MikroTik

macsrwe

That's sweet, but for the cases where the UBNT network is not under control of the person who owns the MikroTik, is there any way to configure the MikroTik to "unoptimize" the connection enough to authenticate to the UBNT? I'm stuck in a situation where my smartphone and laptop can connect to the AP...

macsrwe

I just don't get it. If I connect to another MikroTik on our WAN, I see a normal throughput graph, but if I connect to this one, it's a 0 flat-line like a patient in asystole. What am I missing? Sorry for what may be an obvious question, but are you connecting to it with the bandwidth test tool, or...

macsrwe

I would like to ask for some feedback if you don't mind … --- Who and where-are-you to those who use the btest server ? I've used it perhaps a dozen times over the past 18 months from the region surrounding Wickenburg, Arizona, to ensure periodically that WAN providers are (still) offering the spee...

macsrwe

I'm asking because some of the MikroTik devices has queue limit, for example "20 simple queues".

Those aren't limits, they are just one of the configurations that are tested and reported in the device's performance matrix for the brochure.

Sent from my iPhone using Tapatalk

macsrwe

Have you tried to generate a supout.rif file when the client experiences the issues and send it to support@mikrotik.com? Sadly, no. As I mentioned, I have corrected for this bug only three times in all of 12 years. Each time, it was a Hail Mary attempt: "I'm totally buffaloed... let's try this, it ...

macsrwe

First, your bandwidth test exception rule at the beginning will not work as expected. One thing that I have found with simple queues is that if it is set for no limit on upload and download, it behaves as though that queue is not there. If you wish to try this for yourself it is easy to reproduce -...

macsrwe

1-POE-Host is port 1 on the PowerBox, which would normally supply the host's own service, except the property is vacant currently so there's no connection.

Here is a partial printout of the queue, the rest of the rules are identical except for address.

sqcli.jpg

macsrwe

It's pretty difficult to misconfigure simple queues. Queue, queue, queue, that's the one that matches this customer, we're done. There are no other queues. Removing them and putting exactly the same queues back should not fix a bandwidth problem like this... and yet it does. To bypass the queues, I ...

macsrwe

Sure. Let me give you the most recent instance. Subscriber calls me. "My internet is slow." I run the standard BTest, and he has headroom up the wazoo, 3x contract rate. (On our network, the ports used by MT BTest avoid the queues so we can measure true available headroom, not just the max contract ...

macsrwe

Thanks a lot for all the help and information. I just needed to know that it's possible but you've given me plenty more than just that info. As long as it's doable I'm sure I can make it work (eventually). I'm going to go ahead and place my order. I can guarantee you right off the bat that it's doa...

macsrwe

This isn't a question, it's a warning. There is a bug of long standing in RouterOS that causes invisible, internal queue corruption. I have experienced it with both tree queues and simple queues, over a period of something like eight years, and have incontrovertibly proved it is happening. The sympt...

macsrwe

Most US dealers have RMA forms on their websites that you can fill out and email in to them to make an RMA claim. Some require you to return the faulty unit, though in cases where the damage is apparent (e.g., delamination problems with some DISC units) a photo will suffice.

macsrwe

Hi guys, I have a trouble with Mikrotik hap mini. I plugin 3 devices, all working fine, but when i add one more device - fourth! Mikrotik crushed down. It's the fourth device that's left without the Internet. Then I reboot the Microbe. After that, I can't go to its settings. I reboot several times,...

macsrwe

You bridged interfaces and then put addresses on them? Bridged interfaces can't have individual addresses, all the addresses must belong to the bridge. This can cause a raft of addressing gremlins. Fix this issue first, and perhaps the DHCP issue will disappear.

Sent from my iPhone using Tapatalk

macsrwe

I see a box for enable-nstreme in the Nstreme tab of Wireless. I don't know what it's supposed to do. If I set the bridge side of a PTP link to nstreme in "Wireless Protocol", it looks like I get nstreme regardless of whether or not this switch is checked, so what difference does the switch make? Th...

macsrwe

I think maybe I didn't state this entirely clearly. If you have a :local in a script outside ALL curly brackets, its behavior is nondeterministic. For deterministic behavior, put one set of curly brackets around the entire text of the script. And yes, once you have a nicely deterministic variable, i...

macsrwe

Figured out that, for whatever reason, on RouterOS 6.43.7 on an RB4011, it will fail that way if run in verbose mode. If I don't run in verbose mode it works fine. If anyone has an explanation that would be great. I've seen weird things happen in verbose mode that didn't happen when not in verbose ...

macsrwe

set full name=full policy=local,telnet,ssh,ftp,reboot,read,write,policy,test,winbox,password,web,sniff,sensitive,api,romon,dude,tikapp skin=default it does not depend on what user(s) exist. It just make sure that "full" group is really full, create new "full" user and delete every single user excep...

macsrwe

@man: You can always create completely new user and disable/delete original "admin". +1 I agree. Deleting "admin", even if it has a pwd from hell is that much more secure. And for those of us who have already been doing that for years with an initialization script, MikroTik has just made that even ...

macsrwe

Somehow, this doesn't feel "solved"... :( I'm trying to use the MikroTik link calculator on a pair of existing QRT 5 ac units, to make sure the results agree with current reality before doing the calculations for a planned upgrade. The configurator says the radio power is 27 (and won't let me change...

macsrwe

It looks like I'm going to have to walk the greater part of this complaint back. Although the problem occurs sporadically on other USB/Ethernet adapters, it seems my particular problem was caused by one containing the AX88179 chip. Testing has shown that this dongle ALWAYS fails in this manner with ...

macsrwe

I see a particular failure mode in netinstall very often. The router model comes up, I select it, I select the packages to load, I hit the install button. A fast message blips on the bottom line and immediately disappears, words to the effect of "sending proposal to router" (sorry, I don't remember ...

macsrwe

The NATting shouldn’t make a difference one way or the other. In a home network, any device can choose to use any DNS server; they all go through NAT, and it all works. The only difference in your configuration is that you have a device that needs to be fed a custom DNS value instead of having an op...

macsrwe

The registration strength information you published is for the AP side I believe, from the board ID in the window header. What is the same information from the CPE? If you have 15 users on Nanostations and only one exhibiting this misbehavior, change out the CPE. It's not worth beating yourself up o...

macsrwe

Yes, I understood all that. You have a lovely layer-2 connection with no layer-3 connection at all. That’s why you should look at your routing. I would treat the frequency thing as a red herring unless I made double sure that the CPE was connecting with the same AP in both cases. Sent from my iPhone...

macsrwe

Very cool solution, if it works reliably. The wiki doesn’t even hint that this is a possibility, or that the networks will necessarily be matched in order of specificity. But I will certainly remember it.

