Community discussions

MikroTik App

Search found 2909 matches

  • 1
  • 2
  • 3
  • 4
  • 5
  • 10
by bpwl
Thu Dec 07, 2023 1:53 pm
Forum: Wireless Networking
Topic: DHCP Server constantly assigns-deassigns
Replies: 6
Views: 1294

Re: DHCP Server constantly assigns-deassigns

Unfortunatly .... didn't work as expected. Both DHCP servers assign conflicting IP addresses from the identical pool (same IP address to different devices) . One of the DHCP servers is authoritative the other even never. Didn't help. Wifi devices are often off-line. When both are on-line conflict ca...
by bpwl
Wed Dec 06, 2023 9:47 pm
Forum: The User Manager
Topic: User manager with multiple IP addresses on the interface
Replies: 0
Views: 288

User manager with multiple IP addresses on the interface

... gives me problems, as the used IP address to answer an access request is not defined, seems not to be controllable, and flaps from time to time (e.g. when something is done and un-done to IP addresses, like adding or removing a VRRP). If the User Manager then answers with a different IP address ...
by bpwl
Wed Dec 06, 2023 1:15 am
Forum: Beginner Basics
Topic: Can't make my wifi to use full speed, which config can I improve?
Replies: 19
Views: 903

Re: Can't make my wifi to use full speed, which config can I improve?

Wow ... a bit old those 54Mbps , this is for 802.11G , single stream. See: https://mcsindex.com/ 1. Mostly we get dual stream (=2S) see it in the registration table. Like 144Mbps interface (*) rate, for 2 spatial streams, with only 20MHz bandwidth and short-guard interval 2. After G (g) comes N (n :...
by bpwl
Sun Dec 03, 2023 5:20 pm
Forum: Wireless Networking
Topic: DHCP Server constantly assigns-deassigns
Replies: 6
Views: 1294

Re: DHCP Server constantly assigns-deassigns

Thx a lot @mkx. Was thinking to do the same, based on VRRP interface. But indeed, why depend on VRRP? Actually never saw a problem with a DHCP server that did not store the leases on disk. Clients came back with the same IP address in the leases, after reboot of the DHCP server. Have seen scripts to...
by bpwl
Sat Dec 02, 2023 10:15 pm
Forum: Wireless Networking
Topic: DHCP Server constantly assigns-deassigns
Replies: 6
Views: 1294

Re: DHCP Server constantly assigns-deassigns

Aha MKX, I was hoping you would react. In my case I have only 2 DHCP servers on a subnet (VLAN) , and one of the devices was flapping between the 2 DHCP servers. The DHCP servers are full split scope, but if they respond alternatingly the client gets a lot of NAK , and disconnects from the wifi. (Do...
by bpwl
Sat Dec 02, 2023 1:04 am
Forum: Wireless Networking
Topic: DHCP Server constantly assigns-deassigns
Replies: 6
Views: 1294

Re: DHCP Server constantly assigns-deassigns

Hi, have the same with at least one wifi connected device. Devices are BYOD, so I have no client device information or access to its settings. The setup is with 2 hAP ax3 with ROS 7.12 , with each having a DHCP server per VLAN serving the same subnets, but with non-overlapping address pools. (split ...
by bpwl
Mon Nov 20, 2023 10:57 pm
Forum: Wireless Networking
Topic: 14 years lasting BUG - disconnected, unicast key exchange timeout
Replies: 31
Views: 9048

Re: 14 years lasting BUG - disconnected, unicast key exchange timeout

when you have virtual wireless interface and wireless security does not match main wireless interface's security,; this bug occurs. hope this wireless driver bug can be fixed. thanks! best regards & wishes. Not my experience. I do have many times a RADIUS controlled (EAP secured) wifi interface...
by bpwl
Tue Nov 07, 2023 2:10 pm
Forum: General
Topic: loud balance 3 starlink
Replies: 19
Views: 1444

Re: loud balance 3 starlink

Using multiple devices with the same IP address ... many exemples here in this forum. This is just one of these : https://forum.mikrotik.com/viewtopic.php?t=119134 General idea is to give each device a unique IP address so you can differentiate [and route] them in your network , and then DST-NAT to ...
by bpwl
Tue Oct 31, 2023 11:24 pm
Forum: General
Topic: EoIP performance
Replies: 5
Views: 741

Re: EoIP performance

I don't think 1500 as MTU for EoIP is a good idea here. EoIP is 42 bytes overhead already. https://forum.mikrotik.com/viewtopic.php?t=124812#p614891 The IPSEC overhead looks more complex than a simple number of bytes. It seems to be encryption protocol dependent also: https://packetpushers.net/ipsec...
by bpwl
Tue Oct 31, 2023 5:56 pm
Forum: Wireless Networking
Topic: Question MikroTik mANTBox 19s
Replies: 3
Views: 822

Re: Question MikroTik mANTBox 19s

Interesting story, difficult setup choosen. Just some thoughts on wifi principles with directional antenna with high gain. 1. The transmit power in 5 GHz will be limited by the country/region regulation. That is the limit is for "radio power + antenna gain (19 dBi)", so the radio power wil...
by bpwl
Tue Oct 31, 2023 1:43 am
Forum: General
Topic: Routing distance not modifiable [SOLVED]
Replies: 4
Views: 625

Re: Routing distance not modifiable [SOLVED]

Routes to direct connected networks (the whole subnet of the assigned IP address of the interface) have a distance of 0, because they are just there at no distance, local to the interface. Dynamic, because that route is not defined in the config, but added because of the local IP address? Should als...
by bpwl
Mon Oct 30, 2023 11:02 pm
Forum: Beginner Basics
Topic: How to find router password
Replies: 36
Views: 2754

Re: How to find router password

Well, I did upgrade to the latest version 6.49.10 and with the rest of the story ... I seems like something went wrong with the upgrade of that device. Only option I see is doing a Netinstall then, as you do not get in that device at all (anymore) Some of the newer RouterOS versions are just too bi...
by bpwl
Mon Oct 30, 2023 9:45 pm
Forum: Beginner Basics
Topic: How to find router password
Replies: 36
Views: 2754

Re: How to find router password

WinBox does not need a valid IP configuration to function. Maybe this helps. Otherwise IP configuration should work after a configuration reset, if the default configuration is loaded. https://wiki.mikrotik.com/wiki/Manual:Reset Reset config by button press till LED starts flashing only, do not go t...
by bpwl
Mon Oct 30, 2023 7:31 pm
Forum: Beginner Basics
Topic: How to find router password
Replies: 36
Views: 2754

Re: How to find router password

1. Do NOT use ethernet port 1 for your PC, with the default config in the router. This is the default WAN port, and blocks everything incoming. 2. On the other ethernet ports and wifi you should get the proper IP address, and the default gateway should be set (check your PC network interface charact...
by bpwl
Mon Oct 30, 2023 1:13 pm
Forum: Wireless Networking
Topic: LAN connect to WiFi via pseudobridge
Replies: 1
Views: 437

Re: LAN connect to WiFi via pseudobridge

However from the WLAN I cannot see neither my PC IP address (192.168.1.60) nor the IP address of the bridge (192.168.1.200) I understand the non-MT wifi is the AP. The CAP Lite is a station, connected via wifi to the AP 1. It looks like your non-MT WLAN is not allowing inter-client communication (l...
by bpwl
Sun Oct 29, 2023 2:31 pm
Forum: Beginner Basics
Topic: DHCP Offer not received on other side of trunk [solved]
Replies: 12
Views: 1442

Re: DHCP Offer not received on other side of trunk

Tried to use Openwrt in transparant bridge mode, relayd did not solve it, but even kmod_trelay, or other _mod_available at that time, did not work. I had the same DHCP problems as with station-pseudobridge in MT setup. DHCP lease stayed in "offered". https://openwrt.org/docs/guide-user/net...
by bpwl
Sun Oct 29, 2023 11:33 am
Forum: Beginner Basics
Topic: How to find router password
Replies: 36
Views: 2754

Re: How to find router password

Do you see the SSID "default" (which appears to be your name for it Default is the name of the security profile, not the network name to look for. The network name is the SSID. SSID at this location, as told already: The wireless SSID is under Wireless - Wireless interfaces - WLAN1 interf...
by bpwl
Sun Oct 29, 2023 12:59 am
Forum: Beginner Basics
Topic: How to find router password
Replies: 36
Views: 2754

Re: How to find router password

No password, or blanc/empty password. Leave it blanc in ROKU box as well. Only if ROKU box does not accept this , set a password in the router (WPA2 Preshared key field) with dynamic keys mode. Mode=none has no password or just an empty password. Should have worked with the ROKU box and empty passwo...
by bpwl
Sun Oct 29, 2023 12:35 am
Forum: Beginner Basics
Topic: How to find router password
Replies: 36
Views: 2754

Re: How to find router password

Open that default security profile. Don't hide the passwords. (In Webfig the "Hide password" button is in the left column) You will see the Preshared keys. (wifi password) Here only WPA2 is enabled in my case. Your case, no password is set yet (mode=none) this is open wifi, no password req...
by bpwl
Sat Oct 28, 2023 11:00 pm
Forum: Beginner Basics
Topic: How to find router password
Replies: 36
Views: 2754

Re: How to find router password

Well, I did upgrade to the latest version 6.49.10 So you have the admin password of the MT router. You needed it for the upgrade! That's not what the ROKU needs (just learning what a "ROKU box" is, I'm not 77 yet, still plenty to learn) The ROKU wants internet access via wifi, so needs SS...
by bpwl
Sat Oct 28, 2023 9:14 pm
Forum: General
Topic: Case Study: Disabling NAT and Firewall on LAN Routers
Replies: 11
Views: 951

Re: Case Study: Disabling NAT and Firewall on LAN Routers

Of course, but nobody would design for free on a forum.
But most will help for sure. What else are we doing here?
by bpwl
Sat Oct 28, 2023 9:11 pm
Forum: General
Topic: Case Study: Disabling NAT and Firewall on LAN Routers
Replies: 11
Views: 951

Re: Case Study: Disabling NAT and Firewall on LAN Routers

https://www.techtarget.com/searchnetworking/definition/east-west-traffic If we do not know/understand your case, some imagination gets triggered here. It's getting wild. - east-west traffic control... really in scope? - collapsed core design ... really in scope ? Did all this in a multinational comp...
by bpwl
Sat Oct 28, 2023 5:36 pm
Forum: General
Topic: Case Study: Disabling NAT and Firewall on LAN Routers
Replies: 11
Views: 951

Re: Case Study: Disabling NAT and Firewall on LAN Routers

If the WAN router can manage the 4 LAN's (DHCP per subnet, NAT to WAN, interLAN FW rules, ... etc). Then the 3 LR would just bridge the network. Actually acting as a switch Bridged connections bypass FW (NAT and filter) by default in MT. ISP internet router is often very limited or you get limited c...
by bpwl
Sat Oct 28, 2023 5:17 pm
Forum: Announcements
Topic: v7.12rc is released!
Replies: 225
Views: 84399

Re: v7.12rc is released!

Thx @MKX for this clarifying information. With all the posts on the internet forums like https://superuser.com/questions/870450/can-802-1q-vlan-packets-be-passed-through-wi-fi-transparently , even here, "wifi interfaces are never tagged", started to worry, even as my MT experience was that...
by bpwl
Sat Oct 28, 2023 12:57 pm
Forum: Announcements
Topic: v7.12rc is released!
Replies: 225
Views: 84399

Re: v7.12rc is released!

Maybe getting far off topic , as maybe nothing changed in ROS 7.12rc, or the change is between ROS6 and ROS7. But I do distribute multiple VLAN over MT legacy WLAN interfaces, eg. via CUBE-CUBE, SXTsa5 and SXTsq, and further downstream between hAP ac2 and other small MT AP, which are used as wifi-et...
by bpwl
Fri Oct 27, 2023 9:36 pm
Forum: Wireless Networking
Topic: bridge-mode parameter in Router OS v7
Replies: 1
Views: 529

Re: bridge-mode parameter in Router OS v7

It's changing over time. At first "AP-bridge - station-bridge" was with the WLAN classic driver only, not with wifiwave2. Actually the "bridge" function (4-address mode) was triggered when the station asked for the bridge function via mode "station-bridge". (See AP wifi...
by bpwl
Fri Oct 27, 2023 7:15 pm
Forum: Announcements
Topic: v7.12rc is released!
Replies: 225
Views: 84399

Re: v7.12rc is released!

I don't really get all this tagged/untagged discussion. The 802.11 frame header has no place for a VLAN ID, so, technically, wifi interfaces are never tagged. Well 802.11 standard frame has no space for a VLAN tag, and only has space for 3 MAC addresses. But MT with WLAN driver "AP bridge"...
by bpwl
Fri Oct 27, 2023 1:08 pm
Forum: General
Topic: Bridge without interfaces [SOLVED]
Replies: 2
Views: 671

Re: Bridge without interfaces [SOLVED]

Just routing.
Devices probably have this router as default gateway, so they will seek other subnets via 192.168.88.1
All interfaces are routable if forwarding is not dropped by the firewall.
by bpwl
Thu Oct 26, 2023 9:12 pm
Forum: RouterBOARD hardware
Topic: Failure with hAP AC3 WiFi coverage
Replies: 20
Views: 2904

Re: Failure with hAP AC3 WiFi coverage

Answer: Why doesn't it allow me to change the country on the 5g wifi. Always go to Canada2 I have seen this before, some users will paint themselves in a corner. And I warned Mikrotik they had created a trap, by removing "antenna gain" correction factor from the WinBox GUI interface. This...
by bpwl
Wed Oct 25, 2023 11:12 pm
Forum: RouterBOARD hardware
Topic: Failure with hAP AC3 WiFi coverage
Replies: 20
Views: 2904

Re: Failure with hAP AC3 WiFi coverage

"Canada2" ... indeed only when you need something very special there ... [admin@hAPac3] > interface wireless info country-info country: canada2 ranges: 2402-2472/b,g,gn20,gn40(30dBm) 5170-5250/a,an20,an40,ac20,ac40,ac80,ac160,ac80+80(30dBm)/indoor 5170-5250/a,an20,an40,ac20,ac40,ac80,ac160...
by bpwl
Wed Oct 25, 2023 5:15 pm
Forum: General
Topic: Is it time for me to ditch hAPac2?
Replies: 9
Views: 1364

Re: Is it time for me to ditch hAPac2?

Interesting, and somewhat as expected. Can be calculated: https://forum.mikrotik.com/viewtopic.php?f=7&t=165698#p912622 Except for the "auto" setting, which is undefined, you should check what you get, as different frequencies will give different power and throughput. MT ROS is not AI ...
by bpwl
Wed Oct 25, 2023 3:28 pm
Forum: General
Topic: How is that possible at all: traceroute reports 2 hops with same IP
Replies: 5
Views: 798

Re: How is that possible at all: traceroute reports 2 hops with same IP

Aha, thanks @MKX.

