Community discussions

Search found 5886 matches

by mrz
Thu Jul 18, 2019 2:23 pm
Forum: General
Topic: how to display Password of PPPOE user from a Mikrotik router?
Replies: 5
Views: 275

Re: how to display Password of PPPOE user from a Mikrotik router?

This menu is not supposed to show any passwords. Go to "secrets" tab if users are authenticated locally.
by mrz
Thu Jul 18, 2019 1:46 pm
Forum: Announcements
Topic: v6.46beta [testing] is released!
Replies: 43
Views: 7215

Re: v6.46beta [testing] is released!

And why it is wrong? Nexthop is the relay so MAC should be fro the relay. By the way adding ARP in relay setups is useless, since clients are not in the same broadcast domain.
by mrz
Thu Jul 18, 2019 1:40 pm
Forum: Forwarding Protocols
Topic: Can't establish LDP session between two Mikrotik routers
Replies: 6
Views: 298

Re: Can't establish LDP session between two Mikrotik routers

LDP interface configuration is invalid. Are those interfaces slaves? if yes then you need to add master.
by mrz
Wed Jul 17, 2019 2:30 pm
Forum: RouterOS v7
Topic: RouterOS v7.0 beta1 - when?
Replies: 553
Views: 130774

Re: RouterOS v7.0 beta1 - when?

Will not run, you need one core per pixel.
by mrz
Mon Jul 15, 2019 3:59 pm
Forum: RouterOS v6 RC and v7 BETA
Topic: Loging not working with multiple topics?
Replies: 9
Views: 666

Re: Loging not working with multiple topics?

As I mentioned log message with topic "error AND warning AND info" does not exist in real world.
Just look at your log messages and see how topics are used, then you will understand.
by mrz
Mon Jul 15, 2019 3:34 pm
Forum: Forwarding Protocols
Topic: OSPF state changes on long Ethernet POE leads
Replies: 2
Views: 179

Re: OSPF state changes on long Ethernet POE leads

First you need to find out the reason for state changes. Is it a link flap?
by mrz
Mon Jul 15, 2019 3:04 pm
Forum: RouterOS v6 RC and v7 BETA
Topic: Loging not working with multiple topics?
Replies: 9
Views: 666

Re: Loging not working with multiple topics?

Not outdated, I do not see example with topics="error,warning,info"
/system logging add topics=ntp,debug,!packet
This is completely different of what you have configured.

Example in wiki will log all log entries with topics ntp AND debug AND NOT packet, in short NTP debug packets.
by mrz
Fri Jul 12, 2019 11:44 am
Forum: RouterOS v6 RC and v7 BETA
Topic: Loging not working with multiple topics?
Replies: 9
Views: 666

Re: Loging not working with multiple topics?

Not outdated, I do not see example with topics="error,warning,info"
by mrz
Thu Jul 11, 2019 5:42 pm
Forum: Scripting
Topic: bypass script errors/wrong commands
Replies: 15
Views: 785

Re: bypass script errors/wrong commands

Most likely interface doe snot exist yet when you execute script at startup.
Add delay or loop that waits until interfaces appear.
by mrz
Thu Jul 11, 2019 1:20 pm
Forum: Announcements
Topic: v6.45.1 [stable] is released!
Replies: 416
Views: 54881

Re: v6.45.1 [stable] is released!

Anyone who had problems with OSPF (/routing ospf lsa print triggers busy loop) in this version please try 6.46beta9 if possible.
by mrz
Thu Jul 11, 2019 10:18 am
Forum: Scripting
Topic: bypass script errors/wrong commands
Replies: 15
Views: 785

Re: bypass script errors/wrong commands

Basic example:
:global setPoe [:parse ":put \"set poe settings here\"!"];
:if ($poeExist = 1) do={
  $setPoe;
}
by mrz
Wed Jul 10, 2019 2:50 pm
Forum: Scripting
Topic: bypass script errors/wrong commands
Replies: 15
Views: 785

Re: bypass script errors/wrong commands

It is a syntax error if parameter does not exist, and you cannot catch these errors at runtime.
One way is to use "parse" command to execute command line based on parameters, which check if poe should exist on this router.
by mrz
Wed Jul 10, 2019 12:31 pm
Forum: General
Topic: VRF route mark question
Replies: 1
Views: 135

