Community discussions

MikroTik App

Search found 124 matches

by TomSF
Thu Sep 07, 2023 9:49 pm
Forum: General
Topic: iPad not auto-reconncting to Wireguard after router reboot
Replies: 13
Views: 1566

Re: iPad not auto-reconncting to Wireguard after router reboot

Is the wireguard now working properly or not? Aka still having issues? I just did a manual router reboot and the iPad reconnected to WG. The issue typically happened when the router automatically upgraded to a new ROS version, but I doubt that is significant. For now, it looks like the issue is res...
by TomSF
Thu Sep 07, 2023 9:09 pm
Forum: General
Topic: iPad not auto-reconncting to Wireguard after router reboot
Replies: 13
Views: 1566

Re: iPad not auto-reconncting to Wireguard after router reboot

On demand is NOT, I repeat, NOT an MT function and is not on the MT router. It is a VPN function that will be available on VPN associated APs, such as an option on wireguard app for ios. Therefore asking about a VPN function on a non-MT device and operating system and a functionality that doesnt ex...
by TomSF
Thu Sep 07, 2023 8:40 pm
Forum: General
Topic: iPad not auto-reconncting to Wireguard after router reboot
Replies: 13
Views: 1566

Re: iPad not auto-reconncting to Wireguard after router reboot

You have got to be kidding? You are asking about IOS VPN functionality on an MT forum. Are yee that lazy? anav, I have seen lots of your posts and expected something like this from you. That is not a compliment! I began this post by stating it is probably an iOS issue but would start with this foru...
by TomSF
Thu Sep 07, 2023 6:45 pm
Forum: General
Topic: iPad not auto-reconncting to Wireguard after router reboot
Replies: 13
Views: 1566

Re: iPad not auto-reconncting to Wireguard after router reboot

Do you have On-Demand enabled in the iPad Wireguard app?
It was off and I have turned it on for any wifi SSID. Hoping that is the solution, can you explain exactly what On-Demand does? Thanks.
by TomSF
Wed Sep 06, 2023 1:52 am
Forum: General
Topic: iPad not auto-reconncting to Wireguard after router reboot
Replies: 13
Views: 1566

Re: iPad not auto-reconncting to Wireguard after router reboot

Not sure what you are describing here, normally the wireguard connection is from the mobile device when away, back to the home router. So this talk about ipad and wifi means nothing to me. Do you actually mean you use a third party vpn service? If not, then local access to the internet is done thro...
by TomSF
Tue Sep 05, 2023 9:16 pm
Forum: General
Topic: iPad not auto-reconncting to Wireguard after router reboot
Replies: 13
Views: 1566

iPad not auto-reconncting to Wireguard after router reboot

I am running ROS v7.12beta3 on a CCR1009-7G-1C. The issue is probably an iOS issue, not an ROS issue, but I'll try here first. The issue has existed for multiple ROS versions, ever since I started using WG. I have two iOS devices (iPhone and iPad), both with WG clients connecting to the WG server on...
by TomSF
Thu Jun 08, 2023 11:50 pm
Forum: RouterOS beta
Topic: Failure to connect to HAP ax^3 wifi
Replies: 3
Views: 1908

Re: Failure to connect to HAP ax^3 wifi

This is a "never mind" moment. As I pasted the two configurations in this response, I saw that my failing security profile had an extra letter in the passphrase vs. explicitly putting the passphrase in the configuration. After fixing that everything works as expected.
by TomSF
Thu Jun 08, 2023 6:29 pm
Forum: RouterOS beta
Topic: Failure to connect to HAP ax^3 wifi
Replies: 3
Views: 1908

Failure to connect to HAP ax^3 wifi

I observed this issue with v7.10rc3 and do not know if it applies to other versions. The ax^3 is configured as an AP directly (no capsman). I added a device to my world that required a 2.4G wifi which I already had configured on the ax^3. The device would connect and disconnect 2 seconds later. It n...
by TomSF
Thu May 11, 2023 12:56 am
Forum: Announcements
Topic: v7.9 [stable] is released!
Replies: 242
Views: 52923

Re: v7.9 [stable] is released!

Many of the bugs fixed in version 7.9 have been introduced in the 7.8 beta. And many errors seem to occur randomly. This is a sign of bad programming: before 'fixing' old bugs, you should review your development team. which is why us old timers used to love the long term release tree, but now that ...
by TomSF
Wed May 10, 2023 6:11 pm
Forum: Announcements
Topic: v7.9 [stable] is released!
Replies: 242
Views: 52923

Re: v7.9 [stable] is released!

I upgraded my AX3 from 7.8 to 7.9 and it killed my wireless with disconnection issues, see https://www.reddit.com/r/mikrotik/comments/137yhg8/hap_ax3_ros_79_issues/ for more people who are having the issues. I downgraded back to 7.8 and wifi is working again. Configuration is pretty basic with 2 VL...
by TomSF
Wed May 10, 2023 5:45 pm
Forum: Announcements
Topic: v7.9 [stable] is released!
Replies: 242
Views: 52923

Re: v7.9 [stable] is released!

... the "patch" of having a different capsman for wifiwave2 is *horrible*... I couldn't agree more. I waited a long time for ax^3 availability and was shocked when I found out about the capsman situation. Luckily, I only have one wifiwave2 device and as it turns out, new capsman couldn't ...
by TomSF
Mon May 08, 2023 5:25 pm
Forum: Announcements
Topic: v7.9 [stable] is released!
Replies: 242
Views: 52923

Re: v7.9 [stable] is released!

I have a very similar setup to yours and have never had any problems. Do you use vlans? For the record, I have the problem and do not have vlans. Also, I do not have to do anything special after a reboot for devices to start registering again. As far as MT's QA procedures, I naively assumed somebod...
by TomSF
Sun May 07, 2023 4:44 pm
Forum: Announcements
Topic: v7.9 [stable] is released!
Replies: 242
Views: 52923

Re: v7.9 [stable] is released!

So 3 people with the same problem then so far. I am not sure if I am one of the three but include me in the list. I am using wpa2 & 3 and as I had reported, registrations get dropped and no new ones can be created with my ax^3, thus requiring a reboot. Holvoeth's post hopefully narrowed things ...
by TomSF
Sat May 06, 2023 6:14 pm
Forum: Announcements
Topic: v7.9 [stable] is released!
Replies: 242
Views: 52923

Re: v7.9 [stable] is released!

v7.9 on hap ax^3 drops wifi registrations and will not allow new ones until a reboot. This problem was observed and reported by at least 2 of us using v7.9 rc4. It seemed fixed in rc5 and v7.9 stable but after 3 days of running, all registrations were gone. There were registrations last evening and ...
by TomSF
Fri May 05, 2023 8:43 pm
Forum: Announcements
Topic: v7.9 [stable] is released!
Replies: 242
Views: 52923

Re: v7.9 [stable] is released!

ROS 7.9 seems to have broken IPv6 for at least tile on a CCR1009-7G-1C. With 7.9 there are no connections to global WAN addresses. Trying to ping one says there is no route. I downgraded to 7.8 and immediately had lots of IPv6 global connections. I reinstalled 7.9 and again could not get any global...
by TomSF
Thu May 04, 2023 11:40 pm
Forum: Announcements
Topic: v7.9 [stable] is released!
Replies: 242
Views: 52923

Re: v7.9 [stable] is released!

