Community discussions

Search found 45 matches

by AndreasGR
Sun Sep 16, 2018 10:03 am
Forum: General
Topic: IKEv2 and iPhone
Replies: 1
Views: 318

Re: IKEv2 and iPhone

Bump...

Anyone ??
Mods?
by AndreasGR
Sat Sep 15, 2018 12:13 pm
Forum: General
Topic: IKEv2 and iPhone
Replies: 1
Views: 318

IKEv2 and iPhone

Hello all, I have implemented the am configuration using the phone as Road Warrior. On the iPhones there is the option to configure the client to connect on-demand in order to reconnect when data is needed (http://www.idownloadblog.com/2016/12/20/iphone-on-demand-vpn/). With MT ipsec server this opt...
by AndreasGR
Fri Aug 31, 2018 12:50 pm
Forum: General
Topic: IKEv2 and public IP
Replies: 1
Views: 318

Re: IKEv2 and public IP

I have fallow the manual on mikrotik wiki and successful configure ikev2 tunnel from my win10 laptop. when I type www.whatismyip.com I always get LTE address instead of my IKEv2 router/server in office. Is it possible to make IKEv2 to do the same as PPtP? Please do a route print from cmd on the lap...
by AndreasGR
Sun Jul 29, 2018 9:09 am
Forum: General
Topic: Remove Dynamic CRL
Replies: 4
Views: 685

Re: Remove Dynamic CRL

Any other suggestions please?
by AndreasGR
Mon Jul 23, 2018 9:30 pm
Forum: General
Topic: Remove Dynamic CRL
Replies: 4
Views: 685

Re: Remove Dynamic CRL

Thanks for the suggestion. It did not work.
I also changes crl store to RAM and rebooted but it's still there.
And cannot be deleted...
by AndreasGR
Mon Jul 23, 2018 8:24 pm
Forum: Beginner Basics
Topic: First mikrotik router-- ned help understanding security instructions.
Replies: 3
Views: 639

Re: First mikrotik router-- ned help understanding security instructions.

I would not suggest direct access from public IP. I recommend to set up a VPN with the mikrotik and connect via winbox or browser. IMHO browser has problematic functionality so I suggest you get a win vm on your linux just for winbox. If you need help with VPN there are many tutorials in wiki. I sug...
by AndreasGR
Mon Jul 23, 2018 8:17 pm
Forum: General
Topic: Remove Dynamic CRL
Replies: 4
Views: 685

Re: Remove Dynamic CRL

Nada???
by AndreasGR
Sat Jul 21, 2018 6:26 pm
Forum: RouterBOARD hardware
Topic: hAP ac (RB 962UiGS): Port flapping on LAN port when used for PPPOE connection
Replies: 9
Views: 1701

Re: hAP ac (RB 962UiGS): Port flapping on LAN port when used for PPPOE connection

An update would be of interest in case the problems have been fixed now that we are on 6.42.6.
by AndreasGR
Sat Jul 21, 2018 6:24 pm
Forum: General
Topic: Remove Dynamic CRL
Replies: 4
Views: 685

Remove Dynamic CRL

Hello all,
I imported a CA to a HEX S and along with the CA came the dynamic entry for the CRL.
I removed everything including the CA but the dynamic entry for the CRL remains.
Any ideas how to remove it?
Thanks in advance.

OS: 6.42.6
by AndreasGR
Wed Jun 13, 2018 6:20 am
Forum: Beginner Basics
Topic: Access isp modem http
Replies: 3
Views: 382

Re: Access isp modem http

Just by looking your IP addresses and without reviewing anything else I see that you have an IP address conflict between the two interfaces.
The /16 ether2 network has a complete inclusion of your /24 wan network.
Please review and separate the 2 networks.
by AndreasGR
Tue Jun 12, 2018 10:46 pm
Forum: Beginner Basics
Topic: Access isp modem http
Replies: 3
Views: 382

Re: Access isp modem http

please post IP->Addresses and IP->Routes
also please post your filter rules.
by AndreasGR
Tue Jun 12, 2018 8:28 pm
Forum: Beginner Basics
Topic: Sending email from Tools/Netwatch [SOLVED]
Replies: 5
Views: 2749

Re: Sending email from Tools/Netwatch [SOLVED]

