Community discussions

MikroTik App

Search found 89 matches

by network99
Thu Nov 25, 2021 10:15 am
Forum: Beginner Basics
Topic: change mss for PPPoE and IP Route users
Replies: 7
Views: 663

Re: change mss for PPPoE and IP Route users

I calculated my network MTU size from ping 4.2.2.4 -l 1455 -f and I realized my network MTU is 1455 Some ping programs the length option specifies just the payload data, others the entire packet. For Windows it is the payload, so from that if -l 1455 works and -l 1456 fails the MTU is 20 (IP header...
by network99
Thu Nov 25, 2021 10:10 am
Forum: Beginner Basics
Topic: change mss for PPPoE and IP Route users
Replies: 7
Views: 663

Re: change mss for PPPoE and IP Route users

What are those 6 Bytes on your second calculation ?
PPPoE overhead = 8 Byte / its incorrect and not should calculated ?
by network99
Sun Nov 21, 2021 5:41 pm
Forum: Beginner Basics
Topic: change mss for PPPoE and IP Route users
Replies: 7
Views: 663

Re: change mss for PPPoE and IP Route users

I should set ch-mss on interface (all ppp (my user ppooe)) or set ch-mss on interface connected to internet ??
by network99
Sun Nov 21, 2021 10:38 am
Forum: Beginner Basics
Topic: change mss for PPPoE and IP Route users
Replies: 7
Views: 663

Re: change mss for PPPoE and IP Route users

my network :
Image
by network99
Sun Nov 21, 2021 8:31 am
Forum: Beginner Basics
Topic: change mss for PPPoE and IP Route users
Replies: 7
Views: 663

change mss for PPPoE and IP Route users

hello guys good time I calculated my network MTU size from ping 4.2.2.4 -l 1455 -f and I realized my network MTU is 1455 now, I have a question aboute change mss for my users what ch-mss size should I set for PPPoE-client users and IP Route Users ? IP Route : 1455-40 = 1415 is correct ? PPPoE : 1455...
by network99
Tue Oct 12, 2021 3:18 pm
Forum: General
Topic: block user by MAC address (drop layer2)
Replies: 1
Views: 257

block user by MAC address (drop layer2)

i have layer 2 network and PPPoE Server.

Im gonna to drop one user (modem) by MAC Address, and Im gonna this user cannot connect to my pppoe server.

how to block this user by MAC Address ?

can I Block and Drop any user by MAC ?

how to I do ?
by network99
Tue Oct 12, 2021 8:18 am
Forum: General
Topic: find PPPoE user vlan
Replies: 2
Views: 332

Re: find PPPoE user vlan

Run

/tool sniffer quick mac-address=mac:add:ress:of:the:user

and wait...

But that will only show you the VLAN, is that enough?
thank you dear sindy
by network99
Mon Oct 11, 2021 4:38 pm
Forum: General
Topic: find PPPoE user vlan
Replies: 2
Views: 332

find PPPoE user vlan

I have 100 vlan's in MikroTik and I setup PPPoE Server on their. im gonna to find one user who is try to connect to my pppoe server and he cant connect ! I have only his mac-address and i see that in log ! can you help me fo find this user ? how to find or how to understand that try from which vlan ...
by network99
Tue Sep 28, 2021 10:31 am
Forum: General
Topic: Problem with Queue (Parent - Child)
Replies: 1
Views: 288

Re: Problem with Queue (Parent - Child)

hello guys good time I have a question about Queue I have 40Mbps Internet Traffic I have 2 site (two class) and in each class, there are 10 pptp users (with address 192.168.90.0/24) total I have 20 pptp users with Dynamic Queue My problem is Queue : (B) Users (class B) doesnt work !! why Queue : (B...
by network99
Tue Sep 28, 2021 10:30 am
Forum: General
Topic: Problem with Queue (Parent - Child)
Replies: 1
Views: 288

Problem with Queue (Parent - Child)

hello guys good time I have a question about Queue I have 40Mbps Internet Traffic I have 2 site (two class) and in each class, there are 10 pptp users (with address 192.168.90.0/24) total I have 20 pptp users with Dynamic Queue My problem is Queue : Users (class B) doesnt work !! why Queue : Users (...
by network99
Sun Aug 22, 2021 10:28 am
Forum: General
Topic: torching and sniffing pptp between my user and another router
Replies: 5
Views: 506