Are you using stateful or slaac? I am using slaac. The dhcpv6 client asks for and gets a prefix for ND. I add an address from the pool for the router which creates a route. This works fine with 7.8 but not 7.9. I will dig into it later but was curious what is working for you. I am using DHCPv6 PD c...
by TomSF
Thu May 04, 2023 7:11 pm
Forum: Announcements
Topic: v7.9 [stable] is released!
Replies: 242
Views: 52923

Re: v7.9 [stable] is released!

IPv6 works fine for me on version 7.9 Are you using stateful or slaac? I am using slaac. The dhcpv6 client asks for and gets a prefix for ND. I add an address from the pool for the router which creates a route. This works fine with 7.8 but not 7.9. I will dig into it later but was curious what is w...
by TomSF
Thu May 04, 2023 6:33 pm
Forum: Announcements
Topic: v7.9 [stable] is released!
Replies: 242
Views: 52923

Re: v7.9 [stable] is released!

Since I upgraded to 7.9 (from 7.9rc2) my Homepod seems to have connection issues. I'm getting "The Home hub is not responding / The Home hub is now responding" notifications several times a day. Wifi controller shows an uptime of 1d+ for this device without an increased rate in retransmis...
by TomSF
Thu May 04, 2023 2:57 am
Forum: Announcements
Topic: v7.9 [stable] is released!
Replies: 242
Views: 52923

Re: v7.9 [stable] is released!

ROS 7.9 seems to have broken IPv6 for at least tile on a CCR1009-7G-1C. With 7.9 there are no connections to global WAN addresses. Trying to ping one says there is no route. I downgraded to 7.8 and immediately had lots of IPv6 global connections. I reinstalled 7.9 and again could not get any global ...
by TomSF
Mon May 01, 2023 6:02 pm
Forum: Announcements
Topic: v7.9rc is released!
Replies: 253
Views: 74249

Re: v7.9rc is released!

Bug #2: If I open Webfig on hAP ax3 and click on: Wireless -> Radios → wifi1 (5GHz radio) Webfig hangs, and I need to reload webpage again. If I click on Wireless -> Radios → wifi2 it works. Using Winbox it works for both radios. On hAP ax2 it works for both wifi1 and wifi2 in Webfig and Winbox, so...
by TomSF
Sat Apr 29, 2023 5:45 pm
Forum: Announcements
Topic: v7.9rc is released!
Replies: 253
Views: 74249

Re: v7.9rc is released!

Problems with v7.9rc4 on hAP ax^3. Using the ax^3 as AP only. I have now rolled back to v7.8. 1) The system has crashed and restarted once. 2) Two times all clients registered with the AP have disappeared, and no clients can register or register without an AP reboot. As a general question, is the IP...
by TomSF
Fri Apr 14, 2023 9:21 pm
Forum: General
Topic: Link bonding and DHCP client
Replies: 0
Views: 343

Link bonding and DHCP client

Comcast recently upped my speed to 1.2 gb/s so I am trying to bond two ports to take advantage. The cable modem is a Motorola MB8600 in which I have enabled "LAG(Link Aggregation Group, or Ethernet Port Bonding)". My router is a CCR1009-7G-1C (no switch chip). Until now, WAN was ether1 and...
by TomSF
Sat Mar 25, 2023 1:52 am
Forum: Wireless Networking
Topic: MikroTik hAP ax3 poor WiFi performance
Replies: 257
Views: 45116

Re: MikroTik hAP ax3 poor WiFi performance

Your configuration looks pretty close to mine. I didn't specify any frequencies, chains or vlan-id though. When I run monitor, I do not see the available channels listed, as your output shows. I have seen weirdness testing with my android phone. At times, usually after turning off wireguard, a speed...
by TomSF
Sun Mar 19, 2023 5:18 pm
Forum: Wireless Networking
Topic: MikroTik hAP ax3 poor WiFi performance
Replies: 257
Views: 45116

Re: MikroTik hAP ax3 poor WiFi performance

I turned off hardware offload individually for each of the 5 ax3 bridge ports. I had bridged all the ports. I just noticed that my wireless interface has it turned on, but it was dynamically added to the bridge, and I do not see a way to turn it off. While I was troubleshooting the performance issue...
by TomSF
Sat Mar 18, 2023 10:14 pm
Forum: Wireless Networking
Topic: MikroTik hAP ax3 poor WiFi performance
Replies: 257
Views: 45116

Re: MikroTik hAP ax3 poor WiFi performance

I turned on rstp, but not sure where you disable hardware offloading. Any clues? I found two places that look relevant. In the switch settings, uncheck the box that says, "Switch all ports". Then for each bridge port (I have all ports in the bridge), uncheck the box that says, "Hardw...
by TomSF
Sun Mar 12, 2023 10:23 pm
Forum: Wireless Networking
Topic: MikroTik hAP ax3 poor WiFi performance
Replies: 257
Views: 45116

Re: MikroTik hAP ax3 poor WiFi performance

Thanks, that didn't seem to do anything for me, still stuck at 500Mbps with capsman enabled compared to 7-800Mbps without.
I am not using capsman, since I only have 1 wifiwave2 device and its capsman cannot configure my other 7 access points.
by TomSF
Sun Mar 12, 2023 10:14 pm
Forum: Wireless Networking
Topic: MikroTik hAP ax3 poor WiFi performance
Replies: 257
Views: 45116

Re: MikroTik hAP ax3 poor WiFi performance

I turned on rstp, but not sure where you disable hardware offloading. Any clues? I found two places that look relevant. In the switch settings, uncheck the box that says, "Switch all ports". Then for each bridge port (I have all ports in the bridge), uncheck the box that says, "Hardw...
by TomSF
Sun Mar 12, 2023 8:27 pm
Forum: Wireless Networking
Topic: MikroTik hAP ax3 poor WiFi performance
Replies: 257
Views: 45116

Re: MikroTik hAP ax3 poor WiFi performance

A brief update. I found Mikrotik documentation that said hardware offload for the IPQ PPE chip used in the ax3 is a work in progress and to not use it. Instead, turn on rstp for the bridge. I turned off hardware offload for all the ports and turned on rstp. Speedtest now has 764 download speed! That...
by TomSF
Sun Mar 12, 2023 3:00 am
Forum: Wireless Networking
Topic: MikroTik hAP ax3 poor WiFi performance
Replies: 257
Views: 45116

Re: MikroTik hAP ax3 poor WiFi performance

My problem has been solved, and it only took me most of the day!! Once I turned off hardware offload for the ax3 port connected to the ccr, the order of magnitude difference between Tx and Rx went away. My Speetest results went from 94.7 to 233 (not quite as good as the 241 when I was associated wit...
by TomSF
Sat Mar 11, 2023 5:13 pm
Forum: Wireless Networking
Topic: MikroTik hAP ax3 poor WiFi performance
Replies: 257
Views: 45116

