Community discussions

MikroTik App

Search found 42 matches

by wojo
Mon Oct 19, 2020 8:01 pm
Forum: Useful user articles
Topic: Bypassing AT&T Residential Gateways with MikroTik
Replies: 188
Views: 39054

Re: Bypassing AT&T Residential Gateways with MikroTik

UPDATE -- oops, my connection did a failover to LTE and I thought it was working. Something isn't right because it does authenticate with 802.1x but data packets are still not being processed, unless I filter them with a bridge... which then breaks 802.1x. Was hoping one of the two last bullets on m...
by wojo
Tue Sep 15, 2020 8:53 pm
Forum: General
Topic: RB4011 and RB1100 AHx4 "bricks" randomly
Replies: 156
Views: 31377

Re: RB4011 and RB1100 AHx4 "bricks" randomly

I just received a RB4011iGS+RM ... the extra sticker on the package said "RB4011iGS+RM - new" and under System - Routerboard, the dialoge states "Revision: r2". Be really interesting to see some internal pics. We could compare with rev1 and see what any visible differences could be. I would like to...
by wojo
Tue Sep 15, 2020 6:03 pm
Forum: General
Topic: RB4011 and RB1100 AHx4 "bricks" randomly
Replies: 156
Views: 31377

Re: RB4011 and RB1100 AHx4 "bricks" randomly

I just received a RB4011iGS+RM ... the extra sticker on the package said "RB4011iGS+RM - new" and under System - Routerboard, the dialoge states "Revision: r2". Shipped with Firmware revision "6.45.9 stable" ...will monitor closely and report how this thing will perform its duties. Be really intere...
by wojo
Sat Aug 01, 2020 6:08 am
Forum: Useful user articles
Topic: Bypassing AT&T Residential Gateways with MikroTik
Replies: 188
Views: 39054

Re: Bypassing AT&T Residential Gateways with MikroTik

I can no longer recommend the RB4011 as I've been getting the issue described here with it hitting 100% CPU, freezing up, etc. I'm at very low load (residendial), but still happens what seems like once a month now. Going back to the CCR1009 that I didn't sell, yet, along with the switch. More at htt...
by wojo
Fri Jul 31, 2020 3:48 pm
Forum: General
Topic: RB4011 and RB1100 AHx4 "bricks" randomly
Replies: 156
Views: 31377

Re: RB4011 and RB1100 AHx4 "bricks" randomly

Well, it happened again for me on my RB4011iGS+. Woke up to a nearly frozen router, been at 100% dropping nearly all traffic and pings since 2am. Had to unplug to get it back up and running.

About to call it quits on the RB4011.
by wojo
Thu May 14, 2020 1:13 am
Forum: Useful user articles
Topic: Bypassing AT&T Residential Gateways with MikroTik
Replies: 188
Views: 39054

Re: Bypassing AT&T Residential Gateways with MikroTik

Its not so much a fix, as it is additional functionality we want. OK, what is the process for getting that to the right people at MT? Contact support and refer back to this thread? I think email is probably the best method. If we pool efforts with a clear description of what we need and get request...
by wojo
Wed May 13, 2020 9:23 pm
Forum: Useful user articles
Topic: Bypassing AT&T Residential Gateways with MikroTik
Replies: 188
Views: 39054

Re: Bypassing AT&T Residential Gateways with MikroTik

The hEX RB750Gr3 has truly impressed me, when paired with $49 Tp-Link in front and my Aruba 2930f switch for LAN, it's getting over 900/900 with fast-tracking on and less than 50% cpu usage: It's quite good! In fact, selling my CCR1009 and keeping the RB4011 as my primary, and the hEX RB750Gr3 as m...
by wojo
Mon May 11, 2020 3:26 am
Forum: Useful user articles
Topic: Bypassing AT&T Residential Gateways with MikroTik
Replies: 188
Views: 39054

Re: Bypassing AT&T Residential Gateways with MikroTik

I'd assume a script that checks for 802.1x status connecting or authenticating or rejected would then turn off bridge_wan, then when it says authenticated, turn back on bridge_wan. That should get it surviving reboots and working even if ONT loses connection for a few minutes that way we don't have...
by wojo
Fri May 08, 2020 10:32 pm
Forum: Useful user articles
Topic: Bypassing AT&T Residential Gateways with MikroTik
Replies: 188
Views: 39054

Re: Bypassing AT&T Residential Gateways with MikroTik

Is there a reason for them to even tag vlan 0 other than to be annoying?