Have you tested the script by selecting run script? If it does not run then check email settings. If it runs and sends email then follow the logic below: What are the script policies assigned? Do you have other than read, write, test and reboot? If yes deactivate all besides the above and test the s...
by AndreasGR
Tue Jun 12, 2018 5:49 pm
Forum: Beginner Basics
Topic: VPN SSTP
Replies: 4
Views: 361

Re: VPN SSTP

AFAIK your description of your problem is a bit obscure.
I think that you need to provide some detailed info about your configuration and explain the problem a bit clearer.
by AndreasGR
Tue Jun 12, 2018 2:37 pm
Forum: General
Topic: Mikrotik bricked by backup, reset button not working anymore
Replies: 25
Views: 4339

Re: Mikrotik bricked by backup, reset button not working anymore

I am terribly sorry that I do not have any other ideas. Maybe the board is damaged.
by AndreasGR
Tue Jun 12, 2018 12:10 pm
Forum: General
Topic: Mikrotik bricked by backup, reset button not working anymore
Replies: 25
Views: 4339

Re: Mikrotik bricked by backup, reset button not working anymore

Anytime I release the button it continues to reboot itself every 10sec (all LEDs flash + single beep). It never shows up in netinstall. When I keep pressing the reset button indefinitely, it constantly reboots every 36 seconds (3 sec after the single beep). It reboots even if you release at 20sec (...
by AndreasGR
Sun Jun 10, 2018 10:39 pm
Forum: General
Topic: self signed cert for IKE2
Replies: 5
Views: 578

Re: self signed cert for IKE2

Your Win PC needs to have the chain as trusted. Export the CA public key as described in the instructions and import it to the win PC. It has to be imported to the trusted root folder of the local machine repository.
by AndreasGR
Sun Jun 10, 2018 10:36 pm
Forum: General
Topic: Mikrotik bricked by backup, reset button not working anymore
Replies: 25
Views: 4339

Re: Mikrotik bricked by backup, reset button not working anymore

Do you try to connect with a direct cable or while connected at a switch ( where the other routers might also be connected)?
by AndreasGR
Sun Jun 10, 2018 11:06 am
Forum: The Dude
Topic: Error sending e-mail
Replies: 3
Views: 805

Re: Error sending e-mail

any chance you are blocking outgoing UDP 53 reqs?

Try to ping from within mikrotik (tools) to google.com and see if it resolves.
by AndreasGR
Sun Jun 10, 2018 10:51 am
Forum: General
Topic: self signed cert for IKE2
Replies: 5
Views: 578

Re: self signed cert for IKE2

Have you imported the CA public cert to your Win machine?
by AndreasGR
Sat Jun 09, 2018 7:39 am
Forum: Beginner Basics
Topic: L2TP & IPSEC with Windows 10
Replies: 12
Views: 3646

Re: L2TP & IPSEC with Windows 10

Have you tried removing the mikrotik from the DMZ and then port forward UDP 500 and 4500 to the Mikrotik IP?
by AndreasGR
Thu Jun 07, 2018 10:34 pm
Forum: General
Topic: self signed cert for IKE2
Replies: 5
Views: 578

Re: self signed cert for IKE2

https://wiki.mikrotik.com/wiki/Manual:IP/IPsec Very detailed info that I used and works on Blackberry OS10 and Win10 clients as well. Be careful with the settings for windows clients as Microsoft does not allow very tight security regarding Phase 1 (Peer) and Phase 2 (Proposal) proposal sets. The ab...
by AndreasGR
Tue Jun 05, 2018 4:01 pm
Forum: Beginner Basics
Topic: L2TP/IPSEC server configuration questions
Replies: 6
Views: 854

Re: L2TP/IPSEC server configuration questions

I am using IPSEC/IKEv2 and I do not have any ipsec-esp filter.
Am I missing something?
by AndreasGR
Tue Jun 05, 2018 3:54 pm
Forum: RouterBOARD hardware
Topic: hAP ac (RB 962UiGS): Port flapping on LAN port when used for PPPOE connection
Replies: 9
Views: 1701

Re: hAP ac (RB 962UiGS): Port flapping on LAN port when used for PPPOE connection

Too bad then. May I suggest something that might sound dumb? Please try to place a simple switch between the modem and the mikrotik and observe the behavior for a while. Some time ago I had a problem with auto negotiation with a router from another brand and I fixed it by manually setting the negoti...
by AndreasGR
Mon Jun 04, 2018 5:53 pm
Forum: Beginner Basics
Topic: IPSec tunnel connectivity
Replies: 7
Views: 673

Re: IPSec tunnel connectivity

Hello , Firewall config is Clear . I have only a rule in input chain with any any accept . Routing Table has only the automatic routes for the ISP and the prefix for the subnet i enter to one of the RB ports. This network is direct connected to the router so is there a need for static routes ? You ...
by AndreasGR
Mon Jun 04, 2018 5:49 pm
Forum: General
Topic: Firmware autoupgrade?
Replies: 3
Views: 622

Re: Firmware autoupgrade?

