Statistics: Posted by Jotne — Fri Mar 29, 2024 8:49 am
Statistics: Posted by InfraErik — Fri Mar 29, 2024 8:44 am
Statistics: Posted by fengyuclub — Fri Mar 29, 2024 8:40 am
Statistics: Posted by kevinds — Fri Mar 29, 2024 8:34 am
Statistics: Posted by kevinds — Fri Mar 29, 2024 8:24 am
Statistics: Posted by CGGXANNX — Fri Mar 29, 2024 7:46 am
It's a brand new device, so it is empty, only confguration was restored. No extra files, nothing.
Statistics: Posted by CGGXANNX — Fri Mar 29, 2024 7:22 am
/interface wifi set wifi1 configuration.country=Australia channel.frequency=5745/interface wifi set wifi2 configuration.country=Australia channel=1
> /interface/wifi/monitor 0,1 state: running running channel: 5745/ax/Ceee 2412/ax registered-peers: 6 5 authorized-peers: 6 5 tx-power: 9 15
> /interface/wifi/radio/reg-info country="Australia" number=1 ranges: 2402-2482/20 5170-5250/23/indoor 5250-5330/23/indoor/dfs 5490-5590/30/dfs 5650-5730/30/dfs 5735-5835/36
Statistics: Posted by mke — Fri Mar 29, 2024 6:50 am
Statistics: Posted by aarntesla — Fri Mar 29, 2024 6:08 am
/interface/wifi/monitor 0,1
Statistics: Posted by mke — Fri Mar 29, 2024 6:04 am
Statistics: Posted by rplant — Fri Mar 29, 2024 5:39 am
Statistics: Posted by rarlup — Fri Mar 29, 2024 5:36 am
Statistics: Posted by dalami — Fri Mar 29, 2024 4:41 am
Statistics: Posted by trmns — Fri Mar 29, 2024 4:00 am
This is not sufficient for devices that work by default without you ever having to log in.All other brands I've used so far (from cheap Chinese ones to 50k Cisco ones - with the exception of Fritz), simply force you to set a password on first login.
Statistics: Posted by Cha0s — Fri Mar 29, 2024 3:41 am
Statistics: Posted by Amm0 — Fri Mar 29, 2024 3:28 am
Statistics: Posted by Amm0 — Fri Mar 29, 2024 3:08 am
Statistics: Posted by loloski — Fri Mar 29, 2024 3:00 am
Statistics: Posted by gotsprings — Fri Mar 29, 2024 2:40 am
Statistics: Posted by getfeus — Fri Mar 29, 2024 2:33 am
# model = RB750r2/interface bridgeadd auto-mac=no comment=defconf name=bridge vlan-filtering=yes/interface ethernetset [ find default-name=ether5 ] name=ether5access/interface pppoe-clientadd add-default-route=yes disabled=no interface=ether1 name=pppoe-out1 use-peer-dns=yes user=miuserpppoe/interface vlanadd interface=bridge name=vlan10-home vlan-ids=10add interface=bridge name=vlan20-guests vlan-ids=20add interface=bridge name=vlan30-iot vlan-ids=30/interface listadd comment=defconf name=WANadd comment=defconf name=LANadd name=TRUSTED/ip pooladd name=dhcp_pool10 ranges=192.168.10.2-192.168.10.254add name=dhcp_pool20 ranges=192.168.20.10-192.168.20.254add name-dhcp_poo30 ranges=192.168.30.2-192.168.30.254/ip dhcp-serveradd address-pool=dhcp_pool10 interface=vlan10-home name=server-homeadd address-pool=dhcp_pool20 interface=vlan20-guests name=server-guestsadd address-pool=dhcp_pool30 interface=vlan20-guests name=server-iot/interface bridge portadd bridge=bridge ingress-filtering=yes frame-types=admit-priority-and-untagged interface=ether2 pvid=10 comment="home PC"add bridge=bridge ingress-filtering=yes frame-types=admit-priority-and-untagged interface=ether3 pvid=10 comment="home PC"add bridge=bridge ingress-filtering=yes frame-types=admit-only-vlan-tagged interface=ether4 pvid=10 comment="trunk to haplite"/ip neighbor discovery-settingsset discover-interface-list=TRUSTED/interface bridge vlanadd bridge=bridge tagged=bridge,ether4 untagged=ether2,ether3 vlan-ids=10add bridge=bridge tagged=bridge,ether4 vlan-ids=20,30/interface list memberadd comment=defconf interface=pppoe-out1 list=WANadd interface=vlan10-home list=LANadd interface=vlan20-home list=LANadd interface=vlan30-home list=LANadd interface=vlan10-home list=TRUSTEDadd interface=ether5access list=TRUSTED/ip addressadd address=192.168.10.1/24 interface=vlan10-home network=192.168.10.0add address=192.168.20.1/24 interface=vlan20-guests network=192.168.20.0add address=192.168.30.1/24 interface=vlan30-iot network=192.168.30.0add address=192.168.55.1/24 interface=ether5access network=192.168.55.0/ip dhcp-clientadd comment=defconf interface=ether1 default-route=yes/ip dhcp-server networkadd address=192.168.10.0/24 dns-server=192.168.10.1 gateway=192.168.10.1add address=192.168.20.0/24 dns-server=192.168.20.1 gateway=192.168.20.1add address=192.168.30.0/24 dns-server=192.168.30.1 gateway=192.168.30.1/ip dnsset allow-remote-requests=yes servers=1.1.1.1/ip firewall address-list { using static set DHCP leases }add address=192.168.10.XY list=Authorized comment='admin