Re: torching and sniffing pptp between my user and another router

what do you mean with "online" ? I said online that means see connection realtime like torch tools in mikrotik ! whatever the user is doing / seeing ? yes, that right I need to torch my users connection Be aware that the PPTP VPN might not be encrypted, but if the user is visiting https-c...
by network99
Fri Aug 20, 2021 3:02 pm
Forum: General
Topic: mangle specific site Traffic with TLS-Host
Replies: 3
Views: 463

Re: mangle specific site Traffic with TLS-Host

Full tls-host value is the same FQDN server name used in browser. E.g. if you're visiting https://www. cisco.com/c/en/us/solutions/design-zone.html , then tls-host will be www. cisco.com. thanks a lot The big problem is that many popular pages include elements from multiple independent servers or e...
by network99
Thu Aug 19, 2021 1:12 pm
Forum: General
Topic: mangle specific site Traffic with TLS-Host
Replies: 3
Views: 463

mangle specific site Traffic with TLS-Host

hello guys good time I found this code on internet (for detect and mangle specific site) /ip firewall mangle add action=mark-routing chain=prerouting comment=Youtube dst-address-list=YouTube new-routing-mark=VPN passthrough=no add action=mark-routing chain=prerouting comment=Facebook dst-address-lis...
by network99
Wed Aug 18, 2021 3:14 pm
Forum: General
Topic: Anonymous with MikroTik
Replies: 2
Views: 318

Re: Anonymous with MikroTik

for anonymous and more secure, what is your advice ?
by network99
Wed Aug 18, 2021 3:13 pm
Forum: General
Topic: Anonymous with MikroTik
Replies: 2
Views: 318

Anonymous with MikroTik

hello guys good time I have a MikroTik routerboard and I have 3 server (VPS Linux and MikroTik) in 3 country ! I need to be anonymous :) wich one of tunnels are safe and anonymous and doesnt encrypt ? I need to : 1. my ISP shouldn't understand that I'm using VPN (for example run tunnel on port 80? o...
by network99
Wed Aug 18, 2021 2:57 pm
Forum: General
Topic: Tunnel on 80 or 443 port ?
Replies: 1
Views: 312

Tunnel on 80 or 443 port ?

Hello guys
good time

can I run tunnel on port 80 or port 443 ?
like : http://www.dotcomunderground.com/blogs/ ... o-hide-ip/
can I ?

I want to my isp doesnt understant that Im using vpn (my isp have MikroTik CCR1036 and they doesnt have firewall)

can you help me ?
by network99
Wed Aug 18, 2021 12:09 pm
Forum: General
Topic: ssh tunnel with putty and MikroTik doesnt work
Replies: 8
Views: 509

Re: ssh tunnel with putty and MikroTik doesnt work

I want to use static and one port (not dynamic)

what I should do ?
by network99
Wed Aug 18, 2021 12:02 pm
Forum: General
Topic: ssh tunnel with putty and MikroTik doesnt work
Replies: 8
Views: 509

Re: ssh tunnel with putty and MikroTik doesnt work

thanks all freinds

my problem solved !
problem was mozilla firfox settings :D

thanks
by network99
Wed Aug 18, 2021 11:44 am
Forum: General
Topic: ssh tunnel with putty and MikroTik doesnt work
Replies: 8
Views: 509

Re: ssh tunnel with putty and MikroTik doesnt work

By default, SSH tunneling is disabled in RouterOS (and so it is in many, if not all, contemporary linux distributions). Hence /ip ssh set forwarding-enabled=local should be the only thing you need to change. EDIT : sorry, I didn't read the page you've posted till the end. For dynamically created po...
by network99
Wed Aug 18, 2021 11:42 am
Forum: General
Topic: ssh tunnel with putty and MikroTik doesnt work
Replies: 8
Views: 509

