Community discussions

MikroTik App

Search found 67 matches

by meazz1
Sat Jun 18, 2022 6:06 am
Forum: General
Topic: How do I remove unnecessary pacakges
Replies: 4
Views: 619

Re: How do I remove unnecessary pacakges

I have upgraded to 7.3.1.
Looking in the System menu, I did not find "device-Mode (/system/device-mode)
I would like to disable Wireless.
by meazz1
Fri Jun 17, 2022 11:26 pm
Forum: General
Topic: How do I remove unnecessary pacakges
Replies: 4
Views: 619

Re: How do I remove unnecessary pacakges

Thank you.
by meazz1
Fri Jun 17, 2022 8:43 pm
Forum: General
Topic: How do I remove unnecessary pacakges
Replies: 4
Views: 619

How do I remove unnecessary pacakges

I have download routeros-7.3.1-mmips.npk and also downloaded all_packages-mmips-7.3.1. What I trying to do is remove unnecessary packages that I don't need, for example ppp, wireless etc. My understanding that extract the zip file and put the files I want to keep in the root of the file system and r...
by meazz1
Thu Dec 02, 2021 9:40 pm
Forum: Beginner Basics
Topic: Help forwarding ports
Replies: 5
Views: 1250

Re: Help forwarding ports

This is my port forwarding and it works too, lol.
add action=dst-nat chain=dstnat dst-port=51820 in-interface=ether1 protocol=\
    udp to-addresses=192.168.4.8 to-ports=51820
by meazz1
Wed Nov 10, 2021 2:09 am
Forum: Beginner Basics
Topic: Making sure I did not mess up my firewall protection [SOLVED]
Replies: 16
Views: 3063

Re: Making sure I did not mess up my firewall protection [SOLVED]

Remuneration not required LOL.
Payback is you learning a bit more every time you play with the router.
Simply copying will lead to disasters so don't be afraid to ask WHY!!!
Thank you very much.
by meazz1
Mon Nov 08, 2021 12:34 am
Forum: Beginner Basics
Topic: Making sure I did not mess up my firewall protection [SOLVED]
Replies: 16
Views: 3063

Re: Making sure I did not mess up my firewall protection [SOLVED]

Thank you @anav. Please message your paypal email to me, I would like to buy you some beer, if you're not into drinking pls buy some lunch. Here's the final config. /interface bridge add admin-mac=08:55:31:CD:0D:6A auto-mac=no comment=defconf name=bridge /interface vlan add comment="Untrusted I...
by meazz1
Sun Nov 07, 2021 6:42 pm
Forum: Beginner Basics
Topic: Making sure I did not mess up my firewall protection [SOLVED]
Replies: 16
Views: 3063

Re: Making sure I did not mess up my firewall protection [SOLVED]

My Vlan 20 is attached to either 4, port 2, 3 & 5 are Lan only. My smart switch is connect to port 4 on the hex, nothing else connected to lan ports on the router. Kewl, So set vlan 20 to the bridge interface and not to ether4 Create vlan11 with the same IP subnet structure as your bridge and s...
by meazz1
Sun Nov 07, 2021 6:02 pm
Forum: Beginner Basics
Topic: Making sure I did not mess up my firewall protection [SOLVED]
Replies: 16
Views: 3063

Re: Making sure I did not mess up my firewall protection [SOLVED]

My Vlan 20 is attached to either 4, port 2, 3 & 5 are Lan only. My smart switch is connect to port 4 on the hex router, nothing else connected to lan ports on the router. I followed your suggestions above and made the necessary changes. Here is the newest config waiting for your approval. # nov/...
by meazz1
Sat Nov 06, 2021 11:35 pm
Forum: Beginner Basics
Topic: Making sure I did not mess up my firewall protection [SOLVED]
Replies: 16
Views: 3063

Re: Making sure I did not mess up my firewall protection [SOLVED]

