MikroTik

esquirrel

Is there any reason a web site would force connection to it via ipv6?

esquirrel

What can be done to get a web site that appears to refuse to resove under IPv4 to work?

ipv6 is disabled and isn't going to be enabled for this.

esquirrel

I went to the PITA of rebuilding wireshark from source and I must be making some very dumb mistake as I still have not been able to get streaming to WS on my main machine to work for me. I need to devote some quality time to figuring it out. Once I have that running, I agree, I likely wont need to m...

esquirrel

What kinds of tools do people use to figure out optimal setups? (short of setting up a test network that duplicates your real one) I currently am using the usual, ping, traceroute, wireshark.. Dia is nice for drawing pretty pictures. Is there anything like dia which also does simulation or sanity ch...

esquirrel

Squeeze, thank you, yes, this was my experience too running nmap from the outside. Also bit by bit I discovered what you suggested pretty much all of it. Your advice is good. Can you think of any reason why some big sites accuse me of having "unusual traffic from my IP" when I have not done anything...

esquirrel

Please publish an official document giving all the choices which a user can use to minimize the potential for external entities to extract information about the internal network via the router, when a home router is not a gateway to a real network, and instead is just a home device. In no small part...

esquirrel

I would like to request some more 'official' pages giving the best way to do things like this, especially with newer RouterOS versions.

esquirrel

Its well worth it buying one of your routers just for that!

Add in the ability to mirror ports, making one a really good diagnostic tool...

esquirrel

This article has a procedure for using /dev/urandom to generate a small file of random bits. https://security.stackexchange.com/questions/15653/recommend-length-for-wi-fi-psk It doesnt have to be 63 characters long, it can be shorter, as long as its random and is at least a minimum size, which is di...

esquirrel

That answers my question,

*Thank you!*

Here is a recent article about the very limited wifi access that it seems does exist, that I just found..

https://www.extremetech.com/mobile/1992 ... izens-dont

esquirrel

While performing the setup for my wifi-router I noticed that it has a regulatory setting for the DPRK (better known in some areas as North Korea) Having followed the situation in the country for some time I am curious about this, as I am sure many are. Did they actually publish wifi regulations with...

esquirrel

I have some geeky neighbors and we were talking about adhoc networking, given that we all can see one anothers APs. So I am investigating the concept. Has anybody here done anything like this? Furthest neighbor is maybe 150-200 meters away. I probably have the best antennas, I have several commercia...

esquirrel

I am unable to make a number of the changes in "Securing your Router" and its not clear why, but I am guessing that some of the options listed are no longer correct. Edit: Thats what seems to have happened. The changes are small.. and involve the syntax of disabling/enabling mac-services and formerl...

esquirrel

I need to be able to view the results of changes to firewall rules in the logged packets. Is it possible to open the log (in ssh or directly via a hard wired console) similar to when you issue the command "tail -f" on Unix?

Alternatively, is it possible to encrypt syslog with TLS or similar?

esquirrel

That is very weird. Thinking about it, that sounds likely to be caused by some setting issue, likely in the wireless protocol settings. Its unlikely to be the antenna. That said, here are my thoughts on the antenna for one unit I saw. It could be improved if there was more space in the vertical dire...

esquirrel

I don't think its the switches. I think it's likely to be a mistake in configuration on my part, perhaps combined with the unfortunate situation of having two unmanaged switches between some machines and the Mikrotik instead of just one, and sometimes having some of the switches, which are meant to ...

esquirrel

Thank you, given the low power requirements and cost of the hardware, this is extremely useful to know about. I have a few questions. If you are using a Mikrotik AP with two antennas and are in a mesh network, and suppose you connect to it with two directional antennas, one pointing at each of the o...

esquirrel

Where?

esquirrel

The add on'collinear' style antennas you have are likely designed only for 2400 MHz and they are not designed to fold flat against a metallic PCB like you have them. They would work well (on 2.4 GHz) if allowed to point straight down (I'm perhaps mistakenly assuming the AP is mounted to the ceiling ...

esquirrel

I guess what I mean is 'reachability' without it being dynamic and subject to the router's autoconfiguration decisions. I have several subnets containing various kinds of devices. Only one is connected to the default bridge, because of issues I've previously had with unwanted broadcast traffic. My g...

esquirrel

How do i tell my Mikrotik router to keep the connection open when a "unmanaged" switch in some other part of the house doesn't have anything plugged into it (besides maybe another dumb switch?) I have a bunch of these 5 or 8 port switches and previously it seems there were no issues when I used them...

esquirrel

Where can I find out more about how Mikrotik have implemented mesh networking in RouterOS and Rb's, and how to use it?

esquirrel

I would prefer to not have to run Wine at all in a context like this. This is an all-important issue. Security is the #1 thing with a device like a router. And actually, I prefer open source products with no binary blobs. All the convenience is nice but at the end of the day what matters the most is...

esquirrel

I see that there is a capability to script LEDs. I have the Rb941-2nd TC.

