (Development Topic)

I've implemented some of the new security functions. You will need to update the download script. Cloud DDNS is *REQUIRED*. Which means you need the latest CHR with Cloud support. /ip cloud set ddns-enabled=yes Here is the new script. :local destPath "disk1/filterImport.rsc"; :local prior...
by hilton
Thu Nov 09, 2017 9:17 am
Forum: Scripting
Topic: Blacklist Filter update script
Replies: 632
Views: 212050

Re: Blacklist Filter update script

The list comes in three sizes. The smallest is meant for home users. It just filters botnets and such. The medium list adds spam hosts and is intended for small to medium businesses. The large filters everything that we can, over 200,000 entries and is only intended for the larger CCR routers prote...
by hilton
Tue Oct 22, 2013 11:08 am
Forum: General
Topic: Feature Request: L2TPv3 Client
Replies: 18
Views: 11032

Re: Feature Request: L2TPv3 Client

Yep, I too would like this feature.
by hilton
Tue Mar 26, 2013 11:21 am
Forum: General
Topic: Anything happened to Changeip / Sam Norris?
Replies: 51
Views: 12803

Re: Anything happened to Changeip / Sam Norris?

Giepie, the problem is that for them it may not be an emergency but for us, all our clients are not getting email etc. It probably affects thousands of just South African users. Anyway, I have set-up a similar system which I will be launching soon. You are welcome to test a client or two if you so w...
by hilton
Thu Feb 28, 2013 4:56 pm
Forum: General
Topic: Anything happened to Changeip / Sam Norris?
Replies: 51
Views: 12803

Re: Anything happened to Changeip / Sam Norris?

Eish, broken again.
by hilton
Tue Feb 26, 2013 3:48 pm
Forum: General
Topic: Anything happened to Changeip / Sam Norris?
Replies: 51
Views: 12803

Re: Anything happened to Changeip / Sam Norris?

I'm still getting 'Blacklisted' errors.

Then a ton of emails telling me so.
by hilton
Mon Feb 25, 2013 1:56 pm
Forum: General
Topic: Anything happened to Changeip / Sam Norris?
Replies: 51
Views: 12803

Re: Anything happened to Changeip / Sam Norris?

Not on me but I think the quickest way to get a response is to send a text.
by hilton
Mon Feb 25, 2013 11:23 am
Forum: General
Topic: Anything happened to Changeip / Sam Norris?
Replies: 51
Views: 12803

Re: Anything happened to Changeip / Sam Norris?

Seems to be up again.

Need to find an alternative as this service of late is not something I rely on anymore.

Any pointers?
by hilton
Fri Jan 18, 2013 4:03 pm
Forum: General
Topic: Anything happened to Changeip / Sam Norris?
Replies: 51
Views: 12803

Re: Anything happened to Changeip / Sam Norris?

can't get to http://www.changeip.com

even http://downorisitjustme.com/res.php?url ... angeip.com agrees with me.

anyone know anything?

his phone goes to voice mail.
by hilton
Wed Apr 11, 2012 9:01 pm
Forum: General
Topic: Anything happened to Changeip / Sam Norris?
Replies: 51
Views: 12803

Re: Anything happened to Changeip / Sam Norris?

OK, good news. Sam has replied to us.

I don't know what the problem was/is but at least there's light at the end of the fiber cable.
by hilton
Wed Apr 11, 2012 8:57 pm
Forum: General
Topic: Anything happened to Changeip / Sam Norris?
Replies: 51
Views: 12803

Re: Anything happened to Changeip / Sam Norris?

If nothing gets resolved by tomorrow morning I'm going to have to come up with another solution.

What other dynamic providers are there that work with RouterOS?
by hilton
Wed Apr 11, 2012 8:50 pm
Forum: General
Topic: Anything happened to Changeip / Sam Norris?
Replies: 51
Views: 12803

Re: Anything happened to Changeip / Sam Norris?

Same issues as other people, dynamic host updates with the correct IP address but you can't resolve it.

I can understand him having a problem but a simple email/note on the website would be useful.

Let's hope it's nothing more serious.
by hilton
Wed Apr 11, 2012 7:00 pm
Forum: General
Topic: Changeip Not Working
Replies: 7
Views: 1852

Re: Changeip Not Working

by hilton
Wed Apr 11, 2012 6:58 pm
Forum: General
Topic: Anything happened to Changeip / Sam Norris?
Replies: 51
Views: 12803

Anything happened to Changeip / Sam Norris?

Anyone know if something has happened to Sam Norris ? We've been trying to reach him or actually anyone from Changeip since Tuesday morning (UTC +2). We've sent various emails, left countless voice messages both on the office phone and Sam's mobile and even sent a text message. It's just weird that ...
by hilton
Thu Nov 10, 2011 11:34 am
Forum: Beginner Basics
Topic: Block MAC from getting DHCP
Replies: 9
Views: 20447

Re: Block MAC from getting DHCP

Or allow them access and in the web proxy access section, point their static DHCP IP to one of your favourite malware sites.
by hilton
Wed Aug 17, 2011 9:56 am
Forum: Scripting
Topic: Trying to use the same variable name in multiple scripts
Replies: 3
Views: 1520

Re: Trying to use the same variable name in multiple scripts

Something is certainly in a loop because when I set the scheduler to run those scripts every thirty seconds, the netwatch resets so I get the email notification that my site is up every thirty seconds. Could this be because I've used a local variable and it's value expires after the script has run? ...
by hilton
Tue Aug 16, 2011 3:40 pm
Forum: Scripting
Topic: Trying to use the same variable name in multiple scripts
Replies: 3
Views: 1520

Trying to use the same variable name in multiple scripts

Hi guys I need to run the same script to resolve a number of host names in order for netwatch to work. Am I correct in saying that I need to use local variables in order for there not to be some sort of clash? Here's my script. { :local "netwatch-host-name" "nippy" :local "n...
by hilton
Thu Jul 14, 2011 2:37 pm
Forum: General
Topic: MilliScript: freeware to manage export configuration files
Replies: 42
Views: 43592

Re: MilliScript: freeware to manage export configuration fil

The question remains though, are there any recent updates?
by hilton
Wed Jul 13, 2011 5:51 pm
Forum: General
Topic: Webfig skins (tutorial)
Replies: 100
Views: 122958

Re: Webfig skins (tutorial)

well, I am sure I am not the only one preferring winbox above all other, with CLI in case winbox won't work.
I also prefer Winbox and the command line via ssh or a terminal session.
by hilton
Tue Apr 26, 2011 7:18 pm
Forum: Scripting
Topic: Script to run when a user logs in?
Replies: 3
Views: 1453

Re: Script to run when a user logs in?

logs in where? hotspot? ppp?
No into the actual router, either via winbox or ssh.

So for example I would like a end user to be able to login with restricted rights and then once in, the router will automatically reboot.

Is this possible?
by hilton
Tue Apr 26, 2011 3:37 pm
Forum: Scripting
Topic: Script to run when a user logs in?
Replies: 3
Views: 1453

Script to run when a user logs in?

Hi guys

I need to run a specific script once a certain user logs in. I could poll the active user list but I'm not sure of the scripting.

Any helpers please?

Thanks.
by hilton
Mon Jan 03, 2011 8:26 am
Forum: General
Topic: Configuring VLAN Trunking on MT Router to Cisco C2924 Switch
Replies: 25
Views: 83759

Re: Configuring VLAN Trunking on MT Router to Cisco C2924 Sw

You can add VLAN tags to bonded (LAGG) ports.
by hilton
Wed Oct 06, 2010 12:54 pm
Forum: Beginner Basics
Topic: RB 450 +DNS +DHCP +Hotspot +RADIUS
Replies: 7
Views: 3080

Re: RB 450 +DNS +DHCP +Hotspot +RADIUS/450G Switch Ports

I have my cable modem running in ether1 and my private network in ether2, in your typical home setup scenario. If I use the above commands, I can make ether2 the "master port" and ports 3, 4 and 5 act as normal switch ports, with all routing going in and out through ether2. Just trying to...
by hilton
Tue Sep 14, 2010 2:28 pm
Forum: Beginner Basics
Topic: WEP & WPA in Mikrotik
Replies: 9
Views: 2621

Re: WEP & WPA in Mikrotik

coffee?

:)
It would indeed appear so :-)
by hilton
Tue Sep 14, 2010 2:19 pm
Forum: Beginner Basics
Topic: WEP & WPA in Mikrotik
Replies: 9
Views: 2621

Re: WEP & WPA in Mikrotik

Seriously?

I've just checked and I all I see is WPA and WPA2. Nuffin about WEP. I thought no-one used WEP anymore?

Surely?
by hilton
Tue Sep 14, 2010 2:05 pm
Forum: Beginner Basics
Topic: WEP & WPA in Mikrotik
Replies: 9
Views: 2621

Re: WEP & WPA in Mikrotik

I don't think Mikrotik supports WEP.
by hilton
Wed Aug 25, 2010 3:17 pm
Forum: General
Topic: MTU/MSS setting with Fibre connections
Replies: 0
Views: 836

MTU/MSS setting with Fibre connections

Hi guys

I've really only played with MTU/MSS settings with PPPOE connections but I have a router that plugs directly into a Fibre-To-The-Building connection. I've left the default MTU setting of 1500 but the users are complaining of slow responses to web surfing.

Any ideas please?
by hilton
Thu Jul 29, 2010 7:22 pm
Forum: Scripting
Topic: ChangeIP after RouterOS 4.10 !!!
Replies: 6
Views: 2490

Re: ChangeIP after RouterOS 4.10 !!!

Sam, I will test it for you.

Thanks.
by hilton
Thu Jul 29, 2010 5:46 pm
Forum: Scripting
Topic: ChangeIP after RouterOS 4.10 !!!
Replies: 6
Views: 2490

Re: ChangeIP after RouterOS 4.10 !!!

I'm using this script on 4.11 and it's working. Not too sure how different it is from the one Sam posted. :global ddnsuser "your_changeip_account" :global ddnspass "your_changeip_password" :global ddnshost "your_changeip_ddns_name" :global ddnsip :global ddnslastip [:to...
by hilton
Wed Jul 28, 2010 10:22 am
Forum: Beginner Basics
Topic: PPTP through internet to RB
Replies: 10
Views: 3778

Re: PPTP through internet to RB

I use no-ip.com and here is the script for that:
# Dynamic DNS Update / Simple Edition
# Written by Sam Norris, ChangeIP.com
# Copyright ChangeIP.com 2009
# For support send mail to Support@ChangeIP.com
#
So which one is it?
by hilton
Tue Jul 27, 2010 3:32 pm
Forum: Beginner Basics
Topic: Netwatch explanation please.
Replies: 1
Views: 1034

Re: Netwatch explanation please.