... I think annoying us may be the reason ;)
by wojo
Fri May 08, 2020 9:49 pm
Forum: Useful user articles
Topic: Bypassing AT&T Residential Gateways with MikroTik
Replies: 188
Views: 39054

Re: Bypassing AT&T Residential Gateways with MikroTik

Ask wojo Phew, this is digging back. I did two things with my CCR: 1) script to change the VLAN filtering mode to automate, with just the CCR, the ability to both authenticate and pass trafficj: https://forum.mikrotik.com/viewtopic.php?f=23&t=154954&sid=35ff16c62c0a60ac123ed9f844c0892f#p766284 2) u...
by wojo
Fri May 08, 2020 9:05 pm
Forum: Useful user articles
Topic: Bypassing AT&T Residential Gateways with MikroTik
Replies: 188
Views: 39054

Re: Bypassing AT&T Residential Gateways with MikroTik

... for CCRs, what model switches have people been using in front it to take care of the vlan 0 tagging? Ask wojo Phew, this is digging back. I did two things with my CCR: 1) script to change the VLAN filtering mode to automate, with just the CCR, the ability to both authenticate and pass trafficj:...
by wojo
Fri May 08, 2020 7:40 pm
Forum: Useful user articles
Topic: Bypassing AT&T Residential Gateways with MikroTik
Replies: 188
Views: 39054

Re: Bypassing AT&T Residential Gateways with MikroTik

... for CCRs, what model switches have people been using in front it to take care of the vlan 0 tagging? Ask wojo Phew, this is digging back. I did two things with my CCR: 1) script to change the VLAN filtering mode to automate, with just the CCR, the ability to both authenticate and pass trafficj:...
by wojo
Wed Apr 29, 2020 7:15 am
Forum: General
Topic: RB4011 and RB1100 AHx4 "bricks" randomly
Replies: 156
Views: 31377

Re: RB4011 and RB1100 AHx4 "bricks" randomly

This concerns me but running a RB4011iGS+ right now at stock frequency with no issue for months under Gigabit load. Will be watching this thread for updates.
by wojo
Sat Jan 04, 2020 7:10 am
Forum: Useful user articles
Topic: Bypassing AT&T Residential Gateways with MikroTik
Replies: 188
Views: 39054

Re: Bypassing AT&T Residential Gateways with MikroTik

I also picked up a 4011 with a good deal so I'm going to be switching (get it?!) as well. The CCR1009 is really overkill for the home anyway and this lets me either not have those scripts or the external switch I use not to strip the tags. Set up the RB4011 today and all is going smooth, no longer ...
by wojo
Mon Dec 30, 2019 4:03 am
Forum: Useful user articles
Topic: Bypassing AT&T Residential Gateways with MikroTik
Replies: 188
Views: 39054

Re: Bypassing AT&T Residential Gateways with MikroTik

i have tested that with no better results. :( Well, sorry to hear that. We need RouterOS to have better support for 802.1p tags is what this is coming down to. I agree, it seems to be the issue I'm facing as well. I was hoping to get wojo's config and give it a try, but I may have to return my ccr ...
by wojo
Wed Dec 25, 2019 2:17 pm
Forum: Useful user articles
Topic: Bypassing AT&T Residential Gateways with MikroTik
Replies: 188
Views: 39054

Re: Bypassing AT&T Residential Gateways with MikroTik

Hi, New mikrotik user with CCR1009-7G-1C-1S+PC running 6.46.1. I am having the same issue as jack2020 with my device. I have followed the excellent writeups here to the letter, but my tik does not respond to the eapol start message coming from the ONT. If anyone has any other ideas, please let me k...
by wojo
Tue Dec 24, 2019 3:31 am
Forum: Useful user articles
Topic: Bypassing AT&T Residential Gateways with MikroTik
Replies: 188
Views: 39054