Re: MikroTik hAP ax3 poor WiFi performance

Great info, thanks. Yes, I know not to run btest on the router but desperate times call for desperate measures. In my testing I only experienced packet loss when I had the direction set to "both". I have done so many tests that I have gotten totally confused. I am going to rerun tests and ...
by TomSF
Sat Mar 11, 2023 12:04 am
Forum: Wireless Networking
Topic: MikroTik hAP ax3 poor WiFi performance
Replies: 257
Views: 45116

Re: MikroTik hAP ax3 poor WiFi performance

Between ax3 and rb5009, close to 2.3g using 2.5 ether port.
Up and down.
Both devices on 7.8
Thanks for the info. Just to be sure, you were using btest reported numbers?
by TomSF
Fri Mar 10, 2023 11:49 pm
Forum: Wireless Networking
Topic: MikroTik hAP ax3 poor WiFi performance
Replies: 257
Views: 45116

Re: MikroTik hAP ax3 poor WiFi performance

Yes, I meant LAN only. For now, I have taken wifi out of my investigation, although I wonder if the LAN-only weirdness is related to my poor wifi performance. Sorry for all the confusion. I realized I had not tested one btest scenario; ax3<->ccr. With client on ax3 - receive=95.4 - send=955 With cl...
by TomSF
Fri Mar 10, 2023 8:17 pm
Forum: Wireless Networking
Topic: MikroTik hAP ax3 poor WiFi performance
Replies: 257
Views: 45116

Re: MikroTik hAP ax3 poor WiFi performance

Hi, your tests make no sence..how you can get on AC 945Mb/s? Iguess you mean thorough LAN. Yes, I meant LAN only. For now, I have taken wifi out of my investigation, although I wonder if the LAN-only weirdness is related to my poor wifi performance. Sorry for all the confusion. I realized I had not...
by TomSF
Fri Mar 10, 2023 7:12 pm
Forum: Wireless Networking
Topic: MikroTik hAP ax3 poor WiFi performance
Replies: 257
Views: 45116

Re: MikroTik hAP ax3 poor WiFi performance

radios show 0-1 chains Or shows/means chains 0-1 , that is 2 chains, number 0 and number 1. This is confirmed by the documentation. 2.4GHz has 2 chains (named chain 0 and 1), 5 GHz has 2 chains (named chain 0 and 1). The chains on radio 2.4GHz and 5 GHz are independent, they can use the same antenn...
by TomSF
Fri Mar 10, 2023 6:37 pm
Forum: Wireless Networking
Topic: MikroTik hAP ax3 poor WiFi performance
Replies: 257
Views: 45116

Re: MikroTik hAP ax3 poor WiFi performance

Those who have poor throughput performance, what PHY speed do you see? I use ax3 whit capsman v2 and performance is great. Real wold speeds are around 500-600mbps in the same room/open space. ac2 performance was x2 slower as capsman v1 throughput is around 350mbps (80mhz channel). With my Surface I...
by TomSF
Fri Mar 10, 2023 5:52 pm
Forum: Wireless Networking
Topic: MikroTik hAP ax3 poor WiFi performance
Replies: 257
Views: 45116

Re: MikroTik hAP ax3 poor WiFi performance

(snip) ...hAP ax3, OTOH, has only 2 chains and thus supports up to 866Mbps interface rate (if running in ac compatibility)or 1200Mbps interface rate (if running in ax mode). All numbers are for 80MHz channel, according to specs hAP ac doesn't support 160MHz channels. ... (snip) This relates to my e...
by TomSF
Fri Mar 10, 2023 5:37 pm
Forum: Wireless Networking
Topic: MikroTik hAP ax3 poor WiFi performance
Replies: 257
Views: 45116

Re: MikroTik hAP ax3 poor WiFi performance

Hi, your tests make no sence..how you can get on AC 945Mb/s? Iguess you mean thorough LAN.
Yes, I meant LAN only. For now, I have taken wifi out of my investigation, although I wonder if the LAN-only weirdness is related to my poor wifi performance. Sorry for all the confusion.
by TomSF
Fri Mar 10, 2023 12:27 am
Forum: Wireless Networking
Topic: MikroTik hAP ax3 poor WiFi performance
Replies: 257
Views: 45116

Re: MikroTik hAP ax3 poor WiFi performance

I thought I posted the following but do not see it so here I go again. I ran a bunch of btest's involving 2 hap ac's and the ax3. All of them flow through the CCR router. The results are mysterious but maybe related to the wifi issues. AC1 <-> AC2 - sending @ 755Mb/s - receiving @ 790Mb/s - it does ...
by TomSF
Fri Mar 10, 2023 12:08 am
Forum: Wireless Networking
Topic: MikroTik hAP ax3 poor WiFi performance
Replies: 257
Views: 45116

Re: MikroTik hAP ax3 poor WiFi performance

54C. I do not know how to put it under load but typically there are only about 6 wifi clients at a time and three clients connected via ethernet ports. In other words, it is never highly loaded.
by TomSF
Thu Mar 09, 2023 9:43 pm
Forum: Wireless Networking
Topic: MikroTik hAP ax3 poor WiFi performance
Replies: 257
Views: 45116

Re: MikroTik hAP ax3 poor WiFi performance

It says 26. 2G tx power is 27.
by TomSF
Thu Mar 09, 2023 7:38 pm
Forum: Wireless Networking
Topic: MikroTik hAP ax3 poor WiFi performance
Replies: 257
Views: 45116

Re: MikroTik hAP ax3 poor WiFi performance

I just got an ax3 as a drop-in replacement for a hap ac and quickly discovered the poor wifi bandwidth issue discussed in this thread. Using the same test devices (Samsung Galaxy s10e, Windows 11 PC with Intel Killer wifi 6E ax1675x adapter, and Microsoft Surface w/ Intel wireless) from the same loc...
by TomSF
Sat Jul 02, 2022 6:25 pm
Forum: General
Topic: Need help bypassing connection tracking
Replies: 2
Views: 440

Re: Need help bypassing connection tracking

That makes sense. I had a filter to allow untracked on the forward chain, but the packet probably never got that far. Thanks.
by TomSF
Thu Jun 30, 2022 9:27 pm
Forum: General
Topic: Need help bypassing connection tracking
Replies: 2
Views: 440

Need help bypassing connection tracking

I have a device that opens an IPv4 TCP connection to a specific port on the WAN. This device loses functionality when that connection goes away which happens when the TCP established timeout occurs. I want to bypass connection tracking for that device to that port. I created a Raw rule to set no-tra...
by TomSF
Fri Jun 24, 2022 11:35 pm
Forum: Beginner Basics
Topic: How to connect my server to the internet through IPv6
Replies: 37
Views: 5422

Re: How to connect my server to the internet through IPv6

"And scripting, well, it's unending source of amusement... if you're into black or morbid humor. ;)"

Amen to that!!!!
by TomSF
Fri Jun 24, 2022 6:17 pm
Forum: Beginner Basics
Topic: How to connect my server to the internet through IPv6
Replies: 37
Views: 5422