When setting up a netwatch, the two variables on the Host Tab "Interval" and Timeout" seem simple and first...and then I start thinking about this in more detail, and it becomes less clear. Should the interval always be less than timeout? Brian, the interval should always be more tha...
by hilton
Mon Jul 05, 2010 11:03 am
Forum: Scripting
Topic: opendns with dynamic ip
Replies: 30
Views: 15637

Re: opendns with dynamic ip

I think the bigger problem comes in where you need to REMOVE stale addresses from the list.

What else can one do bar removing the entire list and recreating?
by hilton
Tue May 18, 2010 2:40 pm
Forum: General
Topic: 'simple' queue question
Replies: 2
Views: 1075

'simple' queue question

Hi there If I want to simply monitor traffic usage from internal IP address (on my LAN), can I use the global-in and global-out parents for the individual queue trees? I just want to see who on the LAN is using the most internet traffic. Or perhaps do I need to create parents for each of my WAN conn...
by hilton
Tue Apr 20, 2010 5:41 pm
Forum: General
Topic: Problems with DNS for www.google.com
Replies: 174
Views: 65730

Re: Problems with DNS for www.google.com

I gave up on OpenDNS and I now use my local ISP's DNS and it's much better. Pity there's no local cloud based web filtering service that's friendly on the pocket.
by hilton
Fri Mar 26, 2010 11:19 am
Forum: Scripting
Topic: opendns with dynamic ip
Replies: 30
Views: 15637

Re: opendns with dynamic ip

I've since discovered that their content filtering service isn't all that it's cracked up to be. From my brief googling, there appears to be a distinct lack of cloud based web content filters out their with reasonable granular settings at a fair price. For the moment, I'm just going to install DansG...
by hilton
Mon Mar 15, 2010 4:51 pm
Forum: Beginner Basics
Topic: Basic Mikrotik Training Videos - FREE - *Update 03/15/2010*
Replies: 62
Views: 45205

Re: Basic Mikrotik Training Videos - FREE - *Update 03/15/2010*

Can't wait to the cat nail you :-)
by hilton
Mon Mar 08, 2010 5:52 pm
Forum: General
Topic: RouterOS v4.6 released
Replies: 80
Views: 17429

Re: RouterOS v4.6 released

Does anybody have any links to x86 version 4.5? I upgraded this from 3.30, so I've nothing in the x86 4.x tree.
http://download.mikrotik.com/all_packages-x86-4.5.zip
by hilton
Thu Feb 11, 2010 2:51 pm
Forum: General
Topic: Multiple incoming VPNs with the same remote subnet?
Replies: 2
Views: 3435

Re: Multiple incoming VPNs with the same remote subnet?

Why don't you just set the remote IP under the secrets?

Give the local address as the server and the remote a /32.

Am I missing something?
by hilton
Thu Feb 04, 2010 9:00 am
Forum: General
Topic: ipsec multisubnet or multi policy issue
Replies: 42
Views: 32402

Re: ipsec multisubnet or multi policy issue

Make sure you set level of the IPsec Policy to 'unique' for each subnet.
Good tip this, thanks.
by hilton
Thu Jan 28, 2010 5:28 pm
Forum: Beginner Basics
Topic: Basic Mikrotik Training Videos - FREE - *Update 03/15/2010*
Replies: 62
Views: 45205

Re: Basic Mikrotik Training Videos - FREE - *Update 01/04/2010*

Hi Greg Thanks for the quick response. Firstly here is the script. It's VERY basic which makes me wonder what I forgot? /ip ipsec policy set numbers=0 sa-dst-address=[:resolve remote.host.tld] /ip ipsec peer set numbers=0 address=[:resolve remote.host.tld] I run this on both sides. I have set the DP...
by hilton
Thu Jan 28, 2010 5:09 pm
Forum: Beginner Basics
Topic: Basic Mikrotik Training Videos - FREE - *Update 03/15/2010*
Replies: 62
Views: 45205

Re: Basic Mikrotik Training Videos - FREE - *Update 01/04/2010*

Hi Greg Great work here, thanks very much. I just have one question if I may? My set-up is site A connecting to sites B and C and both VPNs are IPSec. All have dynamic IP addresses and I managed to get these to work with the use of a script to resolve the dynamic host names of the respective sites. ...
by hilton
Thu Jan 21, 2010 9:13 am
Forum: General
Topic: Problems with DNS for www.google.com
Replies: 174
Views: 65730

Re: Problems with DNS for www.google.com

How many people having this problem are ISPs?
I'm not an ISP but I use Mikrotik as LAN routers for my customers and I've experienced this problem. However not since moving away to another DNS (either Google or the ISP DNS).
by hilton
Fri Jan 15, 2010 11:08 am
Forum: General
Topic: Problems with DNS for www.google.com
Replies: 174
Views: 65730

Re: Problems with DNS for www.google.com

Works great to proxy-redirect block.opendns.com to http://www.disney.com. Those trying to surf for hardcore smut will end up getting Pochohontas... :D
Poke oh who? :-)
by hilton
Fri Jan 01, 2010 5:28 pm
Forum: Beginner Basics
Topic: v4.3 and RB433's
Replies: 4
Views: 2075

Re: v4.3 and RB433's

There was a bug in 4.3 with regards to RB433 boards. Rather downgrade to 4.2 or upgrade to 4.4 (the latter works just fine).
by hilton
Fri Dec 18, 2009 4:07 pm
Forum: Beginner Basics
Topic: Attached: Mikrotik Visio Stencils
Replies: 31
Views: 114273

Re: Attached: Mikrotik Visio Stencils

Thanks very much (and to Sam). Very good contribution.
by hilton
Fri Dec 18, 2009 4:04 pm
Forum: General
Topic: EDNS Not Implemented?
Replies: 14
Views: 9434

Re: EDNS Not Implemented?

Just received this email from the South African co.za administrators but does it apply to Mikrotik? As of earlier this month, ICANN have started signing the root zone in an offline process (ie not in a live manner). This will gradually be phased in through the course of 2010, starting in January, an...
by hilton
Fri Dec 18, 2009 3:20 pm
Forum: General
Topic: v3.27 bug: ssh port forwarding is not working
Replies: 76
Views: 19594

Re: v3.27 bug: ssh port forwarding is not working

please, is there anybody, who could tell me, where I can download version 3.24 and the right way how to downgrade???
http://66.228.113.58/all_packages-mipsbe-3.24.zip

Copy to 'files' then under 'system, packages' hit the downgrade button. Should work.
by hilton
Thu Dec 17, 2009 8:34 pm
Forum: General
Topic: Advice for VPN for Mikrotik, IPv4 and IPv6
Replies: 12
Views: 3896

Re: Advice for VPN for Mikrotik, IPv4 and IPv6

Depends on what you need out of the connection. L2TP does not provide confidentiality
From what I know, you need a username to authenticate and then there's a level of encryption (granted not 256 AES or similar).

Am I missing the obvious here?
by hilton
Thu Dec 17, 2009 6:19 pm
Forum: General
Topic: Advice for VPN for Mikrotik, IPv4 and IPv6
Replies: 12
Views: 3896

Re: Advice for VPN for Mikrotik, IPv4 and IPv6

Why use L2TP when I can go just IPsec? On Debian/Ubuntu-forums they all say that if you can, just go with IPsec without L2TP. Does the same advice go for Mikrotik -> Mikrotik? Probably the opposite. L2TP is pretty easy with Mikrotik and why add another level of complication if you don't have to?
by hilton
Wed Dec 16, 2009 1:14 pm
Forum: General
Topic: RB433AH on 4.3, switch ether2/3 weirdness.
Replies: 7
Views: 1796

Re: RB433AH on 4.3, switch ether2/3 weirdness.

Is this a bug?
Yes.
by hilton
Wed Dec 16, 2009 12:19 pm
Forum: General
Topic: RouterOS v4.3 released
Replies: 47
Views: 10264

Re: RouterOS v4.3 released


Where can I download 4.2 now? Waiting for 4.4 to be alive is not a solution.

Thanks.
http://66.228.113.58/all_packages-mipsbe-4.2.zip
by hilton
Tue Nov 24, 2009 8:57 am
Forum: Beginner Basics
Topic: need help?
Replies: 7
Views: 1948

Re: need help?


And then transparently redirect all DNS requests to the router itself:
/ip firewall nat
add chain=dstnat protocol=tcp dst-port=53 in-interface=local action=redirect to-ports=53
You probably meant protocol UDP so note to Muldahir, change the dst-nat rule to reflect this.
by hilton
Thu Nov 19, 2009 8:33 am
Forum: General
Topic: Need some help with dst-nat issue.
Replies: 25
Views: 5782

Re: Need some help with dst-nat issue.

Hey don't let that guy charge you from the above message unless you want it really really bad. :-D
That's a bit harsh!

It's not like changeip/Sam was forcing himself on thavinci. In fact thavinci actually asked for paid help.

I think Sam deserves an apology.
by hilton
Wed Nov 11, 2009 8:30 am
Forum: General
Topic: SOLVED! Winbox on Windows-7 using MAC Address doesn't work
Replies: 21
Views: 28762

Re: SOLVED! Winbox on Windows-7 using MAC Address doesn't work

The issue is the virtual Sun Java's VirtualBox Network Interface (similiar to VMWare).

Disable that network interface, and it works perfectly!
Thanks very much, it certainly does indeed.
by hilton
Sat Nov 07, 2009 12:06 pm
Forum: General
Topic: New firewall matcher PCC
Replies: 298
Views: 94424

Re: New firewall matcher PCC and Web-Proxy

Hi,

Can we use PCC with Web-Proxy?
The answer to this can be found right here in this thread. Page 2, under one of Chupaka's posts.
by hilton
Fri Nov 06, 2009 9:37 am
Forum: RouterBOARD hardware
Topic: advanced pptp configuration
Replies: 4
Views: 3542

Re: advanced pptp configuration

Not confusing at all, I just didn't know this about Windows.

Thanks Sam, good post.
by hilton
Thu Nov 05, 2009 4:05 pm
Forum: Beginner Basics
Topic: PPTP Link doesn't work between MT router & Windows-XP
Replies: 21
Views: 6066

Re: PPTP Link doesn't work between MT router & Windows-XP

Well you need to do all this when you're behind the netgear (logically not physically).

Don't worry about DHCP yet, just get the router set-up as per that first guide. It covers pppoe and a basic firewall.
by hilton
Thu Nov 05, 2009 3:05 pm
Forum: RouterBOARD hardware
Topic: advanced pptp configuration
Replies: 4
Views: 3542

Re: advanced pptp configuration

Assign your pptp client an IP in a completely different (3rd) subnet. Assign the local side an IP in that same subnet. ie, 192.168.50.1 & 192.168.50.2. Now, you are just like anyone else being routed. Sam how is the remote pptp client then going to know how to get to the local network behind th...
by hilton
Thu Nov 05, 2009 12:19 pm
Forum: Beginner Basics
Topic: PPTP Link doesn't work between MT router & Windows-XP
Replies: 21
Views: 6066

Re: PPTP Link doesn't work between MT router & Windows-XP

Perhaps tell us what you're trying to achieve in the end. Is it just a PPTP VPN Server? Use this guide first; http://wiki.mikrotik.com/wiki/How_to_Connect_your_Home_Network_to_xDSL_Line Then this; http://wiki.mikrotik.com/wiki/PPTPServer For the netgear, look through the settings, it's currently set...
by hilton
Wed Nov 04, 2009 10:49 pm
Forum: Beginner Basics
Topic: need help?
Replies: 7
Views: 1948

Re: need help?

