Community discussions

MikroTik App

Search found 3501 matches

  • 1
  • 2
  • 3
  • 4
  • 5
  • 12
by Zacharias
Mon Dec 11, 2023 11:18 am
Forum: General
Topic: Multicast not working for ISP TV BOX (Vodafone)
Replies: 17
Views: 3670

Re: Multicast not working for ISP TV BOX (Vodafone)

Use VLANs... Of course your wan port is not included inside the Bridge.
Also, if igmp-snooping is disabled then multicast traffic is flooded on all ports.
by Zacharias
Sat Dec 09, 2023 9:47 am
Forum: General
Topic: Multicast not working for ISP TV BOX (Vodafone)
Replies: 17
Views: 3670

Re: Multicast not working for ISP TV BOX (Vodafone)

What i would do is, first of all upgrade to version 7 (if its not already upgraded), create appropriate vlans including one vlan dedicated to IPTV ( 105 if that's your IPTV vlan ), configure the Bridge vlan settings, mgmt vlan etc. and then enable bridge vlan filtering. After that multicast querier ...
by Zacharias
Sat Dec 09, 2023 9:34 am
Forum: General
Topic: New ROuter suggestion please
Replies: 15
Views: 2492

Re: New ROuter suggestion please

There is the 2004 but sadly its throughput is no better than the 5009, when you compare filter rules to filter rules at 512 bytes.
You mean Bridge filter rules ?
In routing 2004 is better than 5009.
by Zacharias
Tue Sep 27, 2022 3:14 pm
Forum: General
Topic: CRS354-48P-4S+2Q+ traffic problem on ports 1 to 8
Replies: 427
Views: 120544

Re: CRS354-48P-4S+2Q+ traffic problem on ports 1 to 8

So, yours is r2 ? Or the revision is not mentioned?
by Zacharias
Tue Sep 27, 2022 9:35 am
Forum: General
Topic: CRS354-48P-4S+2Q+ traffic problem on ports 1 to 8
Replies: 427
Views: 120544

Re: CRS354-48P-4S+2Q+ traffic problem on ports 1 to 8

I did update the switches to whatever was current that day. Ergo routerOS and board firmware.
Revision is not the same as firmware version.
The revision i think changes when there is a hardware change on the device.

For example, my CRS354 indicates as Revision : r2.
by Zacharias
Mon Sep 26, 2022 2:39 pm
Forum: General
Topic: CRS354-48P-4S+2Q+ traffic problem on ports 1 to 8
Replies: 427
Views: 120544

Re: CRS354-48P-4S+2Q+ traffic problem on ports 1 to 8

@gotsprings what is the revision version under /system routerboard ?
by Zacharias
Wed Aug 10, 2022 9:13 pm
Forum: Beginner Basics
Topic: Single DHCP server for multiple VLANs?
Replies: 14
Views: 4120

Re: Single DHCP server for multiple VLANs?

but I can't assign the DHCP server to multiple VLANs. I guess because the DHCP server is not your MikroTik router and its not aware of the VLANs... Right ? You could create the VLAN interfaces on your DHCP server then... Or a second cable, one for each VLAN between the DHCP server and the Router......
by Zacharias
Wed Aug 10, 2022 8:14 pm
Forum: Forwarding Protocols
Topic: CCR1009 and Cisco 3750G
Replies: 2
Views: 851

Re: CCR1009 and Cisco 3750G

This works great sort of.
When using 802.3ad, you should know that all links participating in the aggregation must operate at the same speed and duplex mode..
In your case you've aggregated an SFP+ port with an ethernet port.

https://help.mikrotik.com/docs/display/ ... ng-802.3ad
by Zacharias
Tue Aug 09, 2022 9:43 pm
Forum: Wireless Networking
Topic: Looking for guidance on improving LTE signal (LHGGR LTE6) on a 6-7km distance connection
Replies: 3
Views: 815

Re: Looking for guidance on improving LTE signal (LHGGR LTE6) on a 6-7km distance connection

The signal itself is not bad...
You got a really bad SINR... that means a lot of noise...
by Zacharias
Mon Aug 08, 2022 6:34 pm
Forum: Wireless Networking
Topic: Virtual WLAN and VLAN's
Replies: 136
Views: 14756

Re: Virtual WLAN and VLAN's

use-service-tag=yes
Service Tag is used when we need management access in cases that double VLAN tagging is used...
https://wiki.mikrotik.com/wiki/Manual:B ... ling_setup
by Zacharias
Mon Aug 08, 2022 4:52 pm
Forum: General
Topic: CRS354-48P-4S+2Q+ traffic problem on ports 1 to 8
Replies: 427
Views: 120544

Re: CRS354-48P-4S+2Q+ traffic problem on ports 1 to 8

But we are having a lot of problems with local devices staying connected That is a general description. Did you actually observe this problem yourself ? Any log check on the devices? The previous posts mention that the switch stops forwarding traffic until reboot, but in your case there is no such ...
by Zacharias
Fri Aug 05, 2022 11:16 pm
Forum: General
Topic: 3011 - VLAN - Capsman
Replies: 4
Views: 582

Re: 3011 - VLAN - Capsman

by Zacharias
Wed Aug 03, 2022 10:08 pm
Forum: General
Topic: ltAP modem R11e-LTE6 upgrade firmware to V034 failed ?
Replies: 12
Views: 2576

Re: ltAP modem R11e-LTE6 upgrade firmware to V034 failed ?

Do you have any extra packages other than the basics installed ?
by Zacharias
Wed Aug 03, 2022 8:52 pm
Forum: Beginner Basics
Topic: Activate Internet from incoming VLAN
Replies: 23
Views: 2231

Re: Activate Internet from incoming VLAN

I have tried it with filtering but nothing changed.
Probably because your configuration was wrong...
by Zacharias
Tue Aug 02, 2022 8:28 pm
Forum: Beginner Basics
Topic: Switch maximum hop end-to-end [SOLVED]
Replies: 7
Views: 1758

Re: Switch maximum hop end-to-end [SOLVED]

Indeed the default network diameter is 20, but this does not mean that RSTP won't work after the 20th Bridge...
Simply a new Root Bridge will be elected... https://wiki.mikrotik.com/wiki/Manual:S ... e_Protocol
by Zacharias
Tue Aug 02, 2022 7:36 pm
Forum: Beginner Basics
Topic: Activate Internet from incoming VLAN
Replies: 23
Views: 2231

Re: Activate Internet from incoming VLAN

As said earlier, but ignored, without Bridge VLAN filtering enabled, whatever configuration you' ve done under /bridge interface related to VLAN settings is simply ignored. Also, you've added a VLAN interface on a slave Interface https://help.mikrotik.com/docs/display/ROS/Layer2+misconfiguration#Lay...
by Zacharias
Tue Aug 02, 2022 4:13 pm
Forum: Beginner Basics
Topic: Activate Internet from incoming VLAN
Replies: 23
Views: 2231

Re: Activate Internet from incoming VLAN

In order to use the Bridge VLAN settings and the Bridge port pvid settings, Bridge VLAN filtering must be enabled.
Otherwise your Bridge interface is not VLAN aware...

And ofcorse before you enable it, you should read how it works otherwise there is a chance to lose connectivity with your device...
by Zacharias
Tue Aug 02, 2022 4:00 pm
Forum: Beginner Basics
Topic: Restricting a port to VLAN only [SOLVED]
Replies: 8
Views: 1854

Re: Restricting a port to VLAN only [SOLVED]

That is totally different...
Can you provide a network diagram of the Topology ?
And export with hide-sensitive the configuration of the CRS... Also manually remove serials, Public IPs etc if any visible on the config export...
by Zacharias
Tue Aug 02, 2022 3:58 pm
Forum: Beginner Basics
Topic: Activate Internet from incoming VLAN
Replies: 23
Views: 2231

Re: Activate Internet from incoming VLAN

Where is the VLAN 100 eth3 connected to on your MikroTik Router ?
On a Bridge Port or on a WAN port ?
by Zacharias
Tue Aug 02, 2022 3:53 pm
Forum: Beginner Basics
Topic: Restricting a port to VLAN only [SOLVED]
Replies: 8
Views: 1854

Re: Restricting a port to VLAN only [SOLVED]

I want devices on a specific vlan to only access devices on that vlan If you don't want a specific VLAN to access devices on another VLAN, you block that through the Firewall... Or if you have a drop all rule, then you accept the type of traffic you want before that rule as @anav already said... In...
by Zacharias
Tue Aug 02, 2022 3:41 pm
Forum: Beginner Basics
Topic: Activate Internet from incoming VLAN
Replies: 23
Views: 2231

Re: Activate Internet from incoming VLAN

Use the insert image icon... :shock:

The question is why you want to " forward " that VLAN to the rest of your network ?

Also, VLANs work on Layer 2 and they do not traverse Routers, Layer 3 devices...
by Zacharias
Tue Aug 02, 2022 3:09 pm
Forum: Beginner Basics
Topic: Activate Internet from incoming VLAN
Replies: 23
Views: 2231

Re: Activate Internet from incoming VLAN

I will agree on the network diagram...
by Zacharias
Mon Aug 01, 2022 4:04 pm
Forum: Beginner Basics
Topic: Firewall considerations with LTE passthrough interface [SOLVED]
Replies: 5
Views: 2675

Re: Firewall considerations with LTE passthrough interface [SOLVED]

Excellent - thanks for the updated info and the links.

Makes sense - once the interface is consumed as the passthrough device, the only way I can communicate with the SXT is through RoMON.

Thanks all.
You can solve that with VLANs...
by Zacharias
Wed Jul 27, 2022 9:17 pm
Forum: General
Topic: Upgrading the network to 10Gbit backbone
Replies: 3
Views: 587

Re: Upgrading the network to 10Gbit backbone

The overall selection of models seems correct...
by Zacharias
Wed Jul 27, 2022 9:14 pm
Forum: General
Topic: All physical interfaces (except WAN) are contained within one bridge, why?
Replies: 6
Views: 727

Re: All physical interfaces (except WAN) are contained within one bridge, why?

That is a complicated explanation for otherwise a simple answer...
by Zacharias
Wed Jul 27, 2022 9:04 pm
Forum: General
Topic: All physical interfaces (except WAN) are contained within one bridge, why?
Replies: 6
Views: 727

Re: All physical interfaces (except WAN) are contained within one bridge, why?

All physical interfaces (except WAN) are contained within one bridge, why?
A bridge is a virtual interface used to switch traffic between hosts.
So all member ports of a bridge are capable of communicating with each other in Layer 2...
by Zacharias
Wed Jul 27, 2022 8:27 pm
Forum: General
Topic: Wireless VLAN Trunk
Replies: 6
Views: 754

Re: Wireless VLAN Trunk

Another idea would be to apply MSTP between Router A and Router B, disable any protocol-mode on the APs and STs between.
Then you could modify the internal path costs so that each VLAN could follow a different path and at the same time keeping redundancy enabled...
by Zacharias
Wed Jul 27, 2022 7:22 pm
Forum: Wireless Networking
Topic: R11e-LTE6 modem firmware changelog
Replies: 36
Views: 15474

Re: R11e-LTE6 modem firmware changelog

Have you ever seen a changelog to any modem firmware version ?
by Zacharias
Wed Jul 27, 2022 4:58 pm
Forum: Wireless Networking
Topic: CAPSMAN - Surely there's a simpler/cleaner way?
Replies: 19
Views: 2856

Re: CAPSMAN - Surely there's a simpler/cleaner way?

Easy dont use capsman.
Nice solution.

