Community discussions

MUM Europe 2020

Search found 111 matches

by ChildOTK
Sat Oct 20, 2018 4:05 am
Forum: General
Topic: Severe Performance Drop RB3011 [SOLVED]
Replies: 33
Views: 2385

Re: Severe Performance Drop RB3011 [SOLVED]

Interesting update here...I upgraded to 6.43.4 today, still had the same issues. However this evening I decided to disable the IPv6 package (I don’t need it anyway) as I noticed in my export I had IPv6 firewall rules going on too. Rebooted the router, and tada! Mangle rules work just fine as before ...
by ChildOTK
Wed Oct 17, 2018 2:45 am
Forum: General
Topic: Severe Performance Drop RB3011 [SOLVED]
Replies: 33
Views: 2385

Re: Severe Performance Drop RB3011 [SOLVED]

I'll give that a try.

Another note, I reverted to simple queues and its working just fine. So I may just resort to that. I don't have a lot I need to do but I am able to do PCQ queues there too, and it works as I need it to.
by ChildOTK
Wed Oct 17, 2018 2:31 am
Forum: General
Topic: Severe Performance Drop RB3011 [SOLVED]
Replies: 33
Views: 2385

Re: Severe Performance Drop RB3011 [SOLVED]

Thanks Sindy.
by ChildOTK
Wed Oct 17, 2018 2:23 am
Forum: General
Topic: Severe Performance Drop RB3011 [SOLVED]
Replies: 33
Views: 2385

Re: Severe Performance Drop RB3011 [SOLVED]

Yes, both software and firmware are on the same version and both on the latest 6.43.2.
by ChildOTK
Wed Oct 17, 2018 2:06 am
Forum: General
Topic: Severe Performance Drop RB3011 [SOLVED]
Replies: 33
Views: 2385

Re: Severe Performance Drop RB3011 [SOLVED]

The layer 7 protocol was removed and the rule along with it, and that made no difference, just FYI.
by ChildOTK
Wed Oct 17, 2018 2:03 am
Forum: General
Topic: Severe Performance Drop RB3011 [SOLVED]
Replies: 33
Views: 2385

Re: Severe Performance Drop RB3011 [SOLVED]

The layer7 rule was there from testing in the past, I don't actually use that anymore although it is still in the system. I can certainly remove that. How would you recommend making changes to the rules right now? I enabled Fast Forward on the bridge and rebooted the router. I got better results (no...
by ChildOTK
Wed Oct 17, 2018 1:51 am
Forum: General
Topic: Severe Performance Drop RB3011 [SOLVED]
Replies: 33
Views: 2385

Re: Severe Performance Drop RB3011 [SOLVED]

I just caught that fast-forward was not enabled on my main bridge. I wonder if this is what is causing my problem. I'm going to try again with this on.
by ChildOTK
Wed Oct 17, 2018 1:43 am
Forum: General
Topic: Severe Performance Drop RB3011 [SOLVED]
Replies: 33
Views: 2385

Re: Severe Performance Drop RB3011 [SOLVED]

Here is my config with some bits and pieces removed but are not important or are sensitive information: # oct/16/2018 15:57:27 by RouterOS 6.43.2 # software id = REMOVED # # model = RouterBOARD 3011UiAS # serial number = REMOVED /interface bridge add admin-mac=REMOVED auto-mac=no comment=defconf nam...
by ChildOTK
Wed Oct 17, 2018 1:12 am
Forum: General
Topic: Severe Performance Drop RB3011 [SOLVED]
Replies: 33
Views: 2385

Re: Severe Performance Drop RB3011 [SOLVED]

The queues are essentially useless without the mangle as the queue is looking for packets with a certain mark to initiate it's job. So yes, I would completely agree, useless.
by ChildOTK
Tue Oct 16, 2018 11:54 pm
Forum: General
Topic: Severe Performance Drop RB3011 [SOLVED]
Replies: 33
Views: 2385

Re: Severe Performance Drop RB3011 [SOLVED]

EDIT: Verbiage updated. Thanks! I've already tried that actually. Disabling the queues and enabling even just one mangle rule, bandwidth drops substantially. Disabling all mangle rules and leaving all the queues on, full bandwidth. I will work to get the full configuration on here as I understand th...
by ChildOTK
Tue Oct 16, 2018 11:08 pm
Forum: General
Topic: Severe Performance Drop RB3011 [SOLVED]
Replies: 33
Views: 2385

Re: Severe Performance Drop RB3011 [SOLVED]

Another note here, I have tried different mangle rules by first marking the new connections from and to these address lists, and then marking the connections with the packet marks, its no different.
by ChildOTK
Tue Oct 16, 2018 11:06 pm
Forum: General
Topic: Severe Performance Drop RB3011 [SOLVED]
Replies: 33
Views: 2385

Re: Severe Performance Drop RB3011 [SOLVED]

Sorry for the delay with this guys. So here is what I have: /ip firewall address-list add address=172.31.0.0/24 list=Public-WiFI add address=172.31.1.0/24 list=Public-WiFI The Mangle Rules: /ip firewall mangle add action=mark-packet chain=prerouting new-packet-mark="Public-WiFi Upload" passthrough=n...
by ChildOTK
Sat Oct 13, 2018 6:19 am
Forum: General
Topic: Severe Performance Drop RB3011 [SOLVED]
Replies: 33
Views: 2385

Re: Severe Performance Drop RB3011 [SOLVED]

I think i’m just going to have to do a factory reset and start over.
by ChildOTK
Sat Oct 13, 2018 6:18 am
Forum: General
Topic: Severe Performance Drop RB3011 [SOLVED]
Replies: 33
Views: 2385

Re: Severe Performance Drop RB3011 [SOLVED]

That is exactly my point. Adding one simple mangle rule throws everything off.