Is there any documentation on RouterOS's hardware interface and its extend-ability, particularly re: GPIOs, and does that info apply to the diminutive and affordable Rb941-2nd?

esquirrel

There are a number of free programs which might be helpful for you to check your grammar in other languages than your native one. (Several run under LibreOffice, so links to them can be found there.) The problem of course is the meaning. Something may have altogether the wrong meaning but be grammat...

esquirrel

Is it possible for a business to use the "hotspot" to give customers who visit their store access to their web site via a Virtual AP that has no login, password or encryption that just serves up their web site and nothing else? (from a local disk or server like one running on a Raspberry Pi or simil...

esquirrel

You need to also enable the server
See /ip services

https://wiki.mikrotik.com/wiki/Manual:IP/Services

via - as far as client, I don't know, I have not used
Mikrotik's server based client.. port forwarding, etc. But the basic functions are there.
You can ssh into it. It behaves properly.

esquirrel

Sorry for asking such a beginners question..

Are there similar programs that work on Linux through SNMP, that can configure both Mikrotik's and other vendors's (Cisco's) products?

Or does "the Dude" program run under Wine?

esquirrel

Look for a *link budget calculator*. Height above average terrain is very important because of the curvature of the earth. Even under the best conditions, with high gain antennas, etc, an antenna held at the height of a human hand held up as high as it can hold a hand held transmitter, will only be ...

esquirrel

I have the RB941 TC model. The sides of the case are curved upward so its kind of difficult to open. Likely pushing simultaneously on both tabs will get it open without breaking it but I just wanted to check here with others that indeed that is the correct way to open it before I damage it.

esquirrel

[i]Note: this has been fixed- 'wlan1' had gotten disconnected from the bridge by mistake and it wasn't obvious at first what had happened. The rest of the setup is very generic but I made some changes which may not have been the best decisions, still finding my way around. Feel free to make suggesti...

esquirrel

For non-experts, how can somebody test that the vulnerability isnt there? Has Winbox particularly ever been audited? When I launch winbox under wine it seems to be loading plugins and also the wine log (or window if its been launched from a shell) keeps repeating "IPV6_ADD_MEMBERSHIP:" (string) even...

esquirrel

Is the memory portion of the last log lost?

esquirrel

what do we miss if we save logs generally to a network filesystem like for example, DDWRT, OpenWRT, and tomato?

esquirrel

My old switch demand that I use IE to access its web interface, but that seems to be impossible, as none of the versions of IE I've tried seem to work.

So I will just use the command line and keep everything very simple.

esquirrel

There is also a Wired article.

I can see why all wifi/router/switch devices would become targets..

Edit: also found Wired's "Kaspersky, Russia and the Antivirus Paradox". Also worth reading.

esquirrel

I am going to put that into a separate post, sorry for editing post-post, it just seemed to be off topic. Basically after reading other posts and thinking about it despite the fact that the three virtual wlans' vlans I am setting up dont need to be brought out to the 24 port switch, having extra jac...

esquirrel

Metod, thank you for this help.

esquirrel

I think this is a good start. I'm going to try to write up a script, and I'll bring it back here to get criticism. My better half doesn't want me taking the network down for lengthy experiments so I very much appreciate the knowledge here. Ive had to redo the entire config now it seems like maybe fo...

esquirrel

Is the concept of VLANS- basically extending the number of logical "subnets" that can be contained *alongside one another* in a virtual pipe? Thats what I am gathering, but since the end user machine/device (except for routing hardware) dont seem to have vlan settings, (except my phones do, but they...

esquirrel

Yes, you're right, that is exactly what they are doing, however one can solder a tiny coaxial connector to the pads which are already there for testing purposes, and then run two pigtails to a different style coaxial connector. Its very easy to attach a u.fl connector if the pads are already there. ...

esquirrel

Thank you to all of you for making such an awesome hardware and software ecosystem.

esquirrel

Please make the table column sizes in the log especially resizable. On my system its impossible to get the time to show properly. Is there a config file anywhere where that format can be adjusted? Is it possible to script the RouterOS software to save its logs to a shared folder - say on a CIFS shar...

esquirrel

There must be a trick to it but I am not coming up with it. I want to add external antennas. I have worked with Hirose style u.fl/IPX type connectors before (its easy once you get the hang of it) and have everything I need as far as soldering. My guess is that a specific tool must exist, one that fr...

esquirrel

Maybe most of us (luckily not I ) have ever had to live in one of those communities where there have extremely fussy rules on what can be mounted on the outside of a house or apartment. In a situation like that the HOA-friendly designs of the Mikrotik products I am sure make a big difference in acce...

esquirrel

They are all over the world. here in the US they are widely used in rural areas where the large cable based ISPs often don't see the cost as being worth their effort. This is where small ISP providers are literally a lifeline for many communities.

esquirrel

I have an RB941-2nd TC which is performing well. I'm just a beginner like yourself but I'd be happy to help. I suspect that you likely have something set up incorrectly. Its easy to do because there is so much controllability. However, I'd rather have that than many other devices lack of it. Perform...

esquirrel

while allowing each WLAN's devices access to the net, separating out my IP phones, and having a single server subnet. Basically like a guest LAN, because they are untrusted. I want to sandbox the mobile devices while still giving them access to the net. I have a RB941-2nd (hAp-lite) Would multiple b...

esquirrel

I recently bought a Hap Lite and I like it a lot. The performance is quite decent for the price. However, I cant seem to get the configuration right to add three virtual APS that can all use the same internal DNS+NTP server(s) but cannot flood one another with broadcast traffic, (MDNS, SSDP, IPv6 ju...

esquirrel

Ideally, you should use a USB Gigabit Ethernet adapter that is designed to use USB3, in USB2 compatibility mode. A gentleman in the UK has done extensive testing of the network performance of various RPI models using USB NICs. The performance of that combination on an RPI seems to be the best. They ...

Search found 51 matches