Community discussions

MikroTik App

Search found 37 matches

by pacmen
Tue Feb 23, 2021 6:05 pm
Forum: General
Topic: Best Bandwidth Throttling Solution
Replies: 11
Views: 1351

Re: Best Bandwidth Throttling Solution

Amazing
by pacmen
Sat Feb 13, 2021 9:44 pm
Forum: Virtualization
Topic: CHR on Proxmox optimization.
Replies: 1
Views: 435

Re: CHR on Proxmox optimization.

There are Mellanox Intel nics that offers hardware of loading.
mellanox is most of the time the best choice if it's supported by proxmox.

Intel like Cisco is almost all of the time have limit ions like only Intel brand sfp sfp+ support.

Check if the offloading features supported by proxmox.
by pacmen
Sat Feb 13, 2021 11:29 am
Forum: General
Topic: Best Bandwidth Throttling Solution
Replies: 11
Views: 1351

Re: Best Bandwidth Throttling Solution

does Sonar implement the shaping on the CPE or on the core?
by pacmen
Fri Feb 12, 2021 10:04 am
Forum: General
Topic: Best Bandwidth Throttling Solution
Replies: 11
Views: 1351

Re: Best Bandwidth Throttling Solution

This is more or less what i will do, if so you can just traffic shape on the termination CPE device, no?
You can also Monitor the CPE device and inform your client of any issue arise - and also automate the process by sending SMS to your clients.
by pacmen
Wed Feb 10, 2021 8:45 am
Forum: General
Topic: Best Bandwidth Throttling Solution
Replies: 11
Views: 1351

Re: Best Bandwidth Throttling Solution

How do your clients going to connect to your network, with what cpe termination that you provide them or one the buy there own? Case You provide them mikrotik antenna you get full management and control so you can throttle from this termination device which is bridge to theire in home router. Case y...
by pacmen
Wed Feb 10, 2021 6:25 am
Forum: Virtualization
Topic: CHR on Supermicro E300-9D
Replies: 1
Views: 627

Re: CHR on Supermicro E300-9D

I want to share with you my Cent of wisdom.

VMware Esxi for some reason limiting the maximum amount of network interfaces to 10.
by pacmen
Mon Feb 08, 2021 11:26 pm
Forum: Virtualization
Topic: RouterOS CHR Scaleway
Replies: 1
Views: 334

Re: RouterOS CHR Scaleway

what is your use case for running CHR on this cloud?
by pacmen
Sun Feb 07, 2021 7:09 am
Forum: Virtualization
Topic: Proxmox not interface
Replies: 3
Views: 466

Re: Proxmox not interface

So i've worked on it this morning and setup an CHR on proxmox to check your issue. And i found that if im adding the interfaces while the CHR is running i can't see my added interfaces, but if i reboot the CHR the interfaces are loaded correctly. Note that i was added 3 type of interfaces CHR-proxmo...
by pacmen
Fri Feb 05, 2021 9:04 am
Forum: Virtualization
Topic: Proxmox not interface
Replies: 3
Views: 466

Re: Proxmox not interface

It maybe related to the way you tried to attach your interafaces to the machine itself?
Can you also include a picture of the machine HW?.

you need to take in mind that not all of the network virtualization type is supported by the CHR.

personally i will try to do it myself.
by pacmen
Sun Jan 24, 2021 6:44 pm
Forum: Beginner Basics
Topic: CRS3xx flexible Vlan Translation
Replies: 3
Views: 442

Re: CRS3xx flexible Vlan Translation

what is vlan translation, can you please referral to the wiki page please?

I assumes your need is simple but the way you wrote it doesn't let us to understand it
by pacmen
Sun Jan 24, 2021 9:30 am
Forum: Beginner Basics
Topic: RB4011 SFP+ to CRS112-8P-4S-IN SFP?
Replies: 1
Views: 294

Re: RB4011 SFP+ to CRS112-8P-4S-IN SFP?

Let me check if i got you right You want to connect between your RB4011 to CRS112 with a fiber connection via the SFP+ on the RB4011 and on some SFP cage on the CSR112? If thats the case I don't have straight and clear answer, and here's the reason, By the MSA regulation an SFP+ (10Gbit) cage shoul...
by pacmen
Thu Jan 21, 2021 7:57 am
Forum: General
Topic: OpenVpn To PPTP between 2 microtik
Replies: 1
Views: 201

Re: OpenVpn To PPTP between 2 microtik

I've answered you in the beginner forum
by pacmen
Thu Jan 21, 2021 6:37 am
Forum: Beginner Basics
Topic: VPNs over LTE?
Replies: 3
Views: 427

Re: VPNs over LTE?