Re: ssh tunnel with putty and MikroTik doesnt work

Good Morning, Please send us the Config-File (/export hide-sensitive file=somefilename) thank you for your attentions [user@router] > ip ssh print forwarding-enabled: both always-allow-password-login: no strong-crypto: no allow-none-crypto: no host-key-size: 2048 [user@router] /ip socks> print enab...
by network99
Wed Aug 18, 2021 10:54 am
Forum: General
Topic: ssh tunnel with putty and MikroTik doesnt work
Replies: 8
Views: 509

ssh tunnel with putty and MikroTik doesnt work

hello guys good time I want to run ssh tunnel with putty and MikroTk (for test only) I configured that explained there : http://www.dotcomunderground.com/blogs/2008/12/11/putty-ssh-tunnel-to-hide-ip/ but not working ! what things I should config on MikroTik ? for example need to config socks5 or nee...
by network99
Tue Aug 17, 2021 6:20 pm
Forum: General
Topic: limit ssh port for my user (2 times in 24 Hours)
Replies: 1
Views: 275

limit ssh port for my user (2 times in 24 Hours)

hello guys
good time

can I limit ssh port for my user ?
for example : I want to my users (ether2 - 192.168.88.0/24) use ssh only 2 times in 24 Hours ?

what I do ?
can you help me ?
by network99
Tue Aug 17, 2021 6:17 pm
Forum: General
Topic: if 5 times try to connect ssh, src address deny !
Replies: 2
Views: 399

if 5 times try to connect ssh, src address deny !

hello guys
good time

I want to if everyone try to connect ssh in 5 times, my router deny his/her src address !
how to detect failed and wrong password connection 5 times in 1 minute ?

have you seen
by network99
Tue Aug 17, 2021 1:12 pm
Forum: General
Topic: torching and sniffing pptp between my user and another router
Replies: 5
Views: 506

torching and sniffing pptp between my user and another router

hello guys I have a MikroTik router, one of my users has connected pptp to server 59.51.2.x I need to torch and sniff that network and connection ! (except Wirshark) have you seen devices or software or method to touch and sniff vpn network in the form of RealTime and online ? I need to device or ap...
by network99
Fri Aug 06, 2021 6:35 pm
Forum: General
Topic: send sms when destination is down !
Replies: 0
Views: 573

send sms when destination is down !

hello guys good time have you seen windows application or linux application or script to monitor (via icmp ping) and send sms when distination is down ? attention : my GSM-Modem is USB and I can't use Serial Model on PRTG and cacti and another that, you should use serial modem but  unfortunatly I ha...
by network99
Fri Aug 06, 2021 5:23 pm
Forum: General
Topic: How to drop malware ip and malicious ip? (update list)
Replies: 7
Views: 675

Re: How to drop malware ip and malicious ip? (update list)

As I wrote before, is not an insult for all, but this is too much vague about malware distribution from your IP-adress "malware distribution" by email? coming "from your IP-adress"??? can some compromised PC send e-mails, from perfectly valid address to perfectly valid addresses...
by network99
Fri Aug 06, 2021 5:22 pm
Forum: General
Topic: How to drop malware ip and malicious ip? (update list)
Replies: 7
Views: 675

Re: How to drop malware ip and malicious ip? (update list)

You should be blocking *everything* by default and then open only strictly necessary ports. Use VPN or LAN interface for management. You will need to do a clean reinstall if its been hacked already. thnaks I don't think the virtual machine is hacked. Most likely one of the VPN users has a virus in ...
by network99
Fri Aug 06, 2021 2:29 pm
Forum: General
Topic: i need to help for setup proxy ping with MikroTik Device
Replies: 1
Views: 291

Re: i need to help for setup proxy ping with MikroTik Device

I need pop-site A check (ping - lost - latency) 4.2.2.4 and 192.168.1.20 and 172.16.1.20 and send resulte to main pop-site !

can I setup that with cacti ? can I setup that with PRTG ?
by network99
Fri Aug 06, 2021 2:27 pm
Forum: General
Topic: i need to help for setup proxy ping with MikroTik Device
Replies: 1
Views: 291

i need to help for setup proxy ping with MikroTik Device

hello guys good time have you seen site or script or application to setup proxy ping with mikrotik devices? I have 5 pop-site with MikroTik Devices, I need to check latency and check ping and jitter from that remote devices to another devices for example, please see this picture : https://i.postimg....
by network99
Fri Aug 06, 2021 2:12 pm
Forum: General
Topic: How to drop malware ip and malicious ip? (update list)
Replies: 7
Views: 675

