MikroTik

macsrwe

set full name=full policy=local,telnet,ssh,ftp,reboot,read,write,policy,test,winbox,password,web,sniff,sensitive,api,romon,dude,tikapp skin=default it does not depend on what user(s) exist. It just make sure that "full" group is really full, create new "full" user and delete every single user excep...

macsrwe

@man: You can always create completely new user and disable/delete original "admin". +1 I agree. Deleting "admin", even if it has a pwd from hell is that much more secure. And for those of us who have already been doing that for years with an initialization script, MikroTik has just made that even ...

macsrwe

Somehow, this doesn't feel "solved"... :( I'm trying to use the MikroTik link calculator on a pair of existing QRT 5 ac units, to make sure the results agree with current reality before doing the calculations for a planned upgrade. The configurator says the radio power is 27 (and won't let me change...

macsrwe

It looks like I'm going to have to walk the greater part of this complaint back. Although the problem occurs sporadically on other USB/Ethernet adapters, it seems my particular problem was caused by one containing the AX88179 chip. Testing has shown that this dongle ALWAYS fails in this manner with ...

macsrwe

I see a particular failure mode in netinstall very often. The router model comes up, I select it, I select the packages to load, I hit the install button. A fast message blips on the bottom line and immediately disappears, words to the effect of "sending proposal to router" (sorry, I don't remember ...

macsrwe

The NATting shouldn’t make a difference one way or the other. In a home network, any device can choose to use any DNS server; they all go through NAT, and it all works. The only difference in your configuration is that you have a device that needs to be fed a custom DNS value instead of having an op...

macsrwe

The registration strength information you published is for the AP side I believe, from the board ID in the window header. What is the same information from the CPE? If you have 15 users on Nanostations and only one exhibiting this misbehavior, change out the CPE. It's not worth beating yourself up o...

macsrwe

Yes, I understood all that. You have a lovely layer-2 connection with no layer-3 connection at all. That’s why you should look at your routing. I would treat the frequency thing as a red herring unless I made double sure that the CPE was connecting with the same AP in both cases. Sent from my iPhone...

macsrwe

Very cool solution, if it works reliably. The wiki doesn’t even hint that this is a possibility, or that the networks will necessarily be matched in order of specificity. But I will certainly remember it.

Sent from my iPhone using Tapatalk

macsrwe

I haven’t personally tried this, but I think the cleanest way to do it is to obtain the MAC address of your IPTV box, assign it a static IP address in /ip dhcp-server lease, and set the DHCP-options field according to the IANA standard (link provided in wiki) to denote a custom DNS server for that d...

macsrwe

How strange. When I read your symptom, my first thought was that you just had an incorrect routing table in the CPE that was causing ping responses to get lost. But the information about frequency ranges complicates this diagnosis. I see that you have WDS active. Is there any possibility that changi...

macsrwe

I purchased 20 PowerBox Pro's and on my taller towers I am having problems with POE output on them when I get above 2 ports powered by the box. Why has Mikrotik not commented on this? Sorry, I didn't see this earlier... I have verified that if you are going to power multiple higher-current devices ...

macsrwe

Resolution: I replaced the 100' armored CAT5 POE cable carrying 24VDC with 12ga armored "parking deck" cable fed into the barrel power connector. System health now reports 23.8V and port 5 problem is now gone.

macsrwe

I do see it is trying to connect - but no btest is starting ... Hmmm , Try updating the ROS version of your Mikrotik to the latest. I am currently running 6.42.7 I think you might need to be on the same version After you upgrade - give it a try again and let me know North idaho Tom Jones I upgraded...

macsrwe

macsrwe re: Can't get connected to this any longer.

What IP address are you testing from ? I can look at the fw logs and see if your IP address shows up in there.