Depends if your susbscribers DNS service is free or not.

Otherwise just use OpenDNS.

208.67.222.222
208.67.220.220
by hilton
Wed Nov 04, 2009 5:12 pm
Forum: Beginner Basics
Topic: PPTP Link doesn't work between MT router & Windows-XP
Replies: 21
Views: 6066

Re: PPTP Link doesn't work between MT router & Windows-XP

If your PPTP VPN server works internally then it's a question of getting the port forward working. Can you telnet remote IP on 1723? If not then it depends on if your Netgear is set-up correctly and if you have configured any drop rules on the Mikrotik. Seriously though, I would change the netgear i...
by hilton
Wed Nov 04, 2009 2:00 pm
Forum: Beginner Basics
Topic: need help?
Replies: 7
Views: 1948

Re: need help?

/ip firewall nat chain=dstnat action=dst-nat to-addresses=1.2.3.4 (the ip of your new provider) to-ports=53 protocol=udp in-interface=local (or whatever your internal interface is called) dst-port=53 Or simply input the new provider's DNS settings directly into Miktotik and then alter the above rule...
by hilton
Wed Nov 04, 2009 1:55 pm
Forum: Beginner Basics
Topic: PPTP Link doesn't work between MT router & Windows-XP
Replies: 21
Views: 6066

Re: PPTP Link doesn't work between MT router & Windows-XP

Firstly there are plenty of examples on the wiki, online manual and here in the forum; you just need to take the time to search.

Secondly it would appear that you trying to get the netgear to be the router as well as the Mikrotik.

Why?
by hilton
Tue Nov 03, 2009 1:08 pm
Forum: General
Topic: Iprovements In WinBox I Would Like To See...
Replies: 17
Views: 6342

Re: Iprovements In WinBox I Would Like To See...

Christian, you are a star!

Well done!
by hilton
Mon Nov 02, 2009 4:51 pm
Forum: General
Topic: WOL - what am I doing wrong?
Replies: 8
Views: 2738

Re: WOL - what am I doing wrong?

Turned out I wasn't doing anything wrong, it was a bug.

It's now working as expected (4.1)
by hilton
Fri Oct 30, 2009 2:04 pm
Forum: Scripting
Topic: opendns with dynamic ip
Replies: 30
Views: 15637

Re: opendns with dynamic ip

okay okay... i will try to make this a higher priority for us. We will relay an update to opendns upon an update to changeip.com ddns. however, i need to clear this with them first as they would start seeing a lot of updates coming from our single network. need to make sure its okay. Sam, any news ...
by hilton
Fri Oct 30, 2009 10:42 am
Forum: General
Topic: SOLVED! Winbox on Windows-7 using MAC Address doesn't work
Replies: 21
Views: 28762

Re: Winbox on Windows-7 using MAC Address doesn't work

you could try to right-click it and choose 'run as administrator
This works partially on my Win7 RC1

It shows the MAC address but not the IP.

I'm sure when I eventually conjure up the strength to reformat it will work on normal Windows 7.
by hilton
Wed Oct 28, 2009 1:55 pm
Forum: General
Topic: Iprovements In WinBox I Would Like To See...
Replies: 17
Views: 6342

Re: Iprovements In WinBox I Would Like To See...

I have written a small utility to make it possible to start a WinBox-connection by using an URL like http://<router-ip>/username/password. It can be downloaded from here: http://www.cmit.de/downloads/Mini-WinBox-URL-Scheme-Handler_v0.8.15.zip Marvellous! Just to note that you need to run the regist...
by hilton
Wed Oct 28, 2009 1:42 pm
Forum: Beginner Basics
Topic: PPTP Can access my routerboard but not private network
Replies: 1
Views: 838

Re: PPTP Can access my routerboard but not private network

You need to set 'proxy-arp' on the interface that the PPTP server resides on.
by hilton
Wed Oct 28, 2009 8:29 am
Forum: Scripting
Topic: problem with changeip ddns script
Replies: 6
Views: 3263

Re: problem with changeip ddns script

I get it!

Thanks Sam.
by hilton
Tue Oct 27, 2009 11:35 pm
Forum: General
Topic: SOLVED! Winbox on Windows-7 using MAC Address doesn't work
Replies: 21
Views: 28762

Re: Winbox on Windows-7 using MAC Address doesn't work

My windows 7 RC1 does not like Winbox connecting to MAC addresses but my colleagues Win 7 (proper) behaves just fine.
by hilton
Tue Oct 27, 2009 9:47 pm
Forum: Scripting
Topic: problem with changeip ddns script
Replies: 6
Views: 3263

Re: problem with changeip ddns script

Ok well here's the problem. I have one DSL account with normal internet access and then another with local only (local to the country) DSL internet access. Now I normally run the script on the local-only interface because of the cheaper costs. But if someone from outside the country tries to access ...
by hilton
Tue Oct 27, 2009 5:13 pm
Forum: Scripting
Topic: problem with changeip ddns script
Replies: 6
Views: 3263

problem with changeip ddns script

Sam, I've encountered a problem with that script of yours. If I have two scripts running but referencing different interfaces (of course), the update on your server (for both interfaces) only reflects one of the external IP addresses. :global ddnsinterface "adsl_unshaped" and :global ddnsi...
by hilton
Mon Oct 26, 2009 6:04 am
Forum: General
Topic: Impossible to block DHCP Server. By design, or bug???
Replies: 36
Views: 16453

Re: Impossible to block DHCP Server. By design, or bug???

My experience is that if you run the DHCP on a VLAN interface, then the traffic is limited to just the VLAN.

For example;

vlan20 (mikrotik DHCP for this vlan only)

vlan30 (windows server DHCP for this vlan only)
by hilton
Mon Oct 26, 2009 5:56 am
Forum: General
Topic: RouterOS License and v4 questions
Replies: 115
Views: 57467

Re: RouterOS License and v4 questions


AGAIN an other point of view... In a community open by support team, is expected the participation of them and the use of forum as an way of obtain support from support team...
Dude, loosen those tight panties of yours and just send support@mikrotik.com an email.

We'll all be better off.
by hilton
Tue Oct 20, 2009 12:42 am
Forum: Scripting
Topic: ChangeIP Script and ROS 4.beta.x
Replies: 16
Views: 6344

Re: ChangeIP Script and ROS 4.beta.x

4.x has a completely different scripting engine. It seems like global variables dont work the same in 4.x (or even work at all). I will be working here over the next week or two to get a 4.x script up and running. My script from 3.x works like a charm with 4.0 (haven't tested 4.1 yet). No changes n...
by hilton
Mon Oct 19, 2009 12:27 pm
Forum: General
Topic: DHCP Network Domain and DNS Domain settings are the same?
Replies: 2
Views: 995

DHCP Network Domain and DNS Domain settings are the same?

In the DHCP Network settings, there are separate options for ' DNS Domain ' and then simply ' Domain '. After some basic testing, I see that these fields are essentially the same and you can't set them as different values. So my question really is why the two options? Why not just one? Is this some ...
by hilton
Sat Oct 17, 2009 9:50 am
Forum: General
Topic: Mikrotik IPSEC to Sonicwall
Replies: 4
Views: 7563

Re: Mikrotik IPSEC to Sonicwall

by hilton
Sat Oct 17, 2009 9:20 am
Forum: Scripting
Topic: reboot
Replies: 6
Views: 1497

Re: reboot

Chupaka, does it also bug you when noobs don't bother to post a simple "thank you"?
by hilton
Fri Oct 16, 2009 6:12 pm
Forum: General
Topic: RouterOS v4 released
Replies: 38
Views: 6094

Re: RouterOS v4 released

When do we expect v4.1?? Mon or Tuesday?
:-))
Rod
How about now. Go check out the download page.
by hilton
Fri Oct 16, 2009 6:10 pm
Forum: General
Topic: RouterOS v4 released
Replies: 38
Views: 6094

Re: RouterOS v4 released

in Winbox? so, all is working, you just cannot see it in Winbox?
Yes that is my experience. Had me fooled for some time, I've learnt to trust winbox over the years and never thought to check via ssh or terminal.
by hilton
Fri Oct 16, 2009 9:46 am
Forum: General
Topic: RouterOS v4 released
Replies: 38
Views: 6094

Re: RouterOS v4 released

Upgrade to 4.0 on x86 cleaned out all the gateway/gateway interfaces in my routes. So the routes are still there but they reference nothing, so nuffin is working....... please make the support output file and send it to support. Just an update. I removed and added back the routes and yet the gatewa...
by hilton
Thu Oct 15, 2009 5:24 pm
Forum: General
Topic: New firewall matcher PCC
Replies: 298
Views: 94424

Re: New firewall matcher PCC

My understanding of 'passthrough' is this; If you want the firewall to continue to find and match further/more packets based on the criteria in the current rule then you need to tick 'passthrough'. If you are happy that the firewall has matched all you need then you may untick 'passthrough'. Here's ...
by hilton
Thu Oct 15, 2009 7:18 am
Forum: General
Topic: RouterOS v4 released
Replies: 38
Views: 6094

Re: RouterOS v4 released

Upgrade to 4.0 on x86 cleaned out all the gateway/gateway interfaces in my routes. So the routes are still there but they reference nothing, so nuffin is working....... Eish. Nb, my own server so not a client's but still worth knowing about. please make the support output file and send it to suppor...
by hilton
Wed Oct 14, 2009 7:47 am
Forum: General
Topic: IPSEC spoke and wheel network - Mikrotik to replace SonicWal
Replies: 18
Views: 9074

Re: IPSEC spoke and wheel network - Mikrotik to replace SonicWal

Dudes, you may want to take a look at this video as well;
http://gregsowell.com/?p=787#more-787
Let us know how you progress.
by hilton
Wed Oct 14, 2009 7:45 am
Forum: General
Topic: RouterOS v4 released
Replies: 38
Views: 6094

Re: RouterOS v4 released

Upgrade to 4.0 on x86 cleaned out all the gateway/gateway interfaces in my routes.

So the routes are still there but they reference nothing, so nuffin is working.......

Eish.

Nb, my own server so not a client's but still worth knowing about.
by hilton
Mon Oct 12, 2009 11:09 pm
Forum: General
Topic: IPSEC spoke and wheel network - Mikrotik to replace SonicWal
Replies: 18
Views: 9074

Re: IPSEC spoke and wheel network - Mikrotik to replace SonicWal

Sorry guys but I have no experience with IPSec.

Have you looked at the online manual? There's a couple of pretty comprehensive examples there to follow.

There are even a few articles in the wiki which cover what you need.