I’ve had better results using an older 450G! Although I did use Simple Queues back then.

Something just isn’t right but I can’t put my finger on it. CPU usage never really goes above 30%.
by ChildOTK
Sat Oct 13, 2018 4:08 am
Forum: General
Topic: Severe Performance Drop RB3011 [SOLVED]
Replies: 33
Views: 2385

Re: Severe Performance Drop RB3011 [SOLVED]

I've had my eye on the 4011, sadly it's not quite available just yet.
by ChildOTK
Fri Oct 12, 2018 10:17 pm
Forum: General
Topic: Severe Performance Drop RB3011 [SOLVED]
Replies: 33
Views: 2385

Re: Severe Performance Drop RB3011 [SOLVED]

What would you suggest? Going off of MikroTik's test results I figured the 3011 would be more than sufficient: Their test in routing with 25 ip filter rules shows a result of 2,453.1 Mbps. Granted, this is not with queuing. But is queuing really this hard on the available horsepower? Would Simple Qu...
by ChildOTK
Fri Oct 12, 2018 8:46 pm
Forum: General
Topic: Severe Performance Drop RB3011 [SOLVED]
Replies: 33
Views: 2385

Re: Severe Performance Drop RB3011 [SOLVED]

Thank you Sindy. I will take a look at that and do some testing. I'm still not sure though why the performance is dropping so badly. CPU usage is not above 30% during that test. Even if the CPU was processing all those packets, there is plenty of processing power available. I would expect slow downs...
by ChildOTK
Fri Oct 12, 2018 3:15 pm
Forum: General
Topic: Severe Performance Drop RB3011 [SOLVED]
Replies: 33
Views: 2385

Re: Severe Performance Drop RB3011 [SOLVED]

The test is SpeedTest.net. I’m not sure if they are UDP or TCP. Regardless of this though, the latency doesn’t change when I enable/disable the mangle rules (we’re only talking about less than 10 of them in total). Latency remains real well at about 9-14ms depending on the test. Overall throughout c...
by ChildOTK
Fri Oct 12, 2018 6:58 am
Forum: General
Topic: Severe Performance Drop RB3011 [SOLVED]
Replies: 33
Views: 2385

Severe Performance Drop RB3011 [SOLVED]

I have a RB3011 in a location with Cable Internet. We just had the location upgraded from 300mbit download and 20mbit upload to 400mbit download and 20mbit upload. Only the download speed was upgraded. Over recent weeks I have done periodic speed tests and hit about 120mbit over WiFi. In past times ...
by ChildOTK
Mon Aug 13, 2018 2:11 am
Forum: General
Topic: Active Directory over site-to-site
Replies: 0
Views: 300

Active Directory over site-to-site

Good Evening All, What would be the right method to....relay?...forward?...pass?...Active Directory over a site-to-site VPN? Essentially, we have our primary location with an Active Directory domain, and are getting a second physical location where we would like to have a VPN established from locati...
by ChildOTK
Wed Aug 01, 2018 11:10 pm
Forum: General
Topic: mAP 2nD for travel
Replies: 0
Views: 264

mAP 2nD for travel

Good Day, I have read several posts regarding the use of the MikroTik mAP 2nD while traveling. I ended up buying one and have been trying to set this up. I have it working where ether1 gets a 192.168.99.0/24 network while ether2 retains the default 192.168.88.0/24 network. I removed wlan1 from the b...
by ChildOTK
Wed Jul 18, 2018 11:35 pm
Forum: Wireless Networking
Topic: Mikrotik CAP AC Performance Review
Replies: 45
Views: 20183

Re: Mikrotik CAP AC Performance Review

Hello Everyone, I wanted to post some input on this issue. I just received my cAP AC unit a couple days ago and unfortunately haven't had much time to play with it. However, I noticed right off the bat, the same performance issues as most of you are mentioning in this post. I too hover around 30-35m...
by ChildOTK
Thu Jul 12, 2018 9:21 pm
Forum: Scripting
Topic: Print commands to Webhook
Replies: 2
Views: 739

Re: Print commands to Webhook

Of course you can add more data to the script, but the whole thing is needing to run commands to fetch data and then you can use it.
by ChildOTK
Thu Jul 12, 2018 9:19 pm
Forum: Scripting
Topic: Print commands to Webhook
Replies: 2
Views: 739

Re: Print commands to Webhook

I think if you make this part of a script and do something like: # Get our information :local deviceName [/system identity get name] # Build the POST data :set $data "deviceName=$deviceName&somethingElse=\"something%20else\""; # Send the data /tool fetch mode=https url="https://xxxx" http-method=pos...
by ChildOTK
Fri Apr 06, 2018 12:04 am
Forum: RouterBOARD hardware
Topic: Repairability
Replies: 3
Views: 727

Repairability

I have a CCR and a couple 24 port switches that were unfortunately victims of a power spike as a result of lightning. The equipment still works but random Ethernet ports do not work. The cable modem from our provider, for example, all 4 Ethernet ports were fried. The one port on our CCR that was con...
by ChildOTK
Tue Mar 14, 2017 9:01 pm
Forum: RouterBOARD hardware
Topic: DHCP Server Invalid with base configuration
Replies: 5
Views: 1987

Re: DHCP Server Invalid with base configuration

I thought I tried that before and it didn't work. I just went as far as re flashing the CCR with net install, and had the same problem. Finally I did end up doing what you suggested as well as plugging in a cable to ether2 (but I bet you simply adding the IP to ether2 was it) and now it's all workin...
by ChildOTK
Tue Mar 14, 2017 8:14 pm
Forum: RouterBOARD hardware
Topic: DHCP Server Invalid with base configuration
Replies: 5
Views: 1987