Sent from my iPhone using Tapatalk

macsrwe

I haven’t personally tried this, but I think the cleanest way to do it is to obtain the MAC address of your IPTV box, assign it a static IP address in /ip dhcp-server lease, and set the DHCP-options field according to the IANA standard (link provided in wiki) to denote a custom DNS server for that d...

macsrwe

How strange. When I read your symptom, my first thought was that you just had an incorrect routing table in the CPE that was causing ping responses to get lost. But the information about frequency ranges complicates this diagnosis. I see that you have WDS active. Is there any possibility that changi...

macsrwe

I purchased 20 PowerBox Pro's and on my taller towers I am having problems with POE output on them when I get above 2 ports powered by the box. Why has Mikrotik not commented on this? Sorry, I didn't see this earlier... I have verified that if you are going to power multiple higher-current devices ...

macsrwe

Resolution: I replaced the 100' armored CAT5 POE cable carrying 24VDC with 12ga armored "parking deck" cable fed into the barrel power connector. System health now reports 23.8V and port 5 problem is now gone.

macsrwe

I do see it is trying to connect - but no btest is starting ... Hmmm , Try updating the ROS version of your Mikrotik to the latest. I am currently running 6.42.7 I think you might need to be on the same version After you upgrade - give it a try again and let me know North idaho Tom Jones I upgraded...

macsrwe

macsrwe re: Can't get connected to this any longer.

What IP address are you testing from ? I can look at the fw logs and see if your IP address shows up in there.

North Idaho Tom Jones (207.32.194.24 btest admin)

198....

macsrwe

(my btest server is 207.32.194.24 btest/btest) Can't get connected to this any longer. Haven't used it previously, so it's not a hog timeout. Last time I used it, you had a different name and password, so it's been some time. Now I just get a long "connecting" and a "can't connect." Screen Shot 201...

macsrwe

I've been using the recommended "accept established," "accept related" firewall rules for years at the top of the input chain on my routers. Today, while debugging a problem caused by my errantly dropping all incoming traffic (including replies!) to the NTP port on my gateway router, it occurred to ...

macsrwe

Strange, I found out, if I disable fast forward then fast path packets are counting. I suspect this is hardware related. I see the same behavior on my PTP links that are DynaDishes or QRT-5's, but on my LHG 5ac links, the fast path packets count whether fast forward is enabled or not. In your origi...

macsrwe

With low voltage poe there is a limit - 1A (1000mA) thru ethernet port/cable. If you power your power-box from another poe-out device, than this limit clearly apply to your case. Also I see that you have only 20.6 volts on poe-out-voltage. Do you use stock power adapter (24v @ 2.5A, you should see ...

macsrwe

That's a good question. I think it's via port 1, but there were some cabling changes about five months ago and it's possible we switched to the jack. I'm about 75% sure it's still the ethernet POE in.

I'm not sure why this would make a difference, so please enlighten me as to why you asked.

macsrwe

Like this: https://mikrotik.com/product/rbgpoe_con_hp

Sent from my iPhone using Tapatalk

macsrwe

Last night, I had a short-haul link go out (SXT lite5 ac, powered by a PowerBox Pro) that's been running fine for about a year. I found that it came back if I forced POE on, but I don't understand why. It is, in fact, on the last interface on the PowerBox, suggesting power budget triage, but I can't...

macsrwe

@janisk: I have multiple Clients with IKEv2 Server with RSA (Certificates). Those Certificates are made with ddns hostname (7dgfdghgssaa1.sn.mynetname.net) from IP Cloud.will the hostname remain the same. If not I have a big problem since I have to reissue all certificates to users on multiple site...

macsrwe

The only bootloop possible is one caused by the new bootloader not being properly written. Which didn't happen to me on 30-40 RC updates. MikroTik put out a release about six months ago where the "new available firmware" field always showed up as blank. Boot loop. I use a more cautious approach in ...

macsrwe

It is equally "stupid" to assume that he is claiming that a routable IP is not available at his edge router, else remote maintenance of his network would be problematic. If he can administer it, he can install Dude hardware inside it. You have a nice day, too.

macsrwe

"Lack of public IP" is an ambiguous phrase. Sometimes it is used to mean "RFC-1918 address." Other times it is used to mean "addressable but not static." /ip cloud solves the latter problem; if your public IP can change at whim, you cannot solve this problem using only port forwarding. My suggestion...

macsrwe

It solves the "lack of public IP" problem. Solving the NAT problem is simply a port forwarding rule. I run systems configured just this way, it's not difficult.

macsrwe

/ip cloud is usually used to solve this need; set up once and forget.

Sent from my iPhone using Tapatalk

macsrwe

Maybe it’s just me, but for 55 bucks I would just buy a dedicated MikroTik hEX to run Dude on, and avoid all the invented-here hassle. Thanks for the feedback, tell me where would you place the dedicated MikroTik hEX to run Dude on to avoid all the invented here hassle ? Nik Is there some subtlety ...

macsrwe

Maybe it’s just me, but for 55 bucks I would just buy a dedicated MikroTik hEX to run Dude on, and avoid all the invented-here hassle.

Sent from my iPhone using Tapatalk

macsrwe

> I use this feature only to locate MikroTik routers I have installed that don’t have static IP addresses. this is the intended use - you are our target audience for the IP-cloud's DDNS feature OK... so, as I don't really care about using it for NTP or on IPV6, does this new implementation give me ...

macsrwe

It has improvements in security, responsiveness and expandability.

