Community discussions

Search found 22 matches

by 611
Fri Sep 06, 2019 3:27 pm
Forum: RouterBOARD hardware
Topic: hAP ac bricked
Replies: 5
Views: 920

Re: hAP ac bricked

The support have refused to provide me a new key for unbricked device, citing it has the same serial as fullflash donor. (Thanks, Captain Obvious!)

That's haven't been unexpected, to be true.

So I have to dig deeper :)
I'll keep this thread updated should I get any results.
by 611
Tue Sep 03, 2019 10:19 am
Forum: RouterBOARD hardware
Topic: hAP ac bricked
Replies: 5
Views: 920

Re: hAP ac bricked

I've finally got to this issue, desoldered SPI flash and found it to be completely empty. No boot block, no config block, nothing. Just 16Mb of 0xFF. So I can confirm that hard resettng hAP ac twice causes complete flash erasure. I've debricked the router by flashing a dump from another hAP ac into ...
by 611
Mon Jul 01, 2019 11:04 pm
Forum: General
Topic: Switch issues in 6.45beta62 (but not in beta54) [SOLVED]
Replies: 8
Views: 1276

Re: Switch issues in 6.45beta62 (but not in beta54) [SOLVED]

Fixed in 6.45.1 stable.
by 611
Thu Jun 27, 2019 9:49 am
Forum: General
Topic: Switch issues in 6.45beta62 (but not in beta54) [SOLVED]
Replies: 8
Views: 1276

Re: Switch issues in 6.45beta62 (but not in beta54) [SOLVED]

Yes exactly, I also tested if the traffic is really isolated, but so far no issues with this kind of configuration. From my point of view, this was the simplest and most direct type of configuration. Looks like I was missing a critical part of knowledge to implement it this way. And it's actually s...
by 611
Wed Jun 26, 2019 1:55 pm
Forum: General
Topic: Switch issues in 6.45beta62 (but not in beta54) [SOLVED]
Replies: 8
Views: 1276

Re: Switch issues in 6.45beta62 (but not in beta54) [SOLVED]

Tobias, if your config work on beta64? No hw offload on the second bridge is not a problem because it won't have any meaningful hw offload as it includes only wireless interfaces and VLAN on master bridge - it goes through CPU anyway. Moreover, you'll need this separate bridge if you want to connect...
by 611
Wed Jun 26, 2019 10:09 am
Forum: General
Topic: Switch issues in 6.45beta62 (but not in beta54) [SOLVED]
Replies: 8
Views: 1276

Re: Switch issues in 6.45beta62 (but not in beta54) [SOLVED]

It took a bit longer, still here it is. Relevant portion of config: # model = RBD52G-5HacD2HnD /interface ethernet set [ find default-name=ether1 ] name=ether1-company set [ find default-name=ether2 ] name=ether2-extra set [ find default-name=ether3 ] name=ether3-laptop set [ find default-name=ether...
by 611
Sat Jun 22, 2019 9:10 pm
Forum: Announcements
Topic: v6.45beta [testing] is released!
Replies: 305
Views: 71363

Re: v6.45beta [testing] is released!

Does anyone knows where to find this setting? I am looking for it for years now. *) winbox - do not allow setting "dns-lookup-interval" to "0"; Update: Found it on a Polish site and it a setting not applying to what I was looking for. It was a very "funny" bug actually - a device added to Dude via ...
by 611
Sat Jun 22, 2019 8:48 pm
Forum: General
Topic: NordVPN
Replies: 16
Views: 2291

Re: NordVPN

Confirmed working with 6.45beta54.
Phase2 rekeying doesn't work, but increasing SA lifetime to 365 days in the proposal could be used as a workaround.
by 611
Sat Jun 22, 2019 8:37 pm
Forum: General
Topic: Switch issues in 6.45beta62 (but not in beta54) [SOLVED]
Replies: 8
Views: 1276

Switch issues in 6.45beta62 (but not in beta54) [SOLVED]

I'm using hap ac2 with its switch configured as follows: VLANs are configured in switch; all external Ethernet ports are access (untagged) ports with corresponding VLANs; CPU port is a trunk (tagged) port; all external Ethernet ports are added to master bridge in router; corresponding VLANs on maste...
by 611
Mon Jun 03, 2019 11:24 pm
Forum: RouterBOARD hardware
Topic: hAP ac bricked
Replies: 5
Views: 920

Re: hAP ac bricked

Looks like power cycling the router after 300s format had bricked it. And this SFP LED steady on for first 300s / blinking for second 300s makes me think it erased primary bootloader first, than backup bootloader. I always disable all other adapters and when running netinstall or similar utilities (...
by 611
Mon Jun 03, 2019 12:20 pm
Forum: RouterBOARD hardware
Topic: hAP ac bricked
Replies: 5
Views: 920

hAP ac bricked

I've got several RB962, and each time I need to netinstall one there was some kind of problem - it won't netinstall like other MT devices. If I remember correctly, the last time problem was solved with failsafe format (supply power while keeping reset pressed, hold reset for 300+ seconds), then it n...
by 611
Thu May 30, 2019 12:32 am
Forum: General
Topic: NordVPN
Replies: 16
Views: 2291