Re: DHCP Server Invalid with base configuration

As I mentioned it is as simple as simple can be, the router is reset to defaults, and all I did was add a DHCP server, here is what I end up with: # jan/02/2002 01:25:22 by RouterOS 6.38.5 /ip dhcp-server add disabled=no interface=ether2 name=server1 /tool user-manager customer set admin access=own-...
by ChildOTK
Mon Mar 13, 2017 1:37 am
Forum: RouterBOARD hardware
Topic: DHCP Server Invalid with base configuration
Replies: 5
Views: 1987

DHCP Server Invalid with base configuration

I have a CCR1016-12G which I am trying to setup, for now in a super simple form. But something is wrong. I have a second CCR1016-12G which is working just fine. Here is a very simple task I just performed, and am at a loss as to what is going on: - I reset the router back to default configuration, t...
by ChildOTK
Tue Oct 04, 2016 4:56 am
Forum: General
Topic: L2TP 100% CPU Usage
Replies: 0
Views: 660

L2TP 100% CPU Usage

I am having an issue with my RB450G and using a L2TP based VPN connection to another Mikrotik, or even other manufacturers. I can connect a L2TP based VPN no problem, doing minor things like a SSH session to a server, or loading simple web pages does okay. But the moment any larger amounts of data r...
by ChildOTK
Fri Sep 09, 2016 9:08 pm
Forum: General
Topic: Faulty Hardware?
Replies: 2
Views: 411

Faulty Hardware?

I have a CCR1016-12G at a location which we just replaced a RB450G with. We are having strange issues and I am trying to figure out if it is coincidence that the ISP is having an issue, or if it is indeed a faulty router. Basically, we have CenturyLink as a provider of, currently, a 40mbit/20mbit co...
by ChildOTK
Mon Aug 29, 2016 12:28 am
Forum: General
Topic: Equipment Recommendation
Replies: 1
Views: 366

Equipment Recommendation

Good Day All, I presently have a RB450G which I've been using on a 50mbit/5mbit connection, with basic firewall rules for protection, but I had simple queues setup for each IP in my DHCP pool (which was about 153 queues) doing simple bandwidth restrictions. I just this last week got my connection up...
by ChildOTK
Thu Aug 25, 2016 10:48 pm
Forum: General
Topic: RouterOS as L2TP Client for Meraki Client VPN
Replies: 7
Views: 3264

Re: RouterOS as L2TP Client for Meraki Client VPN

I am not sure if you are still having an issue with this, but I finally got my Mikrotik RB450G to connect to a Meraki L2TP based VPN, I found a page which provided all the proposal and policy settings required for this to work: https://documentation.meraki.com/MX-Z/Site-to-site_VPN/Troubleshooting_N...
by ChildOTK
Thu Jul 28, 2016 5:17 pm
Forum: General
Topic: 6.36 DNS Issues
Replies: 2
Views: 563

6.36 DNS Issues

Good Day All, Has anybody else been experiencing a strange issue which appears to have started with 6.36, where random websites will suddenly not resolve DNS and show as a domain not found? There may be an issue with the DNS Server I use, Google's 8.8.8.8 and 8.8.4.4, but it may not. It literally st...
by ChildOTK
Sat Jul 09, 2016 5:01 am
Forum: General
Topic: VoIP calls terminating
Replies: 1
Views: 394

VoIP calls terminating

Good Day All, We have a RB450G with a Raspberry Pi powered, Asterisk based PBX. We are using Broadvoice for our SIP trunking. We have an issue where after a few days, very sporadically, within a couple days, sometimes as long as a couple weeks....the issue is that outgoing calls for some reason get ...
by ChildOTK
Tue Jun 21, 2016 12:53 am
Forum: General
Topic: IKEv2
Replies: 1
Views: 2394

IKEv2

Good Day, Doing some research, it appears IKEv2 is still not available in Router OS. There is talk of it in RouteOS 7 from what I have seen, but there still appears to be no news of even a beta of RouterOS 7. Does anybody have any ideas on how one could implement IKEv2 amidst using a Mikrotik Router...
by ChildOTK
Thu Feb 04, 2016 6:12 pm
Forum: Wireless Networking
Topic: RB921UAGS-5SHPacT-NM as AP
Replies: 2
Views: 889

RB921UAGS-5SHPacT-NM as AP

Good Day All, I ordered a RB921UAGS-5SHPacT-NM yesterday but then cancelled the order due to potential issues with the antenna situation. I am looking to use a RB921UAGS-5SHPacT-NM as a home based access point in conjunction with my RB450G which I have for my core router. Right now I have an EnGeniu...
by ChildOTK
Tue Feb 02, 2016 5:59 pm
Forum: Wireless Networking
Topic: Equipment Recommendation
Replies: 3
Views: 779

Equipment Recommendation

Good Day All, I currently have an EnGenius ECB600 wireless AP which supports up to 16 SSIDs, 8 for each respective band. As well as VLAN tagging for each respective SSID. I know with RouterOS based products the VLAN tagging is not an issue. I am looking to replace my ECB600 with something better and...
by ChildOTK
Tue Dec 15, 2015 7:15 am
Forum: Scripting
Topic: Karma Hotspot
Replies: 1
Views: 574

Karma Hotspot

Good Day All, Is it possible to have RouterOS by some means of a script, or perhaps another idea, to automatically login to a Karma hotspot? You may have heard of the new hotspot called "Karma", their site is www.yourkarma.com, they have a mobile hotspot which is meant to be shared by other people, ...
by ChildOTK
Wed Dec 09, 2015 7:31 pm
Forum: Scripting
Topic: HTTP POST
Replies: 3
Views: 1346

HTTP POST

Good Day All,

Is it possible to perform an HTTP POST from a scheduled script which one can run, every hour, for example?