From my house , with ROS Tools/traceroute towards 192.229.221.95, ... with protocol ICMP set shows single response (12), protocol UDP set shows the double response (12-13)
by bpwl
Wed Oct 25, 2023 1:40 pm
Forum: General
Topic: How is that possible at all: traceroute reports 2 hops with same IP
Replies: 5
Views: 798

Re: How is that possible at all: traceroute reports 2 hops with same IP

It probably is the same machine that answered. The 10th line needed 10 hops before the TTL was reduced to zero (and that router reported the end of travel because TTL was used up) The 11th line (Traceroute with TTL=11) ended after 11 hops of the packet. That path was 1 hop longer. IP routes can be d...
by bpwl
Wed Oct 25, 2023 1:31 am
Forum: General
Topic: How is that possible at all: traceroute reports 2 hops with same IP
Replies: 5
Views: 798

Re: How is that possible at all: traceroute reports 2 hops with same IP

Think of how traceroute works. Next attempt will be with a TTL which is one higher. It could/will be the same answer again. The local traceroute should have seen it was already there with TTL=10. The path for TTL=11 could be one longer than the previous one (routes vary over time, as next hops can d...
by bpwl
Tue Oct 24, 2023 3:08 pm
Forum: Wireless Networking
Topic: How to turn off 2.4G WiFi signal
Replies: 3
Views: 834

Re: How to turn off 2.4G WiFi signal

showing a "hidden network" in spectrum software "hidden network" or only visible in "freq usage"? Only in "freq usage" or in some radio spectrum tool, and not in scan or "Snooper", then is is not a 802.11 wifi signal or MT nstreme or nv2, but some o...
by bpwl
Tue Oct 24, 2023 1:00 pm
Forum: General
Topic: Is it time for me to ditch hAPac2?
Replies: 9
Views: 1364

Re: Is it time for me to ditch hAPac2?

Ok so how do I begin to narrow down the issue? I do not want to end up the same with the ax3. Normally you will not end up the same ... WLAN driver in Mikrotik is like a manual gearbox in a car, wifiwave2 and other brands are like automatic gearboxes. Optimal setting in most cases, Less control, bu...
by bpwl
Tue Oct 24, 2023 1:50 am
Forum: General
Topic: Is it time for me to ditch hAPac2?
Replies: 9
Views: 1364

Re: Is it time for me to ditch hAPac2?

440Mbps is very very good for WLAN driver in hAP ac2. But further away, 180Mbps is very normal. But then again the rate will lower with distance, signal quality, interference etc. 15Mbps only, something is very bad around there, or the wireless is set up for 20MHz channel width, with a single stream...
by bpwl
Mon Oct 23, 2023 8:49 pm
Forum: Beginner Basics
Topic: hAP ax3 /interface wireless security-profiles missing?
Replies: 3
Views: 756

Re: hAP ax3 /interface wireless security-profiles missing?

https://help.mikrotik.com/docs/display/ROS/WifiWave2 Wifiwave2 is only available on some devices. The AX devices and ... Due to storage, RAM, and architecture requirements, only the following products can replace their bundled wireless software package with wifiwave2: hAP ac³ (non-LTE) Audience and ...
by bpwl
Mon Oct 23, 2023 1:23 pm
Forum: Wireless Networking
Topic: Two ac^3 with wifiwave2: one no 5GHz [SOLVED]
Replies: 30
Views: 2905

Re: Two ac^3 with wifiwave2: one no 5GHz [SOLVED]

I know that, SSID is independent, but something in this config is not OK. Maybe used backup/restore between the 2 devices to copy the config, while one had wifiwave2 active, and the other not, instead of export/import? Who knows? Would "reset configuration" , as in a wifi interface correct...
by bpwl
Mon Oct 23, 2023 1:02 pm
Forum: Wireless Networking
Topic: Two ac^3 with wifiwave2: one no 5GHz [SOLVED]
Replies: 30
Views: 2905

Re: Two ac^3 with wifiwave2: one no 5GHz [SOLVED]

This config with "interface=*1" cannot work. Wrong config settings. Interface for bridge port is missing.
by bpwl
Mon Oct 23, 2023 12:53 pm
Forum: Wireless Networking
Topic: Two ac^3 with wifiwave2: one no 5GHz [SOLVED]
Replies: 30
Views: 2905

Re: Two ac^3 with wifiwave2: one no 5GHz [SOLVED]

Hmmmm WLAN1 and WLAN2 connected (port) to the bridge, but not available anymore as wifiwave2 is loaded, and wifi1 or wifi2 are not port to the bridge DHCP will not work then, clients will disconnect. As long as WLAN1 and WLAN2 are connected to the bridge ... only legacy wifi will work. Remove those...
by bpwl
Sun Oct 22, 2023 8:51 pm
Forum: Wireless Networking
Topic: Two ac^3 with wifiwave2: one no 5GHz [SOLVED]
Replies: 30
Views: 2905

Re: Two ac^3 with wifiwave2: one no 5GHz [SOLVED]

"add frequency=5180,5260,5500 name=ch-5g width=20/40/80mhz" and no country set will default to FCC region. But should not be a problem if the regualted frequencies are correct in ROS. Check with "interface/wifiwave2/radio/print detail" ? As in https://help.mikrotik.com/docs/displ...
by bpwl
Sun Oct 22, 2023 2:01 pm
Forum: Beginner Basics
Topic: hAP Wifi Client
Replies: 4
Views: 842

Re: hAP Wifi Client

Ping ... is bidirectional transmission. The answer must find it's way back also. And that reverse path may be a problem here. Other setup is using the Mikrotik as regular client for the ISP router (including Home gateway setup with NAT (srcnat or masquerade to WAN/WLAN) and firewall, and DHCP server...
by bpwl
Sun Oct 22, 2023 12:19 pm
Forum: Beginner Basics
Topic: Hybrid VLAN and bridging in ROSv7 [SOLVED]
Replies: 18
Views: 2748

Re: Hybrid VLAN and bridging in ROSv7 [SOLVED]

Mikrotik HELP has been updated, and now with access, trunk and hybrid interface exemples

https://help.mikrotik.com/docs/display/ ... NFiltering
by bpwl
Fri Oct 20, 2023 11:01 pm
Forum: General
Topic: hEX: Why my interface switch from 1Gbps to 100Mps?
Replies: 3
Views: 630

Re: hEX: Why my interface switch from 1Gbps to 100Mps?

Logical: auto negotiation may fail to allocated 1000Mbps at certain times. Loose wiring, oxydised contacts? 1000Mbps needs all wires to be OK, 100Mbps needs only 4. https://hardwaresecrets.com/how-gigabit-ethernet-works/ "Ethernet Cat 5/6 cables have eight wires (four pairs), but under 10BaseT ...
by bpwl
Fri Oct 20, 2023 6:31 pm
Forum: Beginner Basics
Topic: hAP Wifi Client
Replies: 4
Views: 842

Re: hAP Wifi Client

If the other router is also a Mikrotik, don't use pseudobridge, but use "AP bridge" on one and "station bridge" on the other. Add WLAN and ethernet for the printer to the RouterOS bridge. The networks will now be fully bridged. 1.Pseudo bridge has known problems with DHCP - stays...
by bpwl
Fri Oct 20, 2023 6:13 pm
Forum: Beginner Basics
Topic: Winbox shows empty config and keeps dissconecting
Replies: 4
Views: 1480

Re: Winbox shows empty config and keeps dissconecting

winbox shows me an empty configuration Happend to me when I had a (very) slow connection. (Did set the wifi TX rate to 30Kbps by accident in a test setup, and had that problem.) Looks like WinBox is showing the config windows immediatly, and then has to wait for the content to show. (With 30Kbps it...
by bpwl
Fri Oct 20, 2023 10:36 am
Forum: General
Topic: Remote control of a device by port forwarding [SOLVED]
Replies: 7
Views: 1355

Re: Remote control of a device by port forwarding [SOLVED]

Sure Wireguard is Ok.
And some ROS 7 test versions (not the RC) have BTH enabled in IP/Cloud. Back To Home is an very easy setup for a Wireguard tunnel.
by bpwl
Thu Oct 19, 2023 11:55 pm
Forum: General
Topic: Remote control of a device by port forwarding [SOLVED]
Replies: 7
Views: 1355

Re: Remote control of a device by port forwarding [SOLVED]

But my ISP blocks all access In that case how can you setup a PPTP VPN tunnel towards the Mikrotik router? Anyway every Mikrotik router has a potential public DDNS entry as <serialnumber>.sn.mynetname.net. See under IP/Cloud menu, and enable DDNS. For other DDNS options check with e.g."dyndns....
by bpwl
Thu Oct 19, 2023 11:08 pm
Forum: Beginner Basics
Topic: Hybrid VLAN and bridging in ROSv7 [SOLVED]
Replies: 18
Views: 2748

Re: Hybrid VLAN and bridging in ROSv7 [SOLVED]

Not sure if this is 100% correct, but the way I see this .... 1. VLAN interface, is an interface in RouterOS , traffic can be handled (eg. routed) at RouterOS L3. The VLAN interface does tag VLAN ingress and untag VLAN egress traffic. A VLAN interface can be defined on the bridge or other master int...
by bpwl
Thu Oct 19, 2023 11:57 am
Forum: Wireless Networking
Topic: Two ac^3 with wifiwave2: one no 5GHz [SOLVED]
Replies: 30
Views: 2905

Re: Two ac^3 with wifiwave2: one no 5GHz [SOLVED]

Indeed in LOG and in Status page. The WLAN driver then also has state= "detecting radar" , not "running AP". Increased CAC time in the band 5600-5650MHz from 60s to 10 minutes. Be aware of the C and e frequencies! "Skip DFS channels= 10min CAC" if auto freq is used. If ...
by bpwl
Wed Oct 18, 2023 7:39 pm
Forum: Wireless Networking
Topic: Power tables for UK incorrect for 5725-5850
Replies: 17
Views: 2437

Re: Power tables for UK incorrect for 5725-5850

EDIT: content deleted. Was off-topic. Not UK specific.
by bpwl
Wed Oct 18, 2023 2:32 pm
Forum: General
Topic: MikroTik hAP ax3 - PTP bridge AP not showing in wizard.
Replies: 2
Views: 583

Re: MikroTik hAP ax3 - PTP bridge AP not showing in wizard.

ax device ... so it is wifiwave2 The "AP bridge" setting is for the legacy WLAN driver. Ax can not use the legacy (WLAN) driver. But with latest ROS7 the "AP" in wifiwave2 is some equivalent to "AP bridge" of the legacy driver. 'Some' equivalent, as they are not the sam...
by bpwl
Tue Oct 17, 2023 7:38 pm
Forum: General
Topic: Remote control of a device by port forwarding [SOLVED]
Replies: 7
Views: 1355

Re: Remote control of a device by port forwarding [SOLVED]

Using default firewall? Make sure the standard "allow DSTNAT" is active add action=drop chain=forward comment="defconf: drop all from WAN not DSTNATed" connection-nat-state=!dstnat connection-state=new in-interface-list=WAN # and then have something like /ip firewall nat add acti...
by bpwl
Tue Oct 17, 2023 7:02 pm
Forum: General
Topic: Remote control of a device by port forwarding [SOLVED]
Replies: 7
Views: 1355

Re: Remote control of a device by port forwarding [SOLVED]

I don't understand the network setup, too many possibilities here. "The router" is used too many times, which router is connected to what router, and which one is connected to the ISP? ISP then Schneider then Mikrotik , with PPP VPN in Mikrotik ???? 192.168.88.254 suggests other way around.
by bpwl
Tue Oct 17, 2023 6:46 pm
Forum: Beginner Basics
Topic: Logging and restarting best practices
Replies: 9
Views: 962

Re: Logging and restarting best practices

So what are the best practices in terms of storing logs, rotating them, etc, so that the setup is stable and doesn't fill up the local disk?
LOG to disk storage (or USB stick) can be limited by design, just like using a circular buffer.
.
Klembord-2.jpg
.
Klembord-3.jpg
by bpwl
Tue Oct 17, 2023 1:34 am
Forum: Beginner Basics
Topic: Hybrid VLAN and bridging in ROSv7 [SOLVED]
Replies: 18
Views: 2748

Re: Mikrotik VLAN routing (L3) in RouterOS v7 [SOLVED]

Simple rule: an ethernet interface that is a port on a bridge is reduced to a "slave interface" only. E.G. : It can not have DHCP server defined on it. DHCP client, IP address, and other things should be defined on the bridge. Those are not forbidden on the ethernet interface but not recom...
by bpwl
Mon Oct 16, 2023 1:45 am
Forum: Beginner Basics
Topic: Hybrid VLAN and bridging in ROSv7 [SOLVED]
Replies: 18
Views: 2748

Re: Mikrotik VLAN routing for dummies [SOLVED]

a way to combine VLAN 13 and untagged traffic on a bridged physical interface where I have my AP connected. Is it possible to switch the untagged traffic on L2 and route all VLAN13 traffic while these are on the same interface? Can someone explain this straight-forward setup to me? Well trying to c...
by bpwl
Sat Oct 14, 2023 2:31 pm
Forum: General
Topic: What is the pwr-line1 interface on mAP 2nd and how to use it?
Replies: 5
Views: 703

Re: What is the pwr-line1 interface on mAP 2nd and how to use it?

Hidden feature, that micro-USB port can also be used to provide power to another device.
Just power, or is it USB OTG (USB controller) ?
by bpwl
Sat Oct 14, 2023 2:28 pm
Forum: General
Topic: What is the pwr-line1 interface on mAP 2nd and how to use it?
Replies: 5
Views: 703

Re: What is the pwr-line1 interface on mAP 2nd and how to use it?

European version is discontinued, and no direct link on the MT harware pages: https://mikrotik.com/product/pwr_line_eu Used in combination with mAP Lite, mAP, hAP lite, hAP lite TC, and the other end of the powerline can also be combined device Mikrotik PL6411-2nD (again only US version on MT site) ...
by bpwl
Fri Oct 13, 2023 10:50 am
Forum: Wireless Networking
Topic: how many clients can be connected to Hap ax3?
Replies: 2
Views: 709

Re: how many clients can be connected to Hap ax3?