Maybe a little elaboration on this, so I can decide if I care? I use this feature only to locate MikroTik routers I have installed that don’t have static IP addresses.

Sent from my iPhone using Tapatalk

macsrwe

What I want is to publish a SSID for them to connect to, (max 10 concurrently) the hap ac2 to hand out DHCPaddresses that are a subset of my main pool (192.168.1.180-190), and then the clients to have all web traffic blocked apart from one web address for the H&S It seems to me that the most straig...

macsrwe

Are you sure it’s not a customer machine downstream somewhere that is infected? If you are NATting, your ISP is just going to see it coming from your MikroTik device, and he will have no way to realize that it’s coming from somewhere else inside your network.

Sent from my iPhone using Tapatalk

macsrwe

How is bandwidth allocated if I don't explicitly use some sort of a queue? Let's say my router has 10 Mbps available to it (provided by my ISP), and 5 computers are connected to it, and all five are downloading files from a source that is capable of serving more than 10 Mbps (i.e. enough to saturat...

macsrwe

Tried everything you suggest. Didn't help..

After you download, the packages should appear in /files. Verify this. After you reboot, are those packages still in /files, or are they gone?

macsrwe

I have seen this happen if the NTP server is returning funky values or if there are multiple alternate servers that are not synced.

Sent from my iPhone using Tapatalk

macsrwe

Hi to all, I've been puzzling hours now to setup a mikrotik that i bought today. I'd like to ask if it is even possible to do what i want to do. I want to connect my mikrotik hAP lite to my Router wirelessly and then make mikrotik repeat the router with different ssid and passphrase. I've been read...

macsrwe

Yesterday our admin at the office told me, i have to switch the wireless mode to "station pseudobridge" and that worked perfectly, even without any IP-adresse, DHCP-Relay or something else. But he couldn't explain why to do that. This is the "wireless bridging problem" explained at 802.11 limitatio...

macsrwe

i am no longer confident I understand what the OP is trying to do, or that he understood the technical implications of agreeing with my statement that he was "trying to add an RB 912 to his current SOHO router as a wireless access point." In particular, he has not made clear whether he is attaching ...

macsrwe

If he’s trying to create a wireless access point, as he agreed, setting the wireless interface to station mode isn’t going to help him.

macsrwe

Don’t expect to ping anything or get anywhere from inside the 912. Like I said, it’s a dumb bridge, it doesn’t have any routes, and it doesn’t know how to get anywhere. But everything that connects to its wireless service will find its way out to its ethernet, and that’s all you need. Certainly ther...

macsrwe

Let me restate your problem to make sure I understand it. You’re trying to add an RB 912 to your current SOHO router as a wireless access point. If this is true, you are just overthinking the problem. Configure the 912 with its wireless and ethernet ports bridged together. Don’t configure any routin...

macsrwe

First, I assume you mean OS version, not firmware. Given that you have provided absolutely no details, file names, or screenshots, I have to take a stab in the dark. Are you loading upgrade packages for the correct CPU architecture of your router? If you load packages for the wrong CPU, they will ju...

macsrwe

No one? I was hoping for some advice :( I have no idea where you’re getting that second interface from. I have only two LHG 5 AC units on my network, and both of them show only one wireless interface, only one IRQ, and so on. I don’t see anything in the marketing literature that says there was ever...

macsrwe

Can somebody please tell me what this log information is (in dark red below containing warning denied winbox/dude connect from ? ** Is this log indicating remote IP addresses trying to get into my CHR via a potential vulnerability which has been discussed many times here ? ** This is from my public...

macsrwe

A month later, still crickets. Is anybody working this problem at all? Here's today's mailbox, as much would fit on a single screen... Screen Shot 2018-05-24 at 12.48.35 PM.jpg I don't even believe I ever visited "LHG 60 project in Hawaii," so I don't know why I'm even getting mail for that. But tha...

macsrwe

User might not have "Telnet" permissions in the group the user belongs to
Is there a way to see group permissions? What do i need to look in? I haven't seen anything that appears obvious.

Assuming you are using winbox, system/users/groups tab.

Sent from my iPhone using Tapatalk

macsrwe

I'll have to give it a try to see how it works out... in my experience, layouts are sometimes even lost when doing updates of RouterOS (when a column is added to some list everything falls back to defaults) so it is to be tried how well this works in a network mixed of bugfix/stable/testing version...

macsrwe

I have all my windows, columns, etc set in my session profile, and have that session profile set for all 100 or so of my Mikrotik devices. Is it possible to share a single session profile for all different devices even when you have many windows open to different devices at the same time? How does ...

macsrwe

Just got one, I haven't tested it out yet but I like the form factor a lot. It's great for temp. use / live event / field testing or troubleshooting. No need to worry whether there's spare outlet, great for IoT. If there's a USB port it will work. I did think about mAP but this has just enough RJ45...

macsrwe

Since installing 6.42.1, a number of my CPEs have been regularly supouting for "out of memory" (also kernel error and watchdogs, but that's another problem entirely). It would be nice to know where the memory is going -- what portion of the system is using how much. I've never been able to find any ...

macsrwe

I think ROS 6.42.1 i VERY buggy version :( Many,many things not working or working randomly. For instance - next NOT working: Intel i350 miniPCIe cards at x86, working "randomly" Queues. Today I have had NOT working Simple Queues at one x86 machine. I was looking for a problem long time, and..... a...

macsrwe

13:31:55 system,info router rebooted 13:31:56 system,error,critical router rebooted because some critical program crashed ---------------------------------------------------------------------------------------------------------------------- 3 causes after upgrade to 6.42.1 ( CCR1036-8G-2S+ with 60-...

macsrwe

Powerline communication is absolutely worst use of radio spectrum ever. While pretending it's only wire line communication, reality is that entire house wiring becomes one large antenna, creating jammer that can be heard for miles. These low frequency bands have very special properties (global cove...

macsrwe

The message I got is: "backup,critical error creating backup file: could not read all configuration files" I saw the same on three devices. Contacted support, they told me to netinstall. I did and restored the backup. Everything was there except system note and setting for auto-upgrade (which chang...

