Community discussions

Search found 157 matches

by WeWiNet
Fri Oct 11, 2019 2:38 pm
Forum: Wireless Networking
Topic: Audience vs Eero?
Replies: 24
Views: 3375

Re: Audience vs Eero?

A bit more tricky is going to be the setup / config, specially if you will use 3 AP Wifi interfaces (and not as MESH). Which 5Ghz network will a client select if you have 2 with same SSID at two different channels? Or create 2 or 3 different SSID? Running two 5GHz channels with same SSID in the sam...
by WeWiNet
Fri Oct 11, 2019 2:33 pm
Forum: Wireless Networking
Topic: Audience vs Eero?
Replies: 24
Views: 3375

Re: Audience vs Eero?


Can any one maybe point me at a "guide" that actually work, that I can follow? Or just some pointers or tips please.
PPJ, I am sorry but I only have one device so can not really help you.

I would open a new forum post to ask help on set up as MESH solution
by WeWiNet
Thu Oct 10, 2019 6:51 pm
Forum: Wireless Networking
Topic: Audience vs Eero?
Replies: 24
Views: 3375

Re: Audience vs Eero?

I have 2 days of (limited) Audience testing experience now: Audience looks nice, actually smaller than on the pictures, a device you can actually keep outside, close to TV or sideboard it has 3 color LED that shine nicely through little slot on lower front side (including Mtik preferred blue led! bu...
by WeWiNet
Wed Oct 09, 2019 3:56 pm
Forum: Wireless Networking
Topic: WIFI signal disappeared using RB4011iGS+RM
Replies: 1
Views: 225

Re: WIFI signal disappeared using RB4011iGS+RM

Do you meant the interface itself goes away/stuck, or you just don't see the Wifi in the "air"? Depending your Wifi settings, if you use DFS channels and it detects radar it will go into listen mode for a while. If you select a 160MHz channel and set the frequency for fixed, then it can take quite s...
by WeWiNet
Wed Oct 09, 2019 10:13 am
Forum: Wireless Networking
Topic: Provisioning DFS Channels in US
Replies: 2
Views: 251

Re: Provisioning DFS Channels in US

+1 - adding a radar detection counter indicating number of detections since up time! - specific DFS/radar logging! Audience for example wlan3 interface is offering only DFS 4x4 Wifi channels (limited to channel 100 and above ) and knowing how/when radar is detected and what backup is available (othe...
by WeWiNet
Tue Oct 08, 2019 6:48 pm
Forum: Beginner Basics
Topic: Wi-Fi speed issues on hAP AC Lite [SOLVED]
Replies: 1
Views: 354

Re: Wi-Fi speed issues on hAP AC Lite [SOLVED]

Device has only 100 Mbps ethernet ports. Can not give more than that!
by WeWiNet
Thu Oct 03, 2019 11:29 am
Forum: Announcements
Topic: v6.45.6 [stable] is released!
Replies: 47
Views: 19895

Re: v6.45.6 [stable] is released!

KID control NOT WORKING after update to 6.45.6. firewall filter rules not installed My router is RB2011UiaS I setup yesterday Kid Control on 6.45.6 on RB4011 and it was working well (IP Firewall rules went on and off according to setup), also used TIKApp for pause/resume. Maybe your setup from pre-...
by WeWiNet
Wed Sep 18, 2019 1:21 pm
Forum: Wireless Networking
Topic: hAP AC2+cAP AC Roaming is a joke
Replies: 35
Views: 4160

Re: hAP AC2+cAP AC Roaming is a joke

WOW! Sounds like a lot of folks are stuck in Wifi 4 (Wifi 6 was just announced by WFA this Monday)! Wifi can do roaming, seamlessly with the phones which are in the market since 2-3 years! Its offered by couple of retail MESH solutions which work well, and is becoming part of EasyMesh standardizati...
by WeWiNet
Tue Sep 17, 2019 4:48 pm
Forum: Wireless Networking
Topic: hAP AC2+cAP AC Roaming is a joke
Replies: 35
Views: 4160

Re: hAP AC2+cAP AC Roaming is a joke

WOW! Sounds like a lot of folks are stuck in Wifi 4 (Wifi 6 was just announced by WFA this Monday)! Wifi can do roaming, seamlessly with the phones which are in the market since 2-3 years! Its offered by couple of retail MESH solutions which work well, and is becoming part of EasyMesh standardizatio...
by WeWiNet
Thu Aug 29, 2019 10:58 pm
Forum: General
Topic: RB4011 "under clocking" at 533MHz / frequency scaling
Replies: 3
Views: 489

Re: RB4011 "under clocking" at 533MHz / frequency scaling

Sebastia, thanks for your feedback. On RB4011 you can change clock frequency without reboot (when reading CPU info, it shows the new set frequency even without reboot). and the message: "WARNING: cpu not running at default speed" I don't feel RB4011 is "low power", but I will try to do some power me...
by WeWiNet
Thu Aug 29, 2019 5:35 pm
Forum: General
Topic: RB4011 "under clocking" at 533MHz / frequency scaling
Replies: 3
Views: 489

RB4011 "under clocking" at 533MHz / frequency scaling

How good/useful/dangerous is it to under clock RB4011 (down to 533MHz). I use RB4011 mainly for the 10 x Geth + 5Ghz 4x4 Wifi it offers, but don't need all the CPU horse power it offers. Now I saw the clock speed selection under ROUTERBOARD and started to reduce clock speed down to 533Mhz, hoping to...
by WeWiNet
Mon Aug 26, 2019 6:49 pm
Forum: General
Topic: ROS7: Requests for wireless features
Replies: 7
Views: 1376

Re: wireless feature requests

Two issues: 1.) ROS6 wireless package does everyting: CPE, AP mode, NV2, long distance outdoor etc., P2P, P2MP and so on Hard to support all this with all the new features together you ask for (and sometimes they are exclusive) 2.) Most of the features you mention will only apply / be useful to the ...
by WeWiNet
Thu Aug 08, 2019 6:03 pm
Forum: Beginner Basics
Topic: Mikrotik Router Management via Web App
Replies: 2
Views: 429

Re: Mikrotik Router Management via Web App

its all there already... user manager!
by WeWiNet
Thu Aug 08, 2019 1:34 pm
Forum: Beginner Basics
Topic: MikroTik wAP as wireless client?
Replies: 4
Views: 972

Re: MikroTik wAP as wireless client?

WAP is an AP, the ethernet port is part of "WAN" and can not be used to connect via Winbox (default setting). As you remove the Wifi AP and make it a client, you have no more means to connect to the WAP. Thus, you first need to move the ethernet port to be part of the bridge or "LAN" interface list ...
by WeWiNet
Fri Jul 19, 2019 11:01 am
Forum: General
Topic: Allow trafic from one LAN to another but not the reverse [SOLVED]
Replies: 3
Views: 352

Re: Allow trafic from one LAN to another but not the reverse [SOLVED]

You will need to allow the return packets (from the LAN2 into LAN1) .
For this add on your drop rule connection state: "NEW" connections from LAN 2 into LAN 1, but accept "related"/established.
by WeWiNet
Wed Jul 10, 2019 6:35 pm
Forum: Wireless Networking
Topic: Wifi range is really bad for a reason
Replies: 17
Views: 1428

Re: Wifi range is really bad for a reason

Which frequency you are talking about: 2.4Ghz : interference --> real issue on 2.4G, If you have lot of neighbours this kills range... 5Ghz, older devices/phones have pretty bad 5GHz performance. Newer smart phones have 2x2 5Ghz Wifi which is providing better coverage. With that 5Ghz should still re...
by WeWiNet
Fri Jun 28, 2019 11:22 am
Forum: Beginner Basics
Topic: I need to see all devices that have connected in the last 30 days
Replies: 3
Views: 726

Re: I need to see all devices that have connected in the last 30 days

Be aware any connection will be logged (each connection if the device connects/disconnects 10 times in 20 seconds). You will need to screen for new MAC addresses occurring in Wifi log to see "who" connected. It might be worth looking into hotspot manager if you want to know/control who connects and ...
by WeWiNet
Wed Jun 12, 2019 11:33 am
Forum: Wireless Networking
Topic: Large Apartment, no Ethernet
Replies: 28
Views: 1898

Re: Large Apartment, no Ethernet

Just to have fun (and not let this subject die that fast :-)), power line does a good job! Considering apartments / dense urban environments: 1.) In such environment you will be sooner or later interference limited on 5GHz Wifi as well (you might already be today in most European cities). Specially ...
by WeWiNet
Wed Jun 12, 2019 10:43 am
Forum: Beginner Basics
Topic: Mikrotik VPN Connection
Replies: 6
Views: 675