Re: Bypassing AT&T Residential Gateways with MikroTik

... - When I tried without the Bridge I use only one interface and override the MAC. When I tried with the bridge I left the interface with the original MAC. ... Nothing different than the suggested ones. I also reset the configuration without "Default config". /interface ethernet set [find name=co...
by wojo
Mon Dec 23, 2019 7:07 pm
Forum: Useful user articles
Topic: Bypassing AT&T Residential Gateways with MikroTik
Replies: 188
Views: 39054

Re: Bypassing AT&T Residential Gateways with MikroTik

Here is my configuration with my modification. This one is without the WAN Bridge, the first screenshot was with the WAN Bridge. I removed the real MAC address for this post. Hmm, the EPOL process is failing for sure. You get the identity request, but the tik doesn't even try to respond. Could you ...
by wojo
Sun Dec 22, 2019 10:01 pm
Forum: Useful user articles
Topic: Bypassing AT&T Residential Gateways with MikroTik
Replies: 188
Views: 39054

Re: Bypassing AT&T Residential Gateways with MikroTik

Update : see your post about the switch config, yeah that's exactly what I'm thinking. Here's my post I was just about to hit Submit on: OK, my theory seems like it could be correct. I added DSCP into my Wireshark columns, and it shows CS6 level for all packets coming from the ONT. To test this, I ...
by wojo
Sun Dec 22, 2019 7:29 pm
Forum: Useful user articles
Topic: Bypassing AT&T Residential Gateways with MikroTik
Replies: 188
Views: 39054

Re: Bypassing AT&T Residential Gateways with MikroTik

Here's my capture. This is on my ether3-ont interface with no bridge. As you can see it goes through EPOL successfully and then when I broadcast for DHCP I get an offer back on VLAN 0. The only way I've been able to process those incoming packets (incl. all subsequent IP packets) is to place that in...
by wojo
Sun Dec 22, 2019 8:21 am
Forum: Useful user articles
Topic: Bypassing AT&T Residential Gateways with MikroTik
Replies: 188
Views: 39054

Re: Bypassing AT&T Residential Gateways with MikroTik

I have the Alcatel-Lucent G-010G-A. I'll try to get a capture later. Won't be today.
Same model here.
by wojo
Sun Dec 22, 2019 8:13 am
Forum: Useful user articles
Topic: Bypassing AT&T Residential Gateways with MikroTik
Replies: 188
Views: 39054

Re: Bypassing AT&T Residential Gateways with MikroTik

Yes, and it works! I'll will update the article now. Basically, follow the article, but set the clock, under System / Clock to be the correct time and date. Then reboot. Thereafter, you can unplug the cable, release/renew IP, turn off the interface, whatever, and it will re-auth correctly. My time ...
by wojo
Sun Dec 22, 2019 7:46 am
Forum: Useful user articles
Topic: Bypassing AT&T Residential Gateways with MikroTik
Replies: 188
Views: 39054

Re: Bypassing AT&T Residential Gateways with MikroTik

Well, after going around and around with this, I was finally able to get it to work with only using ether1 . The system time must be correct. Set that, then reboot. And with just the interface (no bridge), you can disconnect the ONT ethernet cable or disable that interface, bring it back and it'll ...
by wojo
Sun Dec 22, 2019 7:35 am
Forum: Useful user articles
Topic: Bypassing AT&T Residential Gateways with MikroTik
Replies: 188
Views: 39054

Re: Bypassing AT&T Residential Gateways with MikroTik

Okay, I think what may have happened is that I too had a bridge, then took it out of the bridge. After that, is stays working. Please try wojo scripts. I will keep looking until I find the answer. I got bit by the same thing when first starting as well, until I started throwing reboots and disconne...
by wojo
Sun Dec 22, 2019 4:33 am
Forum: Useful user articles
Topic: Bypassing AT&T Residential Gateways with MikroTik
Replies: 188
Views: 39054

