Community discussions

Search found 24 matches

by fedor47271
Fri Apr 26, 2019 9:39 pm
Forum: Beginner Basics
Topic: Router hAP ac2 on stick (VLANs) [SOLVED]
Replies: 12
Views: 852

Re: Router hAP ac2 on stick (VLANs) [SOLVED]

On the Zyxel, you would seem to need to set the PVID parameter on ports 3,5,15,16 to 10 or 20 as appropriate. I would change port 1 as well to only allow tagged frames, eventually, after you've got it working. (Your diagram is wrong too - the line pointing to port 5 actually seems to point to port ...
by fedor47271
Fri Apr 26, 2019 9:35 am
Forum: Beginner Basics
Topic: Router hAP ac2 on stick (VLANs) [SOLVED]
Replies: 12
Views: 852

Re: Router hAP ac2 on stick (VLANs) [SOLVED]

That is not the complete config. :-( No ethernet interface No interface bridge ports, no interface bridge vlans no firewall rules etc........ Could care less about the pictures for now as I want to make sure what is hitting the zyxel device is correct.......... I made for my router "restore default...
by fedor47271
Thu Apr 25, 2019 11:13 pm
Forum: Beginner Basics
Topic: Router hAP ac2 on stick (VLANs) [SOLVED]
Replies: 12
Views: 852

Re: Router hAP ac2 on stick (VLANs) [SOLVED]

Based on the "S" on the left, is ether3 configured as bridge port? That would not be right. If you need the port only for these two vlans, remove it from bridge. If you need it as part of bridge (for other untagged traffic), here is some reading material: https://wiki.mikrotik.com/wiki/Manual:Inter...
by fedor47271
Thu Apr 25, 2019 11:10 pm
Forum: Beginner Basics
Topic: Router hAP ac2 on stick (VLANs) [SOLVED]
Replies: 12
Views: 852

Re: Router hAP ac2 on stick (VLANs) [SOLVED]

Great thanks for the diagram! To see if there is an issue on the MT side of the house please post your config
/export hide-sensitive file=yourconfigapr25


Here are my config of the hAP ac2 as .rsc file. And screenshots of Zyxel gs1900 with all VLANs.
by fedor47271
Thu Apr 25, 2019 10:13 am
Forum: Beginner Basics
Topic: Router hAP ac2 on stick (VLANs) [SOLVED]
Replies: 12
Views: 852

Router hAP ac2 on stick (VLANs) [SOLVED]

Hi guys, I have problem with implementing my topology shema(in attachment). I created 2 Vlans (10 and 20) on my hAP ac2 interface ether3. I used ether 3 as trunk port. Also i made two DHCP servers on each VLANs. VLAN 10 - 192.168.10.0/24 VLAN 20 - 192.168.20.0/24 Then i connect my zyxel1900-24 inter...
by fedor47271
Mon Feb 25, 2019 10:48 am
Forum: Beginner Basics
Topic: Error sending E-mail (AUTH failed) [SOLVED]
Replies: 1
Views: 826

Re: Error sending E-mail (AUTH failed) [SOLVED]

Hi, guys
It's working on all my routers now. I did't do any changes.
Solved.
by fedor47271
Wed Feb 20, 2019 10:06 am
Forum: Beginner Basics
Topic: Error sending E-mail (AUTH failed) [SOLVED]
Replies: 1
Views: 826

Error sending E-mail (AUTH failed) [SOLVED]

Hi, I have problem with sending backup to my G-mail. This logic of sending backup email (Script+Scheduler each weak) working from September 2018, but now i can't do it for some reason. On my account i have disabled 2FA and enabled access to not secure apps. Why can I get this kind of problem? No mat...
by fedor47271
Wed Oct 17, 2018 1:46 pm
Forum: Beginner Basics
Topic: PPTP VPN Protection
Replies: 9
Views: 962