Indeed depends. No experience with large numbers with wifiwave2 driver. But on WLAN driver (not possible on ax3) 30 active clients is no problem. The theoretical limit there is 2007 connected. Many devices are just connected (like smartphones, tablets, smartwatches, Iot devices) without actually tra...
by bpwl
Thu Oct 12, 2023 11:58 pm
Forum: General
Topic: hAP ax3
Replies: 3
Views: 954

Re: hAP ax3

Timing or power(up) problem with the 4 TB hdd?
What happens after "System/Routerboard/ usb power-reset" ?
by bpwl
Thu Oct 12, 2023 11:31 pm
Forum: Scripting
Topic: Remove disk from /files
Replies: 10
Views: 1025

Re: Remove disk from /files

Has no one encountered this?
Yes have seen that after using multiple USB drives.
They can be removed via System/Disks, and will not re-appear in Files after reboot.
At least this is possible in ROS 7 (may not be the case in ROS6)
by bpwl
Thu Oct 12, 2023 11:28 pm
Forum: General
Topic: Command to save config on the terminal
Replies: 2
Views: 588

Re: Command to save config on the terminal

If you want a readable and usable copy in a file to download ... use "export" command with a filename in the terminal.
by bpwl
Thu Oct 12, 2023 11:23 pm
Forum: General
Topic: MAPN2
Replies: 4
Views: 574

Re: MAPN2

Maybe first make clear what you want. Is it one network 192.168.0.0/24 for both he MAP1 and te MAP2? Or is the desired network with 2 networks 192.168.88.0/24 for MAP1 and 192.168.20.0/24 for MAP2. I assume the first case is wanted. All clients are member of one subnet 192.168.0.0/24, the subnet of ...
by bpwl
Tue Oct 10, 2023 12:28 am
Forum: General
Topic: Virtual or pseudo ethernet interfaces possible?
Replies: 17
Views: 22626

Re: Virtual or pseudo ethernet interfaces possible?

But now MACVLAN may be helpfull. https://help.mikrotik.com/docs/display/ROS/MACVLAN

MACVLAN is very new ... ROS 7.12rc1 ... 2023-Oct-05
by bpwl
Tue Oct 10, 2023 12:15 am
Forum: General
Topic: Gateway issue?
Replies: 5
Views: 1838

Re: Gateway issue?

Just to add another question will VRRP work on VLAN interfaces
Yes.
But I have seen exemples in this forum with VRRP on VLAN, viewtopic.php?p=1001060 but also VLAN's on VRRP.
The later probably to make all VLAN fail over at the same time ???? Lost the link to that one.
by bpwl
Mon Oct 09, 2023 11:46 pm
Forum: General
Topic: Two IP addresses from one provider „like two ISPs“
Replies: 2
Views: 739

Re: Two IP addresses from one provider „like two ISPs“

And I don't know how to tell the MT to get two IP addresses from one single cable going from ISP This was difficult, as you need 2 MAC addresses for the ISP. Playing with VRRP was a trick to get a second MAC address on an interface. (Or use 2 ethernet interfaces, as MT suggests) But now MACVLAN may...
by bpwl
Sat Oct 07, 2023 11:56 pm
Forum: Scripting
Topic: Many vlan lines on bridge. Does it matter ?
Replies: 3
Views: 792

Re: Many vlan lines on bridge. Does it matter ?

As you know: Syntax allows for multiple ports and multiple VLAN ids like: add bridge=bridge tagged=bridge untagged=ether2,ether3,ether4 vlan-ids=10 add bridge=bridge1 tagged=ether1 untagged=ether2,ether3 vlan-ids=20,30 'export' will resemble input (but may be different order) print has it's own form...
by bpwl
Sat Oct 07, 2023 11:37 pm
Forum: Beginner Basics
Topic: dhcp addresses for hikvision cameras
Replies: 16
Views: 1461

Re: dhcp addresses for hikvision cameras

Not familiar with ONVIF .... just started reading ... https://www.pelco.com/blog/onvif-guide . Does this assign or force for IP addresses??? aagh yes ... page 12 ... https://files.pelco.com/camera-configuration-tool-user-guide-en_2023-06-01-154703_wxvp.pdf DHCP is automatically disabled for the came...
by bpwl
Sat Oct 07, 2023 9:24 pm
Forum: Beginner Basics
Topic: dhcp addresses for hikvision cameras
Replies: 16
Views: 1461

Re: dhcp addresses for hikvision cameras

Well, good description of the setup, but still very difficult to know (guess) what is happening. Just some thoughts. - static IP addresses (leases) in DHCP do not work if that client device, or another device in the network, already has that IP address (My usual mistake, give a device some fixed IP ...
by bpwl
Sat Oct 07, 2023 6:32 pm
Forum: Wireless Networking
Topic: Station bridge DHCP/Route problem ?
Replies: 6
Views: 948

Re: Station bridge DHCP/Route problem ?

I have a question, the bridge protocol mode should be set to none on both ac's ? Or on the 2nd one only ? Don't know if this is any good as advice, but in such very simple networks I tend to disable the STP protocol (set to "none"), as I don't see the need for loop protection, and STP pro...
by bpwl
Sat Oct 07, 2023 12:51 pm
Forum: Beginner Basics
Topic: LAN MAC addresses leaking out WAN port?
Replies: 2
Views: 732

Re: LAN MAC addresses leaking out WAN port?

Didn't see a potential cause.
Maybe also check this: viewtopic.php?t=86880
Fast-path? Switch?

And minor unrelated detail : private-subnet 192.168.0.0/24
Should be 192.168.0.0/16 AFAIK.
https://en.wikipedia.org/wiki/Reserved_ ... esses#IPv4
by bpwl
Sat Oct 07, 2023 1:24 am
Forum: Forwarding Protocols
Topic: CCR2116 only 200M TCP throughput
Replies: 4
Views: 865

Re: CCR2116 only 200M TCP throughput

no any queue setting But there are default interface queue's active. TAB "Interface Queues" under Queues in MT Help: All RouterBOARDS have default queue type "only-hardware-queue" with "kind=none". "only-hardware-queue" leaves interface with only hardware tra...
by bpwl
Sat Oct 07, 2023 1:16 am
Forum: Forwarding Protocols
Topic: CCR2116 only 200M TCP throughput
Replies: 4
Views: 865

Re: CCR2116 only 200M TCP throughput

no any queue setting But there are default interface queue's active. TAB "Interface Queues" under Queues in MT Help: All RouterBOARDS have default queue type "only-hardware-queue" with "kind=none". "only-hardware-queue" leaves interface with only hardware tra...
by bpwl
Sat Oct 07, 2023 12:16 am
Forum: Beginner Basics
Topic: Hybrid VLAN and bridging in ROSv7 [SOLVED]
Replies: 18
Views: 2748

Re: Mikrotik VLAN routing for dummies [SOLVED]

Yes it is very flexible , because it is a combination of many things (switch, router, NATing gateway, Firewall, VPN, etc etc) And RouterOS lets one just combine things to create some complex setup. For younger network people this can be very confusing to still see the things as independent OSI layer...
by bpwl
Fri Oct 06, 2023 3:36 pm
Forum: Forwarding Protocols
Topic: CCR2116 only 200M TCP throughput
Replies: 4
Views: 865

Re: CCR2116 only 200M TCP throughput

- ethernet connections loose packets (bad checksum, collision, etc) - routers drop packets if queue gets full - TCP uses missing packets for congestion control (different algoritms possible: Reno, cubic, compound, ...) - TCP will ask for retransmit of missing packet - some queue's drop packets (e.g....
by bpwl
Fri Oct 06, 2023 3:15 pm
Forum: Beginner Basics
Topic: Hybrid VLAN and bridging in ROSv7 [SOLVED]
Replies: 18
Views: 2748

Re: Mikrotik VLAN routing for dummies [SOLVED]

You do not need VLAN bridge if the VLAN are only routed. Create VLAN interfaces for every VLAN (they may exist on one (ethernet) interface without a bridge). The same VLANid on different interfaces are separate/independent VLANs (If the ethernet interface is a port on a bridge, the VLAN must be defi...
by bpwl
Fri Oct 06, 2023 2:51 pm
Forum: Wireless Networking
Topic: Station bridge DHCP/Route problem ?
Replies: 6
Views: 948

Re: Station bridge DHCP/Route problem ?

In the case where the "1st ac2 - 2nd ac2" link is not always up and running (e.g. DFS wait time, false radar detect, unstable link) , then clients should not connect to the 2.4GHz of the 2nd ac2 for Internet access. To manage this, one could use tool/netwatch in the 2nd ac2 , and alter the...
by bpwl
Fri Oct 06, 2023 12:00 pm
Forum: Wireless Networking
Topic: Station bridge DHCP/Route problem ?
Replies: 6
Views: 948

Re: Station bridge DHCP/Route problem ?

Yes, would have a look at it. Not sure if it is seen there. Could be some running state thing (RSTP, DHCP lease, identical (copied) MAC addresses, bridge port status, learning not on auto, loop (false) detected ... .) When I wait a while (more then 30 seconds I guess) or I manually reconnect all wor...
by bpwl
Fri Oct 06, 2023 12:56 am
Forum: Wireless Networking
Topic: Station bridge DHCP/Route problem ?
Replies: 6
Views: 948

Re: Station bridge DHCP/Route problem ?

This looks like a correct setup. Very surprised the initial connection via 2nd ac2 does not work. As this is just one network as one L2 broadcast domain. The 1st hAP ac2 is the gateway to Internet, and is the DHCP server and probably the DNS server. The 4 WLAN interfaces are just bridged together. T...
by bpwl
Fri Oct 06, 2023 12:12 am
Forum: Beginner Basics
Topic: Mikrotik modem/router does not assign IP to Wireless AP clients
Replies: 11
Views: 1242

Re: Mikrotik modem/router does not assign IP to Wireless AP clients

Don't set VLAN on Bridge :D That was just my simple start case ... work as a "dump switch". A "dump switch" is unaware of VLAN, and just passes them along. Of course once you master the VLAN settings as a VLAN aware bridge, it is very good to use it. You can better control the f...
by bpwl
Thu Oct 05, 2023 11:05 pm
Forum: Beginner Basics
Topic: Mikrotik modem/router does not assign IP to Wireless AP clients
Replies: 11
Views: 1242

Re: Mikrotik modem/router does not assign IP to Wireless AP clients

"bridge" - "station bridge" The word Bridge is used so often in RouterOS, it is very confusing. In the router acting as AP the wifi should be in mode "AP bridge". If wifi is set in mode "Bridge", it will only accept 1 (one) client device. This is used in Rout...
by bpwl
Thu Oct 05, 2023 10:29 pm
Forum: Wireless Networking
Topic: 14 years lasting BUG - disconnected, unicast key exchange timeout
Replies: 31
Views: 9048

Re: 14 years lasting BUG - disconnected, unicast key exchange timeout

If you used simple or interface queues, you will see lots of packet drops and retransmits, which are usual for TCP to tell server/CPE to lower the rate. TCP congestion avoidance [Reno, new Reno, Cubic, Compound, ...) and queue rates, and Access List TX/RX rates, are not, and are not related to wifi...
by bpwl
Thu Oct 05, 2023 10:13 pm
Forum: Wireless Networking
Topic: 14 years lasting BUG - disconnected, unicast key exchange timeout
Replies: 31
Views: 9048

Re: 14 years lasting BUG - disconnected, unicast key exchange timeout

Be aware of the min and max limits on the number and type of characters in SSID and PSK passwords. These min/max limits and types are more restrictive with Mikrotik than with other brands. Stick to the brands limitations. Happens everywhere: Use a password with a "+" at the end of the pass...
by bpwl
Thu Oct 05, 2023 9:31 pm
Forum: Wireless Networking
Topic: 14 years lasting BUG - disconnected, unicast key exchange timeout
Replies: 31
Views: 9048

Re: 14 years lasting BUG - disconnected, unicast key exchange timeout

On wireless; "indoor" means 150 feet (46 meters) while outdoor means 300 feet. then you set "any" in "Installation". I see indoor/outdoor/any under 'installation'. Then there is indoors/dynamic for the 'Advanced Distance' AFAIK and experienced, the installation "a...
by bpwl
Thu Oct 05, 2023 3:18 pm
Forum: Beginner Basics
Topic: Mikrotik modem/router does not assign IP to Wireless AP clients
Replies: 11
Views: 1242

Re: Mikrotik modem/router does not assign IP to Wireless AP clients

Confusing all the time. You have a Mikrotik Chateau (RBD53G-5HacD2HnD-TC&EG12-EA), which by the way is a Mikrotik and a Wireless AP (with also LTE connection) Then you speak about a Wireless AP (another? name it or number it), and about a Mikrotik (which one, the Chateau is a Mikrotik, the Wirel...
by bpwl
Wed Oct 04, 2023 8:09 pm
Forum: Beginner Basics
Topic: traceroute via winbox
Replies: 9
Views: 8676

Re: traceroute via winbox

50 hops ... that's far away. Might hit the 1000ms time-out setting.
Also happens when there is a loop somewhere ... even my 28 was already a very very long path
by bpwl
Wed Oct 04, 2023 6:10 pm
Forum: Beginner Basics
Topic: traceroute via winbox
Replies: 9
Views: 8676

Re: traceroute via winbox

Ahem .... Traceroute in Winbox, is actually Traceroute of the RouterOS with start and output in WinBox. Could also be started from "Terminal", or Webfig And it seems that the RouterOS by default gives up early. After 5 timeouts? Or limit number of Hops? https://forum.mikrotik.com/viewtopic...
by bpwl
Wed Oct 04, 2023 12:12 pm
Forum: Wireless Networking
Topic: Quickset Wireless Bridge - Only One Radio Works
Replies: 10
Views: 1384

Re: Quickset Wireless Bridge - Only One Radio Works

Too easy to find instructions. 1. Fill in the wireless interface WLANx in Wireless, TAB "Wireless". Mode is "AP bridge" fill in (same or different SSID but same security profile as the WLAN that is already operational) Frequency mode and Country the same as the other wireless int...
by bpwl
Wed Oct 04, 2023 11:44 am
Forum: Wireless Networking
Topic: Quickset Wireless Bridge - Only One Radio Works
Replies: 10
Views: 1384

Re: Quickset Wireless Bridge - Only One Radio Works

see https://forum.mikrotik.com/viewtopic.php?t=182276#p908543 Part of a very interesting series in the forum ... https://forum.mikrotik.com/viewtopic.php?t=182373 There are many youtube demo's for Mikrotik, like: https://www.youtube.com/playlist?list=PLCvN_Pl1BlxihMM3xcwThV2Q-EjSKYQRf, which is a pa...
by bpwl
Tue Oct 03, 2023 11:43 pm
Forum: General
Topic: Problem with Failover
Replies: 4
Views: 548

Re: Problem with Failover

It is expected that the ISP router replies to a PING (ICMP). The content of the reply could be "unreachable". The Mikrotik understands this answer, and flags the tested host as down (the pinged host as unreachable). This is not what we want to test with a check-gateway . The check-gateway ...
by bpwl
Tue Oct 03, 2023 7:48 pm
Forum: Beginner Basics
Topic: How to add a virtual WiFi that uses another WAN?
Replies: 1
Views: 490

Re: How to add a virtual WiFi that uses another WAN?

