Community discussions

MikroTik App

Search found 6852 matches

  • 1
  • 2
  • 3
  • 4
  • 5
  • 23
by anav
Fri May 07, 2021 11:37 pm
Forum: Wireless Networking
Topic: Slow speed with Cap AC
Replies: 5
Views: 167

Re: Slow speed with Cap AC

Who told you a. to get MT wireless b. to try and configure capsman when not even knowing how to config MT RoS ( a level of complexity certainly not helpful at the beginning maybe later and usually for multiple Capac efficiency) c. tot expect higher speeds ??? For 5ghz 867/3 = 289 so that is what rea...
by anav
Fri May 07, 2021 7:39 pm
Forum: Beginner Basics
Topic: Wanted to Hire - Mikrotik Expert That Can Setup IPTV To Work
Replies: 1
Views: 89

Re: Wanted to Hire - Mikrotik Expert That Can Setup IPTV To Work

Thats not the way it works, look at the consult list for your area and contact them with your requirements and see if there are any takers.
by anav
Thu May 06, 2021 12:51 pm
Forum: Wireless Networking
Topic: Caps-man with vlans and cAP with vlans on switch chip problem
Replies: 6
Views: 247

Re: Caps-man with vlans and cAP with vlans on switch chip problem

Good work Lotar, glad it worked out for you.!!
by anav
Thu May 06, 2021 12:49 pm
Forum: Wireless Networking
Topic: Locked out of router
Replies: 15
Views: 716

Re: Locked out of router

...we are not talking about you living in Sicily trying to fix an AP on the leaning tower of corrupt popes... You really have writed this shit? I have your attention, then the post worked! It was polite way of saying, take your distance issue and shove it where the sun dont shine because its simply...
by anav
Thu May 06, 2021 3:21 am
Forum: Wireless Networking
Topic: Caps-man with vlans and cAP with vlans on switch chip problem
Replies: 6
Views: 247

Re: Caps-man with vlans and cAP with vlans on switch chip problem

tis why I recommend capsman only be used when one can configure ROS, vlans, and wifi WITHOUT capsman first.
by anav
Wed May 05, 2021 10:58 pm
Forum: Wireless Networking
Topic: Locked out of router
Replies: 15
Views: 716

Re: Locked out of router

rextended the way to do this is reserve one ethernet port on the router with its own subnet and not on any bridge with admin access on the input chain so as to be able to gracefully recover from a config screwup. I do this with my main router AND every capac - I basiclly use eth2 on each capac as a...
by anav
Wed May 05, 2021 10:18 pm
Forum: Beginner Basics
Topic: Product advice for a SOHO
Replies: 16
Views: 514

Re: Product advice for a SOHO

For Wifi if its a vanilla indoor access point you are looking for (aka a stable decent wifi 5 variant) I would select the tp link eap245.
I have not tried their latest wifi6 units yet eap 620 and 660 (too pricey).
by anav
Wed May 05, 2021 8:04 pm
Forum: General
Topic: How long does it take for MT tech support to respond?
Replies: 17
Views: 910

Re: How long does it take for MT tech support to respond?

Most here respect Normis's word while yours not so much.
If you dont like it suggest you travel to Latvia to kiss and make up.
by anav
Wed May 05, 2021 6:53 pm
Forum: General
Topic: Guest VLAN issues
Replies: 8
Views: 280

Re: Guest VLAN issues

Not frustrating if you read the link provided, very easy to setup as for understanding this may help.

viewtopic.php?p=849580#p849580
by anav
Wed May 05, 2021 6:43 pm
Forum: Beginner Basics
Topic: Product advice for a SOHO
Replies: 16
Views: 514

Re: Product advice for a SOHO

It is it hard requirement to have firewall and router separate and why? Just curious as most home and SOHO dont require it.
Is the extra expense a nice to have or a real need, in which case maybe I should put my hex before my CCR1009 LOL.
by anav
Wed May 05, 2021 5:22 am
Forum: Wireless Networking
Topic: Locked out of router
Replies: 15
Views: 716

Re: Locked out of router

rextended the way to do this is reserve one ethernet port on the router with its own subnet and not on any bridge with admin access on the input chain so as to be able to gracefully recover from a config screwup. I do this with my main router AND every capac - I basiclly use eth2 on each capac as a ...
by anav
Wed May 05, 2021 5:18 am
Forum: Beginner Basics
Topic: help with setting up home network
Replies: 11
Views: 593

Re: help with setting up home network

Hi atosh, Dont be alarmed but enabling the vlan filtering causes the router to burp. Dont be afraid, one can reconnect to the router after this and normally one checks vlan filtering to see if the enabling sticks and voila its then enabled. Sometimes it takes two attempts. One should not be locked o...
by anav
Wed May 05, 2021 1:43 am
Forum: Beginner Basics
Topic: help with setting up home network
Replies: 11
Views: 593

Re: help with setting up home network

I do not set any filtering on the BRIDGE itself, (leave as default totally, only thing to do is enable when the config is complete). On bridge ports yes I set ingress filtering=yes and limit packet types to only vlan tags for trunk ports and only priority and untagged frames at access ports. My unde...
by anav
Tue May 04, 2021 10:14 pm
Forum: Wireless Networking
Topic: Tree's obstructing CPE LOS to AP ~ bandwidth!
Replies: 19
Views: 1254

Re: Tree's obstructing CPE LOS to AP ~ bandwidth!

Or thoroughly apply the German solution.
Even the Germans need some help from their Husqy Swedish friends!
Husq.jpg
by anav
Tue May 04, 2021 2:38 am
Forum: Wireless Networking
Topic: Tree's obstructing CPE LOS to AP ~ bandwidth!
Replies: 19
Views: 1254

Re: Tree's obstructing CPE LOS to AP ~ bandwidth!

Nothing like finding out the truth, a forest LOL.
String a wire and dont get caught.
Dig a trench
use satellite connectivity $$$$$
Build a tower
by anav
Tue May 04, 2021 2:36 am
Forum: Wireless Networking
Topic: Locked out of router
Replies: 15
Views: 716

Re: Locked out of router

NO one needs access to the router except the Admin.
Why are you doing otherwise, I dont understand the purpose??

If this is a matter of access to the internet via WIFI it should have no bearing on access to the router????
by anav
Tue May 04, 2021 2:35 am
Forum: Wireless Networking
Topic: Locked out of router
Replies: 15
Views: 716

Re: Locked out of router

Keep it clear
set MAC SERVER - MAC Telnet Server TO ---> allowed interface=NONE
set MAC SERVER - MAC Winbox Server TO---> allowed interface= home interface or managrrment interface (where you will be accessing winbox from).
by anav
Tue May 04, 2021 2:31 am
Forum: Wireless Networking
Topic: Vlan hopping check and mitigation !
Replies: 5
Views: 230

Re: Vlan hopping check and mitigation !

To add mkx, does applying ingress filtering and limiting type of packets reduce in general vulnerabilities or put the other way around, improve general security of the vlans???
by anav
Tue May 04, 2021 2:26 am
Forum: Beginner Basics
Topic: NAT from inside the LAN
Replies: 9
Views: 518

Re: NAT from inside the LAN

Just add another sourcenat rule in this format
add chain=srcnat action=masquerade src-address=192.168.64.0/24 dst-address=192.168.64.0/24

Another solution is to put the server on a different subnet from users trying to access the server by public IP.
by anav
Mon May 03, 2021 9:21 pm
Forum: Beginner Basics
Topic: Do I need to Upgrade my Mikrotik to Take Advantage of Fiber?
Replies: 5
Views: 294

Re: Do I need to Upgrade my Mikrotik to Take Advantage of Fiber?

Basing on real world experience with hex and rb450Gx4.
If you found it to be closer to 25 IP rules, then so be it, just passing on my intimate relationship with marketing numbers.
by anav
Mon May 03, 2021 9:18 pm
Forum: Beginner Basics
Topic: RB4011 router-on-a-stick
Replies: 5
Views: 341

Re: RB4011 router-on-a-stick

The question I have is do you bridge the data vlans for the subnets and then assign the bridge port the SFP (trunk) port, and the other two VLANS lets say 30 and 40 (isp1 and 2), one just creates them and attaches them to the SFP+ interface when defining those ISP related vlans and then selects the ...
by anav
Mon May 03, 2021 1:52 pm
Forum: Beginner Basics
Topic: How to isolate both subnets on a cascade router setup?
Replies: 2
Views: 116

Re: How to isolate both subnets on a cascade router setup?

Very difficult because they are on the same subnet as all other 192.168.1 folks. Your best bet is simply to create another subnet on Router A. then its dirt easy via firewall rules. add chain=forward action=accept source-address=newsubnet out-interface-list=WAN {allow router b to internet} add chain...
by anav
Mon May 03, 2021 1:36 pm
Forum: Beginner Basics
Topic: Add 2nd WAN / beginner
Replies: 1
Views: 89

Re: Add 2nd WAN / beginner

Dont use quickset!!! and use the safe button in winbox.
by anav
Mon May 03, 2021 1:35 pm
Forum: Beginner Basics
Topic: Do I need to Upgrade my Mikrotik to Take Advantage of Fiber?
Replies: 5
Views: 294

Re: Do I need to Upgrade my Mikrotik to Take Advantage of Fiber?

The 25 simple queues is more representative of home setup throughput but yes that the right area to simulate one way throughput.
by anav
Sun May 02, 2021 9:55 pm
Forum: General
Topic: New router OS
Replies: 49
Views: 17507

Re: New router OS

Where is the quickset selection for capsman? ;-PPP
by anav
Sat May 01, 2021 5:12 pm
Forum: Wireless Networking
Topic: Multiple sites/cAPs Centrally Managed Hotspot with local Internet Breakout
Replies: 5
Views: 332

Re: Multiple sites/cAPs Centrally Managed Hotspot with local Internet Breakout

I would wait until MT produces a newer CAPAC model. Hopefully one that does not have proprietary drivers or if they are, can actually produce stable, predictable and decent Wifi5 results. Of course WIFI 6 would be kewl but not expected this soon. In other words although a network may be doable, the ...
by anav
Sat May 01, 2021 5:07 pm
Forum: Wireless Networking
Topic: Tree's obstructing CPE LOS to AP ~ bandwidth!
Replies: 19
Views: 1254

Re: Tree's obstructing CPE LOS to AP ~ bandwidth!

German solution, if you stihl have problems after this solution one is beyond help!
stihl.JPG
by anav
Sat May 01, 2021 3:01 am
Forum: Beginner Basics
Topic: What is purpose of VLAN's Parent Interface? [SOLVED]
Replies: 3
Views: 352

Re: What is purpose of VLAN's Parent Interface? [SOLVED]

MTUNA Qualified expert to the rescue!!!

viewtopic.php?p=849580#p849580

and he rides away in the sunset...............

