Statistics: Posted by InfraErik — Thu Mar 28, 2024 11:15 am
Statistics: Posted by CaptainRisky — Thu Mar 28, 2024 11:14 am
Statistics: Posted by pe1chl — Thu Mar 28, 2024 11:08 am
/interface/bridge/port monitor [find]
Statistics: Posted by EdPa — Thu Mar 28, 2024 11:01 am
Statistics: Posted by kevinds — Thu Mar 28, 2024 10:47 am
Statistics: Posted by quackyo — Thu Mar 28, 2024 10:44 am
#hex s/interface vlanadd name=MGMT interface=bridge vlan-id=99add name=VLAN10 interface=bridge vlan-id=10add name=VLAN20 interface=bridge vlan-id=20add name=VLAN30 interface=bridge vlan-id=30add name=VLAN_Guest interface=bridge vlan-id=30/ip addressadd address=10.16.99.1/24 network=10.16.99.0 interface=MGMTadd address=10.16.10.1/24 network=10.16.10.0 interface=VLAN10add address=10.16.20.1/24 network=10.16.20.0 interface=VLAN20add address=10.16.30.1/24 network=10.16.30.0 interface=VLAN30add address=10.16.40.1/24 network=10.16.40.0 interface=VLAN_Guest/ip pooladd ranges=10.16.99.2-10.16.99.254 name=pool_MGMTadd ranges=10.16.10.2-10.16.10.254 name=pool_VLAN10add ranges=10.16.20.2-10.16.20.254 name=pool_VLAN20add ranges=10.16.30.2-10.16.30.254 name=pool_VLAN30add ranges=10.16.40.2-10.16.30.254 name=pool_VLAN40/ip dhcp-server networkadd address=10.16.99.0/24 gateway=10.16.99.1add address=10.16.10.0/24 dns-server=8.8.8.8,8.8.4.4 gateway=10.16.10.1add address=10.16.20.0/24 dns-server=8.8.8.8,8.8.4.4 gateway=10.16.20.1add address=10.16.30.0/24 dns-server=8.8.8.8,8.8.4.4 gateway=10.16.30.1add address=10.16.40.0/24 dns-server=8.8.8.8,8.8.4.4 gateway=10.16.40.1/ip dhcp-serveradd address-pool=pool_MGMT interface=MGMT name=dhcp_MGMTadd address-pool=pool_VLAN10 interface=VLAN10 name=dhcp_VLAN10add address-pool=pool_VLAN20 interface=VLAN20 name=dhcp_VLAN20add address-pool=pool_VLAN30 interface=VLAN30 name=dhcp_VLAN30add address-pool=pool_VLAN40 interface=VLAN_Guest name=dhcp_VLAN40/interface bridge port set [find interface=ether2] pvid=99/interface bridge vlanadd bridge=bridge tagged=bridge,ether3,ether4,ether5 vlan-ids=99add bridge=bridge tagged=bridge,ether3 vlan-ids=10add bridge=bridge tagged=bridge,ether4 vlan-ids=20add bridge=bridge tagged=bridge,ether5 vlan-ids=30add bridge=bridge tagged=bridge,ether5 vlan-ids=40/interface bridge set bridge vlan-filtering=yes/ip firewall filter add action=accept chain=forward in-interface=VLAN_Guest out-interface=VLAN30#cap ax/interface wifiset wifi1 disabled=no configuration.ssid=Private5 datapath.bridge=bridge security.authentication-types=wpa2-psk,wpa3-psk security.passphrase=securepassword123set wifi2 disabled=no configuration.ssid=Private2 datapath.bridge=bridge security.authentication-types=wpa2-psk,wpa3-psk security.passphrase=securepassword123add name=wifi3 master-interface=wifi1 configuration.ssid=Guest2 datapath.vlan-id=40 security.authentication-types=wpa2-psk,wpa3-psk security.passphrase=password123add name=wifi4 master-interface=wifi2 configuration.ssid=Guest5 datapath.vlan-id=40 security.authentication-types=wpa2-psk,wpa3-psk security.passphrase=password123/interface vlan add name=MGMT interface=bridge vlan-id=99/ip dhcp-client add interface=MGMT/interface bridge portset [find interface=ether2] pvid=30,99set [find interface=wifi1] pvid=30,99set [find interface=wifi2] pvid=30,99/interface bridge vlanadd bridge=bridge tagged=bridge,ether1 vlan-ids=30add bridge=bridge tagged=bridge,ether1,wifi3,wifi4 vlan-ids=40add bridge=bridge tagged=bridge,ether1 vlan-ids=99/interface bridge set bridge vlan-filtering=yes
Statistics: Posted by TheCat12 — Thu Mar 28, 2024 10:44 am
Statistics: Posted by CaptainRisky — Thu Mar 28, 2024 10:35 am
Still the same with v7.14.1...After upgrading to v7.14 I lost connectivity between OpenVPN server and clients in Ethernet mode. The connection is established normally and automatic routes are created, but still peers are inaccessible.