Re: PPTP VPN Protection

You are opening a VPN server up to the world and are unhappy the world is trying to use it. Are you expecting the genuine VPN connections from a set IP address(es) or range or is it more a road warrior kind of setup? If you are expecting specific IP's then you can add them to a list and amend your ...
by fedor47271
Wed Oct 10, 2018 11:12 am
Forum: Beginner Basics
Topic: PPTP VPN Protection
Replies: 9
Views: 962

Re: PPTP VPN Protection

Hey. Just google for networks your ISP'es uses and add them in source address list. With second rule you can drop any input traffic. Should I add provider's networks to the first rule in src adr list? Explain me plz how it would work. How can i block this IP address which i sent in the logs, for ex...
by fedor47271
Wed Oct 10, 2018 10:20 am
Forum: Beginner Basics
Topic: PPTP VPN Protection
Replies: 9
Views: 962

PPTP VPN Protection

Hi, guys.

I deployed PPTP+GRE VPN on my Router RB3011. I created firewall rules which allow pptp&gre input traffic.
firewall.jpg

But sometimes i see such connection attempts to my PPTP.
logs.jpg


I ask about your advice: How can i prevent and exclude such attempts?
by fedor47271
Tue Oct 09, 2018 10:03 am
Forum: SwOS
Topic: Overruns on CSS326-24G-2S+RM
Replies: 44
Views: 10486

Re: Overruns on CSS326-24G-2S+RM

Hi, guys. Below is my previous post. Now i have 2.6 firmware version on my CSS326-24G-2S+RM and 248 days and 04:53:15 hours uptime. Disabled «Flow control» on uplink port on others it is works. Upgrading fireware to 2.6 ver and disabling Flow Control on the uplink port helped me to fix this problem ...
by fedor47271
Sun Sep 30, 2018 10:37 am
Forum: General
Topic: Choosing VPN
Replies: 1
Views: 375

Choosing VPN

Hi, guys. Need some help. There are two offices. In the first office i have MikroTik RB3011 and i deploy VPN server on it. Other office is co-working office in business center, where our company leases room for a few employees. I have task: make for those employees in other office static public IP c...
by fedor47271
Sun Sep 02, 2018 11:04 pm
Forum: General
Topic: Monitoring CCQ via CAPsMAN
Replies: 0
Views: 358

Monitoring CCQ via CAPsMAN

Hello, guys)

Yesterday i deployed CAPsMAN in my office for wireless network. All is good, but I have question: How i can monitoring Client Connection Quality now? Where i can look for quality of signal?
by fedor47271
Mon Aug 27, 2018 9:47 pm
Forum: General
Topic: Upgrading office network with MikroTik RB3011UiAS-RM
Replies: 1
Views: 293

Upgrading office network with MikroTik RB3011UiAS-RM

Hi, i need your smart advice. On my office i having MikroTik RB2011UiAS-2HnD-IN now. But today i faced with problem of bad quality of downloading pages both on PCs (connected via ethernet) and mobile phones ( via wi-fi ). When i saw this problem router AP had 40 STAs via wi-fi and 60 PCs connected v...
by fedor47271
Tue Aug 14, 2018 3:57 pm
Forum: General
Topic: 2 ISP - 1 LAN (routing to 2ISP) [SOLVED]
Replies: 2
Views: 390

Re: 2 ISP - 1 LAN (routing to 2ISP) [SOLVED]

I Solved this problem with this action: changing gateway interface on IP address of gateway.
by fedor47271
Tue Aug 14, 2018 12:18 pm
Forum: General
Topic: 2 ISP - 1 LAN (routing to 2ISP) [SOLVED]
Replies: 2
Views: 390

2 ISP - 1 LAN (routing to 2ISP) [SOLVED]

Hi I have 2 ISP providers and one LAN network. One of ISPs is main and all traffic going through it. Another i use automatically when main ISP is not reachable. Now i need to route all traffic from some PCs in my LAN(192.168.88.x) trough second ISP. At first, i created new Address list (Firewall > A...
by fedor47271
Thu Jul 26, 2018 10:45 am
Forum: General
Topic: The Exeption Second NAT
Replies: 2
Views: 359