AFAIK there is no way to upgrade firmware with files being used, so I guess a reboot is something that we cannot avoid. On the other hand I believe that by having this function they aim to "steal" some upgrades just by simply rebooting the system even if the admin has forgotten to request for upgra...
by AndreasGR
Mon Jun 04, 2018 5:30 pm
Forum: General
Topic: Firmware autoupgrade?
Replies: 3
Views: 622

Re: Firmware autoupgrade?

AFAIK there is no way to upgrade firmware with files being used, so I guess a reboot is something that we cannot avoid. On the other hand I believe that by having this function they aim to "steal" some upgrades just by simply rebooting the system even if the admin has forgotten to request for upgrad...
by AndreasGR
Mon Jun 04, 2018 5:06 pm
Forum: Beginner Basics
Topic: IPSec tunnel connectivity
Replies: 7
Views: 673

Re: IPSec tunnel connectivity

The firewall configuration is clear? What about the route table? Are you trying to ping the other end of the tunnel or the other end subnet? If the answer for all the above is yes and you are trying to ping the subnet after the other end of the tunnel, you need to let your RB know what the route for...
by AndreasGR
Mon Jun 04, 2018 8:25 am
Forum: General
Topic: How to redirect traffic to Pfsense from Mikrotik
Replies: 3
Views: 494

Re: How to redirect traffic to Pfsense from Mikrotik

The case you are describing is having a Mikrotik behind a pFsense and not the other way round.
Nevertheless, all you need to do, is to set a forward rule to accept all traffic from the interface that is connected to your LAN, to the interface that is connected to pFsense.
That's all.
by AndreasGR
Sun Jun 03, 2018 8:46 pm
Forum: General
Topic: Can't install RouterOS on Alix2 board [SOLVED]
Replies: 3
Views: 450

Re: Can't install RouterOS on Alix2 board [SOLVED]

Happy to be of any kind of help.
Moderators please mark thread as solved.
by AndreasGR
Sun Jun 03, 2018 8:45 pm
Forum: General
Topic: Mikrotik bricked by backup, reset button not working anymore
Replies: 25
Views: 4339

Re: Mikrotik bricked by backup, reset button not working anymore

Win10 and Win XP. Netinstall works for my other RB951G-2HnD's, not for the bricked device. I know you said it works for other devices. Nevertheless please check if you have hyperv installed on your PC and make sure you are connected to the ethernet port that netinstall is allowed to connect for RB9...
by AndreasGR
Sun Jun 03, 2018 6:16 pm
Forum: Scripting
Topic: Send email if route active
Replies: 2
Views: 508

Re: Send email if route active

Do you connect to a static IP on the other end of the LTE, or is it a dynamic one?
by AndreasGR
Sun Jun 03, 2018 5:57 pm
Forum: General
Topic: How to redirect traffic to Pfsense from Mikrotik
Replies: 3
Views: 494

Re: How to redirect traffic to Pfsense from Mikrotik

So let's recap.
You have a pFsense followed by a Mikrotik which connects to the Internet.
And you want your clients to pass through pfSense, reach MT and then get redirected back to the pFsense?
by AndreasGR
Sun Jun 03, 2018 5:33 pm
Forum: RouterBOARD hardware
Topic: hAP ac (RB 962UiGS): Port flapping on LAN port when used for PPPOE connection
Replies: 9
Views: 1701

Re: hAP ac (RB 962UiGS): Port flapping on LAN port when used for PPPOE connection

I used to have the same problem (didn't have the resources to exchange modems etc.) It was finally solved by the ISP changing the physical connection (cabling at the DSLAM, as the reported back). May I ask what is your lock rate at the modem when it locks the connection with the ISP. Is it the same ...
by AndreasGR
Sun Jun 03, 2018 5:26 pm
Forum: General
Topic: Mikrotik bricked by backup, reset button not working anymore
Replies: 25
Views: 4339