(small hint for you mkx, bookmark good posts!)
by anav
Fri Apr 30, 2021 4:41 am
Forum: General
Topic: VPN OPTIONS @ HELP with MUDI
Replies: 3
Views: 225

Re: VPN OPTIONS @ HELP with MUDI

Kk thanks,
by anav
Fri Apr 30, 2021 4:39 am
Forum: Beginner Basics
Topic: help with setting up home network
Replies: 11
Views: 593

Re: help with setting up home network

and why does ether1 your WAN connection have a dhcp server setting?? you have two pools for 192.168.5.x You have 13 vlans which means you should have 15 Ip addresses (includes 13 vlans, and 1 emerg-access for ethe5) 14 dhcp servers 14 dhcp server networks 14 ip pools. Simplify the list members. get ...
by anav
Fri Apr 30, 2021 4:19 am
Forum: Useful user articles
Topic: Using RouterOS to VLAN your network
Replies: 172
Views: 119933

Re: Using RouterOS to VLAN your network

Hi Mudharm, I use capac and bridge vlan filtering with great success (and no capsman). I use a vlan per SSID to separate users. What am I missing here?? You are talking about per-SSID VLANs - those work fine with bridge VLAN filtering. I'm talking about per-user VLANs with a single SSID - that does...
by anav
Fri Apr 30, 2021 4:18 am
Forum: Beginner Basics
Topic: help with setting up home network
Replies: 11
Views: 593

Re: help with setting up home network

This is the best document for reading prior to setting up, sorry I didnt link it before. https://forum.mikrotik.com/viewtopic.php?f=23&t=143620 Two comments. 1. the vlans interface is the bridge not etherports 2. set this to none as its known to cause issues /interface detect-internet set detect...
by anav
Thu Apr 29, 2021 10:39 pm
Forum: General
Topic: VPN OPTIONS @ HELP with MUDI
Replies: 3
Views: 225

VPN OPTIONS @ HELP with MUDI

What is MUDI you say https://www.gl-inet.com/products/gl-e750/#specs My challenge is to connect the MUDI (either this units' embedded wireguard or open vpn client) to my CCR1009 as the VPN server. The intent is to create a tunnel whereby the far end client goes out the internet via my internet accou...
by anav
Thu Apr 29, 2021 8:15 pm
Forum: General
Topic: Guest wifi without internet | Bridge mode | CAP AC
Replies: 8
Views: 391

Re: Guest wifi without internet | Bridge mode | CAP AC

grazie amico mio In that case, then we need to see the config on the RB751U-2HnD as well before moving forward. With that, it will be fixed up in minutes. I like you suggest to use VLAN!!! ;) Me recommend vlans, never!!! Well, it depends if the user has only one subnet per interface and thus enough...
by anav
Thu Apr 29, 2021 7:40 pm
Forum: Beginner Basics
Topic: Hotspot. Redirect to HTTPS page
Replies: 2
Views: 183

Re: Hotspot. Redirect to HTTPS page

What was the solution??
by anav
Thu Apr 29, 2021 7:36 pm
Forum: General
Topic: One IP per VLAN
Replies: 15
Views: 673

Re: One IP per VLAN

Not sure what you mean, you could create 500 vlans and setup a dhcp server for each one IP pool of one or how many per vlan, and have that all bridged. 😱 Le dita sono stanche solo pensando al carico di lavoro Just trying to understand the requirements without solutions in mind so that a deisgn of a...
by anav
Thu Apr 29, 2021 6:35 pm
Forum: General
Topic: One IP per VLAN
Replies: 15
Views: 673

Re: One IP per VLAN

????? what is your version of software?
Also post the current config
/export hide-sensitive file=anynameyouwish
by anav
Thu Apr 29, 2021 6:34 pm
Forum: General
Topic: Guest wifi without internet | Bridge mode | CAP AC
Replies: 8
Views: 391

Re: Guest wifi without internet | Bridge mode | CAP AC

grazie amico mio

In that case, then we need to see the config on the RB751U-2HnD as well before moving forward.
With that, it will be fixed up in minutes.
by anav
Thu Apr 29, 2021 6:32 pm
Forum: General
Topic: One IP per VLAN
Replies: 15
Views: 673

Re: One IP per VLAN

Not sure what you mean, you could create 500 vlans and setup a dhcp server for each one IP pool of one or how many per vlan, and have that all bridged.
by anav
Thu Apr 29, 2021 4:40 pm
Forum: Wireless Networking
Topic: wAP WIFI max distance and how to improve
Replies: 9
Views: 415

Re: wAP WIFI max distance and how to improve

I finally concur with Normis,,,,,, capsperson should not be used when learning about MT wifi at the beginning.
Once one understand how the wifi works and one wants to make the configuration more complex then necessary by all means go down the evil path..............
by anav
Thu Apr 29, 2021 4:38 pm
Forum: Wireless Networking
Topic: Tree's obstructing CPE LOS to AP ~ bandwidth!
Replies: 19
Views: 1254

Re: Tree's obstructing CPE LOS to AP ~ bandwidth!

I was going to say bugs fly around more at night and bats, but concur the dew theory holds more water.......... bada bing!!!
by anav
Thu Apr 29, 2021 4:34 pm
Forum: General
Topic: DDNS Port Forwarding RouterOS ver 6.48.1 not working [SOLVED]
Replies: 7
Views: 330

Re: DDNS Port Forwarding RouterOS ver 6.48.1 not working [SOLVED]

Kind words, but I am no expert!! All my knowledge has been from picking the brains of the real experts here.
They know who they are LOL.
My goal is to bridge the gap between home owners and the expert advice that assumes way to much knowledge and cannot relate to ordinary people LOL.
by anav
Thu Apr 29, 2021 4:32 pm
Forum: General
Topic: Guest wifi without internet | Bridge mode | CAP AC
Replies: 8
Views: 391

Re: Guest wifi without internet | Bridge mode | CAP AC

I cannot help further until I know the network setup!
Is this attached to a router via etherport1 and the router provides DHCP services etc??
OR
is this attached to an ISP modem for example??
by anav
Thu Apr 29, 2021 4:27 pm
Forum: Announcements
Topic: SwOS version 2.13 released!
Replies: 29
Views: 3744

Re: SwOS version 2.13 released!

My upgrade on a css106 from 2.11 went fine. It fixed my issues with rstp on 2.12.

I upgraded over 12 hours ago and have seen no issues.
Can you buy a lottery ticket for me!!
by anav
Thu Apr 29, 2021 1:48 pm
Forum: Wireless Networking
Topic: wAP WIFI max distance and how to improve
Replies: 9
Views: 415

Re: wAP WIFI max distance and how to improve

Wifi signals are allergic to the colour orange??
There are many settings on MT wifi suggest you start here.
https://mum.mikrotik.com/presentations/ ... 209343.pdf
by anav
Thu Apr 29, 2021 1:41 pm
Forum: General
Topic: DDNS Port Forwarding RouterOS ver 6.48.1 not working [SOLVED]
Replies: 7
Views: 330

Re: DDNS Port Forwarding ver 6.48.1 [SOLVED]

Okay, good to know, because many times people try to reach the server from behind the router using the public IP (vice the LANIP) and thats a loopback scenario that requires extra nat rules. However you are clearly indicating a valid external access attempt. (1) These rules do not belong in the forw...
by anav
Thu Apr 29, 2021 1:33 pm
Forum: Announcements
Topic: SwOS version 2.13 released!
Replies: 29
Views: 3744

Re: SwOS version 2.13 released!

Of course, did you see on the list.? (rhetorical question)
-- fix the unstable SwoS upgrade process
by anav
Thu Apr 29, 2021 1:29 pm
Forum: Beginner Basics
Topic: Can't set slave wireless interfaces on wAP AC (works ok on cAP AC)
Replies: 7
Views: 387

Re: Can't set slave wireless interfaces on wAP AC (works ok on cAP AC)

I would love to help but allergic to capsman. Get rid of that and I will be glad to take a look at the config.
In addition its a sexist functionality, should be capsperson!!
by anav
Thu Apr 29, 2021 3:25 am
Forum: Wireless Networking
Topic: VLAN with 2 Wifi networks on the same AP.
Replies: 3
Views: 285

Re: VLAN with 2 Wifi networks on the same AP.

Easy peasy lemon squeezy........ sell your soult to the capsman devil or his evil henchman mkx.
Its post like this that keep me as far away from capsman as possible.
Enjoy!
by anav
Thu Apr 29, 2021 12:44 am
Forum: Beginner Basics
Topic: Default firewall config
Replies: 10
Views: 15531

Re: Default firewall config

The default rules, and then how to get a more tailored ruleset that ensures only the ADMIN has full access to the router on the input chain, and only traffic allowed by the admin is served on the forward chain. DEFAULT /ip firewall filter add action=accept chain=input connection-state=established,re...
by anav
Thu Apr 29, 2021 12:33 am
Forum: Beginner Basics
Topic: How to make printer visible from one vlan to another
Replies: 4
Views: 319

Re: How to make printer visible from one vlan to another

I have no idea what eth1 is doing? Is it connected to the internet, if so then you do need firewall rules.
If its not then what it is connected to.
In terms of firewall rules and what you can do look at this thread.
Post #3
viewtopic.php?f=13&t=174810
by anav
Wed Apr 28, 2021 5:39 pm
Forum: Wireless Networking
Topic: Migrating CAPSMAN - best practices
Replies: 2
Views: 293

Re: Migrating CAPSMAN - best practices

suggest you hire a consultant or a trainer! ;-)
by anav
Wed Apr 28, 2021 5:36 pm
Forum: Wireless Networking
Topic: MikroTik cAP ac
Replies: 1
Views: 190

Re: MikroTik cAP ac

Got it. two items, the first one you probably already have as some things are working but as per the second item you dont have a vlan line for the management vlan??? (1) So the Capac must be assigned an address on the management vlan. /IP address 192.168.99.xx/24 network=192.168.99.0 interface=bridg...
by anav
Wed Apr 28, 2021 4:34 pm
Forum: Beginner Basics
Topic: Two segmented networks access to one shared network [SOLVED]
Replies: 11
Views: 536

Re: Two segmented networks access to one shared network [SOLVED]

Okay............. very weird setup, but if it works LOL........ Beyond my scope of knowlege.
To me that sounds more like funky nat or routing settings but if you have found an easier way!!!
by anav
Wed Apr 28, 2021 4:03 pm
Forum: Beginner Basics
Topic: Two segmented networks access to one shared network [SOLVED]
Replies: 11
Views: 536

Re: Two segmented networks access to one shared network [SOLVED]

(1) Bit confused, I assumed the hex was acting as a router??
To me this looks like a switch setting? as there is no connection to an ISP???

(2) Set this to NONE, as it is known to cause problems!
/interface detect-internet
set lan-interface-list=LAN

The rest of my comments depend on answers to 1!!
by anav
Wed Apr 28, 2021 2:25 pm
Forum: Beginner Basics
Topic: Two segmented networks access to one shared network [SOLVED]
Replies: 11
Views: 536

Re: Two segmented networks access to one shared network [SOLVED]

You should post your config to ensure all is good.
/export hide-sensitive file=anynameyouwish
by anav
Wed Apr 28, 2021 1:08 pm
Forum: Beginner Basics
Topic: Two segmented networks access to one shared network [SOLVED]
Replies: 11
Views: 536

Re: Two segmented networks access to one shared network [SOLVED]

Very easy to do with or without vlans. This is the best reference for vlans..... https://forum.mikrotik.com/viewtopic.php?f=23&t=143620 The answer to your question is basically the port structure. If you will not need any of your ports for anything but one subnet, then vlans are not required. Ho...
by anav
Tue Apr 27, 2021 8:12 pm
Forum: Useful user articles
Topic: Using RouterOS to VLAN your network
Replies: 172
Views: 119933

Re: Using RouterOS to VLAN your network

As sindy suggested, for any CAPs you are using, I would generally recommend *not* using bridge VLAN filtering on the CAP itself. Use it on the routers and the switches, but not the CAP. The issue is that bridge VLAN filtering artificially limits what you can do with the CAP. For instance, normally ...
by anav
Tue Apr 27, 2021 8:10 pm
Forum: General
Topic: Bridge Filter Vlans Not Working
Replies: 7
Views: 467

Re: Bridge Filter Vlans Not Working

Why would you untag vlan300 to the hex?? Makes no sense like pretty much the rest of your config.
Your best bet is to read this excellent article, and I am sure you will be up and runnning in no time.

viewtopic.php?f=23&t=143620
by anav
Tue Apr 27, 2021 5:27 pm
Forum: General
Topic: Dual WAN, dual subnet, multiple VLANs
Replies: 13
Views: 676

Re: Dual WAN, dual subnet, multiple VLANs

post your configs, otherwise have no idea what you have done LOL.
by anav
Tue Apr 27, 2021 5:25 pm
Forum: General
Topic: Bridge Filter Vlans Not Working
Replies: 7
Views: 467

Re: Bridge Filter Vlans Not Working

You need to provide a network diagram.
For example nothing lines up on your RB4011 config, vlans not defined, etc.
As noted get rid of service tag...........
by anav
Tue Apr 27, 2021 5:10 pm
Forum: Beginner Basics
Topic: help with setting up home network
Replies: 11
Views: 593

Re: help with setting up home network

Very reasonable plan if the ASUS is a smart wifi device (if not suggest the TPLINK EAP245) stable decent wifi5 device that handles vlans and not costly. I would look at your hex S management access as more of an emergency access in case something funky happens with the rest of the bridge config (we ...
by anav
Tue Apr 27, 2021 5:02 am
Forum: General
Topic: Bridge Filter Vlans Not Working
Replies: 7
Views: 467

Re: Bridge Filter Vlans Not Working

I would need to see the full config on all the devices....
by anav
Tue Apr 27, 2021 5:00 am
Forum: Beginner Basics
Topic: VLANs with hybrid ports, trunks and 2 different WiFi networks
Replies: 19
Views: 1027

Re: VLANs with hybrid ports, trunks and 2 different WiFi networks

Okay I see this...... As it turned out, it started to work by itself! Must've been some caching issue, maybe I was too eager to simply wait for some tables to timeout. Oh, and I put the IP there, because I need this switch to have an IP for mgmt access. Thank you for your tips, I really appreciate ...
by anav
Tue Apr 27, 2021 12:08 am
Forum: Beginner Basics
Topic: VLANs with hybrid ports, trunks and 2 different WiFi networks
Replies: 19
Views: 1027

