Community discussions

Search found 321 matches

  • 1
  • 2
  • 3
  • 4
  • 5
  • 7
by xvo
Wed Nov 14, 2018 3:17 pm
Forum: General
Topic: /interface ethernet speed = 100Mbps???
Replies: 7
Views: 2951

Re: /interface ethernet speed = 100Mbps???

If it bothers you, just set it 1Gbps for all gigabit ethernet ports and it will disappear from export. It does not bother me, but can easy be misunderstand. On Cisco speed 100 settes the interface 100MB/s fixed. ...and on mikrotik auto-negotiation on/off and speed when auto-negotiation is set to of...
by xvo
Wed Nov 14, 2018 11:52 am
Forum: General
Topic: /interface ethernet speed = 100Mbps???
Replies: 7
Views: 2951

Re: /interface ethernet speed = 100Mbps???

Running 6.43.4 I do see this as well. /interface ethernet set [ find default-name=ether1 ] name=ether1-Wan speed=100Mbps set [ find default-name=ether2 ] name=ether2 speed=100Mbps set [ find default-name=ether3 ] speed=100Mbps set [ find default-name=ether4 ] name=ether4 speed=100Mbps set [ find de...
by xvo
Wed Nov 07, 2018 4:03 pm
Forum: Forwarding Protocols
Topic: 6to4 first configuration
Replies: 5
Views: 809

Re: 6to4 first configuration

1-5: You need to advertise dns for your deviced: IPv6 --> ND 6: Yes, that is normal. DHCPv6 is ROS is currently incapable of handing addresses - only prefixes. All the addresses on another RB have to be configured manually, got by SLAAC, or picked from prefix pool. So you can: 1) assign the address...
by xvo
Tue Nov 06, 2018 12:21 am
Forum: RouterBOARD hardware
Topic: Desired switch
Replies: 7
Views: 897

Re: Desired switch

Would be nice if CRS112 was half rack width with option to join 2 together to make 16 port full width.
And it doesn't look like having 16G and 1-2SFP+ in CRS112 size is something impossible either.
by xvo
Mon Nov 05, 2018 9:48 pm
Forum: Beginner Basics
Topic: SWITCH 260GSP
Replies: 30
Views: 1410

Re: SWITCH 260GSP

Hello. Well i've the same problem here. No ADSL or Fiber...that's why i'm using LTE connection. So...3Unlimited and Vodafone Red+ must have linked to a landline contract? Thanks in advance. Maurizio True for 3Unlimited, but haven't seen such limitation for Red+, only that it is obligatory to stay o...
by xvo
Mon Nov 05, 2018 9:41 pm
Forum: Beginner Basics
Topic: DNS: Difference between "IP>DNS" and "DHCP>Networks" [SOLVED]
Replies: 25
Views: 2361

Re: DNS: Difference between "IP>DNS" and "DHCP>Networks" [SOLVED]

I guess no need to further explain the difference between static DNS servers settings and static DNS entries? :)
by xvo
Mon Nov 05, 2018 6:04 pm
Forum: Beginner Basics
Topic: DNS: Difference between "IP>DNS" and "DHCP>Networks" [SOLVED]
Replies: 25
Views: 2361

Re: DNS: Difference between "IP>DNS" and "DHCP>Networks" [SOLVED]

Well, if you have four entries there, how is it blank?!
Remove these four entries, and that would be blank :)
by xvo
Mon Nov 05, 2018 5:00 pm
Forum: Beginner Basics
Topic: DNS: Difference between "IP>DNS" and "DHCP>Networks" [SOLVED]
Replies: 25
Views: 2361

Re: DNS: Difference between "IP>DNS" and "DHCP>Networks" [SOLVED]

I am talking about the IP DNS settings that show up at the top of the frigging page IN WHITE BOXES............ These are set by the ADMIN. What do you call those then???? FIXED DNS settings ;;--))))) In any case, I was stating that using PEER DNS setting overides the manual FIXED entries on the IP ...
by xvo
Mon Nov 05, 2018 1:07 pm
Forum: Beginner Basics
Topic: DNS: Difference between "IP>DNS" and "DHCP>Networks" [SOLVED]
Replies: 25
Views: 2361

Re: DNS: Difference between "IP>DNS" and "DHCP>Networks" [SOLVED]

I think my Use Peer DNS, 'trumps" your IP DNS reference. In any case, I imagine you like warm beers, which is like stale cigarettes to a smoker OR moldy cheese to John Cleese in the cheese shop, ie gross but it will do pig. Use-peer-DNS adds dynamic entries, so the static ones will be preferred (if...
by xvo
Mon Nov 05, 2018 12:29 am
Forum: Beginner Basics
Topic: SWITCH 260GSP
Replies: 30
Views: 1410

