Community discussions

MUM Europe 2020

Search found 13 matches

by rechandler
Sat Feb 09, 2019 7:35 pm
Forum: Beginner Basics
Topic: Block incoming connection
Replies: 1
Views: 281

Re: Block incoming connection

I use Layer7 and regex:
\ /crl/.+\.crl\ .*Host: crl\.domain\.com
Is there any other way?
by rechandler
Sat Feb 09, 2019 7:04 pm
Forum: Beginner Basics
Topic: Block incoming connection
Replies: 1
Views: 281

Block incoming connection

Hi!
I have a domain on CloudFlare. My A record point to my router. I use it only for access to CRL. I want on my router firewall block all incoming connection (input chain) which point to different address than crl.domain.com/crl/*

How can I do that?
by rechandler
Fri Nov 02, 2018 10:47 am
Forum: General
Topic: Help with IKEv2/IPsec client configuration
Replies: 35
Views: 11587

Re: Help with IKEv2/IPsec client configuration

Is there any plans to implement it?
by rechandler
Wed Jul 25, 2018 1:41 am
Forum: Beginner Basics
Topic: Generating intermediate certificate missing CRL Distribution Points
Replies: 0
Views: 427

Generating intermediate certificate missing CRL Distribution Points

Hi! I'm trying to generate certificates. First I generate root ca cert (key usage: digital signature, key cert. sign, crl sign) and sign it with param: CA CRL Host: xxx. Generated certificate has CRL Distribution Points set to good value. Than I try to generate intermediate certificate (key usage: d...
by rechandler
Tue Jul 24, 2018 8:54 am
Forum: General
Topic: IKEv2 VPN not working on iPhone
Replies: 1
Views: 1178

IKEv2 VPN not working on iPhone

Hi! I've configured IKEv2 VPN based on https://wiki.mikrotik.com/wiki/Manual:IP/IPsec#Road_Warrior_setup_using_IKEv2_with_RSA_authentication. Everything work fine... on MacBook, but when I try to connect via iPhone I have "User authentication failed." error. I use the same cert in MacBook and iPhone...
by rechandler
Thu Jul 12, 2018 11:42 pm
Forum: Beginner Basics
Topic: Guest vlan with client isolation
Replies: 4
Views: 1027

Re: Guest vlan with client isolation

Sure, so now I've got this:
/interface bridge port
add bridge=bridge-guest horizon=1 interface=wlan-guest1
add bridge=bridge-guest horizon=1 interface=wlan-guest2
That's all?
by rechandler
Thu Jul 12, 2018 11:26 pm
Forum: Beginner Basics
Topic: Guest vlan with client isolation
Replies: 4
Views: 1027

Re: Guest vlan with client isolation

I've made this configuration. Can someone check if this is ok? /interface wireless add default-forwarding=no disabled=no mac-address=CE:2D:E0:C9:C6:D1 \ master-interface=wlan1 name=wlan-guest1 security-profile=guest ssid=\ "Guest" wps-mode=disabled add default-forwarding=no disabled=no mac-address=C...
by rechandler
Thu Jul 12, 2018 1:33 am
Forum: Beginner Basics
Topic: Guest vlan with client isolation
Replies: 4
Views: 1027

Guest vlan with client isolation

Hello,
I'm trying to do guest wifi (2 virtual wlan) and create vlan for guests. Can somebody provide a configuration to do this? I also want that client don't see each other and cannot use internal resources. I have read multiple tutorial but neither have answer to my question.
by rechandler
Tue May 29, 2018 8:11 pm
Forum: Beginner Basics
Topic: Disabling Dynamic DNS Servers... [SOLVED]
Replies: 8
Views: 8631

Re: Disabling Dynamic DNS Servers... [SOLVED]

You're welcome. I had exacly the same issue
by rechandler
Tue May 29, 2018 1:59 pm
Forum: Beginner Basics
Topic: VLAN for guests multiple VAP
Replies: 2
Views: 380

Re: VLAN for guests multiple VAP

Yes, sure. I know that, but I also want to create VLAN and I don't know how to put this step to advice above.
by rechandler
Tue May 29, 2018 1:17 pm
Forum: Beginner Basics
Topic: Disabling Dynamic DNS Servers... [SOLVED]
Replies: 8
Views: 8631

Re: Disabling Dynamic DNS Servers...

You can disable dynamic dns by disable peer dns in dns client
/ip dhcp-client set use-peer-dns=no
by rechandler
Tue May 29, 2018 8:27 am
Forum: Beginner Basics
Topic: VLAN for guests multiple VAP
Replies: 2
Views: 380

VLAN for guests multiple VAP

Hello, I'm trying to create VLAN for guests. It's should be easy task, but on every tutorial I've watched the example was about only 1 ap. I have WLAN 2,4GHz and WLAN 5GHz. I've also created already 2 virtual WLAN for my guests. And my problem is how to create 1 VLAN with this 2 separate virtual WLA...
by rechandler
Mon May 28, 2018 1:32 pm
Forum: Beginner Basics
Topic: L2TP/IPsec brute force protection iOS 11 problem
Replies: 0
Views: 280

L2TP/IPsec brute force protection iOS 11 problem

Hello, I just bought new MikroTik hAP AC^2. I read a lot of tutorials and guide how to configured it properly. I have problem with VPN connection from my iPhone. It connect properly but very stuff get weird when it's disconnecting. After disconnect iPhone create new connection. I attach log to demon...