:-). You might learn that networking is a complete different discipline in IT, different from application development and even systems operation. Be ready to learn and explore new things. But what you ask for can certainly be done. Having 2 separate networks (in WAN and wifi) can be the first step. ...
by bpwl
Tue Oct 03, 2023 7:07 pm
Forum: Beginner Basics
Topic: traceroute via winbox
Replies: 9
Views: 8676

Re: traceroute via winbox

by using traceroute tool I get loss packet 100% Depends on what you understand by 100% loss. You show an exemple where the first 13 hops are all reponding properly. From the 14th hop there is no answer anymore . Either those routers are configured to not answer (very common setup on the internet) o...
by bpwl
Tue Oct 03, 2023 3:20 pm
Forum: Beginner Basics
Topic: Add simple access point
Replies: 2
Views: 8818

Re: Add simple access point

I want to enable the wireless interface in 2011 as an access point. I've configured the radio in "ap bridge" mode, WPA2 security profile, and can log it from a smartphone. I've added IP/Address 192.168.14.254/24 interface wlan1 I've added a DHCP server according to a template used on ethe...
by bpwl
Tue Oct 03, 2023 1:08 am
Forum: Wireless Networking
Topic: Quickset Wireless Bridge - Only One Radio Works
Replies: 10
Views: 1384

Re: Quickset Wireless Bridge - Only One Radio Works

Quickset has only a very very limited set of configurations. See https://help.mikrotik.com/docs/display/ROS/Quick+Set , HomeAP, HomeAPDual and WISP AP are configurations for a classic home access point, where the ISP connection (internet) is on ethernet port1, and the other ethernet ports and wifi (...
by bpwl
Sun Oct 01, 2023 11:34 pm
Forum: Beginner Basics
Topic: NATed subnet in LAN
Replies: 5
Views: 8569

Re: NATed subnet in LAN

OK OK I only said "Also have a close look" . This is not the final solution, but the type of rules to be used. A bit closer to the final solution ... (not tested, mistakes are always possible, to be tested and debugged) out interface ether5 or destination address 192.168.100.0/24 could be ...
by bpwl
Sun Oct 01, 2023 1:39 pm
Forum: Beginner Basics
Topic: Connect Internet LAN and Smart Home LAN
Replies: 3
Views: 687

Re: Connect Internet LAN and Smart Home LAN

I see 3 network controlling devices 1. Owned Wifi router with WAN access, and ethernet, wifi LAN 2. Owned RB750R2 non-wifi router 3. Smart home controller (as black box, no management access) , but is a DHCP server. Network features here are unclear (ethernet , wifi?) There should be no problem to c...
by bpwl
Sat Sep 30, 2023 11:01 pm
Forum: General
Topic: hAP AC2 random boot loop
Replies: 9
Views: 1490

Re: hAP AC2 random boot loop

graphing and critical logging on disk turned on.
Could you move some of these to a USB memory stick? Idem for backup and other things we like to save in flash.
by bpwl
Sat Sep 30, 2023 10:22 pm
Forum: Beginner Basics
Topic: NATed subnet in LAN
Replies: 5
Views: 8569

Re: NATed subnet in LAN

in simple words before i used usual router with NATing my "secret" network. This can still be done, it is a limited way of hiding that network, as hide behind NAT. In the default config there is already a masquerade rule for things going out via the WAN list interface Now we want that ALL...
by bpwl
Sat Sep 30, 2023 7:24 pm
Forum: Wireless Networking
Topic: SXTsq Lite2 is unstable when using wireless-N.
Replies: 2
Views: 618

Re: SXTsq Lite2 is unstable when using wireless-N.

The received signal in this status screen looks OK. But I expect the (too) weak received signal to be on the ISP side! Wifi connection needs to work bidirectional to function. The SXTsq 2.4 Lite has an antenna gain of 10dBi The signal coming from the ISP AP will be amplified with 10 dB (antenna gain...
by bpwl
Sat Sep 30, 2023 12:00 pm
Forum: Beginner Basics
Topic: Would that be possible?
Replies: 4
Views: 725

Re: Would that be possible?

I have a confusion you can't imagine. I know the feeling, digesting a lot of new concepts can give sleepless nights. Tackle the VLAN concept in MT just slice by slice. It's hard for everyone, even experts in MT, as I see these discussions: https://forum.mikrotik.com/viewtopic.php?t=131079 Go for yo...
by bpwl
Sat Sep 30, 2023 12:53 am
Forum: Beginner Basics
Topic: Would that be possible?
Replies: 4
Views: 725

Re: Would that be possible?

YES. Maybe start with this: https://forum.mikrotik.com/viewtopic.php?t=143620 There are multiple solutions with Mikrotik. All VLANs could coexist as separate VLAN on the same bridge. Using multiple bridges (even one per VLAN) used to be one of the older config methods to connect VLAN with non-VLAN i...
by bpwl
Thu Sep 28, 2023 9:48 pm
Forum: Useful user articles
Topic: VRRP For Dummies (draft not ready)
Replies: 11
Views: 3333

Re: VRRP For Dummies (draft not ready)

Excellent article @anav. ! VERY interesting. I don't want to push for Placeholder content, but maybe you are interested in a Dual VRRP lab setup exemple I stumbled upon in this forum, and also enjoyed reading. https://forum.mikrotik.com/viewtopic.php?t=196649 But there is still a lot to explore on V...
by bpwl
Thu Sep 28, 2023 12:33 am
Forum: General
Topic: Wifi access list
Replies: 7
Views: 1626

Re: Wifi access list

In fact I was using one password for all MAC addresses now I modify it Using access list with entries for MAC address and per MAC WIFI passwords I hope this solve my problem Should help ... I need to know where to "Log the internet connects" That is not an easy one with Mikrotik. In MT it...
by bpwl
Sun Sep 24, 2023 12:43 pm
Forum: General
Topic: Help! IPoE on WAN, how configure?
Replies: 7
Views: 926

Re: Help! IPoE on WAN, how configure?

IPoE ... learning something new today.

This might help/clarify your setup. https://networkengineering.stackexchang ... ly-is-ipoe
by bpwl
Sun Sep 24, 2023 1:39 am
Forum: General
Topic: Should moderators redact sensitive info, and how much?
Replies: 49
Views: 2736

Re: Should moderators redact sensitive info, and how much?

It's difficult for an outsider of an installation to judge if something is "sensitive" or not.
by bpwl
Sat Sep 23, 2023 10:49 pm
Forum: Wireless Networking
Topic: WiFi speed between AX3 and HAP AC in Repeater mode
Replies: 6
Views: 1000

Re: WiFi speed between AX3 and HAP AC in Repeater mode

Can I improve the speed between routers? FYI only. Forgot to just give some practical steps. (Explaining the reason for the lower speed is one thing, avoiding the slower rate is another) The way to improve the rate after the 2nd MT (repeater) is avoiding the "repeater" send action on the ...
by bpwl
Fri Sep 22, 2023 3:01 pm
Forum: Wireless Networking
Topic: WiFi speed between AX3 and HAP AC in Repeater mode
Replies: 6
Views: 1000

Re: WiFi speed between AX3 and HAP AC in Repeater mode

master-interface=wlan2 name=wlan3 Repeater mode on the same wireless radio (wlan2) , will at least reduce the throughput to 1/2. (receive, send) for every packet. WLAN interfaces are known to be inefficient at high speeds. (Their AMPDU aggregation is limited to 3895 bytes per MPDU, and A-MPDU to 26...
by bpwl
Thu Sep 21, 2023 10:57 pm
Forum: Beginner Basics
Topic: USB Port Tethering
Replies: 5
Views: 716

Re: USB Port Tethering

LTE hotspot device such as a USB LTE dongle? Huawei 3372 worked for me https://wiki.mikrotik.com/wiki/Manual:Peripherals A separate wireless hotspot device (non-usb connected) ? You would need to connect via wifi as station, if there is no ethernet interface, and then start a new network on the Mik...
by bpwl
Thu Sep 21, 2023 10:34 pm
Forum: Beginner Basics
Topic: Mikrotik modem/router does not assign IP to Wireless AP clients
Replies: 11
Views: 1242

Re: Mikrotik modem/router does not assign IP to Wireless AP clients

I switch to Wireless AP and connect to Mikrotik successfully. It gets an IP from Mikrotik. Guesing guessing , I assume you connected the Wireless AP with it's WAN port (having a DHCP client on that interface) so that this Wireless AP gets an IP address from the router/modem (as an ethernet client o...
by bpwl
Tue Sep 19, 2023 11:52 pm
Forum: General
Topic: Wifi access list
Replies: 7
Views: 1626

Re: Wifi access list

Just thinking .... How does the intruder get the password? Change the RouterOS password. Finding the MAC address is not difficult. It is broadcasted all the time. (Use MT WLAN Sniffer or Snooper to see all of them around ) Is this just one password for all MAC addresses? Using access list with entri...
by bpwl
Mon Sep 18, 2023 6:44 pm
Forum: General
Topic: Station Pseudobridge not working with hAP ax2 and hAP ax3 [SOLVED]
Replies: 18
Views: 1726

Re: Station Pseudobridge not working with hAP ax2 and hAP ax3 [SOLVED]

Thx @massinia for the feedback. Very interesting observation, as I had many experiments on this , and some combinations failed, and I never found why.
We expect RSTP to have the same effect as STP.
by bpwl
Mon Sep 18, 2023 6:19 pm
Forum: General
Topic: Station Pseudobridge not working with hAP ax2 and hAP ax3 [SOLVED]
Replies: 18
Views: 1726

Re: Station Pseudobridge not working with hAP ax2 and hAP ax3 [SOLVED]

cannot be used as a pseudobridge station Does happen in some cases, with some AP implementations My workaround then is use "station" (no station bridge, or station-pseudobridge) The WLAN1 is in the WAN interface list, has DHCP client, and on the hAP have a local LAN (with DHCP server etc)...
by bpwl
Mon Sep 18, 2023 5:55 pm
Forum: Beginner Basics
Topic: hEX PoE not working within an hour [SOLVED]
Replies: 1
Views: 643

Re: hEX PoE not working within an hour [SOLVED]

I unpacked it immediately and did some setup. Suddenly, the network is gone, and I refreshed my routerOS page it is no longer able to access. Sometimes the effects of a change are only seen later, because the current connection is still valid, and some paths are cached. (Ip route cache, 5 minutes d...
by bpwl
Mon Sep 18, 2023 12:19 am
Forum: General
Topic: Station Pseudobridge not working with hAP ax2 and hAP ax3 [SOLVED]
Replies: 18
Views: 1726

Re: Station Pseudobridge not working with hAP ax2 and hAP ax3 [SOLVED]

We probably will have to sniff the wifi packets to find out what the "new" station-bridge mode is. Is it full 4-address mode coming from the AP, or is it a better "station-pseudobridge" implementation? There are different implementations of repeaters, but I have no desciptions in...
by bpwl
Sun Sep 17, 2023 11:45 pm
Forum: General
Topic: Multicast IPTV over EOIP Tunnel over L2TP
Replies: 7
Views: 806

Re: Multicast IPTV over EOIP Tunnel over L2TP

I see "Country A" in the drawing, maybe this is of some interest ... viewtopic.php?t=79019#p969022
by bpwl
Sun Sep 17, 2023 10:11 pm
Forum: Beginner Basics
Topic: Segregating networks on Mikrotik hap ac2
Replies: 4
Views: 958

Re: Segregating networks on Mikrotik hap ax2

Traffic to local addresses on the hAP are normally filtered by the "input" chain, not by the "forward" chain in the firewall. (Test with Traceroute to the other-interface's IP address of the hAP only shows one hop, it is not forwarded) 212.3, 212.4 and 2.3 are on the same hAP, su...
by bpwl
Sun Sep 17, 2023 9:55 pm
Forum: General
Topic: Multicast IPTV over EOIP Tunnel over L2TP
Replies: 7
Views: 806

Re: Multicast IPTV over EOIP Tunnel over L2TP

You already have L2TP, this can work as a fully bridged connection without the need for EoIP, and while maintaining the full 1500 byte MTU.
The BCP for PPTP is also available as BCP for L2TP: https://wiki.mikrotik.com/wiki/Manual:B ... _bridging)
Don't disable RSTP as STP protocol.
by bpwl
Sun Sep 17, 2023 6:16 pm
Forum: General
Topic: Mikrotik SUCKS
Replies: 82
Views: 9819

Re: Mikrotik SUCKS

Why this: https://www.youtube.com/watch?v=1ZJ-pM89N7o work on ac3, but there is no way to set up on new L900? Why? Because this Youtube shows something irrational, and completly outdated. (Like using some Windows for Workgroups driver installation procedure in Windows 11, to have SMB file sharing) ...
by bpwl
Sun Sep 17, 2023 4:19 pm
Forum: RouterOS beta
Topic: Hotspot and Radius / volume limit doesn't work ?
Replies: 10
Views: 4239

Re: Hotspot and Radius / volume limit doesn't work ?

By lack of documentation on "User Manager" and the Mikrotik attributes ... a little experiment. Created a "volume" limit in User Manager, but this time also added "rate" limits. This limitation was linked to the username for wifi PEAP login, and was also linked to the M...
by bpwl
Sat Sep 16, 2023 12:27 pm
Forum: RouterOS beta
Topic: Hotspot and Radius / volume limit doesn't work ?
Replies: 10
Views: 4239

Re: Hotspot and Radius / volume limit doesn't work ?