My goal is , LAN LAN can access VLAN20 resource. Port forwarding is secured. # nov/06/2021 17:24:50 by RouterOS 6.49 # software id = 5MZ7-RL5B # # model = RB760iGS # serial number = XXXXXXXXXX /interface bridge add admin-mac=XXXXXXXXXXXX auto-mac=no comment=defconf name=bridge /interface vlan add co...
by meazz1
Sat Nov 06, 2021 3:15 pm
Forum: Beginner Basics
Topic: Making sure I did not mess up my firewall protection [SOLVED]
Replies: 16
Views: 3063

Re: Making sure I did not mess up my firewall protection [SOLVED]

At this point I am ready to put a bounty of us $10.00 and fix my firewall and configurations.
by meazz1
Fri Nov 05, 2021 7:03 pm
Forum: Beginner Basics
Topic: Making sure I did not mess up my firewall protection [SOLVED]
Replies: 16
Views: 3063

Re: Making sure I did not mess up my firewall protection [SOLVED]

I am very novice when it comes to firewall, so I won't be able to enter all the suggested rules knowing I will mess up and bring down my home network. Port #4 is for a smart switch where I am connecting to a unify switch and unify access points. That part is working. On the hex router, I am not usin...
by meazz1
Mon Nov 01, 2021 9:35 pm
Forum: Beginner Basics
Topic: Making sure I did not mess up my firewall protection [SOLVED]
Replies: 16
Views: 3063

Making sure I did not mess up my firewall protection [SOLVED]

I basicall used out of the box config, except changing network IP and DNS. When every looked all right, I added a VLN and a firewall rule to prevent VLAN from accessing LAN resources. I just want to make sure while adding the VLAN rule I did not screw up my firewall protection. Here is the config; #...
by meazz1
Sun Oct 24, 2021 2:26 am
Forum: Beginner Basics
Topic: How do I uninstall unneeded packages [SOLVED]
Replies: 4
Views: 4428

Re: How do I uninstall unneeded packages [SOLVED]

I noticed there's a package called "iot". What is this mused for?
by meazz1
Sat Oct 23, 2021 4:57 pm
Forum: Beginner Basics
Topic: How do I uninstall unneeded packages [SOLVED]
Replies: 4
Views: 4428

How do I uninstall unneeded packages [SOLVED]

I have a Hex S router which does not have wireless. If I want to uninstall the "wireless" and any another packages I don't use, what is the best way to permanently uninstall so they don't get re-installed when I run an update later? Also, what are the bare minimum packages I need? I think ...
by meazz1
Sun Oct 17, 2021 8:33 pm
Forum: Beginner Basics
Topic: Where in firewall rules the Fasttrack should be [SOLVED]
Replies: 5
Views: 5682

Re: Where in firewall rules the Fasttrack should be [SOLVED]

Here's my firewall output. # oct/17/2021 13:31:58 by RouterOS 6.49 # software id = 5MZ7-RL5B # # model = RB760iGS # serial number = E1XXXXXXXXX /interface bridge add admin-mac=XX:XX:XX:XX:XX:XX auto-mac=no comment=defconf name=bridge /interface list add comment=defconf name=WAN add comment=defconf n...
by meazz1
Sun Oct 17, 2021 3:28 am
Forum: Beginner Basics
Topic: Where in firewall rules the Fasttrack should be [SOLVED]
Replies: 5
Views: 5682

Where in firewall rules the Fasttrack should be [SOLVED]

Back to Mikrotik after using Opnsense for while. Newbie when it comes to firewall rules. My understanding is, the fasttrack should be on top of the rules. This is my firewall rules out of the box and the fasttrack is at number 8. Is this ok or I need to move it up? What else should be I be moving wi...
by meazz1
Sun Jun 13, 2021 8:51 pm
Forum: General
Topic: HexS - does thiis configuration looks ok [SOLVED]
Replies: 5
Views: 887

Re: HexS - does thiis configuration looks ok [SOLVED]

Is this what you mean?