Thanks.
by ChildOTK
Wed Dec 24, 2014 4:57 am
Forum: General
Topic: VLAN Engenius ECB600
Replies: 0
Views: 556

VLAN Engenius ECB600

Good Day All, I am having some issues and have been trying for hours now to resolve the issue...any help will be greatly appreciated! So I have an Engenius ECB600 and a RB450G. I am trying to take advantage of the ECB600's ability to have 8 SSID's on both the 2.4GHz and 5GHz sides on different VLAN'...
by ChildOTK
Wed Oct 09, 2013 8:47 pm
Forum: General
Topic: RB450G / Comcast Modem
Replies: 1
Views: 655

RB450G / Comcast Modem

Good Day Everybody, I am having an issue with a RB450G and a Comcast Modem. The modem has built in DHCP so if you plug devices in directly there is at least some kind of internet connection. The modem is also setup to route specific IP's which we have 5 static IP addresses. Assuming the modem itself...
by ChildOTK
Thu Sep 26, 2013 8:47 pm
Forum: General
Topic: IPSec 6.4 MT to MT
Replies: 3
Views: 694

Re: IPSec 6.4 MT to MT

Yup, had tunnel mode on. I'll checkout the tutorial and IP-IP Tunnels. Thanks.
by ChildOTK
Thu Sep 26, 2013 11:03 am
Forum: General
Topic: IPSec 6.4 MT to MT
Replies: 3
Views: 694

IPSec 6.4 MT to MT

Good Day, I am trying to setup an IPSec VPN between two RB450Gs running RouterOS 6.4 on both routers. I am in the same physical location but have assigned each router a different WAN IP address on the internet, and have different networks within each router, 10.0.0.0/24 and 10.0.2.0/24. Both routers...
by ChildOTK
Fri Jun 28, 2013 1:12 am
Forum: General
Topic: PCQ Throttling / Level 7 QoS
Replies: 0
Views: 802

PCQ Throttling / Level 7 QoS

Good Day, I have been using simple mangle rules for a while now marking packets which meet certain criteria to determine if a user is from a certain subnet. We have networks broken down like this for example: 10.10.10.0/24 10.10.11.0/24 10.10.12.0/24 10.10.13.0/24 10.10.14.0/24 10.10.15.0/24 So I ha...
by ChildOTK
Thu Apr 25, 2013 6:21 pm
Forum: General
Topic: Network Switch
Replies: 0
Views: 306

Network Switch

Good Day All, Is there a solution for a Mikrotik RouterOS powered network switch with say 12 gigabit network ports, but, also with a gbit fiber connector? We are looking to replace super old networking switches, mostly we have Nortal Baystack 450s, 24 ports, a couple of them are stacked for 48 ports...
by ChildOTK
Tue Apr 09, 2013 11:57 pm
Forum: Beginner Basics
Topic: PCQ and QoS
Replies: 0
Views: 611

PCQ and QoS

Good Day All, I have setup a system using an older Dell server we had lying around, installed RouterOS 5.4 and purchased a license. We have a 500Mbit asynchronous fiber connection coming in to our headquarters building, in to a juniper firewall and Palo Alto appliance we are using for content filter...
by ChildOTK
Mon Apr 08, 2013 10:42 pm
Forum: General
Topic: Dell Servers SCSI / SAS Drivers
Replies: 0
Views: 417

Dell Servers SCSI / SAS Drivers

Good Day, I was reading through the forum and noticed that some people have been able to install and run RouterOS on Dell servers. One I found specifically mentioned a 2950. I am currently running RouterOS installed on a USB Drive, and everything is working great. However, we would like to install R...
by ChildOTK
Fri Apr 05, 2013 5:49 pm
Forum: General
Topic: DHCP & Scopes
Replies: 1
Views: 526

DHCP & Scopes

Good Day, We presently have a windows server based system which takes care of our DNS & DHCP, we have different VLAN's setup which our switches take care of, so different buildings of our campus are on different sets of IP Addresses, like 10.10.10.0/24, 10.10.20.0/24, 10.10.30.0/24 etc. RIght now th...
by ChildOTK
Fri Apr 05, 2013 12:40 am
Forum: Beginner Basics
Topic: Installed
Replies: 2
Views: 519

Installed

Hey All, So I installed and got running an installation of RouterOS from a Flash Drive, and now need this moved to an actual hard drive. How would I do this? I have purchased a license so it is running live on the USB Drive right now. But need to get the system running on a permanent hard drive. Tha...
by ChildOTK
Thu Apr 04, 2013 12:21 am
Forum: Beginner Basics
Topic: Simple Queues
Replies: 1
Views: 497

Simple Queues

Good Day, I am messing around with simple queues and have a question. Let's say I setup a simple queue like this: Target Address: 192.168.0.0/24 Max Limits: 2M/10M Does this mean that the entire subnet share's 10M, so if one is downloading at 5M another user has 5M left to use, or does this give eac...
by ChildOTK
Wed Apr 03, 2013 9:44 pm
Forum: General
Topic: Queues and 500MBit async connection
Replies: 4
Views: 722

Re: Queues and 500MBit async connection

Makes sense...I will do some testing and see if this is really a good choice or not...thanks for your input.
by ChildOTK
Wed Apr 03, 2013 6:40 pm
Forum: General
Topic: Queues and 500MBit async connection
Replies: 4
Views: 722

Re: Queues and 500MBit async connection

We have a dedicated Juniper firewall as well as a Palo Alto device partly acting as a firewall as well as our URL / Content filter. Our campus is broken up in to a bunch of VLANs, so single men and single women each on their own, our family housing on another, our admin buildings make up several VLA...
by ChildOTK
Wed Apr 03, 2013 5:40 pm
Forum: General
Topic: Queues and 500MBit async connection
Replies: 4
Views: 722

Queues and 500MBit async connection

Good Day All, I have an older Dell server of the following spec: 2GB RAM 2 x Dual Core 1.6GHz Xeon Processors I am currently running RouterOS 5.4 on a flash drive, but would like to get this installed to a physical drive. Only issue is that it is a SAS drive, so I can't just hook it up to another ma...
by ChildOTK
Tue Nov 20, 2012 6:21 pm
Forum: Wireless Networking
Topic: WISP Licensing / Needs
Replies: 0
Views: 517

WISP Licensing / Needs

Good Day, I am looking in to setting up a wireless hotspot for an old historic downtown area. The location is in Texas. What should one look for to make sure all the legalities are met? For example, do I need a license to run a hotspot in Texas? Can anybody recommend a good internet service provider...
by ChildOTK
Fri Apr 27, 2012 6:12 pm
Forum: General
Topic: Good Firewall Alternative?
Replies: 5
Views: 1565

Re: Good Firewall Alternative?