Re: VLANs with hybrid ports, trunks and 2 different WiFi networks

Okay I see this...... The question I have is where does vlan100 originate from........... In other words why are you defining vlan100 here at all. I think this is the issue /ip address add address=10.0.0.10/24 interface=vlan-main-100 network=10.0.0.0 I noted you defined vlan100 as you should all the...
by anav
Mon Apr 26, 2021 10:58 pm
Forum: General
Topic: manage vlan and untagged on the same port
Replies: 1
Views: 141

Re: manage vlan and untagged on the same port

No your explanation is rather poor LOL. Draw a network diagram. Trunk port, as many tagged vlans to another smart device. Access port, ONE untagged vlan to a dumb device. HYBRID PORT assumes the following -as many tagged vlans -ONLY ONE untagged VLAN -the device at the other END KNOWS how to deal wi...
by anav
Mon Apr 26, 2021 10:33 pm
Forum: General
Topic: Dual WAN, dual subnet, multiple VLANs
Replies: 13
Views: 676

Re: Dual WAN, dual subnet, multiple VLANs

No, this is really cool and different so interested LOL. Can you add the config of each LTE /export hide-senstive file=anynameyouwish I am still thinking only one bridge is needed. On the trunk port between the LTE and the router there are two vlans, ONe goes to DHCP client on the router, the other ...
by anav
Mon Apr 26, 2021 7:58 pm
Forum: General
Topic: Dual WAN, dual subnet, multiple VLANs
Replies: 13
Views: 676

Re: Dual WAN, dual subnet, multiple VLANs

I am not comfortable with, firewall rules are not needed because they are private IPs?? Do the LTE modem devices have firewalls?? Where is the protection point if not your router?? I have never heard of vlans from an LTE modem unless the ISP specfically carries the data on vlans and not on normal et...
by anav
Mon Apr 26, 2021 7:48 pm
Forum: General
Topic: Guest wifi without internet | Bridge mode | CAP AC
Replies: 8
Views: 391

Re: Guest wifi without internet | Bridge mode | CAP AC

Suggest read this article for a fuller understanding of the setup!! https://forum.mikrotik.com/viewtopic.php?f=23&t=143620 The quick answer is that there is no need to create a second bridge, simply put all WLAN bridge ports on the same bridge. They are separated by access based on SSID and fire...
by anav
Mon Apr 26, 2021 7:41 pm
Forum: Useful user articles
Topic: Using RouterOS to VLAN your network
Replies: 172
Views: 119933

Re: Using RouterOS to VLAN your network

I like the idea of using vlans to partition and isolate network traffic using ROUTEROS. You're contribution to this article is much appreciated @PCUNITE, MKX, SINDY. I also hope you generate enough traction for this to make it into the Wiki. Thank you ahead of time. Could you kindly show me how to ...
by anav
Mon Apr 26, 2021 7:35 pm
Forum: General
Topic: Dual WAN, dual subnet, multiple VLANs
Replies: 13
Views: 676

Re: Dual WAN, dual subnet, multiple VLANs

You only have two vlans defined or I should state only two with DHCP serving capacity on the router. 200 and 201?????? Where should we assume vlans 10, 20, 100 are coming from??? If this is a five port unit, why is the ISP (assuming ether1) included in the bridge?? So I see all bridge ports are carr...
by anav
Mon Apr 26, 2021 5:06 pm
Forum: Beginner Basics
Topic: Ingress port, Egress port
Replies: 2
Views: 158

Re: Ingress port, Egress port

Draw a network diagram showing ISP device and both MT devices and any subnet and/or vlans you have running and then what is coming off the ports on the RB and switch.
by anav
Mon Apr 26, 2021 5:03 pm
Forum: Beginner Basics
Topic: Mikrotik rebooted without any reason
Replies: 5
Views: 397

Re: Mikrotik rebooted without any reason

How do we know it wasnt a power outage??
by anav
Mon Apr 26, 2021 1:41 pm
Forum: Beginner Basics
Topic: Port forwarding not working
Replies: 4
Views: 231

Re: Port forwarding not working

For some strange reason you put a duplicate of the Destination NAT rules in the forward chain, GET RID OF THEM. /ip firewall filter add action=accept chain=input comment=\ "defconf: accept established,related,untracked" connection-state=\ established,related,untracked add action=accept cha...
by anav
Mon Apr 26, 2021 4:20 am
Forum: General
Topic: Seperate DHCP Servers for Trunked VLAN's
Replies: 3
Views: 270

Re: Seperate DHCP Servers for Trunked VLAN's

Read this artiicle on vlans, Forget using vlan1 to carry data, its on by default in the background wnen you create the bridges. If you need another vlan use vlan10......... for data management or both. https://forum.mikrotik.com/viewtopic.php?f=23&t=143620 If you still have questions, will be he...
by anav
Mon Apr 26, 2021 4:18 am
Forum: General
Topic: HELP !!! router blocking/dropping voip calls after 30 sec
Replies: 48
Views: 14491

Re: HELP !!! router blocking/dropping voip calls after 30 sec

post your config so we can figure something out........

/export hide-sensitive file=anynameyouwish
by anav
Mon Apr 26, 2021 1:17 am
Forum: Beginner Basics
Topic: Small home network with 2 AP
Replies: 24
Views: 1414

Re: Small home network with 2 AP

I actually have no formal training LOL. Just an old dog who drives real experts crazy with the same question over and over (slow learner). Eventually something sinks in. YES WINBOX access using mac is da bomb, it cuts through many an Admin error You can use IP but you need to remember to then enter ...
by anav
Sun Apr 25, 2021 10:15 pm
Forum: Beginner Basics
Topic: Small home network with 2 AP
Replies: 24
Views: 1414

Re: Small home network with 2 AP

I dont see anything terribly wrong. I do not understand why you have ether2 belonging to managment because it says tis going to the NAS. If you wanted to limit the interface that YOU as admin were on, and that is ether3 as well, okay!! You are going to screw up your firewall rules, I can sense it LO...
by anav
Sun Apr 25, 2021 5:29 pm
Forum: Beginner Basics
Topic: Small home network with 2 AP
Replies: 24
Views: 1414

Re: Small home network with 2 AP

Dont delete rules Until you have added the rules. No harm in adding extra rules ..........

Just keep the last rule in the input chain as the very last entry, AKA after you have added the new rules and deleted the old rules.
Then put in the last drop all rule in the input chain.
by anav
Sun Apr 25, 2021 5:27 pm
Forum: Beginner Basics
Topic: Port forwarding dst-nat on 2nd WAN
Replies: 17
Views: 997

Re: Port forwarding dst-nat on 2nd WAN

THere is nothing default about IPV6 setup, the OP would have had to put them in and set them up and thus one should assume its an ipv6 connection in which case I should depart as I have no experience with IPV6
by anav
Sun Apr 25, 2021 4:10 pm
Forum: General
Topic: Static WAN IP not working - mask issue?
Replies: 11
Views: 483

Re: Static WAN IP not working - mask issue?

No worries, did you try Sindy's advice. He is usually not wrong (something about selling his soul to the devil in order to be an MT expert). ;-)
by anav
Sun Apr 25, 2021 4:08 pm
Forum: General
Topic: PWR-LINE PRO
Replies: 22
Views: 3125

Re: PWR-LINE PRO

Sorry for hijacking thread, but for those who use PWR-LINE PRO - do you get additional latency? I've never used EoP devices before. I've heard stories that when using such devices you might get somewhat 30ms latency, even tho internet connectivity is rock stable. Just want to hear if it's true. I h...
by anav
Sun Apr 25, 2021 4:03 pm
Forum: Beginner Basics
Topic: Small home network with 2 AP
Replies: 24
Views: 1414

Re: Small home network with 2 AP

No that would NOT be the last rule in the input chain LOL. The last rule in the input chain would be add chain=input action=drop (note: the invalid rule you were referring to is to drop any malformed packets before they get too far). Please post your config now, so I can see if its where it should b...
by anav
Sun Apr 25, 2021 1:45 pm
Forum: General
Topic: Static WAN IP not working - mask issue?
Replies: 11
Views: 483

Re: Static WAN IP not working - mask issue?

Your last post should have been your first post as for most of the thread you were stating you had a fixed WANIP which of course now we know, was NOT a known fact. You must be a politician LOL.
by anav
Sun Apr 25, 2021 1:42 pm
Forum: Beginner Basics
Topic: Port forwarding dst-nat on 2nd WAN
Replies: 17
Views: 997

Re: Port forwarding dst-nat on 2nd WAN

What? Can someone explain why one needs ipv4 rules if they are using ipv6.
This is all too confusing and stupid, if one has to set two sets of rules LOL.
by anav
Sat Apr 24, 2021 8:01 pm
Forum: General
Topic: VLAN separation using new Bridge VLAN Filtering feature
Replies: 9
Views: 2227

Re: VLAN separation using new Bridge VLAN Filtering feature

From the first post. /interface vlan add interface=bridge-lan name=vlan 11 vlan-id= 21 # VLAN 21 is management add interface=bridge-lan name=vlan 21 vlan-id= 21 # VLAN 21 is apt. A add interface=bridge-lan name=vlan22 vlan-id=22 # VLAN 22 is apt. B Missing IP address, DHCP server, DHCP server networ...
by anav
Sat Apr 24, 2021 7:57 pm
Forum: Beginner Basics
Topic: Port forwarding dst-nat on 2nd WAN
Replies: 17
Views: 997

Re: Port forwarding dst-nat on 2nd WAN

Below is a line by line look at the config without context. (1) Set this rule to NONE as its use is unclear and it is known to potentially cause issues. /interface detect-internet set detect-interface-list= all (2) Bit Confused on the purpose of ETHER2 Orange (is it a second WAN?) It has no definiti...
by anav
Sat Apr 24, 2021 7:34 pm
Forum: Beginner Basics
Topic: Port forwarding dst-nat on 2nd WAN
Replies: 17
Views: 997

Re: Port forwarding dst-nat on 2nd WAN

My apologies, will look at the config...........
by anav
Sat Apr 24, 2021 1:56 pm
Forum: Beginner Basics
Topic: Port Forwarding
Replies: 25
Views: 1094

Re: Port Forwarding

Without a network diagram, and someone who is the least bit cooperative, progress will be slow.
All I can recommend at this point is scratch/delete the POS config that I am looking at.
'Reset to defaults and port forwarding will work! :-) :-)
by anav
Sat Apr 24, 2021 1:49 pm
Forum: Beginner Basics
Topic: MAC VLAN on CRS354-48G
Replies: 18
Views: 1023

Re: MAC VLAN on CRS354-48G

Quick question, where you are plugging in your media laptop, is it a cable jack in the wall or is into switches etc?
Do the switches have multiple ports and are they managed switches that can read vlan tags?
by anav
Sat Apr 24, 2021 1:47 pm
Forum: Beginner Basics
Topic: Port forwarding dst-nat on 2nd WAN
Replies: 17
Views: 997

Re: Port forwarding dst-nat on 2nd WAN

What is strange is that you think two different products from two different vendors will behave the same.
Whats annoying is you asked for help and still have not provided you config so that we can see what the issue 0r issues may be.
by anav
Sat Apr 24, 2021 5:27 am
Forum: Beginner Basics
Topic: Port Forwarding
Replies: 25
Views: 1094

Re: Port Forwarding

Coffee yes, early in the morning, but Tuscany, where is the red wine and queso!!!
Hey Normis, when MUMS open up, lets do Tuscany!!

Otherwise, I am dreaming about a bike tour through your region!!
by anav
Sat Apr 24, 2021 5:26 am
Forum: Beginner Basics
Topic: Small home network with 2 AP
Replies: 24
Views: 1414

Re: Small home network with 2 AP

Have a look at this to see if you understand and want to accomplish. INPUT rules are for traffic to and from the router itself. FORWARD rules are for traffic across the router (wan to lan, lan to wan, lan to lan) Output rules are rarely used. NAT rules are typically used for port forwarding (dst nat...
by anav
Sat Apr 24, 2021 2:27 am
Forum: Beginner Basics
Topic: Port Forwarding
Replies: 25
Views: 1094

Re: Port Forwarding

Nice, even with your explanation I get quickly lost in the confusing config names used. After a few beer, a nice visual makes helping enjoyable LOL. I am in no rush, and will gladly create a clearer simpler config that at the end of the day will less likely cause problems and make problems easier to...
by anav
Sat Apr 24, 2021 12:40 am
Forum: Beginner Basics
Topic: Port Forwarding
Replies: 25
Views: 1094

Re: Port Forwarding

I get the feeling that you didnt create this config because you didnt uderstand the request for a network diagram which would explain the Inputs on the WAN side and the networking setup involved, devices and ports etc...... Can you confirm you created this config?? I prefer to render assistance when...
by anav
Fri Apr 23, 2021 10:42 pm
Forum: Beginner Basics
Topic: does CRS305-1G-4S+IN support switch stacking (similar to cisco's flavor)?
Replies: 4
Views: 337

Re: does CRS305-1G-4S+IN support switch stacking (similar to cisco's flavor)?

