Community discussions

Search found 90 matches

  • 1
  • 2
by WeWiNet
Tue Jan 22, 2019 1:25 pm
Forum: General
Topic: export of pending undo / safe mode commands
Replies: 0
Views: 37

export of pending undo / safe mode commands

Safe mode is great to check if something immediately breaks your system (lock out protection). But often issues arise later one, and one would like to remove the changes made earlier (revert back) on the fly, without flashing an older backup file (service disruption). For this it would be create to ...
by WeWiNet
Sun Jan 20, 2019 1:39 pm
Forum: Wireless Networking
Topic: android devices chooses 2.4Ghz over 5Ghz on hAP ac^2
Replies: 13
Views: 480

Re: android devices chooses 2.4Ghz over 5Ghz on hAP ac^2

Indeed no air time fairness or band steering nor even roaming in ROS, so you need to do it by yourself with basic method via access list: Use 2 access list entries for forcing phone to 5G and if that signal is too low (=bad) , allow 2.4G access! Set signal strength to access 5Ghz network to somethin...
by WeWiNet
Sun Jan 20, 2019 1:15 pm
Forum: General
Topic: Mikrotik's demo system demo.mt.lv firewall Virus rules, worth using???
Replies: 7
Views: 515

Re: Mikrotik's demo system demo.mt.lv firewall Virus rules, worth using???

Thanks all for your feedback and input. I was hoping to get some feedback from Mikrotik on how useful THEY think those rules are (as they don't publish rubbish normally, I would suppose those FW rules are done on purpose and not just for fun and maybe they have them run on some real world servers?)....
by WeWiNet
Mon Jan 14, 2019 1:39 pm
Forum: Wireless Networking
Topic: Hap ac2 TX power tables info missing
Replies: 7
Views: 440

Re: Hap ac2 TX power tables info missing

The Wireless 2.4G interface does not do 11ac, only the 5G, so the values should be there for 2.4G! In addition you can adjust country and regulatory domain, antenna gain!!! Which means output power values will change! Why can you not see what is applied finally in the device and why can you not lowe...
by WeWiNet
Mon Jan 14, 2019 1:23 pm
Forum: Beginner Basics
Topic: Forcing single URL to use specific WAN
Replies: 9
Views: 285

Re: Forcing single URL to use specific WAN

With HTTPS you can not mark URL anymore easily with filter rule matching URL text. Even the TLS filter does not work reliably.
If you use such a key word to look for and mark connection I am pretty sure that is reason it does not work.
by WeWiNet
Fri Jan 11, 2019 10:51 am
Forum: General
Topic: Mikrotik's demo system demo.mt.lv firewall Virus rules, worth using???
Replies: 7
Views: 515

Mikrotik's demo system demo.mt.lv firewall Virus rules, worth using???

Hi, On Mikrotiks hosted RouterOS demo system (using demo.mt.lv as target in Winbox), under Firewall there are a long list of "Virus" firewall entries which seems quit interesting, if they do work in real life (see below). Now in this demo system they don't get hit by any traffic, so I wonder if it w...
by WeWiNet
Mon Jan 07, 2019 3:08 pm
Forum: Wireless Networking
Topic: Hap ac2 TX power tables info missing
Replies: 7
Views: 440

Hap ac2 TX power tables info missing

Hi there, On all my hap ac2 it's impossible to see TX power settings in WinBox It always shows "0" dBm in 2.4GHz and nothing in 5G. This is across the 3 units I have here. In other products (MIPS based etc.) that info is always available. [attachment=1]Tx-Power_issueV2.jpg[/attachment] In addition i...
by WeWiNet
Tue Jan 01, 2019 8:44 pm
Forum: Beginner Basics
Topic: New Setup: HAP AC or HAP AC2, plus CAP AC
Replies: 4
Views: 252

Re: New Setup: HAP AC or HAP AC2, plus CAP AC

Hap ac2 is good device and can handle lot of traffic/firewall rules etc.
But if you want high speed + more switch ports etc. why not go directly RB4011 with Wifi 4x4 on 5GHz.
If you are looking for SOHO/SMB kind of high speed/system extensions, the RB4011 will be very good option.
by WeWiNet
Tue Jan 01, 2019 8:33 pm
Forum: Beginner Basics
Topic: Simple AP Bridge setup
Replies: 3
Views: 296