Hope you come right.
by hilton
Mon Oct 12, 2009 10:39 pm
Forum: General
Topic: Force reboot
Replies: 29
Views: 108462

Re: Force reboot

Put it in a script. /system reboot Tested on RB532 and RB433 Doesn't it still need the yes or no answered? No of course not. This is my script. name="reboot" owner="hilton" policy=ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive run-count=0 source= :delay 10s /s...
by hilton
Mon Oct 12, 2009 10:29 pm
Forum: Scripting
Topic: opendns with dynamic ip
Replies: 30
Views: 15637

Re: opendns with dynamic ip

Brilliant, thanks Sam.
by hilton
Sun Oct 11, 2009 9:48 pm
Forum: General
Topic: Force reboot
Replies: 29
Views: 108462

Re: Force reboot

Put it in a script.
/system reboot
Tested on RB532 and RB433
by hilton
Sun Oct 11, 2009 9:45 pm
Forum: General
Topic: IPSEC spoke and wheel network - Mikrotik to replace SonicWal
Replies: 18
Views: 9074

Re: IPSEC spoke and wheel network - Mikrotik to replace SonicWal

There should be a way to say which tunnels are allowed to acces which other tunnels...
Mark, this is done easily with simple static routing.
by hilton
Sun Oct 11, 2009 9:42 pm
Forum: General
Topic: WDS connected via cat5 - is this feasible?
Replies: 31
Views: 7318

Re: WDS connected via cat5 - is this feasible?

Yes exactly... that's why I said same frequency band, not same frequencies.
I wasn't listening properly. Sigh.

Thanks.
by hilton
Sun Oct 11, 2009 12:11 am
Forum: Beginner Basics
Topic: Wake On Lan problems with RB450G under 3.30
Replies: 21
Views: 5684

Re: Wake On Lan problems with RB450G under 3.30

we found a bug and fixed it
You can't say I didn't tell you before!

http://forum.mikrotik.com/viewtopic.php?f=2&t=34294
by hilton
Sat Oct 10, 2009 11:59 pm
Forum: General
Topic: IPSEC spoke and wheel network - Mikrotik to replace SonicWal
Replies: 18
Views: 9074

Re: IPSEC spoke and wheel network - Mikrotik to replace SonicWal

This is done very easily with L2TP. Why do you need to use IPSec?
by hilton
Sat Oct 10, 2009 11:55 pm
Forum: General
Topic: WDS connected via cat5 - is this feasible?
Replies: 31
Views: 7318

Re: WDS connected via cat5 - is this feasible?

same SSID, same frequency band
Say again? I thought the whole idea was to keep the channels clean. So first channel 1, then 6 then 11 and then back to 1?
by hilton
Thu Oct 08, 2009 9:10 am
Forum: General
Topic: Multiple PPTP clients behind MT firewall
Replies: 4
Views: 2056

Re: Multiple PPTP clients behind MT firewall

Post your masquerade rule.
by hilton
Wed Oct 07, 2009 11:07 pm
Forum: General
Topic: Multiple PPTP clients behind MT firewall
Replies: 4
Views: 2056

Re: Multiple PPTP clients behind MT firewall

RouterOS certainly can do this. Strangely enough I've always found the 'moms and pops' routers to have this limitation.

Anyway, just make sure the PPTP service port is enabled in the firewall. This is effectively a NAT helper.
by hilton
Wed Oct 07, 2009 10:59 pm
Forum: General
Topic: Port Isolation?
Replies: 13
Views: 20889

Re: Port Isolation?

Thanks very very much Fewi. Greatly appreciated.
by hilton
Wed Oct 07, 2009 5:02 pm
Forum: General
Topic: Port Isolation?
Replies: 13
Views: 20889

Re: Port Isolation?

exactly, you would add exception rule that will accept packets that come from one address and goes to other one in other network. And place that rule just before drop rule. Thank you, this worked like a charm. I ignored the interface option and just dropped from one IP range to another. If I wanted...
by hilton
Wed Oct 07, 2009 1:23 pm
Forum: General
Topic: Port Isolation?
Replies: 13
Views: 20889

Re: Port Isolation?

Fewi, so to separate VLANs you would create a couple of Routing Rules to drop the packets assuming the VLANs are now configured on the Router on a single ethernet port? But if I wanted a single IP in VLAN2 to access another IP in VLAN3, I would have to create a 'lookup' rule for this and then a drop...
by hilton
Sat Oct 03, 2009 9:55 pm
Forum: General
Topic: Windows Vista bug? RB450G bug? or Mikrotik bug?
Replies: 12
Views: 2345

Re: Windows Vista bug? RB450G bug? or Mikrotik bug?

I would also look at the cable. Maybe a virus is hiding in the background. Oh wait that IS vista.

Seriously though what service pack? The default Vista needed all sorts of TCP/IP and network tuning before it would work properly.

Not so Windows 7.
by hilton
Sat Sep 26, 2009 9:49 pm
Forum: Beginner Basics
Topic: best vpn to use using dynamic dns
Replies: 5
Views: 3348

Re: best vpn to use using dynamic dns

so i guess what i need right now is a script that will reconfigure the vpn configuration when the remote ip is changed. :global "vpn-interface-name" "pptp-vpn" :global "vpn-dns-name" "remotevpn.yourdomain.com" :global "new-vpn-ip" [:resolve $"v...
by hilton
Fri Sep 18, 2009 9:19 am
Forum: General
Topic: SSH key import fails
Replies: 4
Views: 5665

Re: SSH key import fails

You have to convert your SSH keys from linux to PuTTY format using the tool included with putty tools.
Ah, so there's a secret conversion needed!

Thanks for this tip, I will certainly try this.

Have a great weekend.
by hilton
Sun Sep 13, 2009 11:54 pm
Forum: Beginner Basics
Topic: PPTP through internet to RB
Replies: 10
Views: 3778

Re: PPTP through internet to RB

Post your config.
by hilton
Sun Sep 13, 2009 12:30 am
Forum: RouterBOARD hardware
Topic: VLAN configuration
Replies: 3
Views: 1469

Re: VLAN configuration

has anyone found some info from Mikrotik that indicates what User Service Tag means??
Try this;

http://forum.mikrotik.com/viewtopic.php ... 19#p167419
by hilton
Tue Aug 25, 2009 11:03 pm
Forum: General
Topic: SSH key import fails
Replies: 4
Views: 5665

SSH key import fails

I'm trying to use this lovely wiki article that Sam Norris wrote; http://wiki.mikrotik.com/wiki/Use_SSH_to_execute_commands_%28DSA_key_login%29 If I use PuTTY Key Generator to produce the pair of keys, RouterOS (3.28) gives me this error; import failed (only DSA public keys supported) When I generat...
by hilton
Tue Aug 25, 2009 8:04 pm
Forum: General
Topic: VLAN configuration confirmation please
Replies: 4
Views: 1306

Re: VLAN configuration confirmation please

Thanks Felix.

Keep well.
by hilton
Tue Aug 25, 2009 7:56 pm
Forum: General
Topic: VLAN configuration confirmation please
Replies: 4
Views: 1306

Re: VLAN configuration confirmation please

Thanks Felix, makes sense. So I need this type of rule? /ip firewall filter add chain=forward in-interface=vlan40 out-interface=vlan20 action=drop This should drop any packets from the guest vlan wandering over to the staff vlan? Confirm I cannot masquerade an in-interface so I'll need create a src-...
by hilton
Tue Aug 25, 2009 7:04 pm
Forum: General
Topic: VLAN configuration confirmation please
Replies: 4
Views: 1306

VLAN configuration confirmation please

I'm new to VLANs with Mikrotik so I just need confirmation for my set-up please. I have four VLANs; vlan20 (guests - need internet access) vlan40 (staff wired - need internet access) vlan50 (staff wireless - need internet access) vlan100 (management - no internet access necessary) I have a couple of...
by hilton
Tue Aug 25, 2009 12:05 pm
Forum: General
Topic: New firewall matcher PCC
Replies: 298
Views: 94424

Re: New firewall matcher PCC

Post your config NetworkPro, I'm interested in your handy work.
by hilton
Mon Aug 24, 2009 3:02 pm
Forum: General
Topic: Is a default route needed when policy routing? - confused
Replies: 6
Views: 1397

Re: Is a default route needed when policy routing? - confused

Have you considered reversing your logic? Maybe you should routing-mark the other gateway traffic and leave the interface you want as the default unmarked. This would indeed be the easier way to go except that I'm trying to catch encrypted bittorrents and I can't so figured it's easier to route tha...
by hilton
Mon Aug 24, 2009 2:02 pm
Forum: General
Topic: Is a default route needed when policy routing? - confused
Replies: 6
Views: 1397

Re: Is a default route needed when policy routing? - confused

Sam thanks for that. I left the default route in place and didn't try and tag 'other' and this works although I don't understand why I'm not catching all the other traffic. Anyway I now have this new problem/issue. I have a normal ADSL account and then a 'local only' ADSL account where I stipulate l...
by hilton
Fri Aug 21, 2009 5:32 pm
Forum: General
Topic: Is a default route needed when policy routing? - confused
Replies: 6
Views: 1397

Is a default route needed when policy routing? - confused

My aim is to route traffic via certain wan connections depending on the type of connection. In other words, route http and https traffic via wan1 and all other via wan2. This works but I don't understand why I need a default route. Please bear with me as I share my set-up. Two WAN connections via AD...
by hilton
Wed Aug 19, 2009 3:03 pm
Forum: General
Topic: WOL - what am I doing wrong?
Replies: 8
Views: 2738

Re: WOL - what am I doing wrong?

The WOL packet is almost to simple to get wrong.
I agree. This is what is so frustrating.

I'm using a mix of 100Mb and Gig switches; would this perhaps be a cause of the problem?
by hilton
Wed Aug 19, 2009 11:28 am
Forum: General
Topic: WOL - what am I doing wrong?
Replies: 8
Views: 2738

Re: WOL - what am I doing wrong?

Alas that's what I have both at the office and home.

If you say it's working then I'll believe you, it just seems like such a trivial issue and yet one that has me stumped.
by hilton
Wed Aug 19, 2009 10:58 am
Forum: General
Topic: WOL - what am I doing wrong?
Replies: 8
Views: 2738

WOL - what am I doing wrong?

Right, decided to use WOL on a NAS box. It's a brand spanking new HP ML110 with WOL enabled in the BIOS. In RouterOS, I run the command /tool wol 00:01:02:03:04:05:06 (whatever the MAC really is) but bugger all happens. I've checked the MAC and I've even tried the SolarWinds WOL utility but for the ...
by hilton
Wed Aug 19, 2009 10:47 am
Forum: General
Topic: RouterOs on virtual Machine
Replies: 2
Views: 2361

Re: RouterOs on virtual Machine

I have this successfully running in VirtualBox. As clarkstyx says just make sure the network card is set to bridged mode. Depending on the virtual program, you may have to try out the various virtual network cards. In VirtualBox, RouterOS works when you set the network card to PCnet-PCI II. Linux sy...
by hilton
Tue Aug 11, 2009 2:03 pm
Forum: General
Topic: New firewall matcher PCC
Replies: 298
Views: 94424

Re: New firewall matcher PCC

Cool, thanks.
by hilton
Tue Aug 11, 2009 12:56 pm
Forum: General
Topic: New firewall matcher PCC
Replies: 298
Views: 94424

Re: New firewall matcher PCC

Thanks Chupaka.