Re: Mikrotik VPN Connection

No need to update the topic,
rather add useful information like provide your config without sensitive info, system diagram etc.
by WeWiNet
Wed Jun 05, 2019 5:04 pm
Forum: Beginner Basics
Topic: guest wifi + VLAN confusion
Replies: 7
Views: 795

Re: guest wifi + VLAN confusion

if your guest are not hard core hackers, you can start with just setting in Wifi tab of guest-wifi-if "default forward" to NO. Then all those Wifi clients will only be able to go out to internet and not communicate among them or go anywhere else. Ensure also that the INPUT chain (router access) only...
by WeWiNet
Mon Jun 03, 2019 2:36 pm
Forum: Wireless Networking
Topic: Large Apartment, no Ethernet
Replies: 28
Views: 1898

Re: Large Apartment, no Ethernet

Fully agree with Normis. Powerline does a very good job even if its 100Mbps ethernet. Will consume much less power than 1G devices (and be smaller) and you have reliable link compared to Wifi. Another option could be the new "Audience" product which was announced at some MUM, but has not come to mar...
by WeWiNet
Mon Jun 03, 2019 2:25 pm
Forum: Beginner Basics
Topic: Does RouterOS support these features?
Replies: 3
Views: 353

Re: Does RouterOS support these features?

RB4011 can do all this expect it has no USB port. So not possible to add LTE modem directly. You would need to use another Mikrotik LTE device (LTAP or LHG) connected over ethernet if you want to do this. That device could use PoE from RB4011 and you can power it only if the main route fails for ins...
by WeWiNet
Wed May 29, 2019 12:53 pm
Forum: Beginner Basics
Topic: How do I update firmware? MAP Lite (RBmAPL-2nD).
Replies: 4
Views: 348

Re: How do I update firmware? MAP Lite (RBmAPL-2nD).

Map port is not LAN, but WAN (connect it to internet)

Update: In system --> packages --> check for update! Click "download and install"

That's it.
by WeWiNet
Thu May 23, 2019 4:18 pm
Forum: Beginner Basics
Topic: Low LTE speed with RBSXTR
Replies: 8
Views: 597

Re: Low LTE speed with RBSXTR

by WeWiNet
Fri May 17, 2019 11:34 am
Forum: Beginner Basics
Topic: how to access local network
Replies: 2
Views: 345

Re: how to access local network

You want to get into the local network (LAN) coming from WAN (via ethernet 0).
I assume your incoming connection (ICMP? UDP? TCP?) from xxx.1.x is probably blocked by RB Firewall.
Disable firewall to see if that is the issue (but be careful what you do :-))
by WeWiNet
Thu May 09, 2019 12:15 pm
Forum: Beginner Basics
Topic: cant view graphing
Replies: 6
Views: 505

Re: cant view graphing

You need to set the "allow-address" range as well in accordance to the address from where you connect to the router!
by WeWiNet
Thu May 09, 2019 12:01 pm
Forum: Beginner Basics
Topic: dual home ap and local network
Replies: 4
Views: 422

Re: dual home ap and local network

The issue is not NAT or no NAT, but the route (and potentially firewall). Firewall: WAN i/f traffic is blocked to access hap ac2 etc. (default means all outside ETH1 port is considered "outside"). Route: neither clients on hap ac2 nor your other router clients know how/where to reach each other! Add...
by WeWiNet
Thu Apr 25, 2019 7:39 pm
Forum: Beginner Basics
Topic: Help Boss! Dual WAN loadbalancing. Is the config wrong? or my RB settings are off.
Replies: 3
Views: 376

Re: Help Boss! Dual WAN loadbalancing. Is the config wrong? or my RB settings are off.

Make sure you: - disabled firewall fast path (mangle else does not work) - you set RP filter mode to loose - check that DHCP client on ETH1 has "default route" unchecked. Even with PCC/both-address mode you will see traffic mainly one one I/F if there is only one client. The load blancing works best...
by WeWiNet
Thu Apr 18, 2019 11:28 pm
Forum: Beginner Basics
Topic: Install 2 Mikrotik routers in cascade [SOLVED]
Replies: 4
Views: 525

Re: Install 2 Mikrotik routers in cascade [SOLVED]

Both routers use same IP address range, this can not work.
Change the IP address range on 2nd router to xxx.xxx.89.x for instance (and DHCP server etc).

TP Link works because it probably uses the classic 192.168.0.x/24 net
by WeWiNet
Thu Apr 18, 2019 10:37 am
Forum: Beginner Basics
Topic: Multiple VLANs with one Router as Default Gateway in each VLAN
Replies: 7
Views: 876

Re: Multiple VLANs with one Router as Default Gateway in each VLAN

When you say "hex reachable via VLAN" what do you mean? Which services or functions? The router itself can be accessed on L3/IP level, and can be reached from whatever subnet as long as you have set up access IP addresses etc. correctly. Except if you set it up as switch only, but you say its a gate...
by WeWiNet
Fri Apr 05, 2019 3:04 pm
Forum: Wireless Networking
Topic: Banning client from AP-Bridge
Replies: 1
Views: 246

Re: Banning client from AP-Bridge

That is quit simple: 1.) in the Wifi interface tab, unclick "Default authenticate". This means now the Wifi Radio will only allow someone to access Wifi if the MAC address is in the Access List 2.) Inside the tab "Access List" create a new entry for the device with its MAC address, define which Radi...
by WeWiNet
Thu Apr 04, 2019 12:39 pm
Forum: Scripting
Topic: POST Request with fetch
Replies: 69
Views: 27974

Re: POST Request with fetch

Hi taxist, thanks for your advice, but the IFTTT webhook data does not work neither with this. The issue is always that either routeros does not accept the syntax that IFTTT would need and gives you an error, or if you put it in routeros syntax, webhook does not get/display the data. Do you have a f...
by WeWiNet
Tue Apr 02, 2019 3:05 pm
Forum: Beginner Basics
Topic: mAP Lite cannot be installed
Replies: 1
Views: 198

Re: mAP Lite cannot be installed

Map Lite is an routed AP by default, and its Ethernet port is WAN port, so you can not connect to it for security reasons (you can change that).
You need to connect via Wifi and then Winbox can connect.
by WeWiNet
Fri Mar 29, 2019 6:16 pm
Forum: Wireless Networking
Topic: WiFi in garden - wouldn't cAP AC be better than wAP AC?
Replies: 15
Views: 1304

Re: WiFi in garden - wouldn't cAP AC be better than wAP AC?

be careful, outdoor is not just about temp and humidity. In my experience ants kill more products than anything else does (or other insects which like to be where its worm when its cold outside). They will get into a CAP easily if it is a place like garden etc. If its in a relative clean location yo...
by WeWiNet
Fri Mar 15, 2019 6:22 pm
Forum: Scripting
Topic: Script & Schedule for Network on & off [SOLVED]
Replies: 8
Views: 666

Re: Script & Schedule for Network on & off [SOLVED]

What gotspings mean is, set up your AP as you want (Wifi and SSID names etc) and then everything works you add the switch on off function for Wifi i/f. In system/Scheduler you can run scripts at certain time of the day. Just put in the command you would enter into a terminal like below into the body...
by WeWiNet
Fri Mar 15, 2019 5:24 pm
Forum: General
Topic: Feature Request: Logging of all administrator user actions
Replies: 19
Views: 4085

Re: Feature Request: Logging of all administrator user actions

+1 I would add, that having access to the "undo /redo command" that Winbox (or ROS ?) holds with the last 3-5 entries would be really helpful! This is already in the system, just need a way to make it available for user!!! This would help not only for logging, but also being able to role back comman...
by WeWiNet
Thu Mar 14, 2019 7:52 pm
Forum: Beginner Basics
Topic: Daul wan with failover
Replies: 11
Views: 1013

Re: Daul wan with failover

You just add more (copy the rules and add which target you want) ...
by WeWiNet
Thu Mar 14, 2019 5:59 pm
Forum: RouterBOARD hardware
Topic: RB4011 storage
Replies: 1
Views: 367

Re: RB4011 storage

No, not possible. No USB or SDIO or other connection on the device.
(you only have console connection available).

But its more than enough memory for me :-)
by WeWiNet
Thu Mar 14, 2019 5:51 pm
Forum: Wireless Networking
Topic: DHCP Server giving ip's on the middle of the range
Replies: 3
Views: 278

Re: DHCP Server giving ip's on the middle of the range

Create DHCP pools (IP -- Pool) and exclude the range that is used by the CISCO device.
You can link the various pools together with, use "next pool" option.