Anyone experiencing similar behaviour?
Edit: It's the same with v7.15beta4. Reverting back to v.7.13.5 solves the issue for me.
Statistics: Posted by konradnh — Thu Mar 28, 2024 10:33 am
Statistics: Posted by kevinds — Thu Mar 28, 2024 10:30 am
Statistics: Posted by NetTecture — Thu Mar 28, 2024 10:24 am
Statistics: Posted by fengyuclub — Thu Mar 28, 2024 10:24 am
Statistics: Posted by kevinds — Thu Mar 28, 2024 10:05 am
Statistics: Posted by TheCat12 — Thu Mar 28, 2024 10:04 am
Statistics: Posted by kevinds — Thu Mar 28, 2024 9:58 am
Statistics: Posted by BioMax — Thu Mar 28, 2024 9:55 am
Statistics: Posted by kevinds — Thu Mar 28, 2024 9:49 am
Statistics: Posted by kevinds — Thu Mar 28, 2024 9:48 am
Statistics: Posted by petardo — Thu Mar 28, 2024 9:44 am
Statistics: Posted by wispmikrotik — Thu Mar 28, 2024 9:38 am
Statistics: Posted by gabrielpc1190 — Thu Mar 28, 2024 9:31 am
Statistics: Posted by ccz117 — Thu Mar 28, 2024 9:19 am
Statistics: Posted by petardo — Thu Mar 28, 2024 9:19 am
Statistics: Posted by jhbarrantes — Thu Mar 28, 2024 9:16 am
Statistics: Posted by eddieb — Thu Mar 28, 2024 9:11 am
Statistics: Posted by petardo — Thu Mar 28, 2024 9:05 am
/routing/table/add name=route_to_R3 fib/ip address add address=192.168.1.11/24 interface=ether1 network=192.168.1.0/ip firewall nat add action=src-nat chain=srcnat place-before=0 to-addresses=192.168.1.11 routing-mark=route_to_R3/ip firewall mangle add action=mark-routing chain=prerouting comment="Mark comp to R3" dst-address-list=!my_int_ip in-interface-list=LAN new-routing-mark=route_to_R3 passthrough=no src-address-list=comp_to_R3
/ip firewall address-list add address=192.168.1.11 list=comp_to_R3
Statistics: Posted by guru431 — Thu Mar 28, 2024 8:50 am
Statistics: Posted by normis — Thu Mar 28, 2024 8:19 am
Statistics: Posted by danriis — Thu Mar 28, 2024 8:18 am
Statistics: Posted by Archous — Thu Mar 28, 2024 7:54 am
Statistics: Posted by normis — Thu Mar 28, 2024 7:40 am
Statistics: Posted by CaptainRisky — Thu Mar 28, 2024 7:39 am
Statistics: Posted by gigabyte091 — Thu Mar 28, 2024 5:30 am
/interface bridgeadd admin-mac= auto-mac=no comment=defconf name=bridge/interface wirelessset [ find default-name=wlan1 ] band=2ghz-b/g/n channel-width=20/40mhz-XX \ disabled=no distance=indoors frequency=auto installation=indoor mode=\ ap-bridge ssid="Hap lite" wireless-protocol=802.11/interface ovpn-clientadd certificate=cert_ovpn-import1711582176 cipher=aes128-cbc connect-to=\ us1.freeopenvpn.online disabled=yes mac-address=FE:1F:0B:94:95:61 name=\ freevpn port=443 user=freeopenvpn verify-server-certificate=yes/interface listadd comment=defconf name=WANadd comment=defconf name=LAN/interface wireless security-profilesset [ find default=yes ] authentication-types=wpa-psk,wpa2-psk mode=\ dynamic-keys supplicant-identity=MikroTik/ip pooladd name=dhcp ranges=192.168.1.10-192.168.1.254/ip dhcp-serveradd address-pool=dhcp interface=bridge lease-time=10m name=defconf/routing tableadd disabled=no fib name=vpnroute/interface bridge portadd bridge=bridge comment=defconf interface=ether2add bridge=bridge comment=defconf interface=ether3add bridge=bridge comment=defconf interface=ether4add bridge=bridge comment=defconf interface=pwr-line1add bridge=bridge