Image
by meazz1
Sun Jun 13, 2021 12:08 am
Forum: General
Topic: HexS - does thiis configuration looks ok [SOLVED]
Replies: 5
Views: 887

Re: HexS - does thiis configuration looks ok [SOLVED]

@anav
Thank you.
I took care of the first 3 as you suggested.
For #4, I checked the VLAN Filtering, for the Frame Types "admit all"? Which one from the drop down to pick?

The port#5 in the router is carrying both Vlan20 and lan traffic to Unifi switch, which seems to be working already.
by meazz1
Sat Jun 12, 2021 10:23 pm
Forum: General
Topic: HexS - does thiis configuration looks ok [SOLVED]
Replies: 5
Views: 887

HexS - does thiis configuration looks ok [SOLVED]

My only goal is to have a LAN and and IoT Vlan, it just seems so difficult. Here's my config, I just need to see if the firewall is still somewhat in default state to give me out of the box protection. Secondly, the Vlan20 does not have access to Lan devices. # jun/12/2021 15:15:29 by RouterOS 6.48....
by meazz1
Tue Jun 01, 2021 1:21 am
Forum: General
Topic: HexS - Need help with setup an IoT VLAN
Replies: 1
Views: 487

HexS - Need help with setup an IoT VLAN

I just bought a HexS and trying to accomplished this. What I'm trying to do is setup a VLAN and have one dedicated trunk port to go to my unifi switch. Also, i'm trying to get a port for VLAN only, vlan devices should not have access to lan resource but lan can should have access to vlan. Here's wha...
by meazz1
Sat Jul 18, 2020 4:08 pm
Forum: General
Topic: Pi-hole DNS setup with Mikrotik Hex
Replies: 5
Views: 4175

Re: Pi-hole DNS setup with Mikrotik Hex

Everything works except one thing. Right now, I've DNS servers are setup under DHCP Networks and my LAN and VLAN works fine. The DNS settings under IP is blank. The issue I see, System --> Package can't connect to internet for update. I resolved this by adding DNS entry in DNS settings menu. The que...
by meazz1
Thu Jul 16, 2020 4:26 am
Forum: General
Topic: Pi-hole DNS setup with Mikrotik Hex
Replies: 5
Views: 4175

Re: Pi-hole DNS setup with Mikrotik Hex


What you mean by: How to handle port 53?
I read in the forums that a firewall filter to block external DNS queries to port 53 and force pi-hole to resolve the queries.

Your suggestion to setup in the dhcp network is what I want to do.
Thanks
by meazz1
Thu Jul 16, 2020 2:22 am
Forum: General
Topic: Pi-hole DNS setup with Mikrotik Hex
Replies: 5
Views: 4175

Pi-hole DNS setup with Mikrotik Hex

I have 2 Pi-hole I want to implement on my home network. here's my network layout. What would be the best way to setup everything? LAN- 192.168.4.0 - home network DNS 1 - 192.168.4.200 -Pi-hole#1 DNS 2 - 192.168.4.201 -Pi-hole#2 ========================= VLAN IOT - 10.0.20.0/24 DNS 1 - 8.8.8.8 DNS 2...
by meazz1
Sun Jul 12, 2020 6:22 am
Forum: Beginner Basics
Topic: Double check my config to make sure no holes in firewall rules
Replies: 6
Views: 2078

Re: Double check my config to make sure no holes in firewall rules

as long as my firewall is setup right I will be ok with it for now.
I used Opnsense on a device with only 2 gig ports so setup was pretty straight forward.
Now, I want to give Mikrotik a try hence all this dilemma.
by meazz1
Sun Jul 12, 2020 2:33 am
Forum: Beginner Basics
Topic: Double check my config to make sure no holes in firewall rules
Replies: 6
Views: 2078

