Is it possible that user when connects with remote access VPN to access network resources on remote site?

Yes

Do you have by any chance configuration example?

I resolved,

Per SSID you can configure authentication type . Configuring radius as option does not affect all SSIDS

# dec/17/2020 11:24:29 by RouterOS 6.45.9 # software id = AB2Q-RR3C # # model = RouterBOARD 3011UiAS # serial number = 8EED0A4AC8DE /caps-man channel add band=2ghz-g/n control-channel-width=20mhz frequency=2412 name=\ "2.4 GHz-Channel" add band=5ghz-onlyac control-channel-width=20mhz name...

If you have unconditional masquerade like this: /ip firewall nat add chain=srcnat action=masquerade then it's wrong, because it affects everything. Hairpin NAT is for traffic from LAN back to same LAN, so you want something like: /ip firewall nat add chain=srcnat src-address=<LAN subnet 1> dst-addr...

For hair-pin NAT (i.e. LAN clients connecting to WAN address which is NATed to server in same LAN subnet as clients) mapping source address (i.e. client's address) to router's own address is inevitable. When clients from other subnets (either other LAN subnets or internet) connect to LAN server thi...

Dear Mikrotik Friends, In my company I have remote access L2TP VPNs for users and one Site to SIte L2TP VPN with remote site . Site to site VPN is working fine when users are in company and they access resource to remote site Is it possible that user when connects with remote access VPN to access ne...

Does this happen only in logs every time you connect to the device? Does it also open as many terminals? To me this looks like a logging issue, could you check your logging settings? If you can't find anything that could be the cause of it, contact support@mikrotik.com with supout.rif file. I found...

Hi people, I have RB3011UiAS device ROS 6.45.9. My setup has 2 WAN connections each one connected to different ISP respectively with static Public IP addresses ( One serves as backup and it is active if first one fails), I also have multiple VLAN networks. My rule : chain=srcnat action=masquerade lo...

Well, there is no option that I know of in RouterOS to assign consecutive IP addresses. For example, in dnsmasq we have this: --dhcp-sequential-ip Dnsmasq is designed to choose IP addresses for DHCP clients using a hash of the client's MAC address. This normally allows a client's address to remain ...

Let’s say router leased .30 to some device, then .31, then .32 When .30 lease expired, it can be leased again, but router won’t try to fill that gap. It will continue to lease .33 etc. if .32 is still active. That is what you are talking about? So once again, why does it bother you? Thanks for answ...

There is not any issue, but I have a question: Why you need an /16 subnet for 35 devices?

I wanted to set first /24 but my manager wanted /16

dhcp.PNG As shown in figure. I cannot figure our why DHCP creates this holes in IP address space. Yesterday I have updated RuterOS from 6.44.1 to 6.44.6 , at least started adding IP address 10.0.0.0-10.0.0.254 range. I only have 3 statically defined addresses 10.0.0.2, 10.0.0.3, 10.0.0.4 those are ...

ROS version 6.44.5, model RB3011 I have network 10.0.0.0/16, I have 35 devices connected to network. For some reason DHCP server assigns randomly IP addresses, for example 10.0.50 than starts assigning 10.0.0.63, 10.0.0.64, 10.0.0.66, jumps to 10.0.0.101. Does it keeps some addressees which were use...

Hello,

Is there a way to enable radius EAP-TLS authentication just for one SSID and for other one to use WP2-PSK just for Guest access. I am using Router OS v6.43 and Capsman




Thanks,

Good Day,


I have a problem when I login to Mikrotik via Winbox it seems that it remembered all opened terminals in a past. I tried to reboot router but issue remains. Please assist