comment=defconf interface=wlan1/ip neighbor discovery-settingsset discover-interface-list=LAN/interface list memberadd comment=defconf interface=bridge list=LANadd comment=defconf interface=ether1 list=WAN/ip addressadd address=192.168.1.1/24 comment=defconf interface=bridge network=\ 192.168.1.0/ip dhcp-clientadd comment=defconf interface=ether1/ip dhcp-server networkadd address=192.168.1.0/24 comment=defconf dns-server=192.168.1.1 gateway=\ 192.168.1.1 netmask=24/ip dnsset allow-remote-requests=yes/ip dns staticadd address=192.168.1.1 comment=defconf name=router.lan/ip firewall filteradd action=accept chain=input comment=\ "defconf: accept established,related,untracked" connection-state=\ established,related,untrackedadd action=drop chain=input comment="defconf: drop invalid" connection-state=\ invalidadd action=accept chain=input comment="defconf: accept ICMP" protocol=icmpadd action=accept chain=input comment=\ "defconf: accept to local loopback (for CAPsMAN)" dst-address=127.0.0.1add action=drop chain=input comment="defconf: drop all not coming from LAN" \ in-interface-list=!LANadd action=accept chain=forward comment="defconf: accept in ipsec policy" \ ipsec-policy=in,ipsecadd action=accept chain=forward comment="defconf: accept out ipsec policy" \ ipsec-policy=out,ipsecadd action=fasttrack-connection chain=forward comment="defconf: fasttrack" \ connection-state=established,related hw-offload=yesadd action=accept chain=forward comment=\ "defconf: accept established,related, untracked" connection-state=\ established,related,untrackedadd action=drop chain=forward comment="defconf: drop invalid" \ connection-state=invalidadd action=drop chain=forward comment=\ "defconf: drop all from WAN not DSTNATed" connection-nat-state=!dstnat \ connection-state=new in-interface-list=WAN/ip firewall mangleadd action=mark-routing chain=prerouting new-routing-mark=vpnroute \ passthrough=yes src-address=192.168.1.251/ip firewall natadd action=masquerade chain=srcnat comment="defconf: masquerade" \ ipsec-policy=out,none out-interface-list=WAN# freevpn not readyadd action=masquerade chain=srcnat out-interface=freevpn/ip routeadd disabled=no distance=1 dst-address=0.0.0.0/0 gateway=192.168.231.1 \ routing-table=vpnroute suppress-hw-offload=no/ip upnpset enabled=yes show-dummy-rule=no/ip upnp interfacesadd interface=bridge type=internaladd interface=ether1 type=external/ipv6 firewall address-listadd address=::/128 comment="defconf: unspecified address" list=bad_ipv6add address=::1/128 comment="defconf: lo" list=bad_ipv6add address=fec0::/10 comment="defconf: site-local" list=bad_ipv6add address=::ffff:0.0.0.0/96 comment="defconf: ipv4-mapped" list=bad_ipv6add address=::/96 comment="defconf: ipv4 compat" list=bad_ipv6add address=100::/64 comment="defconf: discard only " list=bad_ipv6add address=2001:db8::/32 comment="defconf: documentation" list=bad_ipv6add address=2001:10::/28 comment="defconf: ORCHID" list=bad_ipv6add address=3ffe::/16 comment="defconf: 6bone" list=bad_ipv6/ipv6 firewall filteradd action=accept chain=input comment=\ "defconf: accept established,related,untracked" connection-state=\ established,related,untrackedadd action=drop chain=input comment="defconf: drop invalid" connection-state=\ invalidadd action=accept