Re: Double check my config to make sure no holes in firewall rules

@anav I took your advice and made few changes. I'm hoping this will be it. Lan 192.168.88.0/24 bridge ether2, ether3, ether4, I will only use this to access WinBox, no devices are using this. VLAN1 192.168.4.0/24 bridge1 ether5, my main home subnet VLAN20 10.0.20.0/24 bridge1 ether5, IOT devices. Ne...
by meazz1
Sat Jul 11, 2020 4:25 am
Forum: Beginner Basics
Topic: Double check my config to make sure no holes in firewall rules
Replies: 6
Views: 2078

Re: Double check my config to make sure no holes in firewall rules

Thanks @anav You always help right away. Really appreciate your willingness. Here's the chnages you suggested. I will try it out when the family is asleep and let you knoe. # jan/01/2002 00:22:03 by RouterOS 6.47 # software id = S1MG-NEED # # model = RouterBOARD 750G r3 # serial number = 6F39079A5CA...
by meazz1
Sat Jul 11, 2020 3:34 am
Forum: Beginner Basics
Topic: Double check my config to make sure no holes in firewall rules
Replies: 6
Views: 2078

Double check my config to make sure no holes in firewall rules

I have created this config and hope this will pass the leak test. I would appreciate if someone can take a look. My setup is in mikrotik LAN -192.168.4.0/24 VLAN ID20 - 10.0.20.0/24 Port forwarding for VPN to IP192.168.4.8 Managed switch for tagged and untagged traffic. Only thing I added a rule for...
by meazz1
Sun May 24, 2020 5:43 pm
Forum: General
Topic: Need help with firewall rules to prevent VLAN access to LAN
Replies: 21
Views: 4289

Re: Need help with firewall rules to prevent VLAN access to LAN

Ok, I made some changes to my scripts and I think it's what I really want. Only sticking points are, not sure if the firewall rules are correct, secondly, should I be able to enable on "1-default" vlan-filtering? I could not get the ether5 to communicate if I enabled filtering. /interface ...
by meazz1
Tue May 19, 2020 8:51 pm
Forum: General
Topic: Need help with firewall rules to prevent VLAN access to LAN
Replies: 21
Views: 4289

Re: Need help with firewall rules to prevent VLAN access to LAN

Here's a diagram.
All I need is VLAN20 not see any LAN resource.
Please ask if any confusion.
Eth5 is MGMT port.

Image
by meazz1
Tue May 19, 2020 4:28 am
Forum: General
Topic: Need help with firewall rules to prevent VLAN access to LAN
Replies: 21
Views: 4289

Re: Need help with firewall rules to prevent VLAN access to LAN

@anav @sindy Thanks here are some answers. This is for my home use for 4 of us. I have an Unifi AP-AC lite with 3 ssid for each VLANs. My current router is an EdgerouterX. I want to replace this router with Mikrotik Hex. My main lan is VLAN4. Most of my day to day stuff like PC, laptop, unifi ac-lit...
by meazz1
Mon May 18, 2020 4:29 am
Forum: General
Topic: Need help with firewall rules to prevent VLAN access to LAN
Replies: 21
Views: 4289

Re: Need help with firewall rules to prevent VLAN access to LAN

@anav Thank you. I played around with your configuration and got it up and running. Before I dive deep into this I have a question. Using a managed switch I 'm able to access all the VLAN. How do I supposed to access IP on the ether5 MGMT port on the router? I really appreciate all the help you folk...
by meazz1
Sun May 17, 2020 12:30 am
Forum: General
Topic: Need help with firewall rules to prevent VLAN access to LAN
Replies: 21
Views: 4289

Re: Need help with firewall rules to prevent VLAN access to LAN

Here is the latest and greatest config. I have redone everything, all collected from different google search and my own understanding. Again, my goal is to block VLAN 20 from talking to any other LAN device but only access to internet. All firewall rules are default except this block rule. #5.3 Bloc...
by meazz1
Fri May 15, 2020 9:36 pm
Forum: General
Topic: Need help with firewall rules to prevent VLAN access to LAN
Replies: 21
Views: 4289