Re: How to drop malware ip and malicious ip? (update list)

yes, I completely agree
i have sent email to Hetzner and I asked detail ...

but I want to know in general what is that I should block in firewall ?

have you seen a list or site that updated and completed ?

thanks for your attention
by network99
Fri Aug 06, 2021 1:43 pm
Forum: General
Topic: How to drop malware ip and malicious ip? (update list)
Replies: 7
Views: 675

How to drop malware ip and malicious ip? (update list)

hello guys good time I have a VPS-Mikrotik in Hetzner Datacenter, for 3rd Hetzner block my ip and says : We received multiple reports about malware distribution from your IP-adress My VPS-Mikrotik is pptp-server and I have 10 ppp-client and 10 users connected from pptp on my server ! What is that I ...
by network99
Mon Jul 19, 2021 8:57 am
Forum: General
Topic: Abuse and Malicious IP List ?
Replies: 1
Views: 367

Abuse and Malicious IP List ?

hello guys
good time

can you help me to find update and complete Malicious and Abuse IP List ?
Where to find it ?

best regards
by network99
Mon Dec 28, 2020 7:33 am
Forum: Beginner Basics
Topic: Generate paket lost on specific destination ! [SOLVED]
Replies: 3
Views: 662

Re: Generate paket lost on specific destination ! [SOLVED]

Drops every 2nd packet when user pings to 95.217.228.176: /ip firewall filter add action=drop chain=forward dst-address=95.217.228.176 nth=2,1 thank you Or if you want it less predictable, there's also: random (integer: 1..99; Default: ) - Matches packets randomly with given probability. thank you
by network99
Sun Dec 27, 2020 4:12 pm
Forum: Beginner Basics
Topic: Generate paket lost on specific destination ! [SOLVED]
Replies: 3
Views: 662

Generate paket lost on specific destination ! [SOLVED]

Hello guys !

For a specific job, I need generate paket lost on destination 192.168.42.77
when my users ping 192.168.42.77, them see 50% paket lost on this destination ?

do you have a solution ?
by network99
Mon Dec 02, 2019 10:17 am
Forum: Wireless Networking
Topic: Best Frequency Between 5000 to 6000
Replies: 1
Views: 1691

Best Frequency Between 5000 to 6000

Hi guys, I want a script that will find the best frequency Between 5000 to 6000 One of the following methods: method 1 step A. Ping the client radio with 5000 packet size, if replay with =< 10ms, the frequency is good then go to step C step B. save the frequency to freq.rsc file step C. change the r...
by network99
Wed Sep 18, 2019 8:41 am
Forum: Scripting
Topic: script log and choice the best frequency between 5000-5900
Replies: 1
Views: 2047

script log and choice the best frequency between 5000-5900

hello guys i need a script for log and choice the best frequency between 5000-5900 best frequency = higher bandwidth (test by ap ping with 60000 packet size ) example : loop { } script set frequency 5000 and ping 172.16.1.1 with 60000 packet size if result is ok (host reachable and pinging), then fr...
by network99
Mon Aug 19, 2019 8:34 pm
Forum: Beginner Basics
Topic: set Queue on ether2
Replies: 5
Views: 1354

Re: set Queue on ether2

update
by network99
Mon Aug 05, 2019 2:14 pm
Forum: Beginner Basics
Topic: set Queue on ether2
Replies: 5
Views: 1354

Re: set Queue on ether2

update
by network99
Mon Aug 05, 2019 7:37 am
Forum: Beginner Basics
Topic: set Queue on ether2
Replies: 5
Views: 1354

Re: set Queue on ether2

thanks,
What is the routerboard model?
CCR1036 ROS 6.44
Also do you want to slow down *all* traffic on this port including local network, or only routed traffic to other subnets and/or the internet?
I triedو it did not work
by network99
Sun Aug 04, 2019 2:30 pm
Forum: Beginner Basics
Topic: set Queue on ether2
Replies: 5
Views: 1354

set Queue on ether2

hello

how to set 20Mb Queue on ether2 ?
( how to limit Port Speed ? )

this config not work !
/queue simple add max-limit=20M/20M name=ether2 queue=default/default target=ether2
please help me
by network99
Thu Apr 25, 2019 4:20 pm
Forum: The User Manager
Topic: 30 day time limit
Replies: 3
Views: 5022

Re: 30 day time limit

help me
by network99
Wed Apr 24, 2019 8:54 am
Forum: The User Manager
Topic: 30 day time limit
Replies: 3
Views: 5022

Re: 30 day time limit

help me
by network99
Tue Apr 23, 2019 12:37 pm
Forum: The User Manager
Topic: 30 day time limit
Replies: 3
Views: 5022

30 day time limit

hello all

i have a problem in usermanager !

how can i create a user with a 30-day time limit ?