pc wired"add address=192.168.10.AB list=Authorized comment='admin laptop wifi"add address=192.168.10.DE list=Authorized comment='admin smartphone wifi"add address=192.168.55.0/24 list=Authorized comment="config via ether5 "/ip firewall filteradd action=accept chain=input comment=\ "defconf: accept established,related,untracked" connection-state=\ established,related,untrackedadd action=drop chain=input comment="defconf: drop invalid" connection-state=\ invalidadd action=accept chain=input comment="defconf: accept ICMP" protocol=icmpadd action=accept chain=input comment=\ "defconf: accept to local loopback (for CAPsMAN)" dst-address=127.0.0.1add action=accept chain=input comment="admin access only" in-interface-list=TRUSTED src-address-list=Authorizedadd action=accept chain=input comment="user access to dns" in-interface-list=LAN dst-port=53 protocol=udpadd action=accept chain=input comment="user access to dns" in-interface-list=LAN dst-port=53 protocol=tcpadd action=drop chain=input comment="Drop all else" { add this rule LAST }+++++++++++++++++++++++++++++++++add action=fasttrack-connection chain=forward comment="defconf: fasttrack" \ connection-state=established,related hw-offload=yesadd action=accept chain=forward comment=\ "defconf: accept established,related, untracked" connection-state=\ established,related,untrackedadd action=drop chain=forward comment="defconf: drop invalid" \ connection-state=invalidadd action=accept chain=forward comment=internet traffic in-inteface-list=LAN out-interface-list=WAN add action=accept chain=forward comment="port fowarding" connection-nat-state=dstnat disabled=yes { enable if required }add action=drop chain=forward comment="Drop all else"/ip firewall natadd action=masquerade chain=srcnat out-interface-list=WAN/tool mac-serverset allowed-interface-list=NONE/tool mac-server mac-winboxset allowed-interface-list=TRUSTED# model = L41G-2axD/interface bridgeadd name=bridge1 vlan-filtering=yes/interface vlanadd interface=bridge name=vlan10-house vlan-ids=10/interface ethernetset [ find default-name=ether5 ] name=ether5access/interface wifiset [ find default-name=wifi1 ] channel.band=2ghz-ax .width=20/40mhz configuration.country=Spain .mode=ap .ssid=HOME-users name=wifi-homeset [ find default-name=wifi2 ] channel.band=2ghz-ax .width=20/40mhz configuration.country=Spain .mode=ap .ssid=GUEST-users name=wifi-guestsset master=wifi-guests configuration.country=Spain .mode=ap .ssid=IOTs name=wifi-iot/interface listadd name=TRUSTED/ip neighbor discovery-settingsset discover-interface-list=TRUSTED/interface bridge portadd bridge=bridge1 ingress-filtering=yes frame-types=admit-only-vlan-tagged interface=ether1 comment="trunk port from hex"add bridge=bridge1 ingress-filtering=yes frame-types=admit-priority-and-untagged interface=ether2 pvid=10add bridge=bridge1 ingress-filtering=yes frame-types=admit-priority-and-untagged interface=ether3 pvid=10add bridge=bridge1 ingress-filtering=yes frame-types=admit-priority-and-untagged interface=ether4 pvid=10add bridge=bridge1 ingress-filtering=yes frame-types=admit-priority-and-untagged interface=wifi-home pvid=10add bridge=bridge1 ingress-filtering=yes frame-types=admit-priority-and-untagged interface=wifi-guests pvid=20add bridge=bridge1 ingress-filtering=yes frame-types=admit-priority-and-untagged interface=wifi-iot pvid=30/interface bridge vlanadd bridge=bridge1 tagged=bridge1,ether1 untagged=ether2,ether3,ether4,wifi-home vlan-ids=10add bridge=bridge tagged=bridge untagged=wifi-guests vlan-ids=20add bridge=bridge tagged=bridge untagged=wifi-iot vlan-ids=30/interface list membersadd interface=vlan10-house list=TRUSTEDadd interface=ether5access list=TRUSTED/ip addressadd address=192.168.10.X/24 interface=vlan10-house network=192.168.10.0 comment="static setting of haplite IP address"/ip dnsset allow-remote-requests=yes servers=192.168.10.1/ip dhcp-clientadd interface= disabled=yes/ip routeadd dst-address=0.0.0.0/0 gateway=192.168.10.1/tool mac-serverset allowed-interface-list=NONE/tool mac-server mac-winboxset allowed-interface-list=TRUSTED
Statistics: Posted by anav — Fri Mar 29, 2024 2:20 am
I tested with (192.168.88.1) but I still have the same issue.127.0. 0.1 is a loopback IP address that is reserved for the local host or computer or router.
Yes it's run on my laptop, how to run it on MT router.NtRadPing is probably run on a laptop, not on the MT router.
it's done (see attachment).For MT router check the firewall setting, to allow the Radius ports 1812 and 1813 as input.