Rate limit probably needs Hotspot, as even Mikrotik Indonesia says, but how to have Hotspot Login, based on the wifi login [ eg RSSO : RADIUS single signon, as mentioned before ] Volume limit is handled at the wifi AP. Rate limit with RADIUS (User Manager V5) ... found it ... rate limit (max, burst...
by bpwl
Thu Sep 14, 2023 6:24 pm
Forum: General
Topic: my ISP hates Mikrotik
Replies: 9
Views: 1762

Re: my ISP hates Mikrotik

turning off auto-negotiate on the WAN port and setting it to 100FDX. This 100Mb ethernet fixed HDX/FDX can be a real problem, if not matched properly. It happens quite often, with dramatic speed reduction. HDX/HDX = ok FDX/FDX = ok HDX/auto = ok auto/auto = ok FDX/auto = problem if fixed FDX does n...
by bpwl
Mon Sep 11, 2023 12:09 pm
Forum: Beginner Basics
Topic: Dynamic IP how to prevent automaticall creation of route after reboot
Replies: 2
Views: 958

Re: Dynamic IP how to prevent automaticall creation of route after reboot

After I reboot, the default route appears automatically again
Probably a chosen DHCP client action, when you accept the dynamic IP address from your ISP.
Klembord-2.jpg
Alternative to "no", in "Advanced" this default route distance can be set higher. (= lower priority)
by bpwl
Sun Sep 10, 2023 7:52 pm
Forum: Wireless Networking
Topic: Band steering - "priority" to 5Ghz
Replies: 33
Views: 19011

Re: Band steering - "priority" to 5Ghz

But how ? Used in 802.11k ? Or will MT finally add QBSS fields in the beacons? "The QBSS (QOS enhanced basic service set) information element is an 802.11e construct that enables an access point to communicate its channel usage" Missing QBSS with MT. Yet another potential reason why the MT...
by bpwl
Sun Sep 10, 2023 1:01 pm
Forum: Wireless Networking
Topic: Band steering - "priority" to 5Ghz
Replies: 33
Views: 19011

Re: Band steering - "priority" to 5Ghz

My main problem with MIKROTIK WIRELESS is the "giving up in crowded environments". When Mikrotik (WLAN driver) is in competition with other brands ( or with MT on wifiwave2), then MT has a handicap of 3dB. That is if the EIRP level is the power limiting factor (EIRP is very low in Europe ...
by bpwl
Sat Sep 09, 2023 12:03 pm
Forum: Wireless Networking
Topic: CAPsMANv2 configuration for secondary SSIDs on different VLANs
Replies: 11
Views: 4072

Re: CAPsMANv2 configuration for secondary SSIDs on different VLANs

Well, CAPsMAN is required for successful roaming according to the docs - https://help.mikrotik.com/docs/display/ROS/WifiWave2: For a client device to successfully roam between 2 APs, the APs need to be managed by the same instance of RouterOS. For information on how to centrally manage multiple APs...
by bpwl
Wed Sep 06, 2023 6:53 pm
Forum: Beginner Basics
Topic: RB5009 RouterOS License 6 [SOLVED]
Replies: 19
Views: 2294

Re: RB5009 RouterOS License 6 [SOLVED]

User manager session count (50 for level 5) is a limitation when using "EAP/Enterprise wifi security" If it is a network with multiple AP, and just one User Manager for all, the 50 (actually you only get 49) is limiting. This means 48 wifi devices (you need another extra session for roamin...
by bpwl
Tue Sep 05, 2023 10:57 pm
Forum: General
Topic: Session limit reached (current license allows only 200 session)
Replies: 11
Views: 2772

Re: Session limit reached (current license allows only 200 session)

Every legal person (family) has their own login username/password. This is mandatory in France if you offer public wifi. You must be able to point to the responsible person, or you are responsible for what has been done via your wifi connection. The ISP does the same, but cannot differentiate betwee...
by bpwl
Tue Sep 05, 2023 12:49 pm
Forum: General
Topic: Session limit reached (current license allows only 200 session)
Replies: 11
Views: 2772

Re: Session limit reached (current license allows only 200 session)

Yep, that's the one I use. I removed the wifiwave2 drivers for extra storage/memory. (hAP ax3 is in a cabinet, not used for wifi). It is not really needed to remove the drivers because User Manager is a light application. I added USB storage for the User Manager database. The RB1100Dx4 https://mikro...
by bpwl
Tue Sep 05, 2023 12:00 am
Forum: General
Topic: Session limit reached (current license allows only 200 session)
Replies: 11
Views: 2772

Re: Session limit reached (current license allows only 200 session)

That's why I use a MT device with initial license level 6 (cheaper than license) .... for User Manager. https://mikrotik.com/products/matrix License level 6 can also be ordered for other devices. Cost +- $250 . https://help.mikrotik.com/docs/display/ROS/RouterOS+license+keys User Manager limit is nu...
by bpwl
Mon Sep 04, 2023 7:25 pm
Forum: RouterOS beta
Topic: New User Manager in RouterOS v7
Replies: 205
Views: 74463

Re: New User Manager in RouterOS v7

No problem here. Swapped 2 weeks ago some RADIUS server by ROS7 User Manager as new Radius server for wifi authentication WPA2 Enterprise (PEAP/MSCHAPv2) The AP's are still on ROS6 , the users have one account but have multiple devices, and are free to connect on any of the AP's. Multiple uses of th...
by bpwl
Sun Sep 03, 2023 11:51 pm
Forum: Wireless Networking
Topic: A bit better WiFi security with per-user PSK? [SOLVED]
Replies: 62
Views: 7759

Re: A bit better WiFi security with per-user PSK? [SOLVED]

I have not seen that problem : Android/wIndows versus iPhone. It is correct that nothing needs to be specified in an iPhone. For Android and Windows, the options/methods must be correct. If any error is made, then "forget the known network" is mandatory or at least recommended , to be able...
by bpwl
Sun Sep 03, 2023 7:32 pm
Forum: Wireless Networking
Topic: A bit better WiFi security with per-user PSK? [SOLVED]
Replies: 62
Views: 7759

Re: A bit better WiFi security with per-user PSK? [SOLVED]

Access to Userman V5 (RouterOS 7) management is not via a dedicated URL for management, but just an URL for the user , at "/um". User and password here is one of the User Manager users.

Management is via RouterOS main menu.
by bpwl
Sat Sep 02, 2023 9:15 pm
Forum: Announcements
Topic: v7.12beta [testing] is released!
Replies: 263
Views: 116795

Re: v7.12beta [testing] is released!

4-address mode is not standard in 801.11. each manufacturer that offers it has implemented their own hacks to negotiate and support it, That why I'm not sure using a tunnel isn't such a bad option. It does let you treat wireless same as wired, vs using Wi-Fi specific WDS-like things. The bigger iss...
by bpwl
Sat Sep 02, 2023 2:43 pm
Forum: Wireless Networking
Topic: A bit better WiFi security with per-user PSK? [SOLVED]
Replies: 62
Views: 7759

Re: A bit better WiFi security with per-user PSK? [SOLVED]

In new Android devices, for example, you need to install the CA certificate or else it won't connect. When will it hit me ? I'm on Android version 12 SKQ1.211019.001. No problem so far. AP EAP in security profile, is set on "passthrough" and "don't verify certificate" and TLS-ce...
by bpwl
Fri Sep 01, 2023 9:16 pm
Forum: Wireless Networking
Topic: A bit better WiFi security with per-user PSK? [SOLVED]
Replies: 62
Views: 7759

Re: A bit better WiFi security with per-user PSK? [SOLVED]

No certificate .... that was exactly my problem also! https://forum.mikrotik.com/viewtopic.php?t=185562&hilit=userman#p765296 And I also only used PEAP and MSCHAPv2, not EAP-TLS. Creating the certificate for Userman was the solution. Code/exemple is in the MT HELP: https://help.mikrotik.com/docs...
by bpwl
Fri Sep 01, 2023 7:20 pm
Forum: Wireless Networking
Topic: A bit better WiFi security with per-user PSK? [SOLVED]
Replies: 62
Views: 7759

Re: A bit better WiFi security with per-user PSK? [SOLVED]

Difficult to say, but did you add the IP address of the AP in "Routers" in user manager, with the same 'shared secret' as the 'secret' in the RADIUS server setting of that AP.
With CAPsMAN the AP above is expected to be the CAPSMAN controller. (no CAPSMAN experience here).
by bpwl
Thu Aug 17, 2023 9:24 pm
Forum: General
Topic: Router connection lost
Replies: 5
Views: 1217

Re: Router connection lost

Just curious. What is in address list ES?
Can you get there (via VPN, port forwarder, proxy, ... etc.)?
by bpwl
Mon Aug 14, 2023 11:41 pm
Forum: Wireless Networking
Topic: Looking for equipment to improve rural 4G signal reception and speed
Replies: 55
Views: 6715

Re: Looking for equipment to improve rural 4G signal reception and speed

(Sorry , didn't see #51, before I already transmitted this) And yes "MT cell lock" according to MT support still allows other cells to be measured and reported as candidates. That is a potential MT "cell lock" mechanism implementation. But ... as I have enough MT devices to test ...
by bpwl
Mon Aug 14, 2023 12:09 pm
Forum: Beginner Basics
Topic: does "backup" keep the current OS installed?
Replies: 12
Views: 1683

Re: does "backup" keep the current OS installed?

Well extending the storage with something like SSD drive would be very welcome. It's like the old Android problem. You needed to jailbreak the Android OS , and format it as EXT4, to mount and use the microSD as internal storage. Otherwise the microSD was not very usefull.(Only part of the APP could ...
by bpwl
Mon Aug 14, 2023 12:28 am
Forum: Beginner Basics
Topic: does "backup" keep the current OS installed?
Replies: 12
Views: 1683

Re: does "backup" keep the current OS installed?

AFAIK the way to save and restore a "RouterOS + config" copy is by using partitions "Partitioning is supported on ARM, ARM64, MIPS, TILE, and PowerPC RouterBOARD type devices." (if there is enough room in storage, some have 128MB even 1GB) see: https://mikrotik.com/products/matri...
by bpwl
Sun Aug 13, 2023 12:38 pm
Forum: Wireless Networking
Topic: A bit better WiFi security with per-user PSK? [SOLVED]
Replies: 62
Views: 7759

Re: A bit better WiFi security with per-user PSK? [SOLVED]

Random MAC (private administered MAC) seems to be stable in IOS, Adroid and Windows, when connecting to the same SSID. How stable, how long (24h?) ? I don't know. Users are connecting with username/password in EAP (enterprise security) anyway. So random MAC is not a problem as long as all limits are...
by bpwl
Sat Aug 12, 2023 12:51 pm
Forum: Announcements
Topic: v7.11rc is released!
Replies: 195
Views: 44104

Re: v7.11rc is released!

Already manually removed lora-7.10.2 and iot-7.10.2 . Upgrade to 7.11rc3 done and OK. Will add the new IOT again later. This time there normally is no LoRa package, as the change log it is now part of IOT. But there is a smaller LoRa one in the 7.11rc3 extra packages ZIP file. The update logic got ...
by bpwl
Fri Aug 11, 2023 10:33 pm
Forum: Announcements
Topic: v7.11rc is released!
Replies: 195
Views: 44104

Re: v7.11rc is released!

Already manually removed lora-7.10.2 and iot-7.10.2 . Upgrade to 7.11rc3 done and OK. Will add the new IOT again later. This time there normally is no LoRa package, as the change log it is now part of IOT. But there is a smaller LoRa one in the 7.11rc3 extra packages ZIP file. The update logic got c...
by bpwl
Fri Aug 11, 2023 7:29 pm
Forum: Announcements
Topic: v7.11rc is released!
Replies: 195
Views: 44104

Re: v7.11rc is released!

hAP ac3 , upgrade from ROS 7.10.2 stable, to 7.11rc3 ... failed "can not install lora-7.11rc3: iot-7.11rc3 is not installed, but is required" Installed packages: (none was upgraded) [admin@hAPac3] /system/package> print Flags: X - DISABLED Columns: NAME, VERSION # NAME VERSION 0 iot 7.10.2...
by bpwl
Thu Aug 10, 2023 10:40 pm
Forum: General
Topic: RouterOS bridge mysteries explained
Replies: 86
Views: 22496

Re: RouterOS bridge mysteries explained

Translated PDF document is OK! Can be downloaded via that WeTransfer link (for a few days), but uploading such a 4MB PDF file as attachment seems not possible.
by bpwl
Wed Aug 09, 2023 1:58 pm
Forum: Wireless Networking
Topic: LTE Signal - What is considered normal
Replies: 6
Views: 2241

Re: LTE Signal - What is considered normal

And CQI as indicator? 8 is somewhat the lowest I find for a usable connection. It goes up to 15 (= max, excellent). See exemple https://forum.mikrotik.com/viewtopic.php?t=197753#p1016143 Cell 134040591 is strong (even strongest) -79dB RSRP, SINR is even 12 dB , still a very bad connection in practic...
by bpwl
Tue Aug 08, 2023 11:27 am
Forum: Beginner Basics
Topic: Port forwarding not working on HAP ac2
Replies: 6
Views: 1056

Re: Port forwarding not working on HAP ac2

Even for FTP PASV (passive mode) the firewall in front of the FTP server and the FTP server must be setup for the same dedicated PASV high port numbers. Firewall rules must allow inbound connections, and do the forwarding on ports 21 and those higher PASV port numbers. With FTP active mode the clien...
by bpwl
Mon Aug 07, 2023 6:06 pm
Forum: Beginner Basics
Topic: Port forwarding not working on HAP ac2
Replies: 6
Views: 1056

Re: Port forwarding not working on HAP ac2

Yes it is complex, with in-band (passive) or out of band control for FTP, if the firewall has no "FTP helper" then passive mode must be used. http://www2.ic.uff.br/~michael/kr1999/2-application/2_03-ftp.htm In the past (e.g. 2008) the browsers, like Internet Explorer, allowed for the "...
by bpwl
Sun Aug 06, 2023 11:33 pm
Forum: Wireless Networking
Topic: Looking for equipment to improve rural 4G signal reception and speed
Replies: 55
Views: 6715

Re: Looking for equipment to improve rural 4G signal reception and speed

To my mind (please correct me if I am wrong), band lock (=band masking) is a sub-function of cell lock Not for my understanding. For me they are absolutly not the same, the mechanisms are totally different. I can't help there is no definition for this: where one speaks about band masking, the other...
by bpwl
Sat Aug 05, 2023 1:01 am
Forum: Wireless Networking
Topic: Looking for equipment to improve rural 4G signal reception and speed
Replies: 55
Views: 6715

Re: Looking for equipment to improve rural 4G signal reception and speed

I see cell locking and band masking as two very different things. According to the MT help : https://help.mikrotik.com/docs/display/ROS/LTE , cell locking behaves like this: 1. Cell lock information will not be saved after a reboot or modem reset. 2. AT+QNWLOCK command can lock the cell and frequenc...
by bpwl
Fri Aug 04, 2023 2:59 pm
Forum: RouterOS beta
Topic: New User Manager in RouterOS v7
Replies: 205
Views: 74463

Re: New User Manager in RouterOS v7

Well it is a mystery. I think we have no access to those counters. Experience: - user is denied access (wifi PEAP/Enterprise logon) when the limit is exceeded (kicked off) and cannot reconnect until the counter is reset. - that counter is not visible AFAIK. and therefor it is not under control, as t...
by bpwl
Fri Aug 04, 2023 12:34 pm
Forum: Wireless Networking
Topic: Looking for equipment to improve rural 4G signal reception and speed
Replies: 55
Views: 6715

Re: Looking for equipment to improve rural 4G signal reception and speed

LTE connection is always in for surprises in some countries. Last week one ISP had a problem. 8.8.8.8 was not reachable , but 8.8.4.4 was. Half of the internet was reachable on that link with 8.8.4.4 check. Load balancing swapped to the SXT which uses 8.8.4.4 by the recursive route check, but that S...
by bpwl
Fri Aug 04, 2023 1:46 am
Forum: Wireless Networking
Topic: Looking for equipment to improve rural 4G signal reception and speed
Replies: 55
Views: 6715