I use a rack to stack switches, with some space in between for circulation and then I attach on port on the switch to another port on the next switch etc........
What more do you want.........

Just kidding, just curious as to what functionality switch stacking gives you??
by anav
Fri Apr 23, 2021 10:41 pm
Forum: Beginner Basics
Topic: Port Forwarding
Replies: 25
Views: 1094

Re: Port Forwarding

Luv to help but I am having trouble imagining the network without a diagram. I dont see clealry how many WAN connections you have, nor the reason for a second bridge for the WAN. I have no clue why none of your VLANs are interfaced to a bridge............ Therefore a network diagram and what is goin...
by anav
Fri Apr 23, 2021 10:35 pm
Forum: Beginner Basics
Topic: RouterOS input chain / protection from malicious guests
Replies: 6
Views: 523

Re: RouterOS input chain / protection from malicious guests

VLANS should be created with their interface being the bridge. DHCP, address etc reference the VLAN name itself. The VLAN is thus covered under the firewall rules for LAN Interface member bridge list=LAN. Its is also covered under LAN to WAN rules in-interface-list=LAN out-interface-list=WAN Now if ...
by anav
Fri Apr 23, 2021 9:26 pm
Forum: General
Topic: RB4011 ROS takes up an order of magnitude more space
Replies: 15
Views: 859

Re: RB4011 ROS takes up an order of magnitude more space

File a bug report if you consider whatever this is such a big issue :)
I already submitted one!!!
@Zevba SUP-84879 _Cablenut is bugging me!
by anav
Fri Apr 23, 2021 9:23 pm
Forum: Beginner Basics
Topic: Port Forwarding
Replies: 25
Views: 1094

Re: Port Forwarding

This is not an immediate response forum, patience is a virtue!!

Please post your config for us to look at the jpegs are of little value.
/export hide-sensitive file=anynameyouwish
by anav
Fri Apr 23, 2021 7:40 pm
Forum: Beginner Basics
Topic: Port Forwarding
Replies: 25
Views: 1094

Re: Port Forwarding

There is only one NAT section in firewall rules (not a general and an action - why make shit up??_ dstnat rule format is add action=dst-nat chain=dstnat dst-port=9100 protocol=tcp in-interface-list=WAN \ to-address=10.10.37.xxx to-ports=8844 What one must ensure is that in the Forward Chain of the /...
by anav
Fri Apr 23, 2021 7:29 pm
Forum: Beginner Basics
Topic: MAC VLAN on CRS354-48G
Replies: 18
Views: 1023

Re: MAC VLAN on CRS354-48G

Not sure what you are asking is easily accomplished. When one sets a static IP address on the router, it is effectively set by mac address. There is no functionality that I am aware of to do what you ask??? Be advised, anyone can change their mac address quite easily. In other words, you may have so...
by anav
Fri Apr 23, 2021 6:43 pm
Forum: General
Topic: Allowed Remote Requests: Drop input !LAN VS Filter Rules
Replies: 4
Views: 373

Re: Allowed Remote Requests: Drop input !LAN VS Filter Rules

Not quite. 1. The LAN rule is not blocking anything from the LAN side. 2. There is no danger of blocking useful services with the default rule. 3. Keep this rule! Unitl you know what you are doing LOL 4. The second rule is useless in context because its already covered by the first rule. 5. When you...
by anav
Fri Apr 23, 2021 4:59 pm
Forum: Wireless Networking
Topic: Facebook/Messenger App is able to bypass Hotspot Portal
Replies: 2
Views: 364

Re: Facebook/Messenger App is able to bypass Hotspot Portal

What rule is that?
Are you talking about a default firewall rule?
I checked the hotspot pages and there is no mention of firewall rules?
by anav
Fri Apr 23, 2021 4:51 pm
Forum: Wireless Networking
Topic: Findings ways to increase range
Replies: 2
Views: 350

Re: Findings ways to increase range

5ghz will work through one wall, not two. (use for streaming and LOS) 2.4ghz will work through two walls (use for stable connectivity without LOS) Mikrotik wifi5 uses proprietary drivers and do not work as well as wifi vendor drivers. Best bet for coverage of any area is NOT to use the router as its...
by anav
Fri Apr 23, 2021 4:39 pm
Forum: Beginner Basics
Topic: DSTNAT doesn't opening port
Replies: 9
Views: 488

Re: DSTNAT doesn't opening port

Well you have the cisco router in between so does that forward the port to the WANIP of the MIkrotik ROuter (the LANIP on the cisco private subnet).
by anav
Fri Apr 23, 2021 3:51 pm
Forum: General
Topic: Allowed Remote Requests: Drop input !LAN VS Filter Rules
Replies: 4
Views: 373

Re: Allowed Remote Requests: Drop input !LAN VS Filter Rules

The first rule you noted is the default firewall rule which is perfectly safe and allows only LAN traffic to hit the router. If you start messing with the default rules ensure you know what you are doing. Most folks modify eventually the input and forward chains to more targeted approach. By that I ...
by anav
Fri Apr 23, 2021 3:48 pm
Forum: General
Topic: firewall rules in recursive wan failover set up
Replies: 2
Views: 387

Re: firewall rules in recursive wan failover set up

The approach is incorrect in two ways. One uses sourcenat, and Ip routes for traffic rules (both natting and flow). If basic rules are not enough one uses mangling to control the flow of packets. Firewall rules are just doors that open and close they are not smart to direct traffic. That being said,...
by anav
Fri Apr 23, 2021 3:42 pm
Forum: Beginner Basics
Topic: DSTNAT doesn't opening port
Replies: 9
Views: 488

Re: DSTNAT doesn't opening port

lab network diagram??
by anav
Fri Apr 23, 2021 3:41 pm
Forum: Beginner Basics
Topic: Port forwarding dst-nat on 2nd WAN
Replies: 17
Views: 997

Re: Port forwarding dst-nat on 2nd WAN

/export hide-sensitive file=anynameyouwish
by anav
Fri Apr 23, 2021 3:34 pm
Forum: Beginner Basics
Topic: RouterOS input chain / protection from malicious guests
Replies: 6
Views: 523

Re: RouterOS input chain / protection from malicious guests

Here is my minimalist but safe setup. (1) The idea being, as stated move from default setup (which is safe but not targetted) and has a concept of allow all and block what you dont want. TO what The previous poster and most who prefer to change the setup to BLOCK ALL by default and then state what i...
by anav
Fri Apr 23, 2021 3:41 am
Forum: Beginner Basics
Topic: DSTNAT doesn't opening port
Replies: 9
Views: 488

Re: DSTNAT doesn't opening port

(1) This seems non-standard
/ip address
add address=192.168.60.2/30 interface=ether2 network=192.168.60.0

TO
/ip address
add address=192.168.60.1/24 interface=ether2 network=192.168.60.0

(2) where is dhcp server, ip pool, dhcp-server-network ???
by anav
Fri Apr 23, 2021 1:05 am
Forum: Beginner Basics
Topic: Port forwarding not working from Public IP ranges [SOLVED]
Replies: 27
Views: 1480

Re: Port forwarding not working from Public IP ranges [SOLVED]

Well thats your problem you have to decide which router is doing the routing? Why not just dump the RB750 and run everything from the RB4011. If for some reason you need a switch at any spot in the setup then setup the RB750 as a Switch using ROS. Basically just run a bridge on the switch, identify ...
by anav
Fri Apr 23, 2021 1:01 am
Forum: Beginner Basics
Topic: DSTNAT doesn't opening port
Replies: 9
Views: 488

Re: DSTNAT doesn't opening port

If you had the default set of firewall rules, A MUST for any internet facing device, one of the forward chain rules contains the means to allow port forwarding traffic. A clearer rule to use in the lab environment would be /ip firewall filter add chain=forward action=accept comment="allow port ...
by anav
Thu Apr 22, 2021 10:17 pm
Forum: Beginner Basics
Topic: Port forwarding not working from Public IP ranges [SOLVED]
Replies: 27
Views: 1480

Re: Port forwarding not working from Public IP ranges [SOLVED]

Please post your latest config on router and on RB4011.
by anav
Thu Apr 22, 2021 6:59 pm
Forum: General
Topic: Dual WAN failover using recursive routing
Replies: 16
Views: 1161

Re: Dual WAN failover using recursive routing

(1) Get rid of this.... set to NONE. /interface detect-internet set detect-interface-list=all (2) FIX THIS, /ip address add address=192.168.1.1/24 interface= ether2 network=192.168.1.0 SHOULD BE /ip address add address=192.168.1.1/24 interface =bridge1 network=192.168.1.0 (3) Duplicate rule remove.....
by anav
Thu Apr 22, 2021 6:39 pm
Forum: General
Topic: Need help with VLAN Trunks [SOLVED]
Replies: 11
Views: 3810

Re: Need help with VLAN Trunks [SOLVED]

Without a network diagram there is no information on what is on each etherport on the hex?? /interface ethernet set [ find default-name=ether1 ] set [ find default-name=ether2 ] set [ find default-name=ether3 ] set [ find default-name=ether4 ] set [ find default-name=ether5 ] name=emerg-access_eth5 ...
by anav
Thu Apr 22, 2021 6:16 pm
Forum: General
Topic: Need help with VLAN Trunks [SOLVED]
Replies: 11
Views: 3810

Re: Need help with VLAN Trunks [SOLVED]

@Durango (1) One bridge is required not Two. (2) Use home vlan as management vlan or if you want a separate management vlan then use something like vlan99. However if you as the admin have your PCs always on the home vlan then simply use the homevlan and use firewall rules to limit access to the HE...
by anav
Thu Apr 22, 2021 5:50 pm
Forum: General
Topic: Need help with VLAN Trunks [SOLVED]
Replies: 11
Views: 3810

Re: Need help with VLAN Trunks [SOLVED]

@JbrinkZA First comment WHY would you want a port between the CISCO and the MIKROTIK that is a hybrid port. This makes ZERO sense to me. Just simply carry both over as vlans in a trunk port and then on the MIKROTIK you can deal out vlans as required. Please explain the purpose of a hybrid port betw...
by anav
Thu Apr 22, 2021 5:45 pm
Forum: General
Topic: 4 WAN Load balancing on 2 separated LANs on the same RB [SOLVED]
Replies: 5
Views: 1263

Re: 4 WAN Load balancing on 2 separated LANs on the same RB [SOLVED]

Yes, as your response was not clear.
Sindy pointed out you didnt address failure of ISP1 or ISP2 and if the routes are available the router will route folks to the available routes.

However it seems you are saying your config was incomplete for some cases which caused the leakage??
by anav
Thu Apr 22, 2021 4:21 pm
Forum: General
Topic: RB4011 ROS takes up an order of magnitude more space
Replies: 15
Views: 859

Re: RB4011 ROS takes up an order of magnitude more space

Haha I was going to ask which Russian website did you get your download from. ;-)

By the way, there is no firmware just for the RB4011, they classify downloads per CPU chip architecture (ARM in this case).
by anav
Thu Apr 22, 2021 4:18 pm
Forum: General
Topic: hEX PoE RB960PGS, getting 2 VLANs via SFP, routing within the RouterOS - help needed [SOLVED]
Replies: 8
Views: 444

Re: hEX PoE RB960PGS, getting 2 VLANs via SFP, routing within the RouterOS - help needed [SOLVED]

My bad I assumed due to the text on the side that the data coming from the switch would be coming in on ether3 on the router. If its sfp1 on the router just change ether3 to sfp1 for example.
by anav
Thu Apr 22, 2021 4:15 pm
Forum: Beginner Basics
Topic: Can't get VLAN network work as I need (Confusion)
Replies: 3
Views: 386

Re: Can't get VLAN network work as I need (Confusion)

Yes all very doable with bridges and vlans. However use vlan99 for management vlan or any number you wish and NOT pvid=1. That is reserved as the default vlan on all equipment and should not be used to carry data etc........ Trust me I use netgear, dlink, tplink, and mikrotik ROS for switching and r...
by anav
Thu Apr 22, 2021 3:58 pm
Forum: General
Topic: Config VLan and trunk between RB4011 router and CRS328 Switch (Running RouteOS)
Replies: 26
Views: 1491

Re: Config VLan and trunk between RB4011 router and CRS328 Switch (Running RouteOS)

This is a farce. Your setup could be configured and working in 5 minutes using straight forward bridge vlan bridge filtering as you are using ROS and phuck capsman. Not only that your config which is not your config but what you mistakenly think is only the parts we need to see to discern magically ...
by anav
Thu Apr 22, 2021 2:34 pm
Forum: General
Topic: Firewall filter hits multiple rules
Replies: 6
Views: 312

Re: Firewall filter hits multiple rules

Quick question Jotne,
Do you run many servers?
What would be the difference of simply using a drop all rule at the end of your input chain and forward chain (which would drop all those attempts anyway).
What am I missing?
by anav
Thu Apr 22, 2021 2:30 pm
Forum: General
Topic: hEX PoE RB960PGS, getting 2 VLANs via SFP, routing within the RouterOS - help needed [SOLVED]
Replies: 8
Views: 444

Re: hEX PoE RB960PGS, getting 2 VLANs via SFP, routing within the RouterOS - help needed [SOLVED]

Yes, but there is no routing here and the HEX is not connected to the internet. Its simply acting as bridge switch and I have one doing the same on my desktop (Multiple vlans coming in on one wire- with a variety of untagged and tagged vlans outgoing on the other ports). What is not clear to me is w...
by anav
Thu Apr 22, 2021 2:29 am
Forum: General
Topic: Unstable MAC Winbox connection
Replies: 12
Views: 595

Re: Unstable MAC Winbox connection

Try setting your computer IP address to 192.168.88.2 and attach to ether 2, if that doesnt work hit the reset button on the router and try it.
by anav
Thu Apr 22, 2021 2:27 am
Forum: General
Topic: NAT problem with host's internal traffic using route marking.
Replies: 6
Views: 408

Re: NAT problem with host's internal traffic using route marking.