Re: Simple AP Bridge setup

You can use Quickset mode:
use the "AP" quickset and on the right side, select to not use "Router" mode but "bridge".
by WeWiNet
Fri Dec 21, 2018 1:56 pm
Forum: RouterOS v6 RC and v7 BETA
Topic: Feature requests
Replies: 1007
Views: 169148

Re: Feature requests

Pe1chl Also a green/yellow/red color field within WINBOX to indicate if you are still connected to the router (green - connected, yellow - don't know, red-disconnected) That isn't required because when you have no link, you will be disconnected (far to) quickly and lose the open window (reverts to c...
by WeWiNet
Thu Dec 20, 2018 5:30 pm
Forum: Beginner Basics
Topic: Watchdog timer
Replies: 9
Views: 482

Re: Watchdog timer

Why are you not using Reboot function (proper shutdown) instead of watchdog. Watchdog pulls the power of a device, and will never do a clean shutdown! Watchdog must work even if all is stuck or blocked, unresponsive, overruning, heating etc. So its a HW power cut of the most primitive (= reliable) w...
by WeWiNet
Fri Dec 14, 2018 7:19 pm
Forum: Announcements
Topic: Product comparison matrix
Replies: 28
Views: 1985

Re: Product comparison matrix

I think number of PCIe interface would be good as well.
by WeWiNet
Fri Dec 14, 2018 5:50 pm
Forum: Announcements
Topic: Future of LTE products, user feedback requested
Replies: 58
Views: 11294

Re: Future of LTE products, user feedback requested

+1
for Quectel EP06 modem support on the Mikrotik LTE products (US and International)!!!
by WeWiNet
Wed Dec 12, 2018 7:32 pm
Forum: General
Topic: hAp ac^2: inferior LAN-to-LAN performance when HW offloading is used
Replies: 5
Views: 318

Re: hAp ac^2: inferior LAN-to-LAN performance when HW offloading is used

100M, that is what I thought :-)

Can you check with the ETH port going to the PC (stream source) set to 100M capability only (not 1G) and HW offload on again?
Would be interesting to see what that does to it.
by WeWiNet
Wed Dec 12, 2018 6:42 pm
Forum: Beginner Basics
Topic: Access control inside and outside of the NAT
Replies: 6
Views: 295

Re: Access control inside and outside of the NAT

I am a bit lost what you want to achieve from a topology point of view. Your block rule does work (the counter increases). Now what you want is actually to accept that but only on the correct times you want this to work (correct?). Basically you do not allow and then block at specific times, you do ...
by WeWiNet
Wed Dec 12, 2018 6:12 pm
Forum: RouterOS v6 RC and v7 BETA
Topic: Feature requests
Replies: 1007
Views: 169148

Re: Feature requests

pe1chl +1,
that would be awesome. hate to fiddle around the various windows...

Also a green/yellow/red color field within WINBOX to indicate if you are still connected to the router (green - connected, yellow - don't know, red-disconnected)
by WeWiNet
Wed Dec 12, 2018 1:29 pm
Forum: Beginner Basics
Topic: Access control inside and outside of the NAT
Replies: 6
Views: 295

Re: Access control inside and outside of the NAT

Yes with IP->firewall rules that allow access only at specific times. You define what you allow (LAN-LAN) or LAN-WAN etc. (via input and output interface or IP range or list etc.). In the rules extra tab (if I recall) select the times you want this rule to apply. If you want to restrict those rules ...
by WeWiNet
Wed Dec 12, 2018 1:22 pm
Forum: General
Topic: hAp ac^2: inferior LAN-to-LAN performance when HW offloading is used
Replies: 5
Views: 318

Re: hAp ac^2: inferior LAN-to-LAN performance when HW offloading is used

I am just guessing, has your old router 100M port and not 1G?
by WeWiNet
Tue Dec 11, 2018 2:28 pm
Forum: RouterBOARD hardware
Topic: Why hAP ac² and CRS3xx boot significantly longer than "other" routerboards?
Replies: 5
Views: 715

Re: Why hAP ac² and CRS3xx boot significantly longer than "other" routerboards?

+1 here! Funny you mention this because since couple of weeks I have exactly same impression on hap ac2! And each time you reboot, you think something is wrong and device is hanging! I just right now timed from pressing reboot to Wifi visible: 1Minute 48 seconds, hap ac2 with 6.43.7 (no additional b...
by WeWiNet
Tue Dec 11, 2018 2:06 pm
Forum: General
Topic: LTE Failover
Replies: 12
Views: 1373

Re: LTE Failover

Have you guys tried this one: https://wiki.mikrotik.com/wiki/Manual:PCC
The example only checks next GW but you can add additional GW check and target hosts to ping as you want.