chain=input comment="defconf: accept ICMPv6" protocol=\ icmpv6add action=accept chain=input comment="defconf: accept UDP traceroute" \ dst-port=33434-33534 protocol=udpadd action=accept chain=input comment=\ "defconf: accept DHCPv6-Client prefix delegation." dst-port=546 protocol=\ udp src-address=fe80::/10add action=accept chain=input comment="defconf: accept IKE" dst-port=500,4500 \ protocol=udpadd action=accept chain=input comment="defconf: accept ipsec AH" protocol=\ ipsec-ahadd action=accept chain=input comment="defconf: accept ipsec ESP" protocol=\ ipsec-espadd action=accept chain=input comment=\ "defconf: accept all that matches ipsec policy" ipsec-policy=in,ipsecadd action=drop chain=input comment=\ "defconf: drop everything else not coming from LAN" in-interface-list=\ !LANadd action=accept chain=forward comment=\ "defconf: accept established,related,untracked" connection-state=\ established,related,untrackedadd action=drop chain=forward comment="defconf: drop invalid" \ connection-state=invalidadd action=drop chain=forward comment=\ "defconf: drop packets with bad src ipv6" src-address-list=bad_ipv6add action=drop chain=forward comment=\ "defconf: drop packets with bad dst ipv6" dst-address-list=bad_ipv6add action=drop chain=forward comment="defconf: rfc4890 drop hop-limit=1" \ hop-limit=equal:1 protocol=icmpv6add action=accept chain=forward comment="defconf: accept ICMPv6" protocol=\ icmpv6add action=accept chain=forward comment="defconf: accept HIP" protocol=139add action=accept chain=forward comment="defconf: accept IKE" dst-port=\ 500,4500 protocol=udpadd action=accept chain=forward comment="defconf: accept ipsec AH" protocol=\ ipsec-ahadd action=accept chain=forward comment="defconf: accept ipsec ESP" protocol=\ ipsec-espadd action=accept chain=forward comment=\ "defconf: accept all that matches ipsec policy" ipsec-policy=in,ipsecadd action=drop chain=forward comment=\ "defconf: drop everything else not coming from LAN" in-interface-list=\ !LAN/system clockset time-zone-name=Africa/Nairobi/system ledsadd interface=wlan1 leds=user-led type=interface-activity/system noteset show-at-login=no/system ntp clientset enabled=yes/system ntp client serversadd address=time.google.com/system scheduleradd comment="Restarting router every day." interval=1h name=Reboot on-event=\ "/system reboot" policy=\ ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon \ start-date=2024-03-28 start-time=09:57:32/tool mac-serverset allowed-interface-list=LAN/tool mac-server mac-winboxset allowed-interface-list=LAN#error exporting "/tool/sms"
Statistics: Posted by kenkit — Thu Mar 28, 2024 5:05 am
bullshit: if the IP changes, the previous connection to an IP that no longer exists doesn't make the slightest sense.3. **No Interruption of Active Connections**: The script updates only new connections with the new external IP, leaving existing connections unaffected to avoid disruptions.
bullshit: there is already the part for scripts in the pppoe profile, just use the appropriate function without creating useless scripts or schedulers.4. **Automatic Scheduling**: The script is configured to run periodically (e.g., every minute) through the MikroTik's scheduler, ensuring that the NAT 1:1 rules are always up-to-date.