Statistics: Posted by menyarito — Fri Mar 29, 2024 2:15 am
Statistics: Posted by emunt6 — Fri Mar 29, 2024 2:04 am
Statistics: Posted by jaclaz — Fri Mar 29, 2024 1:51 am
Statistics: Posted by stef70 — Fri Mar 29, 2024 1:47 am
Statistics: Posted by Nullcaller — Fri Mar 29, 2024 1:40 am
Statistics: Posted by Nullcaller — Fri Mar 29, 2024 1:21 am
Statistics: Posted by Nullcaller — Fri Mar 29, 2024 1:19 am
/interface bridgeadd comment=defconf name=bridge vlan-filtering=yes/interface bridge portadd bridge=bridge comment=defconf interface=ether2add bridge=bridge comment=defconf interface=ether3add bridge=bridge comment=defconf interface=ether4add bridge=bridge comment=defconf interface=ether5/interface bridge vlanadd bridge=bridge tagged=bridge,ether2,ether3 vlan-ids=10
Statistics: Posted by fibracapi — Fri Mar 29, 2024 1:00 am
Statistics: Posted by fibracapi — Fri Mar 29, 2024 12:58 am
Statistics: Posted by f008600 — Fri Mar 29, 2024 12:56 am
# 2024-03-29 04:40:50 by RouterOS 7.14# software id = M8KE-V5ID## model = RB750Gr3# serial number = HD2******AS/interface bridgeadd name=Bridge-LAN/interface ethernetset [ find default-name=ether1 ] name=WAN1set [ find default-name=ether2 ] name=WAN2/interface wireguardadd listen-port=13231 mtu=1420 name=wireguard1/interface listadd name=WAN/interface wireless security-profilesset [ find default=yes ] supplicant-identity=MikroTik/ip hotspot profileset [ find default=yes ] html-directory=hotspot/ip pooladd name=dhcp_pool0 ranges=192.168.13.100-192.168.13.254add name=dhcp_pool1 ranges=192.168.14.100-192.168.14.105/ip dhcp-serveradd address-pool=dhcp_pool0 interface=Bridge-LAN lease-time=1d name=dhcp1add address-pool=dhcp_pool1 interface=ether5 lease-time=5d name=dhcp2/routing tableadd disabled=no fib name=via-WG1/interface bridge portadd bridge=Bridge-LAN interface=ether3add bridge=Bridge-LAN interface=ether4/interface list memberadd interface=WAN1 list=WANadd interface=WAN2 list=WAN/interface wireguard peersadd allowed-address=0.0.0.0/0 endpoint-address=5.172.1**.95 endpoint-port=\ 13231 interface=wireguard1 persistent-keepalive=25s public-key=\ "ySD/xFuT**********************xyT6wE="/ip addressadd address=192.168.13.1/24 interface=Bridge-LAN network=192.168.13.0add address=192.168.1.99/24 interface=WAN1 network=192.168.1.0add address=192.168.2.98/24 interface=WAN2 network=192.168.2.0add address=192.168.32.20/24 interface=wireguard1 network=192.168.32.0add address=192.168.14.1/24 interface=ether5 network=192.168.14.0/ip dhcp-clientadd disabled=yes interface=WAN1add disabled=yes interface=WAN2/ip dhcp-server networkadd address=192.168.13.0/24 dns-server=192.168.32.1 gateway=192.168.13.1add address=192.168.14.0/24 gateway=192.168.14.1/ip dnsset allow-remote-requests=yes servers=1.1.1.1/ip firewall mangleadd action=change-mss chain=forward new-mss=1380 out-interface=wireguard1 \ passthrough=yes protocol=tcp tcp-flags=syn tcp-mss=1381-65535/ip firewall natadd action=masquerade chain=srcnat out-interface-list=WANadd action=masquerade chain=srcnat out-interface=wireguard1/ip routeadd check-gateway=ping disabled=no distance=1 dst-address=0.0.0.0/0 gateway=\ 192.168.1.1 pref-src="" routing-table=main scope=30 suppress-hw-offload=\ no target-scope=10add disabled=no distance=5 dst-address=0.0.0.0/0 gateway=192.168.2.1 \ pref-src="" routing-table=main scope=30 suppress-hw-offload=no \ target-scope=10add disabled=no dst-address=0.0.0.0/0 gateway=wireguard1 routing-table=\ via-WG1 suppress-hw-offload=no/routing ruleadd action=lookup-only-in-table disabled=yes src-address=192.168.13.0/24 \ table=mainadd action=lookup disabled=no src-address=192.168.13.0/24 table=via-WG1/system clockset time-zone-name=Europe/Athens/system noteset show-at-login=no
Statistics: Posted by LeoNaXe — Fri Mar 29, 2024 12:55 am
That's a generic problem for a LOT of brands and highly depends on the quality of the used USB device.
Same with bluetooth.
It all operates in the same 2 - 2.5 GHz-range, you see.
No way a firmware upgrade can fix that. That's a physical problem.