What is the difference between uptime and validity ؟

best regard
by network99
Wed Oct 03, 2018 9:01 pm
Forum: Beginner Basics
Topic: Need YouTube CIDR/Netmask
Replies: 8
Views: 1833

Re: Need YouTube CIDR/Netmask

thank a lot

www.youtube.com in my country is filtered by the government
I can not use the dns trick !!!

Please provide a good solution

Please provide a good solution
by network99
Wed Oct 03, 2018 12:48 pm
Forum: Beginner Basics
Topic: Need YouTube CIDR/Netmask
Replies: 8
Views: 1833

Need YouTube CIDR/Netmask

hello all

i need to all of YouTube IPv4 Ranges for Mark Routing on MikroTik
Find out where ?

Best Regards
by network99
Mon Sep 17, 2018 3:20 pm
Forum: Scripting
Topic: script for report Log
Replies: 1
Views: 743

script for report Log

hello all i have need script for report log on mikrotik : if user login to mikrotik ( winbox ) = send email ( usernam , ip ) if user connect via telnet or ssh to mikrotik = send email ( usernam , ip ) if user write or remove policy = send email if routerboard rebooted = send email ( router board reb...
by network99
Mon Sep 17, 2018 2:08 pm
Forum: Beginner Basics
Topic: Mark Routing YouTube Packet
Replies: 3
Views: 3880

Re: Mark Routing YouTube Packet

please help me
by network99
Sun Sep 16, 2018 11:29 am
Forum: Beginner Basics
Topic: Mark Routing YouTube Packet
Replies: 3
Views: 3880

Mark Routing YouTube Packet

hello all i have a problem to mark routing on www.youtube.com my rule : /ip firewall layer7-protocol add name=YouTube regexp="^.+(youtube).*$" /ip firewall mangle add action=mark-routing chain=prerouting layer7-protocol=YouTube \ new-routing-mark=vpn passthrough=no /ip route add distance=1...
by network99
Mon Jul 30, 2018 10:39 am
Forum: Beginner Basics
Topic: reconnect pppoe-connection
Replies: 1
Views: 753

reconnect pppoe-connection

helll all i have a problem : on CPE router PPPoE-Client is stablished , but CPE router try to reconnect pppoe-connection !!!! PPPoE-Client Router https://pictr.com/images/2018/07/30/3CjiA.jpg PPPoE-Server Log https://pictr.com/images/2018/07/30/3CCI6.jpg https://pictr.com/images/2018/07/30/3CA2D.jpg
by network99
Sun Jun 24, 2018 5:16 pm
Forum: Beginner Basics
Topic: Optimize PPTP-clinet Share
Replies: 2
Views: 716

Re: Optimize PPTP-clinet Share

update
by network99
Fri Jun 22, 2018 4:38 pm
Forum: Beginner Basics
Topic: filter in cli ?!?
Replies: 8
Views: 2021

Re: filter in cli ?!?

Hello, You can use print, to show a filtered result, for example: /queue simple print where name=kevin and target=10.10.10.100/32 The command above will show all queues with name=kevin and target=10.10.10.100/32. The argument "where" will filter based on fields that you choose in the rest...
by network99
Fri Jun 22, 2018 12:02 pm
Forum: Scripting
Topic: Remove Duplicate Connections
Replies: 9
Views: 3348

Re: Remove Duplicate Connections

help
by network99
Fri Jun 22, 2018 11:44 am
Forum: Scripting
Topic: export Dynamic Queue to .txt file
Replies: 3
Views: 1167

Re: export Dynamic Queue to .txt file

help me
by network99
Sun Jun 17, 2018 7:53 pm
Forum: Beginner Basics
Topic: filter in cli ?!?
Replies: 8
Views: 2021

filter in cli ?!?