Re: How to connect my server to the internet through IPv6

I agree that it appears ROS detects in-use addresses. Adding an address has benefits in that it automatically creates a prefix and a route, but for me there are too many other weird things happening. For years, things worked as expected and then they stopped working. I am going to stick with my scri...
by TomSF
Fri Jun 24, 2022 2:33 am
Forum: Beginner Basics
Topic: How to connect my server to the internet through IPv6
Replies: 37
Views: 5422

Re: How to connect my server to the internet through IPv6

One thing that is different, but I doubt it makes a difference, is my pool is dynamically created by the DHCP6 client. The way I wrote my script, it puts an ...:890::/64 prefix on privateBridge and an ...:891::/64 prefix on the guestBridge. There are no address list entries corresponding to the brid...
by TomSF
Thu Jun 23, 2022 11:36 pm
Forum: Beginner Basics
Topic: How to connect my server to the internet through IPv6
Replies: 37
Views: 5422

Re: How to connect my server to the internet through IPv6

The suggestion "/ipv6 address add interface=privateBridge address=::1/64 from-pool="IPv6 Prefix" advertise=yes" creates an address of xxxx:xxx:8584:890::1/64 on privateBridge, and a used pool prefix of xxxx:xxx:8584:890::/64 on privateBridge. Changing ::1/64 to ::2/64 and assigni...
by TomSF
Thu Jun 16, 2022 8:25 pm
Forum: Beginner Basics
Topic: How to connect my server to the internet through IPv6
Replies: 37
Views: 5422

Re: How to connect my server to the internet through IPv6

Thanks for the blackhole explanation. Per your suggestion, I ripped out and rebuilt my IPV6 configuration. I even rebuilt the firewall per Mikrotik documentation. Nothing changed. I am now in the process of writing a DHCP6 client script to add the prefix to ND and add a route, both of which used to ...
by TomSF
Sat Jun 11, 2022 6:47 pm
Forum: Beginner Basics
Topic: How to connect my server to the internet through IPv6
Replies: 37
Views: 5422

Re: How to connect my server to the internet through IPv6

I hope I am not hijacking this thread, but my issues seem relevant. I am running ROS 7.3.1 on a CCR1009, but the issues precede the latest release. For literally a couple years, I have had private and guest bridges, each getting delegated a /64 prefix from the pool created by the DHCP6 server, which...
by TomSF
Thu May 26, 2022 6:16 pm
Forum: Scripting
Topic: Looking For an answer too zero mac addresses...
Replies: 11
Views: 11018

Re: Looking For an answer too zero mac addresses...

Same zero mac address problem but with IPv6. My neighbor list has 177 items, 48 of which have zero mac addresses. None of these IPv6 addresses w/ zero mac addresses match IPv6 address w/ valid mac addresses. I am running ROS v7.2.3. Things seem to be working OK, but I wish I understood the zero mac ...
by TomSF
Fri May 13, 2022 9:33 pm
Forum: General
Topic: IPv4 address/gateway routing question
Replies: 0
Views: 453

IPv4 address/gateway routing question

My ISP (Comcast) has recently started giving me DHCP client information with which I cannot ping my gateway. I get an IP address of x.x.110.6/22, on network x.x.108.0 with a gateway of x.x.108.1. The default route added by the DHCP client has the x.x.108.1 gateway for address 0.0.0.0/0 and x.x.108.0...
by TomSF
Wed May 11, 2022 11:47 pm
Forum: General
Topic: DNS, NTP firewall rules question
Replies: 5
Views: 1159

Re: DNS, NTP firewall rules question

I think what you have would work. I was only interested in catching those that were not using the router DNS. I probably catch all DNS access, but I don't think that really matters. I did it a little different in that I did not use !dst-address as a test. I used !intrface list (I had WAN defined). I...
by TomSF
Wed May 04, 2022 12:40 am
Forum: General
Topic: IPv6 help needed
Replies: 4
Views: 698

Re: IPv6 help needed

It looks like it was previously working by luck. I had the DHCP client add a default route and as you said, it was using the DHCP server address as the address. I also had forwarding set but not accepting router advertisements. Both have been fixed and all looks good after a router reboot. Thanks.
by TomSF
Tue May 03, 2022 7:48 pm
Forum: General
Topic: IPv6 help needed
Replies: 4
Views: 698

IPv6 help needed

This might be an ISP issue, but I don't know how to diagnose it. The issue is that there is no IPv6 traffic to or from the LAN to the WAN. I know there used to be about a week ago and I have not changed the configuration. The router has gotten an IPv6 address and prefix for LAN delegation. The clien...
by TomSF
Sat Apr 16, 2022 7:42 pm
Forum: General
Topic: DNS, NTP firewall rules question
Replies: 5
Views: 1159

Re: DNS, NTP firewall rules question

Good explanations. I have change the dst-nat rules to only apply to not-WAN input. There are rules for both TCP and UDP, Thanks.
by TomSF
Sat Apr 16, 2022 6:35 pm
Forum: General
Topic: DNS, NTP firewall rules question
Replies: 5
Views: 1159

DNS, NTP firewall rules question

I run DNS and NTP servers on my router. Most of my network clients use them but there are a few that use hard coded addresses. I recently added dst-nat rules to redirect DNS and NTP requests to the servers on the router. Since then, my default drop rule for the input chain has been logging lots of e...
by TomSF
Tue Dec 14, 2021 5:20 pm
Forum: Announcements
Topic: v7.1 is released!
Replies: 785
Views: 220936

Re: v7.1 is released!

There is a default.json file dated 11/25/2017. There was an .npk file accidently placed in the skins folder which I have now deleted. Should I delete default.json and try v7 again? Yes, that is probably the cause of the problem. Delefe that file and reboot the device. It was the cause. Thanks for t...
by TomSF
Mon Dec 13, 2021 11:58 pm
Forum: Announcements
Topic: v7.1 is released!
Replies: 785
Views: 220936

Re: v7.1 is released!

If I did, it was an accident since I don't even know what a webfig skin is. Where would I look for one? There would be a json file in the skins folder under Files. Skins are used to allow you to simplify the MikroTik interface for certain roles, devices and user types. For instance we hide a lot of...
by TomSF
Mon Dec 13, 2021 11:43 pm
Forum: Announcements
Topic: v7.1 is released!
Replies: 785
Views: 220936

Re: v7.1 is released!

That is interesting since I have a CCR1009-7G-1C. Did you do anything special to make it appear? With v6, the winbox list of sections begins Quick Set, CAPsMAN, Interfaces, etc. With v7 WireGuard is in the position where CAPsMAN would be and CAPsMAN is nowhere to be found. Did you happen to make a ...
by TomSF
Mon Dec 13, 2021 10:58 pm
Forum: Announcements
Topic: v7.1 is released!
Replies: 785
Views: 220936

Re: v7.1 is released!

Is CAPSMAN supposed to be in v7.1 tile? I installed 7.1 and there was no capsman so I downgraded back to 6.49rc2 immediately. It is there and works just fine. Using it on CCR1009. That is interesting since I have a CCR1009-7G-1C. Did you do anything special to make it appear? With v6, the winbox li...
by TomSF
Mon Dec 13, 2021 9:31 pm
Forum: Announcements
Topic: v7.1 is released!
Replies: 785
Views: 220936

Re: v7.1 is released!