Statistics: Posted by Nullcaller — Fri Mar 29, 2024 12:49 am
Statistics: Posted by jaclaz — Fri Mar 29, 2024 12:21 am
Statistics: Posted by Nullcaller — Fri Mar 29, 2024 12:19 am
Statistics: Posted by emunt6 — Fri Mar 29, 2024 12:18 am
Statistics: Posted by sebus46 — Fri Mar 29, 2024 12:12 am
Statistics: Posted by jaclaz — Fri Mar 29, 2024 12:03 am
{/ip firewall address-list:local update do={ :put "Starting import of address-list: $listname" :if ($nolog = null) do={:log warning "Starting import of address-list: $listname"} :local displayed true :local maxretry 3 :local retrywaitingtime 120s :local retryflag true :for retry from=1 to=$maxretry step=1 do={ :if (retryflag) do={ :set $retryflag false; :set $sounter 0 :if (retry > 1) do={ :put "Source file changed. Retring after a $retrywaitingtime wait..." :if ($nolog = null) do={:log warning "Source file changed. Retring after a $retrywaitingtime wait..."} :delay $retrywaitingtime } :local fetchResult [/tool fetch url=$url keep-result=no as-value] :local filesize ($fetchResult->"total") :local downsize ($fetchResult->"downloaded") :if ($filesize = 0 && $downsize > 0) do={ :set $filesize $downsize} :local start 0 :local maxsize 64000; # reqeusted chunk size :local end ($maxsize - 1);# because start is zero the maxsize has to be reduced by one :local partnumber ($filesize / ($maxsize / 1024)); # how many chunk are maxsize :local remainder ($filesize % ($maxsize / 1024)); # the last partly chunk :if ($remainder > 0) do={ :set $partnumber ($partnumber + 1) }; # total number of chunks :if ($heirule != null) do={:put "Using as extra filtering: $heirule"} else={:set $heirule "."} # remove the current list completely if "erase" is not present (default setting) :if ($noerase = null) do={ :if ($timeout = null) do={:set $timeout 00:00:00; :do {:foreach i in=[/ip firewall address-list find list=$listname] do={/ip firewall address-list set list=("backup".$listname) $i }} on-error={} } else={ :do {:foreach i in=[/ip firewall address-list find list=$listname dynamic] do={/ip firewall address-list set list=("backup".$listname) $i }} on-error={} }; :put ("Conditional deleting all".$dynamic." entries in address-list: $listname") :if ($nolog = null) do={:log warning ("Conditional deleting all".$dynamic." entries in address-list: $listname")} } else={:put "Entries not conditional deleted in address-list: $listname"}; # ENDIF ERASE :for x from=1 to=$partnumber step=1 do={ # get filesize to be compared to the orignal one and if changed then retry :local comparesize ([/tool fetch url=$url keep-result=no as-value]->"total") :if ($comparesize = 0 && $downsize > 0) do={ :set $comparesize $downsize} # fetching the chunks from the webserver when the size of the source file has not changed # empty array when the source file changed. No processing is done till the next complete retry :if ($comparesize = $filesize) do={:set $data ([:tool fetch url=$url http-header-field="Range: bytes=$start-$end" output=user as-value]->"data")} else={:set $data [:toarray ""]; :set $retryflag true} #:if ($ownposix = null) do={ # determining the used delimiter in the list, when not provided in the config # this only run once and so the impact on the import time is low :local ipv4Posix "^[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}" :local ipv4rangePosix "^[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}/[0-9]{1,2}" :local domainPosix "^.+\\.[a-z.]{2,7}" :local sdata $data; # removes any lines at the top of the file that could interfere with finding the correct posix. Setting remarksign is needed :while ([:pick $sdata 0 1] = $remarksign) do={ :set $sdata [:pick $sdata ([:find $sdata "\n"]+1) [:len $sdata]] } :while ([:len $sdata]!=0 && $delimiter = null) do={ # The check on length of $sdata is for if no delimiter is found. :local sline [:pick $sdata 0 [:find $sdata "\n"]]; :local slen [:len $sline]; # set posix depending of type of data used in the list :if ($sline ~ $ipv4Posix) do={:set $posix $ipv4Posix; :set $iden "List identified as a IPv4 list"} :if ($sline ~ $ipv4rangePosix)do={:set $posix $ipv4rangePosix; :set $iden "List identified as a IPv4 with ranges list"} :if ($sline ~ $domainPosix) do={:set $posix $domainPosix; :set $iden "List identified as a domain list"} :if ($sline ~ $posix) do={:put $iden} :if ($sline ~ $posix) do={ # only explore the line if there is a match at the start of the line. :do {:if ([:pick $sline 0 ($slen-$send)] ~ ($posix."\$") || $send > $slen) do={ :set $delimiter [:pick $sline ($slen-$send) ($slen-($send-1))]; :set $result true} else={:set $send ($send+1)} :if ($result) do={ :set $extra [:pick $sline ($slen-$send) ($slen-($send-1))] :if ( $extra = " " ) do={ :set $delimiter [:pick $sline ($slen-$send) ($slen-($send-2))] } :if ( $extra = " " ) do={ :set $delimiter [:pick $sline ($slen-$send) ($slen-($send-3))] } :if ( $extra = " " ) do={ :set $delimiter [:pick $sline ($slen-$send) ($slen-($send-4))] } }; # EndIf result } while (!