Community discussions

MikroTik App

Search found 35 matches

by ilkogd
Mon Nov 09, 2020 2:57 pm
Forum: General
Topic: iOS14 "Use Private Address" Random MAC (Default) and Time Restrictions
Replies: 25
Views: 1415

Re: iOS14 "Use Private Address" Random MAC (Default) and Time Restrictions

One way to solve this problem is to use Static-only for the DHCP server. In this case, if users change their MAC address they will not be able to obtain an IP address. This will force them to disable the option in iOS settings. Also this will not work for all users, because some of them will set the...
by ilkogd
Tue Oct 13, 2020 10:53 pm
Forum: General
Topic: What is the right way to do port forward with multiple WANs and LANs
Replies: 32
Views: 1361

Re: What is the right way to do port forward with multiple WANs and LANs

I reorder my rules, so now established and related connections rule is on top for the input chain. I always make this only for the forward chain, because heavy traffic is there, but it is O.K. for input too. For some reason, my rule with drop and !winbox IPs list still doesn't work. My mistake is th...
by ilkogd
Tue Oct 13, 2020 3:56 pm
Forum: General
Topic: What is the right way to do port forward with multiple WANs and LANs
Replies: 32
Views: 1361

Re: What is the right way to do port forward with multiple WANs and LANs

I never use the default config. Everything is done from scratch after the full reset of the device. Now in input chain firewall I have: add action=drop chain=input comment="Drop invalid connections in input chain" connection-state=invalid add action=accept chain=input comment="Allow I...
by ilkogd
Tue Oct 13, 2020 3:34 pm
Forum: General
Topic: What is the right way to do port forward with multiple WANs and LANs
Replies: 32
Views: 1361

Re: What is the right way to do port forward with multiple WANs and LANs

anav, yes I use also a VPN for management, but for that location, I need also direct WinBox access.
by ilkogd
Tue Oct 13, 2020 9:54 am
Forum: General
Topic: What is the right way to do port forward with multiple WANs and LANs
Replies: 32
Views: 1361

Re: What is the right way to do port forward with multiple WANs and LANs

One more question. I want to secure WinBox access to the router. WinBox access should be available only from one of the LANs and from one remote location public IP. I decided to create two rules. The first rule allows access to WinBox port from the address list named "winbox" and the secon...
by ilkogd
Sun Oct 11, 2020 7:06 pm
Forum: General
Topic: What is the right way to do port forward with multiple WANs and LANs
Replies: 32
Views: 1361

Re: What is the right way to do port forward with multiple WANs and LANs

I add these two route rules and for now, I will leave in route rules also this with source IPs of WANs. What I think, if you force some LAN network to use as primary WAN one of your Internet connections ("lookup only in table") with help of /ip route rule, you need to add rules for other n...
by ilkogd
Sun Oct 11, 2020 4:53 pm
Forum: General
Topic: What is the right way to do port forward with multiple WANs and LANs
Replies: 32
Views: 1361

Re: What is the right way to do port forward with multiple WANs and LANs

Sob, I don't understand the last one. Because I don't have "table=CSW_interface" and "table=GoceNet_interface", did you mean that I should have a routing rule, which said: for every packet with routing mark "x" use table "x" and for every packet with routing m...
by ilkogd
Sun Oct 11, 2020 3:40 pm
Forum: General
Topic: What is the right way to do port forward with multiple WANs and LANs
Replies: 32
Views: 1361

Re: What is the right way to do port forward with multiple WANs and LANs

Yes, there is no perfect solution for all cases, I fully agree. I want to create a more universal one. I understand you for interfaces, so instead of "in-interface" I create an interface list and use "in-interface-list" in mark-routing rules. For now, I add two LAN networks inter...
by ilkogd
Sun Oct 11, 2020 12:33 pm
Forum: General
Topic: What is the right way to do port forward with multiple WANs and LANs
Replies: 32
Views: 1361