Actually capsman is really good... Especially in networks with many APs.
by Zacharias
Wed Jul 27, 2022 4:52 pm
Forum: General
Topic: Wireless VLAN Trunk
Replies: 6
Views: 754

Re: Wireless VLAN Trunk

Instead of guessing, it would be best if you posted the configuration of both routers with /export hide-sensitive.. also remove any serials, public IPs if any etc...
Also a network diagram of the exact topology would be nice...
by Zacharias
Wed Jul 27, 2022 4:15 pm
Forum: General
Topic: Wireless VLAN Trunk
Replies: 6
Views: 754

Re: Wireless VLAN Trunk

I would use OSPF.
Something like here viewtopic.php?t=149027

Your APs and your ST devices, must both be able to pass Tagged traffic on VLANs 10 and 20.
by Zacharias
Wed Jul 27, 2022 3:28 pm
Forum: General
Topic: Low throughput via CRS112-8P-4S
Replies: 6
Views: 936

Re: Low throughput via CRS112-8P-4S

There is a problem MT has not many useful models
Actually there are plenty of really good Routers ( in your case ) to choose ...
by Zacharias
Tue Jul 26, 2022 8:13 pm
Forum: General
Topic: Broadcast traffic via wireguard
Replies: 8
Views: 4893

Re: Broadcast traffic via wireguard

Maybe zerotier ???
Seems it doesn't be available for 951G-2HnD (yet?)

.....we have only just 1 router.... :(
Zerotier is available only in ARM devices with ROS v7.

You could use EoIP as suggested earlier or BCP https://wiki.mikrotik.com/wiki/Manual:B ... _bridging)
by Zacharias
Tue Jul 26, 2022 4:32 pm
Forum: Beginner Basics
Topic: two dhcp server on one interface
Replies: 9
Views: 4967

Re: two dhcp server on one interface

Many information are missing.
Where is ether2 going to ? another switch ?
What is the purpose of the second subnet ?

If you need to segmentate your network then VLANs is the way to go...
by Zacharias
Tue Jul 26, 2022 4:22 pm
Forum: Beginner Basics
Topic: Firewall considerations with LTE passthrough interface [SOLVED]
Replies: 5
Views: 2675

Re: Firewall considerations with LTE passthrough interface [SOLVED]

When you use your LTE device in passthrough mode, then the LTE device is responsible only for the Modem settings... It does not have internet itself, but instead it needs your Router to access the internet i.e. the device that the passthrough is going to. So, no, you don't need firewall on the LTE d...
by Zacharias
Sun Jul 24, 2022 6:33 pm
Forum: Wireless Networking
Topic: No internet on wlan [SOLVED]
Replies: 9
Views: 1658

Re: No internet on wlan [SOLVED]

So, did it work after changing the config according to my previous suggestion ?
by Zacharias
Sun Jul 24, 2022 6:32 pm
Forum: General
Topic: Help Request.. Must have RB5009
Replies: 12
Views: 1219

Re: Help Request.. Must have RB5009

ok thanks.
by Zacharias
Sat Jul 23, 2022 10:32 pm
Forum: General
Topic: Multicast using RB952Ui-5ac2nD-US
Replies: 1
Views: 318

Re: Multicast using RB952Ui-5ac2nD-US

IGMP snooping ( Layer 2 Multicast Protocol ) is not supported in hardware by this device...
I guess you could use either PIM or IGMP Proxy

See here
https://help.mikrotik.com/docs/display/ROS/IGMP+Proxy
https://help.mikrotik.com/docs/display/ROS/PIM-SM
by Zacharias
Sat Jul 23, 2022 10:19 pm
Forum: General
Topic: DHCP Relay on VPN and VPN Failover [SOLVED]
Replies: 5
Views: 1016

Re: DHCP Relay on VPN and VPN Failover [SOLVED]

I thought so...
It would be great if VRRP had an internal procedure that could synchronize the configuration of the VRRP Routers without the need of a script...
by Zacharias
Sat Jul 23, 2022 10:03 pm
Forum: General
Topic: Help Request.. Must have RB5009
Replies: 12
Views: 1219

Re: Help Request.. Must have RB5009

I can't install Zerotier on this emulator
What emulation software are you using ?
by Zacharias
Sat Jul 23, 2022 9:37 pm
Forum: General
Topic: DHCP Relay on VPN and VPN Failover [SOLVED]
Replies: 5
Views: 1016

Re: DHCP Relay on VPN and VPN Failover [SOLVED]

or the full HA setup where the backup router inherits the complete configuration of the primary one
Inherits the complete config ? How ?
In VRRP ?
by Zacharias
Sat Jul 23, 2022 6:05 pm
Forum: Wireless Networking
Topic: No internet on wlan [SOLVED]
Replies: 9
Views: 1658

Re: No internet on wlan [SOLVED]

You have many mistakes in your configuration... As for the reason you don't have internet when connecting to either vlan10 or vlan20 is because you do not allow neither of these VLANs to make DNS queries to the router... More specifically, the DNS queries are blocked because there is a rule action=d...
by Zacharias
Sat Jul 23, 2022 5:51 pm
Forum: RouterBOARD hardware
Topic: RBD22UGS-5HPacD2HnD dropping all clients
Replies: 4
Views: 2007

Re: RBD22UGS-5HPacD2HnD dropping all clients

The first week, we had random lockups and trouble keeping the eth port registered
It seems you have Layer1 issues...
Check the cable and the termination points...
by Zacharias
Sat Jul 23, 2022 5:39 pm
Forum: Beginner Basics
Topic: 2 IP pools [SOLVED]
Replies: 9
Views: 1828

Re: 2 IP pools [SOLVED]

ok, you can use the /23 network and use two pools for that particular network excluding the 10.0.1.0 and 10.0.0.255..
pool1 10.0.0.2-10.0.0.254
pool2 10.0.1.1-10.0.1.254

Supposing 10.0.0.1/23 is the gateway...
by Zacharias
Fri Jul 22, 2022 10:30 pm
Forum: Beginner Basics
Topic: 2 IP pools [SOLVED]
Replies: 9
Views: 1828

Re: 2 IP pools [SOLVED]

10.0.0.255 and 10.0.1.0 are not well accepted from all devices.
Can you provide more details on that ?
Or give an example ?
by Zacharias
Fri Jul 22, 2022 12:46 am
Forum: RouterOS beta
Topic: Current UPS support
Replies: 3
Views: 3085

Re: Current UPS support

If you search in the forum you will find posts like this viewtopic.php?t=48762#p284203
mentioning models that are working...
by Zacharias
Thu Jul 21, 2022 10:55 pm
Forum: General
Topic: Which router: 1Gbps WAN, Firewall, OpenVPN
Replies: 6
Views: 652

Re: Which router: 1Gbps WAN, Firewall, OpenVPN

Yes but so now is quickset VPN :-)
I don't use quickset.
So i don't know.
by Zacharias
Thu Jul 21, 2022 10:38 pm
Forum: Announcements
Topic: v7.4 [stable] is released!
Replies: 226
Views: 54604

Re: v7.4 [stable] is released!

@osc86 how about trying to netinstall the device ?
by Zacharias
Thu Jul 21, 2022 10:12 pm
Forum: General
Topic: Which router: 1Gbps WAN, Firewall, OpenVPN
Replies: 6
Views: 652

Re: Which router: 1Gbps WAN, Firewall, OpenVPN

WG is easier to setup but this does not make OVPN bad.
It all depends on the requirements.

I would agree if we were talking only for ROS v6 where OVPN could only run over TCP.
But in ROS v7 UDP is supported.
by Zacharias
Thu Jul 21, 2022 9:55 pm
Forum: General
Topic: icmp in mikrotik
Replies: 22
Views: 5558

Re: icmp in mikrotik

I will agree with @sindy.
Dropping all ICMP packets is really bad...
But dropping selectively though, there are occasions that it is a good practice..
by Zacharias
Thu Jul 21, 2022 9:50 pm
Forum: General
Topic: Which router: 1Gbps WAN, Firewall, OpenVPN
Replies: 6
Views: 652

Re: Which router: 1Gbps WAN, Firewall, OpenVPN

OpenVPN, is not a requirement its a disease.............
And why is that ?
Which MT router would be best for
You got many choices...
Take a look here https://mikrotik.com/products/group/ethernet-routers
by Zacharias
Thu Jul 21, 2022 9:42 pm
Forum: Beginner Basics
Topic: VLANs on Hap AC3 as access point. [SOLVED]
Replies: 16
Views: 1799

Re: VLANs on Hap AC3 as access point. [SOLVED]


:lol:
I don't see anything different in your config than what i suggested...
Details minor details..............
Like ?
You mean not posting a working config ?
by Zacharias
Thu Jul 21, 2022 9:26 pm
Forum: Beginner Basics
Topic: tools/mac-winbox feature not working
Replies: 10
Views: 1101

Re: tools/mac-winbox feature not working

Not all PCs are the same in terms of hardware...
So, did you disable all the network cards, wired or wireless, all the Virtual adapters if any, and tested again ?
by Zacharias
Thu Jul 21, 2022 9:23 pm
Forum: Beginner Basics
Topic: VLANs on Hap AC3 as access point. [SOLVED]
Replies: 16
Views: 1799

Re: VLANs on Hap AC3 as access point. [SOLVED]

Although zach is pretty close to the mark!
:lol:
I don't see anything different in your config than what i suggested...
by Zacharias
Thu Jul 21, 2022 4:24 pm
Forum: SwOS
Topic: MNDP and LLDP (Mikrotik Network Discovery Protocol)
Replies: 5
Views: 4280

Re: MNDP and LLDP (Mikrotik Network Discovery Protocol)

-A topology map ? You don't have a topology map of your network? If you want to see the devices discovered you can use ip neighbor print -LLDP-MED is supported after 6.48 *) discovery - added "lldp-med-net-policy-vlan" property for assigning VLAN ID; - What exactly is that you want to see ?
by Zacharias
Thu Jul 21, 2022 3:59 pm
Forum: Beginner Basics
Topic: VLANs on Hap AC3 as access point. [SOLVED]
Replies: 16
Views: 1799

Re: VLANs on Hap AC3 as access point. [SOLVED]

can all be removed
I don't agree.
Everything except, the Relay, the set ip-forward=no and the add address=192.168.1.2 interface=BR1 network=192.168.1.2, look totally fine to me.
Including the corrections i made in my previous post.
by Zacharias
Thu Jul 21, 2022 3:20 pm
Forum: RouterOS beta
Topic: Policy based routing issue on Mikrotik !!
Replies: 6
Views: 2696

Re: Policy based routing issue on Mikrotik !!