Let me check if i got it right Branches == trucks You have multiple branches (trucks) around the country and you want them centralized to main HQ/office, in order to receive information from those branches. your issue is you don't know your WAN ip (your public ip) since the branches router connecte...
by pacmen
Wed Jan 20, 2021 4:11 pm
Forum: Beginner Basics
Topic: OpenVpn To PPTP between 2 microtik
Replies: 1
Views: 216

Re: OpenVpn To PPTP between 2 microtik

First let me check if i got you right router 1 can talk with router 2 via pptp, router 2 (lets say) is connected to a server with openvpn and you correctly unable to reach the server from router 1. If you want to reach the server from router 1 you have 2 options. 1.easy - create static route on the...
by pacmen
Sun Jul 12, 2020 1:17 am
Forum: Virtualization
Topic: CHR vSphere >10 gigabit of throughput
Replies: 4
Views: 2115

Re: CHR vSphere >10 gigabit of throughput

Does the lacp is configured on the vswitch or on the ros?
by pacmen
Thu Apr 23, 2020 7:57 pm
Forum: Beginner Basics
Topic: dstnat rule executed on egress traffic [SOLVED]
Replies: 6
Views: 2847

Re: dstnat rule executed on egress traffic [SOLVED]

Your understanding is wrong. src-nat is mangling the src-address and src-port ... while dst-nat is mangling dst-address and dst-port.

By that you mean ROS looking on the src part of the packet when using src-nat, and on the dst address when using dst-nat?
by pacmen
Thu Apr 23, 2020 10:13 am
Forum: Beginner Basics
Topic: dstnat rule executed on egress traffic [SOLVED]
Replies: 6
Views: 2847

Re: dstnat rule executed on egress traffic [SOLVED]

Post your complete config as snippets never reveal the true picture....... /export hide-sensitive file=anynameyouwish also is your WANIP static or dynamic?? My ip is dynamic. <snip> 1 ;;; enable remote access to wordpress chain=dstnat action=dst-nat to-addresses=192.168.88.35 to-ports=8080 protocol...
by pacmen
Wed Apr 22, 2020 6:13 pm
Forum: Beginner Basics
Topic: dstnat rule executed on egress traffic [SOLVED]
Replies: 6
Views: 2847

dstnat rule executed on egress traffic [SOLVED]

Hello everyone, At the last couple of weeks im working on wordpress site in my local lab, the site got to situation when i want to get others opinions so i had "port forward" any ingress traffic from WAN with dst-port 8080 using the following dstnat rule #masquerade is shown for your infor...
by pacmen
Fri Feb 02, 2018 2:52 pm
Forum: Beginner Basics
Topic: Working L2TP iPsec VPN but no Ping to computer?
Replies: 8
Views: 5523

Re: Working L2TP iPsec VPN but no Ping to computer?

try to locate rule 10 on the 2th place, then try to ping from your vpn.
the firewall is work like instruction sets, one by one and the first match is the one that catches.

if you can please share with us your mikrotick route list.
by pacmen
Fri Feb 02, 2018 2:46 pm
Forum: General
Topic: Load CPU 100%
Replies: 6
Views: 966

Re: Load CPU 100%

i had some thing similar when the dns remote request was on my cpu ran crazy.

viewtopic.php?f=2&t=128925&p=633415#p633415
by pacmen
Fri Feb 02, 2018 2:40 pm
Forum: Beginner Basics
Topic: Stuck and confused newbie
Replies: 3
Views: 739

Re: Stuck and confused newbie

So let me get that straight you just want to make a static ip on your lan in order to make firewall rules better. if so let your device lease an ip address from your dhcp server, then enter to the leased ip list and press on the ip you want to make static then press on make static (winbox) Capture.P...
by pacmen
Fri Feb 02, 2018 8:33 am
Forum: Beginner Basics
Topic: Working L2TP iPsec VPN but no Ping to computer?
Replies: 8
Views: 5523

Re: Working L2TP iPsec VPN but no Ping to computer?

Can you please print by the following command
 ip firewall filter print
its let you better vision of how the rules are listed.
by pacmen
Thu Feb 01, 2018 8:07 pm
Forum: Beginner Basics
Topic: Stuck and confused newbie
Replies: 3
Views: 739

Re: Stuck and confused newbie

you should have a bridge interface which connect to all your LAN interfaces.
then you should create a dhcp pool and dhcp server which its interface need to be this bridge interface.

or you can use the quick setup method by press on the quick set button,
Image
by pacmen
Thu Feb 01, 2018 7:45 pm
Forum: Beginner Basics
Topic: Working L2TP iPsec VPN but no Ping to computer?
Replies: 8
Views: 5523

Re: Working L2TP iPsec VPN but no Ping to computer?

