Search found 8 matches
- Sat Jul 22, 2017 6:50 pm
- Forum: Beginner Basics
- Topic: VPN is fast, but Internet traffic is slow
- Replies: 8
- Views: 2637
Re: VPN is fast, but Internet traffic is slow
I have maybe similar issue. 750Gr3, 6.39.2. IKEv2 IPsec. NAT. No fasttack firewall rules. OS X 10.12.6 native client. Connection is established normally, after some load, f.e. with speedtest.net from client, traffic stops completely (but OS X client continues to show that VPN is active). Only reconn...
- Fri Jul 21, 2017 6:25 pm
- Forum: General
- Topic: Overlapping Subnets on same router
- Replies: 4
- Views: 809
Re: Overlapping Subnets on same router
What is the current network topology? A, B, Main C, Main D - is a simple flat networks without router/gateway? And you plan to connect them to single router? If yes it is impossible to implement even with NAT.
- Fri Jul 21, 2017 2:00 pm
- Forum: General
- Topic: Feature Req: IKEv2 server and client
- Replies: 291
- Views: 88851
Re: Feature Req: IKEv2 server and client
Hi! Clarify me, please, interconnection between peer, policy and proposal in ROS during client (rw) connection to MikroTik. Which peer, policy and proposal is choosing during negotiations in phase1 and phase2 and by what criteria? What means parameters with comma separated values during negotiation ...
- Thu Jul 20, 2017 2:40 pm
- Forum: General
- Topic: firewall filter on ipsec, how to identify the IPSec intrfce
- Replies: 53
- Views: 28286
Re: firewall filter on ipsec, how to identify the IPSec intrfce
Hi! Testing IKEv2. ROS 6.39.2. Router ip: 1.1.1.1 Client ip: 2.2.2.2 (for this example, dynamic and unknown in real) Pool for clients: 192.168.7.20-192.168.7.50 /ip ipsec policy set 0 dst-address=192.168.7.0/24 src-address=0.0.0.0/0 /ip firewall filter ..... add action=accept chain=input dst-port=50...
- Tue Jul 18, 2017 4:02 pm
- Forum: Beginner Basics
- Topic: reset-configuration with run-after-reset not working
- Replies: 12
- Views: 7479
Re: reset-configuration with run-after-reset not working
pe1chl, thank you for the answer.
I've added ':delay 15s' at the top of rsc file and all works fine now.
I've added ':delay 15s' at the top of rsc file and all works fine now.
- Tue Jul 18, 2017 10:51 am
- Forum: Beginner Basics
- Topic: NAT/Firewall time-based rules
- Replies: 3
- Views: 1878
Re: NAT/Firewall time-based rules
ZeroByte, thank you for information. Regarding my task - I need to to allow internet access via NAT for some local PCs with private IPs within special absolute period of time. Not every day from 12:00 to 14:00 but f.e. from 18.07.2017 12:00 to 21.07.2017 14:00. IOS time-ranges allows me to do this: ...
- Mon Jul 17, 2017 8:21 pm
- Forum: Beginner Basics
- Topic: reset-configuration with run-after-reset not working
- Replies: 12
- Views: 7479
reset-configuration with run-after-reset not working
Hi! Version 6.39.2. RouterBOARD 750G r3.Trying: /system reset-configuration keep-users=yes no-defaults=yes skip-backup=yes run-after-reset=flash/my_export_7.rsc The configuration remains empty after this. The file flash/my_export_7.rsc was produced by /export file=flash/my_export_7. When I use /impo...
- Mon Jul 17, 2017 8:05 pm
- Forum: Beginner Basics
- Topic: NAT/Firewall time-based rules
- Replies: 3
- Views: 1878
NAT/Firewall time-based rules
Hi!
Newbie question - is there an IOS "time-range" analogue with absolute start/end datetime in RouterOS?
F.e. I need to NAT some local addresses from 17.07.2017 12:00 to 21.07.2017 14:00.
Thank you in advance.
Newbie question - is there an IOS "time-range" analogue with absolute start/end datetime in RouterOS?
F.e. I need to NAT some local addresses from 17.07.2017 12:00 to 21.07.2017 14:00.
Thank you in advance.