PS: Maybe not best approach to have two identical subnets on different machines. Might confuse routing
decisions.
by WeWiNet
Thu Mar 14, 2019 2:55 pm
Forum: General
Topic: problems with import .rsc files on mAP Lite
Replies: 4
Views: 330

Re: problems with import .rsc files on mAP Lite

Better you use "Backup" for such things. ROS does a backup when you reset, so you should see that file under "FILES". The export function only shows things that are different from default config, which can indeed be an issue to reinstall a device after reset or migration to new ROS. If your script i...
by WeWiNet
Thu Mar 14, 2019 12:36 pm
Forum: Beginner Basics
Topic: Trying to setup load balancing with PCC, router doesn't use ISP2
Replies: 13
Views: 1149

Re: Trying to setup load balancing with PCC, router doesn't use ISP2

To use mangle you need to disable fast track firewall connection. !!! Remove tha firewall rule and reboot!!! Without that packets will bypass mangle! Please check again. PCC: In the settings Firewall - Mangle - Advance settings - Per Connection Classifier , you select "source" or "both". But I am pr...
by WeWiNet
Thu Mar 14, 2019 12:30 pm
Forum: Beginner Basics
Topic: Daul wan with failover
Replies: 11
Views: 1013

Re: Daul wan with failover

here is the route description /ip route add check-gateway=ping comment="ping-tested GW-1" distance=1 gateway=8.8.8.8 routing-mark=to_WAN1 add check-gateway=ping comment="ping-tested GW-2" distance=1 gateway=8.8.4.4 routing-mark=to_WAN2 add check-gateway=ping comment="Backup onto GW1 all GW2 connecti...
by WeWiNet
Wed Mar 13, 2019 3:30 pm
Forum: General
Topic: load-balancing don't work
Replies: 49
Views: 2806

Re: load-balancing don't work

plisken, not sure I understand your post: Why respond Mikrotik not. I am using the PCC setup as shown in this wiki: https://wiki.mikrotik.com/wiki/Manual:PCC this works fine, provides load balancing and has basic failover (only for next GW, but is a good starting point). Once this works, you can add...
by WeWiNet
Wed Mar 13, 2019 3:19 pm
Forum: Beginner Basics
Topic: Daul wan with failover
Replies: 11
Views: 1013

Re: Daul wan with failover

yes you also need to disable the default route for PPPoE. else the failover will not work and it will always use the default PPPoE route. You will define the routes later on "by hand". But those added routes always have a higher distance than the default routes...thus do not create default route. ma...
by WeWiNet
Wed Mar 13, 2019 10:35 am
Forum: Beginner Basics
Topic: Daul wan with failover
Replies: 11
Views: 1013

Re: Daul wan with failover

Hi RPI, the DHCP server settings, domain should be empty, not 8.8.4.4. You put 8.8.4.4 as 2nd DNS server if you click on the winbox on the DHCP server setting , but don;t put it into domain. In DHCP-CLIENT: you need to DISABLE "add default route" else router does always use default route! masquerade...
by WeWiNet
Wed Mar 13, 2019 10:11 am
Forum: Beginner Basics
Topic: Trying to setup load balancing with PCC, router doesn't use ISP2
Replies: 13
Views: 1149

Re: Trying to setup load balancing with PCC, router doesn't use ISP2

SSL / https breaks if you do not set connection tracking (RP filter) to loose mode.

Or if that is not the case, first try with PCC "source address only" and see if that works.
Normally SSL should then work.
by WeWiNet
Tue Mar 12, 2019 5:50 pm
Forum: Beginner Basics
Topic: Trying to setup load balancing with PCC, router doesn't use ISP2
Replies: 13
Views: 1149

Re: Trying to setup load balancing with PCC, router doesn't use ISP2

You masquerade twice WAN 4G! and not DSL? 3rd and 4th route, increase the distance by one for each (only keep the routing marking routes at distance 1) In mangle you need to set passthrough "yes" as you mangle packets afterwards further. if you use PCC with both address mode, need to put RP filter m...
by WeWiNet
Sat Mar 09, 2019 9:50 am
Forum: General
Topic: load-balancing don't work
Replies: 49
Views: 2806

Re: load-balancing don't work

Anav, Indeed in my setup output chain also has passthrough enabled: On one WAN connection (DSL) I do further queuing in mangle to prioritise traffic based on IP subnets. On the other WAN as it is a bigger pipe I do nothing, but it does not harm neither as everything I do after output chain rule does...
by WeWiNet
Fri Mar 08, 2019 5:57 pm
Forum: General
Topic: load-balancing don't work
Replies: 49
Views: 2806

Re: load-balancing don't work

Hi Solar77, Good Job! Unfortunate I see your post only now, I went through the same nightmare: Load balancing (LTE and DSL) with PCC, then Queueing subnets and remote GW failover (not only next GW) Indeed all Wiki posts are outdated/not good or do not use one or the other. Or this strange example of...
by WeWiNet
Fri Mar 08, 2019 5:18 pm
Forum: Beginner Basics
Topic: Problem with internal static routing to avoid double natting
Replies: 4
Views: 399

Re: Problem with internal static routing to avoid double natting

Dual NAT is normally not an issue for routers with small home network behind (as long as IP segments don't overlap) As you set manually the WAN interface IP address it seems you do not use IP / "DHCP client" on ETH2. Maybe try it with that, it will set a couple of things automatically (address, rout...
by WeWiNet
Wed Mar 06, 2019 4:09 pm
Forum: Beginner Basics
Topic: RB4011 5Ghz Wifi unstable
Replies: 7
Views: 1804

Re: RB4011 5Ghz Wifi unstable

If you do log "info" , then you would see messages like "Wifi client rejected based on ..." in that case it would be access list issue, but you do not have that I would assume. I get always one (and only one) error, which is at boot, "DEFCONF, can't find WLAN interface". Probably it boots too fast b...
by WeWiNet
Wed Mar 06, 2019 10:02 am
Forum: Beginner Basics
Topic: RB4011 5Ghz Wifi unstable
Replies: 7
Views: 1804

Re: RB4011 5Ghz Wifi unstable

I have RB4011 and its rock stable on 5GHz (and 2.4G). Maybe I am just lucky. Settings I use are: set [ find default-name=wlan1 ] antenna-gain=3 band=5ghz-a/n/ac channel-width=20/40/80mhz-XXXX comment=5G country=france \ default-authentication=no disabled=no distance=indoors frequency=auto frequency-...
by WeWiNet
Wed Mar 06, 2019 9:32 am
Forum: Beginner Basics
Topic: Make Printer reachable in a different network
Replies: 3
Views: 315

Re: Make Printer reachable in a different network

Hi Dimag, I assume the Comcast GW has no filters / firewall for local traffic, therefore port forwarding should not be needed. How/if you can use the printer will depend a lot on your printer itself and its support for network printing. You will need to install the printer on the local machine (PC e...
by WeWiNet
Tue Mar 05, 2019 6:46 pm
Forum: Scripting
Topic: POST Request with fetch
Replies: 69
Views: 27974

Re: POST Request with fetch

Does not work with this command. Puts an error: /tool fetch https://maker.ifttt.com/trigger/mtik/with/key/my_IFTTT_code keep-result=no \ http-header-field="Content-Type:application/json" \ http-data="{\"value1\":\"RB4011\",\"value2\":\"shutting down\",\"value3\":\"DSL"}" It spits error out: status: ...
by WeWiNet
Tue Mar 05, 2019 4:08 pm
Forum: Scripting
Topic: POST Request with fetch
Replies: 69
Views: 27974

Re: POST Request with fetch

Normis, I tried to get the 3 values posted from routerOS into IFTTT without success. And all the application/json examples are pre 6.44 so I am lost after trying lot of options. Same for WIKI, still using the http-content-type option which is no more available in 6.44. The working CURL code from IFT...
by WeWiNet
Fri Mar 01, 2019 10:07 am
Forum: Scripting
Topic: POST Request with fetch
Replies: 69
Views: 27974

Re: POST Request with fetch

Thanks Normis, your comment made me continue till I found the issue! To share with others here the full guide to do IFTTT with RouterOS on Mikrotik : head over to IFTTT and sign up add as service "Webhooks" and go to Webhooks --> settings this will give you something like: Connected as: YourGoogleNa...
by WeWiNet
Thu Feb 28, 2019 10:05 pm
Forum: Beginner Basics
Topic: allow wifi only local network
Replies: 5
Views: 530

Re: allow wifi only local network

If you want to have Wifi devices only as "local devices" such as a printer etc, and not them being able to connect to internet, you could simply assign those clients static IP adresses, and then put them into an address list. Then one of your first firewall forward rules would be to drop traffic fro...
by WeWiNet
Thu Feb 28, 2019 4:45 pm
Forum: Scripting
Topic: POST Request with fetch
Replies: 69
Views: 27974

Re: POST Request with fetch

Normis,

this is just a key replacement for the real value I have put there.
The Webhook link itself is correct. just copied it again from IFTTT.