North Idaho Tom Jones (207.32.194.24 btest admin)

198....

macsrwe

(my btest server is 207.32.194.24 btest/btest) Can't get connected to this any longer. Haven't used it previously, so it's not a hog timeout. Last time I used it, you had a different name and password, so it's been some time. Now I just get a long "connecting" and a "can't connect." Screen Shot 201...

macsrwe

I've been using the recommended "accept established," "accept related" firewall rules for years at the top of the input chain on my routers. Today, while debugging a problem caused by my errantly dropping all incoming traffic (including replies!) to the NTP port on my gateway router, it occurred to ...

macsrwe

Strange, I found out, if I disable fast forward then fast path packets are counting. I suspect this is hardware related. I see the same behavior on my PTP links that are DynaDishes or QRT-5's, but on my LHG 5ac links, the fast path packets count whether fast forward is enabled or not. In your origi...

macsrwe

With low voltage poe there is a limit - 1A (1000mA) thru ethernet port/cable. If you power your power-box from another poe-out device, than this limit clearly apply to your case. Also I see that you have only 20.6 volts on poe-out-voltage. Do you use stock power adapter (24v @ 2.5A, you should see ...

macsrwe

That's a good question. I think it's via port 1, but there were some cabling changes about five months ago and it's possible we switched to the jack. I'm about 75% sure it's still the ethernet POE in.

I'm not sure why this would make a difference, so please enlighten me as to why you asked.

macsrwe

Like this: https://mikrotik.com/product/rbgpoe_con_hp

Sent from my iPhone using Tapatalk

macsrwe

Last night, I had a short-haul link go out (SXT lite5 ac, powered by a PowerBox Pro) that's been running fine for about a year. I found that it came back if I forced POE on, but I don't understand why. It is, in fact, on the last interface on the PowerBox, suggesting power budget triage, but I can't...

macsrwe

@janisk: I have multiple Clients with IKEv2 Server with RSA (Certificates). Those Certificates are made with ddns hostname (7dgfdghgssaa1.sn.mynetname.net) from IP Cloud.will the hostname remain the same. If not I have a big problem since I have to reissue all certificates to users on multiple site...

macsrwe

The only bootloop possible is one caused by the new bootloader not being properly written. Which didn't happen to me on 30-40 RC updates. MikroTik put out a release about six months ago where the "new available firmware" field always showed up as blank. Boot loop. I use a more cautious approach in ...

macsrwe

It is equally "stupid" to assume that he is claiming that a routable IP is not available at his edge router, else remote maintenance of his network would be problematic. If he can administer it, he can install Dude hardware inside it. You have a nice day, too.

macsrwe

"Lack of public IP" is an ambiguous phrase. Sometimes it is used to mean "RFC-1918 address." Other times it is used to mean "addressable but not static." /ip cloud solves the latter problem; if your public IP can change at whim, you cannot solve this problem using only port forwarding. My suggestion...

macsrwe

It solves the "lack of public IP" problem. Solving the NAT problem is simply a port forwarding rule. I run systems configured just this way, it's not difficult.

macsrwe

/ip cloud is usually used to solve this need; set up once and forget.

Sent from my iPhone using Tapatalk

macsrwe

Maybe it’s just me, but for 55 bucks I would just buy a dedicated MikroTik hEX to run Dude on, and avoid all the invented-here hassle. Thanks for the feedback, tell me where would you place the dedicated MikroTik hEX to run Dude on to avoid all the invented here hassle ? Nik Is there some subtlety ...

macsrwe

Maybe it’s just me, but for 55 bucks I would just buy a dedicated MikroTik hEX to run Dude on, and avoid all the invented-here hassle.

Sent from my iPhone using Tapatalk

macsrwe

> I use this feature only to locate MikroTik routers I have installed that don’t have static IP addresses. this is the intended use - you are our target audience for the IP-cloud's DDNS feature OK... so, as I don't really care about using it for NTP or on IPV6, does this new implementation give me ...

macsrwe

It has improvements in security, responsiveness and expandability.

Maybe a little elaboration on this, so I can decide if I care? I use this feature only to locate MikroTik routers I have installed that don’t have static IP addresses.

Sent from my iPhone using Tapatalk

macsrwe

What I want is to publish a SSID for them to connect to, (max 10 concurrently) the hap ac2 to hand out DHCPaddresses that are a subset of my main pool (192.168.1.180-190), and then the clients to have all web traffic blocked apart from one web address for the H&S It seems to me that the most straig...

macsrwe

Are you sure it’s not a customer machine downstream somewhere that is infected? If you are NATting, your ISP is just going to see it coming from your MikroTik device, and he will have no way to realize that it’s coming from somewhere else inside your network.