This one does it for me (DSL with LTE load balancing/failover).
by WeWiNet
Tue Dec 11, 2018 1:59 pm
Forum: Beginner Basics
Topic: Access control via whitelist with time restrictions
Replies: 2
Views: 196

Re: Access control via whitelist with time restrictions

Also for those who don't know anything a simple way is KID CONTROL (web fig -> IP -> kid control) which uses firewall rules. Allows to assign users (with specific access time) as well as devices per user allowed to use etc. (this assumes the device/user can actually connect to your router via Wifi/E...
by WeWiNet
Tue Dec 11, 2018 1:53 pm
Forum: Useful user articles
Topic: Using Splunk to analyse MikroTik logs 2.6 (Graphing everything)
Replies: 108
Views: 10571

Re: Using Splunk to analyse MikroTik logs 2.5 (Graphing everything)

Hi Jotne, Wanted to say thank you, very nice job. Also to highlight that this tutorial works perfect on MacOS 10.14. I just followed your tutorial and installed it with the Splunk Enterprise version and all is working perfect (Ok I had to restart my machine once as splunk did not launch first time c...
by WeWiNet
Mon Dec 10, 2018 5:17 pm
Forum: General
Topic: Queue Tree Upload
Replies: 15
Views: 597

Re: Queue Tree Upload

Comment: In-interface WAN = downlink (coming into the router) Outinterface WAN= Uplink (leaving the router towards internet etc.) This is also why you do NAT on outinterface WAN and not IN-interface WAN :-). Then as others said, you need to mark connections coming through that WAN interface first an...
by WeWiNet
Mon Dec 10, 2018 3:32 pm
Forum: Beginner Basics
Topic: Router Optimization
Replies: 7
Views: 463

Re: Router Optimization

First thing check system/ressources (CPU load / memory).
Only if that is maxed out, drops could be due to the router load (which I doubt).

Check firewall rules and put the most hit ones come first (if possible).
But again, if CPU is not 100%, that should not be an issue.
by WeWiNet
Sat Dec 08, 2018 9:41 am
Forum: RouterBOARD hardware
Topic: LTap mini
Replies: 9
Views: 1325

Re: LTap mini

Hi Amtisrac, the new RouterOS beta SW 6.44 allows to upgrade the integrated FW of the LTE modem (see Wiki for details). I have upgrade LTAP to 6.44, updated LTE firmware, downgraded LTAP back to stable and see now quit impressive LTE throughput (compared to before). Such as 20Mbps where before it wa...
by WeWiNet
Fri Dec 07, 2018 5:02 pm
Forum: General
Topic: unable to upgrade firmware / upload .npk
Replies: 7
Views: 280

Re: unable to upgrade firmware / upload .npk

Sorry did not saw you tried Netinstall. Netinstall: Make sure firewall does not block the connection (first Netinstall launch) Does Netinstall see your device when you launch it? Have you set all 3 IP addresses correctly? GW/router/laptop? It happens that you need to close and restart Netinstall cou...
by WeWiNet
Fri Dec 07, 2018 4:58 pm
Forum: General
Topic: unable to upgrade firmware / upload .npk
Replies: 7
Views: 280

Re: unable to upgrade firmware / upload .npk

Upgrade fails often when memory file system free space is low. What is left on your device?
Try to uninstall any unused package (but first to back/export of config).

Freeing up space helped me in most cases.

If that does not work, netinstall (well explained in the wiki and pretty fail save).
by WeWiNet
Fri Dec 07, 2018 4:54 pm
Forum: Beginner Basics
Topic: Netinstall not install routeros
Replies: 3
Views: 248

Re: Netinstall not install routeros

So after saw I can't login to my router cause winbox said wrong username and password I try to reset the router. Have you tried to just reset router: power down, power up with reset button pressed until LED blinks (roughly 5 seconds) and then release button? Then user admin and no password will be ...
by WeWiNet
Fri Dec 07, 2018 10:09 am
Forum: Beginner Basics
Topic: neighbors ddiscovery setting set to all
Replies: 1
Views: 153

Re: neighbors ddiscovery setting set to all

/ip neighbor discovery-settings set discover-interface-list=all / none etc...
by WeWiNet
Wed Dec 05, 2018 10:57 pm
Forum: Beginner Basics
Topic: Setting up a dedicated Management Port
Replies: 4
Views: 264