Re: Looking for equipment to improve rural 4G signal reception and speed

You effectively disable (braking) modem handover capability according to a network request. Don't expect this ... the request to switch to the masked band should not come ... with band masking . Maybe it does come when "cell locking" is used, depending on what the modem tells the tower. I...
by bpwl
Wed Aug 02, 2023 10:37 pm
Forum: Wireless Networking
Topic: Looking for equipment to improve rural 4G signal reception and speed
Replies: 55
Views: 6715

Re: Looking for equipment to improve rural 4G signal reception and speed

Those off-topic discussiosn are mostly exemples of the homework OP has to do himself. No one else can do the tedious work of bringing the whole puzzle together, because there is a lot to be verified and tested. Test results will vary over day-time and week-weekend days. Can even be weather dependent...
by bpwl
Mon Jul 31, 2023 2:36 pm
Forum: Wireless Networking
Topic: Looking for equipment to improve rural 4G signal reception and speed
Replies: 55
Views: 6715

Re: Looking for equipment to improve rural 4G signal reception and speed

Walls in crépi ( :-) ) and roofing tiles are typical for that souhtern region. Certainly we did try FREE. On paper en technically it is the best by far, outperforming SFR, Bouygues and Orange. However there is more to check. Problem is the volume quota, and the offered subscriptions. Their best chan...
by bpwl
Mon Jul 31, 2023 11:09 am
Forum: Wireless Networking
Topic: Looking for equipment to improve rural 4G signal reception and speed
Replies: 55
Views: 6715

Re: Looking for equipment to improve rural 4G signal reception and speed

Txs. (Somebody else did the physical install :D . @rrdeli). I just tried to use the better cell connections. CQI 15 is great, CQI 8 is really at the limit of usable or not. Highest RSRP is not always the best choice. And provider SFR is in backbone trouble quite often. And even with CQI 15, the numb...
by bpwl
Mon Jul 31, 2023 1:16 am
Forum: Wireless Networking
Topic: Looking for equipment to improve rural 4G signal reception and speed
Replies: 55
Views: 6715

Re: Looking for equipment to improve rural 4G signal reception and speed

Just my 2 cents: My 2 years of experience in one spot (Alpes de Haute Provence in France). ... Don't give up, get the information and test different setups. France has a lot of detailed information on their 4G and 5G networks, which is updated regularly. And it does change over time! (Mostly new ran...
by bpwl
Wed Jul 26, 2023 12:07 pm
Forum: RouterOS beta
Topic: Hotspot and Radius / volume limit doesn't work ?
Replies: 10
Views: 4239

Re: Hotspot and Radius / volume limit doesn't work ?

Auto-login to the Hotspot is a quite common request, and many have created some solutions: https://loginslink.com/mikrotik-hotspot-automatic-login But I need a Hotspot login with the same RADIUS/PEAP username. I have put the "username" in the UserManager attribute "Mikrotik-Wireless-C...
by bpwl
Tue Jul 25, 2023 10:47 pm
Forum: RouterOS beta
Topic: Hotspot and Radius / volume limit doesn't work ?
Replies: 10
Views: 4239

Re: Hotspot and Radius / volume limit doesn't work ?

Starting my experiments on User Manager v5 (ROS 7) and setting some limits. Intention is to limit the volume use, to some fair use limit, for the permanent members of the club, and their tenants. Not using a Hotspot, but the wifi PEAP/Enterprise authentication as an authentication that does not requ...
by bpwl
Thu Jul 20, 2023 1:14 pm
Forum: General
Topic: Something NEEDS to be done about the default passwords
Replies: 169
Views: 11262

Re: Something NEEDS to be done about the default passwords

Last edited by bpwl on Wed Apr 19, 2023 8:13 pm, edited 2 times in total.
by bpwl
Wed Jul 19, 2023 11:42 pm
Forum: General
Topic: Something NEEDS to be done about the default passwords
Replies: 169
Views: 11262

Re: Something NEEDS to be done about the default passwords

Last edited by bpwl on Wed Apr 19, 2023 8:13 pm, edited 2 times in total.
by bpwl
Wed Jul 19, 2023 11:21 pm
Forum: General
Topic: Something NEEDS to be done about the default passwords
Replies: 169
Views: 11262

Re: Something NEEDS to be done about the default passwords

Last edited by bpwl on Wed Apr 19, 2023 8:13 pm, edited 2 times in total.
by bpwl
Wed Jul 19, 2023 10:52 pm
Forum: General
Topic: Something NEEDS to be done about the default passwords
Replies: 169
Views: 11262

Re: Something NEEDS to be done about the default passwords

Last edited by bpwl on Wed Apr 19, 2023 8:13 pm, edited 2 times in total.
by bpwl
Wed Jul 19, 2023 10:16 pm
Forum: General
Topic: Something NEEDS to be done about the default passwords
Replies: 169
Views: 11262

Re: Something NEEDS to be done about the default passwords

Last edited by bpwl on Wed Apr 19, 2023 8:13 pm, edited 2 times in total.
by bpwl
Wed Jul 19, 2023 9:14 pm
Forum: General
Topic: Something NEEDS to be done about the default passwords
Replies: 169
Views: 11262

Re: Something NEEDS to be done about the default passwords

Last edited by bpwl on Wed Apr 19, 2023 8:13 pm, edited 2 times in total.
by bpwl
Wed Jul 19, 2023 7:56 pm
Forum: General
Topic: Something NEEDS to be done about the default passwords
Replies: 169
Views: 11262

Re: Something NEEDS to be done about the default passwords

Last edited by bpwl on Wed Apr 19, 2023 8:13 pm, edited 2 times in total.



.
by bpwl
Sun Jul 16, 2023 12:22 am
Forum: General
Topic: EAP-TLS wireless authentication - why a Mikrotik station cannot connect to a Mikrotik AP? [SOLVED]
Replies: 5
Views: 2857

Re: EAP-TLS wireless authentication - why a Mikrotik station cannot connect to a Mikrotik AP? [SOLVED]

Maybe I have to test again. ... https://forum.mikrotik.com/viewtopic.php?t=191120#p996981 ROS AP security profile is on TLS-mode "dont verify certificate" and ROS as client security profile with TLS-mode "no certificates" , they did not connect, but maybe this is no correct match...
by bpwl
Sat Jul 15, 2023 1:03 pm
Forum: RouterOS beta
Topic: Hotspot and Radius / volume limit doesn't work ?
Replies: 10
Views: 4239

Re: Hotspot and Radius / volume limit doesn't work ?

Thx @holvoetn. Still have to do something similar. But I don't use CAPsMAN nor Hotspot. Hotspot could be added if login is 100% transparent to Radius enterprise connect to wifi (WPA2 Enterprise) We willl now use hAPax³ for "user Manager" with its level 6 license. And use the hAP ax³ as int...
by bpwl
Fri Jul 14, 2023 8:04 pm
Forum: Wireless Networking
Topic: MikroTik hAP ax3 poor WiFi performance
Replies: 255
Views: 40581

Re: MikroTik hAP ax3 poor WiFi performance

There was another distorted weather map on (Belgian/Flemisch) national television last month. (Didn't record it, but it was a pretty strong distortion) So yes, the BIPT will again be burdened to find the culprit. https://www.wirelessinfo.be/wifi-wetgeving/ https://www.nieuwsblad.be/cnt/dmf20170223_0...
by bpwl
Tue Jul 11, 2023 1:36 pm
Forum: Wireless Networking
Topic: ax series lineup WiFi issues
Replies: 340
Views: 35125

Re: ax series lineup WiFi issues

Congratulations, join the club :? Not joining this club yet. Installing more AC series MT AP's with legacy driver (WLAN). I do want 4-address mode for the backbone, and dynamic VLAN per RADIUS user used at client device connect. It takes long to fix this, when just waiting for it. This is a hard ti...
by bpwl
Wed Jul 05, 2023 11:07 pm
Forum: Beginner Basics
Topic: Starlink and wireless wire
Replies: 1
Views: 751

Re: Starlink and wireless wire

The default (or reset) config of the wireless wire is just a bridged connection, acts like a wire. If it works directly on Starlink, it will work on the other end of the wireless wire , as on Starlink. Current ISP and Starlink may have different settings for the client, but this is mostly set with '...
by bpwl
Tue Jun 27, 2023 10:02 pm
Forum: General
Topic: The "best" load balancing method for poor men ?
Replies: 19
Views: 1301

Re: The "best" load balancing method for poor men ?

@anav pointed to https://mum.mikrotik.com/presentations/US12/steve.pdf page 126 , for the PCC options. I do experience "source and destination address" as stable enough solution for Belgian banking applications. But maybe I know more about Belgian waffles: https://focusonbelgium.be/en/fact...
by bpwl
Mon Jun 26, 2023 9:39 pm
Forum: Beginner Basics
Topic: Station Bridge to be Wi-fi Access Point as well
Replies: 3
Views: 736

Re: Station Bridge to be Wi-fi Access Point as well

One radio should work. (There is a button "setup repeater" that will create the virtual wifi interface as station-bridge or station-pseudo-bridge or WDS .... , and add the AP, and bind all to a bridge) see : https://wiki.mikrotik.com/wiki/Manual:Interface/Wireless#Repeater ) Essential is t...
by bpwl
Sat Jun 17, 2023 5:52 pm
Forum: General
Topic: Can't connect to MikrotiTik hAP ac lite
Replies: 2
Views: 622

Re: Can't connect to MikrotiTik hAP ac lite

Reset the hAP AC Lite with the reset button (do not press the reset button longer than 5 sec to go till CAPS mode or till Netinstall mode) Connect via ethernet (or wifi) with Winbox. Via IP 192.168.88.1 then the ether port 1 cannot be used (it is configured as WAN port, and firewall protected.) See ...
by bpwl
Mon Jun 12, 2023 11:57 am
Forum: RouterBOARD hardware
Topic: hAP lite / RB941-2nD-TC and Powerline
Replies: 2
Views: 1781

Re: hAP lite / RB941-2nD-TC and Powerline

You need that special USB pwr-line PL6400 power adaptor.
Can be used with hAP Lite, mAP, mAP Lite, hAP mini ... if you can stil find one.

PWR-LINE EU has been replaced with PWR-line PRO, which is also already discontinued !
by bpwl
Mon May 29, 2023 12:26 pm
Forum: General
Topic: Home AP Dual Client comms between different SSID on same network [SOLVED]
Replies: 14
Views: 1124

Re: Home AP Dual Client comms between different SSID on same network [SOLVED]

To separate SSID's on one AP, with WLAN interfaces and even ethernet interfaces bridged together, I use the same bridge port "horizon" value. Same usage for the Powerbox connecting (bridging) the different AP's. This also stops broadcasts from one to the other. The network forms a tree str...
by bpwl
Sat May 27, 2023 8:18 pm
Forum: Wireless Networking
Topic: Problem with dynamic VLAN
Replies: 12
Views: 2351

Re: Problem with dynamic VLAN

Out of curiosity, anyone know if this works (or should work) in wifiwave2?
Only have release notes info (no ax device purchased yet)
Release notes 7.7

*) wifiwave2 - added option to set per-client vlan-id in access list (only supported on 802.11ax interfaces) (CLI only);
by bpwl
Sat May 27, 2023 12:55 am
Forum: Wireless Networking
Topic: Problem with dynamic VLAN
Replies: 12
Views: 2351

Re: Problem with dynamic VLAN

It is also interesting to observe the behavior of the VLAN setting on the wireless interface. E.g. when setting it as you mention (no tag), the client will receive the multicasts from all VLANs, with tag. But of course it is not looking at tagged traffic (except maybe Windows, but I have no Windows...
by bpwl
Wed May 24, 2023 5:16 pm
Forum: Wireless Networking
Topic: How to disable 802.11g in Wave2? [SOLVED]
Replies: 12
Views: 2235

Re: How to disable 802.11g in Wave2? [SOLVED]

AFAIK "802.11n Greenfield" mode has been abandonned by most vendors, because it harms if B or G transmissions are in the same area. So now in most cases the G compatibility mode is turned on. FYI: https://www.computerweekly.com/news/2240101850/What-is-80211n-Greenfield-mode To know what yo...
by bpwl
Tue May 23, 2023 2:33 pm
Forum: General
Topic: Login with Default Admin and No Password is Failing
Replies: 27
Views: 9596

Re: Login with Default Admin and No Password is Failing

Pfff ... I see now ... thx <div class="content">Double-check that you're using the correct default admin username and ensure that you're not accidentally entering a password <a href="removed link" class="postlink"><span style="color:#272f3e"><span style="...
by bpwl
Tue May 23, 2023 2:06 pm
Forum: General
Topic: Login with Default Admin and No Password is Failing
Replies: 27
Views: 9596

Re: Login with Default Admin and No Password is Failing

@herrylauu : maybe read the whole thread again: Default admin username and blanc password, as it always has been, is gone now for new devices..
by bpwl
Sun May 21, 2023 12:15 am
Forum: Beginner Basics
Topic: ERROR: could not connect to 192.168.88.1
Replies: 1
Views: 292

Re: ERROR: could not connect to 192.168.88.1

Winbox V3.31 is rather old. Will work on V6 ROS , V7 ROS requires V3.33
V3.38 is the latest now

Or try "Neighbors" and use the MAC address
by bpwl
Sat May 20, 2023 10:45 pm
Forum: Beginner Basics
Topic: Is there a way to see all previous failed logins on Winbox?
Replies: 35
Views: 2321

Re: Is there a way to see all previous failed logins on Winbox?

That's the second (stronger) option, to send it with "remote" to a SYSLOG like Dude. Changing logging from action "echo" or "memory" to "disk" would put those logs in the flash file specified, which survives reboots and resets. You may want to only send some &...
by bpwl
Sat May 20, 2023 10:27 pm
Forum: Beginner Basics
Topic: RADIUS server is not responding [SOLVED]
Replies: 18
Views: 19603

Re: RADIUS server is not responding [SOLVED]

I expected a common secret string defined for /radius add address=127.0.0.1 service=ppp,login,hotspot and for /user-manager router add address=127.0.0.1 name=router1 Not specifying this "secret" may give it some common value, I don't know if it does, and what this value would be. The RADIU...
by bpwl
Sat May 20, 2023 9:55 pm
Forum: Beginner Basics
Topic: Is there a way to see all previous failed logins on Winbox?
Replies: 35
Views: 2321

Re: Is there a way to see all previous failed logins on Winbox?