Re: VRF route mark question

Routing mark names are local to your router, other devices in the network do not see VRF names.
by mrz
Tue Jul 09, 2019 3:43 pm
Forum: Beginner Basics
Topic: DHCP option by rule [SOLVED]
Replies: 4
Views: 382

Re: DHCP option by rule [SOLVED]

Or use vendor class id to give specific option sets based on ID client is sending.
by mrz
Tue Jul 09, 2019 12:54 pm
Forum: Beginner Basics
Topic: IPSec features in default configuration
Replies: 4
Views: 310

Re: IPSec features in default configuration

ipsec-policy=out,none menas that rule will NAT only those connections that are not matched by any ipsec policy.
by mrz
Tue Jul 09, 2019 10:44 am
Forum: RouterOS v6 RC and v7 BETA
Topic: Loging not working with multiple topics?
Replies: 9
Views: 666

Re: Loging not working with multiple topics?

logging expects that log entry will have all three of those topics. I have never seen log entry with topics, for example "info,warning,error,firewall" .
Logic is "info and warning and error"

If you want to log all three occurrences, then you need to add three separate rules.
by mrz
Mon Jul 08, 2019 7:02 pm
Forum: General
Topic: DNS wiki example not work. Why?
Replies: 3
Views: 204

Re: DNS wiki example not work. Why?

instead of "name" use "regexp" if you are adding regexp.
by mrz
Mon Jul 08, 2019 2:07 pm
Forum: RouterBOARD hardware
Topic: RB4011: wlan1 disabling itself
Replies: 154
Views: 14858

Re: RB4011: wlan1 disabling itself

Is your IPTV multicast or unicast?
by mrz
Mon Jul 08, 2019 10:57 am
Forum: Beginner Basics
Topic: /ip firewall NAT on bridge with use-ip-firewall not working
Replies: 4
Views: 294

Re: /ip firewall NAT on bridge with use-ip-firewall not working

If there is no IP address on an interface, then NAT cannot translate.
by mrz
Mon Jul 08, 2019 10:53 am
Forum: Beginner Basics
Topic: DHCPv6-client
Replies: 1
Views: 99

Re: DHCPv6-client

Are you sure that there is a DHCP server? Most likely provider is giving out stateless address and you do not need dhcp client to receive this address.
See description here:
https://wiki.mikrotik.com/wiki/Manual:I ... figuration
by mrz
Mon Jul 08, 2019 10:31 am
Forum: Beginner Basics
Topic: IPSec features in default configuration
Replies: 4
Views: 310

Re: IPSec features in default configuration

1. What ipsec-policy parameter do is described in the firewall manual: https://wiki.mikrotik.com/wiki/Manual:IP/Firewall/Filter#Properties 2. Now that you know what ipsec-policy means, read here why packets matching ipsec policy must not be NATed https://wiki.mikrotik.com/wiki/Manual:IP/IPsec#NAT_an...
by mrz
Mon Jul 08, 2019 10:18 am
Forum: Forwarding Protocols
Topic: DHCP relay over OSPF!!
Replies: 1
Views: 130

Re: DHCP relay over OSPF!!

It doesn't matter OSPF or static routing, as long as relay can reach the server.
by mrz
Fri Jul 05, 2019 6:26 pm
Forum: General
Topic: IPsec peer identity verification when using IKEv2 with RSA authentication
Replies: 1
Views: 125

Re: IPsec peer identity verification when using IKEv2 with RSA authentication

It verifies that client cert is signed by the same chain. There is no need to have client cert on the server.
by mrz
Thu Jul 04, 2019 1:13 pm
Forum: Announcements
Topic: Winbox v3.19 released!
Replies: 28
Views: 3300

Re: Winbox v3.19 released!

- drag and drop for me work only with direction from the desktop environment to the "wine winbox". The opposite direction (from winbox to the kde/xfce) not work for me. Try to copy files while logged using ip address, not mac address.
Right click on the file and choose "Download", problem solved.
by mrz
Thu Jul 04, 2019 1:02 pm
Forum: Announcements
Topic: v6.45.1 [stable] is released!
Replies: 416
Views: 54881

Re: v6.45.1 [stable] is released!