Do you need user name or some other setting?

thanks for your help.
by WeWiNet
Thu Feb 28, 2019 4:42 pm
Forum: General
Topic: Drop traffic between two different vlans that are on the same interface
Replies: 10
Views: 522

Re: Drop traffic between two different vlans that are on the same interface

Have you enable "ip firewall on bridge"
or if you do not want to do that you can use "filter" within the bridge (but less comfortable).
by WeWiNet
Thu Feb 28, 2019 3:10 pm
Forum: Scripting
Topic: POST Request with fetch
Replies: 69
Views: 27974

Re: POST Request with fetch

Hi jumping on this thread. I cannot get to the Webhook/IFTTT with the indicated command by Normis: /tool fetch mode=https url="https://maker.ifttt.com/use/xvcvvxvvcvvxvxvxvv" http-method=post It gives me error: status: failed failure: closing connection: <404 Not Found> Also tried with additional us...
by WeWiNet
Mon Feb 04, 2019 7:23 pm
Forum: General
Topic: SXT LTE Kit (R11e-LTE) - to lock on 3G 900Mhz
Replies: 8
Views: 1265

Re: SXT LTE Kit (R11e-LTE) - to lock on 3G 900Mhz

I can't help you on this question directly, but experienced that with the latest LTE FW upgrade (possible via beta only) the LTE modem works way better. I suggest you upgrade to the router to beta, upgrade then LTE modem FW and then downgrade router to the 6.43.8 again (LTE Modem will keep latest FW...
by WeWiNet
Fri Feb 01, 2019 12:20 pm
Forum: Beginner Basics
Topic: A noob to mikrotik network please help [SOLVED]
Replies: 7
Views: 624

Re: A noob to mikrotik network please help [SOLVED]

You could start with hap-ac2, which should be ok and really cheap (except only 4 ports LAN). But the RB4011 with WIFI is what you really want. It is a bit more $ (but still very reasonable) but also way more performance and future proof. With this you will be able to do what ever you want. That woul...
by WeWiNet
Wed Jan 30, 2019 2:05 pm
Forum: General
Topic: DHCP Offering Lease Without Success
Replies: 35
Views: 9306

Re: DHCP Offering Lease Without Success

Have same problem, my wife came home with iPads from school to upgrade them today. 1 connects , 5 others not! (iOS 11 all). And according to here it should work :-) Then to check if "apple issue", i also tried with my android phone to connect to this Wifi network, but it does neither get an IP addre...
by WeWiNet
Sat Jan 26, 2019 12:10 am
Forum: Beginner Basics
Topic: Basic home setup but can't get it to work
Replies: 13
Views: 897

Re: Basic home setup but can't get it to work

Why not reset and use Quick-set "Home AP". Will give you exactly what you want with
simple interface to setup IP, DHCP, Wifi etc. in 3 minutes you are all set.
by WeWiNet
Fri Jan 25, 2019 7:14 pm
Forum: Beginner Basics
Topic: Where can I set and see the list of IP addresses (or networks) allowed to access the web configuration tool over SSL?
Replies: 8
Views: 637

Re: Where can I set and see the list of IP addresses (or networks) allowed to access the web configuration tool over SSL

Check that web server and all other services/server also need to be set as accepting connections form specified IP addressed. And then last but not least the user also needs to be allowed to login from that IP address. To resume: - Firewall blocks at router level (if it hits router Input chain or no...
by WeWiNet
Wed Jan 23, 2019 5:15 pm
Forum: General
Topic: 6.43.8 vulnerability or hack?
Replies: 31
Views: 6619

Re: 6.43.8 vulnerability or hack?

Side remark/question here: 1.) instead of netinstall (need to press that button, set IP on the computer), is a down grade and then an upgrade of ROS equivalent to netinstall and erases all internal memory safely? 2.) I assume once you have a clean router, if you use a "backup" taken on an infected r...
by WeWiNet
Wed Jan 23, 2019 4:27 pm
Forum: Beginner Basics
Topic: How much space graphing takes up? [SOLVED]
Replies: 4
Views: 459

Re: How much space graphing takes up? [SOLVED]

It will not use any disk if you do not check "Save to disk" . I don't see any significant memory/disk usage for graphing, thus I think it is neglectable. But will depend how many interfaces etc you graph and over how long. You can also download all the graphing data from the routers web page and sto...
by WeWiNet
Tue Jan 22, 2019 1:25 pm
Forum: General
Topic: export of pending undo / safe mode commands
Replies: 0
Views: 268

export of pending undo / safe mode commands

Safe mode is great to check if something immediately breaks your system (lock out protection). But often issues arise later one, and one would like to remove the changes made earlier (revert back) on the fly, without flashing an older backup file (service disruption). For this it would be create to ...
by WeWiNet
Sun Jan 20, 2019 1:39 pm
Forum: Wireless Networking
Topic: android devices chooses 2.4Ghz over 5Ghz on hAP ac^2
Replies: 13
Views: 1525

Re: android devices chooses 2.4Ghz over 5Ghz on hAP ac^2

Indeed no air time fairness or band steering nor even roaming in ROS, so you need to do it by yourself with basic method via access list: Use 2 access list entries for forcing phone to 5G and if that signal is too low (=bad) , allow 2.4G access! Set signal strength to access 5Ghz network to somethin...
by WeWiNet
Sun Jan 20, 2019 1:15 pm
Forum: General
Topic: Mikrotik's demo system demo.mt.lv firewall Virus rules, worth using???
Replies: 7
Views: 913

Re: Mikrotik's demo system demo.mt.lv firewall Virus rules, worth using???

Thanks all for your feedback and input. I was hoping to get some feedback from Mikrotik on how useful THEY think those rules are (as they don't publish rubbish normally, I would suppose those FW rules are done on purpose and not just for fun and maybe they have them run on some real world servers?)....
by WeWiNet
Mon Jan 14, 2019 1:39 pm
Forum: Wireless Networking
Topic: Hap ac2 TX power tables info missing
Replies: 8
Views: 1965

Re: Hap ac2 TX power tables info missing

The Wireless 2.4G interface does not do 11ac, only the 5G, so the values should be there for 2.4G! In addition you can adjust country and regulatory domain, antenna gain!!! Which means output power values will change! Why can you not see what is applied finally in the device and why can you not lowe...
by WeWiNet
Mon Jan 14, 2019 1:23 pm
Forum: Beginner Basics
Topic: Forcing single URL to use specific WAN
Replies: 9
Views: 612

Re: Forcing single URL to use specific WAN

With HTTPS you can not mark URL anymore easily with filter rule matching URL text. Even the TLS filter does not work reliably.
If you use such a key word to look for and mark connection I am pretty sure that is reason it does not work.
by WeWiNet
Fri Jan 11, 2019 10:51 am
Forum: General
Topic: Mikrotik's demo system demo.mt.lv firewall Virus rules, worth using???
Replies: 7
Views: 913

Mikrotik's demo system demo.mt.lv firewall Virus rules, worth using???

Hi, On Mikrotiks hosted RouterOS demo system (using demo.mt.lv as target in Winbox), under Firewall there are a long list of "Virus" firewall entries which seems quit interesting, if they do work in real life (see below). Now in this demo system they don't get hit by any traffic, so I wonder if it w...
by WeWiNet
Mon Jan 07, 2019 3:08 pm
Forum: Wireless Networking
Topic: Hap ac2 TX power tables info missing
Replies: 8
Views: 1965

Hap ac2 TX power tables info missing

Hi there, On all my hap ac2 it's impossible to see TX power settings in WinBox It always shows "0" dBm in 2.4GHz and nothing in 5G. This is across the 3 units I have here. In other products (MIPS based etc.) that info is always available. [attachment=1]Tx-Power_issueV2.jpg[/attachment] In addition i...
by WeWiNet
Tue Jan 01, 2019 8:44 pm
Forum: Beginner Basics
Topic: New Setup: HAP AC or HAP AC2, plus CAP AC
Replies: 4
Views: 841

Re: New Setup: HAP AC or HAP AC2, plus CAP AC

Hap ac2 is good device and can handle lot of traffic/firewall rules etc.
But if you want high speed + more switch ports etc. why not go directly RB4011 with Wifi 4x4 on 5GHz.
If you are looking for SOHO/SMB kind of high speed/system extensions, the RB4011 will be very good option.
by WeWiNet
Tue Jan 01, 2019 8:33 pm
Forum: Beginner Basics
Topic: Simple AP Bridge setup
Replies: 9
Views: 6796

