Community discussions

MikroTik App

Search found 52 matches

by techlord
Mon Jul 27, 2020 2:15 pm
Forum: General
Topic: Failover for no internet services
Replies: 1
Views: 356

Re: Failover for no internet services

Hi! While mostly trying to guess what you ask - can Mikrotik detect R1 has lost uplink and reroute to R2 (is that it?) - the answer is yes but you need a complete overhaul: 1) Right now, the Mikrotik acts like a switch, it does not care about routing. As you can see, the windows machines target dire...
by techlord
Fri Jul 24, 2020 6:07 pm
Forum: Wireless Networking
Topic: Multiple SSIDs in Capsman whit manual added interfaces [SOLVED]
Replies: 10
Views: 1681

Re: Multiple SSIDs in Capsman whit manual added interfaces [SOLVED]

Hi! In my opinion, you are approaching this in a bad way. Let me explain. When you link an Access point to CAPSMAN, that said AP will provide its Radios. The Radio is the physical component of the AP which does the WIFI emitting. Most APs will provide 2 Radios, one for 2.4 Ghz and one for 5 GHz. Cap...
by techlord
Thu Jul 23, 2020 7:29 pm
Forum: Wireless Networking
Topic: CAPsMAN hardware proposal
Replies: 4
Views: 400

Re: CAPsMAN hardware proposal

Related to the main router, it really depends on ISP provided bandwidth. "My current bandwidth at home daily is anywhere between 25-35 gigabytes." - did you mean Mbps? Bytes is the unit to measure storage (8 bits), networking bandwidth is measured in bits/s. I currently have a 3011 which does not br...
by techlord
Thu Jul 23, 2020 6:39 pm
Forum: Wireless Networking
Topic: CAPsMAN hardware proposal
Replies: 4
Views: 400

Re: CAPsMAN hardware proposal

Well, here is what I would do: #1 is configured as CAPsMAN with wlan disabled ---->>> HAP AC2? hEX S? RB4011? Hard to choose here #2 is configured as CAP with wlan enabled (1st floor) - CAP AC #3 is configured as CAP with wlan enabled (2nd floor) -CAP AC #4&5 are configured as simple switches for LA...
by techlord
Wed Jul 22, 2020 6:56 pm
Forum: Beginner Basics
Topic: IPSec L2TP to only a specific ip
Replies: 1
Views: 274

Re: IPSec L2TP to only a specific ip

You can basically create 2 l2tp profiles, one for each type of user. You then configure the profiles to assign different subnets to the users (from different pools). Next step is to create firewall rules where you allow only what you want (example: subnet assigned to user2 can only connect to a sing...
by techlord
Mon Jul 20, 2020 6:31 pm
Forum: Forwarding Protocols
Topic: Breaking a bonded pair
Replies: 3
Views: 901

Re: Breaking a bonded pair

What's your setup? Left router: IP on BOND interface ------- 2 links lacp ----- IP on bond interface: Right router ??? And you use the same link for Right router management? 1. Go to right router( remote end) and remove 1 link from the bond; don't change anything else in the bond, just go into the b...
by techlord
Mon Jul 20, 2020 3:50 pm
Forum: General
Topic: Mikrotik BOND to TP-Link Static LAG
Replies: 0
Views: 290

Mikrotik BOND to TP-Link Static LAG

Hi guys, I recently bought a TP-LINK switch to extend my LAN. Unfortunately the only link aggregation "protocol" it knows is TP-Link's Static LAG which does not come with any reliable info. I am linking it to my RB3011 using the "balance rr" mode ( Layer 2 and Layer 3 Hash Policy) of the Mikrotik Bo...
by techlord
Mon Jul 20, 2020 3:43 pm
Forum: Beginner Basics
Topic: Android L2TP/IPSec VPN
Replies: 4
Views: 859

Re: Android L2TP/IPSec VPN

Sorry to hear that!