If you use lookup, in case that Gateway is not reachable it will fall back to the Main Routing Table, whatever that may be.
If you use lookup-only-in-table, if the Gateway is not reachable, you won't be routed at all to any other Gateway, including the Main.
by Zacharias
Thu Jul 21, 2022 3:11 pm
Forum: Beginner Basics
Topic: VLANs on Hap AC3 as access point. [SOLVED]
Replies: 16
Views: 1799

Re: VLANs on Hap AC3 as access point. [SOLVED]

You have mistakes in your VLAN configuration. The most important, you have PVID set on your wifi ports but at the same time you have set those ports as Tagged. By setting PVID we declare a port as an Access Port, meaning untagged traffic. A port that has both PVID set and at the same time is tagged ...
by Zacharias
Thu Jul 21, 2022 2:59 pm
Forum: Scripting
Topic: IP Firewall NAT Script to change out-interface
Replies: 4
Views: 986

Re: IP Firewall NAT Script to change out-interface

But why do you need to change the out interfaces ?
by Zacharias
Thu Jul 21, 2022 2:48 pm
Forum: Wireless Networking
Topic: CUBE 60PRO AC
Replies: 28
Views: 3717

Re: CUBE 60PRO AC

New interface bonding, diferent modes
What do you mean by New interface bonding ?
by Zacharias
Thu Jul 21, 2022 1:25 pm
Forum: Beginner Basics
Topic: 2 IP pools [SOLVED]
Replies: 9
Views: 1828

Re: 2 IP pools [SOLVED]

I think you can do both:
  • one pool with two ranges (10.0.0.2-10.0.0.254 and 10.0.1.1-10.0.1.254)
  • one pool (10.0.0.2-10.0.1.254)
Maybe anyone else can confirm?
Yes both can be done...
by Zacharias
Thu Jul 21, 2022 1:10 pm
Forum: Beginner Basics
Topic: RB960PGS (hEX POE) crashing
Replies: 31
Views: 2165

Re: RB960PGS (hEX POE) crashing

The more current through the PoE line, the more power dissipated, so the more heat generated.
According to specs, Max out per port output (input 30-57 V) 450 mA
So, i don't think the heat is caused by that...
by Zacharias
Thu Jul 21, 2022 12:43 pm
Forum: Wireless Networking
Topic: CUBE 60PRO AC
Replies: 28
Views: 3717

Re: CUBE 60PRO AC

How is the 5GHz backup failover implemented ?
I mean what triggers the switch on the 5 GHz in terms of configuration ? Any type of bonding etc. ?
by Zacharias
Thu Jul 21, 2022 12:40 pm
Forum: Announcements
Topic: v7.4 [stable] is released!
Replies: 226
Views: 54604

Re: v7.4 [stable] is released!

Anyone knows anything about this *) lte - improved LTE interface detection for LtAP-2HnD devices; ?
by Zacharias
Thu Jul 21, 2022 10:03 am
Forum: Wireless Networking
Topic: WAP R LTE and 3G
Replies: 4
Views: 724

Re: WAP R LTE and 3G

I believe there are locations that do not have 3G coverage too...
by Zacharias
Thu Jul 21, 2022 9:44 am
Forum: Wireless Networking
Topic: WDS unstable?
Replies: 27
Views: 2300

Re: WDS unstable?

@mkx thanks for the explanation.
by Zacharias
Wed Jul 20, 2022 3:46 pm
Forum: Wireless Networking
Topic: WDS unstable?
Replies: 27
Views: 2300

Re: WDS unstable?

station-bridge mode, the later is using 4-address mode So @mkx even in station bridge mode, 4-address format is used ? If for example, two clients ( PCs ) need to communicate through a wireless link, e.g. PC -> AP Bridge .... Station Bridge -> PC2, the Frame will include all RA, TA, SA and DA ? And...
by Zacharias
Wed Jul 20, 2022 3:17 pm
Forum: General
Topic: CRS354-48P-4S+2Q+ traffic problem on ports 1 to 8
Replies: 427
Views: 120544

Re: CRS354-48P-4S+2Q+ traffic problem on ports 1 to 8

Is it certain that there is a problem indeed ? That is not fixed on recent ROS releases ?
Anyone made a support ticket ?
by Zacharias
Wed Jul 20, 2022 2:56 pm
Forum: Beginner Basics
Topic: VPN clients can't ping devices on the LAN
Replies: 5
Views: 1684

Re: VPN clients can't ping devices on the LAN

you could also consider zerotier (goes through a third party) which is now an available module on MT OS.
But only for ARM devices...

CCR1009 is Tile architecture.
by Zacharias
Wed Jul 20, 2022 2:51 pm
Forum: Announcements
Topic: v7.4 [stable] is released!
Replies: 226
Views: 54604

Re: v7.4 [stable] is released!

Anyone alse already tried this "STABLE" version?

i need to hard reset to make it work
After upgrading from what version ?
by Zacharias
Wed Jul 20, 2022 2:47 pm
Forum: Beginner Basics
Topic: configure VRRP with three Mikrotiks ?
Replies: 1
Views: 300

Re: configure VRRP with three Mikrotiks ?

See here https://wiki.mikrotik.com/wiki/Manual:VRRP-examples
You can use MikroTik 3 as a switch.
by Zacharias
Wed Jul 20, 2022 2:29 pm
Forum: Announcements
Topic: v7.4 [stable] is released!
Replies: 226
Views: 54604

Re: v7.4 [stable] is released!

*) lte - improved LTE interface detection for LtAP-2HnD devices;
Does this have to do with the LTE interface totally missing in some occasions ?
by Zacharias
Wed Jul 20, 2022 2:10 pm
Forum: RouterBOARD hardware
Topic: VPN With Android
Replies: 9
Views: 8077

Re: VPN With Android

Wireguard. Dead simple. But it comes with a caveat, you need to be on ROS7. And that brings us back to post #2 ... Yes, but any device properly configured inside the network can be used for the Wireguard... In my case, the main router is not on V7, but i have another device in the network upgraded ...
by Zacharias
Wed Jul 20, 2022 2:06 pm
Forum: RouterBOARD hardware
Topic: RB1100AHx4 not displaying temperature
Replies: 7
Views: 1820

Re: RB1100AHx4 not displaying temperature

ok, v6 does not show numbers 0,1,2,3 etc when printing /system health, so that got me confused...
by Zacharias
Tue Jul 19, 2022 10:24 pm
Forum: RouterBOARD hardware
Topic: VPN With Android
Replies: 9
Views: 8077

Re: VPN With Android

Personally i mostly use LT2P/IPsec as a road warrior..
Lately i use wireguard too...
by Zacharias
Mon Jul 18, 2022 11:17 pm
Forum: General
Topic: Mikrotik router act as a PPTP client, and PPTP server
Replies: 6
Views: 874

Re: Mikrotik router act as a PPTP client, and PPTP server

No, there is no problem, it can be a client and a server...
However PPTP is not recommended because it is not a safe VPN protocol to use...
by Zacharias
Mon Jul 18, 2022 11:03 pm
Forum: RouterBOARD hardware
Topic: RB1100AHx4 not displaying temperature
Replies: 7
Views: 1820

Re: RB1100AHx4 not displaying temperature

This is not what the command /system health print outputs...
by Zacharias
Mon Jul 18, 2022 9:48 pm
Forum: RouterBOARD hardware
Topic: RB1100AHx4 not displaying temperature
Replies: 7
Views: 1820

Re: RB1100AHx4 not displaying temperature

What if you use CLI ?
by Zacharias
Mon Jul 18, 2022 1:10 pm
Forum: General
Topic: CRS354-48P-4S+2Q+ traffic problem on ports 1 to 8
Replies: 427
Views: 120544

Re: CRS354-48P-4S+2Q+ traffic problem on ports 1 to 8

You will see groups of ports stop forwarding traffic AT ALL until reboot.
ok.
The device has an uptime of approximately 2 weeks without any problems...
by Zacharias
Mon Jul 18, 2022 1:01 pm
Forum: General
Topic: Unexpected rebooting of CRS326-24S+2Q+RM
Replies: 15
Views: 1188

Re: Unexpected rebooting of CRS326-24S+2Q+RM

yes, I see the user want use VLAN:
MTU 9000 + 14 l2 heading + 4 FCS + 4 VLAN = L2MTU 9022

I didn't notice, did I do something wrong?
No, my mistake.. I forgot about the FCS
by Zacharias
Mon Jul 18, 2022 11:20 am
Forum: General
Topic: Unexpected rebooting of CRS326-24S+2Q+RM
Replies: 15
Views: 1188

Re: Unexpected rebooting of CRS326-24S+2Q+RM

MTU 9000 + VLAN = L2 MTU 9022
9022 ?
by Zacharias
Mon Jul 18, 2022 11:03 am
Forum: General
Topic: CRS354-48P-4S+2Q+ traffic problem on ports 1 to 8
Replies: 427
Views: 120544

Re: CRS354-48P-4S+2Q+ traffic problem on ports 1 to 8

I ve installed a CRS354 recently, not fully loaded yet, just a couple of ethernet ports and an SFP+ port.
I ve not seen any port flapping...
Versions 6.49.6
VLANs are used on the CRS...
by Zacharias
Fri Jul 15, 2022 8:55 pm
Forum: RouterBOARD hardware
Topic: VPN With Android
Replies: 9
Views: 8077

Re: VPN With Android

You shouldn't be using PPTP anyways since it is not a safe VPN protocol.
You can search in the manual other VPN protocols https://help.mikrotik.com/docs/display/ROS/RouterOS
You could use among others L2TP/IPsec, Wireguard, OVPN etc...
by Zacharias
Fri Jul 15, 2022 8:41 pm
Forum: Beginner Basics
Topic: Mangle rules [SOLVED]
Replies: 2
Views: 773

Re: Mangle rules [SOLVED]

We conclude that for that destination address the Routing Table that will be used ( if reachable ) is named VPN... If the rule is matched, since passthrough is checked it will proceed to the next rule... When you use the mark-routing parameter you create a new routing mark for a particular packet an...
by Zacharias
Fri Jul 15, 2022 8:28 pm
Forum: Beginner Basics
Topic: Hardware offload in 7.3.1 on Hex S
Replies: 11
Views: 3743

Re: Hardware offload in 7.3.1 on Hex S

Here you can see the devices that support L3 Hardware Offload
https://help.mikrotik.com/docs/display/ ... iceSupport
by Zacharias
Fri Jul 15, 2022 5:11 pm
Forum: General
Topic: Linnk flapping protection
Replies: 6
Views: 697

Re: Linnk flapping protection

maybe is doable with scripting
I will agree on that...
by Zacharias
Fri Jul 15, 2022 5:01 pm
Forum: General
Topic: Linnk flapping protection
Replies: 6
Views: 697

Re: Linnk flapping protection

As far as i know there is no Link Flap Prevention in MikroTik.
by Zacharias
Thu Jul 14, 2022 11:22 pm
Forum: General
Topic: three pppoe client in (switch-mikrotik) [SOLVED]
Replies: 19
Views: 2140

Re: three pppoe client in (switch-mikrotik) [SOLVED]

That is ok. They inherit the MAC of the interface they run on... I noticed on your other switch, you have set the PVID value... However, we set the PVID value on Access Ports... Between the other switch and the MikroTIK, you have a Trunk Port, meaning a port that passes multiple VLANs. So on your ot...
by Zacharias
Thu Jul 14, 2022 10:21 pm
Forum: RouterBOARD hardware
Topic: CCR1009-8G-1S-1S+ Reboot Kernel Failure
Replies: 3
Views: 771

Re: CCR1009-8G-1S-1S+ Reboot Kernel Failure

Do they have the latest version 7.3.1 ?
by Zacharias
Thu Jul 14, 2022 10:18 pm
Forum: General
Topic: Linnk flapping protection
Replies: 6
Views: 697

Re: Linnk flapping protection

Is the port flapping frequent or not ?
flap protection
Does something like that exist ? :?:
by Zacharias
Thu Jul 14, 2022 9:53 pm
Forum: General
Topic: three pppoe client in (switch-mikrotik) [SOLVED]
Replies: 19
Views: 2140

Re: three pppoe client in (switch-mikrotik) [SOLVED]

/interface vlan add interface=sfp2 name=ISP1 vlan-id=201 add interface=sfp2 name=ISP2 vlan-id=202 add interface=sfp2 name=ISP3 vlan-id=203 The above code is enough for the PPPoE client to Run on those Vlan interfaces, ISP1, ISP2 and ISP3. e.g. /interface pppoe-client add disabled=no interface=ISP1 ...
by Zacharias
Thu Jul 14, 2022 9:04 pm
Forum: General
Topic: Which router fits my needs?
Replies: 9
Views: 908

Re: Which router fits my needs?

