Community discussions

Search found 20 matches

by matuss
Wed Feb 27, 2019 2:09 pm
Forum: RouterOS v6 RC and v7 BETA
Topic: CCR1036-8G-2S+ IPSec multiple tunnels
Replies: 2
Views: 264

Re: CCR1036-8G-2S+ IPSec multiple tunnels

Did you have a look at https://mikrotik.com/product/CCR1036-8G ... estresults ?
According to test results, it can handle it under certain circumstances. With packet size of 1400 bytes, it should not be a problem, but packet size in real conditions depends on your scenario.
by matuss
Thu Feb 07, 2019 5:20 pm
Forum: General
Topic: Tunnel which generates least traffic when IDLE
Replies: 13
Views: 951

Re: Tunnel which generates least traffic when IDLE

Not a bad idea, but to get even smaller idle data size, another idea: Use scripting+scheduler to try to connect to special TCP port on your router (using telnet). If this fails, do nothing - only data sent is SYN request, just a few bytes. When you want remote router to dial in, simply open this po...
by matuss
Thu Feb 07, 2019 2:16 pm
Forum: General
Topic: Tunnel which generates least traffic when IDLE
Replies: 13
Views: 951

Re: Tunnel which generates least traffic when IDLE

You could _make_ yout own dial ondemmand. You could make a script in remote Mikrotik to send HTTP GET request and based on the result you could enable tunnel interface (and thus dial the tunnel). Then you would have to schedule that script to run every hour or so and voila :) What I don't know is ex...
by matuss
Mon Jan 28, 2019 5:38 pm
Forum: Beginner Basics
Topic: Openvpn server on rRpi - how to aloow openvpn clients to acess Rpi LAN
Replies: 10
Views: 429

Re: Openvpn server on rRpi - how to aloow openvpn clients to acess Rpi LAN

chain=dstnat action=dst-nat to-addresses=10.100.200.99 to-ports=1194 protocol=udp dst-address-list=XXX.XX.XX.XX dst-port=1194 Change dst-address-list to dst-address if you changed address list name to your address: chain=dstnat action=dst-nat to-addresses=10.100.200.99 to-ports=1194 protocol=udp ds...
by matuss
Thu Jan 10, 2019 10:30 pm
Forum: RouterBOARD hardware
Topic: Which RB devices are upgraded to have USR LED and MODE button?
Replies: 3
Views: 421

Re: Which RB devices are upgraded to have USR LED and MODE button?

Is cAP ac considered SOHO device? It has mode button when used with circle enclosure (the square one covers it with solid plastic so it is not push-able).
hEX S also has mode button, but it doesn't have wifi.

Out of curiosity: What is your use case for multiple mode buttons?
by matuss
Fri Dec 14, 2018 11:02 am
Forum: Announcements
Topic: Product comparison matrix
Replies: 29
Views: 3448

Re: Product comparison matrix

A tab with dual power supply possibility would be nice ... There is column named "Number of DC inputs". However some kind of filter would be nice - lets say that I have power PoE device that supplies 24 V, so I want to filter devices by PoE and input voltage. You have a little bug in values orderin...
by matuss
Mon Dec 10, 2018 4:22 pm
Forum: Beginner Basics
Topic: Router Optimization
Replies: 7
Views: 653

Re: Router Optimization

/ip firewall filter add action=fasttrack-connection chain=forward connection-state=established,related dst-port=XXXX protocol=tcp comment="Cam port" Are you sure that your IP cameras use TCP? Almost all should use UDP for video transfer. You could check it by using packet snifer for a brief moment ...
by matuss
Sun Dec 09, 2018 2:23 pm
Forum: General
Topic: Allow only one country to access router [SOLVED]
Replies: 3
Views: 432

Re: Allow only one country to access router [SOLVED]

what is the order of your firewall rules? If this is the first rule (or anywhere before accept related, established in input chain), then for example when your router tries to connect to mikrotik update server in Latvia, the server reply would be blocked by this rule. So make sure, you have correct ...
by matuss
Wed Nov 28, 2018 2:28 pm
Forum: General
Topic: HEX S settings on WAN
Replies: 5
Views: 327

Re: HEX S settings on WAN

On WAN interface, you must set an address from same subnet as LHGs and set up correct gateway (to be able to use internet). If DHCP is used on WAN side, just enable DHCP client for ether1 interface. If not, set up address manually - for example 192.168.88.4 should work (if not used by some other dev...
by matuss
Tue Nov 20, 2018 4:26 pm
Forum: The Dude
Topic: Newbie Dude installation
Replies: 4
Views: 882