Re: Need help with firewall rules to prevent VLAN access to LAN

I usually dont comment on snippets as the whole config tells the story /export hide-sensitive file=anynameyouwish So far so good (but without the rest a meaningless statement). The order within a chain is critical and thus to make it read far easier most admins put all the input rules first and the...
by meazz1
Fri May 15, 2020 4:44 pm
Forum: General
Topic: Need help with firewall rules to prevent VLAN access to LAN
Replies: 21
Views: 4289

Re: Need help with firewall rules to prevent VLAN access to LAN

Something like this? Be easy on the newbe, lol. add action=accept chain=forward comment="defconf: accept established,related" connection-state=established,related add action=drop chain=forward comment="defconf: drop invalid" connection-state=invalid add action=accept chain=input ...
by meazz1
Thu May 14, 2020 6:42 pm
Forum: General
Topic: Need help with firewall rules to prevent VLAN access to LAN
Replies: 21
Views: 4289

Need help with firewall rules to prevent VLAN access to LAN

I have basic networking for my soho with 3 VLANss. I'm using default firewall rules and need a filter/rules to prevent VLAN10 and VLAN20 from accessing other VLANs. I have googled and add some rules but it seems not block the access. So, I restore the router to default cong and setup all the VLANs a...
by meazz1
Sat Sep 14, 2019 5:45 pm
Forum: Announcements
Topic: v6.45.6 [stable] is released!
Replies: 58
Views: 60450

Re: v6.45.6 [stable] is released!

Upgraded from v6.45.5 to v6.45.6 on my hex mmips and no problem but setup is very simple and straight forward.
by meazz1
Sat Aug 31, 2019 5:35 pm
Forum: Announcements
Topic: v6.45.5 [stable] is released!
Replies: 53
Views: 49063

Re: v6.45.5 [stable] is released!

Upgraded my hex mmips from 64.45.3 to 6.45.5, no upgrade issue and everything seems good. My setup is just basic out of the box for my home use.
by meazz1
Sat Jun 22, 2019 4:32 am
Forum: General
Topic: How to add column with data in WinBox login screen
Replies: 0
Views: 923

How to add column with data in WinBox login screen

I'm running WinBox v3.18 on my Linux Mint in Wine. How do I populate the login screen with MAC, Version, IP etc. I looked but not able to figure out. Google was not help for me either. https://lh3.googleusercontent.com/2U3WRZQXZ3VmBwx02fcEwFawbMg8Y6N0xPTbailXeUTbYninmSVBpQ66zOP-vjJGGOmvRkg1c0hn6qsOm...
by meazz1
Sat Jun 01, 2019 4:55 am
Forum: General
Topic: My firewall rules - please advise
Replies: 9
Views: 4248

Re: My firewall rules - please advise

So I will delete everything from IP---> Firewall and open a terminal and paste your scripts? No way! The "script" contains your existing rules with no effective change, just re-grouped by their membership in chains but keeping your original order within each chain, and numbered so that I ...
by meazz1
Fri May 31, 2019 6:25 pm
Forum: General
Topic: My firewall rules - please advise
Replies: 9
Views: 4248

Re: My firewall rules - please advise

@sindy
Really appreciate your time and help.
So I will delete everything from IP---> Firewall
and open a terminal and paste your scripts?

Thanks
by meazz1
Fri May 31, 2019 5:46 am
Forum: General
Topic: Terminal shows many failed logins from unknown IP
Replies: 3
Views: 1435

Re: Terminal shows many failed logins from unknown IP

If you not use telnet and SSH, disable it from IP -> Services

Regards.
Thanks.
What I did is made both available from my local subnet only 192.168.4.0/24.
Is that good?
by meazz1
Fri May 31, 2019 5:19 am
Forum: General
Topic: Terminal shows many failed logins from unknown IP
Replies: 3
Views: 1435