Are you sure your firewall permit rules ( for udp 500, 4500, 1701) are above the deny policy? Do the counters increment when you press connect on your mobile?
Surely there must be something in the logs....enable ipsec logs.
by techlord
Fri Jul 17, 2020 2:49 pm
Forum: Beginner Basics
Topic: Android L2TP/IPSec VPN
Replies: 4
Views: 859

Re: Android L2TP/IPSec VPN

Hi, The problem with Mikrotik forum is that, probably, 1000 people have already asked the same question before you. For this particular topic for sure you will find a lot of threads. Here is one where I explain, step by step, how to connect your Android to your ROS: https://forum.mikrotik.com/viewto...
by techlord
Thu Jul 02, 2020 3:15 pm
Forum: Wireless Networking
Topic: Devices not getting full 802.11ac speed on cAP ac
Replies: 19
Views: 3951

Re: Devices not getting full 802.11ac speed on cAP ac

I've been where you are...after tweaks I have the following results on my CAP AC: - CAPSMAN forwarding - max 150Mbps - LOCAL forwarding - max 300 Mbps no matter what client I have or what I configure If you read all the forum you will see that the CAP AC cannot go beyond 300-350 Mbps no matter the s...
by techlord
Mon Jun 29, 2020 10:04 am
Forum: Wireless Networking
Topic: HAP AC Lite WIFI issue with CAPSMAN [SOLVED]
Replies: 16
Views: 2700

Re: HAP AC Lite WIFI issue with CAPSMAN [SOLVED]

Hi bitracer.
Wanted to confirm that my issues got resolved with that ROS version. Roaming is now smooth with no issues. The only (small) complain I have to Mikrotik devs is that all these newer ROS version do seem to write a LOT to the flash.

So thanks for sharing!
by techlord
Fri Jun 26, 2020 3:21 pm
Forum: General
Topic: Stop making customers lab rats
Replies: 46
Views: 7871

Re: Stop making customers lab rats

In my opinion Mikrotik does a good job, but not a great one. We choose their products for the features and the low prices. But what do you do as a network admin when you realise that a 48 port switch installed in a rack, that connects 30 servers, is not working (traffic not passing, flapping ports,...
by techlord
Fri Jun 26, 2020 11:44 am
Forum: Wireless Networking
Topic: HAP AC Lite WIFI issue with CAPSMAN [SOLVED]
Replies: 16
Views: 2700

Re: HAP AC Lite WIFI issue with CAPSMAN [SOLVED]

Great news! Thanks for chasing this.
Did you install it? Any issues? Wondering if it will have issues running with lower ROS CAPSMAN
by techlord
Thu Jun 25, 2020 11:31 pm
Forum: General
Topic: Feature Request: IPSEC Improvements
Replies: 82
Views: 22219

Re: Feature Request: IPSEC Improvements

+1 to VTI because policy based ipsec is so limited....
by techlord
Thu Jun 25, 2020 6:15 pm
Forum: Wireless Networking
Topic: Mikrotik ROS and support for AC wave2 MU-MIMO?
Replies: 28
Views: 6008

Re: Mikrotik ROS and support for AC wave2 MU-MIMO?

But it would be nice to know if it's a WIP for ROS7 :).
by techlord
Thu Jun 25, 2020 6:13 pm
Forum: Wireless Networking
Topic: HAP AC Lite WIFI issue with CAPSMAN [SOLVED]
Replies: 16
Views: 2700

Re: HAP AC Lite WIFI issue with CAPSMAN [SOLVED]

I did not try to play with that but I also see this on the 5GHZ network. Thinking of raising a ticket with support.
by techlord
Thu Jun 25, 2020 3:41 pm
Forum: Wireless Networking
Topic: HAP AC Lite WIFI issue with CAPSMAN [SOLVED]
Replies: 16
Views: 2700

Re: HAP AC Lite WIFI issue with CAPSMAN [SOLVED]

Bitracer, seems our issues are related. Is your AP losing Internet for already connected devices or only when you roam to it? From what I can see, once connected to the AP and working I do not lose the Internet connection anymore, it's just when I'm first connecting (via roaming) that I see issues.
by techlord
Tue Jun 23, 2020 4:53 pm
Forum: Announcements
Topic: v6.47 [stable] is released!
Replies: 349
Views: 89715

Re: v6.47 [stable] is released!