The Exeption Second NAT

Hi, guys. I have the issue. Description: In the office i have 2 routers (RB2011 and hAP ac^2). The first router (RB2011) has white IP from ISP. On it's boards, after NAT, set up DHCP for LAN(192.168.88.0). Wired and wireless networks united in this LAN. The second router(hAP ac^2) connected to the f...
by fedor47271
Wed Jul 11, 2018 3:43 pm
Forum: General
Topic: PPTP question [SOLVED]
Replies: 3
Views: 508

Re: PPTP question [SOLVED]

It means someone trying to get in. These messages are written for every attempt, successful or unsuccessful. For unsuccessful authentication typically there are no additional messages (default configuration). If authentication was successful, there should be message like 'username logged in'. Succe...
by fedor47271
Tue Jul 10, 2018 4:38 pm
Forum: General
Topic: PPTP question [SOLVED]
Replies: 3
Views: 508

PPTP question [SOLVED]

Today i found those logs on my MikroTik RB2011UiAS-2HnD (Screenshot #1). Not long ago i allowed pptp (pptp+gre in the firewall). Later i created few vpn users for connection to pptp. But today i was shocked when i saw those logs (i don't know this IPs). Then I checked when my vpn-users authorized on...
by fedor47271
Sat Jun 02, 2018 11:08 am
Forum: General
Topic: The security flaw for Hajime is closed by the firewall
Replies: 37
Views: 17596

Re: The security flaw for Hajime is closed by the firewall

I had such kind of the invasion too. And now i updated routerOS from 6.41 to 6.42.3. I changed all user's passwords and update my router from the backup which i had before the invasion. But i find this string(screenshot) in the terminal window. What is it mean? This note came from a backup when the...
by fedor47271
Sat Jun 02, 2018 10:07 am
Forum: General
Topic: The security flaw for Hajime is closed by the firewall
Replies: 37
Views: 17596

Re: The security flaw for Hajime is closed by the firewall

I had such kind of the invasion too.

And now i updated routerOS from 6.41 to 6.42.3. I changed all user's passwords and update my router from the backup which i had before the invasion.

But i find this string(screenshot) in the terminal window. What is it mean?
by fedor47271
Mon Dec 18, 2017 9:41 pm
Forum: RouterBOARD hardware
Topic: CRS125-24G-1S-2HnD (RouterOS 6.40.4) Layer7 not work
Replies: 0
Views: 392

CRS125-24G-1S-2HnD (RouterOS 6.40.4) Layer7 not work

CRS125-24G-1S-2HnD (RouterOS 6.40.4) Layer7 site blocking does not work. Already in the mangle connection without a mark firewall configuration: / ip firewall layer7-protocol add name = BlockSite regexp = "^. * (facebook | yahoo.com). * $" / ip firewall mangle add action = mark-connection chain = pr...
by fedor47271
Wed Dec 06, 2017 5:39 pm
Forum: SwOS
Topic: Overruns on CSS326-24G-2S+RM
Replies: 44
Views: 10486

Re: Overruns on CSS326-24G-2S+RM

the problem is solved - after the firmware update the errors have disappeared
by fedor47271
Thu Nov 02, 2017 12:24 pm
Forum: SwOS
Topic: Overruns on CSS326-24G-2S+RM
Replies: 44
Views: 10486

Overruns on CSS326-24G-2S+RM

Rx Overruns on CSS326-24G-2S+RM > 1000 for 1 hour on the uplink port. Traffic is a maximum of 40Mbps on this port. On other ports, traffic is less than 3Mbps and it is all going to the uplink port (all computers work only with the Internet - they do not communicate with each other). Can the frame bu...