Statistics: Posted by dbuzatto — Thu Mar 28, 2024 4:35 am
Statistics: Posted by dalami — Thu Mar 28, 2024 4:05 am
Statistics: Posted by mikrochad — Thu Mar 28, 2024 4:01 am
Statistics: Posted by djferdinad — Thu Mar 28, 2024 3:40 am
/system logging add disabled=no topics=fetch
Statistics: Posted by UkRainUa — Thu Mar 28, 2024 3:13 am
Statistics: Posted by loloski — Thu Mar 28, 2024 3:06 am
Statistics: Posted by G00dm4n — Thu Mar 28, 2024 2:59 am
Statistics: Posted by Ramalama — Thu Mar 28, 2024 2:39 am
Statistics: Posted by anav — Thu Mar 28, 2024 2:14 am
Statistics: Posted by DuctView — Thu Mar 28, 2024 1:27 am
Statistics: Posted by froznair — Thu Mar 28, 2024 1:20 am
Statistics: Posted by oscar120584 — Thu Mar 28, 2024 12:57 am
Statistics: Posted by kenkit — Thu Mar 28, 2024 12:56 am
Statistics: Posted by djferdinad — Thu Mar 28, 2024 12:47 am
Statistics: Posted by kevinds — Thu Mar 28, 2024 12:41 am
/interface wifi datapath add bridge=bridge1 disabled=no name=vlan10_employees vlan-id=10/interface wifi datapath add bridge=bridge1 disabled=no name=vlan80_guests vlan-id=80/interface wifi set [ find default-name=wifi1 ] configuration.manager=capsman .mode=ap datapath=vlan10_employees disabled=no/interface wifi set [ find default-name=wifi2 ] configuration.manager=capsman .mode=ap datapath=vlan10_employees disabled=no/interface wifi cap set caps-man-addresses=10.0.99.1 enabled=yes slaves-datapath=vlan80_guests slaves-static=no
Statistics: Posted by carcuevas — Thu Mar 28, 2024 12:33 am
Statistics: Posted by t0mm13b — Thu Mar 28, 2024 12:26 am
Statistics: Posted by tangent — Thu Mar 28, 2024 12:25 am
Statistics: Posted by Amm0 — Thu Mar 28, 2024 12:21 am
Statistics: Posted by kevinds — Thu Mar 28, 2024 12:19 am
/ip/dhcp-server/lease/remove [find where dynamic]
Statistics: Posted by tangent — Thu Mar 28, 2024 12:15 am
Statistics: Posted by anav — Thu Mar 28, 2024 12:14 am
It is very common on other consumer e.g. wifi access points to print the passphrase of the default pre-configured SSID on a label on the backside of the device. MT did it the other way: print admin password on the sticker -> but create a SSID without passphrase in default configuration script. ROFLMAOBut it won't happen. MikroTik are just stubborn in their ways.
Statistics: Posted by infabo — Thu Mar 28, 2024 12:13 am
Statistics: Posted by anav — Thu Mar 28, 2024 12:04 am
Statistics: Posted by tjr — Thu Mar 28, 2024 12:01 am
Statistics: Posted by Cha0s — Wed Mar 27, 2024 11:58 pm
/interface bridgeadd ingress-filtering=no name=bridge /interface listadd name=management/interface wirelessset [ find default-name=wlan2 ] band=5ghz-onlyac channel-width=20/40mhz-Ce country=canada disabled=no frequency=5500 \ mode=ap-bridge name=home5GIG security-profile=home_Security skip-dfs-channels=all ssid=NoPain-NoGain wireless-protocol=\ 802.11 wmm-support=enabled wps-mode=disabledset [ find default-name=wlan1 ] band=2ghz-g/n basic-rates-b="" country=canada disabled=no frequency=2437 mode=ap-bridge \ name=home2.4GIG rate-set=configured security-profile=media_Security skip-dfs-channels=all ssid=Media \ supported-rates-b=11Mbps wireless-protocol=802.11 wmm-support=enabled wps-mode=disabled/interface bridge portadd bridge=bridge interface=ether1 (from upstream router)add bridge=bridge