hello all
im not english , excuse me

how to filter queue list in CLI ?

example : https://pasteboard.co/HqkXfhb.jpg

Image

Image


thanks
by network99
Sun Jun 17, 2018 7:29 pm
Forum: Scripting
Topic: export Dynamic Queue to .txt file
Replies: 3
Views: 1167

Re: export Dynamic Queue to .txt file

please help
by network99
Sun Jun 17, 2018 7:28 pm
Forum: Scripting
Topic: Remove Duplicate Connections
Replies: 9
Views: 3348

Re: Remove Duplicate Connections

please help me
by network99
Fri Jun 15, 2018 3:13 pm
Forum: Beginner Basics
Topic: Optimize PPTP-clinet Share
Replies: 2
Views: 716

Optimize PPTP-clinet Share

hello all im not english , excuse me i have question : What is the best way to share pptp connection ? /ip firewall mangle add action=mark-routing chain=prerouting dst-address-list=MyServer new-routing-mark=pptp passthrough=no src-address=192.168.1.0/24 or /ip firewall mangle add action=mark-connect...
by network99
Fri Jun 15, 2018 1:54 pm
Forum: Scripting
Topic: export Dynamic Queue to .txt file
Replies: 3
Views: 1167

export Dynamic Queue to .txt file

hello all
im not english , excuse me

i have a need script for export all dynamic queue that max limit is 16Mb , export to .txt file

thank a lot
by network99
Fri Jun 15, 2018 1:09 pm
Forum: Scripting
Topic: Remove Duplicate Connections
Replies: 9
Views: 3348

Re: Remove Duplicate Connections

Refresh
by network99
Wed Mar 14, 2018 7:21 am
Forum: Scripting
Topic: Remove Duplicate Connections
Replies: 9
Views: 3348

Re: Remove Duplicate Connections

please guide me
by network99
Mon Mar 12, 2018 2:16 pm
Forum: Scripting
Topic: Remove Duplicate Connections
Replies: 9
Views: 3348

Re: Remove Duplicate Connections

/ppp active {:foreach t1 in=[find name=pppoe-winuser] do={remove name=$t1}} /ppp active {:foreach t2 in=[find name=pppoe-winuser-1] do={remove $t2}} /ppp active {:foreach t3 in=[find name=pppoe-winuser-2] do={remove $t3}} /ppp active {:foreach t4 in=[find name=pppoe-winuser-3] do={remove $t4}} i ne...
by network99
Mon Feb 19, 2018 8:11 pm
Forum: Beginner Basics
Topic: ARP Table is 00:00:00:00:00:00
Replies: 5
Views: 2851

Re: ARP Table is 00:00:00:00:00:00

Possibly. I'm trying to think of a legit use of all zeroes as a MAC and I don't know of one. Hopefully someone knows. To me that looks like some kind of a DDoS attack on that subnet. I would sniff it. If a machine is sending out gratuitous arps with all zeroes for all addresses in the subnet, then ...
by network99
Mon Feb 19, 2018 11:44 am
Forum: Beginner Basics
Topic: ARP Table is 00:00:00:00:00:00
Replies: 5
Views: 2851

ARP Table is 00:00:00:00:00:00

Hi all

i use RouterBOARD 941-2nD for Local Network
my mac table is full of 00:00:00:00:00:00 MAC addresses ,
where is the problem from ?
Has my router been hacked?


Image
by network99
Mon Feb 19, 2018 11:08 am
Forum: Scripting
Topic: Remove Duplicate Connections
Replies: 9
Views: 3348

Re: Remove Duplicate Connections

please guide me
by network99
Mon Feb 19, 2018 8:58 am
Forum: General
Topic: SXT Lite5 : 100% CPU Usage
Replies: 0
Views: 787

SXT Lite5 : 100% CPU Usage

Hi all i have SXT Lite 5 ( ROS 6.41.1 ) cpu usage is always 100% I upgraded Firmware & ROS [admin@RB] > export # feb/19/2018 10:27:45 by RouterOS 6.41.1 # software id = UR11-SVAL # # model = SXT 5nD r2 # serial number = 46AD046AD0 /interface bridge add fast-forward=no mtu=1500 name=bridge1 proto...
by network99
Mon Feb 12, 2018 8:26 am
Forum: Scripting
Topic: Remove Duplicate Connections
Replies: 9
Views: 3348