@arsalansiddiqui you need to fix your API wrapper so that login parameters are sent as described in the wiki.
Here is another topic
viewtopic.php?f=9&t=136475
by mrz
Wed Jul 03, 2019 12:18 pm
Forum: General
Topic: Block .exe from local network
Replies: 5
Views: 293

Re: Block .exe from local network

Proxy can be used to deny access to specific file types.
by mrz
Tue Jul 02, 2019 4:54 pm
Forum: Announcements
Topic: v6.45.1 [stable] is released!
Replies: 416
Views: 54881

Re: v6.45.1 [stable] is released!

In terms of connection tracking there will be always the one that initiates/creates (call it whatever you like) new connection. If remote device trying to initiate connection it should not be accepted by "establish/related" rule because connection does not exist yet. That is what happened before the...
by mrz
Tue Jul 02, 2019 4:12 pm
Forum: General
Topic: Packet sniffer size limit
Replies: 2
Views: 269

Re: Packet sniffer size limit

Limit is 10..4294967295 KiB
by mrz
Tue Jul 02, 2019 4:11 pm
Forum: Announcements
Topic: v6.45.1 [stable] is released!
Replies: 416
Views: 54881

Re: v6.45.1 [stable] is released!

As far as I understand you are trying to configure server. Server requires RADIUS server with EAP support. Locally on the router it is not supported.
by mrz
Tue Jul 02, 2019 3:57 pm
Forum: General
Topic: NordVpn and mikrotik?
Replies: 22
Views: 3454

Re: NordVpn and mikrotik?

Probably can be updated with a script if assigned IP has changed.
by mrz
Tue Jul 02, 2019 1:10 pm
Forum: Announcements
Topic: v6.45.1 [stable] is released!
Replies: 416
Views: 54881

Re: v6.45.1 [stable] is released!

It is wrong if initiator is remote router.
by mrz
Tue Jul 02, 2019 1:03 pm
Forum: General
Topic: Mikrotik API
Replies: 1
Views: 291

Re: Mikrotik API

Make sure you are using correct authentication method:
https://wiki.mikrotik.com/wiki/Manual:API#Initial_login
by mrz
Tue Jul 02, 2019 1:01 pm
Forum: RouterOS v7
Topic: RouterOS v7.0 beta1 - when?
Replies: 553
Views: 130774

Re: RouterOS v7.0 beta1 - when?

Right ... 5.1.11 released 17 Jun 2019 ...
by mrz
Tue Jul 02, 2019 12:50 pm
Forum: RouterOS v6 RC and v7 BETA
Topic: ROUTEROS V6 RC AND V7 BETA
Replies: 3
Views: 725

Re: ROUTEROS V6 RC AND V7 BETA

No, FRR will not be integrated. We already working on new routing code that will outperform FRR in certain scenarios.
by mrz
Tue Jul 02, 2019 12:48 pm
Forum: Announcements
Topic: v6.45.1 [stable] is released!
Replies: 416
Views: 54881

Re: v6.45.1 [stable] is released!

!) ike2 - added support for EAP authentication methods (eap-tls, eap-ttls, eap-peap, eap-mschapv2) as initiator; Since this is "as initiator," can I assume this isn't supported for running as a roadwarrior config? If so, when is support for that coming, if at all? Road warrior client is always an i...
by mrz
Tue Jul 02, 2019 12:46 pm
Forum: Scripting
Topic: Mikrotik API call not working [SOLVED]
Replies: 18
Views: 1345

Re: Mikrotik API call not working [SOLVED]

I didn't trying to hype on that, but I strongly believe that another important notice about old-style API authentication deprecation starts with this release will be very pleased for many MikroTik users.
Thank you.
We will add note regarding API, too.
by mrz
Tue Jul 02, 2019 12:44 pm
Forum: Forwarding Protocols
Topic: BGP load-balance per-packet
Replies: 3
Views: 359

Re: BGP load-balance per-packet

True ECMP for BGP is currently unsupported, but if for example two links point to the same remote router, where you want to run BGP, then you can set up single multihop peer over ECMP.
See example here:
https://wiki.mikrotik.com/wiki/Manual:B ... interfaces
by mrz
Mon Jul 01, 2019 2:52 pm
Forum: RouterOS v7
Topic: RouterOS v7.0 beta1 - when?
Replies: 553
Views: 130774

Re: RouterOS v7.0 beta1 - when?