What confuses me is what is the purpose of two routers?
Simply connect both WANIPs to the same router.........................
by anav
Thu Apr 22, 2021 2:24 am
Forum: Beginner Basics
Topic: Small home network with 2 AP
Replies: 24
Views: 1414

Re: Small home network with 2 AP

hi za7, Many folks I know USE mac -winbox (yes turn plain mac off, but mac-winbox is a viable way to access the router from within the LAN). What I would say is that a. you dont use the default winbox port (change it in services) and b. create an admin interface that helps one limit who on the route...
by anav
Thu Apr 22, 2021 2:18 am
Forum: Beginner Basics
Topic: DST-NAT not opening port
Replies: 14
Views: 968

Re: DST-NAT not opening port

Suggest you get a friend to try and connect to your server and while doing so run packet sniffer in the tools. Use the IP address of the server for example for the attempts. Also try the same exercise running packet sniffer but this time using the WAN interface as the filter (but ensure no one else ...
by anav
Wed Apr 21, 2021 9:13 pm
Forum: General
Topic: Connectivity [SOLVED]
Replies: 10
Views: 709

Re: Connectivity [SOLVED]

I see nothing wrong with the config but maybe another pair of eyes would help.
by anav
Wed Apr 21, 2021 9:09 pm
Forum: General
Topic: Different (sub)nets for each port? [solved]
Replies: 4
Views: 253

Re: Different (sub)nets for each port?

The description is not clear. A. If the toplogy is such that EACH neighbour (and you) has their own port on the router heading towards their own switch B. If the topology is such that one ethernet cable due to available location wiring will carry two or the three of the networks. Case A Easiest and ...
by anav
Wed Apr 21, 2021 5:31 am
Forum: Beginner Basics
Topic: Small home network with 2 AP
Replies: 24
Views: 1414

Re: Small home network with 2 AP

yup they are the default ones and work on the premise of allow all traffic except what you have blocked.

Most of us graduate from the default rule and change the premise to block all traffic by default except what we allow.
Very easy to do with few rule changes.
IF interested we can tackle that next.
by anav
Wed Apr 21, 2021 1:05 am
Forum: General
Topic: Config VLan and trunk between RB4011 router and CRS328 Switch (Running RouteOS)
Replies: 26
Views: 1491

Re: Config VLan and trunk between RB4011 router and CRS328 Switch (Running RouteOS)

Ahh okay I kept reading to the next section. Interesting but of no interest to me as I dont use capsman nor any of its functionality. When and If Do (aka when hell freezes over) it would mean MT has useful WIFI products. :-) Unless I have more than 3 wifi devices, I have no use for capsman as an xtr...
by anav
Tue Apr 20, 2021 10:19 pm
Forum: General
Topic: Config VLan and trunk between RB4011 router and CRS328 Switch (Running RouteOS)
Replies: 26
Views: 1491

Re: Config VLan and trunk between RB4011 router and CRS328 Switch (Running RouteOS)

That link shows no such thing but does show a full up bridgeport and bridgevlan configuration so whats your point. In addition the example is missing the IP address assignments. In summary, if you are using vlans, bridgeport is not necessary if its one vlan per interface, but in this case vlans are ...
by anav
Tue Apr 20, 2021 8:48 pm
Forum: Beginner Basics
Topic: access to winbox from VLAN with Macintosh OSx virtual interface
Replies: 1
Views: 114

Re: access to winbox from VLAN with Macintosh OSx virtual interface

No idea

1. network diagram

2. Post config

/export hide-sensitive file=anynameyouwish
by anav
Tue Apr 20, 2021 8:46 pm
Forum: General
Topic: hEX PoE RB960PGS, getting 2 VLANs via SFP, routing within the RouterOS - help needed [SOLVED]
Replies: 8
Views: 444

Re: hEX PoE RB960PGS, getting 2 VLANs via SFP, routing within the RouterOS - help needed [SOLVED]

Need more detail on the purpose of the HEX? Is it acting simply as a switch? SINCE It has not been stated, what is the IP address of the HEX going to be??? ROUGHLY............... In which case just create a bridge put all the ports on the bridge create two vlans and attache them to the bridge (no ne...
by anav
Tue Apr 20, 2021 8:38 pm
Forum: General
Topic: Dual WAN failover using recursive routing
Replies: 16
Views: 1161

Re: Dual WAN failover using recursive routing

Something else then please post your complete config.

/export hide-sensitive file=anynameyouwish
by anav
Tue Apr 20, 2021 8:36 pm
Forum: General
Topic: Phantom bandwidth limt with RB4011 + CRS305 router-on-a-stick [SOLVED]
Replies: 6
Views: 532

Re: Phantom bandwidth limt with RB4011 + CRS305 router-on-a-stick [SOLVED]

Good catch!!
I was only speaking about the router.
Once you have that resolved, then I can look at the switch
Unless all is now working and you have essentially closed the thread....
by anav
Tue Apr 20, 2021 8:31 pm
Forum: Beginner Basics
Topic: Routing configuration
Replies: 7
Views: 507

Re: Routing configuration

thanks tdw I will defer to your knowledge of sub-netting, I am still stuck in a paper bag on that one! :-) However I disagree on vlan1 usage. Dependency upon it to carry traffic and be a management vlan has not proven to be without troubles. Whereas, using a management vlan separate from vlan1 has w...
by anav
Tue Apr 20, 2021 7:39 pm
Forum: Beginner Basics
Topic: Routing configuration
Replies: 7
Views: 507

Re: Routing configuration

(1) Okay I should have referenced this article for reading. https://forum.mikrotik.com/viewtopic.php?f=23&t=143620 (2) Basically one does not use VLAN1 for anything but uses VLAN99 or any number you choose! Do not worry, vlan1 is carried in the background and works with all other vendors equipme...
by anav
Tue Apr 20, 2021 7:28 pm
Forum: Beginner Basics
Topic: Yet another VLAN issues topic...
Replies: 22
Views: 1550

Re: Yet another VLAN issues topic...

So far all looks good...... but not for long (1) Dont see this used often?? Purpose? /ip firewall connection tracking set tcp-established-timeout=5h (2) Missing Ether5 if you want to manually insert the untagged vlans (which I prefer) /interface bridge vlan add bridge=bridge1 tagged=bridge1,ether2-R...
by anav
Tue Apr 20, 2021 7:07 pm
Forum: Beginner Basics
Topic: Setting up web and mail server
Replies: 6
Views: 396

Re: Setting up web and mail server

Hi there, (1) Add ethernet6 to the LAN membership /interface list member add interface=ether1 list=WAN add interface=local list=LAN ad interface=ether6 list=LAN (2) Your IP pools are screwed up LOL From /ip pool add name=dhcp_pool0 ranges=11.10.8.1-11.10.10.0,11.10.10.2-11.10.11.254 add name=dhcp ra...
by anav
Tue Apr 20, 2021 6:33 pm
Forum: Beginner Basics
Topic: VLAN without vlan, but... [SOLVED]
Replies: 7
Views: 457

Re: VLAN without vlan, but... [SOLVED]

No worries, if it works for you, thats what counts.
If and when you want to do it the more standard way let me know.
by anav
Tue Apr 20, 2021 6:32 pm
Forum: Beginner Basics
Topic: Small home network with 2 AP
Replies: 24
Views: 1414

Re: Small home network with 2 AP

No worries, set to ether2 is part of the default setup that catches most people i was just ribbing you LOL.
I dont see where the wlans on the hap are disabled but I believe you, just bit tired to read into the config.

Should be fine, is there a question/issue on something not working?
by anav
Tue Apr 20, 2021 3:33 pm
Forum: General
Topic: Different (sub)nets for each port? [solved]
Replies: 4
Views: 253

Re: Different (sub)nets for each port?

Yes use vlans.
Route three vlans through the single port (assuming your stuff is also on that port?)

However that does not seem like the whole story and to config the router for that we need the whole story
A network diagram will help.
by anav
Tue Apr 20, 2021 3:27 pm
Forum: General
Topic: Phantom bandwidth limt with RB4011 + CRS305 router-on-a-stick [SOLVED]
Replies: 6
Views: 532

Re: Phantom bandwidth limt with RB4011 + CRS305 router-on-a-stick [SOLVED]

Okay, that took me awhile to figure out LOL. sfppplus is the ethernet interface (physical port) that is going to your ISP. Your ISP carries data on vlan20 and thus is created and attached to the sffplus interface. What I dont get is the wireguard interface and it being a WAN interface but since I am...
by anav
Tue Apr 20, 2021 2:49 pm
Forum: General
Topic: Dual WAN failover using recursive routing
Replies: 16
Views: 1161

Re: Dual WAN failover using recursive routing

add dst-address=8.8.8.8/32 gateway=IP of_GW_ISP1 distance=5 comment="Validate Primary Cable ISP" add gateway=8.8.8.8 distance=5 check-gateway=ping comment="Primary ISP Route" add gateway=IP of_GW_ISP2 distance=10 comment="Secondary ISP" On the first rule did you try a ...
by anav
Tue Apr 20, 2021 2:44 pm
Forum: Beginner Basics
Topic: VLAN without vlan, but... [SOLVED]
Replies: 7
Views: 457

Re: VLAN without vlan, but... [SOLVED]

Thats the point, having one bridge and a clear set of vlans as per the provided reference, firewall rules become very easy.
The config is all inter related so design cannot be done in isolation.
by anav
Tue Apr 20, 2021 2:40 pm
Forum: Beginner Basics
Topic: Setting up web and mail server
Replies: 6
Views: 396

Re: Setting up web and mail server

IF you put the server on its own subnet, then you wont need hairpin nat. The issue is people behind the router on the same lan subnet as the server will NOT be able to reach the server by WANIP address, IF that is how you intended lan users to reach your servers. Normal lan to lan traffic can always...
by anav
Tue Apr 20, 2021 4:02 am
Forum: General
Topic: Phantom bandwidth limt with RB4011 + CRS305 router-on-a-stick [SOLVED]
Replies: 6
Views: 532

Re: Phantom bandwidth limt with RB4011 + CRS305 router-on-a-stick [SOLVED]

You should know by now that busy diagrams that says very little, is of little use.
a simple
/export hide-sensitive file=anynameyouwish at least for the RB4011 can check that config.
by anav
Tue Apr 20, 2021 3:58 am
Forum: Beginner Basics
Topic: Small home network with 2 AP
Replies: 24
Views: 1414

Re: Small home network with 2 AP

(1) You didnt make it clear but you are using the haplite to also provide wifi?? (2) Get rid of bridge filter settings, noise not needed. /interface bridge filter # wlan2 not ready # in/out-bridge-port matcher not possible when interface (wlan2) is not slave add action=drop chain=forward in-interfac...
by anav
Tue Apr 20, 2021 3:48 am
Forum: Beginner Basics
Topic: vlan basics
Replies: 3
Views: 255

Re: vlan basics

EOIP as far as I know is really for traffic exiting the router and connecting to another router elsewhere ( Home to Home, Office to Office) and not for traffic behind a single router??
by anav
Tue Apr 20, 2021 12:58 am
Forum: General
Topic: IPIP vs GRE [SOLVED]
Replies: 7
Views: 514

Re: IPIP vs GRE [SOLVED]

From wiki: "GRE is the same as IPIP and EoIP which were originally developed as stateless tunnels. Which means that if the remote end of the tunnel goes down, all traffic that was routed over the tunnels will gets blackholed. To solve this problem, RouterOS have added 'keepalive' feature for GR...
by anav
Tue Apr 20, 2021 12:55 am
Forum: General
Topic: Config VLan and trunk between RB4011 router and CRS328 Switch (Running RouteOS)
Replies: 26
Views: 1491

Re: Config VLan and trunk between RB4011 router and CRS328 Switch (Running RouteOS)

Ahh you were referring to the switch.
Well I am used to two methods,
SwOS or bridge vlan filtering, I know both well enough and both work,
If you have another method feel free to chime in.............
by anav
Tue Apr 20, 2021 12:53 am
Forum: Beginner Basics
Topic: No ping on lan with access points
Replies: 1
Views: 97

Re: No ping on lan with access points

Using quickset other than to choose the basic default setting of configuration mode will get one no where fast.