Logging to actions "echo" and "memory" ... are gone after power failure or reset/restart. Logging to actions "disk" and "remote" are still available. ( "disk" is to the flash or other added storage, like USB stick.) ("remote" requires a sys...
by bpwl
Fri May 19, 2023 9:44 pm
Forum: Wireless Networking
Topic: RBM33G and usb Wi-Fi
Replies: 6
Views: 1407

Re: RBM33G and usb Wi-Fi

a USB-Wifi adaptor is not necessary a serial (UART) adaptor, like the Woobm. Woobm does work as serial/console adaptor via wifi. The checked port list in Winbox screenshot is for serial connections over USB. Converting between USB and serial TTL/RS232/FTDI console connection. Woobm gives wifi access...
by bpwl
Sun May 14, 2023 2:06 am
Forum: RouterBOARD hardware
Topic: How to work with IoT on RouterBOARD?
Replies: 8
Views: 2396

Re: How to work with IoT on RouterBOARD?

ESP-now is not compatible with OSI layered wifi. It is designed to avoid the use a regular wifi AP or router. There is also an ESP-NOW HUB, which connects ESP-now to wifi. https://www.youtube.com/watch?v=Zd3YB8cI5dA MT router is not using ESP-now but regular wifi. I'm not using ESP-now either. ESP-n...
by bpwl
Sat May 13, 2023 12:01 pm
Forum: RouterBOARD hardware
Topic: How to work with IoT on RouterBOARD?
Replies: 8
Views: 2396

Re: How to work with IoT on RouterBOARD?

What role does Mikrotik play in this scheme? Does it handle scripts? What does it do if your MQTT broker is running on another device? And you write that you work through wi-fi. Have you configured ESP-now? Or do you work on a regular Wi-Fi network? If in the usual, then these are large losses in e...
by bpwl
Sat May 13, 2023 11:44 am
Forum: RouterBOARD hardware
Topic: How to work with IoT on RouterBOARD?
Replies: 8
Views: 2396

Re: How to work with IoT on RouterBOARD?

I do not understand why even make additional packages for some Mikrotik devices if they do not support it at the hardware level. additional packages .... are just compiled for all devices AFAIK. There is seldom something that is not in all ROS images, unless it is CPU platform specific (like Zeroti...
by bpwl
Sat May 13, 2023 2:27 am
Forum: RouterBOARD hardware
Topic: How to work with IoT on RouterBOARD?
Replies: 8
Views: 2396

Re: How to work with IoT on RouterBOARD?

Why then make firmware with IoT support if it cannot do this in hardware? Why make firmware for wifi support, if some routers cannot do this in hardware? IOT is an option, and additional package, that is usefull if the proper hardware is choosen. I don't have any of these: https://help.mikrotik.com...
by bpwl
Fri May 12, 2023 8:57 pm
Forum: Announcements
Topic: Newsletter #113 | May 2023
Replies: 103
Views: 39639

Re: Newsletter #113 | May 2023

Hope someone is sending out the "40mbit intolerant bit", with all those 40MHz wide channels (Ce) . 28dBm is indeed possible for FCC (US), not for ETSI (EU). All together in channel 1 and 6 (40 mbit wide) , no one in channel 11 ? How does one count/deal the weak (<-86dBm) signal? The noise ...
by bpwl
Fri May 12, 2023 1:30 am
Forum: Beginner Basics
Topic: DHCP offering lease [ip] for [mac] without success
Replies: 16
Views: 2422

Re: DHCP offering lease [ip] for [mac] without success

OK Thanks for the extra information. Troubleshooting can take some time, and many checks. When the cause is found, then it is all obvious and simple, and one wonders why it was overlooked. So what else could it be, that did not appear in the log? Most direct cause for an interface to go down can be ...
by bpwl
Thu May 11, 2023 6:19 pm
Forum: Beginner Basics
Topic: DHCP offering lease [ip] for [mac] without success
Replies: 16
Views: 2422

Re: DHCP offering lease [ip] for [mac] without success

Thank you. Lots of information ... So first impression only .. - please remove that "internet-detect" . It is known to give strange things. You have only one L3 interface, and that's the bridge. And that bridge is the LAN, and the path to internet, at the same time. - "may/07 16:50:44...
by bpwl
Wed May 10, 2023 10:29 pm
Forum: Beginner Basics
Topic: DHCP offering lease [ip] for [mac] without success
Replies: 16
Views: 2422

Re: DHCP offering lease [ip] for [mac] without success

All I have left is the interface logs on the HAP that go up and down at unclear times, sometimes every minute and sometimes after hours. How come? Can I remove the port from the bridge? Still guessing what is happening in your setup. Removing ether2 from the bridge, will change the setup from a sin...
by bpwl
Wed May 10, 2023 7:00 pm
Forum: General
Topic: Woobm-USB
Replies: 1
Views: 282

Re: Woobm-USB

WOOBmAP works fine here. Klembord-2.jpg . Some client devices are not happy if a wifi connection does not give access to internet, a browser may stall on this. This connection does indeed not have internet access. The device for wireless/wired conversion is the Mikrotik MQS. Well not via USB. I stil...
by bpwl
Wed May 10, 2023 12:35 pm
Forum: Wireless Networking
Topic: Problem with dynamic VLAN
Replies: 12
Views: 2351

Re: Problem with dynamic VLAN

Interesting diagnosis ! But "multicast" .... what is the wifi driver doing with this? Sending like a beacon at that low basic rate? ""Real" multicast is a form of broadcast at layer-2, and Wi-Fi can do that (send to a multicast group instead of individual unicast MAC address...
by bpwl
Wed May 10, 2023 12:16 pm
Forum: Announcements
Topic: Newsletter #113 | May 2023
Replies: 103
Views: 39639

Re: Newsletter #113 | May 2023

https://mikrotik.com/product/rb5009_out , not in the newsletter, but even more impressive. All 5009 should have L6, when compared to hAP ax3 (but L6 there was a marketing glitch, no?) That one was in our previous newsletter :) https://box.mikrotik.com/f/dda43ce0a0f94f4c84c3/?dl=1 Ooops , missed tha...
by bpwl
Tue May 09, 2023 11:09 pm
Forum: Wireless Networking
Topic: Problem with dynamic VLAN
Replies: 12
Views: 2351

Re: Problem with dynamic VLAN

Only used VLAN in access lists so far. Wifi interface is set to "VLAN Mode = no tag, VLAN id=1", access list defines "use tag, VLAN id" to be used. Never tried multicast (like Chromecast), as the VLAN in my case is different, so it would not work anyway. One of the questions is w...
by bpwl
Tue May 09, 2023 10:27 pm
Forum: Announcements
Topic: Newsletter #113 | May 2023
Replies: 103
Views: 39639

Re: Newsletter #113 | May 2023

VLAN assignment via RADIUS, on WLAN or wifi(wave2) interfaces? Seems quite different in what I read on this.
WLAN driver based versus bridge setting based in wifiwave2/AX ????? Not checked, no hardware. But CAPSMAN (wifiwave2) suggests things like that.
by bpwl
Tue May 09, 2023 9:57 pm
Forum: Announcements
Topic: Newsletter #113 | May 2023
Replies: 103
Views: 39639

Re: Newsletter #113 | May 2023

Marketing seems to go of the rails. it must be a stressful time for marketing, not an easy task. The implementations and applications are numerous. Everyone is looking for their optimal mix of options. Compare it to the hAP ax3, if you have more than 25 wifi devices only connecting to your LAN via ...
by bpwl
Mon May 08, 2023 7:53 pm
Forum: General
Topic: HAP AC2 goes shortly online and then it suddenly shuts down
Replies: 4
Views: 477

Re: HAP AC2 goes shortly online and then it suddenly shuts down

my HAP AC2 got hacked by a white-hat-hacker ????? Under the owner's consent, white-hat hackers aim to identify any vulnerabilities or security issues the current system has. The router was behind a DSL modem If you did not set port forwarding in that DSL modem, there is probably no hacker involved....
by bpwl
Sun May 07, 2023 10:20 pm
Forum: Beginner Basics
Topic: DHCP offering lease [ip] for [mac] without success
Replies: 16
Views: 2422

Re: DHCP offering lease [ip] for [mac] without success

I know. RouterOS allows you to set this Interface list membership on every interface. But once an interface is a port of a bridge, it is only a port of that bridge, and is not seen anymore as an interface by RouterOS. https://forum.mikrotik.com/viewtopic.php?t=122222#p601238 https://forum.mikrotik.c...
by bpwl
Sun May 07, 2023 4:49 pm
Forum: Wireless Networking
Topic: MikroTik hAP ax3 poor WiFi performance
Replies: 255
Views: 40581

Re: MikroTik hAP ax3 poor WiFi performance

It's some really narrow, high-gain antenna involved I know this way of thinking. Made the same mistake before. The Fresnel diameter does NOT depend on the narrow beam of a high gain antenna. It depends on the frequency and the distance. https://www.everythingrf.com/rf-calculators/fresnel-zone-calcu...
by bpwl
Sun May 07, 2023 2:10 pm
Forum: Beginner Basics
Topic: DHCP offering lease [ip] for [mac] without success
Replies: 16
Views: 2422

Re: DHCP offering lease [ip] for [mac] without success

OK. Check is all good. Just a comment ... when your clients want to connect to internet, they will go to the hAP for routing. The hAP will reply with a ICMP-redirect telling the client to use 192.168.88.254 as gateway. Not all clients may react equally well on this ICMP-redirect. https://forum.mikro...
by bpwl
Sun May 07, 2023 1:57 pm
Forum: Wireless Networking
Topic: MikroTik hAP ax3 poor WiFi performance
Replies: 255
Views: 40581

Re: MikroTik hAP ax3 poor WiFi performance

@bpwl is probably talking about radars operating in 5GHz DFS channels Yes indeed. That are the ones where the regulator might pay you a visit, to check and confiscate illegal equipment. Sanctions are not small in that case. "Who is competent to carry out controls regarding the wifi legislation...
by bpwl
Sat May 06, 2023 10:58 pm
Forum: Wireless Networking
Topic: MikroTik hAP ax3 poor WiFi performance
Replies: 255
Views: 40581

Re: MikroTik hAP ax3 poor WiFi performance

Can't help you. Illegal TX power setting can interfere with weather radars over 200 km away. Stay legal!
by bpwl
Sat May 06, 2023 10:40 pm
Forum: Beginner Basics
Topic: DHCP offering lease [ip] for [mac] without success
Replies: 16
Views: 2422

Re: DHCP offering lease [ip] for [mac] without success

Just reacting quickly (not fully controlled) because having ether1 (named a your wan) on the lan-bridge is a potential confusion/problem. Just a quick extra check. If the uplink wan device (192.168.88.254?) would be offering a DHCP lease ... to ether1 ... it is offering it to the bridge, and to all ...
by bpwl
Sat May 06, 2023 1:02 am
Forum: Beginner Basics
Topic: DHCP offering lease [ip] for [mac] without success
Replies: 16
Views: 2422

Re: DHCP offering lease [ip] for [mac] without success

????????????????????? can't follow, don't understand your desciption. 1: what is server1? What MAC is this here ? (alarm, ethernet hAP, which ethernet, bridged? ) 2. ether2 down. Because set down/up by command? Or just happens ? Cable disconnect/connect ? 3. deassigned ? It was not assigned. Or has ...
by bpwl
Wed May 03, 2023 2:27 pm
Forum: General
Topic: Can I avoid IP range overlap?
Replies: 4
Views: 455

Re: Can I avoid IP range overlap?

Yes @holvoetn, having different subnets behind Router A than between ISP and Router B would be an advantage for the LAN network. If OP is ready to change the subnet behind Router A, as a first requirement. Secondly I have seen more ISP modem/routers in our country that allowed to select the X in the...
by bpwl
Tue May 02, 2023 9:13 pm
Forum: General
Topic: Can I avoid IP range overlap?
Replies: 4
Views: 455

Re: Can I avoid IP range overlap?

Mikrotik has many options here ... . Multiple LAN with the same IP address range are usually not very simple routing connections. Maybe you should look at the following ... 1. The ISP is giving you one subnet 192.168.1.0/24, which cannot be changed. But you can have multiple subnets in that one ISP ...
by bpwl
Tue May 02, 2023 11:27 am
Forum: Wireless Networking
Topic: hAP ax3 Station Mode - disconnected reason code 3
Replies: 3
Views: 1172

Re: hAP ax3 Station Mode - disconnected reason code 3

3 Deauthenticated because sending STA is leaving (or has left) IBSS or ESS The client disconnected from the AP. https://support.google.com/chrome/a/answer/7172038?hl=en#zippy=%2Cdeauthentication-reason-codes By experience ... possible suspects for disconnect reason code 3. Client lost it's IP addre...
by bpwl
Sun Apr 30, 2023 10:28 pm
Forum: Wireless Networking
Topic: hap ac3 - worse than hap lite?
Replies: 23
Views: 5477

Re: hap ac3 - worse than hap lite?

very networking and radio specific word used... Yes I know. You will have to look it up (internet search engine will give you 100's if not 1000's links to textx that do explain this.) Terms to look up and understand are EIRP, ETSI (limis for Europe), FCC (limits for USA and Canada), TPC , power in ...
by bpwl
Sun Apr 30, 2023 3:25 pm
Forum: Wireless Networking
Topic: hap ac3 - worse than hap lite?
Replies: 23
Views: 5477

Re: hap ac3 - worse than hap lite?

If they limit it why should I pay for higher gain? I know it is contra-intuitive. Higher gain does not yield a stronger signal, if the limit comes from the regulator, based on EIRP (strongest direction, regulated as if it was in all directions (I = isotropic) The higher gain in an antenna comes wit...
by bpwl
Sun Apr 30, 2023 12:25 am
Forum: Wireless Networking
Topic: Mikrotik HAP AX3 and WifiWave2 with VLANS
Replies: 2
Views: 1383

Re: Mikrotik HAP AX3 and WifiWave2 with VLANS

VLAN design will depend on what you want to do with VLAN's, besides this wifiwave2.