Re: SWITCH 260GSP

Thanks for the info, but Unlimited Red+ seems to be smartphone only, and I have no luck to find any info on 3Unlimited. For Italian law, you can use the GB of any mobile plan as you want. You can use sim for smartphone for tethering and modem without problems. https://www.ilsole24ore.com/art/tecnol...
by xvo
Mon Nov 05, 2018 12:00 am
Forum: General
Topic: PCC (Dual WAN) not working on hAPAC2 [SOLVED]
Replies: 8
Views: 719

Re: PCC (Dual WAN) not working on hAPAC2 [SOLVED]

https://wiki.mikrotik.com/wiki/Manual:IP/Fasttrack

"firewall filter and mangle rules will not be applied for FastTracked traffic"
by xvo
Sun Nov 04, 2018 10:55 pm
Forum: Forwarding Protocols
Topic: how to access your routerboard from any place over the world
Replies: 8
Views: 774

Re: how to access your routerboard from any place over the world

There's no real difference. You'll just get a public ip instead of some private one on your WAN interface. When you purchase public ip from you provider, I'm sure they will explain the method, how they deliver it - do you need to assign it manually, or you will just get it by DHCP client of from PPP...
by xvo
Sun Nov 04, 2018 12:36 pm
Forum: Forwarding Protocols
Topic: how to access your routerboard from any place over the world
Replies: 8
Views: 774

Re: how to access your routerboard from any place over the world

thank you very much for your information God bless you You are welcome. Just keep in mind that having a public IP means you need to pay more attention to security, i.e.: - properly configured firewall - access to services on the router not exposed to the outside - and the ones that you don't use - ...
by xvo
Sun Nov 04, 2018 11:17 am
Forum: General
Topic: PCC (Dual WAN) not working on hAPAC2 [SOLVED]
Replies: 8
Views: 719

Re: PCC (Dual WAN) not working on hAPAC2 [SOLVED]

It does not matter if I set it to passthrough :/
Also in Wiki there are not passthrough enabled..
https://wiki.mikrotik.com/wiki/Manual:PCC
As I said it works on hAP-lite just not hAP-AC2.
Have you tried it on hAP-AC2.. has anyone?
Passthrough=yes is the default setting.
by xvo
Sun Nov 04, 2018 10:57 am
Forum: Forwarding Protocols
Topic: how to access your routerboard from any place over the world
Replies: 8
Views: 774

Re: how to access your routerboard from any place over the world

The best way is public IP + any kind of VPN server running on your RB. thank you for your speedy replay lets say you get puplic ip for example = 37.230.130.95 what are the next steps , what are the settings in mikrotik system to using this puplic ip address for remotely accessing my routerboard? an...
by xvo
Sun Nov 04, 2018 10:49 am
Forum: Wireless Networking
Topic: Adding Virtual AP to cAP AC -Missing a Step? [SOLVED]
Replies: 51
Views: 2902

Re: Adding Virtual AP to cAP AC -Missing a Step? [SOLVED]

But that goes to my point about nothing specific in the redirect rule. How would I exclude the VLAN from that rule in NAT when no source or destination is identified? Just add source to the rule ( in-interface or src-address ) :) Also I am not quite sure if you answered the question, where does the...
by xvo
Sun Nov 04, 2018 10:37 am
Forum: Beginner Basics
Topic: SWITCH 260GSP
Replies: 30
Views: 1410

Re: SWITCH 260GSP

Hello. Well you'll not find any unlimited from our major carriers (vodafone..tim..TRE/ Wind). But there are some company which are selling internet service using our carriers nets. It's not true! Only TIM don't have unlimited data plan. Vodafone have Unlimited Red + WindTre have 3Unlimited Both the...
by xvo
Sun Nov 04, 2018 10:13 am
Forum: Beginner Basics
Topic: Problems with dropping current connection and blocking access to WAN
Replies: 2
Views: 258

Re: Problems with dropping current connection and blocking access to WAN

You can either remove all current connections to the cam manually (IP --> Firewall --> Connections). Or you can move you rule higher then established/related one, but that can result an additional CPU load (because all traffic will be checked by this rule, even the connections that were already esta...
by xvo
Sun Nov 04, 2018 10:04 am
Forum: Forwarding Protocols
Topic: how to access your routerboard from any place over the world
Replies: 8
Views: 774