Is CAPSMAN supposed to be in v7.1 tile? I installed 7.1 and there was no capsman so I downgraded back to 6.49rc2 immediately.
by TomSF
Fri Sep 03, 2021 6:18 pm
Forum: RouterOS beta
Topic: v7.1rc2 [development] is released!
Replies: 194
Views: 42797

Re: v7.1rc2 [development] is released!

I just upgraded Winbox to 3.29 and ROS to v7.1rc2 (tile). Winbox no longer has capsman in its highest level categories, but I still had a capsman window open from before the upgrades. Additional info: I restored winbox 3.28 from a backup but it will not run with v7.1. I downgraded back to 6.49b54 an...
by TomSF
Fri Jul 30, 2021 1:08 am
Forum: RouterOS beta
Topic: v7.1beta6 [development] is released!
Replies: 377
Views: 239876

Re: v7.1beta6 [development] is released!

Does anybody have problems with ipv6? Firewall filters are totally broken. Just added this /ipv6 firewall filter add action=reject chain=forward reject-with=icmp-no-route add action=reject chain=input reject-with=icmp-no-route add action=reject chain=output reject-with=icmp-no-route And still have ...
by TomSF
Tue Jul 20, 2021 7:16 pm
Forum: Announcements
Topic: v6.49beta [testing] is released!
Replies: 171
Views: 88260

Re: v6.49beta [testing] is released!

Regarding DNS caching not working, i.e. using all the cache memory but not retaining cache entries longer than a few seconds, for what it is worth it works fine on v7.1 beta6. It is using all the cache memory allocated but not discarding the entries. v7.1 has a minimum cache size of 512, which v6.49...
by TomSF
Tue Jul 20, 2021 7:09 pm
Forum: RouterOS beta
Topic: capsman upgrade of AP's
Replies: 0
Views: 1314

capsman upgrade of AP's

I am running v7.1b6 tile, and attempted to upgrade mipsbe and arm AP's via capsman (7 in total). I did this one by one, rather than a mass upgrade. Every attempt failed with a log message acknowledging the request and then a failure message saying it failed to download the file, no such file found. ...
by TomSF
Tue Jul 20, 2021 1:53 am
Forum: RouterOS beta
Topic: Admin login/logout via Winbox
Replies: 0
Views: 1526

Admin login/logout via Winbox

I just upgraded to v7.1 beta6 (tile) from 6.49beta54. I logged into my admin account with Winbox and my log shows 294 logout and login entry pairs for my admin account in the first 7.5 minutes. Each logout and login entry pair has the same timestamp. Winbox continued to function normally and after 7...
by TomSF
Fri Jul 09, 2021 6:48 pm
Forum: General
Topic: Weird admin account login
Replies: 6
Views: 971

Re: Weird admin account login

CAPsMAN has almost the same information.
by TomSF
Fri Jul 09, 2021 6:21 pm
Forum: General
Topic: Weird admin account login
Replies: 6
Views: 971

Re: Weird admin account login

Wow, there is a ton of information there. I wish I would have know about that a long time ago, I could have used a lot of it. Interestingly, I have no Wireless Registration information. Could that be because I use CAPsMAN to manage the APs? CAPsMAN does have registration information.
by TomSF
Fri Jul 09, 2021 5:18 pm
Forum: General
Topic: Weird admin account login
Replies: 6
Views: 971

Re: Weird admin account login

The DHCP server allocates starting at 192.168.1.10 and there are no leases below that. I did discover connections from the router to all APs and to itself using port 8291 (the Winbox port). I logged into an AP and it has an active user logged in via Winbox on 7/6/2021 but at a different time. The ro...
by TomSF
Thu Jul 08, 2021 9:05 pm
Forum: General
Topic: Weird admin account login
Replies: 6
Views: 971

Weird admin account login

I have a home network with a router, 7 access points and a couple switches. I am running v6.49beta54. Beta54 automatically installed at 1:00 AM on June 6. I noticed in my log that my admin account logged in via winbox at 1:18:42 AM that day from address 192.168.1.1 which is the local, NAT-ed address...
by TomSF
Tue Jul 06, 2021 11:15 pm
Forum: Announcements
Topic: v6.49beta [testing] is released!
Replies: 171
Views: 88260

Re: v6.49beta [testing] is released!

Just upgraded to 6.49beta54 and I can confirm that the DNS cache issue is still present. I was able to reproduce it using the same POC I provided to support (SUP-51096). My earlier post said it was fixed for me. The fix didn't even last for 24 hours. It is again discarding all cache entries after a...
by TomSF
Tue Jul 06, 2021 5:49 pm
Forum: Announcements
Topic: v6.49beta [testing] is released!
Replies: 171
Views: 88260

Re: v6.49beta [testing] is released!

Is anyone having DNS cache issues with 6.49beta46 ? I just discovered this issue. Entries appear in the cache and then disappear a few seconds later, rendering DNS caching useless. beta 54 was released a few hours after this post and it fixed my dns issue. The cache now has entries that stick and t...
by TomSF
Tue Jul 06, 2021 1:47 am
Forum: Announcements
Topic: v6.49beta [testing] is released!
Replies: 171
Views: 88260

Re: v6.49beta [testing] is released!

Is anyone having DNS cache issues with 6.49beta46 ? RouterOS shows cache is full but looks like there is nothing in the cache. If I keep running /ip dns cache print I notice everything that enters the cache is immediately purged due to lack of cache space. Should I contact support and send them a s...
by TomSF
Sat Apr 03, 2021 2:16 am
Forum: Wireless Networking
Topic: detect LAN log messages
Replies: 6
Views: 2622

Re: detect LAN log messages

Detect-internet was the cause of those messages. I turned it off and they stopped. What value is detect-internet supposed to provide? It must be there for a reason. Anyway, thanks for the advice.
by TomSF
Fri Apr 02, 2021 5:53 pm
Forum: Wireless Networking
Topic: detect LAN log messages
Replies: 6
Views: 2622

Re: detect LAN log messages

How do I disable it?

I am still getting the log messages but discovered they are part of the association process. Whenever a client gets connected, one of those "detect lan" messages appears with the same timestamp.
by TomSF
Fri Apr 02, 2021 5:12 pm
Forum: Wireless Networking
Topic: detect LAN log messages
Replies: 6
Views: 2622

Re: detect LAN log messages

I considered that but haven't done anything with that feature. I didn't even know it was available from the Winbox Interfaces menu. Upon invoking it from the Interfaces menu it had blank names for LAN, WAN and Internet lists. I fixed that and looked at the statuses, which I had done via Terminal. An...
by TomSF
Fri Apr 02, 2021 1:48 am
Forum: Wireless Networking
Topic: detect LAN log messages
Replies: 6
Views: 2622

detect LAN log messages

I have 7 dual-band Mikrotik access points. Each AP has my normal SSID on each band and a guest virtual AP on each band. One has a second virtual AP on the 2.4 band. It has been this way for a few years. Periodically I would see a log message (info buffer, interface topic) that I never understood but...
by TomSF
Thu Mar 04, 2021 6:00 pm
Forum: General
Topic: IPv6 firewall rule for new connections from WAN
Replies: 2
Views: 603

Re: IPv6 firewall rule for new connections from WAN

That may be the answer. I have been running without loose tracking for a couple days and have had no log entries for new connection attempts from the WAN. Thanks.
by TomSF
Tue Mar 02, 2021 12:52 am
Forum: General
Topic: IPv6 firewall rule for new connections from WAN
Replies: 2
Views: 603

IPv6 firewall rule for new connections from WAN

I have a rule to drop invalid packets and another to drop new connections, both for the forward chain from the WAN. The new connection rule logs the packets. Both rules are blocking packets but the log shows TCP flags of ACK,PSH for the new connection rule. I would expect to see SYN. If there is no ...
by TomSF
Sun Oct 18, 2020 11:57 pm
Forum: Announcements
Topic: SwOS version 2.12 released!
Replies: 90
Views: 86560

Re: SwOS version 2.12 released!