macsrwe

What issues will be addressed ? WIll Netwatch be put back ? Netwatch is available as always. What has been removed is the capability of Netwatch to call scripts that perform actions that require write permission. I use Netwatch with scripts that do only a /log action and it still works. I've run in...

macsrwe

6.42.1 killed my metal2..package was updated and every time I upgrade the routerboard to current version, the rb simply stops and doesn't reboot anymore...will just go back to 6.41.3 and forget 6.42..it broke everything My experience indicates that this release does not get along well with single-p...

macsrwe

Downgrading a RB1100AHx2 from 6.42.1 to 6.40.8 bricked it. Will have to make a trip to the mountain to fix that one. At least I had a backup router in place! Indeed, every router I have attempted to downgrade from 6.42.1 to 6.39.3 (what we were running fine two weeks ago) gets bricked, regardless o...

macsrwe

@Xymox Ive spent the morning downgrading all my clients from 6.42.1 to 6.41.4.. Over the last few days ive seen a number of weird things on client systems that are previously reported on this thread. I do not consider 42.1 "stable"... The other BIG deciding factor to revert to 41.4 is Netwatch. Sho...

macsrwe

[deleted]

macsrwe

Im not sure what happened last night, but, somehow none of my scripts would run from scheduler. I could run them manually. Its like scheduler somehow was not running, or did not have permissions to run scripts.. I always use 2 partitions and flipped back to 41.3 and all was well. You know, I’ve bee...

macsrwe

Im not sure what happened last night, but, somehow none of my scripts would run from scheduler. I could run them manually. Its like scheduler somehow was not running, or did not have permissions to run scripts.. I always use 2 partitions and flipped back to 41.3 and all was well. You know, I’ve bee...

macsrwe

I think I found the secret, although I have no idea whether it is a bug or expected operation. You can reliably connect with a hidden SSID if you specify the SSID directly in the main /interface wireless configuration. If you instead use the connect list to contain the SSIDs, and leave the /interfac...

macsrwe

ARM upgrade from 6.42 to 6.42.1 will fail if another architecture package is also found on the flash... sometimes required to upgrade caps... in the past it would upgrade correctly and just ignored the extra architecture packages. Is this a bug or just intentional now? I haven't worked with caps, b...

macsrwe

@MT devs: I'd love to see new feature/button in Winbox (in wireless > registration table) which would mass upgrade all clients currently connected to AP to (let's say) latest version from current channel.

Not likely to get added to Winbox, as it's already in Dude.

macsrwe

LED problems： [admin@911-1] > system leds set interface=wlan1 type=wireless-signal-strength input does not match any value of type [admin@911-1] > system leds set interface=wlan1 type=wireless-status input does not match any value of type [admin@911-1] > Maybe your problem is that you haven't speci...

macsrwe

6.42.1 is "newer" than 6.42rcNN, right? It's an upgrade, not a downgrade?

macsrwe

PHPBB has no settings that control this. Either you get notified about every new reply, every time, or you turn it off. Sorry, normis, this is patently false. This worked fine in the past. If you take the time to read the text of the email message, it even says so: You are receiving this notificati...

macsrwe

No changes to forum settings in last weeks. When did this start ?

I first complained about this January 25 [Ticket#2018012522004794]. I got a couple of suggestions that didn't improve anything, then the ticket has been dead since the 31st.

macsrwe

Got two MikroTiks. Set up an AP on one with hide-ssid. Set up a station-bridge on the other, with that SSID in the connect list. The second one CANNOT find the first one... until I make the SSID on the AP visible. Then the station finds it immediately. If I now hide the SSID on the AP again, the sta...

macsrwe

This forum used to handle subscriptions by sending ONE notification if someone had updated a topic since you saw it, and wouldn't bother you again no matter how many more updates occurred until you had gone to that topic to catch up. (It's still advertised to do this.) As of about two months ago, it...

macsrwe

If you were doing this on an 2011 or even a hEX, I'd be less concerned. But a 750 is low-end and EOL, so I would watch my resource consumption carefully. That's true. But as always, all depends on the specific requirements and dancell didn't say what kind of equipment is using. Actually, he did... ...

macsrwe

This is not acceptable. Netinstall requires local travel to each individual router. Also, many routers are already installed in hard-to-access locations, such as towers and customer premises. Then what do you consider acceptable? A way to wipe the entire router erasing all traces of previous action...

macsrwe

Mikrotik SHOULD PUBLISH a how to scrub the unit clean so it gets rid of whatever that virus planted or send you a new unit. netinstall without previous configuration .... This is not acceptable. Netinstall requires local travel to each individual router. Also, many routers are already installed in ...

macsrwe

Hello please tell me how I will update my 3000 mikrotiks again quickly and easily is already the second time that this happens ... The critical need is to update the ones that directly touch external gateways. Routers within your own network are much less at risk (assuming you don't serve an unusua...

macsrwe

The Metarouter configuration shown should handle the problem admirably. My sole concern is this: Each Metarouter instance uses the same amount of resources as a stand-alone RouterOS installation. If you were doing this on an 2011 or even a hEX, I'd be less concerned. But a 750 is low-end and EOL, so...

macsrwe

Seriously, the solution that will cause you the least headache will be to browse to the modem's configuration page, change its default LAN range, and make the problem go away. Is it absolutely impossible for you to do that? I would tell the property owner that it's a lot cheaper for him to let me ma...

macsrwe

I agree with other posters, I don’t see that the interface-list definitions do anything useful. They’re certainly not necessary to the configuration as given, and should probably just be removed. What puzzles me is the statement in your original posting about “if I am connected on ether1 I should be...

macsrwe

What kind of bizarro ISP gives a person two WANs with the same WANIP? Confused? Is that even legal? This sounds like a situation I encountered at a recreational trailer park that had redundant DSL gateways in buildings at each end of the park. The most straightforward solution was just to reconfigu...

macsrwe

In the outback, towers are anything you can get permission to use...
(RB912s in ITElite sectors, with a PowerBox Pro at the base)

macsrwe

Ironically, if the equipment had been reversed you could have done this -- not using WDS, but by using the MikroTik's ability to configure any unit's radio as both a station and an AP . You take a performance hit, but if flexibility is your goal, it works really well. Since your guy seems to be marr...

macsrwe

Way too open-ended a question. Last (and only) time I used PBR was seven years ago, when I was transitioning (hot) from a bridged to a routed network. It worked OK for me because the policy was local to each tower (a very small number) and the CPEs connected to it, what I might term a shallow policy...

macsrwe

I have a customer who wants to extend their wireless coverage without having to physically plug in an ethernet between the primary (Mikrotik) and secondary (airport express) routers, with the second one getting its ip address via dhcp from the primary one. This suggests it is possible: https://www....

macsrwe

Would policy routing do what you want?