Re: NordVPN

IKEv2 from NordVPN should work with latest testing releases, where support for EAP authentication methods was added. See this post for details: https://forum.mikrotik.com/viewtopic.php?f=2&t=126221#p731754 Confirmed working with 6.45beta54. You may create identity with GUI (you'll need to select an...
by 611
Fri May 24, 2019 12:34 pm
Forum: General
Topic: Strange RP filter behavior
Replies: 12
Views: 751

Re: Strange RP filter behavior

I've got a reply from support, problem confirmed: I have managed to reproduce your problem and at the moment it indeed seems to be software related bug which does not comply with loose rp-filter implementation. However, this parameter functionality in RouterOS works based on Linux Kernel. We will tr...
by 611
Wed May 22, 2019 7:22 pm
Forum: General
Topic: Strange RP filter behavior
Replies: 12
Views: 751

Re: Strange RP filter behavior

@611: You can mention to support, that the thing you desperately need is conditional DNS forwarding . And that it's really important, the proof of that being the thing you're trying to do now. Maybe you don't mind, but regular people should not be forced to such desperate measures. It's not just on...
by 611
Wed May 22, 2019 6:49 pm
Forum: General
Topic: Strange RP filter behavior
Replies: 12
Views: 751

Re: Strange RP filter behavior

I haven't done any actual testing, but most likely issue is with connection tracking way to classify traffic, i had similar setup, where traffic was traversing router twice, connection tracking was unable to classify it for some reason. Trying to assign traffic to same conntrack entry so rp-fiter b...
by 611
Tue May 21, 2019 11:02 pm
Forum: General
Topic: Strange RP filter behavior
Replies: 12
Views: 751

Re: Strange RP filter behavior

I'm sorry, but i still do not understand - WHY you need this? I do not know your background, but this is first time i heard about this "know solution of Mangling loopback".. so please explain functionality that you are trying to achieve 1. I need conditional DNS (like "*.domain1" is queried from dn...
by 611
Sun May 12, 2019 5:41 pm
Forum: General
Topic: Strange RP filter behavior
Replies: 12
Views: 751

Re: Strange RP filter behavior

An update: Looks like the "mangling loopback" setup was failing to work on my production RB3011 (running the same 6.44.3) for the same RP filter reason. But unlike the test setup, I had to reboot router after switching RP filter off to get it working. Maybe it's due to existing load, which causes no...
by 611
Sun May 12, 2019 4:12 pm
Forum: General
Topic: Strange RP filter behavior
Replies: 12
Views: 751

Strange RP filter behavior

I've been testing "mangling loopback" (known workaround for dstnat not available in output chain + no cDNS + no non-standard winbox port in Dude in ROS v6) configuration on a metarouter (as I wanted a config as generic as possible). Metarouter is running on RB2011, ROS 6.44.3. The config is a typica...
by 611
Thu Apr 18, 2019 10:34 pm
Forum: General
Topic: NordVPN
Replies: 16
Views: 2291

Re: NordVPN

Nope to both (moreover, non-accelerated AES on OVPN will be slow). Since NordVPN has deprecated L2TP/IPsec in late 2018 (for some obscure reasons), ROS is no longer able to connect to NordVPN. I've replaced my CHR with OPNsense because of that, and currently using OVPN from it. Runs well, including ...
by 611
Sun Apr 14, 2019 5:52 pm
Forum: General
Topic: IPsec configuration storage(?) failure after upgrade (to 45beta19?) on RB3011
Replies: 0
Views: 342

IPsec configuration storage(?) failure after upgrade (to 45beta19?) on RB3011

I'm running beta branch of v6 ROS on RB3011 (and other arm and mipsbe routers, on which I haven't observed the following failure). After an upgrade (I assume to 45beta19, but I'm not sure) a couple of weeks ago all IKE2 links went down, and I was unable to establish L2TP/IPsec connection to router (...
by 611
Thu Oct 18, 2018 9:27 am
Forum: General
Topic: RB3011 Switch VLAN Access Port Issue
Replies: 5
Views: 758

Re: RB3011 Switch VLAN Access Port Issue

I've done some further testing - modified firewall rules to catch all packets fallen off the VLAN to the master bridge. Total seepage is about 0.1% of all packets. The good news - I've been unable to reproduce the issue in a controlled environment like this: The testbed: [MT, 10.50.0.2>] <-Ether-> [...
by 611
Wed Oct 17, 2018 11:08 am
Forum: General
Topic: RB3011 Switch VLAN Access Port Issue
Replies: 5
Views: 758

Re: RB3011 Switch VLAN Access Port Issue

Looks like I have the same or related issue with RB3011: some packets are seemingly coming untagged from an access port, this results in input from the master bridge instead of configured VLAN. I have switch and interface setup as described in https://wiki.mikrotik.com/wiki/Manual:Basic_VLAN_switchi...