Re: What is the right way to do port forward with multiple WANs and LANs

I want my configuration to be not only working but also working right and aesthetic. So if I understand: 1. I mark incoming connections for two WANs. There is no need for passthrough because after marking them, mangle is left and this mark stays on packets while they exist? 2. For every packet which...
by ilkogd
Sun Oct 11, 2020 9:17 am
Forum: General
Topic: What is the right way to do port forward with multiple WANs and LANs
Replies: 32
Views: 1361

Re: What is the right way to do port forward with multiple WANs and LANs

I understand now. So I will leave rules with source IP addresses of WANs - the router will use them for example to respond pings to WANs IPs, or they are useless? But I will need also to add: add action=mark-connection chain=prerouting comment="Mark incoming CSW connections" connection-mar...
by ilkogd
Sun Oct 11, 2020 1:32 am
Forum: General
Topic: What is the right way to do port forward with multiple WANs and LANs
Replies: 32
Views: 1361

Re: What is the right way to do port forward with multiple WANs and LANs

For such a simple thing, can it be done with IP->Route->Rules. There is not a lot of documentation about Route rules, but I use them. I think when the packet arrives at the WAN interface, the destination IP address of this packet is the WAN public IP address. In my case, both IP addresses of two WAN...
by ilkogd
Sat Oct 10, 2020 10:38 pm
Forum: General
Topic: What is the right way to do port forward with multiple WANs and LANs
Replies: 32
Views: 1361

Re: What is the right way to do port forward with multiple WANs and LANs

Sob if I understand I should do in prerouting chain: 1. Mark connection with some mark based on incoming interface. Passtrought. 2. Mark packet with some mark for all connection marks from 1 Passtrough 3. Mark routing for all packets with mark from 2. NO Passtrough 4. Add route in main routing table...
by ilkogd
Sat Oct 10, 2020 9:56 pm
Forum: General
Topic: What is the right way to do port forward with multiple WANs and LANs
Replies: 32
Views: 1361

Re: What is the right way to do port forward with multiple WANs and LANs

I don't understand, why for outgoing packets? As I understand for all packets coming IN interface, first mark connection (Passtrought) and second mark routing. This at the prerouting chain. After that router should know that replays to these packets should go OUT from 0.0.0.0/0 rule with correspondi...
by ilkogd
Sat Oct 10, 2020 9:20 pm
Forum: General
Topic: What is the right way to do port forward with multiple WANs and LANs
Replies: 32
Views: 1361

Re: What is the right way to do port forward with multiple WANs and LANs

Strange for me, but it works in one and another case. ISP-1 is primary for the server or not. Just to be sure everything will work always can I do: (1) in mangle for in-interface (ISP-1 interface) mark directly with some routing mark, not with connection mark first then packet mark, and finally with...
by ilkogd
Sat Oct 10, 2020 9:01 pm
Forum: General
Topic: What is the right way to do port forward with multiple WANs and LANs
Replies: 32
Views: 1361

Re: What is the right way to do port forward with multiple WANs and LANs

In my case, LAN-1 use primary ISP-1, but with second default rule in its routing table for ISP-2. The second rule is with a higher distance so it is only used when first is disabled with netwatch.
by ilkogd
Sat Oct 10, 2020 8:32 pm
Forum: General
Topic: What is the right way to do port forward with multiple WANs and LANs
Replies: 32
Views: 1361

What is the right way to do port forward with multiple WANs and LANs

Hello, Recently I start using two ISPs at home. What I do is to create two default routes, but with different distances, so when one ISP is down, another one is active. Because I have two LAN networks, I create two routing tables, so the first LAN uses mainly ISP-1 and the second LAN uses mainly ISP...
by ilkogd
Fri Oct 02, 2020 11:03 am
Forum: General
Topic: RB4011 and RB1100 AHx4 "bricks" randomly
Replies: 198
Views: 39633

Re: RB4011 and RB1100 AHx4 "bricks" randomly

Hello, I'm planning to change the FreeBSD server working as a gateway, firewall, and VPN for a small company with RB4011 or RB1100. Reading this topic for months I'm wondering is this a good choice, because in these days it is very important for network infrastructure to be rock solid. So my questio...
by ilkogd
Mon Aug 10, 2020 11:00 am
Forum: General
Topic: "Management access configuration" from wiki with VLANs [SOLVED]
Replies: 3
Views: 1425