Re: Simple AP Bridge setup

You can use Quickset mode:
use the "AP" quickset and on the right side, select to not use "Router" mode but "bridge".
by WeWiNet
Fri Dec 21, 2018 1:56 pm
Forum: General
Topic: Feature requests
Replies: 1160
Views: 207647

Re: Feature requests

Pe1chl Also a green/yellow/red color field within WINBOX to indicate if you are still connected to the router (green - connected, yellow - don't know, red-disconnected) That isn't required because when you have no link, you will be disconnected (far to) quickly and lose the open window (reverts to c...
by WeWiNet
Thu Dec 20, 2018 5:30 pm
Forum: Beginner Basics
Topic: Watchdog timer
Replies: 9
Views: 1301

Re: Watchdog timer

Why are you not using Reboot function (proper shutdown) instead of watchdog. Watchdog pulls the power of a device, and will never do a clean shutdown! Watchdog must work even if all is stuck or blocked, unresponsive, overruning, heating etc. So its a HW power cut of the most primitive (= reliable) w...
by WeWiNet
Fri Dec 14, 2018 7:19 pm
Forum: Announcements
Topic: Product comparison matrix
Replies: 30
Views: 4929

Re: Product comparison matrix

I think number of PCIe interface would be good as well.
by WeWiNet
Fri Dec 14, 2018 5:50 pm
Forum: Announcements
Topic: Future of LTE products, user feedback requested
Replies: 86
Views: 19852

Re: Future of LTE products, user feedback requested

+1
for Quectel EP06 modem support on the Mikrotik LTE products (US and International)!!!
by WeWiNet
Wed Dec 12, 2018 7:32 pm
Forum: General
Topic: hAp ac^2: inferior LAN-to-LAN performance when HW offloading is used
Replies: 5
Views: 539

Re: hAp ac^2: inferior LAN-to-LAN performance when HW offloading is used

100M, that is what I thought :-)

Can you check with the ETH port going to the PC (stream source) set to 100M capability only (not 1G) and HW offload on again?
Would be interesting to see what that does to it.
by WeWiNet
Wed Dec 12, 2018 6:42 pm
Forum: Beginner Basics
Topic: Access control inside and outside of the NAT
Replies: 6
Views: 574

Re: Access control inside and outside of the NAT

I am a bit lost what you want to achieve from a topology point of view. Your block rule does work (the counter increases). Now what you want is actually to accept that but only on the correct times you want this to work (correct?). Basically you do not allow and then block at specific times, you do ...
by WeWiNet
Wed Dec 12, 2018 6:12 pm
Forum: General
Topic: Feature requests
Replies: 1160
Views: 207647

Re: Feature requests

pe1chl +1,
that would be awesome. hate to fiddle around the various windows...

Also a green/yellow/red color field within WINBOX to indicate if you are still connected to the router (green - connected, yellow - don't know, red-disconnected)
by WeWiNet
Wed Dec 12, 2018 1:29 pm
Forum: Beginner Basics
Topic: Access control inside and outside of the NAT
Replies: 6
Views: 574

Re: Access control inside and outside of the NAT

Yes with IP->firewall rules that allow access only at specific times. You define what you allow (LAN-LAN) or LAN-WAN etc. (via input and output interface or IP range or list etc.). In the rules extra tab (if I recall) select the times you want this rule to apply. If you want to restrict those rules ...
by WeWiNet
Wed Dec 12, 2018 1:22 pm
Forum: General
Topic: hAp ac^2: inferior LAN-to-LAN performance when HW offloading is used
Replies: 5
Views: 539

Re: hAp ac^2: inferior LAN-to-LAN performance when HW offloading is used

I am just guessing, has your old router 100M port and not 1G?
by WeWiNet
Tue Dec 11, 2018 2:28 pm
Forum: RouterBOARD hardware
Topic: Why hAP ac² and CRS3xx boot significantly longer than "other" routerboards?
Replies: 5
Views: 1031

Re: Why hAP ac² and CRS3xx boot significantly longer than "other" routerboards?

+1 here! Funny you mention this because since couple of weeks I have exactly same impression on hap ac2! And each time you reboot, you think something is wrong and device is hanging! I just right now timed from pressing reboot to Wifi visible: 1Minute 48 seconds, hap ac2 with 6.43.7 (no additional b...
by WeWiNet
Tue Dec 11, 2018 2:06 pm
Forum: General
Topic: LTE Failover
Replies: 13
Views: 3868

Re: LTE Failover

Have you guys tried this one: https://wiki.mikrotik.com/wiki/Manual:PCC
The example only checks next GW but you can add additional GW check and target hosts to ping as you want.

This one does it for me (DSL with LTE load balancing/failover).
by WeWiNet
Tue Dec 11, 2018 1:59 pm
Forum: Beginner Basics
Topic: Access control via whitelist with time restrictions
Replies: 2
Views: 342

Re: Access control via whitelist with time restrictions

Also for those who don't know anything a simple way is KID CONTROL (web fig -> IP -> kid control) which uses firewall rules. Allows to assign users (with specific access time) as well as devices per user allowed to use etc. (this assumes the device/user can actually connect to your router via Wifi/E...
by WeWiNet
Tue Dec 11, 2018 1:53 pm
Forum: Useful user articles
Topic: Using Splunk to analyse MikroTik logs 2.7 (Graphing everything) Topic is solved
Replies: 232
Views: 73476

Re: Using Splunk to analyse MikroTik logs 2.5 (Graphing everything) Topic is solved

Hi Jotne, Wanted to say thank you, very nice job. Also to highlight that this tutorial works perfect on MacOS 10.14. I just followed your tutorial and installed it with the Splunk Enterprise version and all is working perfect (Ok I had to restart my machine once as splunk did not launch first time c...
by WeWiNet
Mon Dec 10, 2018 5:17 pm
Forum: General
Topic: Queue Tree Upload
Replies: 15
Views: 1760

Re: Queue Tree Upload

Comment: In-interface WAN = downlink (coming into the router) Outinterface WAN= Uplink (leaving the router towards internet etc.) This is also why you do NAT on outinterface WAN and not IN-interface WAN :-). Then as others said, you need to mark connections coming through that WAN interface first an...
by WeWiNet
Mon Dec 10, 2018 3:32 pm
Forum: Beginner Basics
Topic: Router Optimization
Replies: 7
Views: 866

Re: Router Optimization

First thing check system/ressources (CPU load / memory).
Only if that is maxed out, drops could be due to the router load (which I doubt).

Check firewall rules and put the most hit ones come first (if possible).
But again, if CPU is not 100%, that should not be an issue.
by WeWiNet
Sat Dec 08, 2018 9:41 am
Forum: RouterBOARD hardware
Topic: LTap mini
Replies: 10
Views: 2392

Re: LTap mini

Hi Amtisrac, the new RouterOS beta SW 6.44 allows to upgrade the integrated FW of the LTE modem (see Wiki for details). I have upgrade LTAP to 6.44, updated LTE firmware, downgraded LTAP back to stable and see now quit impressive LTE throughput (compared to before). Such as 20Mbps where before it wa...
by WeWiNet
Fri Dec 07, 2018 5:02 pm
Forum: General
Topic: unable to upgrade firmware / upload .npk
Replies: 7
Views: 876

Re: unable to upgrade firmware / upload .npk

Sorry did not saw you tried Netinstall. Netinstall: Make sure firewall does not block the connection (first Netinstall launch) Does Netinstall see your device when you launch it? Have you set all 3 IP addresses correctly? GW/router/laptop? It happens that you need to close and restart Netinstall cou...
by WeWiNet
Fri Dec 07, 2018 4:58 pm
Forum: General
Topic: unable to upgrade firmware / upload .npk
Replies: 7
Views: 876

Re: unable to upgrade firmware / upload .npk

Upgrade fails often when memory file system free space is low. What is left on your device?
Try to uninstall any unused package (but first to back/export of config).

Freeing up space helped me in most cases.