Sent from my iPhone using Tapatalk

macsrwe

*) netinstall - sign Netinstall executable with an Extended Validation Code Signing Certificate;

Finally! Now the Dude, please!

macsrwe

@Mikrotik - Netinstall is hard work. Pressing that stiff button on 500 devices and uploading a default config can be hit and miss. Lots of tutorials out there bout disabling network cards and such just to make it work, can we improve this ? Hopefully, you are aware that on a working router you can ...

macsrwe

Also, the MikroTik standard process doesn’t load NPKs in a safe order. Nothing is as much fun as when a CPE loads the system package first, then gets interrupted before downloading wireless. When it next comes up, it’s running the new system, but nobody can talk to It and you have to send out a tru...

macsrwe

Ah, and breaking connections is of course a common occurrence when all routers in the network decide at 03:00 to fetch and upgrade their RouterOS.... I already thought of that problem. There should be some randomness in the schedule time, probably. And indeed a recovery when a transfer fails. Off-l...

macsrwe

There is also the "/system upgrade" command which allows downloads from local location, but it is not clear to me if this is a recommended mechanism for new use, as it is mentioned very little. It dates from before the Internet-enabled /system package update facility. MikroTik would much rather you...

macsrwe

Nope, renaming it doesn't solve this. What does seem to solve it when it occurs is to restart Windows. Less than deluxe, and not a permanent solution.

macsrwe

Hah! This is not the first time I've run into netinstall problems that were fixed by renaming the exe. And yes, I did go back to using the original name at about the same time this problem occurred. I'll try renaming the exe before the next time I use it. Thanks!

macsrwe

I'm having a problem with netinstall in the past couple weeks, coinciding with upgrading to more recent releases (I am currently running netinstall 6.42rc49, and still see it). The syndrome is this: the router shows up in the window as "Ready," I select it, choose the software, and click Install. Ne...

macsrwe

Love the POE switch. Is it really that much additional engineering expense to offer an additional version of these devices in a weatherproof case like the PowerBox? Do you believe there is no market? Outdoor equipment is the norm where we are. I see UBNT announced an outdoor weatherproof gigabit Na...

macsrwe

I posted this here because it's a hardware and netinstall issue, though not exactly RouterBoard hardware. For years, I have been using a USB2/Ethernet adapter as a separate interface for performing netinstalls, and for cabled access to routers (since my computer has no ethernet jack). It uses an ASI...

macsrwe

Love the POE switch. Is it really that much additional engineering expense to offer an additional version of these devices in a weatherproof case like the PowerBox? Do you believe there is no market? Outdoor equipment is the norm where we are. I see UBNT announced an outdoor weatherproof gigabit Na...

macsrwe

yes, firewall rules can be moved How, please? I can’t find any way to do this in webfig. make sure they are sorted by ID (first column). if they are sorted by something else, you can't drag them around. Ah, I see the problem now. The drag thing doesn't work on an iPhone, which is the only situation...

macsrwe

yes, firewall rules can be moved

How, please? I can’t find any way to do this in webfig.

macsrwe

I'm trying to write a script that does something if the current date is before (or after) some specified date. If there's a way to compare dates in RouterOS scripting language without resorting to table lookups and string/numeric conversions, I'm not seeing it. The scripting guide says that the data...

macsrwe

nothing about LHG60G????
FCC Certification https://fccid.io/TV7LHGG60AD

LOL! Complete with a “purchase on Amazon” link that doesn’t work.

macsrwe

UserManager can be run on ARM now. What ROS is needed to run it, or is it a separate package?

User manager has always been a separate NPK. So when one shows up in the ARM flavor, you’ll know it works.

macsrwe

I thought I'd post this problem and its resolution here in case anybody else encounters it. I was configuring an OmniTIK UPA-5HnD with a single outboard SXT as a feed link. I couldn't get the SXT to power up unless I forced the port's POE-out on. The problem turned out to be that the cable I had ins...

macsrwe

I just stumbled upon this problem too. is the /interface ethernet poe settings set ether1-poe-in-long-cable=yes command not necessary now? did the powerbox worked well to you? Apparently, the new gigabit-capable units of this type are also 802.3af capable, and whatever changes were made to the POE-...

macsrwe

Sorry for the dump question, but where i find this command, on terminal ?
i cant find it
thanks

The command to update firmware is /system routerboard upgrade

If you are asking about some other command, please be more specific what command you are asking about.

macsrwe

Again - we strongly recommend to NOT use this feature if you are not aware about how it works. If you will not know min/max settings, then you will not be able to recover device in any way. I suspect there are many routers out there where this value is set to arbitrary garbage due to recent (still ...

macsrwe

After update 6.41.1 my RB951Ui 2HnD has alway reboot, and i cant winbox to interface address. How can I fix this?

Can you winbox to MAC address?

macsrwe

I just noticed that a number of my devices lost their system note.