Re: Setting up a dedicated Management Port

There are a couple of places in RouterOS where you need to define who can access the router itself. Even if firewall allows access on the input chain accept, this does not mean the router will respond or accept the connection - System/User, and from which IP address is he allowed to log in; Normally...
by WeWiNet
Sat Dec 01, 2018 7:37 pm
Forum: General
Topic: Queue Tree Upload
Replies: 15
Views: 597

Re: Queue Tree Upload

Yes, in the two ways mentioned above it does work for.me.

by WeWiNet
Thu Nov 29, 2018 7:24 pm
Forum: Beginner Basics
Topic: VLAN Configuration !HELP! [SOLVED]
Replies: 38
Views: 1728

Re: VLAN Configuration !HELP! [SOLVED]

Be aware lot (if not all) videos still show the way of doing VLANs before the 6.xx change when it was migrated to bridge. Look at the Wiki page to use the right method (not the Videos :-). You mention 3 IP address ranges/DHCP servers on your CCR but only one bridge? So DHCP are sitting where? Normal...
by WeWiNet
Thu Nov 29, 2018 9:59 am
Forum: General
Topic: Queue Tree Upload
Replies: 15
Views: 597

Re: Queue Tree Upload

I think I remember that if you use interfaces you need to tag one direction on the bridge and the other one on the port. Then it works. but it won't work if you tag both on the port. This I found quit strange so due to this I now tag DL via IP address: DL is destination "local IP addresses", UL is "...
by WeWiNet
Thu Nov 22, 2018 7:22 pm
Forum: Beginner Basics
Topic: PCC Load Balancing 2 WAN on Mikrotik HEX
Replies: 16
Views: 970

Re: PCC Load Balancing 2 WAN on Mikrotik HEX

Are you using 2 x LTE connections with same telco (same network and frequency)?. If they go both to the same base station, then when you access in parallel, the base station might give to your segment only a total of 60Mbps due to frequency or load limitations. Have you tried to run dual LTE on two ...
by WeWiNet
Wed Nov 21, 2018 3:16 pm
Forum: Beginner Basics
Topic: How to route torrents traffic bypassing vpn?
Replies: 3
Views: 260

Re: How to route torrents traffic bypassing vpn?

Wifi is you only WAN i/f?

Does your mangle L7 rule get hit by traffic (does counter increase?)
What does trace route give you?

More info on your setup would be helpful here with config export.
by WeWiNet
Wed Nov 21, 2018 3:05 pm
Forum: Beginner Basics
Topic: client connect to wifi in other room - why [SOLVED]
Replies: 9
Views: 615

Re: client connect to wifi in other room - why [SOLVED]

Ha, that is a good question. There is no super solution (you would need AP steering to do so), thus only option is Access list or lower signal level. If you really need only access from within a room or close by to the right AP you can do 2 things: - lower AP output power (signal will not reach very...
by WeWiNet
Mon Nov 19, 2018 10:11 pm
Forum: General
Topic: How many VLANs do I need?
Replies: 8
Views: 396

Re: How many VLANs do I need?

I only know the pre 6.43 ways of VLAN ( I heard it changed recently): Create two bridges: Bob and Alice Create Virtual WLAN AP-Bridge for 2.4G and 5G for Alice and Bob (you can use same SSID for 2.4G and 5G to make it seamless) Create 1 VLAN per Wifi AP (one for 2.4G and one for 5G) , put it into th...
by WeWiNet
Mon Nov 19, 2018 5:49 pm
Forum: General
Topic: How many VLANs do I need?
Replies: 8
Views: 396

Re: How many VLANs do I need?

With routerOS you can achieve everything (or almost). How to do your isolation depends on the level of security you want. If you want to separate broadcast domains (L2) you can use VLAN. But router will still connect those networks together at L3. To seperate at that level you need Firewall (you can...
by WeWiNet
Mon Nov 19, 2018 5:28 pm
Forum: Beginner Basics
Topic: Two wan Failover & Nat
Replies: 3
Views: 215

Re: Two wan Failover & Nat

I suggest try with: add second NAT rule for 2nd interface and remove that interface from first rule (or the list used there)

Also make sure "CHECK GATEWAY" is enabled on the routes.
by WeWiNet
Fri Nov 16, 2018 10:32 am
Forum: General
Topic: Continued hap ac2 memory and upgrade/package problems
Replies: 0
Views: 185