Re: how to access your routerboard from any place over the world

The best way is public IP + any kind of VPN server running on your RB.
by xvo
Sun Nov 04, 2018 1:40 am
Forum: Beginner Basics
Topic: Bridged VLAN - Multiple DHCP-Servers - No response on VLAN-Interface
Replies: 7
Views: 604

Re: Bridged VLAN - Multiple DHCP-Servers - No response on VLAN-Interface

Just kidding, inside joke with xvo, he has helped through the same process held my hand, heck practically changed my diapers LOL. You are in good hands, but plug your nose, dont like his aftershave (who am I kidding I'm convinced he doesn't know what a razor looks like must be his perfume errr colo...
by xvo
Sun Nov 04, 2018 1:24 am
Forum: Wireless Networking
Topic: Adding Virtual AP to cAP AC -Missing a Step? [SOLVED]
Replies: 51
Views: 2902

Re: Adding Virtual AP to cAP AC -Missing a Step? [SOLVED]

Okay so a user manual setting on a computer will override the DHCP network setting and thus the redirect rule is required (for the office setting) Yes. For office internal network it makes more sense. Especially if you need everybody to use some special dns service - with security and content filte...
by xvo
Sun Nov 04, 2018 1:06 am
Forum: Wireless Networking
Topic: Adding Virtual AP to cAP AC -Missing a Step? [SOLVED]
Replies: 51
Views: 2902

Re: Adding Virtual AP to cAP AC -Missing a Step? [SOLVED]

I also find such measures unnecessary in home environment. Someone can always set it manually on the device's network settings. But who cares?! It's a guest network anyway. If someone among your guest have set his laptop/phone to always use google dns, so let it use it - less load and unneeded cache...
by xvo
Sun Nov 04, 2018 12:37 am
Forum: Wireless Networking
Topic: Adding Virtual AP to cAP AC -Missing a Step? [SOLVED]
Replies: 51
Views: 2902

Re: Adding Virtual AP to cAP AC -Missing a Step? [SOLVED]

1. Redirect is like dst-nat to the router itself. So if you redirect all DNS requests it means that the will be served by you router, without the client knowing it. Even if it will try to use some external DNS. 2. use-peer-dns only means that you will get the addresses of DNS servers from remote pee...
by xvo
Sat Nov 03, 2018 10:27 pm
Forum: General
Topic: Any way to log all DNS lookups from users?
Replies: 9
Views: 857

Re: Any way to log all DNS lookups from users?

Not separate, the "dns" topic in logging section.

I meant that you can use action=redirect in /ip firewall nat for DNS requests - that will force the use of your DNS even if a client attempts to connect to any other DNS server.
by xvo
Sat Nov 03, 2018 10:19 pm
Forum: Wireless Networking
Topic: Adding Virtual AP to cAP AC -Missing a Step? [SOLVED]
Replies: 51
Views: 2902

Re: Adding Virtual AP to cAP AC -Missing a Step? [SOLVED]

Good to know, now I can add the other vlans I have been planning;

Much thanks!
Forget the Ghost Busters, call XVO!!
You are welcome!
I'll try not to forget about the beer you mentioned ;)
by xvo
Sat Nov 03, 2018 8:21 pm
Forum: Wireless Networking
Topic: Adding Virtual AP to cAP AC -Missing a Step? [SOLVED]
Replies: 51
Views: 2902

Re: Adding Virtual AP to cAP AC -Missing a Step? [SOLVED]

Okay, it worked but I am confused. I added the guest vlan to the interface list for LAN and voila magic it worked. BUT........... I already had. a. homebridge on the lan interface list b. ether2 on the lan interface list c. ether3 on the lan interface list d. ether4 on the lan interface list Since ...
by xvo
Sat Nov 03, 2018 7:44 pm
Forum: General
Topic: Any way to log all DNS lookups from users?
Replies: 9
Views: 857

Re: Any way to log all DNS lookups from users?

Thanks - hadn't spotted that. Now got that enabled, and getting some DNS info in the syslog file. It's not very useful info though: <14>1 2018-11-03T17:27:46+00:00 MikroTik forward - - - forward: in:bridge1_LAN out:EE Broadband, src-mac 24:5e:be:1d:09:9f, proto UDP, 192.168.1.98:54957->8.8.8.8:53, ...
by xvo
Sat Nov 03, 2018 7:19 pm
Forum: Forwarding Protocols
Topic: 6to4 first configuration
Replies: 5
Views: 809

Re: 6to4 first configuration

/interface 6to4
add disabled=no !keepalive local-address=1.2.3.4 name=6to4-tunnel1 remote-address=192.88.99.1
local-address = wan IP
remote-address = address of the tunnel end
That's right and 192.88.99.1 is the right remote-address for 6to4 :)
by xvo
Sat Nov 03, 2018 7:05 pm
Forum: General
Topic: Any way to log all DNS lookups from users?
Replies: 9
Views: 857

Re: Any way to log all DNS lookups from users?