3 separate SSID (2.4GHz, 5GHz and 5 GHz-guest) , on 3 separate LAN subnets as you describe, in one device, if that is all, do not need the use of VLAN.
by bpwl
Sun Apr 30, 2023 12:06 am
Forum: The User Manager
Topic: Use usermanager on same radius client router [SOLVED]
Replies: 1
Views: 1967

Re: Use usermanager on same radius client router [SOLVED]

I expect it to work via address 127.0.0.1. There is already a default accept rule in the firewall intended for CAPsMAN : "defconf: accept to local loopback (for CAPsMAN)" The rest should be the same as for any other RADIUS client setup: - add router 127.0.0.1 in User Manager , with a defin...
by bpwl
Sat Apr 29, 2023 12:04 pm
Forum: Wireless Networking
Topic: hAP ax²
Replies: 1
Views: 1015

Re: hAP ax²

As I try to understand this .... "802.11ac Wave 2" is the wifi standard wifiwave2 is the driver implementation for Mikrotik. It implements more of the 802.11ac standard than the regular driver (with the WLAN interfaces), which however has some interesting non-standard features (like 4-addr...
by bpwl
Sat Apr 29, 2023 2:00 am
Forum: General
Topic: Something NEEDS to be done about the default passwords
Replies: 169
Views: 11262

Re: Something NEEDS to be done about the default passwords

Last edited by bpwl on Wed Apr 19, 2023 8:13 pm, edited 2 times in total.
by bpwl
Sat Apr 29, 2023 12:20 am
Forum: Wireless Networking
Topic: MikroTik hAP ax3 poor WiFi performance
Replies: 255
Views: 40581

Re: MikroTik hAP ax3 poor WiFi performance

Thanks MKX for the detailed information. My knowledge in this is just some very very limited practical things. .... a 10 minutes check needed due to the long scan cycle. And our whole country is covered by 4 powerfull radars. The devastating effect of non-compliant wifi equipment , is regularly seen...
by bpwl
Fri Apr 28, 2023 9:51 pm
Forum: Beginner Basics
Topic: Is there a way to see all previous failed logins on Winbox?
Replies: 35
Views: 2321

Re: Is there a way to see all previous failed logins on Winbox?

No USB, or microSD slot as in the hEX ... was a problem for extra disk... but now there is the new ROSE https://help.mikrotik.com/docs/display/ROS/ROSE-storage NFS mount, SMB client, iSCSI (SAN) disk ... network connected storage, both as initiator (client) and host ! NVMe over TCP is new to me.
by bpwl
Fri Apr 28, 2023 4:34 pm
Forum: Beginner Basics
Topic: Is there a way to see all previous failed logins on Winbox?
Replies: 35
Views: 2321

Re: Is there a way to see all previous failed logins on Winbox?

You can increase the line limit per log file, I use 4096 without any problem. This can be large if you wish ..... Sending all important logs to the hEX with DUDE. DUDE has the syslog function built in. Filtered DUDElog is written to disk via the log system of the hEX Here external disk, because of ...
by bpwl
Fri Apr 28, 2023 2:57 pm
Forum: Wireless Networking
Topic: MikroTik hAP ax3 poor WiFi performance
Replies: 255
Views: 40581

Re: MikroTik hAP ax3 poor WiFi performance

"Country=Italy" (or any European country with ETSI regulation) and "skip DFS channels= all", eliminates most of the 5 GHz channels (the stronger ones) And 80 MHz wide ... then there is only just one (1) 80 MHz channel possible without DFS. The 80MHz channel made from channel 36-4...
by bpwl
Fri Apr 28, 2023 12:30 pm
Forum: Wireless Networking
Topic: Mikrotik wifi roaming expirience
Replies: 24
Views: 14721

Re: Mikrotik wifi roaming expirience

Well the rules above are not wrong. But they will not improve the roaming speed. They are intended to kick out slow connections (unfortunately only based on received signal strength at the AP), while hoping that the client reconnects to a better signal. That kicking sometimes has a negative side efe...
by bpwl
Thu Apr 27, 2023 8:40 pm
Forum: Wireless Networking
Topic: Mikrotik wifi roaming expirience
Replies: 24
Views: 14721

Re: Mikrotik wifi roaming expirience

Be ware with that youtube , and possible conclusions - modified default setting : no-authenticate, no-forward, etc (like VLAN) are "interface default" settings. This means they will only be used if there is no matching "access list" rule. - The shown access list entries cover alm...
by bpwl
Thu Apr 27, 2023 6:15 pm
Forum: Beginner Basics
Topic: travel router
Replies: 18
Views: 6876

Re: travel router

Yes this should work this way. Master is AP or AP-bridge. Slave is station or station-pseudobridge (there are 2 scenario's here!) Station, with masquerade or SRC-NAT is expected to be the most stable, and will allow the master interface with AP to have it's own DHCP server and range. Everything sent...
by bpwl
Wed Apr 26, 2023 8:29 pm
Forum: Wireless Networking
Topic: Wireless FAQ
Replies: 90
Views: 180676

Re: Wireless FAQ

So reference to Mikrotik Products ... with wrong information ????

viewtopic.php?p=998594#p983462 .... comparing ax² (left) with ax³ (right)
by bpwl
Wed Apr 26, 2023 7:44 pm
Forum: Wireless Networking
Topic: Mikrotik wifi roaming expirience
Replies: 24
Views: 14721

Re: Mikrotik wifi roaming expirience

How can I explain? All configurations are so different. I would start with a simple test: how long does a new connection take, to start having traffic . And this is NOT when the client like Windows 10/11 indicates the wifi is connected. The connection is operational long before that. Windows does so...
by bpwl
Wed Apr 26, 2023 6:54 pm
Forum: Wireless Networking
Topic: Wireless FAQ
Replies: 90
Views: 180676

Re: Wireless FAQ

BUT to make it super sweet, with AX devices they REVERSED the numbering :shock:
Wifi1= 5GHz
Wifi2 = 2.4 Ghz
Only the hAP ax², correct again in the hAP ax³. ?
by bpwl
Wed Apr 26, 2023 6:35 pm
Forum: Beginner Basics
Topic: how to upgrade to 7.3 fom 6.49.6?
Replies: 2
Views: 697

Re: how to upgrade to 7.3 fom 6.49.6?

:-) The only thing special for upgrade from 6.xx to 7.xx is that "upgrade" channel must be choosen. "upgrade" channel does not appear on every release, but 6.49.6 should certainly have it. Others have only something like "test", "stable", "long term"...
by bpwl
Mon Apr 24, 2023 10:46 pm
Forum: Wireless Networking
Topic: how much 60 Ghz devices are resistant to jamming?
Replies: 6
Views: 1175

Re: how much 60 Ghz devices are resistant to jamming?

Is "Laser FSO Wireless Links" an option ?
by bpwl
Mon Apr 24, 2023 10:25 pm
Forum: RouterOS beta
Topic: New User Manager in RouterOS v7
Replies: 205
Views: 74463

Re: New User Manager in RouterOS v7

Feature request: logs No, but seriously, the current logs are insufficient for any troubleshooting. Currently I have one user that cannot connect to EAP wifi and the logs contain just this: radius_logs.jpg Current logs indeed are minimal ... just lost 30 minutes in starting a simple User Manager in...
by bpwl
Mon Apr 24, 2023 2:25 pm
Forum: Wireless Networking
Topic: Sxt lite5 Ether1 10mbps problem help!
Replies: 5
Views: 4921

Re: Sxt lite5 Ether1 10mbps problem help!

Just my 2ct.

If there is a loop, ( or it looks like there is one because of signal crosstalk between send and receive lines ???), on the ethernet line, then I expect STP (spanning tree protocol) or RSTP, to stop all traffic on that interface.
by bpwl
Mon Apr 24, 2023 2:13 pm
Forum: General
Topic: L2TP Remote IP cannot ping from LAN IP
Replies: 16
Views: 1157

Re: L2TP Remote IP cannot ping from LAN IP

instead of just asking help to resolve the homework. But Mikrotik documentation, even if completely correct can be cryptic because it is minimalist in explaining what and why ... and with MT there are so many ways to do it ... Like in https://wiki.mikrotik.com/wiki/Manual:Interface/L2TP , te "...
by bpwl
Mon Apr 24, 2023 11:15 am
Forum: General
Topic: L2TP Remote IP cannot ping from LAN IP
Replies: 16
Views: 1157

Re: L2TP Remote IP cannot ping from LAN IP

Check your routes please. Your PC on LAN A can probably find the L2TP interface of Router B (192.168.201.2) via router A , that does not need the ip routes as said, but ..... , if the routes are not correct in router B, then the answer of RouterB will not find your PC . Use traceroute to find where ...
by bpwl
Mon Apr 24, 2023 12:10 am
Forum: General
Topic: L2TP Remote IP cannot ping from LAN IP
Replies: 16
Views: 1157

Re: L2TP Remote IP cannot ping from LAN IP

You forget about the different lan segments not pinging each other. No , I didn't. I know explaining in writing can be confusing. Pinging 192.168.201.2 (Router B L2TP IP address) with source address 192.168.100.1 (ethernet address of Router A ) will fail. Not because the path is unknown, but becaus...
by bpwl
Sun Apr 23, 2023 10:19 pm
Forum: General
Topic: SSTP VPN Guide RouterOS V7
Replies: 20
Views: 2134

Re: SSTP VPN Guide RouterOS V7

Yep @anav: VPN table is correct. But as they follow the CactusVPN screenshots in absolute detail, and I expected the main table also in the config export, what did not appear because it was empty, I tought wrongly the main table had just been renamed. The path to the SSTP server is dynamic (DAC rout...
by bpwl
Sun Apr 23, 2023 9:41 pm
Forum: General
Topic: SSTP VPN Guide RouterOS V7
Replies: 20
Views: 2134

Re: SSTP VPN Guide RouterOS V7

Some user in the hide.me forum, indicated not being able to set up SSTP in V7, while following the details of the V6 SSTP setup. That user made the same mistake in the V7 version, as not to handle the differences between V6 and V7 in "ip route" setup. And the moderator there just blamed it...
by bpwl
Sun Apr 23, 2023 9:22 pm
Forum: Wireless Networking
Topic: CAPsMANv2 configuration for secondary SSIDs on different VLANs
Replies: 11
Views: 4072

Re: CAPsMANv2 configuration for secondary SSIDs on different VLANs

Yep. Correct. What I wanted to indicate, is that the bridge VLAN and the wifi interface VLAN must be set to untag ( and tag in the receiving direction) the traffic just once. Either done in the bridge (VLAN filtering on, wifi interface untagged) or it is done in the wifi driver (so the traffic from ...
by bpwl
Sun Apr 23, 2023 12:22 pm
Forum: Announcements
Topic: v7.9rc is released!
Replies: 253
Views: 71124

Re: v7.9rc is released!

Disable VLAN filtering, or add the tagged VLAN needed to the wifiwave port ?

viewtopic.php?t=195600#p997933
by bpwl
Sun Apr 23, 2023 11:49 am
Forum: Wireless Networking
Topic: CAPsMANv2 configuration for secondary SSIDs on different VLANs
Replies: 11
Views: 4072

Re: CAPsMANv2 configuration for secondary SSIDs on different VLANs

The only current way to get vlan and dynamic interfaces working on caps with capsman 2 is to disable vlan filtering on cap bridge. Then it will work. Will be fixed in a subsequent release, I was told by support. Even without capsman, that's the way to have dynamic VLAN assignment by the driver (acc...
by bpwl
Sat Apr 22, 2023 8:47 pm
Forum: General
Topic: SSTP VPN Guide RouterOS V7
Replies: 20
Views: 2134

Re: SSTP VPN Guide RouterOS V7

Some things have moved around for "ip route" for v6 versus v7. The other options besides 'unicast' for that TYPE answer nr 41 are 'blackhole, prohibit and unreachable' ... all 3 are forms of stopping or discarting the traffic. In V7, I only see an option 'blackhole' that could be checkmark...
by bpwl
Fri Apr 21, 2023 9:02 pm
Forum: General
Topic: L2TP Remote IP cannot ping from LAN IP
Replies: 16
Views: 1157

Re: L2TP Remote IP cannot ping from LAN IP

This is default routing behavior, as I see it from your comments ... Router A a has networks 192.168.100.0/24 and 192.168.201.0/x directly attached to itself, so it knows the path to it. Router A can ping all of those network devices Idem for Router B , with networks 192.168.101.0/24 and the common ...
by bpwl
Fri Apr 21, 2023 5:19 pm
Forum: General
Topic: L2TP Remote IP cannot ping from LAN IP
Replies: 16
Views: 1157

Re: L2TP Remote IP cannot ping from LAN IP

Are LAN gateway and IP routes set for 192.168.100.0/24 and 192.168.101.0/24 in both directions? The answer has to find it's way back also. In detail - client A has to use Router A as gateway for addresses in LAN B (or as it's default gateway) - Router A has to know (ip route) that the subnet of LAN ...
by bpwl
Fri Apr 21, 2023 5:13 pm
Forum: General
Topic: Something NEEDS to be done about the default passwords
Replies: 169
Views: 11262

Re: Something NEEDS to be done about the default passwords

Although I do think that the MicroTik devices make reset too easy; i wonder how many routers have been reset by toddlers, that seem to love to push buttons, Not only toddlers ... impatient teens , just press the hAP ac2 reset button, when there is an internet outage, or a slower internet than they ...
by bpwl
Thu Apr 20, 2023 9:32 pm
Forum: Wireless Networking
Topic: Getting half of my Internet speed on Wifi
Replies: 20
Views: 3536

Re: Getting half of my Internet speed on Wifi

Upload is using the A-MPDU aggregation of the Iphone and MACbook. The download uses the aggregated package size of the MKT classic diver. (What it does on speed, see the calculator: https://gjermundraaen.com/thewifiairtimecalculator/ ) Maybe MKT's used A-MPDU is smaller. Hard to measure with wifi sn...
by bpwl
Thu Apr 20, 2023 6:13 pm
Forum: Beginner Basics
Topic: mikrotik wifi roaming
Replies: 7
Views: 3273

Re: mikrotik wifi roaming

MT client is indeed not doing pre-registration to have fast roaming. But I have never seen 7 seconds , as time needed to roam. Not even with RADIUS authentication. How to make roaming very slow or faster? My experiences ... - on AP, use "access list" to force disconnect, but when you set &...
by bpwl
Thu Apr 20, 2023 5:05 pm
Forum: Wireless Networking
Topic: Getting half of my Internet speed on Wifi
Replies: 20
Views: 3536

Re: Getting half of my Internet speed on Wifi

What's the radio in the ubiquity? Ubiquiti and xl ac have 2x2 MIMO, rate 866 Mbps, 802.11ac. So these parameters are the same. But the speed of Internet is a bit different. Speed is different, because Mikrotik is sending too small payloads for every allowed transmission slot. When the payload (blue...
by bpwl
Wed Apr 19, 2023 8:49 pm
Forum: General
Topic: Something NEEDS to be done about the default passwords
Replies: 169
Views: 11262

Re: Something NEEDS to be done about the default passwords

What is the story here? I'm confused. Multiple scenario's mixed together? In my cases ... This is not an ISP owned Home AP, where the customer (me) does not even get the admin password, but just a limited user password. The printed password on the bottom of the device is that user password, and the ...
by bpwl
Wed Apr 19, 2023 2:52 pm
Forum: General
Topic: Something NEEDS to be done about the default passwords
Replies: 169
Views: 11262

Re: Something NEEDS to be done about the default passwords

netinstall what happens then? Same question arise.
Well my intended workaround was ...
Netinstall with custom script, that sets 'my' password, or adds an 'admin enabled' extra user ?
Klembord-2.jpg
  • 1
  • 2
  • 3
  • 4
  • 5
  • 10