If you are talking about SACK panic, then all Linux version starting from 2.6.29 are affected.
by mrz
Mon Jul 01, 2019 2:06 pm
Forum: Announcements
Topic: v6.45.1 [stable] is released!
Replies: 416
Views: 54881

Re: v6.45.1 [stable] is released!

What winbox version?
by mrz
Mon Jul 01, 2019 2:02 pm
Forum: Scripting
Topic: Mikrotik API call not working [SOLVED]
Replies: 18
Views: 1345

Re: Mikrotik API call not working [SOLVED]

Not true. See how it is done in our api example client:
https://wiki.mikrotik.com/wiki/Manual:A ... ple_client
by mrz
Mon Jul 01, 2019 1:06 pm
Forum: Announcements
Topic: v6.45.1 [stable] is released!
Replies: 416
Views: 54881

Re: v6.45.1 [stable] is released!

That is an option for RouterOS OVPN clients, for which this exact change apply. It has nothing to do with non-RouterOS OVPN client.
by mrz
Mon Jul 01, 2019 1:04 pm
Forum: Scripting
Topic: Mikrotik API call not working [SOLVED]
Replies: 18
Views: 1345

Re: Mikrotik API call not working [SOLVED]

Important note!!!
Due to removal of compatibility with old version passwords in this version...
...
!) user - removed insecure password storage;
...
by mrz
Mon Jul 01, 2019 1:00 pm
Forum: Announcements
Topic: v6.45.1 [stable] is released!
Replies: 416
Views: 54881

Re: v6.45.1 [stable] is released!

@roe1974 Simple:
verify-server-certificate=yes
by mrz
Mon Jul 01, 2019 12:54 pm
Forum: Scripting
Topic: Mikrotik API call not working [SOLVED]
Replies: 18
Views: 1345

Re: Mikrotik API call not working [SOLVED]

There is already important note due to removal of compatibility with old version passwords.
Third party software should have been fixed long time ago ,new authentication method was introduced back in May 2018.
by mrz
Mon Jul 01, 2019 12:27 pm
Forum: Scripting
Topic: Mikrotik API call not working [SOLVED]
Replies: 18
Views: 1345

Re: Mikrotik API call not working [SOLVED]

Yes, make sure you are using new authentication method.
by mrz
Mon Jul 01, 2019 9:58 am
Forum: Scripting
Topic: Mikrotik API call not working [SOLVED]
Replies: 18
Views: 1345

Re: Mikrotik API call not working [SOLVED]

Make sure your PHP code is using new authentication method:
https://wiki.mikrotik.com/wiki/Manual:API#Initial_login
by mrz
Thu Jun 27, 2019 12:49 pm
Forum: Forwarding Protocols
Topic: OSPF Linux MikroTik
Replies: 3
Views: 608

Re: OSPF Linux MikroTik

NBMA should work if multicast is blocked. It is possible that provider is blocking not multicast, but OSPF.
by mrz
Fri Jun 21, 2019 4:40 pm
Forum: Scripting
Topic: Bug in script variables?
Replies: 7
Views: 346

Re: Bug in script variables?

Problem looks to be specific to your router: [admin@3C22-atombumba] > /ip dhcp-server lease print count-only where server~"DHCP-Pool-vlan1-Home" 18 [admin@3C22-atombumba] > /ip dhcp-server lease print count-only where server~"vlan1-Home" 18 [admin@3C22-atombumba] > /ip dhcp-server lease print count-...
by mrz
Fri Jun 21, 2019 4:34 pm
Forum: General
Topic: AccessPoint Router test video series - English subtitles
Replies: 4
Views: 343

Re: AccessPoint Router test video series - English subtitles

IPSEC results seems a bit off on all routers. What config you are using?