$result); # EndDoWhile }; #IF sline posix:set $sdata [:pick $sdata ([:find $sdata "\n"]+1) [:len $sdata]]; # cut off the already searched lines:if ($delimiter != null) do={:local sdata [:toarray ""]} ; #Clearing sdata array ending the WhileDo loop }; #WHILE END $sdata :local sdata [:toarray ""] :if ([:len $delimiter] = 0) do={ :set $delimiter "\n"; :set $delimiterShow "New Line" } else={ :set $delimiterShow $delimiter }; # when empty use NewLine 20220529 #} else={:put "User defind Posix: $ownposix"; :set $posix $ownposix } ; # ENDIF ownposix = null :if ($delimiter != null && $displayed ) do={:set $displayed false; :put "Using config provided delimiter: \"$delimiterShow\""} :if ($posix = null) do={:set $posix "."}; # Use a match all posix if nothing is defined or found :if (!retryflag) do={:put "Reading Part: $x $start - $end"} :if ($timeout = null) do={:local timeout 00:00:00}; # if no timeout is defined make it a static entry. # Only remove the first line only if you are not at the start of list :while ( [:pick $data 0 1] = $remarksign) do={ :set $data [:pick $data ([:find $data "\n"]+1) [:len $data]] }; # removes the invalid line (Spamhaus) :if ($start > 0) do={:set $data [:pick $data ([:find $data "\n"]+1) [:len $data]]} :while ([:len $data]!=0) do={ :local line [:pick $data 0 [:find $data "\n"]]; # create only once and checked twice as local variable :if ( $line ~ $posix && $line~heirule) do={ :do {add list=$listname address=[:pick $data 0 [:find $data $delimiter]] comment=$comment timeout=$timeout; :set $counter ($counter + 1)} on-error={}; # on error avoids any panics }; # if IP address && extra filter if present :set $data [:pick $data ([:find $data "\n"]+1) [:len $data]]; # removes the just added IP from the data array # Cut of the end of the chunks by removing the last lines...very dirty but it works :if ([:len $data] < 256) do={:set $data [:toarray ""]} }; # while :set $start (($start-512) + $maxsize); # shifts the subquential start back by 512 :set $end (($end-512) + $maxsize); # shift the subquential ends back by 512 to keep the }; # if retryflag }; #do for x }; # for retry :if ($counter < 1) do={:set $resultline "Import was NOT successfull! Check if the list $listname is still being maintained."} else={:set $resultline "Completed reading $counter items into address-list $listname." } :put $resultline :if ($nolog = null) do={:log warning $resultline } :if ($counter > 0) do={:do {/ip firewall address-list remove [find where list=("backup".$listname)]} on-error={} } else={ :do {:foreach i in=[/ip firewall address-list find list=("backup".$listname)] do={/ip firewall address-list set list=$listname $i }} on-error={} :put "Restoring backup list: $listname" :if ($nolog = null) do={:log warning "Restoring backup list: $listname"} }; # if counter restore on failure and remove on success}; # do$update url=https://www.spamhaus.org/drop/drop.txt listname=spamhaus remarksign=";" timeout=1d nolog=1$update url=https://lists.blocklist.de/lists/all.txt listname=blockDE timeout=1d nolog=1}# To be used configline settings:# url= https://name.of.the.list# listname=name of address-list# Optinal settings# timeout=the time the entry should be active. If omited then static entries are created.# comment=puts this comment on every line in the choosen address-list (default: no comment)# heirule=this will select on a word on each line if to import or not (default: no heirule)# noerase=any value, then the current list is not erased (default: erase)# ownPosix=allow to enter a onw regEX posix to be used (not ative at this moment)# nolog= any value, then don't write to the log (default: writing to log)
Statistics: Posted by MTNick — Thu Mar 28, 2024 11:56 pm
Statistics: Posted by emunt6 — Thu Mar 28, 2024 11:23 pm
Statistics: Posted by anav — Thu Mar 28, 2024 11:23 pm
Statistics: Posted by jaclaz — Thu Mar 28, 2024 11:09 pm
Statistics: Posted by LeoNaXe — Thu Mar 28, 2024 10:53 pm
Statistics: Posted by eddieb — Thu Mar 28, 2024 10:45 pm
Statistics: Posted by rogerioqueiroz — Thu Mar 28, 2024 10:43 pm
/ip addressadd address=10.0.X.1/24 network=10.0.X.0 interface="wireguard_interface"/interface wireguard peeradd allowed-address=10.0.X.2/32 ...
Statistics: Posted by TheCat12 — Thu Mar 28, 2024 10:38 pm
Statistics: Posted by anav — Thu Mar 28, 2024 10:25 pm
Statistics: Posted by 0xAA55 — Thu Mar 28, 2024 10:06 pm
Statistics: Posted by infabo — Thu Mar 28, 2024 9:59 pm
Statistics: Posted by TheCat12 — Thu Mar 28, 2024 9:54 pm
Statistics: Posted by holvoetn — Thu Mar 28, 2024 9:54 pm
Statistics: Posted by apitsos — Thu Mar 28, 2024 9:53 pm
Statistics: Posted by Michiganbroadband — Thu Mar 28, 2024 9:44 pm
Statistics: Posted by anav — Thu Mar 28, 2024 9:43 pm
Statistics: Posted by Michiganbroadband — Thu Mar 28, 2024 9:42 pm