Can one have a combination of PCC for general load balancing and then policy based routing for a certain traffic?
by hilton
Mon Aug 10, 2009 11:02 pm
Forum: General
Topic: New firewall matcher PCC
Replies: 298
Views: 94424

Re: New firewall matcher PCC

Chupaka, please confirm something for me.

If I simply want to route say ports 80 and 443 via wan1 and say the rest via wan2, I then DO NOT need PCC, rather policy based routing?

PCC is more for load balancing?

Thanks.
by hilton
Mon Aug 10, 2009 12:49 pm
Forum: RouterBOARD hardware
Topic: RB750 vs RB450
Replies: 47
Views: 28375

Re: RB750 vs RB450

I've designed a nice 1U rackmount case that we can pop a RB450 in. The cost for Schurman to laser cut the sheet metal for just one or two is prohibitive. We'd end up paying more for the case than for the RB450. Please PM me if you know of others who would be interested in this type of case. If we c...
by hilton
Sun Aug 09, 2009 1:23 am
Forum: General
Topic: 3.28 and Torrents
Replies: 8
Views: 1762

Re: 3.28 and Torrents

Eben, I'm using Free Download Manager that uses a built in torrent client and my downloads are fine on a RB532 running 3.28.
by hilton
Sat Aug 08, 2009 12:47 pm
Forum: General
Topic: Webbox and 3.28
Replies: 5
Views: 1502

Re: Webbox and 3.28

Probably :-)

I just can't remember on which Router I had the problem on but you're right, it's the x86 where the webbox was broken in the later releases.

Sorry to mislead anyone.

Take it as 'Webbox STILL WORKS on RB532s' :lol:
by hilton
Sat Aug 08, 2009 12:12 pm
Forum: General
Topic: Webbox and 3.28
Replies: 5
Views: 1502

Re: Webbox and 3.28

and on RB532.
by hilton
Fri Aug 07, 2009 10:05 pm
Forum: General
Topic: Using is at a switch?
Replies: 2
Views: 950

Re: Using is at a switch?

by hilton
Thu Aug 06, 2009 9:42 pm
Forum: General
Topic: HOWTO: Windows File & Print Sharing over PPTP VPN
Replies: 16
Views: 29136

Re: HOWTO: Windows File & Print Sharing over PPTP VPN

The Mikrotik gateway is running DNS but as far as I know it doesn't allow registration from the windows clients. Yes it's only a 'resolving' name service. You'll need to run a full blown DNS server to get this to work for you. Or mess with lmhosts.sam or perhaps hosts file. Just drop in a SME serve...
by hilton
Thu Aug 06, 2009 1:54 pm
Forum: General
Topic: feature request : GRE tunnel
Replies: 56
Views: 33455

Re: feature request : GRE tunnel

Normis, jūs esat gudrs persona

:-)
by hilton
Thu Aug 06, 2009 1:44 pm
Forum: General
Topic: HOWTO: Windows File & Print Sharing over PPTP VPN
Replies: 16
Views: 29136

Re: HOWTO: Windows File & Print Sharing over PPTP VPN

I'm really not a windows person, sorry :) How would you do this with DNS, assuming that there isn't (and won't) be a Windows server? Basically your problem boils down to not having a master browser service list that your PC can access. The VPN connection won't broadcast netbios packets (port 137). ...
by hilton
Tue Jul 28, 2009 12:04 am
Forum: General
Topic: MT NTP server & XP
Replies: 4
Views: 1361

Re: MT NTP server & XP

Mine works. See the attached graphic. Whatcha doing wrong?
by hilton
Mon Jul 20, 2009 12:14 am
Forum: General
Topic: Mikrotik v3.25 and VirtualBox / Qemu
Replies: 23
Views: 12006

Re: Mikrotik v3.25 and VirtualBox / Qemu

Got 3.27 working (XEN package hangs it, some dependencies are flaky) If at MAC level, using "PCNet" cards and bridging, you get to communicate with it easily (winbox/dude)... IP is another problem (ping well, but Winbox won't connect). 3.27 on Virtualbox 3.0.2 works just fine. I'm using P...
by hilton
Sat Jul 18, 2009 7:47 pm
Forum: General
Topic: 3.26 webbox still not working
Replies: 8
Views: 2084

Re: 3.26 webbox still not working

Hopefully in 3.27 the webbox will be completely fixed. It's long over due.
Sadly not.

3.27 on x86 does not let me login on webbox.
by hilton
Thu Jul 16, 2009 3:28 pm
Forum: Beginner Basics
Topic: Complete Begginer / 493 borad configuration questions
Replies: 6
Views: 2579

Re: Complete Begginer / 493 borad configuration questions

I would say that learning MikroTik has a lot to do with learning how TCP/IP standards work. I think this probably sums up using Mikrotiks. If one is prepared to put in the hard work then eventually the mist clears. If however all one needs or wants is a simple point and click router then a 'Moms an...
by hilton
Thu Jul 16, 2009 2:30 pm
Forum: General
Topic: 3.26 webbox still not working
Replies: 8
Views: 2084

Re: 3.26 webbox still not working

I can confirm that 3.26 on x86 is not working. I've checked with Firefox 3.5 and IE8 and neither will let me login. No error on IE8, just back to this page requesting your credentials again; http://192.168.50.2:81/cfg?page=interface When I check on the connected users in winbox, I see multiple insta...
by hilton
Thu Jul 16, 2009 10:14 am
Forum: General
Topic: v3.26 Released
Replies: 44
Views: 8529

Re: v3.26 Released

Well - two more primaries updated and operational - the clock date field is hilarious though - check it out.

Please let me know what is up with that??

Rod
What are you smoking?

Looks normal to me.
by hilton
Wed Jul 15, 2009 4:44 pm
Forum: General
Topic: v3.26 Released
Replies: 44
Views: 8529

Re: v3.26 Released

First attempt at an upgrade to 3.26 from 3.25 on a x86 box did not succeed.
I had to downgrade to 3.13 and then upgrade to 3.26 to make it all work.

License key is intact (not sure what the issue is with that though).
by hilton
Wed Jul 15, 2009 3:53 pm
Forum: General
Topic: chupaka need your experties regarding mms streaming :)
Replies: 15
Views: 3041

Re: chupaka need your experties regarding mms streaming :)

we are testing upstream bandwid streaming now anybody can access mms://202.78.124.3:1234 :)
working like a bomb here in South Africa. The stream is transferring on average 70kbps.

Nice music!
by hilton
Tue Jul 14, 2009 5:03 pm
Forum: General
Topic: v3.26 Released
Replies: 44
Views: 8529

Re: v3.26 Released

First attempt at an upgrade to 3.26 from 3.25 on a x86 box did not succeed.

Copied over the relevant packages, rebooted and she's still on 3.25.
by hilton
Fri Jul 10, 2009 12:41 pm
Forum: General
Topic: SMS receiving now supported, can run scripts
Replies: 49
Views: 29832

Re: SMS receiving now supported, can run scripts

Joshiii, this is not possible. The Mikrotik router is an IP based device and NOT a GSM device.
by hilton
Fri Jul 10, 2009 12:28 pm
Forum: General
Topic: Find IP Addresses for domains
Replies: 8
Views: 1359

Re: Find IP Addresses for domains

I am replacing the teacher who took care of the school’s router board configuration. I'm sorry but schools all over the world are notorious for this. Thinking that anything thing IT related can just be installed and never maintained and yet they still expect things to keep working. The school canno...
by hilton
Fri Jul 10, 2009 12:04 pm
Forum: General
Topic: SMS receiving now supported, can run scripts
Replies: 49
Views: 29832

Re: SMS receiving now supported, can run scripts

Normis, sms in this country (South Africa/Nambia) is not free.

They would need to use something like this;

http://www.winsms.co.za/

And then route the replies back to their email which is available via the Mikrotik router.
by hilton
Fri Jul 10, 2009 11:50 am
Forum: General
Topic: SMS receiving now supported, can run scripts
Replies: 49
Views: 29832

Re: SMS receiving now supported, can run scripts

Joshiii, you need to attach a 3G modem to the router which in turn needs a cell tower nearby.

You could host a server somewhere and set-up a jabber server and let the farmers use that for comms?
by hilton
Wed Jul 08, 2009 6:44 pm
Forum: General
Topic: block audio streaming
Replies: 4
Views: 7666

Re: block audio streaming

Thanks.

I do use OpenDNS but it would be nice to plug a device behind the Mikrotik router.

I sent you an email though so hopefully you get it.
by hilton
Wed Jul 08, 2009 5:26 pm
Forum: General
Topic: block audio streaming
Replies: 4
Views: 7666

Re: block audio streaming

For a more comprehensive solution, we use a separate appliance between the Mikrotik and the LAN to implement very detailed Internet usage controls.
Could please elaborate? I know this not related to Mikrotik but it is a necessary requirement nowadays.
by hilton
Sat Jul 04, 2009 12:25 am
Forum: Scripting
Topic: opendns with dynamic ip
Replies: 30
Views: 15637

Re: opendns with dynamic ip

i have mikrotik 2.9.27
First upgrade to an authentic version, then ask questions.
by hilton
Thu Jun 18, 2009 10:43 am
Forum: General
Topic: RouterOS V3.25 released
Replies: 34
Views: 6206

Re: RouterOS V3.25 released

but most of the time a resealer doesnt help with the problems! Ain't that the truth! In my early days with RouterOS, I had a problem where remote PPTP clients on the same subnet could not comminucate with the other LAN computers. A simple Proxy-ARP issue but the reseller here in South Africa (M) ha...
by hilton
Wed Jun 17, 2009 8:42 am
Forum: General
Topic: RouterOS V3.25 released
Replies: 34
Views: 6206

Re: RouterOS V3.25 released

AGAIN, Im going to prove a point with MT and how they dont test there stuff properly.. Mikrotik cannot test for every likely scenario. It's not in their best business interest to test old boards. RB133s are ancient. It's like expecting Windows Server 2008 to run on a Pentium III. Started upgarding ...
by hilton
Tue Jun 16, 2009 1:13 pm
Forum: General
Topic: proxy and no hits
Replies: 19
Views: 5780

Re: proxy and no hits

cpu usage 60-70% memory high to Not too sure what you mean here. If the memory counter at the top (next to CPU and uptime) is high then this is GOOD because it's available memory, not used memory. However, I see that you're not using the hard drive for caching, rather you've specified (inadvertentl...
by hilton
Mon Jun 15, 2009 9:00 pm
Forum: General
Topic: RouterOS V3.25 released
Replies: 34
Views: 6206