If that does not work, netinstall (well explained in the wiki and pretty fail save).
by WeWiNet
Fri Dec 07, 2018 4:54 pm
Forum: Beginner Basics
Topic: Netinstall not install routeros
Replies: 3
Views: 434

Re: Netinstall not install routeros

So after saw I can't login to my router cause winbox said wrong username and password I try to reset the router. Have you tried to just reset router: power down, power up with reset button pressed until LED blinks (roughly 5 seconds) and then release button? Then user admin and no password will be ...
by WeWiNet
Fri Dec 07, 2018 10:09 am
Forum: Beginner Basics
Topic: neighbors ddiscovery setting set to all
Replies: 1
Views: 269

Re: neighbors ddiscovery setting set to all

/ip neighbor discovery-settings set discover-interface-list=all / none etc...
by WeWiNet
Wed Dec 05, 2018 10:57 pm
Forum: Beginner Basics
Topic: Setting up a dedicated Management Port
Replies: 4
Views: 1314

Re: Setting up a dedicated Management Port

There are a couple of places in RouterOS where you need to define who can access the router itself. Even if firewall allows access on the input chain accept, this does not mean the router will respond or accept the connection - System/User, and from which IP address is he allowed to log in; Normally...
by WeWiNet
Sat Dec 01, 2018 7:37 pm
Forum: General
Topic: Queue Tree Upload
Replies: 15
Views: 1760

Re: Queue Tree Upload

Yes, in the two ways mentioned above it does work for.me.

by WeWiNet
Thu Nov 29, 2018 7:24 pm
Forum: Beginner Basics
Topic: VLAN Configuration !HELP! [SOLVED]
Replies: 38
Views: 2596

Re: VLAN Configuration !HELP! [SOLVED]

Be aware lot (if not all) videos still show the way of doing VLANs before the 6.xx change when it was migrated to bridge. Look at the Wiki page to use the right method (not the Videos :-). You mention 3 IP address ranges/DHCP servers on your CCR but only one bridge? So DHCP are sitting where? Normal...
by WeWiNet
Thu Nov 29, 2018 9:59 am
Forum: General
Topic: Queue Tree Upload
Replies: 15
Views: 1760

Re: Queue Tree Upload

I think I remember that if you use interfaces you need to tag one direction on the bridge and the other one on the port. Then it works. but it won't work if you tag both on the port. This I found quit strange so due to this I now tag DL via IP address: DL is destination "local IP addresses", UL is "...
by WeWiNet
Thu Nov 22, 2018 7:22 pm
Forum: Beginner Basics
Topic: PCC Load Balancing 2 WAN on Mikrotik HEX
Replies: 16
Views: 2736

Re: PCC Load Balancing 2 WAN on Mikrotik HEX

Are you using 2 x LTE connections with same telco (same network and frequency)?. If they go both to the same base station, then when you access in parallel, the base station might give to your segment only a total of 60Mbps due to frequency or load limitations. Have you tried to run dual LTE on two ...
by WeWiNet
Wed Nov 21, 2018 3:16 pm
Forum: Beginner Basics
Topic: How to route torrents traffic bypassing vpn?
Replies: 3
Views: 507

Re: How to route torrents traffic bypassing vpn?

Wifi is you only WAN i/f?

Does your mangle L7 rule get hit by traffic (does counter increase?)
What does trace route give you?

More info on your setup would be helpful here with config export.
by WeWiNet
Wed Nov 21, 2018 3:05 pm
Forum: Beginner Basics
Topic: client connect to wifi in other room - why [SOLVED]
Replies: 9
Views: 896

Re: client connect to wifi in other room - why [SOLVED]

Ha, that is a good question. There is no super solution (you would need AP steering to do so), thus only option is Access list or lower signal level. If you really need only access from within a room or close by to the right AP you can do 2 things: - lower AP output power (signal will not reach very...
by WeWiNet
Mon Nov 19, 2018 10:11 pm
Forum: General
Topic: How many VLANs do I need?
Replies: 8
Views: 644

Re: How many VLANs do I need?

I only know the pre 6.43 ways of VLAN ( I heard it changed recently): Create two bridges: Bob and Alice Create Virtual WLAN AP-Bridge for 2.4G and 5G for Alice and Bob (you can use same SSID for 2.4G and 5G to make it seamless) Create 1 VLAN per Wifi AP (one for 2.4G and one for 5G) , put it into th...
by WeWiNet
Mon Nov 19, 2018 5:49 pm
Forum: General
Topic: How many VLANs do I need?
Replies: 8
Views: 644

Re: How many VLANs do I need?

With routerOS you can achieve everything (or almost). How to do your isolation depends on the level of security you want. If you want to separate broadcast domains (L2) you can use VLAN. But router will still connect those networks together at L3. To seperate at that level you need Firewall (you can...
by WeWiNet
Mon Nov 19, 2018 5:28 pm
Forum: Beginner Basics
Topic: Two wan Failover & Nat
Replies: 3
Views: 419

Re: Two wan Failover & Nat

I suggest try with: add second NAT rule for 2nd interface and remove that interface from first rule (or the list used there)

Also make sure "CHECK GATEWAY" is enabled on the routes.
by WeWiNet
Fri Nov 16, 2018 10:32 am
Forum: General
Topic: Continued hap ac2 memory and upgrade/package problems
Replies: 0
Views: 456

Continued hap ac2 memory and upgrade/package problems

Good morning, I have continued package upgrade problems with hap ac2 which I believe are memory/flash issues. - I had already earlier issues with that 6.3xx(?) package which had flash memory leakage issues. Went only away with Netinstall Since then I hoped this would have been gone. - But it continu...
by WeWiNet
Wed Nov 14, 2018 6:47 pm
Forum: Beginner Basics
Topic: Winbox lost connection after establish bridge
Replies: 4
Views: 554

Re: Winbox lost connection after establish bridge

Do you connect via Wifi or ETH to the Metal ? If you assign ETH to the bridge, and Metal is a router not a CPE, where is the WAN coming from? When assigning ETH to the bridge (where apparently it is not when you start), it impacts following things you might need to adapt! - MAC server, Neighbour dis...
by WeWiNet
Wed Nov 14, 2018 5:04 pm
Forum: Wireless Networking
Topic: The Tx power of the mikrotik wireless interface
Replies: 5
Views: 2591

Re: The Tx power of the mikrotik wireless interface

If you use a wireless AP you should use "regulatory domain" and select correct country to respect local regulation :-) And not change anything else. If you use external antennas/PtP links etc. you want to play with the output power at modulation rates. With 17dBm max output power you can not do much...
by WeWiNet
Mon Nov 12, 2018 10:33 am
Forum: RouterBOARD hardware
Topic: LTap mini
Replies: 10
Views: 2392

Re: LTap mini

Hi Amtisrac, I found similar performance with my new Ltap-Mini. Bought it to "upgrade" my 5Mbps DSL and bundle both lines. I do have relative good LTE (compared to my DSL :-) ) and get on 3 years old LTE phone 10+ Mbps. I thus kicked of my first LTAP-Mini speed test on same network and SIM card and ...
by WeWiNet
Mon Nov 12, 2018 10:21 am
Forum: RouterBOARD hardware
Topic: The "DEVICE" :)
Replies: 2
Views: 1084

Re: The "DEVICE" :)

I am just discovering my LTAP Mini so can;t give you too much of advice. External antenna: Yes you can easily connect them. All is forseen in the housing, you just need to have buy them extra. This is mandatroy to get really good speed what I see from my first tests with the internal antenna. You do...
by WeWiNet
Thu Nov 08, 2018 9:18 am
Forum: RouterBOARD hardware
Topic: Qualcomm IPQ8074
Replies: 7
Views: 2889

Re: Qualcomm IPQ8074

Another 11ax product just launched now, putting indeed some pressure on having 11ax products to use. Mechanical design is more questionable, but that can easily be changed (and I like the plane/rocket style of the RAX120, it has a big WOW factor). https://www.netgear.com/home/products/networking/wif...
by WeWiNet
Tue Nov 06, 2018 8:04 pm
Forum: Beginner Basics
Topic: Route over VPN not working
Replies: 1
Views: 367

Re: Route over VPN not working

some thoughts:
- You use the Mikrotik as router or switch?
- I can't see which Interface is actually WAN? There is no mentioning, all ETH ports incl SFP are part of bridge and LAN?
- In NAT: SourceNat on out interface "bridge" ? I would think you put something else there like ETH1 or so?
by WeWiNet
Tue Nov 06, 2018 3:00 pm
Forum: Beginner Basics
Topic: Connection between 3dhcp
Replies: 5
Views: 435

Re: Connection between 3dhcp

Could be due to the routes which only seems to be defined for marked connection traffic?
by WeWiNet
Mon Nov 05, 2018 7:10 pm
Forum: RouterBOARD hardware
Topic: hap ac2 in a StationBox - Anyone? [SOLVED]
Replies: 2
Views: 576

Re: hap ac2 in a StationBox - Anyone? [SOLVED]

For ceiling mount use the CAP ac2.
Same as Hap ac2 but two GEth ports and PoE support.
by WeWiNet
Thu Nov 01, 2018 12:14 pm
Forum: Wireless Networking
Topic: Connect 2 locations 80m apart with obstacles
Replies: 6
Views: 966

Re: Connect 2 locations 80m apart with obstacles

Have you tried PLC (power line communication)? I am pretty sure it won't work neither with that long distance and two separate buildings but you can give it a try. Use the new 1.2G solutions (MIMO) with Qualcomm chip inside if you can. To use wireless is impossible from appart directly without going...
by WeWiNet
Wed Oct 31, 2018 2:45 pm
Forum: Beginner Basics
Topic: Firewall filter add to address list - decrease timeout
Replies: 5
Views: 756

Re: Firewall filter add to address list - decrease timeout

A even simpler way is to add the "black listed" IP to a rule just before which "white list" it (accepts it)
It then can still run out in the black list but without any impact!