Re: Bypassing AT&T Residential Gateways with MikroTik

Sadly with the new Mikrotik CCR1009 I'm still have the same message "Authenticaded without server" and no IP address. I also tried the script to verify the Dot1x status and no luck. Looking for any help. Thanks I think I've hit that when something was wrong with the certs or dot1x setup. Can you sh...
by wojo
Sun Dec 22, 2019 3:03 am
Forum: General
Topic: Anybody ues AT&T Gigabit Fiber with Mikrotik RouterOS?
Replies: 89
Views: 17009

Re: Anybody ues AT&T Gigabit Fiber with Mikrotik RouterOS?

With the momentum from pcunite, I did post my setup to his new cleaner thread: viewtopic.php?f=23&t=154954&p=766284#p766284

tl;dr is that I still have the VLAN 0 problem, but it is mitigated by a script I wrote to manage the bridge interface based on dot1x status.
by wojo
Sun Dec 22, 2019 2:59 am
Forum: General
Topic: 802.1x / dot1x client not working when interface is on a bridge
Replies: 11
Views: 3076

Re: 802.1x / dot1x client not working when interface is on a bridge

I'm still unable to have any IP traffic pass due to the VLAN 0 tagging. Nothing has changed for me, must be a configuration that is regional or something. I've placed my configuration and script into this new thread which is a little cleaner and focused: https://forum.mikrotik.com/viewtopic.php?f=23...
by wojo
Sun Dec 22, 2019 2:59 am
Forum: Useful user articles
Topic: Bypassing AT&T Residential Gateways with MikroTik
Replies: 188
Views: 39054

Re: Bypassing AT&T Residential Gateways with MikroTik

I'm still unable to have any IP traffic pass due to the VLAN 0 tagging. Nothing has changed for me, must be a configuration that is regional or something. That said, since I was able to get it working in two phases, this time I automated it. The idea is to have a script monitor things and automatica...
by wojo
Fri Dec 20, 2019 4:50 am
Forum: General
Topic: 802.1x / dot1x client not working when interface is on a bridge
Replies: 11
Views: 3076

Re: 802.1x / dot1x client not working when interface is on a bridge

@wojo I'm able to use ether1 and get Dot1x Cert status authenticated . Also DHCP client on ether1 pulled an IP, all without putting ether1 on a bridge. Everything seems to be working fine. Using firmware 6.46.1 on an RB4011. Can you update this thread with your success? I'll test this, may not be a...
by wojo
Mon Sep 16, 2019 4:57 am
Forum: General
Topic: Anybody ues AT&T Gigabit Fiber with Mikrotik RouterOS?
Replies: 89
Views: 17009

Re: Anybody ues AT&T Gigabit Fiber with Mikrotik RouterOS?

I'm able to do the certification based authentication but not that survives a reboot or re-auth, will try to work with MikroTik on this. Does that mean you successfully do auth through RB and have the certs installed on the RB? Seems the dot1x is what we need, just haven't tried it yet. I have cert...
by wojo
Sun Sep 15, 2019 1:16 am
Forum: General
Topic: Anybody ues AT&T Gigabit Fiber with Mikrotik RouterOS?
Replies: 89
Views: 17009

Re: Anybody ues AT&T Gigabit Fiber with Mikrotik RouterOS?

I'm able to do the certification based authentication but not that survives a reboot or re-auth, will try to work with MikroTik on this.
by wojo
Fri Aug 16, 2019 4:19 pm
Forum: General
Topic: Anybody ues AT&T Gigabit Fiber with Mikrotik RouterOS?
Replies: 89
Views: 17009

Re: Anybody ues AT&T Gigabit Fiber with Mikrotik RouterOS?

That's a good tip to get a the better router for sure.

I'm still working on the solution for Mikrotik, just need to get back to it have a lot of other things that popped up.
by wojo
Thu Aug 01, 2019 8:29 pm
Forum: General
Topic: Anybody ues AT&T Gigabit Fiber with Mikrotik RouterOS?
Replies: 89
Views: 17009

Re: Anybody ues AT&T Gigabit Fiber with Mikrotik RouterOS?