Re: Remove Duplicate Connections

Refresh
by network99
Sat Feb 10, 2018 2:31 pm
Forum: Scripting
Topic: Remove Duplicate Connections
Replies: 9
Views: 3348

Remove Duplicate Connections

Hello I'm using CCR1036 for clients authentication ( ROS v6.29.1 ) When the connection of my users weakens or 1 second is losst , two connections are made exmaple : <pppoe-winuser> <pppoe-winuser-1> <pppoe-winuser-2> <pppoe-winuser-3> and more ..... The router does not Disconnect the old connection ...
by network99
Wed Jan 31, 2018 7:37 pm
Forum: Beginner Basics
Topic: change mtu ! low speed !
Replies: 6
Views: 2408

Re: change mtu ! low speed !

refresh
by network99
Sat Jan 27, 2018 7:05 pm
Forum: Beginner Basics
Topic: change mtu ! low speed !
Replies: 6
Views: 2408

Re: change mtu ! low speed !

refresh
by network99
Wed Jan 24, 2018 7:50 pm
Forum: Beginner Basics
Topic: change mtu ! low speed !
Replies: 6
Views: 2408

Re: change mtu ! low speed !

You can Ping 8.8.8.8 My Resualt : G:\>mturoute www.google.com * ICMP Fragmentation is not permitted. * * Speed optimization is enabled. * * Maximum payload is 10000 bytes. * - ICMP payload of 1472 bytes is too big. + ICMP payload of 92 bytes succeeded. + ICMP payload of 782 bytes succeeded. + ICMP ...
by network99
Wed Jan 24, 2018 7:47 pm
Forum: General
Topic: mtu change ?
Replies: 5
Views: 12907

Re: mtu change ?

The MTU of the PPPoE clients should be 8 bytes less than the parent interface. Assuming the parent interface is truly 1500 MTU via Ethernet then the PPPoE interface should have an MTU of 1492. http://baturin.org/tools/encapcalc/ My Resualt : G:\>mturoute www.google.com * ICMP Fragmentation is not p...
by network99
Sun Jan 07, 2018 1:45 pm
Forum: General
Topic: PPPoE Server DNS Problem
Replies: 3
Views: 816

Re: PPPoE Server DNS Problem

please guide me ...
by network99
Tue Dec 26, 2017 3:21 pm
Forum: Beginner Basics
Topic: change mtu ! low speed !
Replies: 6
Views: 2408

Re: change mtu ! low speed !

Ping from end user using different packet size thanks for the reply Which IP address should I have ping ? ( Router ? DNS Server ? one hop after router ? ) If your client is a Mikrotik, leave all your pppoe settings to default: you can see in pppoe connection the mtu valute that the system have set....
by network99
Tue Dec 26, 2017 3:07 pm
Forum: General
Topic: mtu change ?
Replies: 5
Views: 12907

Re: mtu change ?

Firewall rules should be unneeded. There is no roll in the firewall ! ( no filter - no NAT ) Set the MTU values on the appropriate interfaces Do you mean interfaces? I have set 1500 of all interface ( example : ether2 - 1500MTU ) and allow ICMP messages related to path MTU discovery to pass correct...
by network99
Sun Dec 24, 2017 2:05 pm
Forum: General
Topic: mtu change ?
Replies: 5
Views: 12907

mtu change ?

hello guys i'm not english man , sorry ! for change users MTU , Which rulls to use ? ( input , output or forward ? ) Source ? Destination ? Once created, the rule for the Source (172.16.14.10) and Once created, the rule for the Dest(172.16.14.10) /ip firewall mangle add chain=forward disabled=yes sr...
by network99
Sun Dec 24, 2017 11:24 am
Forum: Beginner Basics
Topic: change mtu ! low speed !
Replies: 6
Views: 2408

change mtu ! low speed !