Can you make that work?
by WeWiNet
Tue Oct 30, 2018 11:00 am
Forum: General
Topic: Mikrotik does not support IPSec, L2TP or OpenVPN connections to any VPN provider
Replies: 10
Views: 4303

Re: Mikrotik does not support IPSec, L2TP or OpenVPN connections to any VPN provider

I use Cyberghost , it does run with Mikrotik and there is a guide on the internet.
Don;t have the link on hand, but can provide later.
by WeWiNet
Tue Oct 30, 2018 10:26 am
Forum: Beginner Basics
Topic: Two Mikrotiks, each with own subnet, single dhcp server, nat cable internet (development network and staging network)
Replies: 1
Views: 248

Re: Two Mikrotiks, each with own subnet, single dhcp server, nat cable internet (development network and staging network

Quick ask on what you want to achieve. Router 1 connects to cable modem? Router 2 connects to router 1? Both routers will have then locally same IP subnets that all clients can see each other? So you want to use same subnet on two different routers both using same DHCP range (I might miss read). How...
by WeWiNet
Fri Oct 26, 2018 7:38 pm
Forum: Beginner Basics
Topic: Mikrotik as a switch with wifi
Replies: 8
Views: 1023

Re: Mikrotik as a switch with wifi

Hi have you tried to start with quickset: CPE? On the left side you scan for the SSID and provide the password and you can connect to the network. On the right side use bridged mode, uncheck DHCP, NAT, firewall etc. and select: bridge all LAN ports together. Once that done leave quickset (and never ...
by WeWiNet
Fri Oct 19, 2018 11:45 am
Forum: General
Topic: Bricked hAP ac (962UiGS-5HacT2HnT)
Replies: 5
Views: 563

Re: Bricked hAP ac (962UiGS-5HacT2HnT)

I can;t say about this product, but on hap ac2 the reset button is physically not simple to keep pressure on for 15 seconds without interrrupt and you do not feel any click or release (not like on some other devices) I need on average 4-5 time to make it work (I keep pressing until it shows in Netin...
by WeWiNet
Fri Oct 19, 2018 11:38 am
Forum: Beginner Basics
Topic: can't login to mikrotik router after reset
Replies: 2
Views: 880

Re: can't login to mikrotik router after reset

You don't say if this is a new Mtik or already used. In 2nd case IP GW address might have changed. Go into Macbook network settings and check IP address of the GW. It might by different to the 192.168.88.1 I assume you use Thunderbolt to Ethernet connector? Make sure this one actually works. My one ...
by WeWiNet
Thu Oct 18, 2018 4:09 pm
Forum: Beginner Basics
Topic: no internet after IP changed
Replies: 6
Views: 534

Re: no internet after IP changed

Your WAN IP address range and LAN IP address range are the same:
192.168.1.x I believe that can not work well.

Try something different...
by WeWiNet
Wed Oct 17, 2018 8:31 pm
Forum: Forwarding Protocols
Topic: Routing Traffic from one network to other
Replies: 5
Views: 726

Re: Routing Traffic from one network to other

Sorry, wrong interpretation... forget it :-)

Is the SIP proxy network under your control?
by WeWiNet
Wed Oct 17, 2018 8:28 pm
Forum: Forwarding Protocols
Topic: Routing Traffic from one network to other
Replies: 5
Views: 726

Re: Routing Traffic from one network to other

Add route on Mikrotik:
10.10.10.0/24 Gateway: 10.90.90.91
by WeWiNet
Wed Oct 17, 2018 8:20 pm
Forum: General
Topic: Network for children with limited Internet connection time
Replies: 9
Views: 752

Re: Network for children with limited Internet connection time

Hi man, I think this subject (kids and internet) is super important (at least to me). I get lot of complaints from friends that their kids are on the internet the whole day. You are right, during the 30 minutes (could be 45 or 60 minutes, whatever you want) they can do/go wherever they want to go (I...
by WeWiNet
Wed Oct 17, 2018 10:39 am
Forum: General
Topic: Network for children with limited Internet connection time
Replies: 9
Views: 752

Re: Network for children with limited Internet connection time

Hi man, Just as an personal example (here we touch on education, which is not yet part of routerOS Wiki :-) , everybody does have his own opinion, it depends on kids age, if they have full day classes like mine, activities etc). I use following structure: - Wireless Access List with time control (li...
by WeWiNet
Tue Oct 16, 2018 11:56 am
Forum: RouterBOARD hardware
Topic: Qualcomm IPQ8074
Replies: 7
Views: 2889

Re: Qualcomm IPQ8074

+1

Ruckus now started to sell products with it inside !
https://www.ruckuswireless.com/products ... uckus-r730

Gives Wifi really a major push up even for 11ac/n uses cases
by WeWiNet
Sun Oct 14, 2018 10:45 pm
Forum: Wireless Networking
Topic: guest don't work
Replies: 5
Views: 785

Re: guest don't work

Interface list LAN: You only have WLAN 1 there, need to also add WLAN 2 if you use interface list somewhere else. Do NAT / masquerade on the out interface (LAN port ?) or out interface list (WAN) instead of bridge. report back if that changed anything. Your export is not complete, I see no routes pr...
by WeWiNet
Sun Oct 14, 2018 10:36 pm
Forum: General
Topic: How to change the winbox loging port
Replies: 2
Views: 376

Re: How to change the winbox loging port

Very simple. In Winbox:

/ip --> services, click on "Winbox", and set port you want.
Here you can also change SSH port etc.
by WeWiNet
Sun Oct 14, 2018 10:24 pm
Forum: Beginner Basics
Topic: How to setup repeater for wlan with multiple virtual ssid/vlans
Replies: 3
Views: 654

Re: How to setup repeater for wlan with multiple virtual ssid/vlans

Not in repeater mode, that works only for one SSID. You could trunk the traffic together over the Wifi link with VLAN and then separate on the repeater into the subnets with their SSID. It will then look as if the SSID are "repeated". It is basically two AP with each having same SSID and linked toge...
by WeWiNet
Sat Oct 13, 2018 12:11 pm
Forum: Beginner Basics
Topic: How to use a router to turn a LAN printer to wireless
Replies: 13
Views: 1138

Re: How to use a router to turn a LAN printer to wireless

Are you using WINBOX Or Webfig? Have you been able to connect to the device with WINBOC via MAC address in "neighbours" once before? (even on Apple you need to have firewall accept the MAC connections when you first launched WINBOX). As intermediate step use still CPE but on LAN setup use "router" i...
by WeWiNet
Fri Oct 12, 2018 5:04 pm
Forum: Beginner Basics
Topic: How to use a router to turn a LAN printer to wireless
Replies: 13
Views: 1138

Re: How to use a router to turn a LAN printer to wireless

And last one, select Address source: WLAN
by WeWiNet
Fri Oct 12, 2018 4:40 pm
Forum: Beginner Basics
Topic: How to use a router to turn a LAN printer to wireless
Replies: 13
Views: 1138

Re: How to use a router to turn a LAN printer to wireless

Quick add on.
Have you checked the "bridge all LAN ports together" when using bridged mode? You need to do that.
by WeWiNet
Fri Oct 12, 2018 4:38 pm
Forum: Beginner Basics
Topic: How to use a router to turn a LAN printer to wireless
Replies: 13
Views: 1138

Re: How to use a router to turn a LAN printer to wireless

Hi, My instructions were for MAP lite (only one Eth port). In that case all is set and you would connect the printer to the LAN port after doing that. (You choose the Map normal version with 3 ETH ports (one WAN, 2 LAN).) When you switch to CPE, your MAP is no more an AP but a client, you will not b...
by WeWiNet
Fri Oct 12, 2018 9:40 am
Forum: Beginner Basics
Topic: Routing between subnets without bridge
Replies: 5
Views: 600