Re: RouterOS V3.25 released

*) made WinBox work better on smaller screens;
I suspect this may have actually made it worse. One of the gripes was that a sub menu list was too long to view in a small screen. Now whilst the top level menu options are fewer, the sub-menus are now way too long.
by hilton
Wed Jun 03, 2009 11:12 am
Forum: General
Topic: Using another port than 1701 for L2TP
Replies: 15
Views: 20721

Re: Using another port than 1701 for L2TP

Perhaps you could give the guy an answer to his question? Sometimes more questions are needed before an answer is given. Perhaps he has already tried to ask, or it's not an option to ask? How would I know this before he answers my question? Perhaps others in the forum would be interested in an answ...
by hilton
Wed Jun 03, 2009 10:58 am
Forum: Beginner Basics
Topic: winbox won't connect using the mac address.
Replies: 12
Views: 44848

Re: winbox won't connect using the mac address.

thanks, I will try this out.
by hilton
Tue Jun 02, 2009 5:31 pm
Forum: General
Topic: New Email settings options
Replies: 5
Views: 1452

Re: New Email settings options

thanks mate!
by hilton
Tue Jun 02, 2009 1:08 pm
Forum: General
Topic: New Email settings options
Replies: 5
Views: 1452

Re: New Email settings options

To confirm, the 'user' and 'password' are the corresponding fields for your SMTP authentication server?
by hilton
Tue Jun 02, 2009 12:01 pm
Forum: General
Topic: Using another port than 1701 for L2TP
Replies: 15
Views: 20721

Re: Using another port than 1701 for L2TP

May be another solution? The client RouterBoard have not a Public IP, is behind a nat and the STRICT firewall Perhaps their 'STRICT firewall' is there for a reason? Perhaps you would be breaching the terms and conditions of the internet service? Perhaps it's easier to just ask them to open up the p...
by hilton
Mon Jun 01, 2009 11:46 am
Forum: General
Topic: New Email settings options
Replies: 5
Views: 1452

New Email settings options

I noticed that under /tool e-mail there are new options available.

'user' and 'password'

I initially thought these to be simple authentication but I don't seem to be able to get it to work. Has anyone sucessfully used these new options or perhaps I've misunderstood something?
by hilton
Thu May 28, 2009 7:51 pm
Forum: Scripting
Topic: Zonedit Dynamic DNS Update Script
Replies: 12
Views: 4776

Re: Zonedit Dynamic DNS Update Script

Family comes first so whenever you get the time.

Thanks
by hilton
Thu May 28, 2009 4:55 pm
Forum: Scripting
Topic: Routing with original source address
Replies: 15
Views: 3720

Re: Routing with original source address

So if I was trying to automatically redirect port 80 traffic on my LAN to another internal proxy server, I would add this rule BEFORE my normal masquerade rule? src-address=your internal LAN dst-protocol=tcp dst-port=80 action=accept This would effectively 'accept' all traffic bound for port 80 and ...
by hilton
Thu May 28, 2009 3:58 pm
Forum: Scripting
Topic: Zonedit Dynamic DNS Update Script
Replies: 12
Views: 4776

Re: Zonedit Dynamic DNS Update Script

Now that fetch is available I am working on a script that will use remote web ip detection as well as standard updates - although I don't know if SSL is supported. Look for an update in the next week or two. To quote U2, "I still haven't found what I'm looking for" :-) Sam, what is the pr...
by hilton
Thu May 28, 2009 3:50 pm
Forum: Scripting
Topic: Routing with original source address
Replies: 15
Views: 3720

Re: Routing with original source address

yesss, you should not masquerade http traffic to your proxy. Chupaka, are you referring to internal proxy servers (on the LAN) or to only external ones? I don't see how any http traffic would reach the external proxy server is masquerading is turned off. Unless I need a rule like andreacoppini ment...
by hilton
Thu May 28, 2009 3:33 pm
Forum: Beginner Basics
Topic: Help with firewall rules
Replies: 5
Views: 1596

Re: Help with firewall rules

I got a router box, RB1000 witch has a public IP and a private IP. It is used as PPPoE, Usermanager and router. I would like to only be able to reach management (ssh, telnet, winbox, usermanager-web etc) from one subnet 10.1.0.0/24. Let's get you started; /ip firewall filter add chain=input action=...
by hilton
Thu May 28, 2009 9:32 am
Forum: General
Topic: different type of NAT
Replies: 27
Views: 10706

Re: different type of NAT

Couple of questions;

1. Who is your ISP?
2. What internet package are you on?
3. URL of all this?
4. What version of RouterOS are you running?
by hilton
Wed May 27, 2009 8:52 am
Forum: General
Topic: External Open Source Caching Server
Replies: 4
Views: 1621

Re: External Open Source Caching Server

Muhammad, I don't exactly understand why you need the pppoe connection back to the Mikrotik router. Why can't you just use the existing 192.168.100.2 link?

Is this perhaps because of the packet flow?
by hilton
Tue May 26, 2009 2:25 pm
Forum: General
Topic: Remote access VPN Without PPTP
Replies: 11
Views: 3903

Re: Remote access VPN Without PPTP

On the client side just make sure the ‘type of VPN’ is set to ‘PPTP’ and that under ‘security’ you have ‘require data encryption’ ticked and that IPv6 is NOT ticked.

I can't remember if this is the default though.
by hilton
Tue May 26, 2009 2:14 pm
Forum: General
Topic: Remote access VPN Without PPTP
Replies: 11
Views: 3903

Re: Remote access VPN Without PPTP

Hi, the fact is that I need encryption, and PPTP does not seems to provide any encryption algorithms Says who? Mikrotik provides MPPE 128 stateless encryption. and I need confidentiality According to RFC 3078, it states MPPE uses the RSA RC4 [3] algorithm to provide data confidentiality. The length...
by hilton
Tue May 26, 2009 1:38 pm
Forum: General
Topic: Remote access VPN Without PPTP
Replies: 11
Views: 3903

Re: Remote access VPN Without PPTP

[ I searched L2TP/IPSEC, I found that: http://wiki.mikrotik.com/wiki/MikroTik_RouterOS_and_Windows_XP_IPSec/L2TP But it's not very easy on the client side, having to modify IPSec policies. Hey welcome to life dude! Seriously you can't have your cake AND eat it. If the requirements are that stringen...
by hilton
Tue May 26, 2009 1:15 pm
Forum: General
Topic: different type of NAT
Replies: 27
Views: 10706

Re: different type of NAT

Sounds like you may be blocked then. Perhaps you could take the router to a friend whose is using a different ISP and test your config. Also check the terms and conditions of your internet access because they may specifically deny sharing of the line.
by hilton
Mon May 25, 2009 10:40 pm
Forum: General
Topic: different type of NAT
Replies: 27
Views: 10706

Re: different type of NAT

/ip firewall nat add chain=srcnat src-address=192.168.0.1/24 action=masquerade out-interface=wan
change
out-interface=wan
to this
in-interface=wan
try it and let us know.
by hilton
Mon May 25, 2009 10:37 pm
Forum: General
Topic: Looking for solution to redirect DNS's server
Replies: 11
Views: 7111

Re: Looking for solution to redirect DNS's server

Great that you came right!
by hilton
Mon May 25, 2009 9:42 pm
Forum: General
Topic: different type of NAT
Replies: 27
Views: 10706

Re: different type of NAT

is there any way to masquerade a nat blocked ip Perhaps but it depends on what you mean by 'blocked'? i can ping yahoo.com from my mikrotik terminal box. but when i share this connection .i cannot ping yahoo.com from my xp pc. but it ping to the isp gateway How exactly are you 'sharing' this connec...
by hilton
Sat May 23, 2009 5:45 pm
Forum: Beginner Basics
Topic: Complete Begginer / 493 borad configuration questions
Replies: 6
Views: 2579

Re: Complete Begginer / 493 borad configuration questions

1. ETHER1 -> PPPoE dialing connection to the internet over DSL modem see this; http://wiki.mikrotik.com/wiki/How_to_Connect_your_Home_Network_to_xDSL_Line DynDNS static hostname updating see this; http://wiki.mikrotik.com/wiki/Dynamic_DNS_Update_Script_for_ChangeIP.com ETHER1 has a different subnet...
by hilton
Sat May 23, 2009 5:07 pm
Forum: Beginner Basics
Topic: How do I close a site within the MikroTik router ?
Replies: 3
Views: 1244

Re: How do I close a site within the MikroTik router ?

You need to use the web proxy component and create access rules.

Be warned, this is NOT a content filter so any tinkering of the proxy to block web sites is very labour intensive.
by hilton
Wed May 20, 2009 11:20 pm
Forum: Beginner Basics
Topic: Split international & local traffic by ip & route over pppoe
Replies: 26
Views: 6682

Re: Split international & local traffic by ip & route over pppoe

Ok, but are they kept up to date? not sure but I recall that he generates this list every night, but email the dude and ask him yourself. BTW, when using local only internet, have you found a way to get the Public IP of a router without using Dyndns or equivalent as this requires international band...
by hilton
Wed May 20, 2009 4:29 pm
Forum: General
Topic: Looking for solution to redirect DNS's server
Replies: 11
Views: 7111

Re: Looking for solution to redirect DNS's server

Firstly you don't need Bind or similar unless you are actually hosting domain names. If all you're after is a DNS resolver type of server then yes you need to use the Mikrotik as your primary DNS server. Basic steps. /ip dns set primary-dns=208.67.222.222 secondary-dns=208.67.222.220 allow-remote-re...
by hilton
Tue May 19, 2009 6:54 pm
Forum: Beginner Basics
Topic: DHCP pool
Replies: 13
Views: 9302

Re: DHCP pool

Ok, but tell me: in hotspot "users profile" and "servers" i have to insert a pool with all possible ip of my users or only of users with dhcp?
Sorry but I haven't used hotspot before.
by hilton
Tue May 19, 2009 12:32 pm
Forum: Beginner Basics
Topic: DHCP pool
Replies: 13
Views: 9302

Re: DHCP pool

What I mean is use a contiguous IP pool.
by hilton
Tue May 19, 2009 11:17 am
Forum: General
Topic: Proxylizer Issue
Replies: 13
Views: 4187

Re: Proxylizer Issue

Dear let me requote, when i use "topics=web-proxy, !debug" i get no logs at all. And i really mean no logs, so what will be transfered if i have no logs. The only way i see any sort of web-proxy logs is "topics=web-proxy,debug" . Why do you keep insisting on using the debug opti...
by hilton
Mon May 18, 2009 5:30 pm
Forum: Beginner Basics
Topic: DHCP pool
Replies: 13
Views: 9302

Re: DHCP pool

/ip pool add name=hs-pool-4 ranges=192.168.2.1,192.168.2.3-192.168.2.254 add name=dhcp_pool1 ranges=192.168.2.1,192.168.2.210-192.168.2.240 add name=dhcp_pool2 ranges=\ 192.168.2.220-192.168.2.240,192.168.2.1,192.168.2.3-192.168.2.70 add name=pooldhcp ranges=192.168.2.210-192.168.2.240 I'm not foll...
by hilton
Mon May 18, 2009 10:39 am
Forum: Beginner Basics
Topic: DHCP pool
Replies: 13
Views: 9302

Re: DHCP pool

Post your config so we can take a look.