interface=ether2 ( assuming wired connection to PC etc. )add bridge=bridge interface=ether3 ( assuming wired connection to another device )add bridge=bridge interface=ether4 ( assuming wired connection to another device )add bridge=bridge interface=ether5 ( assuming wired connection to another device )add bridge=bridge interface=home5GIGadd bridge=bridge interface=home2.4GIG/ip neighbor discovery-settingsset discover-interface-list=management/ip addressadd address=192.168.0.63/24 interface=bridge network=192.168.0.0 comment="IP of AX3 on home subnet"/ip dnsset allow-remote-requests=yes servers=192.168.0.1 /ip routeadd dst-address=0.0.0.0/0 gateway=192.168.0.1 routing-table=main/ip serviceset telnet disabled=yesset ftp disabled=yesset www disabled=yesset ssh address=x.x.x.xset api disabled=yesset api-ssl disabled=yes/tool mac-serverset allowed-interface-list=none/tool mac-server mac-winboxset allowed-interface-list=management
Statistics: Posted by anav — Wed Mar 27, 2024 11:52 pm
Statistics: Posted by djferdinad — Wed Mar 27, 2024 11:42 pm
Statistics: Posted by iustin — Wed Mar 27, 2024 11:23 pm
Statistics: Posted by carcuevas — Wed Mar 27, 2024 11:18 pm
Statistics: Posted by iustin — Wed Mar 27, 2024 11:00 pm
Statistics: Posted by djhiron — Wed Mar 27, 2024 10:46 pm
/ip firewall filteradd action=accept chain=forward src-address=10.20.0.0/16 dst-address=10.30.0.0/16
/ip firewall filteradd action=accept chain=forward src-address-list="address_list" dst-address-list="same_address_list"
/ip firewall natadd action=netmap chain=dstnat dst-address=172.16.0.0/16 in-interface=ether2 to-addresses=10.20.0.0/16
Statistics: Posted by abdurraufrafli — Wed Mar 27, 2024 10:45 pm
Statistics: Posted by IgoRR — Wed Mar 27, 2024 10:28 pm
Statistics: Posted by TheCat12 — Wed Mar 27, 2024 10:18 pm
Statistics: Posted by wumper — Wed Mar 27, 2024 10:05 pm
/interface bridge portadd bridge=bridge-LAN interface=ether2add bridge=bridge-LAN interface=ether3add bridge=bridge-LAN interface=ether4add bridge=bridge-LAN interface=ether5 pvid=30add bridge=bridge-LAN interface=ether6 pvid=10add bridge=bridge-LAN interface=ether7 pvid=10add bridge=bridge-LAN interface=ether8 pvid=88/interface vlanadd interface=bridge-LAN name=vlan10 vlan-id=10add interface=bridge-LAN name=vlan20 vlan-id=20add interface=bridge-LAN name=vlan30 vlan-id=30add interface=bridge-LAN name=vlan88-mgmt vlan-id=88/ip addressadd address=192.168.10.1/24 interface=vlan10 network=192.168.10.0add address=192.168.20.1/24 interface=vlan20 network=192.168.20.0add address=192.168.30.1/24 interface=vlan30 network=192.168.30.0add address=192.168.88.1/24 interface=vlan88-mgmt network=192.168.88.0/ip pooladd name=VLAN10 ranges=192.168.10.110-192.168.10.199add name=VLAN20 ranges=192.168.20.110-192.168.20.199 add name=VLAN30 ranges=192.168.30.110-192.168.30.199add name=VLAN88-MGMT ranges=192.168.88.110-192.168.88.199/ip dhcp-server networkadd network=192.168.10.0/24 gateway=192.168.10.1add network=192.168.20.0/24 gateway=192.168.20.1add network=192.168.30.0/24 gateway=192.168.30.1add network=192.168.88.0/24 gateway=192.168.88.1/ip dhcp-serveradd address-pool=VLAN10 interface=vlan10 lease-time=1w name=DHCP-10add address-pool=VLAN20 interface=vlan20 lease-time=1w name=DHCP-20add address-pool=VLAN30 