Weird, since /system note doesn't actually do anything but create or edit a physical file named sys-note.txt ... so you must have lost the file.

macsrwe

For many years I was routinely using nv2 in my layer 2 (bridge/station-bridge) point-to-point links. I assumed that given its proprietary nature, it would offer enhanced thruput, and it allowed me to avoid exposing multiple SSIDs in public that were useless to end-users. Some time ago, a consultant ...

macsrwe

Love the POE switch. Is it really that much additional engineering expense to offer an additional version of these devices in a weatherproof case like the PowerBox? Do you believe there is no market? Outdoor equipment is the norm where we are.

macsrwe

You mean a DHCP client with default-route-distance=0 was adding a route with distance=0? That must have been a bug that has been fixed... Yep, that's exactly what happened. And that change could introduce some other bug, for example :) What is that "other bug"? I still don't get why you would want ...

macsrwe

The same script, just set to restart automatically, so I do not have to click manually. Yeah, I'm extremely wary of automatically scheduling anything that may result in a boot loop that I can't interrupt. For example, just this week or so a change in 6.41 renumbered firmware to match the RouterOS r...

macsrwe

As many other features, also this one is only in rc state and is still work on progress. At the moment it only executes "/system routerboad upgrade" feature after RouterOS upgrade if "auto-upgrade=yes". After reboot latest firmware is applied. I don't mind to wait for 2 reboot instead of one, if it...

macsrwe

Can you please explain, when Mikrotik will amend the CRS3xx releases, so that the supout.rif not gets written to volatile memory, but onto flash instead ?

When you type the command to take the supout, begin the file name with flash/.

macsrwe

I know this is an old thread, but my question somewhat relates. Once I give my Map 2nd power the USR and PWR lights come on and stay solid. I cant find a wireless network and the ethernet ports dont work (no lights when I connect a cable or any detection on winbox) I have tried to get to net instal...

macsrwe

The beauty of RouterOS is that you can give each interface two SSIDs -- an identical one shared by the 2.4 and 5G interfaces, and a unique one for each interface (e.g., Network2, Network 5, and Network). That way, the end user can decide whether he wants ignorant-bliss convenience or total control o...

macsrwe

e-mail - do not show errors when sending e-mail from script;

But still appears in the log, I hope?

macsrwe

Regarding RBM33G, is it possible to use 2 wireless cards on the 2 miniPCIe slots if someone does not need any 3G/LTE?

It's not clear from the PDF and product page.

+1, I am interested in this configuration as well.

macsrwe

HI guys; i believe for some problem, but i solved to inroduce: upload = "yes" in the syntax, informing to "fetch" what you should do, "send a file" If you neglect to specify the proper transfer direction, and the source-path does not exist on the (intended) target router, then this is simply a spec...

macsrwe

One release note: Upgrading older boards (such as 711s) to this release but not immediately updating the board firmware with a second reboot can lead to adverse behavior, such as the boards dropping off wireless connections for short periods for no apparent reason. This happened to us network-wide -...

macsrwe

hi , i have sort of the same problem , my RB SXT 5hpnd r2 is sort of bricked and i can't access it from down here and i need help ASAP . \netinstall didn't help "Down here?" Is your SXT up in a tower? Netinstall isn't going to do anything for a bricked device unless you hold the reset button on pow...

macsrwe

Why do you have IP addresses on ether1 and wlan1 while those interfaces are part of a bridge? When interfaces are in a bridge you only add addresses to the bridge.

Yup, I've already explained this to him twice. I think we may have a language translation issue.

macsrwe

Sounds like you have determined that your "Client Netmetal 922" is faulty.

Without the ip address / routes / bridge-ports configs for the two netmetal devices, there's little more I can do for you.

macsrwe

Either hold the reset button in as you apply power, and keep it in for 20 seconds, or set the System / Routerboard / Settings / Boot Protocol to try-ethernet-once-then-nand before rebooting. MikroTIk has Wiki pages that describe all this.

macsrwe

netinstall completely formats your router.
Yeah, but I want to save my config... And have protection from last wpa exploit

In Files, perform a back up. Drag the back up out of winbox onto your PC. Perform a netinstall. Drag the back up back onto your router, and restore it.

macsrwe

Use winbox to drag and drop the packages into the Files window, in the blank space outside the flash folder. Sent from my iPhone using Tapatalk I've already tried - same error. That would imply that your memory is also nearly full. Does winbox indicate that? (You can right click on the top bar and ...

macsrwe

If you look at the software download page at routerboard.com, you will see that RouterOS comes in a number of different processor flavors: MIPSBE, ARM, TILE, SMIPS, etc. The HAP mini is (I believe) a SMIPS device. You must download that version of the packages and put those in your Windows folder. N...

macsrwe

I give the ip address to the correct ethernet but can not ping it. When you make a statement such as this, it implies that you may not understand what I have already explained. If the ethernet is part of a bridge, directing your ping directly to the ethernet interface will never work because it has...

macsrwe

I can’t claim much familiarity with the default configuration, because I never use it.

If tools IP scan is finding your devices, then Ping ought to find them too, as long as you have a compatible address and address range assigned to your LAN interface.

macsrwe

From the description of your experiment on ether2, I’m going to assume that the 10. devices are inside your LAN. If ether2 through 5 are bridged, as opposed to switched, then you need to put the 10. address on the bridge, not on the individual hardware interface. You need to use an unused address, a...

macsrwe

Let me see if I can ask the question more clearly.

Through what interfaces are the 10. devices accessible? Are they on the far side of your WAN, or are they inside your LAN?

macsrwe

Use winbox to drag and drop the packages into the Files window, in the blank space outside the flash folder.

Sent from my iPhone using Tapatalk

macsrwe

You can obtain the license code for any unit either as described above, or from the /IP neighbors display of any neighboring unit. Whenever I receive a new unit, I log into my account at MikroTik.com and assign that license code to myself. The web interface tells me who the license was originally is...

macsrwe

I hope this is truly as simple as it sounds Create a Windows folder containing the RouterOS modules that you wish to install. When the name of your unit appears in the netinstall window, click the unit name, then click the browse button to browse to that Windows folder and then select the packages y...

macsrwe

The free measurement only describes the amount of non-volatile storage (“flash/“) that is free. However you can also place files outside of the flash folder. Those will be resident in memory, so they will be volatile when the unit is rebooted, but there is much more space available there. That is wh...

macsrwe

Maybe I misunderstand your question, but it seems obvious to me that if the three interfaces have different address ranges, they will not share broadcast traffic, whereas if they share the same address range through a bridge or switch, they will all share the broadcast traffic. The switch can’t make...

macsrwe

So what is your traffic speed and what is your CPU usage? It sounds like the bandwidth of your traffic may be overwhelming the CPU, whereas when it is offloaded through the switch chip, it works fine.

