Community discussions

Search found 14 matches

by imperia
Wed Feb 20, 2019 1:33 pm
Forum: Wireless Networking
Topic: router was rebooted whitout proper shutdown by watchdog
Replies: 23
Views: 16858

Re: router was rebooted whitout proper shutdown by watchdog

Today I experienced the same issue with hap ac and firmware 6.43.12.
"rebooted without proper shutdown by watchdog". No supout is generated after reboot.
by imperia
Mon Jan 21, 2019 8:54 am
Forum: Beginner Basics
Topic: ipsec road warrior to access lan computers
Replies: 0
Views: 206

ipsec road warrior to access lan computers

Hello, I have IPSEC road warrior configured and running. I want to be able to access LAN devices. I have created secondary ip pool in the same subnet of my home network subnet: [admin@MikroTik] > ip pool print # NAME RANGES 0 dhcp 192.168.0.100-192.168.0.230 1 ipsec-rw 192.168.0.231-192.168.0.254 Al...
by imperia
Wed Dec 13, 2017 11:53 am
Forum: General
Topic: Problem with Winbox DialogBoxes
Replies: 12
Views: 9887

Re: Problem with Winbox DialogBoxes

Bump.
This problem is not solved yet!
Using Windows 7 compatibility mode doesn't help on Windows 10 with latest updates.
It is very annoying to have to restart winbox application every time you make mistake to open DialogBox.
Hopefully this will be resolved soon!
by imperia
Wed Nov 22, 2017 11:19 am
Forum: Beginner Basics
Topic: Need help blocking IP from accessing device in my internal network behind NAT
Replies: 26
Views: 1598

Re: Need help blocking IP from accessing device in my internal network behind NAT

Thank you guys for your help. My current config looks like: 0 chain=input action=accept protocol=icmp 1 chain=input action=accept connection-state=established,related log=no log-prefix="" 2 chain=input action=accept in-interface=ether1 log=no log-prefix="" ipsec-policy=in,ipsec 3 chain=input action=...
by imperia
Tue Nov 21, 2017 3:18 pm
Forum: Beginner Basics
Topic: Need help blocking IP from accessing device in my internal network behind NAT
Replies: 26
Views: 1598

Re: Need help blocking IP from accessing device in my internal network behind NAT

Going back to the topic author's original question: 2frogs is correct. You are dropping requests on the INPUT chain. You need to drop on the forward chain. Also, I recommend dropping ICMP input requests. And I would also like to suggest a double or tripple port knocking as another alternative. If t...
by imperia
Tue Nov 21, 2017 3:12 pm
Forum: Beginner Basics
Topic: Need help blocking IP from accessing device in my internal network behind NAT
Replies: 26
Views: 1598

Re: Need help blocking IP from accessing device in my internal network behind NAT

First of all your rule to drop traffic to your STB is wrong. The input chain is traffic going to the router itself, ie Webfig, Winbox, FTP, DNS... Your drop rule should be for the forward chain. The forward chain is any traffic that is forwarded from one interface of the router to another. The term...
by imperia
Tue Nov 21, 2017 2:58 pm
Forum: Beginner Basics
Topic: Need help blocking IP from accessing device in my internal network behind NAT
Replies: 26
Views: 1598

Re: Need help blocking IP from accessing device in my internal network behind NAT

Guys I can put password authentication to my streaming port and its done, but I want to block specific IP address to access my network no matter what. And still have port forwarding. add action=drop chain=input in-interface=ether1 log=yes log-prefix=blacklist src-address-list=blacklist I thought th...
by imperia
Wed Nov 08, 2017 4:23 pm
Forum: Beginner Basics
Topic: Need help blocking IP from accessing device in my internal network behind NAT
Replies: 26
Views: 1598

Re: Need help blocking IP from accessing device in my internal network behind NAT

Guys I can put password authentication to my streaming port and its done, but I want to block specific IP address to access my network no matter what. And still have port forwarding. add action=drop chain=input in-interface=ether1 log=yes log-prefix=blacklist src-address-list=blacklist I thought thi...
by imperia
Wed Nov 08, 2017 2:35 pm
Forum: Beginner Basics
Topic: Need help blocking IP from accessing device in my internal network behind NAT
Replies: 26
Views: 1598

Re: Need help blocking IP from accessing device in my internal network behind NAT

If you want to look your TV out of home, you need setup a simple rule wich will allow only your IP or IPs as a source. Others will just drop. My IP is always different when I am outside. Still I should be able to block specific IP addresses. I am sure I am doing something wrong. I believe firewall ...
by imperia
Wed Nov 08, 2017 12:30 pm
Forum: Beginner Basics
Topic: Need help blocking IP from accessing device in my internal network behind NAT
Replies: 26
Views: 1598

Need help blocking IP from accessing device in my internal network behind NAT

Hello, I need help to block specific blacklist from accessing my set-top-box which is behind NAT. I have port forwarding rule that points to my STB in my private home network. I use this port forwarding for watching TV from my STB when I am not at home, but I want to block specific IP addresses from...
by imperia
Sun Sep 24, 2017 12:50 am
Forum: Beginner Basics
Topic: IPSEC IKEv2 setup cannot access LAN. Only can access router.
Replies: 3
Views: 812

Re: IPSEC IKEv2 setup cannot access LAN. Only can access router.

0 chain=input action=accept protocol=icmp 1 chain=input action=accept connection-state=established 2 chain=input action=accept connection-state=related 3 chain=input action=accept in-interface=ether1 log=no log-prefix="" ipsec-policy=in,ipsec 4 chain=input action=accept protocol=udp in-interface=et...
by imperia
Sat Sep 23, 2017 9:43 pm
Forum: Beginner Basics
Topic: IPSEC IKEv2 setup cannot access LAN. Only can access router.
Replies: 3
Views: 812

IPSEC IKEv2 setup cannot access LAN. Only can access router.

Hello, I followed wiki instructions and made IPSEC IKEv2 VPN server. I can connect. I have internet and I can access router IP but I cannot access other LAN devices. I tried putting IPSEC clients in same subnet and I tried different too. No luck. I guess I am missing some firewall rule. Can somebody...
by imperia
Tue Sep 19, 2017 4:12 pm
Forum: Beginner Basics
Topic: New router. Cannot access certain websites? [SOLVED]
Replies: 2
Views: 665

Re: New router. Cannot access certain websites? [SOLVED]

I found out what the problem is. It was not the MTU. it was this port forwarding rule was working for the internal network too. chain=dstnat action=dst-nat to-addresses=192.168.0.63 to-ports=80 protocol=tcp dst-port=80 log=no log-prefix="" I guess i need to specify dst-address=my_external_ip too and...
by imperia
Tue Sep 19, 2017 8:26 am
Forum: Beginner Basics
Topic: New router. Cannot access certain websites? [SOLVED]
Replies: 2
Views: 665

New router. Cannot access certain websites? [SOLVED]

Hello, I got new hap ac router. I thought I have configured it correctly but It seems I cannot access certain websites. Maybe its the famous MTU/MSS problem, but I am unable to solve it. I am connected to Internet thru Ethernet cable (UTP) and I receive my IP by DHCP. No PPPoE or other tunnels. With...