interface=vlan30 lease-time=1w name=DHCP-30add address-pool=VLAN88-MGMT interface=vlan88-mgmt lease-time=1w name=DHCP-88/interface bridge vlanadd bridge=bridge-LAN tagged=bridge-LAN,ether3,ether4 vlan-ids=10add bridge=bridge-LAN tagged=bridge-LAN,ether2 vlan-ids=20add bridge=bridge-LAN tagged=bridge-LAN,ether2,ether3,ether4 vlan-ids=30add bridge=bridge-LAN tagged=bridge-LAN,ether3,ether4 vlan-ids=88/interface bridge set bridge-LAN vlan-filtering=yes#upper hap/interface bridge add name=bridge/interface bridge portadd bridge=bridge interface=ether1add bridge=bridge interface=ether2add bridge=bridge interface=ether3add bridge=bridge interface=ether4add bridge=bridge interface=ether5add bridge=bridge interface=ether8/interface vlan add interface=bridge name=vlan88-mgmt vlan-id=88/ip dhcp-client add interface=vlan88/interface ethernet switch vlanadd ports=ether1,ether2,ether3,ether4 switch=switch1 vlan-id=20add ports=ether1,ether5,ether8 switch=switch1 vlan-id=30add ports=switch1-cpu,ether1 switch=switch1 vlan-id=88/interface ethernet switch portset ether1 vlan-header=add-if-missing vlan-mode=secureset ether2 default-vlan-id=20 vlan-header=always-strip vlan-mode=secureset ether3 default-vlan-id=20 vlan-header=always-strip vlan-mode=secureset ether4 default-vlan-id=20 vlan-header=always-strip vlan-mode=secureset ether5 default-vlan-id=30 vlan-header=always-strip vlan-mode=secureset ether8 default-vlan-id=30 vlan-header=always-strip vlan-mode=secureset switch1-cpu vlan-mode=secure#middle hap/interface bridge add name=bridge/interface bridge portadd bridge=bridge interface=ether1add bridge=bridge interface=ether2add bridge=bridge interface=ether3add bridge=bridge interface=ether5/interface vlan add interface=bridge name=vlan88-mgmt vlan-id=88/ip dhcp-client add interface=vlan88/interface ethernet switch vlanadd ports=ether1,ether2,ether3 switch=switch1 vlan-id=10add ports=ether1,ether5 switch=switch1 vlan-id=30add ports=switch1-cpu,ether1 switch=switch1 vlan-id=88/interface ethernet switch portset ether1 vlan-header=add-if-missing vlan-mode=secureset ether2 default-vlan-id=10 vlan-header=always-strip vlan-mode=secureset ether3 default-vlan-id=10 vlan-header=always-strip vlan-mode=secureset ether5 default-vlan-id=30 vlan-header=always-strip vlan-mode=secureset switch1-cpu vlan-mode=secure#lower hap/interface bridge add name=bridge/interface bridge portadd bridge=bridge interface=ether1add bridge=bridge interface=ether2add bridge=bridge interface=ether5/interface vlan add interface=bridge name=vlan88-mgmt vlan-id=88/ip dhcp-client add interface=vlan88/interface ethernet switch vlanadd ports=ether1,ether2 switch=switch1 vlan-id=10add ports=ether1,ether5 switch=switch1 vlan-id=30add ports=switch1-cpu,ether1 switch=switch1 vlan-id=88/interface ethernet switch portset ether1 vlan-header=add-if-missing vlan-mode=secureset ether2 default-vlan-id=10,88 vlan-header=always-strip vlan-mode=secureset ether5 default-vlan-id=30 vlan-header=always-strip vlan-mode=secureset switch1-cpu vlan-mode=secure
Statistics: Posted by TheCat12 — Wed Mar 27, 2024 9:53 pm
Statistics: Posted by sterling — Wed Mar 27, 2024 9:53 pm
In the heart of an incredibly RF and people dense city, in a huge apartment building, I don't have a choice but to use DFS channels.