Greg,

Thank you for the information. I will do some research and see what I can find :) Enterprise stuff is really expensive...if we can go cheaper with Mikrotik based solutions and it works, then hey, why not, right?

Thanks!
by ChildOTK
Thu Apr 12, 2012 11:35 pm
Forum: General
Topic: Good Firewall Alternative?
Replies: 5
Views: 1565

Good Firewall Alternative?

Good Day All, We are getting a new internet connection for our schools campus of 500Mbit (Both up and down so total of 1GBps). We presently use a Juniper Firewall Appliance capable of 200Mbit. Needless to say these firewalls are thousands and thousands of dollars, and I am wondering if a Mikrotik po...
by ChildOTK
Wed Feb 29, 2012 10:12 pm
Forum: General
Topic: XBox Live - NAT Type Strict
Replies: 24
Views: 15631

Re: XBox Live - NAT Type Strict

Okay, thanks. I will set that up then and give it another try.
by ChildOTK
Wed Feb 29, 2012 9:25 pm
Forum: General
Topic: XBox Live - NAT Type Strict
Replies: 24
Views: 15631

Re: XBox Live - NAT Type Strict

I did try before but I don't think I had any NAT rules with it. uPNP is currently off..

How should I go about enabling uPNP? Like would ether1 be my 'outside' interface and wlan1 my internal?
by ChildOTK
Wed Feb 29, 2012 8:37 pm
Forum: General
Topic: XBox Live - NAT Type Strict
Replies: 24
Views: 15631

Re: XBox Live - NAT Type Strict

These are my latest NAT rules: Flags: X - disabled, I - invalid, D - dynamic 0 ;;; XBox Live chain=dstnat action=dst-nat to-addresses=192.168.60.15 protocol=udp dst-address-type="" in-interface=ether1 dst-port=3074 1 ;;; XBox Live chain=dstnat action=dst-nat to-addresses=192.168.60.15 protocol=tcp i...
by ChildOTK
Wed Feb 29, 2012 8:35 pm
Forum: General
Topic: XBox Live - NAT Type Strict
Replies: 24
Views: 15631

Re: XBox Live - NAT Type Strict

Okay, so i've tried this now on my XBox and still have Strict NAT. Checking the NAT rules I still see no traffic on them. 0 bytes and 0 packets.

Am I missing something? With the previous rule set I had the same thing and only the rule for port 80 showed packets. But why not the rest?
by ChildOTK
Wed Feb 29, 2012 5:53 pm
Forum: General
Topic: XBox Live - NAT Type Strict
Replies: 24
Views: 15631

Re: XBox Live - NAT Type Strict

Oh wow, I didn't pick that up! I'm sorry..I have redone the rules and will try again..thank you!
by ChildOTK
Wed Feb 29, 2012 5:28 am
Forum: General
Topic: XBox Live - NAT Type Strict
Replies: 24
Views: 15631

Re: XBox Live - NAT Type Strict

In testing on my XBox I still get strict NAT and only rule 9 shows movement.
chain=dstnat action=dst-nat to-addresses=192.168.60.15 protocol=tcp in-interface=ether1 dst-port=80
I moved the rules to the top and tried again, same result. I don't get it.
by ChildOTK
Wed Feb 29, 2012 12:47 am
Forum: General
Topic: XBox Live - NAT Type Strict
Replies: 24
Views: 15631

Re: XBox Live - NAT Type Strict

Thanks for your help...so now I have: Flags: X - disabled, I - invalid, D - dynamic 0 X ;;; place hotspot rules here chain=unused-hs-chain action=passthrough to-addresses=0.0.0.0 1 X chain=dstnat action=dst-nat to-addresses=192.168.0.253 protocol=tcp src-address=10.10.10.175 dst-address=10.10.51.55 ...
by ChildOTK
Wed Feb 29, 2012 12:07 am
Forum: General
Topic: XBox Live - NAT Type Strict
Replies: 24
Views: 15631

Re: XBox Live - NAT Type Strict

Sorry, about that..

I do not have any filter rules setup..
by ChildOTK
Tue Feb 28, 2012 11:48 pm
Forum: General
Topic: XBox Live - NAT Type Strict
Replies: 24
Views: 15631

Re: XBox Live - NAT Type Strict

Sure, this is what I have setup right now: 0 X ;;; place hotspot rules here chain=unused-hs-chain action=passthrough to-addresses=0.0.0.0 1 X chain=dstnat action=dst-nat to-addresses=192.168.0.253 protocol=tcp src-address=10.10.10.175 dst-address=10.10.51.55 in-interface=ether1 2 X chain=dstnat acti...
by ChildOTK
Tue Feb 28, 2012 11:16 pm
Forum: General
Topic: XBox Live - NAT Type Strict
Replies: 24
Views: 15631