Re: Routing between subnets without bridge

You need one bridge per subnet Assign the DHCP servers to the bridges (I think you did that) Important: Add the Ports (interfaces) to the right bridge In your print, both ETH and WLAN are ports of "bridge", that can not work if you want two different DHCP servers on ETH and on WLAN. You should see t...
by WeWiNet
Thu Oct 11, 2018 7:27 pm
Forum: Wireless Networking
Topic: MikroTik LtAP mini LTE kit - Dual SIM
Replies: 6
Views: 2276

Re: MikroTik LtAP mini LTE kit - Dual SIM

Overlooked that one: LTAP has only Fast Ethernet, no sense to add CAT6 into that...
by WeWiNet
Thu Oct 11, 2018 7:25 pm
Forum: Wireless Networking
Topic: MikroTik LtAP mini LTE kit - Dual SIM
Replies: 6
Views: 2276

Re: MikroTik LtAP mini LTE kit - Dual SIM

Acrily CAT 6 modems are still relative expensive (as you already found out), and not just a small upgrade from CAT4. That is simple reason why today CAT4 is still the sweet spot of cellular modems. If you want to use your own modem, buy the standard LTAP, that one has no Modem mounted. You can add y...
by WeWiNet
Thu Oct 11, 2018 7:08 pm
Forum: Beginner Basics
Topic: Manage export - import
Replies: 4
Views: 474

Re: Manage export - import

Hi Zuku, Have you tried to re-import on the 6.37 ROS ? if it works then its not an editor issue and it might be due to 6.38. You could downgrad to 6.37 that 6.38 machine and then upgrade to 6.38 (and then to 6.43 as the safe version) Please note today 6.43 this command would fail, it is now /ip neig...
by WeWiNet
Thu Oct 11, 2018 5:25 pm
Forum: Beginner Basics
Topic: Is my firewall configured safely? (Again..)
Replies: 2
Views: 343

Re: Is my firewall configured safely? (Again..)

Put the rules with high counter hits before those with low counter hit (if logically possible): As example in your forward chain: - NTP rules are low hits (one is even never hit) so it is run for every packed but never used. Put all NTP rules after "established related" at least (and remove or disab...
by WeWiNet
Thu Oct 11, 2018 10:47 am
Forum: Beginner Basics
Topic: ERROR: wrong username or password
Replies: 5
Views: 2555

Re: ERROR: wrong username or password

On my hap ac2 after netinstall and normal reboot (with power off-on as often as you want) nothing goes.
Need to do another reset to default settings (press button >5 seconds) only then finally device reboots properly and Wifi etc. coming up.
My ones were not infected (as far as I could see).
by WeWiNet
Thu Oct 11, 2018 10:34 am
Forum: Beginner Basics
Topic: How to use a router to turn a LAN printer to wireless
Replies: 13
Views: 1138

Re: How to use a router to turn a LAN printer to wireless

If you talk about connecting to USB port of MAP a storage device, better double check.
The MAP family has USB port only to supply power as far as I know.
by WeWiNet
Wed Oct 10, 2018 11:38 am
Forum: Beginner Basics
Topic: How to use a router to turn a LAN printer to wireless
Replies: 13
Views: 1138

Re: How to use a router to turn a LAN printer to wireless

The MAP lite recommended by BartoszP can be powered directly from USB port of your printer (if you have USB port), this is really a plus, no additional power supply needed. MapLite will work as a universal Wifi dongle and can be re-used for much more later on... To use it is quit simple. Use quick-s...
by WeWiNet
Tue Oct 09, 2018 6:36 pm
Forum: Beginner Basics
Topic: Not allowing one certain IP address to see the rest of the network
Replies: 14
Views: 901

Re: Not allowing one certain IP address to see the rest of the network

As earlier stated: set "Use IP firewall" in the bridge setting, then traffice within bridge will go through Firewall. Then you can filter it with rules etc. Or you can do differently : You can do also "default forward" uncheck (in bridge settings as well), then nobody will be able to talk to each ot...
by WeWiNet
Tue Oct 09, 2018 6:19 pm
Forum: Scripting
Topic: Script to check connected devices on wifi
Replies: 4
Views: 2031

Re: Script to check connected devices on wifi

https://wiki.mikrotik.com/wiki/Manual:S ... _log_entry You can sent email based on whatever you want in the log (Mac address, words like "login" etc.) You just need to make sure that you actually log those things. Be aware you might get flooded with emails, as Wifi can connect and disconnect quit of...
by WeWiNet
Tue Oct 09, 2018 5:58 pm
Forum: Beginner Basics
Topic: Manage export - import
Replies: 4
Views: 474

Re: Manage export - import

It is the EOL that causes this. Which OS (windows or Mac) are you on and which editor? I use Atom on Mac to edit the files and it works well (but had to adjust soem EOL settings there). This means also that I can not take a MAC/Atom edited file and re-use on say Windows/Atom (at least not for me). W...
by WeWiNet
Tue Oct 09, 2018 9:47 am
Forum: Wireless Networking
Topic: Wifi use by time and mac address
Replies: 5
Views: 685

Re: Wifi use by time and mac address

If you do need/want people to go into hotspot splash page etc. then a simple way without hotspot in firewall: you add IP address to two address lists: one "allowed" with time-out of 2h one "wait for renewal" with time out of say 24h (or 6h, whatever you want) You then drop traffic based on source ad...
by WeWiNet
Tue Oct 09, 2018 9:22 am
Forum: Beginner Basics
Topic: "Smart Device" Initial Connection Woes
Replies: 19
Views: 1156

Re: "Smart Device" Initial Connection Woes

It tries to get accurate time info via ntp.org and for this needs its IP address via google DNS (probably coded in hard into the detector). What is the problem you are then observing? Should be resolved via your DNS server as stated earlier. Personally I prefer to have my IOT devices in DMZ without ...
by WeWiNet
Mon Oct 08, 2018 8:19 pm
Forum: General
Topic: RouterOS do not upgrade from 6.34.4
Replies: 7
Views: 915

Re: RouterOS do not upgrade from 6.34.4

Did you check available flash memory space? There was one SW around 6.34 which completely corrupted FLASH memory
and prevented SW upgrade process to pass. SW package was just sitting there after reboot and nothing in log or error
why it did not work... Only solution was net install
by WeWiNet
Mon Oct 08, 2018 8:12 pm
Forum: RouterBOARD hardware
Topic: Minimum storage capacity
Replies: 3
Views: 455

Re: Minimum storage capacity

You have USB port on hap ac2 to extend storage though... :-)
Which is indeed needed as ARM SW package is quit big compared to MIPS :-(
by WeWiNet
Mon Oct 08, 2018 8:03 pm
Forum: General
Topic: MacOS Winbox features and limitations
Replies: 4
Views: 1025

Re: MacOS Winbox features and limitations

Thanks for the advice guys, indeed Joshaven WINE Winbox implementation does offer MAC connection, mine did indeed not work. Just tested it today! Soooo simpler for programming the single port map and cap light device if you can use MAC and don't need IP!!! That drove me nuts in the past... (I even p...
by WeWiNet
Sat Oct 06, 2018 8:27 pm
Forum: Beginner Basics
Topic: Routing problems
Replies: 4
Views: 415

Re: Routing problems

In firewall "pass through" means not that packet is accepted, only passed to next rule...
Try with "accept" instead of "passthrough".
by WeWiNet
Sat Oct 06, 2018 8:18 pm
Forum: Beginner Basics
Topic: Hardening router
Replies: 3
Views: 475

Re: Hardening router

If you have been hacked take device offline and do net install!
Else you will never know what they changed on the device.

Before connecting to the internet change user name password...

Afterwards start with default firewall rules, which protect from most issues already and good starting point.
by WeWiNet
Sat Oct 06, 2018 4:42 pm
Forum: Beginner Basics
Topic: No internet connection on my switch
Replies: 9
Views: 1235

Re: No internet connection on my switch

Which device does DHCP server? Any router in your network and which device is it?
If it worked with all ports bridged it looks like the Modem is L3 router.
In that case you can't use DHCP server on bridge, will be down by the Router.
by WeWiNet
Fri Oct 05, 2018 5:41 pm
Forum: General
Topic: MacOS Winbox features and limitations
Replies: 4
Views: 1025

MacOS Winbox features and limitations

Hi all, using Winbox on MacOS via Wine for a while, I only discovered last week during MTCNA workshop that Winbox under Windows offers much more (at least say much more useful) features. Now I wonder which feature don't work due to the my personal Wine setup and which are just not possible with a MA...
by WeWiNet
Fri Oct 05, 2018 1:16 pm
Forum: Beginner Basics
Topic: Routing problems
Replies: 4
Views: 415

Re: Routing problems

Isn't "action=passthrough" just counting the packet and not actually accepting it?

Can you try with action accept?