Terminal shows many failed logins from unknown IP

I just saw this when I logged in to my winbox today while I'm sitting at home. Any idea? 22:15:06 echo: system,error,critical login failure for user service from 92.115.171.102 via telnet [amgg@Tulip] > 22:15:07 echo: system,error,critical login failure for user admin from 92.115.171.102 via telnet ...
by meazz1
Fri May 31, 2019 4:47 am
Forum: General
Topic: My firewall rules - please advise
Replies: 9
Views: 4248

Re: My firewall rules - please advise

Here's my /export hide-sensitive file # may/30/2019 21:24:29 by RouterOS 6.45beta50 # software id = S1MG-NEED # # model = RouterBOARD 750G r3 # serial number = xxxxxxxxxxx /interface bridge add name=bridge1 /interface list add name=WAN add name=LAN /ip pool add name=dhcp ranges=192.168.4.10-192.168....
by meazz1
Fri May 31, 2019 4:44 am
Forum: General
Topic: My firewall rules - please advise
Replies: 9
Views: 4248

Re: My firewall rules - please advise

Here is my ip firewall filter export # may/30/2019 21:27:33 by RouterOS 6.45beta50 # software id = S1MG-NEED # # model = RouterBOARD 750G r3 # serial number = XXXXXXXXXXX /ip firewall filter add action=accept chain=forward connection-state=established,related add action=fasttrack-connection chain=f...
by meazz1
Thu May 30, 2019 4:52 am
Forum: General
Topic: My firewall rules - please advise
Replies: 9
Views: 4248

My firewall rules - please advise

I basically copied the rules for mikrotik wiki and added the fasttrack action. Can you tell me if this looks ok for my basic protection for the home use? https://lh3.googleusercontent.com/TFj3cuO9a04zxpwI_Lj6vIjTLIVPS3aHMlivv2Z95nWfYsZyxHv-lxL5Cn7yTQnidrbWLWwX8fDyjj48LexNRV5P7IQmBa7E0BEf1a6PKeqpDb7t...
by meazz1
Tue May 28, 2019 5:03 pm
Forum: General
Topic: Pining my IP from outside LAN
Replies: 3
Views: 1050

Re: Pining my IP from outside LAN

any suggestion?
by meazz1
Sat May 25, 2019 1:25 am
Forum: General
Topic: Pining my IP from outside LAN
Replies: 3
Views: 1050

Re: Pining my IP from outside LAN

If you wanted your router to be completely invisible from outside its WAN subnet, you'd have to disable also the TFTP - port scanners scan using multiple ports and protocols. So if you need the TFTP service to be available for requests received via WAN, disabling ping will not add much invisibility...
by meazz1
Fri May 24, 2019 7:24 pm
Forum: General
Topic: Pining my IP from outside LAN
Replies: 3
Views: 1050

Pining my IP from outside LAN

I have the default firewall rules running on my router. Only thing I added is the "fasttrack" feature. Not having good idea about how ping should work, here's my question. Is is ok form my router to return reply if I ping my IP from outside of my network? Here's my firewall rules. # may/24...
by meazz1
Fri May 24, 2019 5:22 am
Forum: General
Topic: Uninstall Wireless and other packages [SOLVED]
Replies: 10
Views: 7376

Re: Uninstall Wireless and other packages [SOLVED]

@meazz1: by default, Routerboard devices have installed package bundle and it's not possible to completely uninstall individual packages ... it's only possible to disable them. If you want to completely uninstall some packages, you have to "unbundle" ROS first. The procedure is as follows...
by meazz1
Fri May 24, 2019 5:21 am
Forum: General
Topic: Uninstall Wireless and other packages [SOLVED]
Replies: 10
Views: 7376

Re: Uninstall Wireless and other packages [SOLVED]

The "ppp" package is also for VPNs. So if you don't need them, then yes.
thanks for your suggestion.
by meazz1
Thu May 23, 2019 5:26 am
Forum: General
Topic: Uninstall Wireless and other packages [SOLVED]
Replies: 10
Views: 7376

Uninstall Wireless and other packages [SOLVED]