Hey, first share with us you router firewall configuration. second are you able to send and receive pings from windows 10 to windows 10 on your LAN? thrid windows 10 firewall is trying to be extensive one, and icmp replays is disabled, for example: winddow 10 pc -> router. will work but: router -> w...
by pacmen
Thu Jan 25, 2018 8:45 am
Forum: General
Topic: Firewall filter after update blocks my l2tp [SOLVED]
Replies: 8
Views: 3615

Re: Firewall filter after update blocks my l2tp [SOLVED]

You right!
I removed them right away.
Many thanks again!
by pacmen
Thu Jan 25, 2018 6:33 am
Forum: General
Topic: Firewall filter after update blocks my l2tp [SOLVED]
Replies: 8
Views: 3615

Re: Firewall filter after update blocks my l2tp [SOLVED]

i truly truly have no idea how to start to thank you, im breaking my mined so much time to make this work. the main issue here is that your establishment rule including connection state new. my rules 9 chain=input action=accept protocol=tcp dst-port=500 log=no log-prefix="" 10 chain=input ...
by pacmen
Tue Jan 23, 2018 9:03 pm
Forum: General
Topic: Firewall filter after update blocks my l2tp [SOLVED]
Replies: 8
Views: 3615

Re: Firewall filter after update blocks my l2tp [SOLVED]

It still doesn't work. I added the tunnel interface to the Lan list the rule logs looks like this. 06:25:36 firewall,info input: in:Port 1 - Wan out:(unknown 0), src-mac 00:00:00:02:02:01, proto UDP, 2.55.28.71:21815->141.226.254.92:500, len 472 06:25:39 firewall,info input: in:Port 1 - Wan out:(unk...
by pacmen
Tue Jan 23, 2018 3:00 pm
Forum: General
Topic: Firewall filter after update blocks my l2tp [SOLVED]
Replies: 8
Views: 3615

Re: Firewall filter after update blocks my l2tp [SOLVED]

I don't have any ssh service open, I want to know why this rule also block ssh attacks. Another thing is whenever I disable this rule and connect with the tunnel, and enable this rule again while I connected to with the tunnel this rule doesn't block the connection. It's block the connection only wh...
by pacmen
Tue Jan 23, 2018 7:01 am
Forum: General
Topic: Firewall filter after update blocks my l2tp [SOLVED]
Replies: 8
Views: 3615

Firewall filter after update blocks my l2tp [SOLVED]

hey to very one, ive update my router and a new default firewall filter was added, 13 chain=input action=drop in-interface-list=!LAN log=yes log-prefix="" This rule blocks my l2tp connection when im trying to dial-in, messages blocked even when i put it on the bottom of the filter list. wh...
by pacmen
Fri Dec 22, 2017 8:59 pm
Forum: General
Topic: question about DNS allow remote requests
Replies: 7
Views: 6132

Re: question about DNS allow remote requests

The FW doesn't should block\drop any not matched traffic?.
by pacmen
Fri Dec 22, 2017 8:27 pm
Forum: General
Topic: question about DNS allow remote requests
Replies: 7
Views: 6132

question about DNS allow remote requests

Hello every one, for some reason which i don't know yet in the dns settings the allow remote request was on. when i connected today i was notice that the cpu usage is excessive, i start to check and found out that i have almost full usage of the TX stream about 8-12MByte on my wan connection. i snif...
by pacmen
Tue Dec 19, 2017 7:05 am
Forum: Scripting
Topic: CloudFlare as dynamic DNS solution
Replies: 2
Views: 4696

Re: CloudFlare as dynamic DNS solution

you are awesome thank you very much! i will try it.
by pacmen
Sat Dec 16, 2017 7:23 pm
Forum: Beginner Basics
Topic: Can't access new Metal 52 ac
Replies: 1
Views: 469

Re: Can't access new Metal 52 ac

You may done that but since no one help here I'm trying to be for your help.
https://i.mt.lv/routerboard/files/Metal-qg.pdf
by pacmen
Fri Dec 15, 2017 11:10 pm
Forum: Beginner Basics
Topic: Port forwarding
Replies: 2
Views: 1073

Re: Port forwarding

this should be handy for you
https://wiki.mikrotik.com/wiki/Manual:IP/Firewall/NAT

in mikrotik its called nat firewalling, since you are tell the nat that he have those port on its local networks.
by pacmen
Fri Dec 15, 2017 12:36 pm
Forum: Beginner Basics
Topic: L2TP server doesn't seems to be working
Replies: 5
Views: 1619

Re: L2TP server doesn't seems to be working

What is event in log from topic l2tp and ipsec ?
There are no logs.
Ive added those in order to get information but no logs have been registered.
by pacmen
Thu Dec 14, 2017 11:41 pm
Forum: Beginner Basics
Topic: L2TP server doesn't seems to be working
Replies: 5
Views: 1619

Re: L2TP server doesn't seems to be working

# dec/14/2017 23:39:57 by RouterOS 6.40.5 # software id = 86MG-CGR4 # # model = 2011iL # serial number = 419C04352234 /interface bridge add admin-mac=4C:5E:0C:38:BC:77 arp=proxy-arp auto-mac=no fast-forward=no \ name=bridge-local /interface ethernet set [ find default-name=ether1 ] full-duplex=no n...
by pacmen
Wed Dec 13, 2017 10:04 pm
Forum: Beginner Basics
Topic: L2TP server doesn't seems to be working
Replies: 5
Views: 1619

L2TP server doesn't seems to be working

hello everyone, I've trying to configure a vpn server for a while now and for some reason with no success. Im trying to configure vpn server to get access to my local network. since i use this vpn from my laptop and android i need to use a dial-up kind of method. i've looked in mikrotik wiki and fou...