NATFlags: X - disabled, I - invalid; D - dynamic
0 D ;;; special dummy rule to show fasttrack counters
chain=forward action=passthrough
1 ;;; accept established,related,untracked
chain=input action=accept connection-state=established,related,untracked
2 ;;; drop invalid
chain=input action=drop connection-state=invalid
3 ;;; accept ICMP
chain=input action=accept protocol=icmp
4 ;;; accept to local loopback (for CAPsMAN)
chain=input action=accept dst-address=127.0.0.1
5 ;;; drop all not coming from LAN
chain=input action=drop in-interface-list=!LAN
6 ;;; accept in ipsec policy
chain=forward action=accept ipsec-policy=in,ipsec
7 ;;; accept out ipsec policy
chain=forward action=accept ipsec-policy=out,ipsec
8 ;;; fasttrack
chain=forward action=fasttrack-connection hw-offload=yes connection-state=established,related
9 ;;; accept established, related, untracked
chain=forward action=accept connection-state=established,related,untracked
10 ;;; drop invalid
chain=forward action=drop connection-state=invalid
11 ;;; drop all from WAN not DSTNATed
chain=forward action=drop connection-state=new connection-nat-state=!dstnat in-interface-list=WAN
MangleFlags: X - disabled, I - invalid; D - dynamic
0 I ;;;
chain=srcnat action=masquerade src-address-list=LAN out-interface=pppoe-out1 log=no log-prefix=""
1 ;;; masquerade
chain=srcnat action=masquerade out-interface-list=WAN ipsec-policy=out,none
Do you have a hint for me where to look for the issue? Maybe you even have a possible solution?Flags: X - disabled, I - invalid; D - dynamic
0 D ;;; special dummy rule to show fasttrack counters
chain=prerouting action=passthrough
1 D ;;; special dummy rule to show fasttrack counters
chain=forward action=passthrough
2 D ;;; special dummy rule to show fasttrack counters
chain=postrouting action=passthrough
3 I ;;;
chain=forward action=change-mss new-mss=1452 passthrough=yes tcp-flags=syn protocol=tcp out-interface=pppoe-out1 tcp-mss=1453-65535 log=no log-prefix=""
Statistics: Posted by svh79 — Thu Mar 28, 2024 9:38 pm
Statistics: Posted by mkx — Thu Mar 28, 2024 9:26 pm
Statistics: Posted by Michiganbroadband — Thu Mar 28, 2024 9:23 pm
Statistics: Posted by bpwl — Thu Mar 28, 2024 9:22 pm
Wireguard server: HV+h7mvZc/vS4kGxcYQMZvBk3WxhJ/zXslz/J40UqSM=: Sending handshake initiation to peer (37.221.211.44:13320)Wireguard server: HV+h7mvZc/vS4kGxcYQMZvBk3WxhJ/zXslz/J40UqSM=: Handshake for peer did not complete after 5 seconds, retrying (try 4)
And so on indefinitely even though I disconnected from the phone. Is there any way to limit this?Statistics: Posted by Bolendox — Thu Mar 28, 2024 9:17 pm
Statistics: Posted by cmmike — Thu Mar 28, 2024 9:15 pm
Statistics: Posted by holvoetn — Thu Mar 28, 2024 9:11 pm
Statistics: Posted by patrikg — Thu Mar 28, 2024 9:08 pm
# model = RB750r2/interface bridgeadd auto-mac=no comment=defconf name=bridge vlan-filtering=yes/interface pppoe-clientadd add-default-route=yes disabled=no interface=ether1 name=pppoe-out1 use-peer-dns=yes user=miuserpppoe/interface bridge vlanadd bridge=bridge tagged=bridge,ether2,ether3 vlan-ids=10/interface listadd comment=defconf name=WANadd comment=defconf name=LAN/ip hotspot profileset [ find default=yes ] html-directory=hotspot/ip pooladd name=default-dhcp ranges=192.168.88.10-192.168.88.254add name=dhcp_pool1 ranges=192.168.10.2-192.168.10.254/ip dhcp-serveradd address-pool=default-dhcp interface=bridge name=defconfadd address-pool=dhcp_pool1 interface=vlan10-HOME name=dhcp1/interface bridge portadd bridge=bridge comment=defconf interface=ether2add bridge=bridge comment=defconf interface=ether3add bridge=bridge comment=defconf interface=ether4add bridge=bridge comment=defconf interface=ether5/ip neighbor discovery-settingsset discover-interface-list=LAN/interface bridge vlanadd bridge=bridge tagged=ether3 vlan-ids=10/interface list memberadd comment=defconf interface=bridge list=LANadd comment=defconf interface=pppoe-out1 list=WAN/ip addressadd address=192.168.88.1/24 comment=defconf interface=bridge network=192.168.88.0add address=192.168.10.1/24 interface=vlan10-HOME network=192.168.10.0/ip dhcp-clientadd comment=defconf interface=ether1/ip dhcp-server networkadd address=192.168.10.0/24 dns-server=1.1.1.1 gateway=192.168.10.1add address=192.168.88.0/24 comment=defconf dns-server=192.168.88.1 gateway=192.168.88.1# model = L41G-2axD/interface bridgeadd name=bridge1 vlan-filtering=yes/interface wifiset [ find default-name=wifi1 ] channel.band=2ghz-ax .width=20/40mhz configuration.country=Spain .mode=ap .ssid=VLAN10-HOME disabled=no name=VLAN10-HOME/interface bridge portadd bridge=bridge1 interface=ether1add bridge=bridge1 interface=ether2add bridge=bridge1 interface=ether3add bridge=bridge1 interface=ether4add bridge=bridge1 interface=VLAN10-HOME pvid=10/interface bridge vlanadd bridge=bridge1 tagged=ether1 vlan-ids=10/ip dhcp-clientadd interface=bridge1/system noteset show-at-login=no/system routerboard settingsset auto-upgrade=yes
Is there something I'm missing with the new driver?Statistics: Posted by fibracapi — Thu Mar 28, 2024 9:04 pm