Anyone who has been having trouble uprgading from 2.10 to 2.11 or 2.12 i turned RSTP on and after that i managed to upgrade the swOS no problem. Don't know why that is the case. Turning on RSTP on all ports allowed me to upgrade too. After turning it on, the first attempt failed but the second atte...
by TomSF
Tue Sep 15, 2020 2:02 am
Forum: Announcements
Topic: SwOS version 2.12 released!
Replies: 90
Views: 86560

Re: SwOS version 2.12 released!

I am not able to upgrade a CSS106-5G-1S. it detects there is a new version but every time I "Download and Upgrade" it fails. I downloaded the upgrade and tried to manually upgrade and it failed too. After upgrade failure, the switch will not respond to its DHCP provided IP address until I ...
by TomSF
Sat Jun 20, 2020 5:54 pm
Forum: RouterOS beta
Topic: Upgrade issues
Replies: 3
Views: 2062

Re: Upgrade issues

I ran into another MIPSBE problem on a hAP ac running 7.0 beta 8. It has a virtual AP configured by capsman for use by my main printer. The printer associated with the virtual AP and got an IP address but nothing could communicate with it. The router couldn't even ping it. I had to downgrade the AP ...
by TomSF
Sat Jun 20, 2020 12:45 am
Forum: RouterOS beta
Topic: Upgrade issues
Replies: 3
Views: 2062

Re: Upgrade issues

Thanks for the info. I was able to leave the router at 6.47 and upgrade 5 of my 7 APs to 7.0 beta8. However, my two wAP ac APs became inoperable after upgrade. I have other MIPSBE APs that upgraded OK though. Outdoor APs with POE are not the easiest to work with but I was able to see that one was fl...
by TomSF
Fri Jun 19, 2020 5:51 pm
Forum: RouterOS beta
Topic: Upgrade issues
Replies: 3
Views: 2062

Upgrade issues

I ran into a lot of issues after upgrading my CCR1009 from R.47rc2 to v7.0 Beta 8 and had to downgrade back to R.47 to have a functional network. Here are the issues: - I expected the upgrade would use the same configuration as R.47 but it didn't. It used the default configuration as if I had reset ...
by TomSF
Mon Feb 24, 2020 7:37 pm
Forum: The Dude
Topic: Default User Name and Password for discovered devices
Replies: 0
Views: 4412

Default User Name and Password for discovered devices

Is there a way to change the default username and password for discovered devices? All the devices get set with username of admin and I am guessing a blank password since that is the factory default for Mikrotik. It is a real PITA to go to every Mikrotik device and change those.
by TomSF
Sun Feb 23, 2020 9:44 pm
Forum: The Dude
Topic: Network map not showing links
Replies: 3
Views: 5513

Re: Network map not showing links

I remember links getting added automatically and found the following sentences in Manual:The Dude v6/Links: "The Links pane shows all connections between devices that are shown on the map. New Links can be added on the map by clicking Add and then choosing Link. When using the Discovery interfa...
by TomSF
Sat Feb 22, 2020 10:11 pm
Forum: The Dude
Topic: Network map not showing links
Replies: 3
Views: 5513

Network map not showing links

Dude 6.46 Beta 35. I am not a regular user of Dude but played with it in the past and have seen its network maps with links between the devices. I now need a network map and cannot get Dude to layout the network well or show any links between devices. It just plops all discovered devices in a big pi...
by TomSF
Sat Feb 22, 2020 9:48 pm
Forum: The Dude
Topic: Dude 6.47beta35 flagged as trojan
Replies: 1
Views: 3660

Re: Dude 6.47beta35 flagged as trojan

MikroTik supports assured me the file is safe so I installed it.
by TomSF
Wed Feb 19, 2020 2:11 am
Forum: The Dude
Topic: Dude 6.47beta35 flagged as trojan
Replies: 1
Views: 3660

Dude 6.47beta35 flagged as trojan

I just downloaded the Dude client installation and Windows Defender flagged it as Trojan:Win32/Detplock. Has it been checked for a trojan and should I allow it to run?
by TomSF
Sat Feb 01, 2020 10:16 pm
Forum: General
Topic: Looking for simple way to detect ISP connection state changes
Replies: 5
Views: 2902

Re: Looking for simple way to detect ISP connection state changes

/system script set dont-require-permissions=yes was the explanation. Thanks.
by TomSF
Sat Feb 01, 2020 1:54 am
Forum: General
Topic: Looking for simple way to detect ISP connection state changes
Replies: 5
Views: 2902

Re: Looking for simple way to detect ISP connection state changes

Thanks for the example. Using it, and examples from the Manual, I came up with something that seems it should work but has a problem. Following the example in the manual I created two simple scripts; ISPup and ISPdown. The ISPdown script is: /log warning "ISP down", ISPup is: /Log warning ...
by TomSF
Thu Jan 30, 2020 7:50 pm
Forum: General
Topic: Looking for simple way to detect ISP connection state changes
Replies: 5
Views: 2902

Looking for simple way to detect ISP connection state changes

Having lots of ISP reliability problems. When WAN goes down, users have great wifi connections but no internet due to ISP going down. Is there a way to detect the WAN connection going down and back up? Ideally some notification would be sent, but I would settle for log entries.
by TomSF
Tue Aug 13, 2019 7:50 pm
Forum: Wireless Networking
Topic: Repeater/Extender not getting DNS responses
Replies: 5
Views: 3387

Re: Repeater/Extender not getting DNS responses

I thought I found the problem, but it seems to only solve it for Windows. The bridges created by Setup Repeater on the cAP had ARP disabled. Once ARP was enabled on both bridges things started working for both radios. I do not know how ARP got disabled on the cAP. I reset the cAP configuration to no...
by TomSF
Mon Aug 12, 2019 7:34 pm
Forum: Wireless Networking
Topic: Repeater/Extender not getting DNS responses
Replies: 5
Views: 3387

Re: Repeater/Extender not getting DNS responses

More additional information: Playing with the cAP only, I tried various mode settings on the 2G interface just to see what happened. I rescanned and reconnected to the hAP after each change. None resolved the problem. I then returned the mode setting to station pseudo bridge which is what the Setup ...
by TomSF
Mon Aug 12, 2019 12:12 am
Forum: Wireless Networking
Topic: Repeater/Extender not getting DNS responses
Replies: 5
Views: 3387