Re: "Management access configuration" from wiki with VLANs [SOLVED]

If you want to use CRS only as a managed switch with only one management VLAN: 1. Create single bridge 2. Add all ports in that bridge 3. For every port in the bridge configuration set PVID and type of filtering: - admit all - for hybrid ports - admit only VLAN tagged - for trunks - admin untagged -...
by ilkogd
Wed Mar 18, 2020 10:23 am
Forum: RouterBOARD hardware
Topic: CSS326-24G-2S+ & active cooling
Replies: 11
Views: 7531

Re: CSS326-24G-2S+ & active cooling

My experience with CRS326-24G-2S running RouterOS - I buy first unit 6 months ago and start using it actively from the first date. The temperature reported in System Health was always above 70 degrees. Most of the time between 73 and 76 degrees. I use the switch ONLY for L2 so the CPU don't handle a...
by ilkogd
Wed Aug 07, 2019 4:39 pm
Forum: RouterBOARD hardware
Topic: Minimum fibre length between S-3553LC20D
Replies: 10
Views: 2689

Re: Minimum fibre length between S-3553LC20D

I understand. One last question - in the schemes attenuators should be on receiver. In my case sender and receiver is the same (only one fiber between SFP modules). So I should put attenuators only on one of SFP modules or on both? Also should I keep them "in production" - the real fiber l...
by ilkogd
Wed Aug 07, 2019 2:39 pm
Forum: RouterBOARD hardware
Topic: Minimum fibre length between S-3553LC20D
Replies: 10
Views: 2689

Re: Minimum fibre length between S-3553LC20D

Thank you @skylark. What should be the value of attenuators?
by ilkogd
Wed Aug 07, 2019 1:59 pm
Forum: RouterBOARD hardware
Topic: Minimum fibre length between S-3553LC20D
Replies: 10
Views: 2689

Re: Minimum fibre length between S-3553LC20D

Maybe someone from MikroTik support should give us answer, this is important question. At the moment opinions are 50:50 and there is not full technical data on product page.
by ilkogd
Tue Aug 06, 2019 3:13 pm
Forum: RouterBOARD hardware
Topic: Minimum fibre length between S-3553LC20D
Replies: 10
Views: 2689

Minimum fibre length between S-3553LC20D

Hello. I'm plan to connect CRS326 and HEX-S with S-3553LC20D kit. Before put them "in production" I want to run them in lab with short LC patch cable, 1 meter or 2 meters to make all the configuration and tests. In this case is there any risks for SFP modules, can they be burned because th...
by ilkogd
Fri Jul 19, 2019 12:45 pm
Forum: General
Topic: Mikortik DHCP Option 43
Replies: 16
Views: 5316

Re: Mikortik DHCP Option 43

I understand, thanks sindy. My experience is only with UniFi APs.
by ilkogd
Fri Jul 19, 2019 11:54 am
Forum: General
Topic: Mikortik DHCP Option 43
Replies: 16
Views: 5316

Re: Mikortik DHCP Option 43

I use DHCP option 43 but for Ubiquiti UAPs. Your mistake is - IP address in option 43 should be in hex, for example 192.168.0.15 in hex is c0a8000f. Also for UAP you need to add 0104 in front of hex IP address, in my example the value for option 43 should be 0104c0a8000f
by ilkogd
Wed Jun 12, 2019 12:56 pm
Forum: General
Topic: Severe port flapping on CRS328-24P-4S+ and CRS317-1G-16S+
Replies: 199
Views: 43593

Re: Severe port flapping on CRS328-24P-4S+ and CRS317-1G-16S+

Hi, please open or write in a thread/section where your question is addressed. This thread is about a severe port flapping issue on CRS328 and CRS317 as the title reflects. Thanks, nh EDIT: corrected a typo of product names. I'm sorry if this is mistake. I posted here because CRS328 is the same as ...
by ilkogd
Wed Jun 12, 2019 11:02 am
Forum: General
Topic: Severe port flapping on CRS328-24P-4S+ and CRS317-1G-16S+
Replies: 199
Views: 43593