Statistics: Posted by TheCat12 — Thu Mar 28, 2024 8:59 pm
[hendry@red] > /system/logging/printFlags: * - DEFAULTColumns: TOPICS, ACTION# TOPICS ACTION0 * info remote1 * error remote2 * warning remote3 * critical echo[hendry@red] > /system/logging/action/printFlags: * - default 0 * name="memory" target=memory memory-lines=1000 memory-stop-on-full=no 1 * name="disk" target=disk disk-file-name="log" disk-lines-per-file=1000 disk-file-count=2 disk-stop-on-full=no 2 * name="echo" target=echo remember=yes 3 * name="remote" target=remote remote=X.X.X.X remote-port=9000 src-address=0.0.0.0 bsd-syslog=yes syslog-time-format=bsd-syslog syslog-facility=daemon syslog-severity=auto
Statistics: Posted by hendry — Thu Mar 28, 2024 8:58 pm
Statistics: Posted by Michiganbroadband — Thu Mar 28, 2024 8:57 pm
[admin@MikroTik] > /system license print system-id: vWS********** level: p1 limited-upgrades: no next-renewal-at: 2024-04-27 20:59:59 deadline-at: 2024-05-27 20:59:59[admin@MikroTik] > /system license renew account: some.user@domain.compassword: ********** level: p1 status: doneHowever, nothing seems to have changed... ????????[admin@MikroTik] > /system license print system-id: vWS********** level: p1 limited-upgrades: no next-renewal-at: 2024-04-27 20:59:59 deadline-at: 2024-05-27 20:59:59
Statistics: Posted by donmunyak — Thu Mar 28, 2024 8:54 pm
Statistics: Posted by Michiganbroadband — Thu Mar 28, 2024 8:52 pm
> sys package update check-for-updates channel: stable installed-version: 7.14.2 latest-version: 7.14.1 status: New version is available
Statistics: Posted by sawa — Thu Mar 28, 2024 8:47 pm
Statistics: Posted by cmmike — Thu Mar 28, 2024 8:40 pm
Statistics: Posted by Michiganbroadband — Thu Mar 28, 2024 8:35 pm
Statistics: Posted by Michiganbroadband — Thu Mar 28, 2024 8:34 pm
Statistics: Posted by Nullcaller — Thu Mar 28, 2024 8:15 pm
# 2024-03-28 13:59:17 by RouterOS 7.11.2# software id = Q6JG-Q80C## model = L009UiGS-2HaxD# serial number = HF3095E6YNJ/interface bridgeadd admin-mac=78:9A:18:60:1C:5A auto-mac=no comment=defconf name="bridge[LAN]"/interface ethernetset [ find default-name=ether1 ] name="ether1[WAN]"/interface wifiwave2set [ find default-name=wifi1 ] channel.band=2ghz-ax .skip-dfs-channels=10min-cac .width=20/40mhz configuration.country=\ "United States" .mode=ap .ssid="wifi" disabled=no security.authentication-types=wpa2-psk,wpa3-psk/interface listadd comment=defconf name=WANadd comment=defconf name=LAN/ip pooladd name=default-dhcp ranges=192.168.88.10-192.168.88.254/ip dhcp-serveradd address-pool=default-dhcp interface="bridge[LAN]" lease-time=8h name=defconf/portset 0 name=serial0/interface bridge portadd bridge="bridge[LAN]" comment=defconf interface=ether2add bridge="bridge[LAN]" comment=defconf interface=ether3add bridge="bridge[LAN]" comment=defconf interface=ether4add bridge="bridge[LAN]" comment=defconf interface=ether5add bridge="bridge[LAN]" comment=defconf interface=ether6add bridge="bridge[LAN]" comment=defconf interface=ether7add bridge="bridge[LAN]" comment=defconf interface=ether8add bridge="bridge[LAN]" comment=defconf interface=sfp1add bridge="bridge[LAN]" comment=defconf interface=wifi1/ip neighbor discovery-settingsset discover-interface-list=LAN/interface list memberadd comment=defconf interface="bridge[LAN]" list=LANadd comment=defconf interface="ether1[WAN]" list=WAN/ip addressadd address=192.168.88.1/24 comment=defconf interface="bridge[LAN]" network=192.168.88.0/ip dhcp-clientadd comment=defconf interface="ether1[WAN]"/ip dhcp-server leaseadd address=192.168.88.2 client-id=1:7c:10:c9:3c:b7:c6 mac-address=7C:10:C9:3C:B7:C6add address=192.168.88.3 client-id=1:7c:10:c9:45:a2:7f mac-address=7C:10:C9:45:A2:7F/ip dhcp-server networkadd address=192.168.88.0/24 comment=defconf dns-server=192.168.88.1 gateway=192.168.88.1/ip dnsset allow-remote-requests=yes servers=192.168.88.1/ip dns staticadd address=192.168.88.1 comment=defconf name=router.lan/ip firewall filteradd action=accept chain=input comment="defconf: accept established,related,untracked" connection-state=\ established,related,untrackedadd action=drop chain=input comment="defconf: drop invalid" connection-state=invalidadd action=accept chain=input comment="defconf: accept ICMP" protocol=icmpadd action=accept chain=input comment="defconf: accept to local loopback (for CAPsMAN)" dst-address=127.0.0.1add action=drop chain=input comment="defconf: drop all not coming from LAN" in-interface-list=!LAN log-prefix=\ Firewall::Drop::WANadd action=accept chain=forward comment="defconf: accept in ipsec policy" ipsec-policy=in,ipsecadd action=accept chain=forward comment="defconf: accept out ipsec policy" ipsec-policy=out,ipsecadd action=fasttrack-connection chain=forward