Re: XBox Live - NAT Type Strict

Okay, so this didn't work for me... I tried moving the rules up and down in order in Winbox, and noticed that the amount of packets and bytes that these rules processed was 0. So they were not doing anything. My WAN interface is ether1, which is connected to the wall in my apartment. I stay on a sch...
by ChildOTK
Tue Feb 28, 2012 6:53 pm
Forum: General
Topic: XBox Live - NAT Type Strict
Replies: 24
Views: 15631

Re: XBox Live - NAT Type Strict

Thank you so much. I will try those and see what happens.
by ChildOTK
Tue Feb 28, 2012 5:07 am
Forum: General
Topic: XBox Live - NAT Type Strict
Replies: 24
Views: 15631

XBox Live - NAT Type Strict

Good Day, I have a Routerboard 600 and am trying to get my XBox NAT Type away from "Strict". I have done some reading and tried different dst-nat rules and have not had success. Tried also enabling upnp but also had no success. Does anybody have a good guide on how to get this working properly. The ...
by ChildOTK
Fri Dec 30, 2011 9:00 am
Forum: General
Topic: Linksys / Cisco RVS4000 VPN
Replies: 1
Views: 1433

Linksys / Cisco RVS4000 VPN

Good Day All,

I am trying to get my Routerboard to connect to another location's VPN which is run by a Linksys / Cisco RVS4000 unit. I believe the VPN is using IPSec.

I am having a hard time getting this setup and functional. Could anybody please help me?

Thank you!
by ChildOTK
Thu Dec 15, 2011 5:38 pm
Forum: General
Topic: Packet Shaping
Replies: 18
Views: 2832

Re: Packet Shaping

Thanks for the response guys... The biggest thing we do with our current packet shaper is we limit each IP Address to say 2Mbit. I know RouterOS can do this with queues, although I am not highly experienced with this. I have played with "queueing" an entire interface but not specific to IP / MAC add...
by ChildOTK
Wed Dec 14, 2011 10:38 pm
Forum: General
Topic: Packet Shaping
Replies: 18
Views: 2832

Packet Shaping

Good Day, What equipment would be required to packet shape a connection up to 500Mbps? We currently have a 100Mbps wireless connection coming into our campus and are looking to upgrade to a fiber based line, and possible have up to 500Mbps of bandwidth. We use a Blue Coat Packet Shaper at present, b...
by ChildOTK
Sat Dec 10, 2011 12:43 am
Forum: General
Topic: URL Filtering
Replies: 1
Views: 797

URL Filtering

Good Day, Is it possible to setup a system with RouterOS and use the hotspot feature to make users login, and be able to firstly track what URLs they go to, and secondly to block certain URLs? For example, BrightCloud has a system where URLs are classified into certain categories, we'd like to block...
by ChildOTK
Thu Aug 07, 2008 6:32 pm
Forum: Wireless Networking
Topic: Wireless MAC Authentication - RADIUS
Replies: 1
Views: 1231

Wireless MAC Authentication - RADIUS

Hi All, I currently have a RB600A setup with a R52H and a nice high db gain omni antenna. I am playing around with the RADIUS options for authentication. Currently I have the DHCP server on the wlan1 device setup and working lovely with the user-manager database. I have enabled the 'wireless' servic...
by ChildOTK
Tue Aug 05, 2008 6:16 pm
Forum: General
Topic: A workable solution?
Replies: 3
Views: 740

Re: A workable solution?

Thanks for your reply.

Ok, so, We have a DS3 (45MB up and 45MB down), will a RB1000 be able to handle this efficiently? Would you recomend we keep our current Windows 2003 server to be the DHCP server but working with the RB1000's RADIUS server? Or will it all be ok to put on the RB1000?

Thanks.
by ChildOTK
Fri Aug 01, 2008 6:50 pm
Forum: General
Topic: A workable solution?
Replies: 3
Views: 740

A workable solution?

Hi All, Currently our network is setup to have one main Windows Server 2003 DHCP Server, which links up through a WatchGuard Firebox Firewall, and from there goes through our DS3's Router. From the Windows Server coming back internal to the network, we have our core switches, which from there optica...
by ChildOTK
Thu Jul 03, 2008 9:40 pm
Forum: Wireless Networking
Topic: Campus wide hotspot
Replies: 3
Views: 1123

Re: Campus wide hotspot

Thanks, appreciated.
by ChildOTK
Thu Jul 03, 2008 4:43 pm
Forum: Wireless Networking
Topic: Campus wide hotspot
Replies: 3
Views: 1123

Re: Campus wide hotspot

Does anybody know if this will work...let me explain in an example... Lets say I have enough hot spots covering the campus area, and all hot spots use the same SSID. I drive around the campus sitting with a laptop in my lap connected wirelessly to the hot spot system, is it possible to use all these...
by ChildOTK
Wed Jul 02, 2008 6:24 pm
Forum: Wireless Networking
Topic: Campus wide hotspot
Replies: 3
Views: 1123

Campus wide hotspot

Good Day All, I am working together with the network administrator of a college's campus. There are many staff and students and alumni who stay on campus. We have around 80 acres which we would like to cover wirelessly. For test purposes I am looking at purchasing the RouterBOARD 600, with an enclos...
by ChildOTK
Sat Aug 04, 2007 11:21 am
Forum: Scripting
Topic: Remote shutdown
Replies: 4
Views: 4428

Re: Remote shutdown

Unfortunatally not one of those, its a Mecer UPS, 2KVa, I think they name it the Blazer 2000.