Re: Severe port flapping on CRS328-24P-4S+ and CRS317-1G-16S+

According to all posters here, the problem presents itself only in connection with CRS317 and 10G SFP+. So it will not happen to your setup. I think the same GuJack20. Do you have CRS326 in production? If you have, what is your opinion for the switch? Somebody else do you have CRS326 in production ...
by ilkogd
Wed Jun 12, 2019 10:20 am
Forum: General
Topic: Severe port flapping on CRS328-24P-4S+ and CRS317-1G-16S+
Replies: 199
Views: 43593

Re: Severe port flapping on CRS328-24P-4S+ and CRS317-1G-16S+

Hello. I need to buy two 24 port switches and I have to choose between CRS326 and second hand Cisco 2960G, the price is the same. If I take CRS326 it will be used with RouterOS for access switch. From what I read in forum, SwOS is not ready for "in production" setups and this is the reason...
by ilkogd
Sat Feb 09, 2019 5:33 pm
Forum: Useful user articles
Topic: Using RouterOS to VLAN your network
Replies: 153
Views: 100092

Re: Using RouterOS to VLAN your network

@anav First I think that the rule order should be opposite. NEW packets is the easiest way (for me) to tell the router which host can communicate with other and with Internet. For example you can tell that VLAN23 hosts can create NEW connections only when destination is VLAN56 and this hosts will ha...
by ilkogd
Wed Jan 09, 2019 5:39 pm
Forum: Wireless Networking
Topic: Hap ac2 TX power tables info missing
Replies: 8
Views: 4638

Re: Hap ac2 TX power tables info missing

I think everything else is working, only you can't see the values in current Tx.
by ilkogd
Wed Jan 09, 2019 4:53 pm
Forum: Wireless Networking
Topic: Hap ac2 TX power tables info missing
Replies: 8
Views: 4638

Re: Hap ac2 TX power tables info missing

Current-tx-power is not supported by the 802.11ac devices.
by ilkogd
Tue Jan 01, 2019 6:35 pm
Forum: Beginner Basics
Topic: Simple AP Bridge setup
Replies: 12
Views: 30200

Re: Simple AP Bridge setup

If you want to use Mikrotik Routerboard only as access point you should: 1. Reset the board with option No default configuration 2. Login with WinBox with MAC address 3. Create new bridge interface 4. Put in created bridge all of the Ethernet and wireless interfaces 5. Set IP address on bridge for m...
by ilkogd
Sun Dec 30, 2018 7:57 pm
Forum: Wireless Networking
Topic: How to increase wireless speed of hAP ac²?
Replies: 8
Views: 1828

Re: How to increase wireless speed of hAP ac²?

This is near maximum for n Standart, please make picture from registration tab too
I don't have screen shot from registration tab, but in time of the test laptop was rated as I said 300Mbps/300Mbps Tx/Rx and distance to the router was 1 meter.
by ilkogd
Sun Dec 30, 2018 10:37 am
Forum: Wireless Networking
Topic: How to increase wireless speed of hAP ac²?
Replies: 8
Views: 1828

Re: How to increase wireless speed of hAP ac²?

Just make some test with large file transfer. Laptop is Lenovo X220 with Intel Centrino Advanced N-6205 300Mbps adapter and another PC is connected with Ethernet cable. Channel width is 40MHz and adapter is rated 300Mpbs/300Mbps, no other station on 5GHz near me. The speed vary between 185Mbps and 2...
by ilkogd
Tue Dec 25, 2018 5:35 pm
Forum: Beginner Basics
Topic: HapAC2 as simple access point
Replies: 7
Views: 2872

Re: HapAC2 as simple access point

If you want to use hAP ac2 only as access point you should: 1. Reset the board with option No default configuration 2. Login with WinBox with MAC address 3. Create new bridge interface 4. Put in created bridge all of the Ethernet and wireless interfaces 5. Set IP address on bridge for management pur...