Post your config.

/export hide-sensitive file=anynameyouwish
by anav
Tue Apr 20, 2021 12:51 am
Forum: Beginner Basics
Topic: Yet another VLAN issues topic...
Replies: 22
Views: 1550

Re: Yet another VLAN issues topic...

Thank you for the great amount of work you did to help... Unfortunatly, and inexplicably, it still doesn't work correctly. Devices connected by ethernet to VLAN10 are unreacheable. I'm gonna try tomorrow, a fresh reset and a total reconfiguration may help, hopefully. Why, you didnt post the config ...
by anav
Mon Apr 19, 2021 10:58 pm
Forum: General
Topic: Config VLan and trunk between RB4011 router and CRS328 Switch (Running RouteOS)
Replies: 26
Views: 1491

Re: Config VLan and trunk between RB4011 router and CRS328 Switch (Running RouteOS)

Why use Bridge VLAN filtering on your router ?
A. because it works
B. because its easy to implement.
C. because there is no letter z in Bridge Vlan filtering ;-P
by anav
Mon Apr 19, 2021 6:27 pm
Forum: General
Topic: Dual WAN failover using recursive routing
Replies: 16
Views: 1161

Re: Dual WAN failover using recursive routing

Okay I see the problem, I wasnt specific in my example because I made an assumption of you were simply using gateway1 to hide your WANIP gateways but apparently you think the name of the interface suffices, not so, you need the actual IP address. So let me rephrase my Suggestions. /ip route add dst-...
by anav
Mon Apr 19, 2021 3:41 pm
Forum: General
Topic: 2 wan 2 lan
Replies: 4
Views: 312

Re: 2 wan 2 lan

Sorry I dont help config security holes.
by anav
Mon Apr 19, 2021 3:39 pm
Forum: General
Topic: Dual WAN failover using recursive routing
Replies: 16
Views: 1161

Re: Dual WAN failover using recursive routing

The only thing I would focus in on is distance and not scope. Which was missing in your first rule. I tend to not box myself into corner Nothing lower than one, so I use 5, and 10 /ip route add dst-address=8.8.8.8/32 gateway=ether1 distance=1 comment="Validate Primary Cable ISP" add gatewa...
by anav
Mon Apr 19, 2021 3:31 pm
Forum: Beginner Basics
Topic: vlan basics
Replies: 3
Views: 255

Re: vlan basics

Replace the first unmanaged switch with a managed switch is the easy answer. Then it can move vlans to both hap minis as required and feed the homelan vlan to the unmanaged switch The managed switch itself can also provide any output at its ports, as required. This assumes you only have one ethernet...
by anav
Mon Apr 19, 2021 3:26 pm
Forum: Beginner Basics
Topic: Small home network with 2 AP
Replies: 24
Views: 1414

Re: Small home network with 2 AP

For a simple home network I would not use mangling or queuing. However the diagrams provided are too difficult to read and incomplete. Please post your config /export hide-sensitive file=anynameyouwish Also assuming the two APs you have are not able to read vlantags Not sure what you mean by ad bloc...
by anav
Mon Apr 19, 2021 3:20 pm
Forum: Beginner Basics
Topic: VLAN without vlan, but... [SOLVED]
Replies: 7
Views: 457

Re: VLAN without vlan, but... [SOLVED]

This is the definitive guide for vlan bridge filtering. https://forum.mikrotik.com/viewtopic.php?f=23&t=143620 Here is an example for hybrid. HomeLAN is vlan10 (where admin resides and also thus managment vlan - all devices should get an IP from vlan20) ether2 is going to a UAP (vlan10 and vlan2...
by anav
Mon Apr 19, 2021 3:01 pm
Forum: Beginner Basics
Topic: wAP AC Configuration
Replies: 3
Views: 399

Re: wAP AC Configuration

Also recommend setting this to none or deleting it as its purpose is not well understood and has known to cause issues in configs.
/interface detect-internet
set detect-interface-list=all
by anav
Mon Apr 19, 2021 1:05 am
Forum: General
Topic: Config VLan and trunk between RB4011 router and CRS328 Switch (Running RouteOS)
Replies: 26
Views: 1491

Re: Config VLan and trunk between RB4011 router and CRS328 Switch (Running RouteOS)

The management vlan can simply be your home LAN, no need to create another one. The way I look at it, the management lan is the one, you as the admin are on all the time. I also recommending taking one router port and making it its own ethernet interface with small pool, dhcp etc, OFF the bridge as ...
by anav
Sun Apr 18, 2021 10:44 pm
Forum: General
Topic: Load Balance Multiple ISP connection
Replies: 3
Views: 294

Re: Load Balance Multiple ISP connection

As long as the switch is not involved in the routing of traffic, should be good with all the other caveats as noted.
by anav
Sun Apr 18, 2021 9:55 pm
Forum: Beginner Basics
Topic: Yet another VLAN issues topic...
Replies: 22
Views: 1550

Re: Yet another VLAN issues topic...

Okay So with that in mind, I will assume ether6 on the router is an available port that is not actuallly hooked up to your PC all the time and that regularly you manage the network from a PC on vlan10. Will post the config shortly. The firewall rules need work, for example you made a specific rule f...
by anav
Sun Apr 18, 2021 9:39 pm
Forum: Beginner Basics
Topic: Yet another VLAN issues topic...
Replies: 22
Views: 1550

Re: Yet another VLAN issues topic...

Hard to follow but Okay I think I understand what you are trying to do.
by anav
Sun Apr 18, 2021 9:22 pm
Forum: General
Topic: Public IP Assignment
Replies: 1
Views: 219

Re: Public IP Assignment

According to the wiki, on uses netmapping. However I have no experience with mutiple WANIPs from a single provider. 1:1 mapping If you want to link Public IP subnet 11.11.11.0/24 to local one 2.2.2.0/24, you should use destination address translation and source address translation features with acti...
by anav
Sun Apr 18, 2021 9:00 pm
Forum: Beginner Basics
Topic: Port forwarding not working from Public IP ranges [SOLVED]
Replies: 27
Views: 1480

Re: Port forwarding not working from Public IP ranges [SOLVED]

Yup time to reload the firmware!
by anav
Sun Apr 18, 2021 4:11 am
Forum: General
Topic: Config VLan and trunk between RB4011 router and CRS328 Switch (Running RouteOS)
Replies: 26
Views: 1491

Re: Config VLan and trunk between RB4011 router and CRS328 Switch (Running RouteOS)

(1) You can improve the bridge ports add bridge=Bridge interface=sfp-sfpplus1 frame-types=allow only tagged frames ingress filtering=yes add bridge=Bridge interface=ether1 frame-types=allow priority and untagged frames ingress filtering=yes pvid=10 Repeat same for all access ports 2-22. (2) The brid...
by anav
Sat Apr 17, 2021 10:21 pm
Forum: Wireless Networking
Topic: Any product recommendations for MikroTik wifi router?
Replies: 22
Views: 2191

Re: Grrr - Vlan switching in ROS with or without a switch chip - Grrr

I love Mikrotik routers and wireless devices ! However ... When it comes to switching using ROS ( using the ethernet switch chip -or the CPU for software switching ) , the Mikrotik ROS CLI & http & Winbox is just horrible ! For example - try doing this: - Let say you have 5 to 48 ethernet-a...
by anav
Sat Apr 17, 2021 9:59 pm
Forum: Beginner Basics
Topic: FAIIL OVER - Partial BYPASS
Replies: 0
Views: 170

FAIIL OVER - Partial BYPASS

(1) Network Scenario: Two WANS, multiple LAN subnets. WAN1 is primary, WAN2 is failover. (2) Requirement: Subnet X must use WAN2 (not WAN1). Finally, Subnet X, however, may use WAN1 if WAN2 is down. Recursive is optional. (3) Solution Development. (a) Add two routes with WAN1 being primary (aka shor...
by anav
Sat Apr 17, 2021 9:24 pm
Forum: Beginner Basics
Topic: What is the best way to set-up WLAN VLAN?
Replies: 6
Views: 493

Re: What is the best way to set-up WLAN VLAN?

It should be noted that other brands of Access Points also assign the vlans to the WLANs.
I prefer the bridge ports do this work and let wireless settings focus on wireless settings.

I do not know which method is more efficient or optimal but hopefully others can provide input.
by anav
Sat Apr 17, 2021 9:22 pm
Forum: Beginner Basics
Topic: Looking for help in setting up IoT Hub [SOLVED]
Replies: 19
Views: 1117

Re: Looking for help in setting up IoT Hub [SOLVED]

Please do not use quickset to configure the router once you are passed the default configuration stage...........aka any changes LOL.
by anav
Sat Apr 17, 2021 1:10 pm
Forum: General
Topic: Isolate clients for only certain VLANs?
Replies: 18
Views: 974

Re: Isolate clients for only certain VLANs?

For MT routers, setting the last rule in the forward firewall filter chain, to drop all, basically blocks all vlan to vlan traffic at layer 3. Then one only needs to make the necessary allow allowed traffic rules before the last rule. vlan to internet access to shared devices admin access to all vla...
by anav
Sat Apr 17, 2021 2:30 am
Forum: General
Topic: 2 wan 2 lan
Replies: 4
Views: 312

Re: 2 wan 2 lan

No idea why you are showing pre-routing. The only thing I can say is that attempting to open a door to the router via your winbox port is unsafe and should be avoided. If you need access to the router externally, then the proper way is via a VPN tunnel to the LAN side and then access the router from...
by anav
Sat Apr 17, 2021 2:26 am
Forum: Beginner Basics
Topic: DST-NAT not opening port
Replies: 14
Views: 968

Re: DST-NAT not opening port

Sadly the only thing I can suggest is reinstall firmware lets say the latest long term version..........
by anav
Fri Apr 16, 2021 10:35 pm
Forum: Beginner Basics
Topic: Port forwarding not working from Public IP ranges [SOLVED]
Replies: 27
Views: 1480

Re: Port forwarding not working from Public IP ranges [SOLVED]

Is the switch a managed switch or unmanaged (dumb).
I would put the the 4011 in place of the apple..........
Its like towing a 2020 land rover with a 2002 vw beetle.....
by anav
Fri Apr 16, 2021 10:29 pm
Forum: General
Topic: Connect Two different Subnets [SOLVED]
Replies: 4
Views: 406

Re: Connect Two different Subnets [SOLVED]

Please give me the name of the hotel, I wish to be paid directly.
by anav
Fri Apr 16, 2021 10:28 pm
Forum: General
Topic: ISP to Mikrotik Router RB4011 Bridging
Replies: 12
Views: 804

Re: ISP to Mikrotik Router RB4011 Bridging

In other words, is ether 2 the right physical port the traffic is coming in on??
by anav
Fri Apr 16, 2021 10:26 pm
Forum: General
Topic: hEX RB750gr3 VLAN support?
Replies: 2
Views: 262

Re: hEX RB750gr3 VLAN support?

You have lots of options. The bridge here would not really be all that useful or vlans as each interface (etherport) is basically a self contained entity. One port, one purpose.................. its at the ip firewall filter rules where you will ensure they cannot see each other at layer3 (routed by...
by anav
Fri Apr 16, 2021 10:21 pm
Forum: General
Topic: Botnet and bad actor filters
Replies: 2
Views: 288

Re: Botnet and bad actor filters

Can you also filter bad actors from Netflix?
Awesome!!!
by anav
Fri Apr 16, 2021 10:19 pm
Forum: Beginner Basics
Topic: Yet another VLAN issues topic...
Replies: 22
Views: 1550

Re: Yet another VLAN issues topic...