@wojo - I saw your other post earlier and figured out that you made some progress THANK YOU! Did you also file a ticket with support?
I didn't, thought it wasn't provided to the built in license types after 30 days. I'll give it a shot though.
by wojo
Thu Aug 01, 2019 8:27 pm
Forum: General
Topic: 802.1x / dot1x client not working when interface is on a bridge
Replies: 11
Views: 3076

Re: 802.1x / dot1x client not working when interface is on a bridge

Question - what protocol-mode have you set on the bridge? One of the STP flavors or none ? I've tried both both also thinking it could be the restrictions around 802.1D. I also spent way too much time tinkering with all the settings I could think of in the dark for weird interactions/bugs but could...
by wojo
Thu Aug 01, 2019 1:57 am
Forum: General
Topic: Anybody ues AT&T Gigabit Fiber with Mikrotik RouterOS?
Replies: 89
Views: 17009

Re: Anybody ues AT&T Gigabit Fiber with Mikrotik RouterOS?

I'm able to authenticate with the ONT using the dot1x 802.11x support on my CCR1009, just took disabling CRL, setting both the identity and anonymous identity to the MAC on the certs and then importing the entire cert chain. Probably can enable the CRL if the supplemental certs are there, not sure. ...
by wojo
Wed Jul 31, 2019 11:14 pm
Forum: General
Topic: 802.1x / dot1x client not working when interface is on a bridge
Replies: 11
Views: 3076

802.1x / dot1x client not working when interface is on a bridge

I'm able to successfully authenticate with a 802.1x server using RouterOS on a bare interface, but once that interface is a part of a bridge (with default settings) I cannot successfully complete the EAPOL process. It seems to never get to the TLSv1 packet exchange, but I do see the identity request...
by wojo
Tue Jan 01, 2019 8:01 pm
Forum: General
Topic: RouterOS 6.34.4 cannot import ed25519 ssh public keys.
Replies: 2
Views: 1119

Re: RouterOS 6.34.4 cannot import ed25519 ssh public keys.

This is quite annoying, keeping an RSA key around literally just for my Mikrotiks now.
by wojo
Mon Dec 31, 2018 7:36 am
Forum: General
Topic: DNS forward based on domain name
Replies: 29
Views: 8568

Re: DNS forward based on domain name

I would love this, please add this MT!
by wojo
Mon Dec 24, 2018 6:58 am
Forum: Scripting
Topic: Action Timed Out only on startup, not subsequent runs of script
Replies: 4
Views: 1740

Re: Action Timed Out only on startup, not subsequent runs of script

I thought that as well, but with a :delay 15 or so that covers that just fine.

The issue was truly the disk1 issue, if I store the file on the internal storage or after formatting, it worked fine. How odd!
by wojo
Mon Dec 24, 2018 5:29 am
Forum: Scripting
Topic: Action Timed Out only on startup, not subsequent runs of script
Replies: 4
Views: 1740

Re: Action Timed Out only on startup, not subsequent runs of script

Seems to be related to disk1, I formatted the disk as ext3 and it is fine now. Odd.
by wojo
Thu Sep 13, 2018 4:57 am
Forum: Announcements
Topic: v6.43 [current] is released!
Replies: 148
Views: 38650

Re: v6.43 [current] is released!

Found a LOG problem with an IPv6 DHCP-CLIENT . The log says there was an error adding the dynamic prefix pool, but it actually is created correctly. Cosmetic problem? dhcp,error failed to add ipv6 pool MYPOOL: ok ..... ....... Yes, I have a similar issue:with the current release 6.43 dhcp,error fai...
by wojo
Tue Aug 21, 2018 4:46 am
Forum: Scripting
Topic: Action Timed Out only on startup, not subsequent runs of script
Replies: 4
Views: 1740

Action Timed Out only on startup, not subsequent runs of script

I get a script error only when running a script during startup. When it runs on a scheduled run after, it is fine. The error is: script,error router atl: script error: action timed out - try again, if error continues contact MikroTik support and send a supout file (13) The script is as follows: :loc...