Often when the MSS (Maximum Segment Size) value is not set properly, a lot of websites will refuse to open etc. To fix this, you should put in your MikroTik Router the following setting:
1. If you dial up with a PPPoE connection that is in MikroTik, see if the profile it's using has change-mss=yes. This will automatically create mangle rules that will set the MSS for the MTU the PPPoE connection has. Typically for a ADSL line the MTU works with the default 1480 as well as with the worldwide maximum possible and recommended - 1492. The correct MSS is automatically calculated by RouterOS.
2. The other scenario is when the change-mss=no - you set the MSS with static rules, which is my example:
/ip firewall mangle
add action=change-mss chain=forward comment="Clamp MSS to PMTU" in-interface=ADSL2 new-mss=clamp-to-pmtu protocol=tcp tcp-flags=syn tcp-mss=1453-65535
add action=change-mss chain=forward in-interface=ADSL1 new-mss=clamp-to-pmtu protocol=tcp tcp-flags=syn tcp-mss=1453-65535
add action=change-mss chain=forward new-mss=clamp-to-pmtu out-interface=ADSL2 protocol=tcp tcp-flags=syn tcp-mss=1453-65535
add action=change-mss chain=forward new-mss=clamp-to-pmtu out-interface=ADSL1 protocol=tcp tcp-flags=syn tcp-mss=1453-65535
This is in case you use PPPoE for Internet access and you have MTU and MRU 1492. I have simply copied the dynamic rules into static, changing the new-mss=
something to new-mss=clamp-to-pmtu.
You can check your currently active MTU via this wbsite:
http://speedguide.net:8080 The active MTU is not only set at the Router but at the end-computer, the workstation from which you are browsing, so results may be affected. Tools to configure MTU and other TCP/IP settings can be found on that site:
http://speedguide.net
And for PPPoE in MT ROS - there are MTU and MRU columns in WinBox in the PPP window - Interfaces (first page) -> add columns MTU and MRU to see the currently negotiated and active MTU and MRU settings.
More on the issue:
http://www.google.com/search?q=mikrotik+change+mss
Just to test if MTU/MRU/MSS settings could be the problem, you could turn on the change-mss=yes option in the ppp profile, and change the PPPoE dial-up interface settings of MTU and MRU to lower settings, like 1300.
A way to find out what your MTU is would be to ping with the don't fragment flag '-f' to see at what size the packets will need fragmenting. After you find that out, you add 28 byes for ICMP header and you get the correct MTU.
ping <gateway IP> -l 1465 -f will probably return an error that the packet need fragmenting on PPPoE so the next will work
ping <gateway IP> -l 1464 -f - adding 28 equals 1492.
Easy. Good luck.