On windows and linux they use the Winpower software to monitor their UPSs.
by ChildOTK
Sat Aug 04, 2007 12:40 am
Forum: Scripting
Topic: Remote shutdown
Replies: 4
Views: 4428

Remote shutdown

Hi guys, I have a UPS coupled to a CentOS Linux Firewall / Webserver, which is on the same network as my RouterOS server. The two boxes are right next to each other actually. Now, the UPS only has 1 serial connector and at present is connected to the Linux Weberver. Is there a way one can remotely s...
by ChildOTK
Wed Aug 01, 2007 1:47 pm
Forum: General
Topic: Blocking Sites
Replies: 6
Views: 924

Re: Blocking Sites

Ok, I was using webproxy, will give the other one a bash. Thanks for your help. Its appreciated.
by ChildOTK
Wed Aug 01, 2007 12:48 pm
Forum: General
Topic: Blocking Sites
Replies: 6
Views: 924

Re: Blocking Sites

Yeah, sorry, I am at fault there, I saw that after I had read the posts you linked to, when I went back to main.

So thanks for that. I have got it working, but now my clients are complaining that the internet is slow, do you maybe know what the possible cause for this may be?
by ChildOTK
Mon Jul 30, 2007 7:51 pm
Forum: General
Topic: Blocking Sites
Replies: 6
Views: 924

Re: Blocking Sites

Thanks for the friendly reply cholegm
by ChildOTK
Sat Jul 28, 2007 3:06 pm
Forum: General
Topic: Blocking Sites
Replies: 6
Views: 924

Blocking Sites

Hi guys, What is the best way to filter out different URLs for users operating on a PPPoE basis? I have a few clients connected, all of them use PPPoE to dial into the server, and then get routed out. I have heard the better way is through the proxy, but can one proxy pppoe sessions? How will I do t...
by ChildOTK
Thu Jul 05, 2007 2:50 pm
Forum: General
Topic: 9Dragons and RouterOS
Replies: 1
Views: 621

9Dragons and RouterOS

Hi all, I am having a slight issue and my customers are obviously not very happy. This happens on all the computers that are trying to play the game '9Dragons', only this game, nothing else, when they play the game after a few minutes their PPPoE sessions disconnects, and obvisouly they lose connect...
by ChildOTK
Sat Jun 09, 2007 10:51 am
Forum: General
Topic: Blocking Certain Websites
Replies: 3
Views: 892

Re: Blocking Certain Websites

Hi guys, I am having a slight problem here. At present I have blocked certain websites, but the way in which I have set it up, it is blocking all my clients. Is there a way to block a certain client from their mac address? I have places in a rule like ive done before, which would block everybody, bu...
by ChildOTK
Sun Jun 03, 2007 12:34 am
Forum: The User Manager
Topic: how to Backup userman configuration
Replies: 9
Views: 10297

Re: how to Backup userman configuration

Hey Guys, I dont know if your problem still exists, I also got the same errors while using the /tool user-manager export command. Now, I have come to a solution, what I did is, /tool user-manager router export file=router I did this for each 'section' or user-manager, i.e. customer, user, and router...
by ChildOTK
Tue May 29, 2007 2:08 pm
Forum: General
Topic: Blocking Certain Websites
Replies: 3
Views: 892

Re: Blocking Certain Websites

Hey it helps to check around the forum a bit. lol.

I found my solution.
by ChildOTK
Mon May 28, 2007 6:21 pm
Forum: General
Topic: Blocking Certain Websites
Replies: 3
Views: 892

Blocking Certain Websites

Hi all, I would like to block a certain website, using nslookup for its necessary IP addresses. I have tried under the filter section of the firewall dropping the ipaddress/32, on all interfaces, but yet the site still opens up. My firewall is simply setup with 1 line which I do not know if this is ...
by ChildOTK
Fri Jan 05, 2007 4:06 pm
Forum: General
Topic: MSN Messenger wont sign in
Replies: 5
Views: 1161

yeah I dont know, its all wierd.

The troubleshooter reports all fine, one of the last tests is the "Key Ports", I am guessing those are the same as the ones you are mentioning.
by ChildOTK
Thu Jan 04, 2007 3:45 pm
Forum: General
Topic: MSN Messenger wont sign in
Replies: 5
Views: 1161

I would also like to add, that if i go to the TCP Test in msn messenger, under the options, it states that it was successful and that I can log in to the service, but every time I try login, I keep on getting error code 81000306. It talks about a possible problem with their servers, or the internet ...
by ChildOTK
Thu Jan 04, 2007 3:33 pm
Forum: General
Topic: MSN Messenger wont sign in
Replies: 5
Views: 1161

MSN Messenger wont sign in

Hi all I have quite a wierd problem here. I have one server going through another server, both RouterOS, the one server is connected to an ADSL line, and is sharing the connection to the second server. The second server has its gateway set for the first server. The first server has a radius server r...
by ChildOTK
Mon Jan 01, 2007 1:03 pm
Forum: The User Manager
Topic: Usermanager web front end
Replies: 14
Views: 4974

Usermanager web front end

Hi all. Is there a way to modify the webpages that come up when a user goes to what ever page. Like if a user goes on http://serverip/user to check their usage etc, is there a way to change those pages? Like perhaps adding your own company logo, or maybe adding text? Not just those pages, but basica...
by ChildOTK
Sun Dec 31, 2006 2:10 pm
Forum: The User Manager
Topic: MRTG Graphing
Replies: 1
Views: 1542

MRTG Graphing

Hi all. I see RouterOS graphs all the interfaces. Only problem is, if a user disconnects, their graph dissappeares, and when they reconnect its a whole new graph, so is there a way to keep the graphs, somehow? So if a user disconnects, the graph remains but obviously has no traffic on it and the lin...
by ChildOTK
Fri Dec 29, 2006 11:53 pm
Forum: General
Topic: Shared radius server
Replies: 11
Views: 1423

Thanks everybody, I redid the configuration, and now its working, thanks for the help :D :D
by ChildOTK
Fri Dec 29, 2006 12:17 pm
Forum: General
Topic: Shared radius server
Replies: 11
Views: 1423