I have a Router 750G r3 without wireless feature. I also use a gig fiber connection without the PPPoE option.
In that case, will it be ok to uninstall package "wireless"and "ppp"?
by meazz1
Fri Feb 09, 2018 7:07 pm
Forum: Beginner Basics
Topic: IPTV is buffring but other streaming devices are not
Replies: 1
Views: 961

IPTV is buffring but other streaming devices are not

I have a gig fiber at my house. I have an IPTV box connected to my Mikrotik hEX router running 6.41 firmware. I also have a raspberry pi running pi-hole for DNS and adblocking. Everyting on the LAN is forced to use the local DNS address. For some reason the IPTV box is buffering but my other streami...
by meazz1
Mon Feb 05, 2018 3:33 am
Forum: Beginner Basics
Topic: Need help converting a port with it's own vlan
Replies: 2
Views: 938

Need help converting a port with it's own vlan

I have a very basic setup and I need guidance. I had been using consumer grade router and new to Mikrotik configurations. i'm still learning Currently, ether2 is master and ether3,ether4 and ether5 are salves. ether5 is connected to a gig switch. I want to make ether4 a seprate port with it's own IP...
by meazz1
Sat Dec 23, 2017 3:10 am
Forum: Beginner Basics
Topic: Do I need to buy license for hEX RB750Gr3
Replies: 1
Views: 1537

Do I need to buy license for hEX RB750Gr3

I looked but couldn't find the answer. I just bought a wired router hEX RB750Gr3 and was wondering if I need to purchase a license? It's been up for less than a week but I'm confused if it will shut down after 15 days. For another router AP I'm planing to buy for my 2nd house if that needs licensing...
by meazz1
Wed Dec 20, 2017 3:30 pm
Forum: Beginner Basics
Topic: Need help with my firewall rules [SOLVED]
Replies: 3
Views: 2106

Re: Need help with my firewall rules [SOLVED]

There's no need to have a rule to explicitly drop ICMP in your posted filter rules. add action=drop chain=input in-interface=!ether1 protocol=icmp icmp-options=8:0-255 add action=accept chain=input connection-state=established add action=accept chain=input connection-state=related add action=drop c...
by meazz1
Tue Dec 19, 2017 5:39 am
Forum: Beginner Basics
Topic: Need help with my firewall rules [SOLVED]
Replies: 3
Views: 2106

Need help with my firewall rules [SOLVED]

I added an entry to drop pings from the wan side with the help of google, does it look right? I added the entry in line #16. /ip firewall filter add action=accept chain=forward comment="defconf: accept in ipsec policy" \ ipsec-policy=in,ipsec add action=accept chain=forward comment="d...
by meazz1
Tue Dec 12, 2017 4:13 am
Forum: Beginner Basics
Topic: How to access my AT&t gateway router from LAN [SOLVED]
Replies: 2
Views: 1636

Re: How to access my AT&t gateway router from LAN [SOLVED]

Add a second IP to your router's WAN interface - if the modem is connected to ether1, for instance: /ip address add address=192.168.1.253/24 interface=ether1 next add a srcnat rule to access the modem: /ip firewall nat add chain=srcnat dst-address=192.168.1.254 action=src-nat to-address=192.168.1.2...
by meazz1
Sat Dec 09, 2017 2:45 am
Forum: Beginner Basics
Topic: How to access my AT&t gateway router from LAN [SOLVED]
Replies: 2
Views: 1636

How to access my AT&t gateway router from LAN [SOLVED]

My lan Ip is 192.168.4.0/24. My At&t gateway is 192.168.1.254 and in passthru mode. What route or firewall rules I need to implement so I can access it from any lan pc? I'm new in this Mikrotk world. https://s19.postimg.org/jxh7ildjn/Capture.png https://s19.postimg.org/y5dtxnzqr/Capture.png
by meazz1
Thu Dec 07, 2017 2:31 am
Forum: Beginner Basics
Topic: Help with fasttrack
Replies: 0
Views: 580

Help with fasttrack

I have been reading about fasttrack and checked my firewall and moved up "fasttrack" in the rules list.
No idea on how rules work, can someone look here at the screenshot and tell me if it's ok?
I have a hex router RouterBOARD 750G.