Re: Repeater/Extender not getting DNS responses

Additional information: I hard coded the DNS address of 8.8.8.8 in the wireless adapter and connected the client to the cAP. I already had firewall rules in the router to record who accesses external DNS servers and what servers were being accessed. Packet sniffer and the address lists verified that...
by TomSF
Sun Aug 11, 2019 6:24 pm
Forum: Wireless Networking
Topic: Repeater/Extender not getting DNS responses
Replies: 5
Views: 3387

Re: Repeater/Extender not getting DNS responses

Let's start with the hAP and cAP configurations. If needed I can post the router configurations but the problem doesn't seem to be with the router. Any client connecting directly to the hAP works fine. It is the client connecting to the cAP, which is an extender of the hAP, that do not get any DNS r...
by TomSF
Sun Aug 11, 2019 12:59 am
Forum: Wireless Networking
Topic: Repeater/Extender not getting DNS responses
Replies: 5
Views: 3387

Repeater/Extender not getting DNS responses

As an intro, I have read (and tried) pretty much all I could find on setting up a cAP ac as a repeater/extender, including watching lots of videos. Ignoring all the dead ends and issues, the closest I could come to success is by resetting the cAP to have no initial configuration and using the Setup ...
by TomSF
Mon Jun 24, 2019 7:42 pm
Forum: Wireless Networking
Topic: Interface list in caps-man access-list
Replies: 1
Views: 1338

Re: Interface list in caps-man access-list

To complete this thread, an interface list can be used in a capsman access list. This is fixed in 6.45beta62. Mikrotik support said the fix would eventually get added to the stable release.
by TomSF
Wed May 15, 2019 6:23 pm
Forum: Wireless Networking
Topic: Interface list in caps-man access-list
Replies: 1
Views: 1338

Interface list in caps-man access-list

I have a working access list with two entries to accept connections with strong enough signals and reject those that are too weak. They specify an interface of any. I know they work because, as I accidentally discovered, if the entry has a comment then the comment shows in the registration table. I ...
by TomSF
Fri Sep 28, 2018 5:10 pm
Forum: General
Topic: how to configure dns redirect to router's local server right in vlan interface? [SOLVED]
Replies: 13
Views: 5459

Re: how to configure dns redirect to router's local server right in vlan interface? [SOLVED]

True. In fact some devices seem to have Google server and OpenDNS addresses hard coded, such as Firestick, Roku stick and even iPad. They usually use the router DNS server but sometimes go to the Internet. I have firewall rules to log their IP addresses and destinations. In your case, you could crea...
by TomSF
Thu Sep 13, 2018 6:35 pm
Forum: Beginner Basics
Topic: ICMPV6 Type 1, codes 3 & 4 log entries?
Replies: 0
Views: 736

ICMPV6 Type 1, codes 3 & 4 log entries?

Router: CCR1009-7G-1C (tile) ROS: 6.42.7 Networks: 192.168.1.0/24 LAN 192.168.2.0/24 Guests Bridges: privateBridge - all router ports and wireless users associated with non-guest SSIDs guestBridge - wireless users associated wtih guest SSIDs Goal: All hosts to use the router DNS server. The router D...
by TomSF
Wed Sep 05, 2018 2:07 am
Forum: General
Topic: how to configure dns redirect to router's local server right in vlan interface? [SOLVED]
Replies: 13
Views: 5459

Re: how to configure dns redirect to router's local server right in vlan interface? [SOLVED]

Follow up to my post in case you decide to go that route. One more step is needed. After completing the DHCP Setup, go to the Networks tab of the DHCP window. Open the network just created and add a single DNS server being the same address as the gateway. I discovered that without it, the clients ar...
by TomSF
Mon Sep 03, 2018 7:40 pm
Forum: General
Topic: Wireless guest from Engenius AP
Replies: 2
Views: 1171

Re: Wireless guest from Engenius AP

That did it, thanks. I was making it more complicated than needed.
by TomSF
Mon Sep 03, 2018 12:28 am
Forum: General
Topic: Wireless guest from Engenius AP
Replies: 2
Views: 1171

Wireless guest from Engenius AP

I already know the best answer is to replace all APs with MikroTik and I have done that with 4 APs. I am happy with the guest network with the MikroTik APs, controlled by CAPsMAN, where guests are on one subnet and non-guests are on another. However, there is one remaining Engenius AP I am trying to...
by TomSF
Sun Sep 02, 2018 11:05 pm
Forum: General
Topic: how to configure dns redirect to router's local server right in vlan interface? [SOLVED]
Replies: 13
Views: 5459

Re: how to configure dns redirect to router's local server right in vlan interface? [SOLVED]

I am struggling with VLANs myself (which is how I found this thread) for a different reason but I too want to direct hosts to the local server for both IPV4 and IPV6. For IPV4 I do it through an IP DHCP server. Using the DHCP Setup button in Winbox, I put the server on the LAN bridge, defined the ad...
by TomSF
Sat Aug 25, 2018 9:16 pm
Forum: General
Topic: Wired Samsung TV, no Internet
Replies: 10
Views: 3891

Re: Wired Samsung TV, no Internet

The DHCP server lease information has MAC address and Active MAC address which might be related to what you mentioned. For the Samsung, they are both the same. Someday I might string a long cable from one of my other Samsung TV's to see if the problem is Samsung wide or just related to this model.
by TomSF
Fri Aug 24, 2018 10:46 pm
Forum: General
Topic: Wired Samsung TV, no Internet
Replies: 10
Views: 3891

Re: Wired Samsung TV, no Internet

I did not check the ARP tables before the change and can't see the tables on the TV but I did some more tests. I have confirmed that the key is the DHCP Server setting for add ARP for leases. It seems that this would be a desirable setting but with it enabled, the Samsung cannot get to the internet....
by TomSF
Fri Aug 24, 2018 7:01 pm
Forum: General
Topic: Wired Samsung TV, no Internet
Replies: 10
Views: 3891

Re: Wired Samsung TV, no Internet

I got the Samsung working! The following are the changes between a configuration that didn't work and one that does. In some cases, my action resulted in using default values for a parameter. I don't know which one(s) was the key one and would welcome any explanations or opinions. If desired, I can ...
by TomSF
Fri Aug 24, 2018 1:21 am
Forum: General
Topic: Wired Samsung TV, no Internet
Replies: 10
Views: 3891

Re: Wired Samsung TV, no Internet

To debug this problem, I started over. The cable to the router is on ether1 of the hAP. I disabled CAPsMAN manager on the router and factory reset the hAP into CAP mode. CAPsMAN had not provisioned the hAP. A wired Windows netbook could access the internet but the wired Samsung could not. It was the...
by TomSF
Thu Aug 23, 2018 12:13 am
Forum: General
Topic: Wired Samsung TV, no Internet
Replies: 10
Views: 3891