Tom, Yes I am using the radius for userman on Mikrotik1. sergejs, Thanks, I will relook over my configuration, I must be missing something, I did add the second router to userman, but I guess I am missing the radius client config then. This is done on the radius option on winbox? or is this another ...
by ChildOTK
Thu Dec 28, 2006 11:56 pm
Forum: General
Topic: Shared radius server
Replies: 11
Views: 1423

The radius server is sitting on mikrotik1
by ChildOTK
Thu Dec 28, 2006 11:47 pm
Forum: General
Topic: Shared radius server
Replies: 11
Views: 1423

oh, oops, sorry, no there is nothing between them, just a normal hub. ----------- ----- ------------ -------------- Mikrotik1|-----|HUB|------|Mikrotik2|------|Test Client| ----------- ----- ------------ -------------- In the hub is the AP, some other clients are also connected straight to the hub. ...
by ChildOTK
Thu Dec 28, 2006 11:39 pm
Forum: General
Topic: PPPoE Server trouble
Replies: 6
Views: 1268

Yeah, its a Senao AP configured in bridge mode, it does support the option for mac cloning, but every time i enable it it dies, and I have to reset it, and reconfigure it. I dont have a MikroTik AP, I think it is also a Senao that is just linked to the MikroTik box via lan cable. So I guess I will n...
by ChildOTK
Thu Dec 28, 2006 11:27 pm
Forum: General
Topic: Shared radius server
Replies: 11
Views: 1423

I haven't set up any NAT at all, just the masq rule for the clients to get access to the net.
by ChildOTK
Thu Dec 28, 2006 10:39 pm
Forum: General
Topic: Shared radius server
Replies: 11
Views: 1423

Shared radius server

Hi all,

I have 2 routeros servers now, and I would like the second server to use the same radius server as the first.

I thort I knew how to make it work, but obviously not, I keep getting radius time outs.

Is there anybody who has done such a thing? Is it possible?

Thanks.
by ChildOTK
Thu Dec 28, 2006 10:36 pm
Forum: Wireless Networking
Topic: PPPoE Server Help
Replies: 3
Views: 848

mmm, then there is my problem...

I have a Senao AP configured in bridge mode, and a hub connected to that, with the 3 clients on. How can I solve it with the VPN? Just make them login with VPN instead of PPPoE?
by ChildOTK
Thu Dec 28, 2006 10:34 pm
Forum: General
Topic: PPPoE Server trouble
Replies: 6
Views: 1268

Thanks for the response...

I have checked all the 'only one' connection settings, all disabled from what I can see.


The clients are going through a hub, with then links up to a Saneo AP configured in bridge mode connecting to my AP.
by ChildOTK
Wed Dec 27, 2006 7:44 pm
Forum: Wireless Networking
Topic: PPPoE Server Help
Replies: 3
Views: 848

PPPoE Server Help

Hi all,

I am having some trouble with the PPPoE server. most of it is fine, trouble is the client's on an AP. i have 3 client's going through one AP in bridge mode, 1 person connects and all is fine, a second connects and suddenly both are dead.

Please help. Any will be appreciated. Thanx.
by ChildOTK
Tue Dec 26, 2006 2:13 pm
Forum: General
Topic: PPPoE Server trouble
Replies: 6
Views: 1268

PPPoE Server trouble

Hi all,

I am having some trouble with the PPPoE server. most of it is fine, trouble is the client's on an AP. i have 3 client's going through one AP in bridge mode, 1 person connects and all is fine, a second connects and suddenly both are dead.

Please help. Any will be appreciated. Thanx.
by ChildOTK
Tue Dec 26, 2006 2:04 pm
Forum: General
Topic: PPPoE Server trouble
Replies: 0
Views: 489

PPPoE Server trouble

Hi all,

I am having some trouble with the PPPoE server. most of it is fine, trouble is the client's on an AP. i have 3 client's going through one AP in bridge mode, 1 person connects and all is fine, a second connects and suddenly both are dead.

Please help. Any will be appreciated. Thanx.
by ChildOTK
Tue Dec 12, 2006 6:30 pm
Forum: General
Topic: Securing a RouterOS Server
Replies: 2
Views: 914

Securing a RouterOS Server

Hi Guys / Gals. What is the best way to secure your RouterOS Server? I have on the same network as my RouterOS Server, a CentOS Linux Firewall (which I SSH into, and use tunnels to get around the network for remote admin.) Is there a way to somehow block everything (traffic) incomming from the PPPoE...
by ChildOTK
Thu Dec 07, 2006 12:16 pm
Forum: General
Topic: Possibly a network config error?
Replies: 5
Views: 1223

Hey Guys, Thanks for the help, it seems alright now. I think the biggest of the problem was the ISP undergoing maintenance, I had verified with 3 other friends in the same area and they were having the exact same problem I was having, and they connecting direct to the internet, not using RouterOS. A...
by ChildOTK
Mon Dec 04, 2006 9:24 am
Forum: General
Topic: Possibly a network config error?
Replies: 5
Views: 1223

Thanks, will try that...

It seems like it was an ISP problem, because this morning its flying without a problem.

Thanks guys..
by ChildOTK
Sun Dec 03, 2006 10:28 pm
Forum: General
Topic: Possibly a network config error?
Replies: 5
Views: 1223

Possibly a network config error?

Hi guys / gals. Wonder if you could help me out here... I have a L4 router acting as internet gateway, running a radius server using usermanager for my pppoe server, which about 12 people connect to. 2 of them specifically are using windows 98, and installed the RASPPPoE protocol, and that all works...
by ChildOTK
Sat Nov 25, 2006 7:44 am
Forum: The User Manager
Topic: Access Control
Replies: 0
Views: 1365

Access Control

Hi guys / gals. Is there a way to use usermanager like a proxy? What I mean is for example on a proxy you have access control, which you can block certain websites and allow everything else, or block everything and only allow certain sites. I would like to know if there is maybe some form of control...