I agree with @chechito,
I don't think you can directly connect the Fiber on your device bypassing the ONT of your provider...
by Zacharias
Thu Jul 14, 2022 12:01 am
Forum: General
Topic: Which router fits my needs?
Replies: 9
Views: 908

Re: Which router fits my needs?

The RB5009 would be a good choice...
It has an SFP+ port and a 2.5Gbps Ethernet Port...
The newer model has POE in/out on all of its ports as well https://mikrotik.com/product/rb5009upr_s_in
by Zacharias
Wed Jul 13, 2022 11:43 pm
Forum: RouterBOARD hardware
Topic: RB5009UP wrong description/datasheet?
Replies: 18
Views: 1834

Re: RB5009UP wrong description/datasheet?

To my knowledge there is no handshake on Passive POE. Only a resistance check ( detection process ), and if the PSE detects that there is a PD connected that meets the resistance requirements it will supply with Voltage the Device connected... However, on POE af,at,bt etc, after the detection proces...
by Zacharias
Wed Jul 13, 2022 10:10 pm
Forum: General
Topic: three pppoe client in (switch-mikrotik) [SOLVED]
Replies: 19
Views: 2140

Re: three pppoe client in (switch-mikrotik) [SOLVED]

I connect to the mikrotik, in the sfp port of the mikrotik I create three vlans (isp1 id=201, isp2 id=202 , isp3 id=203) I create a pppoe-client for those three vlans That is correct... But are you sure those VLANs are passed correctly from the Switch to the MikroTik ? e.g. is the Vlan configuratio...
by Zacharias
Wed Jul 13, 2022 10:01 pm
Forum: RouterBOARD hardware
Topic: RB5009UP wrong description/datasheet?
Replies: 18
Views: 1834

Re: RB5009UP wrong description/datasheet?

In passive POE there is no handshake procedure... so no POE classification...
But i' ve not seen any af device running on 24V... That is why i asked if there is any reference on that ....
by Zacharias
Wed Jul 13, 2022 9:31 pm
Forum: General
Topic: Split DNS / Wesbite won't open
Replies: 13
Views: 1295

Re: Split DNS / Wesbite won't open

Not even that! Both static and dynamic servers are used in a round-robin fashion Well that's what the manual say in the first paragraph... When both static and dynamic servers are set, static server entries are more preferred, however, it does not indicate that static server will always be used (fo...
by Zacharias
Wed Jul 13, 2022 9:28 pm
Forum: RouterBOARD hardware
Topic: RB5009UP wrong description/datasheet?
Replies: 18
Views: 1834

Re: RB5009UP wrong description/datasheet?

The "48" is jus a standard de-facto, but can be 30W at 24V and still 802.3at...
Any reference on that ?
by Zacharias
Wed Jul 13, 2022 4:42 pm
Forum: Beginner Basics
Topic: tools/mac-winbox feature not working
Replies: 10
Views: 1101

Re: tools/mac-winbox feature not working

/ip address add address=192.168.1.100/24 comment=defconf interface=sfp-sfpplus1 network=\ 192.168.1.0 The IP address must be assigned on the Master interface, in your example it should be the Bridge interface itself... Other than that i can't seem to find another problem... The Layer2 problems you ...
by Zacharias
Wed Jul 13, 2022 3:40 pm
Forum: Wireless Networking
Topic: CUBE 60PRO AC
Replies: 28
Views: 3717

Re: CUBE 60PRO AC

@rextended thanks...
SA mean Sector Antenna
:shock:
You ' re right...
by Zacharias
Wed Jul 13, 2022 3:35 pm
Forum: RouterBOARD hardware
Topic: RB5009UP wrong description/datasheet?
Replies: 18
Views: 1834

Re: RB5009UP wrong description/datasheet?

Ok, but then they should mention that passive PoE is supported in datasheet. They only wrote 802.3af/at everywhere.
All power options support a wide voltage range of 24 – 57 V
https://mikrotik.com/product/rb5009upr_s_in
by Zacharias
Wed Jul 13, 2022 2:27 pm
Forum: Wireless Networking
Topic: CUBE 60PRO AC
Replies: 28
Views: 3717

Re: CUBE 60PRO AC

11° (+/- 5,5°) the non-SA and 60° (+/-30°) the SA
@rextended, any chance you know what "SA" stands for ?
Also i can't find in the manual the +/- 5,5° and the +/-30°, so what do you mean by that ?
by Zacharias
Wed Jul 13, 2022 2:14 pm
Forum: General
Topic: Split DNS / Wesbite won't open
Replies: 13
Views: 1295

Re: Split DNS / Wesbite won't open

I agree with @pe1chl,
The only excemption in terms of priority would be between static and dynamic DNS entries, where the static are more prefered, but that does not indicate that the static will always be used...
https://help.mikrotik.com/docs/display/ROS/DNS
by Zacharias
Thu Jul 07, 2022 4:37 pm
Forum: Wireless Networking
Topic: wsAP ac lite current_too_low
Replies: 5
Views: 786

Re: wsAP ac lite current_too_low

I would suspect the cables, are they copper or CCA? What exact cable is used?
I would agree on that too...
Check the cable termination too...
by Zacharias
Thu Jul 07, 2022 2:06 pm
Forum: General
Topic: VLAN on a bridge with a physical interface
Replies: 7
Views: 928

Re: VLAN on a bridge with a physical interface

The recommended method ( in terms of hardware performance ) for that particular device, is the switch menu, since that way you will not loose the Hardware offload on your Bridge interface...
Other than that, you can use the Bridge VLAN filtering, but you will certainly have a performance drop...
by Zacharias
Wed Jul 06, 2022 11:07 pm
Forum: Beginner Basics
Topic: Script cloud-backup notification [SOLVED]
Replies: 17
Views: 2097

Re: Script cloud-backup notification [SOLVED]

You can send a .backup file or .rsc through Emails too...
e.g. using a script you can create those backup files and then from the MikroTik send them to an email account of yours automatically...

Example viewtopic.php?t=146575
by Zacharias
Wed Jul 06, 2022 9:27 pm
Forum: Wireless Networking
Topic: mAP (not Lite) unstable WiFi issue
Replies: 4
Views: 711

Re: mAP (not Lite) unstable WiFi issue

/interface wireless set [ find default-name=wlan1 ] band=2ghz-b/g/n channel-width=20/40mhz-XX default-forwarding=no disabled=no distance=indoors frequency=auto installation=indoor mode=ap-bridge name=wlan2.4 security-profile=wpa2 ssid=map \ wireless-protocol=802.11 From your code above, set the ban...
by Zacharias
Wed Jul 06, 2022 9:23 pm
Forum: General
Topic: Personal monologue: A Question About Token Bucket Size
Replies: 89
Views: 5046

Re: A Question About Token Bucket Size

@rextended ok i understand ...
by Zacharias
Wed Jul 06, 2022 9:09 pm
Forum: General
Topic: VLAN on a bridge with a physical interface
Replies: 7
Views: 928

Re: VLAN on a bridge with a physical interface

I have multiple bridges setup on a RB960 To me that defeats the purpose of VLANs... RB960 supports VLANs under the Switch menu... So why would you make multiple Bridges ? If you enable VLAN filtering everything will be done in software in that specific device ... Also, when multiple Bridges are cre...
by Zacharias
Wed Jul 06, 2022 8:13 pm
Forum: General
Topic: Problems with DHCP from Mikrotik Device with WiFi WheatherStation
Replies: 15
Views: 1492

Re: Problems with DHCP from Mikrotik Device with WiFi WheatherStation

and set the lease time to 100 years.
:lol:
Really ?

To me, if it was a lease renewal problem it would occur in exactly 12 hours and not in 12 hours and 5 minutes...
But yes, assigning a static lease might be a solution ...
by Zacharias
Wed Jul 06, 2022 8:10 pm
Forum: Wireless Networking
Topic: mAP (not Lite) unstable WiFi issue
Replies: 4
Views: 711

Re: mAP (not Lite) unstable WiFi issue

vlan-filtering=yes
Why ?
by Zacharias
Wed Jul 06, 2022 8:08 pm
Forum: General
Topic: Personal monologue: A Question About Token Bucket Size
Replies: 89
Views: 5046

Re: A Question About Token Bucket Size

I don't need to queue them to limit traffic
Then how ?
by Zacharias
Wed Jul 06, 2022 4:06 pm
Forum: RouterOS beta
Topic: CRS354-48P - CPU Slow after Upgrade to 7
Replies: 17
Views: 3402

Re: CRS354-48P - CPU Slow after Upgrade to 7

Is that so right? You should add the switch-cpu port also in /interface ethernet switch vlan and /interface ethernet switch egress-vlan-tag See again the Management access configuration in the Manual... https://help.mikrotik.com/docs/pages/viewpage.action?pageId=103841836#CRS1xx/2xxseriesswitchesex...
by Zacharias
Tue Jul 05, 2022 9:40 pm
Forum: RouterOS beta
Topic: CRS354-48P - CPU Slow after Upgrade to 7
Replies: 17
Views: 3402

Re: CRS354-48P - CPU Slow after Upgrade to 7

The CPU usage on your switches is still very very high...
Is there any other special configuration on the switches (that you excluded from the posted configuration above )?

For CRS1xx and CRS2xx devices read here https://help.mikrotik.com/docs/pages/vi ... =103841836
by Zacharias
Tue Jul 05, 2022 9:10 pm
Forum: RouterOS beta
Topic: CRS354-48P - CPU Slow after Upgrade to 7
Replies: 17
Views: 3402

Re: CRS354-48P - CPU Slow after Upgrade to 7

Are all the switches (with the port flapping issue ) CRS354 ?

Also can you please mention the CPU usage improvement ?
by Zacharias
Tue Jul 05, 2022 8:55 pm
Forum: General
Topic: Limit traffic in specific port
Replies: 20
Views: 2174

Re: Limit traffic in specific port

:lol:
I mean the number sequence indeed is different.. so at one point you are right...
But i was looking at the actual diagram ignoring the numbering...
by Zacharias
Tue Jul 05, 2022 8:48 pm
Forum: RouterOS beta
Topic: CRS354-48P - CPU Slow after Upgrade to 7
Replies: 17
Views: 3402

Re: CRS354-48P - CPU Slow after Upgrade to 7

The Bridge should and must be added as Tagged member for those VLANs that need to have access to the CPU ( IP services and more )... In the case of a Switch, that is the Management VLAN... A switch handles Layer 2 traffic... So you only have the Management VLAN as Layer 3 traffic that needs the Brid...
by Zacharias
Tue Jul 05, 2022 8:34 pm
Forum: General
Topic: Limit traffic in specific port
Replies: 20
Views: 2174

Re: Limit traffic in specific port

@rextended the diagram is the same :D
@sindy, right...
by Zacharias
Tue Jul 05, 2022 8:22 pm
Forum: General
Topic: Limit traffic in specific port
Replies: 20
Views: 2174

Re: Limit traffic in specific port

Maybe you mean that the packets will pass through the prerouting, forward and postrouting chains while still in the Bridge ?
https://help.mikrotik.com/docs/display/ ... dgeForward
by Zacharias
Tue Jul 05, 2022 8:11 pm
Forum: RouterOS beta
Topic: CRS354-48P - CPU Slow after Upgrade to 7
Replies: 17
Views: 3402