hello guys i'm not english man , sorry ! my users is low speed my bandwidth : 20Mbps my download speed : 20Mbps speed of page load : 4Mbps !!!!!!!!!!!!!!!!! speed of mobile app : 1Mbps !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! ( example : WhatsApp , Instagram , Telegram and .... ) speed of remote applica...
by network99
Fri Dec 01, 2017 5:19 pm
Forum: General
Topic: PPPoE Server DNS Problem
Replies: 3
Views: 816

Re: PPPoE Server DNS Problem

please guide me ...
by network99
Tue Nov 28, 2017 7:54 pm
Forum: General
Topic: rate limit on interface
Replies: 4
Views: 1428

Re: rate limit on interface

ip firewall mangle add chain=forward in-interface=ether1 (out-interface=ether1) action=mark-connection new-connection-mark=in-eth1 add chain=forward connection-mark=in-ether1 action=mark-packet new-packet-mark=in-eth1-pack That's a good idea ! But Mangle uses the processor and memory ( When traffic...
by network99
Tue Nov 28, 2017 7:49 pm
Forum: General
Topic: PPPoE Server DNS Problem
Replies: 3
Views: 816

Re: PPPoE Server DNS Problem

please guide me
by network99
Tue Nov 28, 2017 7:46 pm
Forum: General
Topic: how to limit ssh and telnet connection
Replies: 6
Views: 1207

Re: how to limit ssh and telnet connection

I think that you want to limit the amount of new SSL OR Telnet connections to a maximum of 5 new sessions every 60 seconds. Is this what you are asking? Well done that's right /ip firewall filter add action=accept chain=forward connection-state=new dst-port=22,23 limit=5/1m,5:packet protocol=tcp sr...
by network99
Tue Nov 28, 2017 7:43 pm
Forum: General
Topic: how to limit ssh and telnet connection
Replies: 6
Views: 1207

Re: how to limit ssh and telnet connection

stoser wrote:
I think that you want to limit the amount of new SSL OR Telnet connections to a maximum of 5 new sessions every 60 seconds. Is this what you are asking?


Well done :)

thats right !
by network99
Sun Nov 26, 2017 8:14 pm
Forum: General
Topic: PPPoE Server DNS Problem
Replies: 3
Views: 816

PPPoE Server DNS Problem

[quote="network99"]hello all im not english , excuse me i have a PPPoE Server ( ccr1030 ) my user lease public ip via pool all my pppoe users have a DNS Problem !!! 2-3 minute reslove all domain an view all website , 5 minute not resolve domain if users set DNS Server on NIC Card : Problem...
by network99
Sun Nov 26, 2017 7:58 am
Forum: General
Topic: rate limit on interface
Replies: 4
Views: 1428

rate limit on interface

hello all

how to rate limit on interfaces ?
no QUEUEU an rate limit by ip address !


thanks a lot
by network99
Fri Nov 24, 2017 4:59 pm
Forum: General
Topic: how to limit ssh and telnet connection
Replies: 6
Views: 1207

Re: how to limit ssh and telnet connection

help me
by network99
Thu Nov 23, 2017 3:11 pm
Forum: General
Topic: drop all dns request from Internet to my network
Replies: 5
Views: 1309

Re: drop all dns request from Internet to my network

You have to drop all unwanted incoming packets from Internet generally.
how to detect unwanted incoming packets in firewall ?
are you means : connections state ?
by network99
Wed Nov 22, 2017 9:02 pm
Forum: General
Topic: drop all dns request from Internet to my network
Replies: 5
Views: 1309

drop all dns request from Internet to my network

hello all

my network 82.15.xx.0/24

i have need drop all DNS request from Internet to my network !


that's mean :

Internet ( udp 53 Request ) -----> 82.15.xx.0/24 ---Drop
82.15.xx.0/24 -----> Internet ( udp 53 Request ) ---Allow


thanks
by network99
Wed Nov 22, 2017 8:57 pm
Forum: General
Topic: how to limit ssh and telnet connection
Replies: 6
Views: 1207

how to limit ssh and telnet connection

I am in need of the Rule : My users do not have connect to servers via telnet and ssh more than 5 connections in 1 minute ! that's mean : 192.168.88.2 ssh--> 53.75.51.x = allow 192.168.88.2 ssh--> 43.25.12.x = allow 192.168.88.2 ssh--> 38.12.88.x = allow 192.168.88.2 ssh--> 13.35.21.x = allow 192.16...