What version of RouterOS are you running?
by hilton
Mon May 18, 2009 9:57 am
Forum: Beginner Basics
Topic: How to backup
Replies: 4
Views: 1646

Re: How to backup

copy the backup file and then upload to other box if u want The backup command stores the MAC addresses of the Ethernet ports which are unique to the router. Restoring this onto new or other hardware will result in a mismatch of addresses and the restore won't work. Better to export and then apply ...
by hilton
Mon May 18, 2009 9:51 am
Forum: Beginner Basics
Topic: DHCP pool
Replies: 13
Views: 9302

Re: DHCP pool

Just create a pool with that particular IP range. The DHCP server will then in turn only distribute IPs based on that pool.
by hilton
Mon May 18, 2009 9:41 am
Forum: General
Topic: How to save web-proxy logs (its urgent)
Replies: 5
Views: 3840

Re: How to save web-proxy logs (its urgent)

You need to use a syslog server, such as Dude or Kiwi etc.

Remember, Mikrotik is not a fully fledged proxy server with all the bells and whistles, it's a router.
by hilton
Sat May 16, 2009 3:38 pm
Forum: Beginner Basics
Topic: Specific question on Port forwarding
Replies: 21
Views: 3763

Re: Specific question on Port forwarding

Yes that is exactly your problem. Routing.

Take a look at these wiki articles;

http://wiki.mikrotik.com/wiki/Load_Bala ... e_Gateways

http://wiki.mikrotik.com/wiki/PCC
by hilton
Sat May 16, 2009 2:45 pm
Forum: Beginner Basics
Topic: Specific question on Port forwarding
Replies: 21
Views: 3763

Re: Specific question on Port forwarding

Just change the 'in-interface' part of the rule
by hilton
Sat May 16, 2009 1:35 pm
Forum: Beginner Basics
Topic: Specific question on Port forwarding
Replies: 21
Views: 3763

Re: Specific question on Port forwarding

This looks correct. If I were to browse
http://yourdomain:81
I would connect to your internal website.

Just make sure that the default gateway on the webserver is the same as the Mikrotik router.
by hilton
Fri May 15, 2009 6:20 pm
Forum: Beginner Basics
Topic: Specific question on Port forwarding
Replies: 21
Views: 3763

Re: Specific question on Port forwarding

Post the exact rule.
by hilton
Thu May 14, 2009 6:16 pm
Forum: General
Topic: Selective Destination Routing
Replies: 10
Views: 3606

Re: Selective Destination Routing

Also I haven't used a web proxy with mikrotik yet. I know there is functionality built in but obviously on a routerboard without a hard drive this would be useless. I'd have to redirect it to a real web proxy for that to work right? Don't confuse proxy with cache. You can still use a proxy without ...
by hilton
Wed May 13, 2009 11:22 pm
Forum: General
Topic: Selective Destination Routing
Replies: 10
Views: 3606

Re: Selective Destination Routing

Anyone know how I would be able to selectively pass particular destination traffic (resolved) to a particular router/server? In other words, if any IP wants to contact for example "facebook.com" I want them to go to a different router than the default gateway. This would be outgoing only....
by hilton
Wed May 13, 2009 4:51 pm
Forum: Beginner Basics
Topic: Specific question on Port forwarding
Replies: 21
Views: 3763

Re: Specific question on Port forwarding

This is the filter list in the Mikrotik. What about the nat list, does anything have to happen ther? I have two External ISP connecitons and wnat to forward them to various systems inside. Can I do it with the filter rules alone? Any 'port forwarding' of sorts needs to happen under the NAT section ...
by hilton
Wed May 13, 2009 4:39 pm
Forum: Beginner Basics
Topic: VPN Server - Not able to contact other users in network
Replies: 6
Views: 2661

Re: VPN Server - Not able to contact other users in network

the proxy arp thing worked. But now we can't change IP's to any IP at all without it telling us there is an ip conflict.. It is quite odd. I'm looking at setting up the VPN IP's to be a a different range of IP's and then routing to the 192.168.20.0/24 network somehow. This is exactly what you need ...
by hilton
Sat May 09, 2009 1:33 pm
Forum: Beginner Basics
Topic: Use RB as a Switch?
Replies: 2
Views: 1151

Re: Use RB as a Switch?

Yes as Tom says you need to create a bridge because the RB532 does not support the Ethernet switch feature.

Or else sell it and buy a RB450.
by hilton
Thu May 07, 2009 4:28 pm
Forum: Beginner Basics
Topic: Specific question on Port forwarding
Replies: 21
Views: 3763

Re: Specific question on Port forwarding

I can reach port 3389. The other port, which is the winbox port, is not reachable from winbox. Is there some internal routing that needs to take place to allow the winbox port to go through or to the WAN interface? To connect to that router, you need to be playing with the INPUT chain and not the F...
by hilton
Thu May 07, 2009 3:48 pm
Forum: Beginner Basics
Topic: VPN Server - Not able to contact other users in network
Replies: 6
Views: 2661

Re: VPN Server - Not able to contact other users in network

You need to set ARP = 'proxy-arp' on the interface that is effectively the LAN interface of your office.

Make sense?
by hilton
Thu May 07, 2009 3:31 pm
Forum: Beginner Basics
Topic: winbox won't connect using the mac address.
Replies: 12
Views: 44848

Re: winbox won't connect using the mac address.

Yep, winbox on wine doesn't seem to work properly. I've only just tried this so I'm not that familiar with wine.
by hilton
Wed Apr 22, 2009 3:03 pm
Forum: Beginner Basics
Topic: DHCP question
Replies: 1
Views: 1871

Re: DHCP question

I'm using two subnets in the same LAN. Subnets like 10.1.1.X and 192.168.0.X. I want one NIC serving DHCP to all. The 10.1.1.X pool works fine. Assigned one more IP to the same NIC with 192.168.0.X range and made another pool for the 192.168.0.X, but wont let me assign to same NIC. Says: Couldn't a...
by hilton
Wed Apr 22, 2009 2:54 pm
Forum: General
Topic: Multiple VPN's work w/DHCP, but no access to internet
Replies: 3
Views: 1691

Re: Multiple VPN's work w/DHCP, but no access to internet

When I do a "tracert yahoo.com" the client only gets to the MikroTik router. Caveat, I've set up NAT. So I'm not even sure if NAT is working properly. And are there any suggestions for why the clients can't reach the internet while in the DHCP pool? Do you have something similar in your f...
by hilton
Wed Apr 22, 2009 2:50 pm
Forum: General
Topic: DNS Names for PPTP
Replies: 8
Views: 1874

Re: DNS Names for PPTP

thanks for this Nick. Good stuff.
by hilton
Mon Apr 20, 2009 7:01 pm
Forum: General
Topic: Multiple gateways and DST NAT
Replies: 6
Views: 3653

Re: Multiple gateways and DST NAT

Yes please post them, looking for something myself.

Thanks.
by hilton
Mon Apr 20, 2009 6:54 pm
Forum: General
Topic: DNS Names for PPTP
Replies: 8
Views: 1874

Re: DNS Names for PPTP

Since I've just got the e-mail to say 3.23 is available, I'd better try it!
Great stuff, let us know please.
by hilton
Thu Apr 16, 2009 3:45 pm
Forum: Beginner Basics
Topic: Wlan and local LAN on the same SubNetwork.
Replies: 2
Views: 1163

Re: Wlan and local LAN on the same SubNetwork.

You're in luck as there is a simple solution to this; 1. remove all IP address from the ether3 and wlan interfaces 2. make sure your bridge has the ether3 and wlan ports as part of it 3. create a new IP address for the bridge, say 192.168.5.1/24 4. configure the DHCP to work on the bridge interface ...
by hilton
Thu Apr 16, 2009 3:24 pm
Forum: General
Topic: in-interface vs out-interface
Replies: 4
Views: 11057

Re: in-interface vs out-interface

This is great!

Thanks guys I will pass this on immediately.
by hilton
Thu Apr 16, 2009 2:11 pm
Forum: General
Topic: in-interface vs out-interface
Replies: 4
Views: 11057

in-interface vs out-interface

A couple of my clients often get confused with which interface to use when creating a firewall rule. What's the easiest way to remember which is which?

Why is there a difference?
by hilton
Fri Apr 10, 2009 8:00 pm
Forum: General
Topic: How to bridge l2tp virtual interface with eth port?
Replies: 1
Views: 1258

Re: How to bridge l2tp virtual interface with eth port?

I think you need some additional routing rules.

See this wiki article.

http://wiki.mikrotik.com/wiki/Policy_Ro ... uterOS_3.x
by hilton
Fri Apr 10, 2009 7:57 pm
Forum: Beginner Basics
Topic: Connecting 2 mikrotiks
Replies: 2
Views: 1012

Re: Connecting 2 mikrotiks

You need to create some simple static routing rules. OSPF is not what you need.

See this;

http://wiki.mikrotik.com/wiki/Policy_Ro ... uterOS_3.x
by hilton
Wed Apr 08, 2009 12:01 pm
Forum: Beginner Basics
Topic: RB 450 +DNS +DHCP +Hotspot +RADIUS
Replies: 7
Views: 3080

Re: RB 450 +DNS +DHCP +Hotspot +RADIUS

I'm pretty sure this will work but maybe go for the new 450G which has eight (8) times the memory and more than twice the processing power. Nevertheless, I would configure the ADSL connection on Ether1 though. Why do you want to bridge the remaining 4 ports? Why not simply make them into a switch. L...
by hilton
Wed Apr 08, 2009 11:51 am
Forum: Beginner Basics
Topic: Setting Up NAT with PPPoE Client
Replies: 5
Views: 2480

Re: Setting Up NAT with PPPoE Client

Have you tried to create a masquerade rule in the firewall?

If so what is the rule?
by hilton
Tue Apr 07, 2009 7:31 pm
Forum: Beginner Basics
Topic: help connect adsl modem with mikrotik routeros
Replies: 12
Views: 2144

Re: help connect adsl modem with mikrotik routeros

Well good for you for coming clean. Not many do though so apologies for the heavy hand in my earlier reply.
by hilton
Mon Apr 06, 2009 4:15 pm
Forum: Beginner Basics
Topic: help connect adsl modem with mikrotik routeros
Replies: 12
Views: 2144

Re: help connect adsl modem with mikrotik routeros

I install RouterOs v2.9.27 on a machine with 2 NIC.
then
Hmm.. question, why are you installing v.2.9.27?
then
the version is not the issue right now
Busted!