Re: Newbie Dude installation

I'm not sure if cAP ac was designed to run Dude. However, I'm positive that hEX S was designed and will run it. (microSD card can be used to store dude data). x86 image is package meant to be installed within Mikrotik CHR (https://wiki.mikrotik.com/wiki/Manual:CHR), that is virtual machine with Rout...
by matuss
Tue Nov 13, 2018 4:50 pm
Forum: Wireless Networking
Topic: Routers not accepting USers to connect [SOLVED]
Replies: 3
Views: 332

Re: Routers not accepting USers to connect [SOLVED]

Your DHCP server is running most probably and giving out addresses.
Disable it.
by matuss
Tue Oct 23, 2018 4:16 pm
Forum: Beginner Basics
Topic: Can't forward a telnet port of a device
Replies: 2
Views: 330

Re: Can't forward a telnet port of a device

i also tried to accept all forwarding from the dst-port xxxx but still doesn't work. You dont have to accept all forwards from/to the dst-port. Better way is to enable all forwards with connection nat state dstnat - add new rule with following parameters: chain=forward, connection state=new, connec...
by matuss
Thu Oct 18, 2018 11:14 pm
Forum: Announcements
Topic: v6.43.4 [stable] is released!
Replies: 78
Views: 20553

Re: v6.43.4 [stable] is released!

updated Hex S from 6.43.2 and cAP ac from 6.43 including firmware and everything seems to be working.
by matuss
Thu Oct 18, 2018 9:47 pm
Forum: Wireless Networking
Topic: Wireless router in every hotel room
Replies: 28
Views: 2437

Re: Wireless router in every hotel room

will 1 cAP be detected in the nearby rooms (in case of we buy half of them first)? As said in previous posts, I currently have 2 RB2011 and 1 RB3011. Is a 2011 capable of handling 58 APs + Phones with VLANs without problem (except a user trying to make some) ? I have cAP ac at home in wooden closet...
by matuss
Thu Oct 18, 2018 2:40 pm
Forum: Wireless Networking
Topic: CAPsMAN - Problem through rename from virtual wireless interfaces [SOLVED]
Replies: 3
Views: 330

Re: CAPsMAN - Problem through rename from virtual wireless interfaces [SOLVED]

Hi, change action in radio provisioning from "create dynamic enabled" to "create enabled". This way it will not change the interface name when you provision cap and you can also rename them to whatever you like. (see https://wiki.mikrotik.com/wiki/Manual:CAPsMAN#Radio_Provisioning - dynamic in here ...
by matuss
Wed Oct 17, 2018 11:31 am
Forum: General
Topic: Network for children with limited Internet connection time
Replies: 9
Views: 611

Re: Network for children with limited Internet connection time

This is done with address list. Takes 5-10 Minutes to check out the IP of the web servers. And I am lucky no change of IP address on those services for 6 months and it runs rather well. You don't have to check IP addresses of given sites - you can use DNS name in in address lists - see https://wiki...
by matuss
Tue Oct 16, 2018 4:00 pm
Forum: General
Topic: Network for children with limited Internet connection time
Replies: 9
Views: 611

Re: Network for children with limited Internet connection time

If your children are conecting via wifi only (not cable connection), then the same can be achieved without the need for separate network.
You can use wireless access list, see https://wiki.mikrotik.com/wiki/Manual:I ... ccess_List
by matuss
Tue Oct 16, 2018 11:58 am
Forum: Announcements
Topic: Winbox v3.18 released!
Replies: 49
Views: 45836

Re: Winbox v3.18 released!

Can anyone log to an older version of Mikrotik, through WinBox 3.18 ?
I just logged to 6.42.6 via Winbox 3.18.
by matuss
Fri Sep 21, 2018 5:25 pm
Forum: RouterBOARD hardware
Topic: RB4011
Replies: 354
Views: 58204

Re: RB4011

I'm starting to think that the only reason for RB4011 to have that SFP+ is that MT can claim it offers "1733 Mbps data rate" (see top most banner on all forum pages). One could hardly claim that if all wired ports were 1Gbps. That is related to wifi performance as it has 4 chains for 5GHz radio. Fr...
by matuss
Thu Sep 20, 2018 10:57 pm
Forum: Beginner Basics
Topic: hap lite works fine but not reachable from LAN
Replies: 9
Views: 596

Re: hap lite works fine but not reachable from LAN

I would expect an IP conflict - when your router assigne the same ip to a device as you assigned to your hAP Lite.

Try to connect to it via winbox by MAC address (you can find MAC address on a sticker somewhere on you hAP Lite).