Image
by meazz1
Tue Dec 05, 2017 2:19 am
Forum: Beginner Basics
Topic: How do I connect using browser to router's IP address [SOLVED]
Replies: 2
Views: 1789

Re: How do I connect using browser to router's IP address [SOLVED]

I'm using RouterOS 6.40.5 and the RouterBOARD 750G r3. I have the default setup with Ip 192.168.4.1 assigned to the router and the dhcp 192.168.4.10-100. I can connect from the windows box using IP 192.168.4.1 to winbox. If I try to use the same IP in a browser it doesn't connect. What or how do I ...
by meazz1
Mon Dec 04, 2017 3:46 am
Forum: Beginner Basics
Topic: How do I connect using browser to router's IP address [SOLVED]
Replies: 2
Views: 1789

How do I connect using browser to router's IP address [SOLVED]

I'm using RouterOS 6.40.5 and the RouterBOARD 750G r3. I have the default setup with Ip 192.168.4.1 assigned to the router and the dhcp 192.168.4.10-100. I can connect from the windows box using IP 192.168.4.1 to winbox. If I try to use the same IP in a browser it doesn't connect. What or how do I e...
by meazz1
Sat Dec 02, 2017 3:43 am
Forum: Beginner Basics
Topic: Help with basic firewall rules
Replies: 7
Views: 4269

Re: Help with basic firewall rules

Thanks for helping the newbie here. As suggested, I reset configurations to default and ran most of the command in the link provided ( https://wiki.mikrotik.com/wiki/Manual:Securing_Your_Router ). 4 questions: 1. the default config has firewall rules already, should I still add the one in the link? ...
by meazz1
Fri Dec 01, 2017 6:01 pm
Forum: Beginner Basics
Topic: Help with basic firewall rules
Replies: 7
Views: 4269

Re: Help with basic firewall rules

Can someone point me to a preconfigured basic firewall script that works with default config on hEX RB750Gr3 router?
by meazz1
Fri Dec 01, 2017 5:14 pm
Forum: Beginner Basics
Topic: Is my interface done correctly [SOLVED]
Replies: 6
Views: 2237

Re: Is my interface done correctly [SOLVED]

It's working fine.
But if I want ethher1 to be WAN and other 4 to be just switch, how do I go about it?
by meazz1
Fri Dec 01, 2017 4:44 am
Forum: Beginner Basics
Topic: Is my interface done correctly [SOLVED]
Replies: 6
Views: 2237

Is my interface done correctly [SOLVED]

I configured my hex router after removing default configuration. I'm new to Mikrotik and learning my way here. I setup the router with At&t gateway and everything works. For some reason when I look at the interface screen, it looks something is not done correctly. In my case, ether1 is WAN port....
by meazz1
Fri Dec 01, 2017 4:30 am
Forum: Beginner Basics
Topic: Help with basic firewall rules
Replies: 7
Views: 4269

Re: Help with basic firewall rules

See this first, and implement the basic security as described. https://wiki.mikrotik.com/wiki/Manual:Securing_Your_Router Thanks for your help. Here is a script I made, let me know if this is ok. Any suggestion is welcom. /ip firewall filter add action=accept chain=input comment="default confi...
by meazz1
Thu Nov 30, 2017 5:10 pm
Forum: Beginner Basics
Topic: Help with basic firewall rules
Replies: 7
Views: 4269

Help with basic firewall rules

I recently purchased a Mikrotik hEX RB750Gr3 5-port Ethernet Gigabit Router. I reset default configuration and have the basic setup, eth0=wan and eth1 to eth4 as switch. I need to get a basic firewall rule so my external IP is not visible from outside ping. I just need basic rules to protect me as a...