Re: CRS354-48P - CPU Slow after Upgrade to 7

Although there is no relation between the VLANs and the SFP flapping, i can certainly see you have enabled Bridge VLAN filtering now... :D
Is there any improvement on the CPU usage now ?
by Zacharias
Tue Jul 05, 2022 8:06 pm
Forum: General
Topic: Limit traffic in specific port
Replies: 20
Views: 2174

Re: Limit traffic in specific port

how do you deal with the havoc it causes on NAT?
@sindy, what do you mean ?
by Zacharias
Tue Jul 05, 2022 4:46 pm
Forum: General
Topic: Client isolation within VLAN and fast roaming [SOLVED]
Replies: 67
Views: 10515

Re: Client isolation within VLAN and fast roaming [SOLVED]

What should be mentioned about Bridge Horizon is that its a software feature and disables hardware offloading when used on hardware offloaded ports... which is not relevant on APs has they don't offer this on WLAN interfaces The only question remaining is, do you have to do this on devices, e.g. a ...
by Zacharias
Tue Jul 05, 2022 4:04 pm
Forum: General
Topic: mikrotik 5009 not booting
Replies: 7
Views: 730

Re: mikrotik 5009 not booting

Yep, I've tried Netinstall, I can't see Device after resetting
Did you actually netinstall the device ?
And after that the problem persists ?
by Zacharias
Tue Jul 05, 2022 4:03 pm
Forum: General
Topic: Limit traffic in specific port
Replies: 20
Views: 2174

Re: Limit traffic in specific port

:lol:
I just want to understand what type of traffic the OP wants to limit...
by Zacharias
Tue Jul 05, 2022 3:54 pm
Forum: RouterOS beta
Topic: CRS354-48P - CPU Slow after Upgrade to 7
Replies: 17
Views: 3402

Re: CRS354-48P - CPU Slow after Upgrade to 7

Since Bridge VLAN filtering is not enabled ( and CRS3xx devices support bridge VLAN filtering in Hardware ) all the VLAN handling is done in software to the CRS...
by Zacharias
Tue Jul 05, 2022 3:49 pm
Forum: General
Topic: mikrotik 5009 not booting
Replies: 7
Views: 730

Re: mikrotik 5009 not booting

Thats what i think too...
by Zacharias
Tue Jul 05, 2022 3:40 pm
Forum: RouterOS beta
Topic: CRS354-48P - CPU Slow after Upgrade to 7
Replies: 17
Views: 3402

Re: CRS354-48P - CPU Slow after Upgrade to 7

Since then we have massive problems with SFP. What kind of problem ? But the CPU runs almost permanently at 100% So its always stuck at 100% ? Also i think you could configure your VLANs in a better way... Although adding VLAN interfaces as Bridge ports is not wrong, there are cases it could cause ...
by Zacharias
Tue Jul 05, 2022 3:30 pm
Forum: General
Topic: Limit traffic in specific port
Replies: 20
Views: 2174

Re: Limit traffic in specific port

What is connected on ether 4 ?
by Zacharias
Tue Jul 05, 2022 3:15 pm
Forum: General
Topic: mikrotik 5009 not booting
Replies: 7
Views: 730

Re: mikrotik 5009 not booting

Its not booting or it does a boot loop ?
by Zacharias
Tue Jul 05, 2022 3:09 pm
Forum: General
Topic: Client isolation within VLAN and fast roaming [SOLVED]
Replies: 67
Views: 10515

Re: Client isolation within VLAN and fast roaming [SOLVED]

What should be mentioned about Bridge Horizon is that its a software feature and disables hardware offloading when used on hardware offloaded ports...
by Zacharias
Tue Jul 05, 2022 3:03 pm
Forum: General
Topic: VPN does not allow multiple connections from single IP
Replies: 6
Views: 2664

Re: VPN does not allow multiple connections from single IP

As @sindy said, they need 3rd party software, but they are easy to use...

Also in v7 the RB4011 supports VLAN in Hardware using Bridge VLAN filtering, in case you need them in the future... Its out of the scope of your question but since i mentioned ROS v7 i think it should be mentioned...
by Zacharias
Tue Jul 05, 2022 2:56 pm
Forum: Beginner Basics
Topic: Script cloud-backup notification [SOLVED]
Replies: 17
Views: 2097

Re: Script cloud-backup notification [SOLVED]

I recently did a backup and I could restore this in the another manually, I had no problem I never said it can't be done.. Read the first paragraph here https://wiki.mikrotik.com/wiki/Manual:System/Backup System's backup file also contain the device's MAC addresses, which are also restored when the...
by Zacharias
Mon Jul 04, 2022 9:08 pm
Forum: Wireless Networking
Topic: RBLtAP-2HnD LTE interface missing
Replies: 0
Views: 574

RBLtAP-2HnD LTE interface missing

I have a RBLtAP-2HnD in a production environment... The device regularly loses the LTE interface completely, the interface disappears... A reboot only " fixes " the problem... The device has Ros and firmware at 7.3.1 .. Modem firmware also updated to the latest v 033... Anyone had any simi...
by Zacharias
Mon Jul 04, 2022 7:51 pm
Forum: Beginner Basics
Topic: Script cloud-backup notification [SOLVED]
Replies: 17
Views: 2097

Re: Script cloud-backup notification [SOLVED]

It is not suggested to use a .backup file to another device...
by Zacharias
Mon Jul 04, 2022 7:47 pm
Forum: General
Topic: VPN does not allow multiple connections from single IP
Replies: 6
Views: 2664

Re: VPN does not allow multiple connections from single IP

I guess you mean RB2011...
I would use another VPN protocol, on V7 you have many nice choices like wireguard and OVPN with UDP support...
by Zacharias
Sun Jul 03, 2022 11:20 pm
Forum: General
Topic: Virus attack on the router
Replies: 5
Views: 972

Re: Virus attack on the router

You could create an address list with specific IP addresses that can access the router either with winbox, telnet or SSH and exclude that IP from the allowed ones... This would require a correct firewall configuration... Also, you could set the allowed IPs under ip/services for ssh, telnet, winbox e...
by Zacharias
Sun Jul 03, 2022 11:16 pm
Forum: General
Topic: Unable to reset Mikrotik hEX and faulty IP
Replies: 10
Views: 4080

Re: Unable to reset Mikrotik hEX and faulty IP

Also, do not press the reset button before applying power - doing so would switch to a backup bootloader which is usually not what you need.
It will switch to the backup bootloader but the device can still be reset with no problems...
by Zacharias
Sun Jul 03, 2022 10:16 pm
Forum: General
Topic: Unable to reset Mikrotik hEX and faulty IP
Replies: 10
Views: 4080

Re: Unable to reset Mikrotik hEX and faulty IP

169.254.x.y/16 simply means that you do not get an address from the DHCP server because it is unavailable for any reasons... so it is not a faulty address... you can learn more about it by searching for "Automatic Private IP Addressing"... Did you try to connect the hap to another computer...
by Zacharias
Sun Jul 03, 2022 10:07 pm
Forum: General
Topic: poe ports in mikrotik router 951ui
Replies: 2
Views: 417

Re: poe ports in mikrotik router 951ui

The device has a POE in and a POE out port...
What exactly is the question ?
by Zacharias
Sun Jul 03, 2022 9:39 pm
Forum: General
Topic: Mangle Rules vs QueueTree - 0 packts on the latter [SOLVED]
Replies: 6
Views: 1023

Re: Mangle Rules vs QueueTree - 0 packts on the latter [SOLVED]

thanks for the follow up Zacharias, is there any conflict on setting this in the parent queue? i can probably try reverting to *default*, and see if there is any change...
No there is no conflict, it simply does nothing... you can test and see how it goes...
by Zacharias
Sun Jul 03, 2022 9:02 pm
Forum: Beginner Basics
Topic: Add ovpn interfaces to LAN list
Replies: 1
Views: 737

Re: Add ovpn interfaces to LAN list

You can create a PPP profile, and in that profile you can specify the list you want those PPP clients that use that profile to be added... Example: ppp/profile/add name=ppp-profile interface-list=LAN local-address=192.168.0.1 remote-address=192.16 8.0.2 and then interface/ovpn-client/add name=ovpn p...
by Zacharias
Sun Jul 03, 2022 8:55 pm
Forum: General
Topic: Mangle Rules vs QueueTree - 0 packts on the latter [SOLVED]
Replies: 6
Views: 1023

Re: Mangle Rules vs QueueTree - 0 packts on the latter [SOLVED]

Not relevant to the initial question but,
as in the simple queues with a parent-child setup, the queue type should be set on the child queues and not on the parent...
Unless i don't remember correctly... :D
by Zacharias
Sun Jul 03, 2022 7:30 pm
Forum: Beginner Basics
Topic: which router has a sound option and which does not [SOLVED]
Replies: 15
Views: 1814

Re: Playing sounds problem [SOLVED]

Yesterday I bought a hAP ac³ which is not cheap and with great disappointment I found that it does not play sounds
Why do you need a beeper ?
by Zacharias
Thu Jun 30, 2022 10:21 am
Forum: General
Topic: Simple Queue Counts Traffic twice on VLAN interface [SOLVED]
Replies: 6
Views: 1189

Re: Simple Queue Counts Traffic twice on VLAN interface [SOLVED]

Could it be that this particular CAP is talking to the CAPsMAN using L3 rather than L2 @sindy indeed that was the case causing the double traffic counting... However, ( i' ve noticed that in the past too ), setting an Upload/Download Max Limit to Unlimited does not work... Either on a Parent-child ...
by Zacharias
Wed Jun 29, 2022 8:45 pm
Forum: General
Topic: Simple Queue Counts Traffic twice on VLAN interface [SOLVED]
Replies: 6
Views: 1189

Re: Simple Queue Counts Traffic twice on VLAN interface [SOLVED]

I could try that yes, thanks... However, now i was looking on another network with similar setup ( more complex though ) and multiple VLANs, i do use L3 again ( i prefer it ) for communication between CAP and CapsMan i do not observe the same behavior... And the address of the CAP fits in the target...
by Zacharias
Wed Jun 29, 2022 8:34 pm
Forum: General
Topic: Simple Queue Counts Traffic twice on VLAN interface [SOLVED]
Replies: 6
Views: 1189

Re: Simple Queue Counts Traffic twice on VLAN interface [SOLVED]

Could it be that this particular CAP is talking to the CAPsMAN using L3 rather than L2 (i.e. /caps-man remote-cap print shows its IP address rather than its MAC address) and the IP address of the CAP fits into the target of the queue? Why its always that simple ? You 're most probably right... Any ...
by Zacharias
Tue Jun 28, 2022 11:08 pm
Forum: General
Topic: Simple Queue Counts Traffic twice on VLAN interface [SOLVED]
Replies: 6
Views: 1189

Simple Queue Counts Traffic twice on VLAN interface [SOLVED]

Hi, I recently noticed that a simple queue: /queue simple add max-limit=10M/100M name=test queue=\ pcq-upload-default/pcq-download-default target=\ 192.168.23.0/24,192.168.11.0/24 Would count the traffic twice on a Capsman VLAN interface: /interface vlan add interface=bridge name=vlan23 vlan-id=23 /...
by Zacharias
Tue Jun 21, 2022 3:31 pm
Forum: General
Topic: Load Balance PCC math [SOLVED]
Replies: 6
Views: 2011

Re: Load Balance PCC math [SOLVED]

@sindy thats just to ballance the weight equally ?
by Zacharias
Sun Jun 19, 2022 8:40 pm
Forum: Beginner Basics
Topic: LTE + Ether1 gateway [SOLVED]
Replies: 8
Views: 1562

Re: LTE + Ether1 gateway [SOLVED]

The simplest thing you could do is create a second bridge for wlan1 and wlan2, assign an IP address to that bridge ( different from the one used now ), create a DHCP server on that bridge, and then on policy routing rules for that subnet use as table your ISP2 table.
by Zacharias
Fri Jun 17, 2022 4:53 pm
Forum: General
Topic: ADSL PPPOE on the modem or RB941-2nD [SOLVED]
Replies: 8
Views: 1169

Re: ADSL PPPOE on the modem or RB941-2nD [SOLVED]

Revet back to 6.48.6.