Sent from my iPhone using Tapatalk

macsrwe

Bridge mode on most SOHO routers just means that there is no NAT or DHCP server active, and all ports are simply bridged together, allowing the device behind it to provide routing services such as NAT and DHCP. You would want to do this, for example, if you wanted to add a wireless access point to a...

macsrwe

I’m not 100% sure you have a problem without some more detail. When the bridge is active, you should be trying to ping your ethernet connected devices by specifying the bridge as the target, not the ethernet port. You don’t say whether or not you did that, so I can’t tell. Also, the IP address has t...

macsrwe

I have to make a lot of assumptions about how these things are connected port wise, because you don’t describe it… but you shouldn’t need any routing rule at all. Just define a 10.0.0.x address on whatever port of your 750 leads to that other network.

Sent from my iPhone using Tapatalk

macsrwe

Litella.jpg

Works much better when you don't misspell the secret!

All that's necessary is to add a ROMON port for the LAN ether interface with the internal LAN secret, and every device shows up on the external network. Lovely!

macsrwe

ROMON allows multiple secrets. The wiki doesn't say anything about how to use more than one secret, except in the case where one or the other is blank (for seamlessly transitioning from a non-ROMON to a ROMON network). Our entire network is set up with ROMON enabled (what a blessing for disaster rec...

macsrwe

Yup, seeing that on two machines, and reported it when it happened (no response yet).

I found the screen in Defender where I could tell it to ignore anything in the Dude folder, but it was a race to beat Defender itself, which was deleting the Dude exe as fast as I could reinstall it.

macsrwe

Yes, we understand novices users too, but MikroTik coders need to think on experimental users too, so from my opinion, out of box can come with Quickset but also can be an option to can remove it too if an experimental user prefer to work as "old school" :P In conclusion I will love if Quickset wil...

macsrwe

I just got in a shipment of PowerBox Pros to replace the PowerBoxes on several of my towers. I exported the config on one of the original PowerBoxes, and tried importing it into the PowerBox Pro. It puked on this sequence: /interface ethernet poe settings set ether1-poe-in-long-cable=yes Here's what...

macsrwe

Looks like ALT+CMD+R causes "reload from origin" in macOS Safari (not shift). F5 adjusts keyboard brightness. Actually, it is shift-command-R that used to do this, but apparently no longer does in Sierra. Option (there is no alt) command-R now "enters responsive design mode," which is entirely unre...

macsrwe

macs do not even have F5

Shift command R.

Sent from my iPhone using Tapatalk

macsrwe

Yeah, OK... if the command you are running has even the potential of ever reading stuff from user-input, it won't be allowed.

See this posting for my own bugaboo related to this topic.

macsrwe

+1 on more ports. Four POE-out ports give you a PTP in, a PTP out, and two sectors, not quite enough. If MikroTik offered a weatherproofed POE out switch, I could make do if I had to, but one box is always handier.

Sent from my iPhone using Tapatalk

macsrwe

Whatever command you want to be persistent, instead of typing it into the terminal, type it into a script and then run the script. It will keep running even after you disconnect winbox.

Sent from my iPhone using Tapatalk

macsrwe

Feature request: It would be nice to be able to specify a default for the "other side" of a Dude bandwidth test. Right now, it always defaults to the alphabetically first host defined, EVERY time you open the panel. Since my gateway machine is practically at the bottom of the list, and the list is l...

macsrwe

Anyone know if the bracket that comes with the basebox will attach directly to UBNT style antennas? You can mount the basebox on the pole that the sectoral is mounted on. Unfortunately, not on the omnis. The Ubiquiti pigtails are only 4" long, so your BaseBox either goes where the mounting plate is...

macsrwe

Maybe I'm using this wrong, but it appears to me that if I select a product the calculator fills in the maximum power of that product, and then doesn't let me edit that figure if the maximum power is more than I can use legally in my area.

macsrwe

Ran into this error again today. It was not a policy error. Turned out to be a typo in the source path.

"Poll error" is a pretty obscure diagnostic for this situation.

macsrwe

I guess my mind is not working well this week. My eyes saw SB 750 and my mind thought RB 711, a radio board. So it looks like none of my advice was applicable at all. Apologies.

Sent from my iPhone using Tapatalk

macsrwe

How would the OP set this up using his Picostation M2 AP, if the AP has no support for multiple SSIDs? To be honest, I'm not sure I understood the OP's existing architecture. He said he had an SB 750, which I assumed was a typo for an RB 750 because otherwise I don't know what that is. If he does i...

macsrwe

Let me suggest a totally different approach, one that obviates the firewall entirely. Number one, you don't need a second physical AP – you can create a second virtual AP and get the same behavior. Virtual APs share the hardware characteristics of the master AP (frequency, protocol), but can have a ...

macsrwe

Feature request: Fix the Dude client to honor requests to shutdown or reboot the host OS without having to manually shutdown the Dude first. Often when some automated process attempts to shut down the host OS (e.g., Parallels updating to a new version or installing a new Toolbox), the shutdown reque...

macsrwe

Website data for Powerbox Pro says there is a "USB Power Reset" feature. But images I can find for Powerbox Pro don't show a USB port. Is there one inside perhaps? This product line could really use storage that doesn't disappear every time tower power fails. Existing flash is just a bit too small ...

macsrwe

Thanks for the pointer to hwaddress.com. My two go-to websites for decoding MAC addresses showed fc:a6:67:0e:81:96 as "not found," so I assumed that it was a private address made up out of whole cloth. Looks like it's time to switch reference sites. I've never played with a Chromecast, but from the ...

macsrwe

This is weirding me out. Subscriber called to complain home devices weren't performing properly. Remotely examined his hAP lite WiFi AP. Saw two devices registered, each showing signal varying wildly and quickly in the range from -60 to -90. I suspected wireless interference, so I ran a background s...