Re: Wired Samsung TV, no Internet

If you mean the Netgear, it connects to a single Ethernet port and connects to the wifi network so that a single wired-only device can communicate wirelessly. Using that, the Samsung accesses the Internet fine. What is odd is that the TV gets the same IP address, gateway and DNS server through the N...
by TomSF
Wed Aug 22, 2018 11:22 pm
Forum: General
Topic: Wired Samsung TV, no Internet
Replies: 10
Views: 3891

Wired Samsung TV, no Internet

I have an older Samsung smart TV with an Ethernet port. I bought a Netgear WNCE3001 universal wifi adapter which plugs into the Ethernet port and gets its power from a USB port. This has always worked well. I recently bought a hAP AC and placed it next to the TV, connected to a CCR1009-7G-1C-PC Clou...
by TomSF
Wed Aug 22, 2018 12:46 am
Forum: Wireless Networking
Topic: [Solved] CAPsMAN - WAP AC - 5GHz - No Supported Band - United States 3 [SOLVED]
Replies: 19
Views: 35359

Re: [Solved] CAPsMAN - WAP AC - 5GHz - No Supported Band - United States 3 [SOLVED]

Thanks for the clarification. It was the key that got provisioning automatically going to the right radios, since only 5g can have a and ac. I was able to manually force a provision to a radio but now it does it automatically when I just provision the CAP.
by TomSF
Wed Aug 22, 2018 12:26 am
Forum: Wireless Networking
Topic: [Solved] CAPsMAN - WAP AC - 5GHz - No Supported Band - United States 3 [SOLVED]
Replies: 19
Views: 35359

Re: [Solved] CAPsMAN - WAP AC - 5GHz - No Supported Band - United States 3 [SOLVED]

That seems reasonable; a 5g radio can't be set to 2.4g. I have separate channel specification for 5g (Band 5ghz-n/ac) and 2.4g (Band 2.4gh-g/n) and separate configurations for 5g and 2.4g. Because each radio has a master and slave (the slave is for guests), that implies 4 configuration; 2 for each f...
by TomSF
Tue Aug 21, 2018 10:25 pm
Forum: Wireless Networking
Topic: [Solved] CAPsMAN - WAP AC - 5GHz - No Supported Band - United States 3 [SOLVED]
Replies: 19
Views: 35359

Re: [Solved] CAPsMAN - WAP AC - 5GHz - No Supported Band - United States 3 [SOLVED]

I had similar problems but tried so many things that I am not sure what fixed it. I recommend starting all over by resetting the AP to CAPs mode. That clears out any configuration that might have been done manually and puts the device in bridge/ap mode. Ultimately, the only thing I configured manual...
by TomSF
Sun Aug 19, 2018 8:43 pm
Forum: General
Topic: Capsman forwarding not compatible with IPv6
Replies: 13
Views: 5296

Re: Capsman forwarding not compatible with IPv6

It is working now. Leaving out the 90% of things I tried that did not work, here is a summary of everything. Background: A simple home network with guest Wi-Fi clients isolated from non-guests for IPV4 and IPV6. The router is a MikroTik CCR1009-7G-1C, MikroTik AP is a RB962UiGS-5HacT2HnT (dual band)...
by TomSF
Sun Aug 19, 2018 7:29 pm
Forum: Wireless Networking
Topic: [Solved] CAPsMAN - WAP AC - 5GHz - No Supported Band - United States 3 [SOLVED]
Replies: 19
Views: 35359

Re: [Solved] CAPsMAN - WAP AC - 5GHz - No Supported Band - United States 3 [SOLVED]

Helpful. I was close but using the hardware supported modes per recommendation got deployment working correctly. BTW, I also have virtual APs for each radio for guests with guest SSIDs and separate security configurations. I duplicated each of the two configurations to specify those for a total of 4...
by TomSF
Wed Aug 08, 2018 2:12 am
Forum: General
Topic: Capsman forwarding not compatible with IPv6
Replies: 13
Views: 5296

Re: Capsman forwarding not compatible with IPv6

I have it sort of working through only router configurations; both guests and non-guests seem to have IPV6 connectivity. Basically, the capsmon configuration will add the guest wifi's to a guest bridge. Then the guest and non-guest bridges need to get the prefix delegated from my ISP. I am strugglin...
by TomSF
Mon Aug 06, 2018 11:02 pm
Forum: General
Topic: Capsman forwarding not compatible with IPv6
Replies: 13
Views: 5296

Re: Capsman forwarding not compatible with IPv6

This may be a stale thread but hopefully not. I am new at Mikrotik APs and CAPsMAN. I just bought a dual band AP to learn. This is a home network with an 8 port Microtik router, some non-Mikrotik APs and my new AP. I manually got the AP configured mostly functional and then reset it to be a CAP so I...
by TomSF
Fri Jul 13, 2018 12:02 am
Forum: General
Topic: IPv6 - Advertise router as DNS [SOLVED]
Replies: 19
Views: 26415

Re: IPv6 - Advertise router as DNS [SOLVED]

Replying to dksoft. It has been an adventure getting Win 10 to get the DNS address from the DHCPV6 server. One machine did it one time and then refused to get it again. I know there have been issues with Win 10 and IPV6 but I read that as of the Creator update (April 2017) it was supposed to support...
by TomSF
Tue Jul 03, 2018 10:55 pm
Forum: General
Topic: Detecting IPV4 SYN requests
Replies: 2
Views: 1053

Re: Detecting IPV4 SYN requests

Per the suggestion, I am testing a "new connection" rule right above the syn flag checking rule. So far it has caught everything. I will see if anything falls down to the default rule. The log entries look just like the syn checking and default rules; proto TCP (SYN). I did notice that it ...
by TomSF
Tue Jul 03, 2018 6:55 pm
Forum: General
Topic: Detecting IPV4 SYN requests
Replies: 2
Views: 1053

Detecting IPV4 SYN requests

I have a firewall rule to block any TCP connection attempts on the interface connected to the Internet. It does this by testing for a TCP SYN flag with all the other TCP flags explicitly set to the NOT condition. This rule works and if I turn on logging for it, the log shows only the SYN flag for th...
by TomSF
Mon Jun 18, 2018 2:12 am
Forum: General
Topic: LG dryer router solicitation invalid codes
Replies: 5
Views: 2862

Re: LG dryer router solicitation invalid codes

I enjoyed the comments. For whatever it might be worth, I also figured out the dryer also sends out ICMP type 135 (Neighbor Solicitation), code 0 packets without problems and it does not seem to send out any Router Solicitation packets other than codes 6 and 168.
by TomSF
Sun Jun 17, 2018 7:00 pm
Forum: General
Topic: LG dryer router solicitation invalid codes
Replies: 5
Views: 2862

LG dryer router solicitation invalid codes

I have a "smart" washer and dryer. When the dryer starts, I get radvd warnings that it received Router Solicitation packets with invalid code=6 or code=168. If have determined that they can come on either the input chain or forward chain. Not knowing what they are for I am tempted to block...
by TomSF
Tue Jun 27, 2017 2:17 am
Forum: General
Topic: TCP Flags with inverse
Replies: 3
Views: 2100

Re: TCP Flags with inverse

I have the same need and interpretation. Did you ever figure out if the interpretation is correct?