Either use a legit version or stop bugging us.
by hilton
Thu Apr 02, 2009 4:19 pm
Forum: General
Topic: Changed to ChangeIP but need to keep Dyndns name!
Replies: 3
Views: 1211

Re: Changed to ChangeIP but need to keep Dyndns name!

Use this script; :global ddnsuser "your_account_name" :global ddnspass "your_account_password" :global ddnshost "your_changeip_ddns_name" :global ddnsip :global ddnslastip [:tostr [:resolve $ddnshost] ] :if ([ :typeof $ddnslastip ] = nil ) do={ :global ddnslastip "...
by hilton
Sat Mar 28, 2009 10:02 pm
Forum: General
Topic: Mikrotik Router act as a switch and transparent firewall?
Replies: 41
Views: 82959

Re: Mikrotik Router act as a switch and transparent firewall?

I don't want ports 2-9 to work as a switch, I want them to work as different routed type ports. Ah sorry, misunderstood you. You are right, this should then work. Unfortunately I don't have a 493 but this does work on a 450 and 433 so maybe something funny with the 493. Have you tried putting the i...
by hilton
Fri Mar 27, 2009 10:58 am
Forum: General
Topic: DDNS broke from Mikrotik 2.9.27 to 3.22
Replies: 10
Views: 4268

Re: DDNS broke from Mikrotik 2.9.27 to 3.22

same tool though.

sorry but I've haven't tried BIND yet.
by hilton
Fri Mar 27, 2009 10:32 am
Forum: Beginner Basics
Topic: "Basic" setup problem - SOLVED
Replies: 5
Views: 1418

Re: "Basic" setup problem

As SurferTim says, certainly does sound like a DNS bugger-up. If you can get to google.com but no further then I can't see then I can't see how any setting on the router would influence this. So it's either corrupt DNS or an upstream proxy server that is messing you around. Talk to your ISP about bo...
by hilton
Fri Mar 27, 2009 10:24 am
Forum: Beginner Basics
Topic: DHCP server setup
Replies: 6
Views: 4582

Re: DHCP server setup


If I get this to work, how will ether2 understand that it needs to go to ether1 to access the internet? Do I need to bridge ether1 and ether2?
You probably need a src-nat (masquerade) rule for this to happen.
by hilton
Fri Mar 27, 2009 9:54 am
Forum: General
Topic: DDNS broke from Mikrotik 2.9.27 to 3.22
Replies: 10
Views: 4268

Re: DDNS broke from Mikrotik 2.9.27 to 3.22

Is anyone using '/tool dns-update' successfully on Mikrotik 3.22?
For sure it's working but I've only been successful with the changeip service. If you're trying to use dyndns.org or something similar then perhaps it wont work properly.

Who is your account with?
by hilton
Fri Mar 27, 2009 9:48 am
Forum: General
Topic: Mikrotik Router act as a switch and transparent firewall?
Replies: 41
Views: 82959

Re: Mikrotik Router act as a switch and transparent firewall?

Auto speed is fine. Your mistake was not setting the master port on interfaces ether3-9. Like this; /interface ethernet set 0 arp=enabled auto-negotiation=yes comment="" disabled=no full-duplex=yes \ mac-address=00:0C:42:34:8E:8F mtu=1500 name=ether1 speed=10Mbps set 1 arp=enabled auto-neg...
by hilton
Thu Mar 26, 2009 4:33 pm
Forum: General
Topic: Mikrotik Router act as a switch and transparent firewall?
Replies: 41
Views: 82959

Re: Mikrotik Router act as a switch and transparent firewall?

No not really. Depends though on what you've configured. Post your settings and let's take a look.
by hilton
Tue Mar 24, 2009 4:59 pm
Forum: The Dude
Topic: Question - SNMP
Replies: 2
Views: 1303

Re: Question - SNMP

There's a good presentation on the Dude and SNMP from the last MUM. Checkout tiktube.com
by hilton
Sun Mar 22, 2009 12:05 pm
Forum: General
Topic: RB433ah problem
Replies: 2
Views: 955

Re: RB433ah problem

Have you configured the NTP client properly?
by hilton
Fri Mar 20, 2009 3:24 pm
Forum: General
Topic: Access rule for web proxy will not go away
Replies: 3
Views: 1204

Re: Access rule for web proxy will not go away

I did as you suggest Normis but the rules appear again after a power failure. See the graphic. Anyone else experiencing this? Happened to two of my routers today. proxy_rules.JPG Now even after I reboot normally, the rules reappear. Very very frustrating. I'll have to stop using the proxy at this ra...
by hilton
Wed Mar 11, 2009 11:35 am
Forum: General
Topic: DST-NAT with three WAN interfaces
Replies: 13
Views: 4551

Re: DST-NAT with three WAN interfaces

What are your DST-NAT rules?
by hilton
Tue Mar 10, 2009 3:00 pm
Forum: General
Topic: Mirotik as proxy client only for certain sites / IP's
Replies: 2
Views: 1590

Re: Mirotik as proxy client only for certain sites / IP's

It would seem a lot easier to simply allow requests from the wireless network to bypass the LAN-X proxy server. You 'could' configure the proxy on the Mikrotik to use the LAN-X proxy as its parent proxy but this would then be for ALL connections via the Mikrotik proxy. Not 100% sure I'm actually fol...
by hilton
Tue Mar 10, 2009 2:33 pm
Forum: General
Topic: Access Public IP from Internal, private network [solved]
Replies: 10
Views: 2277

Re: Access Public IP from Internal, private network [solved]

So Chupaka, how would you set-up a split DNS for this to work? I'm interested in the result even if the OP isn't.
by hilton
Tue Mar 10, 2009 2:20 pm
Forum: Beginner Basics
Topic: Routing between LANs
Replies: 3
Views: 1838

Re: Routing between LANs

The alternative if you need stuff like NetBIOS and DHCP etc over the network, you could create a bridge and add those Ethernet ports to the bridge. As suggested before, you need to get up to speed with static routing. It's not that difficult but an understanding of the OSI model would help. Basicall...
by hilton
Tue Mar 10, 2009 2:11 pm
Forum: General
Topic: Access rule for web proxy will not go away
Replies: 3
Views: 1204

Re: Access rule for web proxy will not go away

Thanks for the feedback Normis.

I don't have any scripts running apart from one that updates the dynamic DNS address using changeip.


I will do as you suggest and report back. I have also upgraded the version to 3.20 on the one router to see what happens.
by hilton
Tue Mar 10, 2009 1:35 pm
Forum: General
Topic: Access rule for web proxy will not go away
Replies: 3
Views: 1204

Access rule for web proxy will not go away

Hi guys I have a strange situation with a number of RB4xx boards. Whenever the routerboard is not shut down properly (i.e. power outage), a default web proxy access rule is activated which then prevents users browsing the net. These are the rules; /ip proxy access add action=deny comment="block...
by hilton
Mon Mar 02, 2009 12:44 pm
Forum: RouterBOARD hardware
Topic: vista with pppoe
Replies: 1
Views: 870

Re: vista with pppoe

Not sure what this has to do with Mikrotik?

If so, please state the operating system version number.
by hilton
Tue Feb 17, 2009 8:24 am
Forum: Beginner Basics
Topic: send email!
Replies: 5
Views: 1766

Re: send email!

How to send email to servers that require authentication? You don't. Three choices, either route the mails via a normal ISP SMTP server or make use of a paid SMTP service which will deliver the mail for you or configure the SMTP server to accept mail from your IP address. Failing all this, you coul...
by hilton
Sat Feb 14, 2009 10:52 am
Forum: General
Topic: Add L2TP interface to bridge - how?
Replies: 22
Views: 40973

Re: Add L2TP interface to bridge - how?

Hmmm...not sure if that's possible either. Anyway thanks for info!

Are there other ways around to pass L2TP broadcast traffic on to the LAN side bridge?
This may sound like an obvious question but why don't you just use routing? Why the need for the bridge?
by hilton
Thu Feb 05, 2009 10:57 am
Forum: General
Topic: Best setup for Squid Proxy
Replies: 4
Views: 1412

Re: Best setup for Squid Proxy

Not sure I see a difference to be honest. All traffic first goes through your queues then through squid then to the internet.
by hilton
Thu Feb 05, 2009 9:54 am
Forum: General
Topic: Winbox Version for Linux OS (Linux Linpus)
Replies: 14
Views: 3672

Re: Winbox Version for Linux OS (Linux Linpus)

Wine 1.0.1 running on Ubuntu 8.10 desktop works just fine with Winbox 2.2.14.
by hilton
Thu Feb 05, 2009 9:40 am
Forum: General
Topic: Mikrotik Router act as a switch and transparent firewall?
Replies: 41
Views: 82959

Re: Mikrotik Router act as a switch and transparent firewall?

well, not all RB400 series have switch chip, but these boards have - RB450, RB493
As does the RB433.
by hilton
Tue Jan 27, 2009 2:06 pm
Forum: General
Topic: DNAT Confusion
Replies: 2
Views: 835

Re: DNAT Confusion

What role does the Mikrotik router play in this set-up? Draw a diagram if necessary.

Sorry but I don't understand the big picture.
by hilton
Mon Jan 26, 2009 3:52 pm
Forum: The Dude
Topic: Reporting
Replies: 3
Views: 1310

Reporting

I've set-up the Dude on a box to monitor web usage. The mikrotik router sends all the web proxy logs beautifully to the dude server but I'm not sure now how to get a meaningful report from this.

Any pointers please?
by hilton
Wed Jan 21, 2009 6:03 pm
Forum: General
Topic: L7 unknown traffic - definition?!
Replies: 5
Views: 1518

Re: L7 unknown traffic - definition?!

<rant>
sverko buddy, I think you need to change your attitude!

You make a grand total of two posts then start demanding answers to some half cocked question. Then you blaspheme on top of that.

I suggest you back to school and learn some manners and respect for other people.

</rant>
by hilton
Mon Jan 19, 2009 4:28 pm
Forum: General
Topic: Routing seems to pause on RouterOS 3.16 under load
Replies: 3
Views: 1496

Re: Routing seems to pause on RouterOS 3.16 under load

Update.

Upgraded to 3.19 and the RB532 NO LONGER hangs when doing heavy downloads.

So far so good Mikrotik.
by hilton
Sun Dec 21, 2008 4:09 pm
Forum: General
Topic: This Forum NOT with MS IE ?
Replies: 12
Views: 2281

Re: This Forum NOT with MS IE ?

I can without any problem.

Vista Business with Service Pack 1 and Internet Exploder 7.0.6001.18000
by hilton
Sun Dec 21, 2008 4:05 pm
Forum: General
Topic: MTik L2TP/IPSec VPN server for Win clients behind NAT
Replies: 10
Views: 17375

Re: MTik L2TP/IPSec VPN server for Win clients behind NAT

Hypothetically, would small new MT router (which would replace that lousy existing router) implemented at home of my boss solve the problem and would NAT-T than work? If you install a Mikrotik router at the big guy's house, then you can create a LAN to LAN VPN which is permanently on, although this...