macsrwe

Your configuration just sounds fundamentally wrong. If you bridge all ten ports, you are essentially operating a switch, not a router. Traffic into any port is going to find its way out any other port without intermediation. If you bridge your WAN port to your PC port, you are essentially bypassing ...

macsrwe

/ip firewall address-list has a creation-time field that is read only, although it appears in the add box. It would be quite handy if that were writeable at add time, such that the entry would take effect at whatever date and time is entered. This would allow us to schedule changes in account behavi...

macsrwe

Just making sure you are aware that you cannot run the new Dude server on MIPSBE. You can run it on a TILE based machine, an x86, or on a hEX (not a hEX POE or any other variant). Given the price point of a hEX, I simply added one to my network, stuffed a memory card in it, and dedicated it to doing...

macsrwe

Hi, Is the "Backup Confirguration" option working? or store the config file on MicroSD/internal Storage? Thanks I hope I have interpreted your question correctly... The /dude backup-db command will back up your current Dude database. You can use parameters to /dude import-db to create the active Du...

macsrwe

I've been waiting over five years for /system upgrade upgrade-package-source to allow specification of its password parameter on the command line instead of demanding it interactively. This one deficiency makes Flashfig entirely useless to us and makes initializing every one of our MikroTik CPEs a m...

macsrwe

Please add some kind of "find router" feature. I often take over projects from other people and have to search for bunch of devices sometimes in many rooms even buildings. A simple "beep constantly" feature could save me a lot of time. You wouldn't believe where people put their routers and wifi ac...

macsrwe

Please make it possible to change the comment associated with a connection without it restarting said connection. This would be good for both /int wireless access and /int wireless connection; also the "add to access list" and "add to connection list" operations, where you already know that the res...

macsrwe

Hi, Please add feature that will allow me to add DNS name instead of exact IP address. I need this to connect 2 or more MKT routers (PPTP connection) if they are connected to internet thru ADSL and theirs IP addresses are dynamic. I hope that you understand what I am saying and that we can expect t...

macsrwe

Changes in v6.39rc17: macsrwe - If you can repeat the problem in rc17, please write to support@mikrotik.com Reset all the "wrong challenge" units yesterday by manually Reconnecting. Upgraded to rc17 last night. Tonight, I see I have two CPEs again stuck in the "wrong challenge (not requested)(4)" s...

macsrwe

it's not a big problem. just copy your device to Clipboard and paste to Notepad - here's the password even without calling WinBox :) Unbelievable. :shock: There are two aspects to this: 1. It's too easy to for any user without advanced credentials to get any password through this or a similar (CSV)...

macsrwe

Cannt find "wireless product selection guide"where was it published?
Open the newsletter, check last page.

Note that this link is now dead, and I cannot find the full-size illustration anywhere.

macsrwe

No worries. If you are using the DNS Cache / Resolver on the MikroTik (It comes on by default I believe). You can add a static entry for your web-site like: For cmrk.net at the local IP of 10.1.1.99: /ip dns static add address=10.1.1.99 name=cmrk.net You may want http://www.cmrk.net to work as well...

macsrwe

Regardless of the arguments for its desirability, none exists as far as I know. There is a unified guide available across models as far as radio signal strength and distance, but none that I know of for routing power. The only cross model indicator I know of in that regard is the unit price tag. Som...

macsrwe

is there a chart for the various models that compares/ shows WAN to LAN throughout performance so people may choose appropriate device? Not all in one place, I think, but at routerboard.com every device has a data sheet that shows bit and packet throughput for various configurations. In general, yo...

macsrwe

Good day all. :) We are looking to set up a 12,7Km P2P link and I was just wondering if the MikroTik Light Head Grid 24.5dBi Dual Chain (RB-LHG5) would suit our purposes. Or are there any better cheaper products that will cover the 12,7Km distance. This is a pretty long link for this unit. Success ...

macsrwe

If possible to do the above, I'd love to partake in this as well. Thanks. Can anyone send me an functional export of a harp lite with 2 wan a lan in bridge wit the wifi and the loadbalance and failover functional? The bridge is trivial, the fail over is not difficult, but multi WAN is a thorny issu...

macsrwe

I guess I'm in the minority... the newly announced product I crave most is the Powerbox Pro. At last, gigabit link performance on remote outdoor towers without needing to fight with annoying third-party metallic enclosure boxes and POE manifolds. I was right on the edge of deploying hEX POEs (with a...

macsrwe

What would be my consideration between the SXT, LHG or DISC? From what I can tell, it seems the DISC and LHG are about the same and the SXT seems to be more powerful than the other two. What gave you this impression? Do you mean radio power or CPU power? I'm not sure either is true. LHG has narrow ...

macsrwe

Apparently, I cannot vacuum the database. I'm running on a hEX, which has limited "RAMdisk" storage. A number of references claim that vacuum uses the same store as the Dude DB, but either that isn't true or it has gotten broken since -- I have tons of space on that drive, but when I run vacuum, I w...

macsrwe

Since putting up 6.39rc13, a large portion of my network got stuck in this state: wrong challenge (not requested)(4) whatever that means. I can't see link status or do bandwidth tests to those devices until I call each one up by hand and do a manual Reconnect. They're still green and all, but Dude ...

macsrwe

The request you made looks like: hey, build into all devices the adaptor I am using now in order I do not need to cary it with me. And everyone will buy those devices for higher price just because of that? Will even you buy that new device again? Nothing offending, just thinking loudly about this.....

macsrwe

Think about QuickSet as simple initial setup wizard. The only problem is that it may look as something more, which it isn't. Indeed. Quickset is a configurator specifically designed for people who understand only how to configure standard SOHO routers like Belkin, Netgear, etc. On those routers, yo...

macsrwe

s limitation in the feature set = bad software design Not always, as a glance at Microsoft word will bear out. Sometimes, limits to a features set are good design when the purpose of the interface is to enable an untrained user (such as a person who buys a router for his home use) to make simple ch...

Search found 647 matches