Is like you want install Windows 11 on a old Pentium with 1GB of RAM and 1GB of HDD...
:lol:
I will agree...
by Zacharias
Fri Jun 17, 2022 4:38 pm
Forum: Beginner Basics
Topic: VLANs on Wireless
Replies: 2
Views: 905

Re: VLANs on Wireless

R2 adds a tag to what ingresses through the wireless interface using its wireless driver settings... Thats why R2 handles wlan1 and wlan2 traffic as tagged... /interface bridge vlan add bridge=bridge1 tagged=ether2,wlan1 vlan-ids=111 You could as well treat the wireless interface as your ethernet po...
by Zacharias
Fri Jun 17, 2022 2:51 pm
Forum: General
Topic: Wan Bonding / carrier aggregation not load blancing
Replies: 13
Views: 1842

Re: Wan Bonding / carrier aggregation not load blancing

No, it rejects the part where the MRRU of e.g.1600 Byte is requested, then it falls back to 1480 ...
by Zacharias
Fri Jun 17, 2022 2:05 pm
Forum: General
Topic: Wan Bonding / carrier aggregation not load blancing
Replies: 13
Views: 1842

Re: Wan Bonding / carrier aggregation not load blancing

I can see the configuration reject on wireshark when there is a mismatch on the MRRU on any side under LCP protocol...
Any other interesting part i should look into ?
by Zacharias
Fri Jun 17, 2022 1:15 pm
Forum: General
Topic: Wan Bonding / carrier aggregation not load blancing
Replies: 13
Views: 1842

Re: Wan Bonding / carrier aggregation not load blancing

@sindy in general i know that the MRU during the negotiation process is calculated depending on the ppp max payload received compared to the MTU and depending on the sizes the max mru will be calculated...

I am interested to any extra info or reference you have...
by Zacharias
Fri Jun 17, 2022 11:08 am
Forum: General
Topic: Wan Bonding / carrier aggregation not load blancing
Replies: 13
Views: 1842

Re: Wan Bonding / carrier aggregation not load blancing

That's what i mean, it is pointless if not supported by both sides....
Have you ever wondered why MRU is specified for PPP* interfaces?
You mean MRRU?
why ?
by Zacharias
Fri Jun 17, 2022 10:52 am
Forum: General
Topic: Wan Bonding / carrier aggregation not load blancing
Replies: 13
Views: 1842

Re: Wan Bonding / carrier aggregation not load blancing

@sindy, how can you specify mrru if you don't know the mrru being used from the other side ? or even if it supports it ?
by Zacharias
Fri Jun 17, 2022 9:52 am
Forum: Beginner Basics
Topic: Invalid forward packets between bridge VLAN [SOLVED]
Replies: 7
Views: 1422

Re: Invalid forward packets between bridge VLAN [SOLVED]

Thanks @mkx, now i do understand...
by Zacharias
Fri Jun 17, 2022 9:06 am
Forum: General
Topic: Upgrade hapAC3 RouterOS 6 to 7. No access to the router.
Replies: 11
Views: 882

Re: Upgrade hapAC3 RouterOS 6 to 7. No access to the router.

So any device with a USB port, could be accessed just using a usb cable ?
I thought it was only possible when a console port existed ...
by Zacharias
Fri Jun 17, 2022 9:03 am
Forum: Beginner Basics
Topic: LTE + Ether1 gateway [SOLVED]
Replies: 8
Views: 1562

Re: LTE + Ether1 gateway [SOLVED]

First seperate the networks of the two ISPs, as you mention both are on the network 192.168.8.0...
The simplest thing you can do is routing rules... https://help.mikrotik.com/docs/pages/vi ... d=59965508
by Zacharias
Fri Jun 17, 2022 8:58 am
Forum: Wireless Networking
Topic: Help with VLAN on LHG5 Dish
Replies: 4
Views: 609

Re: Help with VLAN on LHG5 Dish

That sounds correct ( i mean that it doesn't work )
You ve added vlan13 on ether1, so what egresses ether1 will have a tag applied.

Since you have a bridge i would advise you to set the vlan direcly on the bridge interface ( supposing ether1 is member of the bridge ) and test again ...
by Zacharias
Fri Jun 17, 2022 8:52 am
Forum: General
Topic: Upgrade hapAC3 RouterOS 6 to 7. No access to the router.
Replies: 11
Views: 882

Re: Upgrade hapAC3 RouterOS 6 to 7. No access to the router.

@sindy hap ac3 seems to not have a console port...
So how that would be possible ?
by Zacharias
Thu Jun 16, 2022 11:25 pm
Forum: Beginner Basics
Topic: Invalid forward packets between bridge VLAN [SOLVED]
Replies: 7
Views: 1422

Re: Invalid forward packets between bridge VLAN [SOLVED]

@mkx, but isn't that an example of inter vlan routing ? If a device on e.g. vlan10 tries to reach a device on vlan20, and there is a Router that can route those vlans in between , then vlan10 device will successfully communicate with vlan20 device and vice versa . The way you explained it, i underst...
by Zacharias
Wed Jun 15, 2022 11:33 pm
Forum: Beginner Basics
Topic: LTe Speeds seem slow.
Replies: 1
Views: 439

Re: LTe Speeds seem slow.

RSSI = -25 dBm
RSRP = -59 dBm
SINR = 10 dB
RSRQ = -10 dB
RSRQ = -8.0 dB
Those values are good...
You don't mention what LTE device you' re using with what modem... ?
Also, ROS version, firmware version and modem version ?
by Zacharias
Wed Jun 15, 2022 11:04 pm
Forum: General
Topic: CRS328-4C-20S-4S+ console not working [SOLVED]
Replies: 15
Views: 1386

Re: CRS328-4C-20S-4S+ console not working [SOLVED]

someone did it on purpose so that they could remotely control that device via virtual serial ...
Could that be indeed possible ?
by Zacharias
Wed Jun 15, 2022 10:10 pm
Forum: General
Topic: CRS328-4C-20S-4S+ console not working [SOLVED]
Replies: 15
Views: 1386

Re: CRS328-4C-20S-4S+ console not working [SOLVED]

Yes, but the interesting part would be if we knew what was the reason it didn't work...
For example by a configuration export...
by Zacharias
Wed Jun 15, 2022 9:46 pm
Forum: Beginner Basics
Topic: Invalid forward packets between bridge VLAN [SOLVED]
Replies: 7
Views: 1422

Re: Invalid forward packets between bridge VLAN [SOLVED]

I don't understand what is the point of PVID 10 on your Trunk port ether9... Is there any type of untagged traffic generated from the Switch ( on the left ) where ether8 port belongs that you want to make member of Vlan10 on the right switch ? Even if there is a reason for doing that ( there might b...
by Zacharias
Wed Jun 15, 2022 4:23 pm
Forum: Beginner Basics
Topic: Access internally hosted services from within same network [SOLVED]
Replies: 2
Views: 579

Re: Access internally hosted services from within same network [SOLVED]

You don't need any NAT to access a local device within the same subnet...
by Zacharias
Tue Jun 14, 2022 10:33 pm
Forum: RouterBOARD hardware
Topic: LTE module
Replies: 3
Views: 805

Re: LTE module

Did you upgrade the firmware too or only the ROS ?
by Zacharias
Tue Jun 14, 2022 10:26 pm
Forum: General
Topic: Winbox creates add.txt file on desktop [SOLVED]
Replies: 6
Views: 895

Re: Winbox creates add.txt file on desktop [SOLVED]

Never seen that...
by Zacharias
Tue Jun 14, 2022 8:42 pm
Forum: General
Topic: Is VLAN's from Mikrotik Tagged or Untagged
Replies: 33
Views: 5664

Re: Is VLAN's from Mikrotik Tagged or Untagged

All of those VLANs (3500, 3508, 3510, 3518, 3520, 2528) will be tagged on egress/ingress on the physical interfaces.
They will be tagged on egress...
Not on ingress....

On egress a tag will be applied..
On ingress the vlan id will be checked and removed accordingly...
by Zacharias
Mon Jun 13, 2022 9:35 pm
Forum: General
Topic: Is VLAN's from Mikrotik Tagged or Untagged
Replies: 33
Views: 5664

Re: Is VLAN's from Mikrotik Tagged or Untagged

What egresses the above ports will have a Tag applied...
by Zacharias
Mon Jun 13, 2022 9:05 pm
Forum: General
Topic: Packet sniffer behaviour or wrong VLAN configuration
Replies: 6
Views: 728

Re: Packet sniffer behaviour or wrong VLAN configuration

All untagged packets entering port ether2 will get a Tag applied with VLAN id=10... So your computer becomes a member of Vlan 10.
All packets leaving port ether2 that match VID=10 will have the Tag stripped...
by Zacharias
Mon Jun 13, 2022 8:41 pm
Forum: General
Topic: RB4011 after upgrade from 7.1 to v7.3.1 cannot ping and into winbox.
Replies: 4
Views: 728

Re: RB4011 after upgrade from 7.1 to v7.3.1 cannot ping and into winbox.

If you can't connect through IP or MAC you can always use a console cable yes...
by Zacharias
Mon Jun 13, 2022 8:35 pm
Forum: General
Topic: Is VLAN's from Mikrotik Tagged or Untagged
Replies: 33
Views: 5664

Re: Is VLAN's from Mikrotik Tagged or Untagged

Export with hide-sensitive, remove manually any more sensitive info and post that configuration inside code tags...
by Zacharias
Mon Jun 13, 2022 8:09 pm
Forum: General
Topic: Packet sniffer behaviour or wrong VLAN configuration
Replies: 6
Views: 728

Re: Packet sniffer behaviour or wrong VLAN configuration

All ports except ether2 are configured as trunk ports... What goes out a trunk port will have a Tag applied, and what comes in must have a Tag... Your ether2 is an access port, so what goes out an access port will have its Tag removed... An exception of the above are the hybrid ports, but those do n...
by Zacharias
Mon Jun 13, 2022 3:50 pm
Forum: Beginner Basics
Topic: VLAN Assistance
Replies: 2
Views: 387

Re: VLAN Assistance

HAP AC2 has an Atheros8327 switch chip that does support VLAN Tables in hardware but only by configuring the Switch chip directly from the Switch menu. It does not support Bridge VLAN filtering in hardware. So its up to you to decide if you need it or not and what the performance impact might be in ...
by Zacharias
Thu Jun 09, 2022 8:50 pm
Forum: General
Topic: CRS112-8P-4S 100M with POE
Replies: 16
Views: 984

Re: CRS112-8P-4S 100M with POE

The mantbox for some reason does not advertise 1000M...
Did you try however to disable auto negotiation on both sides, and set the speed manually to 1000M full duplex, just for testing ?
by Zacharias
Thu Jun 09, 2022 5:33 pm
Forum: General
Topic: CRS112-8P-4S 100M with POE
Replies: 16
Views: 984

Re: CRS112-8P-4S 100M with POE

Are you sure that is the export ?
by Zacharias
Thu Jun 09, 2022 5:23 pm
Forum: General
Topic: CRS112-8P-4S 100M with POE
Replies: 16
Views: 984

Re: CRS112-8P-4S 100M with POE

What i can see from your picture is that the RBD22UGS does not advertise 1000M...
But on your export it shows that it does advertise 1000M.