Statistics: Posted by Josephny — Wed Mar 27, 2024 9:50 pm
Statistics: Posted by infabo — Wed Mar 27, 2024 9:39 pm
{ :local pkgs ("routeros"); :local archs {"arm64"; "arm"}; # Example: https://cdn.mikrotik.com/routeros/7.14.2/routeros-7.14.2-arm.npk :local mode "https" :local downloaddomain "cdn.mikrotik.com" :log info "Refreshing CAP packages files..." # do NOT include the leading slash, or file check will always fail :local upgradedir "firmware" /system/package/update check-for-updates once :delay 3s; :local curVer [/system/package/update/get installed-version] :local newVer [/system/package/update/get latest-version] :foreach pkg in=$pkgs do={ :foreach arch in=$archs do={ :local oldPkgName "$pkg-$curVer-$arch.npk" :local newPkgName "$pkg-$newVer-$arch.npk" :log debug "Current package name: $oldPkgName" :log debug "New package name: $newPkgName" :local exists [:len [/file/find name="$upgradedir/$newPkgName"]] :if ($exists = 0) do={ :local path [ :put "/routeros/$newVer/$newPkgName" ] :log info " => Downloading package v$newVer for $arch from $mode://$downloaddomain$path" /tool fetch http-method=get address="$downloaddomain" mode=$mode src-path="$path" dst-path="$upgradedir/$newPkgName" :if ($oldPkgName != $newPkgName) do { /file/remove "$upgradedir/$pkg-$curVer-$arch.npk" } } } }}
wget https://cdn.mikrotik.com/routeros/7.14.2/routeros-7.14.2-arm64.npk--2024-03-27 15:36:37-- https://cdn.mikrotik.com/routeros/7.14.2/routeros-7.14.2-arm64.npkResolving cdn.mikrotik.com (cdn.mikrotik.com)... 159.148.147.244Connecting to cdn.mikrotik.com (cdn.mikrotik.com)|159.148.147.244|:443... connected.HTTP request sent, awaiting response... 200 OKLength: 12212134 (12M) [application/octet-stream]Saving to: ‘routeros-7.14.2-arm64.npk’routeros-7.14.2-arm64.npk 100%[==============================================>] 11.65M 8.36MB/s in 1.4s 2024-03-27 15:36:40 (8.36 MB/s) - ‘routeros-7.14.2-arm64.npk’ saved [12212134/12212134]
[xenhat@router] > /tool fetch http-method=get address=cdn.mikrotik.com mode=https src-path=/routeros/7.14.2/routeros-7.14.2-arm64.npk status: failedfailure: Fetch failed with status 403
Statistics: Posted by Xenhat — Wed Mar 27, 2024 9:34 pm
Statistics: Posted by cmmike — Wed Mar 27, 2024 9:23 pm
Statistics: Posted by thejassman — Wed Mar 27, 2024 9:19 pm
Statistics: Posted by cmmike — Wed Mar 27, 2024 9:19 pm
Statistics: Posted by pe1chl — Wed Mar 27, 2024 9:17 pm
Statistics: Posted by pe1chl — Wed Mar 27, 2024 9:13 pm
Statistics: Posted by Ca6ko — Wed Mar 27, 2024 9:09 pm
/ip firewall natadd action=masquerade chain=srcnat out-interface="Bell PPPoE" src-address=192.168.1.0/24add action=masquerade chain=srcnat out-interface="Bell PPPoE" src-address=192.168.2.0/24add action=masquerade chain=srcnat out-interface="Bell PPPoE" src-address=192.168.3.0/24add action=masquerade chain=srcnat out-interface="Bell PPPoE" src-address=10.0.10.0/24
/ip firewall natadd action=masquerade chain=srcnat out-interface="Bell PPPoE"
Statistics: Posted by Chouby — Wed Mar 27, 2024 9:06 pm
Statistics: Posted by holvoetn — Wed Mar 27, 2024 9:03 pm
/ip firewall filteradd action=accept chain=forward src-address=10.20.0.0/16 dst-address=10.30.0.0/16
/ip firewall filteradd action=accept chain=forward src-address-list="address_list" dst-address-list="same_address_list"
/ip firewall natadd action=netmap chain=dstnat dst-address=172.16.0.0/16 in-interface=ether2 to-addresses=10.20.0.0/16
Statistics: Posted by TheCat12 — Wed Mar 27, 2024 8:49 pm
Statistics: Posted by changeip — Wed Mar 27, 2024 8:39 pm
Statistics: Posted by t0mm13b — Wed Mar 27, 2024 8:38 pm