Continued hap ac2 memory and upgrade/package problems

Good morning, I have continued package upgrade problems with hap ac2 which I believe are memory/flash issues. - I had already earlier issues with that 6.3xx(?) package which had flash memory leakage issues. Went only away with Netinstall Since then I hoped this would have been gone. - But it continu...
by WeWiNet
Wed Nov 14, 2018 6:47 pm
Forum: Beginner Basics
Topic: Winbox lost connection after establish bridge
Replies: 4
Views: 295

Re: Winbox lost connection after establish bridge

Do you connect via Wifi or ETH to the Metal ? If you assign ETH to the bridge, and Metal is a router not a CPE, where is the WAN coming from? When assigning ETH to the bridge (where apparently it is not when you start), it impacts following things you might need to adapt! - MAC server, Neighbour dis...
by WeWiNet
Wed Nov 14, 2018 5:04 pm
Forum: Wireless Networking
Topic: The Tx power of the mikrotik wireless interface
Replies: 5
Views: 439

Re: The Tx power of the mikrotik wireless interface

If you use a wireless AP you should use "regulatory domain" and select correct country to respect local regulation :-) And not change anything else. If you use external antennas/PtP links etc. you want to play with the output power at modulation rates. With 17dBm max output power you can not do much...
by WeWiNet
Mon Nov 12, 2018 10:33 am
Forum: RouterBOARD hardware
Topic: LTap mini
Replies: 9
Views: 1325

Re: LTap mini

Hi Amtisrac, I found similar performance with my new Ltap-Mini. Bought it to "upgrade" my 5Mbps DSL and bundle both lines. I do have relative good LTE (compared to my DSL :-) ) and get on 3 years old LTE phone 10+ Mbps. I thus kicked of my first LTAP-Mini speed test on same network and SIM card and ...
by WeWiNet
Mon Nov 12, 2018 10:21 am
Forum: RouterBOARD hardware
Topic: The "DEVICE" :)
Replies: 2
Views: 919

Re: The "DEVICE" :)

I am just discovering my LTAP Mini so can;t give you too much of advice. External antenna: Yes you can easily connect them. All is forseen in the housing, you just need to have buy them extra. This is mandatroy to get really good speed what I see from my first tests with the internal antenna. You do...
by WeWiNet
Thu Nov 08, 2018 9:18 am
Forum: RouterBOARD hardware
Topic: Qualcomm IPQ8074
Replies: 7
Views: 1961

Re: Qualcomm IPQ8074

Another 11ax product just launched now, putting indeed some pressure on having 11ax products to use. Mechanical design is more questionable, but that can easily be changed (and I like the plane/rocket style of the RAX120, it has a big WOW factor). https://www.netgear.com/home/products/networking/wif...
by WeWiNet
Tue Nov 06, 2018 8:04 pm
Forum: Beginner Basics
Topic: Route over VPN not working
Replies: 1
Views: 235

Re: Route over VPN not working

some thoughts:
- You use the Mikrotik as router or switch?
- I can't see which Interface is actually WAN? There is no mentioning, all ETH ports incl SFP are part of bridge and LAN?
- In NAT: SourceNat on out interface "bridge" ? I would think you put something else there like ETH1 or so?
by WeWiNet
Tue Nov 06, 2018 3:00 pm
Forum: Beginner Basics
Topic: Connection between 3dhcp
Replies: 5
Views: 268

Re: Connection between 3dhcp

Could be due to the routes which only seems to be defined for marked connection traffic?
by WeWiNet
Mon Nov 05, 2018 7:10 pm
Forum: RouterBOARD hardware
Topic: hap ac2 in a StationBox - Anyone? [SOLVED]
Replies: 2
Views: 447

Re: hap ac2 in a StationBox - Anyone? [SOLVED]

For ceiling mount use the CAP ac2.
Same as Hap ac2 but two GEth ports and PoE support.
by WeWiNet
Thu Nov 01, 2018 12:14 pm
Forum: Wireless Networking
Topic: Connect 2 locations 80m apart with obstacles
Replies: 6
Views: 697

Re: Connect 2 locations 80m apart with obstacles

Have you tried PLC (power line communication)? I am pretty sure it won't work neither with that long distance and two separate buildings but you can give it a try. Use the new 1.2G solutions (MIMO) with Qualcomm chip inside if you can. To use wireless is impossible from appart directly without going...
  • 1
  • 2