Did you try to reset, if possible, the RBD22UGS and check again ?
by Zacharias
Thu Jun 09, 2022 5:16 pm
Forum: General
Topic: CRS112-8P-4S 100M with POE
Replies: 16
Views: 984

Re: CRS112-8P-4S 100M with POE

Distance between crs and RBD22UGS ?
by Zacharias
Thu Jun 09, 2022 5:14 pm
Forum: General
Topic: CRS112-8P-4S 100M with POE
Replies: 16
Views: 984

Re: CRS112-8P-4S 100M with POE

What is the question?
You are so correct on that :D ... I just guessed that probably the question is why there is no 1gbps advertising from the RBD22UGS
by Zacharias
Thu Jun 09, 2022 5:13 pm
Forum: General
Topic: sfp status blinking - why?
Replies: 3
Views: 887

Re: sfp status blinking - why?

Did you test the SFP on another device ?
by Zacharias
Thu Jun 09, 2022 5:08 pm
Forum: General
Topic: CRS112-8P-4S 100M with POE
Replies: 16
Views: 984

Re: CRS112-8P-4S 100M with POE

What is the export of the command interface/ethernet/print detail where name=ether3
by Zacharias
Thu Jun 09, 2022 3:10 pm
Forum: General
Topic: CRS3xx MAC-based-VLAN and DHCP-snooping issue
Replies: 8
Views: 1294

Re: CRS3xx MAC-based-VLAN and DHCP-snooping issue

As you can see from the manual, DHCP snooping does not work on Hardware offloaded bonded interfaces. https://help.mikrotik.com/docs/display/ROS/CRS3xx%2C+CRS5xx%2C+CCR2116%2C+CCR2216+switch+chip+features#CRS3xx,CRS5xx,CCR2116,CCR2216switchchipfeatures-DHCPSnoopingandDHCPOption82 Also, according to t...
by Zacharias
Wed Jun 08, 2022 10:04 pm
Forum: General
Topic: Info about Mikrotik CRS354-48P-4S+2Q+RM
Replies: 4
Views: 552

Re: Info about Mikrotik CRS354-48P-4S+2Q+RM

I totally agree with @sindy. Also take a look here https://mikrotik.com/product/crs354_48p_4s_2q_rm#fndtn-testresults You can see the routing performance of this device... The device has advanced switching capabilities.. i would not use it for routing purposes... I would suggest you a router for tha...
by Zacharias
Wed Jun 08, 2022 4:54 pm
Forum: General
Topic: CCR2216 ros v7.2.3 BGP . All optical interface are hanging after some times.
Replies: 5
Views: 1622

Re: CCR2216 ros v7.2.3 BGP . All optical interface are hanging after some times.

Form the image, appear a MTU error.
How can you tell that ?
Because of different l2mtu between qsfp and ether1 port ?
by Zacharias
Wed Jun 08, 2022 3:44 pm
Forum: RouterBOARD hardware
Topic: R11e-LTE6 failed firmware upgrade
Replies: 8
Views: 5291

Re: R11e-LTE6 failed firmware upgrade

Hello Probably after a failed firmware upgrade on R11e-LTE6 ,idon't see the "lte" interface. Is a possibility of recovery R11e-LTE6? Never had such an issue. What is the ROS version of your device ? You could try ROS v7 as well... Also what do you mean probably ? When you were upgrading t...
by Zacharias
Wed Jun 08, 2022 12:29 pm
Forum: General
Topic: CRS3xx MAC-based-VLAN and DHCP-snooping issue
Replies: 8
Views: 1294

Re: CRS3xx MAC-based-VLAN and DHCP-snooping issue

Take a look here https://help.mikrotik.com/docs/display/ROS/CRS3xx%2C+CRS5xx%2C+CCR2116%2C+CCR2216+switch+chip+features#CRS3xx,CRS5xx,CCR2116,CCR2216switchchipfeatures-DHCPSnoopingandDHCPOption82 DHCP snooping does not work on hardware offloaded Bonding interfaces... And 802.3ad ( as well as XoR )is...
by Zacharias
Sat Jun 04, 2022 7:08 pm
Forum: General
Topic: External LTE Backup Link
Replies: 10
Views: 1326

Re: External LTE Backup Link

am I right in assuming this would be the MAC of the port it connects to on the hEX?
yes

Your problem seems to be DNS related... But since i 've seen no configuration, it might as well be some misconfiguration on the LTE device or the Router...
by Zacharias
Thu Jun 02, 2022 7:55 pm
Forum: General
Topic: PCC and callback authentication issue
Replies: 6
Views: 633

Re: PCC and callback authentication issue

This happens even if with that website the pcc has been expliciy bypassed.
Can you post your PCC configuration ?
by Zacharias
Thu Jun 02, 2022 7:33 pm
Forum: Beginner Basics
Topic: Disabled some firewall rules and couldn't access the router anymore
Replies: 5
Views: 1059

Re: Disabled some firewall rules and couldn't access the router anymore

I guess I need to use the serial port
Correct...
Personally, i always have a serial cable with me just in case... :D
by Zacharias
Thu Jun 02, 2022 7:31 pm
Forum: General
Topic: External LTE Backup Link
Replies: 10
Views: 1326

Re: External LTE Backup Link

However, I still only get IP through the LTE side as it refuses to resolve DNS (I can open Google.com using it's IP, but click on a link/URL and it says noooo :P) Am not really sure i understand. Who can not resolve a dns ? The LTE device itself ? The Router ? A computer connected on the network wh...
by Zacharias
Thu Jun 02, 2022 4:47 pm
Forum: General
Topic: External LTE Backup Link
Replies: 10
Views: 1326

Re: External LTE Backup Link

What i would do is, Create a /30 network between the Router and the LTE device, that would be my management VLAN. Then i would use either another VLAN for the passthrough or just the ethx interface. Then on the LTE device i would create a default route pointing to the Router, using the VLAN network....
by Zacharias
Thu Jun 02, 2022 3:59 pm
Forum: General
Topic: CRS3xx MAC-based-VLAN and DHCP-snooping issue
Replies: 8
Views: 1294

Re: CRS3xx MAC-based-VLAN and DHCP-snooping issue

Please draw a network diagram with at least your router, the CRS328 and any other device ( if any ) between them.
Then export with hide-sensitive the CRS's configuration and manually remove any other sensitive info from the config-export.
by Zacharias
Thu Jun 02, 2022 3:20 pm
Forum: Wireless Networking
Topic: No L2 connection between 2 wi-fi clients
Replies: 8
Views: 895

Re: No L2 connection between 2 wi-fi clients

No. I'm about VLAN 20. Check wireless access-list.
ok, i saw that now.
by Zacharias
Thu Jun 02, 2022 2:41 pm
Forum: Wireless Networking
Topic: No L2 connection between 2 wi-fi clients
Replies: 8
Views: 895

Re: No L2 connection between 2 wi-fi clients

Maybe you mean VLAN 30? Your config shows that the wireless cliesnts will be tagged and added to VLAN 30... Unless i miss something obvious. A comment about your VLANs, According to the manual On QCA8337 and Atheros8327 switch chips, a default vlan-header=leave-as-is property should be used. https:/...
by Zacharias
Mon May 30, 2022 10:15 pm
Forum: General
Topic: New to RouterOS
Replies: 3
Views: 398

Re: New to RouterOS

You can use CHRs along with GNS3 to help you simulate network topologies and test your configurations...
Indeed RB100 is a good Router.
by Zacharias
Mon May 30, 2022 9:13 pm
Forum: Wireless Networking
Topic: How to downgrade LTE firmware?
Replies: 4
Views: 2373

Re: How to downgrade LTE firmware?

I am not sure if you can downgrade.
Also read here viewtopic.php?t=172860
by Zacharias
Fri May 27, 2022 12:46 pm
Forum: General
Topic: Can't ping across VLans [SOLVED]
Replies: 2
Views: 685

Re: Can't ping across VLans [SOLVED]

What is your network topology ?
InterVLAN routing should and will work unless you ve manually blocked the communication or in cases of wrong VLAN configuration etc...
by Zacharias
Thu May 26, 2022 11:04 pm
Forum: Wireless Networking
Topic: Network a camera through RBWAPG-60AD-A [SOLVED]
Replies: 2
Views: 813

Re: Network a camera through RBWAPG-60AD-A [SOLVED]

If the question is whether you can connect the LAN side of Injector 1 to the LAN side of the Injector 2, yes.
by Zacharias
Tue May 24, 2022 11:02 pm
Forum: General
Topic: Card Payment machines do not work on 6.40 and above
Replies: 9
Views: 1675

Re: Card Payment machines do not work on 6.40 and above

With this i got some kind of success as the terminals CAN connect to the Wi-Fi but they instantly loose conection again. What does the log say about that on the WAP when you set /system/logging/add topics=wireless,debug action=memory and then you try to connect ? Also, check here https://wiki.mikro...
by Zacharias
Tue May 24, 2022 10:55 pm
Forum: General
Topic: LtAP mini LTE passthrough+ no internet
Replies: 7
Views: 1234

Re: LtAP mini LTE passthrough+ no internet

/ip address
add address=10.10.59.1/24 interface=ether2 network=10.10.59.0
Change it to
/ip address
add address=10.10.59.1/24 interface=bridge-local network=10.10.59.0
by Zacharias
Tue May 24, 2022 9:52 pm
Forum: RouterBOARD hardware
Topic: CRS112-8P-4S-IN/CRS305-1G-4S+IN Tandem Tray
Replies: 9
Views: 3015

Re: CRS112-8P-4S-IN/CRS305-1G-4S+IN Tandem Tray

What do you mean by modern ?

CRS3xx line.
ok, indeed CRS3xx are very very good...
by Zacharias
Tue May 24, 2022 2:18 pm
Forum: General
Topic: recomended mikrotik for 2 isp
Replies: 5
Views: 495

Re: recomended mikrotik for 2 isp

What are the network requirements ?
RB5009 is a good choice.. but there are other routers too https://mikrotik.com/products/group/ethernet-routers

One is enough, but in a more advanced scenrario, e.g. VRRP you could use two as well...
by Zacharias
Tue May 24, 2022 2:12 pm
Forum: General
Topic: CAPsMAN second vlan cant connect to internet
Replies: 7
Views: 574

Re: CAPsMAN second vlan cant connect to internet

Why do you have both :

add address=192.168.0.0/24 gateway=192.168.0.1
add address=192.168.0.0/14 gateway=192.168.1.1
by Zacharias
Tue May 24, 2022 1:54 pm
Forum: RouterBOARD hardware
Topic: CRS112-8P-4S-IN/CRS305-1G-4S+IN Tandem Tray
Replies: 9
Views: 3015

Re: CRS112-8P-4S-IN/CRS305-1G-4S+IN Tandem Tray

Looks good! And proof, that we need a short depth modern PoE switch.
What do you mean by modern ?
by Zacharias
Tue May 24, 2022 1:44 pm
Forum: General
Topic: Can't connect to Mikrotik from internet
Replies: 3
Views: 1324

Re: Can't connect to Mikrotik from internet

I agree with @mkx.
A VPN is suggested, or at least a port knocking mechanism...
by Zacharias
Sun May 22, 2022 8:32 pm
Forum: General
Topic: Switch port aggregation
Replies: 3
Views: 1565