OOPS thats a typo from doing so many versions of setups for so many posts LOL.

Let me fix it for you.
/ip dhcp-server
add address-pool=dhcp_pool-homeLAN disabled=no interface=homevlan10 name=\
dhcp-home
add address-pool=dhcp_pool-IOTLAN interface=iotvlan20 name=\
dhcp-IOT
by anav
Fri Apr 16, 2021 10:12 pm
Forum: Beginner Basics
Topic: Routing configuration
Replies: 7
Views: 507

Re: Routing configuration

(1) Just so I understand it appears you have a Bridge called lineout which has three vlans, so I dont understand why you see the need to have the bridge itself give out DHCP?? Just use the bridge as a bridge period is my recommendation and if you need to run more data on the bridge just call it vlan...
by anav
Fri Apr 16, 2021 8:49 pm
Forum: Beginner Basics
Topic: What is the best way to set-up WLAN VLAN?
Replies: 6
Views: 493

Re: What is the best way to set-up WLAN VLAN?

As MKX stated and under the ACCESS POINT for example, illustrated in the confg! Here are the three vlans it talks about under access point. One clearly sees in wirless settings, no mention of vlans .......................... # Blue SSID /interface wireless security-profiles set [ find default=yes ] ...
by anav
Fri Apr 16, 2021 2:37 pm
Forum: General
Topic: Firewall rule question
Replies: 1
Views: 151

Re: Firewall rule question

The default rules work out of the box!
When you add VPN to the router, there are changes you make in the firewall rules (one adds accept rules) that permit the VPN traffic.
The rules you are wondering about remain in place.
by anav
Fri Apr 16, 2021 2:34 pm
Forum: Beginner Basics
Topic: Looking for help in setting up IoT Hub [SOLVED]
Replies: 19
Views: 1117

Re: Looking for help in setting up IoT Hub [SOLVED]

Sounds good to me, yes I read the ref you posted and indeed, it looks like all is possible.
What I am not sure of is on the MT router whether you need to tell it where the DCHP is located??
by anav
Fri Apr 16, 2021 2:30 pm
Forum: Beginner Basics
Topic: DST-NAT not opening port
Replies: 14
Views: 968

Re: DST-NAT not opening port

I cannot fathom why an external attempt from the WAN does not work.
Assuming you mean from an external WANIP and not someone on the lan using the external WANIP (which is a loopback hairpin nat scenario).
by anav
Fri Apr 16, 2021 2:25 pm
Forum: Beginner Basics
Topic: What is the best way to set-up WLAN VLAN?
Replies: 6
Views: 493

Re: What is the best way to set-up WLAN VLAN?

This reference details configuration for wired and wireless MT devices.
viewtopic.php?f=23&t=143620
by anav
Fri Apr 16, 2021 5:41 am
Forum: Beginner Basics
Topic: DST-NAT not opening port
Replies: 14
Views: 968

Re: DST-NAT not opening port

So somehow you can reach the internet now with NO entries in IP Routes?? There must be some entries if you can successfully reach the net etc.. The only other thing that comes to mind is your in a double NAT scenario where the actual WANIP you get from the ISP is a private IP and not a public IP?&qu...
by anav
Fri Apr 16, 2021 2:16 am
Forum: General
Topic: Trunking and access ports confusion
Replies: 2
Views: 179

Re: Trunking and access ports confusion

If vlan10 is the native vlan what is 192.168.88.1 network?? In other words did you mean vlan10 is the management vlan OR did you mean vlan10 is your homevlan and your management vlan ??? Personally if 192.168.88 is the home vlan, this works also as a management vlan for simplification although not s...
by anav
Fri Apr 16, 2021 2:11 am
Forum: General
Topic: Trunking and access ports confusion
Replies: 2
Views: 179

Re: Trunking and access ports confusion

When you want to use the vlan filtering method and not switch chip let me know.
Read this first
viewtopic.php?f=23&t=143620
by anav
Fri Apr 16, 2021 2:10 am
Forum: Useful user articles
Topic: Using RouterOS to VLAN your network
Replies: 172
Views: 119933

Re: Using RouterOS to VLAN your network

Hi mud, you do make some points there in terms of cross vendors but let me point you to the jestream switches I use from TPLINK. I set the PVID in one section and in another I set both Tagged and Untagged ports. I have to set untagged ports. Therefore it is MORE NORMAL for me to do it on the MT. :-)...
by anav
Fri Apr 16, 2021 1:58 am
Forum: General
Topic: Set up internet block in few pcs
Replies: 4
Views: 348

Re: Set up internet block in few pcs

First I would tell your boss to hire someone that is trained! However Im supposing its probably a family business and you got stuck with the IT Chores and thus its okay if things fall apart for awhile until you get it running. Yes, you can block IPs or allow IPs to access the internet, that is the e...
by anav
Fri Apr 16, 2021 1:49 am
Forum: General
Topic: Problem in the menu "Bridge" and "PPP" after Upgrade to 6.48
Replies: 3
Views: 399

Re: Problem in the menu "Bridge" and "PPP" after Upgrade to 6.48

I am confused, why would you use PPP on a bridge? I though PPP was basically another word for pppoe and thus a WAN issue and we don't typically connect Wans to bridges?? Or Should I have thought of PPP in the sense of that old technology used for VPNs, which is now considered unsafe and shouldn't be...
by anav
Fri Apr 16, 2021 1:45 am
Forum: General
Topic: Isolate clients for only certain VLANs?
Replies: 18
Views: 974

Re: Isolate clients for only certain VLANs?

Up to you. I know what I do works. If you can get it to work the way you think it should be done fantastic, dont let me stop you LOL!!
by anav
Fri Apr 16, 2021 1:42 am
Forum: General
Topic: New hack/bug? User accounts wiped
Replies: 7
Views: 593

Re: New hack/bug? User accounts wiped

What is strange is a professional IT person not keeping their exposed to the net equipment up to date on firmware. I do get the fact that IT folks have become extremely lazy compared to olden days now that most apps like virus programs auto udpate files but even still there are major upgrades that r...
by anav
Fri Apr 16, 2021 1:36 am
Forum: Beginner Basics
Topic: Port forwarding not working from Public IP ranges [SOLVED]
Replies: 27
Views: 1480

Re: Port forwarding not working from Public IP ranges [SOLVED]

Not sure why you think port forwarding is going to work through an ISP modem/rouer, followed by an apple device, then some other router, and then the MT device. Draw a network diagram to show what is reallly going on! Port forwarding works just fine if the ISP modem is feeding the MT, or even aN ISP...
by anav
Thu Apr 15, 2021 11:50 pm
Forum: Beginner Basics
Topic: Routing configuration
Replies: 7
Views: 507

Re: Routing configuration

Without seeing the config its a complete guess. /export hide-sensitive file=anynameyouwish FIRST WAN Distance=5 check gateway etc. SECOND WAN Distance=10 Add third Route SECOND WAN Distance=2 routing-mark=use-second-wan Add associated Route Rule ROUTE RULE source-interface=VLANsubnet, action=LOOKUP ...
by anav
Thu Apr 15, 2021 11:43 pm
Forum: Beginner Basics
Topic: Connect locations with mikrotik
Replies: 11
Views: 636

Re: Connect locations with mikrotik

If this is for a business suggest it be done by somebody knowledgeable in IPSEC VPN and in MT devices.
https://mikrotik.com/consultants
by anav
Thu Apr 15, 2021 9:19 pm
Forum: General
Topic: Isolate clients for only certain VLANs?
Replies: 18
Views: 974

Re: Isolate clients for only certain VLANs?

In that case create vlans as desired. I have a solar vlan, a hvac vlan, a media vlan, several isolated single user vlans, 2 diff guest vlans, and many more................
by anav
Thu Apr 15, 2021 9:17 pm
Forum: Useful user articles
Topic: Using RouterOS to VLAN your network
Replies: 172
Views: 119933

Re: Using RouterOS to VLAN your network

I disagree, I find it very confusing to have set PVID on the bridge ports and then not put the associated untagged entries on the bridge vlan. When reading a config its dirt easy visually to see what a person has done. Its so difficult to have to double check a config when not seeing the config, esp...
by anav
Thu Apr 15, 2021 9:10 pm
Forum: Beginner Basics
Topic: VLANs with hybrid ports, trunks and 2 different WiFi networks
Replies: 19
Views: 1027

Re: VLANs with hybrid ports, trunks and 2 different WiFi networks

Correct, one bridge per mt device is the norm.
Read through this reference.....
viewtopic.php?f=23&t=143620
by anav
Thu Apr 15, 2021 8:36 pm
Forum: Beginner Basics
Topic: VLANs with hybrid ports, trunks and 2 different WiFi networks
Replies: 19
Views: 1027

Re: VLANs with hybrid ports, trunks and 2 different WiFi networks

Too funny, just figuring out now that not means no internet access LOL. Thats interesting all my smart devices require access to the cloud. Kewl so the only outlier is a direct line to the hp for vlan102. This can easily be controlled by firewall rules as that HP connection will be given an IP addre...
by anav
Thu Apr 15, 2021 8:05 pm
Forum: General
Topic: Isolate clients for only certain VLANs?
Replies: 18
Views: 974

Re: Isolate clients for only certain VLANs?

Correct, use vlans to separate users as required. Be it wired users to wireless users as a demarcation line (logic). In terms of the vlan20 on two different APs correct, in this case what you are saying is you have guestsA and guestsB because you want to treat them as unsafe from each other LOL. In ...
by anav
Thu Apr 15, 2021 7:54 pm
Forum: Beginner Basics
Topic: VLANs with hybrid ports, trunks and 2 different WiFi networks
Replies: 19
Views: 1027

Re: VLANs with hybrid ports, trunks and 2 different WiFi networks

Assuming then wifi-guest users should be on guest-vlan wifi-not users should be on not-vlan everything else is home van?? are there wired guest or not users?? any other groups you need to segregate?? Home users should be on home-vlan (includes wifi main ), home asistant, gaming pc, media centre, (on...
by anav
Thu Apr 15, 2021 7:05 pm
Forum: General
Topic: IP Cloud / DDNS availability
Replies: 1
Views: 176

Re: IP Cloud / DDNS availability

If he is in doubt you have two options.
PAY for DYDDNS service and keep IP cloud as a backup service
Get 1000 free accounts for DYNDNS services and use those as a backup to the IP cloud.
by anav
Thu Apr 15, 2021 7:02 pm
Forum: General
Topic: Isolate clients for only certain VLANs?
Replies: 18
Views: 974

Re: Isolate clients for only certain VLANs?

I do care about untrusted devices talking to other. I use as many vlans as I need to separate out some devices or users from others. Hybrid ports are fine and I think thats how the unif works for some strange reason it expects the management vlan to come to it as untagged data. So lets say your mana...
by anav
Thu Apr 15, 2021 6:44 pm
Forum: Beginner Basics
Topic: MikroTik cAP ac provide DHCP server for all network
Replies: 1
Views: 115

Re: MikroTik cAP ac provide DHCP server for all network

Where is the internet coming from and so many more questions.
Aka need diagram of network and
/export hide-sensitive file=anynameyouwish
by anav
Thu Apr 15, 2021 6:43 pm
Forum: Beginner Basics
Topic: VLANs with hybrid ports, trunks and 2 different WiFi networks
Replies: 19
Views: 1027

Re: VLANs with hybrid ports, trunks and 2 different WiFi networks

To understand your config would then need a diagram to match it up against.
by anav
Thu Apr 15, 2021 5:19 pm
Forum: General
Topic: Isolate clients for only certain VLANs?
Replies: 18
Views: 974

Re: Isolate clients for only certain VLANs?