To make firewall logging work you need not only to set log=yes in the rule but also add logging for the firewall topic (or a part of it):
/system logging
add action=remote topics=firewall
(Of course you need to get a syslog server running on your NAS beforehand).
by xvo
Sat Nov 03, 2018 6:46 pm
Forum: Wireless Networking
Topic: Adding Virtual AP to cAP AC -Missing a Step? [SOLVED]
Replies: 51
Views: 2902

Re: Adding Virtual AP to cAP AC -Missing a Step? [SOLVED]

Well &^%^ me! Awesome pickup. When you come to Canada, I will have a cold beer waiting for you, heck a whole case for all the trouble I have put your through for one little typo. I will fix and try right away! Okay, partial success!!! I now get an IP and connect to the router through the capAC. How...
by xvo
Sat Nov 03, 2018 6:15 pm
Forum: Forwarding Protocols
Topic: 6to4 first configuration
Replies: 5
Views: 809

Re: 6to4 first configuration

1-5: You need to advertise dns for your deviced: IPv6 --> ND 6: Yes, that is normal. DHCPv6 is ROS is currently incapable of handing addresses - only prefixes. All the addresses on another RB have to be configured manually, got by SLAAC, or picked from prefix pool. So you can: 1) assign the address ...
by xvo
Sat Nov 03, 2018 5:54 pm
Forum: Wireless Networking
Topic: Adding Virtual AP to cAP AC -Missing a Step? [SOLVED]
Replies: 51
Views: 2902

Re: Adding Virtual AP to cAP AC -Missing a Step? [SOLVED]

Found this: /ip address add address=192.168.0.1/24 interface=HomeBridge network=192.168.0.0 add address=192.168.2.1/24 interface=ether4 network=192.168.2.0 add address=192.168.100.0/24 interface=GuestWifi_T&B_V100 network=\ 192.168.100.0 Unless it's a typo in the post, looks like a reason to me :)
by xvo
Sat Nov 03, 2018 2:49 pm
Forum: General
Topic: rules order in raw firewall change
Replies: 11
Views: 593

Re: rules order in raw firewall change

they should not yes, but i have this issue and also they will be upper of dynamic rules in raw tab
Are you sure they aren't just sorted?
by xvo
Sat Nov 03, 2018 2:40 pm
Forum: Beginner Basics
Topic: SWITCH 260GSP
Replies: 30
Views: 1410

Re: SWITCH 260GSP

Hello. Well you'll not find any unlimited from our major carriers (vodafone..tim..TRE/ Wind). But there are some company which are selling internet service using our carriers nets. For unlimited service : OGilink - Works with Vodafone..but is quite expensive. 69 for unlimited - or..39 Euros to have...
by xvo
Sat Nov 03, 2018 1:17 pm
Forum: Beginner Basics
Topic: SWITCH 260GSP
Replies: 30
Views: 1410

Re: SWITCH 260GSP

Thanks a lot..!!! Ang greetings from Italy Maurizio Hi again. It turns out, I might need a little advice from you too, if you don't mind: Can you suggest me any mobile carrier in Italy, with unlimited LTE traffic plan, that won't cost me a fortune? :) I might end up having to install a setup very s...
by xvo
Sat Nov 03, 2018 12:55 pm
Forum: General
Topic: rules order in raw firewall change
Replies: 11
Views: 593

Re: rules order in raw firewall change

It shouldn't change on its own.
by xvo
Sat Nov 03, 2018 10:53 am
Forum: RouterBOARD hardware
Topic: Desired switch
Replies: 7
Views: 897

Re: Desired switch

I think the answer in your use is to simply get a CRS328 which is a little more expensive but has some "growing room". https://mikrotik.com/product/crs328_24p_4s_rm I hope that dedicated PoE and non-PoE ports will not be a thing in the future and they adopt the standard they are currently setting a...
by xvo
Fri Nov 02, 2018 11:38 pm
Forum: Beginner Basics
Topic: SWITCH 260GSP
Replies: 30
Views: 1410

Re: SWITCH 260GSP

Thanks a lot..!!!