Re: Switch port aggregation

I agree with @mkx... Also, i want to add that indeed CRS1xx does not support neither 802.3ad nor xor in hardware... According to the manual CRS3xx, CRS5xx series switches and CCR2116, CCR2216 support xor and 802.3ad bonding in hardware... https://help.mikrotik.com/docs/display/ROS/CRS3xx%2C+CRS5xx%2...
by Zacharias
Sat May 21, 2022 9:21 pm
Forum: Beginner Basics
Topic: Bonding Beginner [SOLVED]
Replies: 9
Views: 2632

Re: Bonding Beginner [SOLVED]

Looks like DS416play or alike.
Exactly...
It supports 802.3ad...
by Zacharias
Sat May 21, 2022 9:13 pm
Forum: RouterOS beta
Topic: Update RouterOS
Replies: 8
Views: 4171

Re: Update RouterOS

@winap, here is the changelog https://mikrotik.com/download/changelogs
You can see all the fixes and improvements that are made on V7 as far as the LTE is concerned... Its not always about performance only...
by Zacharias
Sat May 21, 2022 12:37 pm
Forum: RouterOS beta
Topic: protected-routerboot not enable in 7.2.3
Replies: 5
Views: 2378

Re: protected-routerboot not enable in 7.2.3

It is normal that it now asks to press the RESET button
Exactly, it was added on ROS v 6.49.1
*) routerboot - enabling "protected-routerboot" feature requires a press of a button;
https://mikrotik.com/download/changelogs
by Zacharias
Sat May 21, 2022 12:30 pm
Forum: RouterOS beta
Topic: Update RouterOS
Replies: 8
Views: 4171

Re: Update RouterOS

Personally i install ROS v7 on all the LTE devices i have in production since there are many improvements there...
by Zacharias
Sat May 21, 2022 11:53 am
Forum: General
Topic: Question regarding IKEv2/IPSEC route based
Replies: 15
Views: 5105

Re: Question regarding IKEv2/IPSEC route based

IPsec does not create any interfaces. so you can not manually create any routes as you would do with GRE for example.
by Zacharias
Sat May 21, 2022 11:41 am
Forum: Beginner Basics
Topic: Bonding Beginner [SOLVED]
Replies: 9
Views: 2632

Re: Bonding Beginner [SOLVED]

Remove ports ether1 and ether2 from the Bridge.
Then create the bonding interface with ports ether1 and ether2.
Finally, add the bonding interface to the Bridge.

As simple as that...
by Zacharias
Sat May 21, 2022 11:39 am
Forum: RouterBOARD hardware
Topic: External antenna on hAP or mAP
Replies: 11
Views: 1917

Re: External antenna on hAP or mAP

Also check Basebox (and the set of pigtail cables).
I like this suggestion.
by Zacharias
Wed May 18, 2022 8:36 pm
Forum: General
Topic: Bridge port egress stop STP/BPDU
Replies: 11
Views: 6646

Re: Bridge port egress stop STP/BPDU

Everything you need to know is here https://help.mikrotik.com/docs/display/ROS/Bridging+and+Switching#BridgingandSwitching-Createedgeports Create Edge ports so that you restrict the port from sending BPDUs and ignore the received ones : /interface bridge add name=bridge1 /interface bridge port add b...
by Zacharias
Wed May 18, 2022 8:29 pm
Forum: RouterBOARD hardware
Topic: External antenna on hAP or mAP
Replies: 11
Views: 1917

Re: External antenna on hAP or mAP

will sit hidden inside a grounded electrical cabinet -- which I can't imagine will result in good Wi-Fi experience.
What's the purpose of that ?
Managing another device ?
by Zacharias
Wed May 18, 2022 8:16 pm
Forum: General
Topic: PPPOE target
Replies: 9
Views: 823

Re: PPPOE target

Does that VLAN interface exist ?
by Zacharias
Wed May 18, 2022 4:56 pm
Forum: General
Topic: PPPOE target
Replies: 9
Views: 823

Re: PPPOE target

I think that is an indication of an unknown interface.
What did you set as target there? Maybe a dynamic interface ?
by Zacharias
Wed May 18, 2022 4:42 pm
Forum: RouterBOARD hardware
Topic: RB dead? netinstall completes but no signs of life after reboot
Replies: 5
Views: 905

Re: RB dead? netinstall completes but no signs of life after reboot

Maybe yes, maybe no...
What was the initial reason that led you to netInstall the device ?
by Zacharias
Wed May 18, 2022 11:00 am
Forum: Beginner Basics
Topic: Bonding Beginner [SOLVED]
Replies: 9
Views: 2632

Re: Bonding Beginner [SOLVED]

The error message indicates you exactly what the problem is.
The port members of a bonding must not be slave interfaces of the Bridge itself. When you create the Bond interface, add that bond to the Bridge.

Also read here https://help.mikrotik.com/docs/display/ ... ng-Summary
by Zacharias
Tue May 17, 2022 10:19 pm
Forum: General
Topic: DHCP assign static outside pool
Replies: 5
Views: 1079

Re: DHCP assign static outside pool

Create static leases...
by Zacharias
Tue May 17, 2022 10:12 pm
Forum: Beginner Basics
Topic: Lost "Management VLAN" access to switches [SOLVED]
Replies: 6
Views: 1298

Re: Lost "Management VLAN" access to switches [SOLVED]

It looks like they have no IP addresses set
They don't.

Your management VLAN is 99 and not VLAN 10.
For testing, set the PVID on the port of PC1 to 99, and then check again.. Do the switches have an IP now ?
by Zacharias
Tue May 17, 2022 9:57 pm
Forum: General
Topic: DHCP assign static outside pool
Replies: 5
Views: 1079

Re: DHCP assign static outside pool

but wondering if I can assign static leases/ips outside the dhcp server pool? But those IPs you specify are not outside the main DHCP pool... You can assign static leases to those devices... Let the DHCP assign an address to them, and then make it static and assign the IP you wish... On the Lease r...
by Zacharias
Tue May 17, 2022 9:53 pm
Forum: General
Topic: Ping -> multiple replies per request
Replies: 13
Views: 1702

Re: Ping -> multiple replies per request

@rextended thanks for your answer...
by Zacharias
Tue May 17, 2022 9:32 pm
Forum: General
Topic: Ping -> multiple replies per request
Replies: 13
Views: 1702

Re: Ping -> multiple replies per request

The 4-MAC problem on Wi-Fi...
What does that mean ?
by Zacharias
Tue May 17, 2022 9:20 pm
Forum: General
Topic: Ping -> multiple replies per request
Replies: 13
Views: 1702

Re: Ping -> multiple replies per request

To be honest its the first time i see this.
Do you get the same result if you ping any other external host for example ?
by Zacharias
Tue May 17, 2022 1:30 pm
Forum: General
Topic: Ping -> multiple replies per request
Replies: 13
Views: 1702

Re: Ping -> multiple replies per request

What do you mean ?
You have loss of ping replies ?
by Zacharias
Mon May 16, 2022 8:42 pm
Forum: RouterOS beta
Topic: PPPoE disconnected doesn't dial up auomatically
Replies: 9
Views: 3696

Re: PPPoE disconnected doesn't dial up auomatically

The pppoe tunnel, should and will go up as long as the pppoe server responds to the discovery messages of the pppoe client and all the stages get completed successfully.
https://wiki.mikrotik.com/wiki/Manual:I ... _Operation
by Zacharias
Fri May 13, 2022 4:50 pm
Forum: General
Topic: PoE Switch Options? [SOLVED]
Replies: 3
Views: 1056

Re: PoE Switch Options? [SOLVED]

Or a CRS328 if you need more than 8 ports.
by Zacharias
Thu May 12, 2022 9:45 pm
Forum: Beginner Basics
Topic: moving bridge vlan to switch vlan to use hw offload
Replies: 8
Views: 2275

Re: moving bridge vlan to switch vlan to use hw offload

I have tried this and I keep losing access to my dlink device, the moment that I enable vlan mode secure on the port
Can we see an export of your Switch configuration ?
by Zacharias
Thu May 12, 2022 9:39 pm
Forum: General
Topic: Connection tracking - forced off vs. auto off
Replies: 24
Views: 5949

Re: Connection tracking - forced off vs. auto off

ROS v 7.2, setting connection tracking to off created the exact same Dynamic entries in the RAW table too...
Instantly or after reboot?
Instantly...
by Zacharias
Wed May 11, 2022 10:33 pm
Forum: Beginner Basics
Topic: moving bridge vlan to switch vlan to use hw offload
Replies: 8
Views: 2275

Re: moving bridge vlan to switch vlan to use hw offload

Correct, on Atheros8327 you can not offload your VLANs on the Switch Chip using Bridge VLAN Filtering. The only way to offload them is to use VLANs on the Switch chip. how would you move this config from bridge vlan to switch vlan? This is how you can configure your VLANs on the switch chip: https:/...
by Zacharias
Wed May 11, 2022 8:25 pm
Forum: General
Topic: Connection tracking - forced off vs. auto off
Replies: 24
Views: 5949

Re: Connection tracking - forced off vs. auto off

ROS v 7.2, setting connection tracking to off created the exact same Dynamic entries in the RAW table too...
by Zacharias
Wed May 11, 2022 4:16 pm
Forum: Useful user articles
Topic: rb4011 With crs328 config
Replies: 11
Views: 3347

Re: rb4011 With crs328 config

our network is down help me please
How can actually someone help you with almost no valuable information provided ?
For example an export of your configurations with sensitive information removed and a more detailed analysis of what the problem is...
by Zacharias
Wed May 11, 2022 4:13 pm
Forum: General
Topic: Connection tracking - forced off vs. auto off
Replies: 24
Views: 5949

Re: Connection tracking - forced off vs. auto off

More info here https://wiki.mikrotik.com/wiki/Manual:I ... n_tracking
When set to no then connection tracking is disabled.
If set to auto then if you have a filter or Nat rule it will automatically get enabled.
by Zacharias
Wed May 11, 2022 3:55 pm
Forum: Beginner Basics
Topic: poor bridge/vlan throughput
Replies: 8
Views: 1527

Re: poor bridge/vlan throughput

CRS354 supports L3 hardware offload after ROS v7.1...
https://help.mikrotik.com/docs/display/ ... 2000Series
by Zacharias
Wed May 11, 2022 2:28 pm
Forum: Useful user articles
Topic: rb4011 With crs328 config
Replies: 11
Views: 3347

Re: rb4011 With crs328 config

how to make the configuration to emit a wifi zone?
If by that you mean a seperate network, then you can use VLANs.
by Zacharias
Wed May 11, 2022 2:24 pm
Forum: Beginner Basics
Topic: poor bridge/vlan throughput
Replies: 8
Views: 1527

Re: poor bridge/vlan throughput

What is the device model you are using ?
by Zacharias
Wed May 11, 2022 1:40 pm
Forum: Beginner Basics
Topic: allowing traffic between vlans
Replies: 5
Views: 2843

Re: allowing traffic between vlans

Can you show a network diagram of your topology and point on the traffic that you assume it is blocked ?
by Zacharias
Wed May 11, 2022 9:53 am
Forum: General
Topic: CRS328-24G-2S+ dhcp issues ether 1
Replies: 11
Views: 1037

Re: CRS328-24G-2S+ dhcp issues ether 1

Indeed...
I have not noticed that...
by Zacharias
Wed May 11, 2022 9:46 am
Forum: General
Topic: CRS328-24G-2S+ dhcp issues ether 1
Replies: 11
Views: 1037

Re: CRS328-24G-2S+ dhcp issues ether 1

When ask something like that, remember to the user to remove sensitive data inside the posted config...
But isn't that what hide-sensitive does ?
  • 1
  • 2
  • 3
  • 4
  • 5
  • 12