Re: Mikrotik bricked by backup, reset button not working anymore

I had the same problem after an update due to power outage during restart after update.
It was saved by netinstall.
I read that you can't connect through netinstall.
What OS does your pc run?
by AndreasGR
Sun Jun 03, 2018 5:18 pm
Forum: General
Topic: Can't install RouterOS on Alix2 board [SOLVED]
Replies: 3
Views: 450

Re: Can't install RouterOS on Alix2 board [SOLVED]

Have you tried this?
http://www.quest4.org/etc/routeros-wrap.htm
Actually I haven't done it so be careful with the steps.
Also please note that since I have not followed the procedure I do not recommend or even advise you to follow it.
Please use it at your own risk.
by AndreasGR
Thu May 31, 2018 12:31 pm
Forum: General
Topic: Netwatch deprecated ? [SOLVED]
Replies: 48
Views: 9218

Re: Netwatch deprecated ? [SOLVED]

There is a problem though with scripts that use global variables.
use only for reading or use also for writing?
Both
by AndreasGR
Thu May 31, 2018 12:29 pm
Forum: General
Topic: Netwatch deprecated ? [SOLVED]
Replies: 48
Views: 9218

Re: Netwatch deprecated ? [SOLVED]

Unfortunately at the moment you will not be able to access global variables from netwatch executed scripts.
Too bad.
Thank you for the heads up though.
by AndreasGR
Thu May 31, 2018 10:47 am
Forum: General
Topic: Netwatch deprecated ? [SOLVED]
Replies: 48
Views: 9218

Re: Netwatch deprecated ? [SOLVED]

Guys, please read our posts more carefully: https://forum.mikrotik.com/viewtopic.php?f=2&t=134538#p665449 "FYI - we did already recieve complaints with examples from this same topic. And as suspected problem was script requires, for example, romon policy, but Netwatch does not have persmission to u...
by AndreasGR
Thu May 31, 2018 8:31 am
Forum: General
Topic: Netwatch deprecated ? [SOLVED]
Replies: 48
Views: 9218

Re: Netwatch deprecated ? [SOLVED]

Currently I use scheduler and just run it every 15 mins. Its not a ideal solution. The script above for DynDNS works, just not from Netwatch. You will want to comment out ":set dyndnsForce true" if you run this from scheduler. Unfortunately it does not work on 6.42.3 (RB435G)... Not even if just ex...
by AndreasGR
Thu May 31, 2018 6:14 am
Forum: General
Topic: Netwatch deprecated ? [SOLVED]
Replies: 48
Views: 9218

Re: Netwatch deprecated ? [SOLVED]

So, there is no solution? How are we supposed to use Dyn DNS? Currently I use scheduler and just run it every 15 mins. Its not a ideal solution. The script above for DynDNS works, just not from Netwatch. You will want to comment out ":set dyndnsForce true" if you run this from scheduler. Unfortunat...
by AndreasGR
Wed May 30, 2018 10:27 pm
Forum: General
Topic: Netwatch deprecated ? [SOLVED]
Replies: 48
Views: 9218

Re: Netwatch deprecated ? [SOLVED]

So, there is no solution? How are we supposed to use Dyn DNS? Currently I use scheduler and just run it every 15 mins. Its not a ideal solution. The script above for DynDNS works, just not from Netwatch. You will want to comment out ":set dyndnsForce true" if you run this from scheduler. Unfortunat...
by AndreasGR
Wed May 30, 2018 2:26 pm
Forum: General
Topic: Netwatch deprecated ? [SOLVED]
Replies: 48
Views: 9218

Re: Netwatch deprecated ? [SOLVED]

I have Netwatch watch 8.8.8.8 and when its up, trigger the below script.. Called UP.. The permissions are read write test on all the below. They worked before 6.42. They work if manually triggered. Up _____________________________________________________________________ :log warning "Connection up"...
by AndreasGR
Wed May 30, 2018 1:36 pm
Forum: General
Topic: Netwatch deprecated ? [SOLVED]
Replies: 48
Views: 9218

Re: Netwatch deprecated ? [SOLVED]

So, there is no solution?
How are we supposed to use Dyn DNS?
by AndreasGR
Wed May 30, 2018 10:03 am
Forum: Scripting
Topic: Problem with script for no-ip.info after update to 6.12
Replies: 24
Views: 10807

Re: Problem with script for no-ip.info after update to 6.12

Unfortunately none of the above seems to be working on 6.42.3.
Has anyone managed to resolve the problem?
Thank you in advance.