Ang greetings from Italy

Maurizio
You are welcome! :)
by xvo
Fri Nov 02, 2018 10:49 pm
Forum: General
Topic: MTU Question
Replies: 2
Views: 274

Re: MTU Question

When using L2TP + ipsec you can't be sure, that the packet is not fragmented, even if you specifically restrict fragmentation of the original packet. The original packet first packed into l2tp (that can, by the way, also perform fragmentation and defragmentation, but only if asked to), then it is pr...
by xvo
Fri Nov 02, 2018 10:14 pm
Forum: Beginner Basics
Topic: PC network isolation approach
Replies: 7
Views: 523

Re: PC network isolation approach

Hello. I don't have any free ports in the router, so i have no choice but to connect them to the switch runnings SwOS. Also i want maximum performance so i don't want to do any filtering/routing/bridging in the CPU, i want to use something that my devices have hardware support for. Thank you for yo...
by xvo
Fri Nov 02, 2018 8:43 pm
Forum: RouterBOARD hardware
Topic: hEX S no comms on any port with sfp1 iface disabled
Replies: 6
Views: 669

Re: hEX S no comms on any port with sfp1 iface disabled

I guess it has to do something with that data lanes XOR logic - either SFP or one more lane to the switch chip. You are right - looks like most possible cause. Despite you say the problem is solved, I think this behaviour should be described somewhere (on a wiki? in quick start guide?) in a form of...
by xvo
Fri Nov 02, 2018 8:20 pm
Forum: Beginner Basics
Topic: Setting up a bridge with firewall
Replies: 1
Views: 241

Re: Setting up a bridge with firewall

You can either make bridge use IP firewall:
https://wiki.mikrotik.com/wiki/Manual:I ... e_Settings
Or configure filters on the bridge itself:
https://wiki.mikrotik.com/wiki/Manual:I ... e_Firewall
by xvo
Fri Nov 02, 2018 8:15 pm
Forum: Beginner Basics
Topic: PC network isolation approach
Replies: 7
Views: 523

Re: PC network isolation approach

If you can have the PCs that need to be isolated connected directly to hEX, not the switch, then you can do it without vlans and in several different ways: - you can create separate subnet(s) for such PC(s) - you can run IP firewall on the bridge - you can configure bridge own filtering - you can us...
by xvo
Fri Nov 02, 2018 8:07 pm
Forum: RouterBOARD hardware
Topic: hEX S no comms on any port with sfp1 iface disabled
Replies: 6
Views: 669

Re: hEX S no comms on any port with sfp1 iface disabled

Is there a possibility, that you have a default config address assigned to sfp interface instead of the default bridge?
by xvo
Fri Nov 02, 2018 6:49 pm
Forum: Beginner Basics
Topic: SWITCH 260GSP
Replies: 30
Views: 1410

Re: SWITCH 260GSP

Hello. Yes..i was looking to it or any RB 951. But what about wireless coverage? Using a CAP AC for example, will help me to have a better wireless coverage inside the house? I know is more complicated but maybe those AP have a better and bigger antenna inside. What do you think.? Does it make sens...
by xvo
Fri Nov 02, 2018 6:26 pm
Forum: RouterBOARD hardware
Topic: Desired switch
Replies: 7
Views: 897

Re: Desired switch

+1
Need that too :)
Any of this with internal PSU will be fine:
CRS318-8G-8P-2S+
CRS318-10G-6P-2S+
CRS318-12G-4P-2S+
by xvo
Fri Nov 02, 2018 6:09 pm
Forum: Beginner Basics
Topic: SWITCH 260GSP
Replies: 30
Views: 1410

Re: SWITCH 260GSP

hello. I can't use the RBM33 like this just because the routerboard is installed on the pole to make the antennas cables as short as possible. I need to have one router..or switch with dediated AP to be used inside my home. I see... But you can still combine switch + AP in one device, or perhaps ev...
by xvo
Fri Nov 02, 2018 4:43 pm
Forum: General
Topic: Winbox-Traffic - 200kbit/s
Replies: 14
Views: 754

Re: Winbox-Traffic - 200kbit/s

Hi!

It would be great to be able to configure the refresh rate to lower that bandwidth consumption...
You can give it a try here: viewtopic.php?t=45934
by xvo
Fri Nov 02, 2018 4:15 pm
Forum: General
Topic: Winbox-Traffic - 200kbit/s
Replies: 14
Views: 754

Re: Winbox-Traffic - 200kbit/s

Hi! Thats strange... I am connecting to the IP of the CRS. I just checked my Firewall-connection-list.... If I just connect to the CRS, it consumes only a few kbps (14,4) If I only open the interface-list, it goes up to 260 kbps --> The problem seems to be the Interface List. Can you confirm this? ...
  • 1
  • 2
  • 3
  • 4
  • 5
  • 7