comment="defconf: fasttrack" connection-state=established,related hw-offload=\ yesadd action=accept chain=forward comment="defconf: accept established,related, untracked" connection-state=\ established,related,untrackedadd action=drop chain=forward comment="defconf: drop invalid" connection-state=invalidadd action=drop chain=forward comment="defconf: drop all from WAN not DSTNATed" connection-nat-state=!dstnat \ connection-state=new in-interface-list=WAN/ip firewall natadd action=masquerade chain=srcnat comment="defconf: masquerade" ipsec-policy=out,none out-interface-list=WANadd action=masquerade chain=srcnat dst-address=192.168.88.0/24 src-address=192.168.88.0/24add action=dst-nat chain=dstnat dst-port=3000 in-interface="ether1[WAN]" log=yes log-prefix=Firewall::Accept::GOGS protocol=\ tcp to-addresses=192.168.88.3 to-ports=3000add action=dst-nat chain=dstnat dst-port=8096 in-interface="ether1[WAN]" log=yes log-prefix=Firewall::Accept::Jellyfin \ protocol=tcp to-addresses=192.168.88.3 to-ports=8096add action=dst-nat chain=dstnat dst-port=42069 in-interface="ether1[WAN]" log=yes log-prefix=Firewall::Accept::SSH protocol=\ tcp to-addresses=192.168.88.3 to-ports=42069/ip serviceset telnet disabled=yesset ftp disabled=yesset www disabled=yesset api disabled=yesset api-ssl disabled=yes/ipv6 firewall address-listadd address=::/128 comment="defconf: unspecified address" list=bad_ipv6add address=::1/128 comment="defconf: lo" list=bad_ipv6add address=fec0::/10 comment="defconf: site-local" list=bad_ipv6add address=::ffff:0.0.0.0/96 comment="defconf: ipv4-mapped" list=bad_ipv6add address=::/96 comment="defconf: ipv4 compat" list=bad_ipv6add address=100::/64 comment="defconf: discard only " list=bad_ipv6add address=2001:db8::/32 comment="defconf: documentation" list=bad_ipv6add address=2001:10::/28 comment="defconf: ORCHID" list=bad_ipv6add address=3ffe::/16 comment="defconf: 6bone" list=bad_ipv6/ipv6 firewall filteradd action=accept chain=input comment="defconf: accept established,related,untracked" connection-state=\ established,related,untrackedadd action=drop chain=input comment="defconf: drop invalid" connection-state=invalidadd action=accept chain=input comment="defconf: accept ICMPv6" protocol=icmpv6add action=accept chain=input comment="defconf: accept UDP traceroute" port=33434-33534 protocol=udpadd action=accept chain=input comment="defconf: accept DHCPv6-Client prefix delegation." dst-port=546 protocol=udp \ src-address=fe80::/10add action=accept chain=input comment="defconf: accept IKE" dst-port=500,4500 protocol=udpadd action=accept chain=input comment="defconf: accept ipsec AH" protocol=ipsec-ahadd action=accept chain=input comment="defconf: accept ipsec ESP" protocol=ipsec-espadd action=accept chain=input comment="defconf: accept all that matches ipsec policy" ipsec-policy=in,ipsecadd action=drop chain=input comment="defconf: drop everything else not coming from LAN" in-interface-list=!LANadd action=accept chain=forward comment="defconf: accept established,related,untracked" connection-state=\ established,related,untrackedadd action=drop chain=forward comment="defconf: drop invalid" connection-state=invalidadd action=drop chain=forward comment="defconf: drop packets with bad src ipv6" src-address-list=bad_ipv6add action=drop chain=forward comment="defconf: drop packets with bad dst ipv6" dst-address-list=bad_ipv6add action=drop chain=forward comment="defconf: rfc4890 drop hop-limit=1" hop-limit=equal:1 protocol=icmpv6add action=accept chain=forward comment="defconf: accept ICMPv6" protocol=icmpv6add action=accept chain=forward comment="defconf: accept HIP" protocol=139add action=accept chain=forward comment="defconf: accept IKE" dst-port=500,4500 protocol=udpadd action=accept chain=forward comment="defconf: accept ipsec AH" protocol=ipsec-ahadd action=accept chain=forward comment="defconf: accept ipsec ESP" protocol=ipsec-espadd action=accept chain=forward comment="defconf: accept all that matches ipsec policy" ipsec-policy=in,ipsecadd action=drop chain=forward comment="defconf: drop everything else not coming from LAN" in-interface-list=!LAN/system clockset time-zone-name=America/New_York/system noteset show-at-login=no/system routerboard settingsset enter-setup-on=delete-key/tool mac-serverset allowed-interface-list=LAN/tool mac-server mac-winboxset allowed-interface-list=LAN
Statistics: Posted by 0xAA55 — Thu Mar 28, 2024 8:12 pm
Statistics: Posted by mkx — Thu Mar 28, 2024 8:02 pm
/interface/wifi/security/set sec1 ft-over-ds=no ft-preserve-vlanid=no ft=no
Statistics: Posted by sinisa — Thu Mar 28, 2024 7:58 pm
Statistics: Posted by matbcvo — Thu Mar 28, 2024 7:44 pm
Statistics: Posted by petardo — Thu Mar 28, 2024 7:42 pm
Statistics: Posted by patrikg — Thu Mar 28, 2024 7:26 pm
Statistics: Posted by iustin — Thu Mar 28, 2024 7:25 pm
Statistics: Posted by mkx — Thu Mar 28, 2024 7:23 pm