(1) Missing tagging the bridge!!!! interface bridge vlan add bridge=bridge1 tagged=ether3 untagged=sfp1,sfp2,sfp3,sfp4,ether2,ether4,ether6,ether8,ether21,ether23 vlan-ids=10 add bridge=bridge1 tagged=ether3,ether21,ether23 untagged=ether15,ether16 vlan-ids=20 add bridge=bridge1 tagged=ether3,ether2...
by anav
Thu Apr 15, 2021 5:07 pm
Forum: General
Topic: Each port a seperate Subnet
Replies: 3
Views: 254

Re: Each port a seperate Subnet

L3 typically refers to the ip firewall filter rules, to prevent routing between subnets when not wanted.
by anav
Thu Apr 15, 2021 5:03 pm
Forum: Beginner Basics
Topic: VLANs with hybrid ports, trunks and 2 different WiFi networks
Replies: 19
Views: 1027

Re: VLANs with hybrid ports, trunks and 2 different WiFi networks

Okay your reasoning is flawed. There is no issue with management of smart devices using vlans and not having to think you need to pass untagged traffic between devices to do so. I understand the angst if something goes wrong with the configuration. What I do on my devices is put one port OFF the bri...
by anav
Thu Apr 15, 2021 4:52 pm
Forum: Beginner Basics
Topic: Add tag to untaged traffic
Replies: 13
Views: 610

Re: Add tag to untaged traffic

In general, Tagged is for trunk ports and Untagged is for access ports. PVID is set on a bridge port when the link is to a dumb device that cannot read tags and therefore the router has to know what tag to assign to incoming traffic on that port and later to strip the tags off. The default pvid of e...
by anav
Thu Apr 15, 2021 4:28 pm
Forum: Beginner Basics
Topic: web and mail server on the network. [SOLVED]
Replies: 4
Views: 282

Re: web and mail server on the network. [SOLVED]

(1) Don;t need two bridges and although i normally recommend vlans for most cases you dont need those either. /interface bridge add one-bridge /interface list add name=WAN add name=LAN /interface wireless security-profiles set [ find default=yes ] supplicant-identity=MikroTik /ip pool add name=dhcp ...
by anav
Thu Apr 15, 2021 2:50 pm
Forum: General
Topic: Isolate clients for only certain VLANs?
Replies: 18
Views: 974

Re: Isolate clients for only certain VLANs?

Nope, way to confusing and complex for me and with use of vlan1,
Hopefully someone else will assist.
by anav
Thu Apr 15, 2021 2:46 pm
Forum: Beginner Basics
Topic: VLANs with hybrid ports, trunks and 2 different WiFi networks
Replies: 19
Views: 1027

Re: VLANs with hybrid ports, trunks and 2 different WiFi networks

Hi shalak, I am curious as to the need for all the hybrid ports? Will help figure out config as its not clear to me you understand MT networking (case in point direct link between two MT devices (why is router ether4 different from basement ether1) For example what are these connected to as hybrid p...
by anav
Thu Apr 15, 2021 2:42 pm
Forum: Beginner Basics
Topic: web and mail server on the network. [SOLVED]
Replies: 4
Views: 282

Re: web and mail server on the network. [SOLVED]

What do you mean you want to DMZ the server?

Did you mean you want others to be able to use the server that are coming from the internet (port forwarding??)
by anav
Thu Apr 15, 2021 2:40 pm
Forum: Beginner Basics
Topic: Add tag to untaged traffic
Replies: 13
Views: 610

Re: Add tag to untaged traffic

(1) Keep Bridge vlan to the default of pvid=1 (not 33) (2) Create a second vlan for the other network (and dont give the bridge any duties other than bridge (not dhcp for example). (3) This line means nothing and does nothing and has nothing to do with the reference ??? /interface bridge vlan add br...
by anav
Thu Apr 15, 2021 4:57 am
Forum: Beginner Basics
Topic: DST-NAT not opening port
Replies: 14
Views: 968

Re: DST-NAT not opening port

Already noted,
Dont see your Route settings?
Try turning Upnp off.
Set the dns server in the dhcp network settings.
by anav
Thu Apr 15, 2021 3:52 am
Forum: Beginner Basics
Topic: DST-NAT not opening port
Replies: 14
Views: 968

Re: DST-NAT not opening port

This line should also normally include dns-server=192.168.1.1 Set this line to NONE (mac-server access is not a secure method and should be avoided). mac-winbox is fine! /tool mac-server set allowed-interface-list=LAN I am not seeing any of the IP route settings???? (try turning UPNP off and testing...
by anav
Thu Apr 15, 2021 2:25 am
Forum: Beginner Basics
Topic: VLANs with hybrid ports, trunks and 2 different WiFi networks
Replies: 19
Views: 1027

Re: VLANs with hybrid ports, trunks and 2 different WiFi networks

Please use this as great reference! https://forum.mikrotik.com/viewtopic.php?f=23&t=143620 Your intentions are not clear but what is clear is that you need to read the reference LOL. Also, do not overlap subnets and pools etc. Clearly articulate what you need users to be able to do and there are...
by anav
Thu Apr 15, 2021 12:52 am
Forum: General
Topic: Isolate clients for only certain VLANs?
Replies: 18
Views: 974

Re: Isolate clients for only certain VLANs?

Okay I get it now. The router in the picture is a Unifi or edge but not MT. The switch you want to use for switching not routing and the two options you have are separate ports on router to separate ports on switch OR one port on router to one port on switch. Yes I was configuring the router. I can ...
by anav
Thu Apr 15, 2021 12:45 am
Forum: Beginner Basics
Topic: Forcing IP requests to a specific WAN
Replies: 8
Views: 405

Re: Forcing IP requests to a specific WAN

Very nice Jotne! I was going to recommend a routing solution not a source nat solution. Source nat tells the router which public IP should be used to provide NATING for the private IP, but does not tell the router which route that trafffic should take?? When you add mangling in the mix I get right c...
by anav
Wed Apr 14, 2021 8:29 pm
Forum: General
Topic: Management return route - policy based routing
Replies: 1
Views: 334

Re: Management return route - policy based routing

Draw a diagram I am confused when you show one WANIP address and then in the text refer to a different WAN interface.
by anav
Wed Apr 14, 2021 8:23 pm
Forum: Beginner Basics
Topic: Looking for help in setting up IoT Hub [SOLVED]
Replies: 19
Views: 1117

Re: Looking for help in setting up IoT Hub [SOLVED]

LIke I said, I cannot find your DHCP servers, other than vlan30, I dont see any device that is capable of DHCP serving? Do you have a PC that is acting as a dedicated DHCP server. Relay is used when there is a separate DHCP server from the router (Switches are not normally DHCP servers). Clearly the...
by anav
Wed Apr 14, 2021 8:16 pm
Forum: Beginner Basics
Topic: Forcing IP requests to a specific WAN
Replies: 8
Views: 405

Re: Forcing IP requests to a specific WAN

Sorry no can helpee unless you show the config as all items have relationships!!
/export hide-sensitive file=anynameyhouwish.

How many lan subnets do you have by the way??
by anav
Wed Apr 14, 2021 8:14 pm
Forum: Beginner Basics
Topic: Add tag to untaged traffic
Replies: 13
Views: 610

Re: Add tag to untaged traffic

If you are going to attempt the bridge vlan filtering method,
please use this reference. Every time I see the words "switch chip", I want to barf!

viewtopic.php?f=23&t=143620
by anav
Wed Apr 14, 2021 5:08 pm
Forum: Beginner Basics
Topic: Looking for help in setting up IoT Hub [SOLVED]
Replies: 19
Views: 1117

Re: Looking for help in setting up IoT Hub [SOLVED]

DHCP relay is to let the device know that DHCP is assigned elsewhere correct??
Thus my question remains, where is the DHCP server??
by anav
Wed Apr 14, 2021 5:04 pm
Forum: Beginner Basics
Topic: Add tag to untaged traffic
Replies: 13
Views: 610

Re: Add tag to untaged traffic

It should be, I dont work with vlan switch configuration so someone else will have to chime in.
by anav
Wed Apr 14, 2021 5:03 pm
Forum: General
Topic: Isolate clients for only certain VLANs?
Replies: 18
Views: 974

Re: Isolate clients for only certain VLANs?

Here is an approach on the router. with different ports and a dedicated management vlan. Note that the second ex. is the minimal change on the router to change this to one ethernet port. Also, if one uses the home vlan as the management vlan, then you can delete all reference to vlan 99. /Interface ...
by anav
Wed Apr 14, 2021 4:09 pm
Forum: General
Topic: Isolate clients for only certain VLANs?
Replies: 18
Views: 974

Re: Isolate clients for only certain VLANs?

Is the CR328 switch going to also be a router, or is there an MT router between the switch and the internet?? First mistake is thinking you should use vlan1. Do not! IT is the default pvid vlan on bridges and should not be used to carry data etc...... Use vlan 99 or something else for manangment vla...
by anav
Wed Apr 14, 2021 3:53 pm
Forum: General
Topic: Tagging Untagged VLAN From Other Devices
Replies: 6
Views: 580

Re: Tagging Untagged VLAN From Other Devices

You didnt post your config either.
by anav
Wed Apr 14, 2021 3:52 pm
Forum: General
Topic: Way to set the NAT type?
Replies: 5
Views: 414

Re: Way to set the NAT type?

What is the advantage of being able to set different types of NAT.
I have not run across the need for such dexterity?

Also can you give an example of how sourcenat accomplishes the same thing as cone nat or restricted etc......... (given a practical example by the OP for example).
by anav
Wed Apr 14, 2021 3:50 pm
Forum: General
Topic: Time Sync with SNTP client and IP Cloud Not Working
Replies: 36
Views: 4847

Re: Time Sync with SNTP client and IP Cloud Not Working

My sntmp works, yours does not.
Your config is screwy, mine is straightforward.
Make your own conclusion.
None of your reasons convince me to change to your convoluted setup.
by anav
Wed Apr 14, 2021 3:46 pm
Forum: General
Topic: no access out of firewall
Replies: 10
Views: 550

Re: no access out of firewall

(1) Change this to NONE . No one knows what exactly this setting does and is known to cause issues. /interface detect-internet set detect-interface-list= all (2) INput Chain - What is the purpose of this rule?? I dont see the firewall address list in your config?? (nothing should be allowed into you...
by anav
Wed Apr 14, 2021 2:37 pm
Forum: Beginner Basics
Topic: Add tag to untaged traffic
Replies: 13
Views: 610

Re: Add tag to untaged traffic

/export hide-sensitive file=anynameyouwish
by anav
Wed Apr 14, 2021 2:35 pm
Forum: Beginner Basics
Topic: DST-NAT not opening port
Replies: 14
Views: 968

Re: DST-NAT not opening port

(1) WHY? should be bridge! /ip address add address=192.168.1.1/24 comment=defconf interface=ether2 network=\ 192.168.1.0 (2) DOUBLE WHY? Did you remove the most important default firewall rule in the input chain, the one that protects your router from hacking............. a ka remove from internet u...
by anav
Wed Apr 14, 2021 2:26 pm
Forum: Beginner Basics
Topic: Looking for help in setting up IoT Hub [SOLVED]
Replies: 19
Views: 1117

Re: Looking for help in setting up IoT Hub [SOLVED]

Nice, I have this one. https://www.tp-link.com/us/business-networking/smart-switch/t1500g-10mps/ and just bought off ebay an older switch but fits what I need....... https://www.tp-link.com/us/business-networking/managed-switch/tl-sg3424p/ I am no expert but it appears your switch is capable of DHCP...
by anav
Wed Apr 14, 2021 2:16 pm
Forum: Beginner Basics
Topic: hEX-S "advanced" setup with VLANs, dynamic DNS, CAPsMAN, etc.
Replies: 13
Views: 871

Re: hEX-S "advanced" setup with VLANs, dynamic DNS, CAPsMAN, etc.

The secret sauce is following the guide. all your questions are already answered. https://forum.mikrotik.com/viewtopic.php?f=23&t=143620 Its much better not to saddle the bridge with dhcp responsbiilities default vlan pvid=1 is kept. Just make vlan10 your management vlan which means all devices ...
by anav
Wed Apr 14, 2021 1:09 am
Forum: Beginner Basics
Topic: Yet another VLAN issues topic...
Replies: 22
Views: 1550

Re: Yet another VLAN issues topic...

Assuming two vlans, ether2 to ruckus, ether3 to switch, ether 4,5 to PCs etc..... Ether1 should not be disabled if its going to your WAN, eventually........ once config is done I suppose. Detect internet set to None (otherwise can cause issues). Firewall rules.......... suggest you go back to defaul...
by anav
Wed Apr 14, 2021 12:36 am
Forum: Beginner Basics
Topic: Yet another VLAN issues topic...
Replies: 22
Views: 1550

Re: Yet another VLAN issues topic...

Still dont see the need for two bridges...............

add bridge=bridge-LAN interface=vlan10
add bridge=bridge-IOT interface=vlan20

is wrong a VLAN is not a bridge port (etherports or WLANs are bridge ports).
by anav
Tue Apr 13, 2021 11:04 pm
Forum: Beginner Basics
Topic: Looking for help in setting up IoT Hub [SOLVED]
Replies: 19
Views: 1117

Re: Looking for help in setting up IoT Hub [SOLVED]

Hi there, I have not contemplated running the DHCP servers on the switch for the majority of vlans, but if the switch can do it, I would be most interested in seeing how that works out. However you said it was an L2 managed switch and to my knowledge you need an L3 managed switch to do DHCP?? Can yo...
  • 1
  • 2
  • 3
  • 4
  • 5
  • 23