Sent from my iPhone using Tapatalk

macsrwe

How is bandwidth allocated if I don't explicitly use some sort of a queue? Let's say my router has 10 Mbps available to it (provided by my ISP), and 5 computers are connected to it, and all five are downloading files from a source that is capable of serving more than 10 Mbps (i.e. enough to saturat...

macsrwe

Tried everything you suggest. Didn't help..

After you download, the packages should appear in /files. Verify this. After you reboot, are those packages still in /files, or are they gone?

macsrwe

I have seen this happen if the NTP server is returning funky values or if there are multiple alternate servers that are not synced.

Sent from my iPhone using Tapatalk

macsrwe

Hi to all, I've been puzzling hours now to setup a mikrotik that i bought today. I'd like to ask if it is even possible to do what i want to do. I want to connect my mikrotik hAP lite to my Router wirelessly and then make mikrotik repeat the router with different ssid and passphrase. I've been read...

macsrwe

Yesterday our admin at the office told me, i have to switch the wireless mode to "station pseudobridge" and that worked perfectly, even without any IP-adresse, DHCP-Relay or something else. But he couldn't explain why to do that. This is the "wireless bridging problem" explained at 802.11 limitatio...

macsrwe

i am no longer confident I understand what the OP is trying to do, or that he understood the technical implications of agreeing with my statement that he was "trying to add an RB 912 to his current SOHO router as a wireless access point." In particular, he has not made clear whether he is attaching ...

macsrwe

If he’s trying to create a wireless access point, as he agreed, setting the wireless interface to station mode isn’t going to help him.

macsrwe

Don’t expect to ping anything or get anywhere from inside the 912. Like I said, it’s a dumb bridge, it doesn’t have any routes, and it doesn’t know how to get anywhere. But everything that connects to its wireless service will find its way out to its ethernet, and that’s all you need. Certainly ther...

macsrwe

Let me restate your problem to make sure I understand it. You’re trying to add an RB 912 to your current SOHO router as a wireless access point. If this is true, you are just overthinking the problem. Configure the 912 with its wireless and ethernet ports bridged together. Don’t configure any routin...

macsrwe

First, I assume you mean OS version, not firmware. Given that you have provided absolutely no details, file names, or screenshots, I have to take a stab in the dark. Are you loading upgrade packages for the correct CPU architecture of your router? If you load packages for the wrong CPU, they will ju...

macsrwe

No one? I was hoping for some advice :( I have no idea where you’re getting that second interface from. I have only two LHG 5 AC units on my network, and both of them show only one wireless interface, only one IRQ, and so on. I don’t see anything in the marketing literature that says there was ever...

macsrwe

Can somebody please tell me what this log information is (in dark red below containing warning denied winbox/dude connect from ? ** Is this log indicating remote IP addresses trying to get into my CHR via a potential vulnerability which has been discussed many times here ? ** This is from my public...

macsrwe

A month later, still crickets. Is anybody working this problem at all? Here's today's mailbox, as much would fit on a single screen... Screen Shot 2018-05-24 at 12.48.35 PM.jpg I don't even believe I ever visited "LHG 60 project in Hawaii," so I don't know why I'm even getting mail for that. But tha...

macsrwe

User might not have "Telnet" permissions in the group the user belongs to
Is there a way to see group permissions? What do i need to look in? I haven't seen anything that appears obvious.

Assuming you are using winbox, system/users/groups tab.

Sent from my iPhone using Tapatalk

macsrwe

I'll have to give it a try to see how it works out... in my experience, layouts are sometimes even lost when doing updates of RouterOS (when a column is added to some list everything falls back to defaults) so it is to be tried how well this works in a network mixed of bugfix/stable/testing version...

macsrwe

I have all my windows, columns, etc set in my session profile, and have that session profile set for all 100 or so of my Mikrotik devices. Is it possible to share a single session profile for all different devices even when you have many windows open to different devices at the same time? How does ...

Search found 630 matches