Update worked ok for me on HAP AC Lite. The only issue I see is large number of writes to the the flash:

Sector Writes Since Reboot 7 510
Total Sector Writes 13 786

It has written in the last days more than its entire lifetime (roughly 2 months).
by techlord
Tue Jun 23, 2020 1:19 pm
Forum: Wireless Networking
Topic: HAP AC Lite WIFI issue with CAPSMAN [SOLVED]
Replies: 16
Views: 2700

HAP AC Lite WIFI issue with CAPSMAN [SOLVED]

Hi guys! Got a small issue I can't find a solution for. Setup: Main router - RB3011 running CAPSMAN 3 xAPs - 2x CAP AC + 1x HAP AC Lite - 2 x SSIDs, one for each band, manual settings of the channels so they do not overlap Issue: Roaming with an Android 9 phone between the CAP ACs works flawless but...
by techlord
Thu May 21, 2020 11:11 am
Forum: Wireless Networking
Topic: Mikrotik AC Access Point cap ac
Replies: 38
Views: 5284

Re: Mikrotik AC Access Point cap ac

So your main point is a 240$ AP from Rukus is better than a 50$ AP from MK? My point is maybe you were trying to use the MK in a setup they were never meant to support ( heavy noise, lots of clients) ? Because I have 3 CAP ACs at home with capsman and around 30 Wifi Clients and I have yet to see an ...
by techlord
Wed May 20, 2020 10:17 am
Forum: Wireless Networking
Topic: Mikrotik AC Access Point cap ac
Replies: 38
Views: 5284

Re: Mikrotik AC Access Point cap ac

Gotsprings, in very particular cases we will see issues with all vendors. People are buying Tiks and thinking they will get cheap Ciscos or Arubas. They will not, especially discussing Wifi. As people say here, MK is great for routing, mediocre for WIFI. But I prefer to have everything from the same...
by techlord
Tue May 19, 2020 2:32 pm
Forum: Wireless Networking
Topic: Mikrotik AC Access Point cap ac
Replies: 38
Views: 5284

Re: Mikrotik AC Access Point cap ac

Oh boy....once in a while someone comes to complain about the Mikrotik Wireless component. By far, people are complaining the most about throughput. And they are partially right. No matter what I do, what I configure, I can't get pass 200-220 Mbps with the CAP ACs I own. Before Mikrotik I owned lots...
by techlord
Thu Feb 27, 2020 1:01 pm
Forum: Announcements
Topic: v6.46.4 [stable] is released!
Replies: 107
Views: 48400

Re: v6.46.4 [stable] is released!

Upgraded:
1x RB3011
2x CAP AC

Usage: home network with capsman, pppoe, lte backup, l2tp/ipsec

No issues so far, all work as before.
by techlord
Tue Jan 28, 2020 7:33 pm
Forum: Wireless Networking
Topic: Mikrotik RB3011 UiAS-RM + huawei E3372s LTE usb-modem. How to send SMS?
Replies: 4
Views: 1998

Re: Mikrotik RB3011 UiAS-RM + huawei E3372s LTE usb-modem. How to send SMS?

Thanks for the info. It is very important to me that the stick remains functional as it is now so I will not play with the firmware, SMS alert is not that important to me. But thanks for your input!!!
by techlord
Tue Jan 28, 2020 11:54 am
Forum: Wireless Networking
Topic: Mikrotik RB3011 UiAS-RM + huawei E3372s LTE usb-modem. How to send SMS?
Replies: 4
Views: 1998

Re: Mikrotik RB3011 UiAS-RM + huawei E3372s LTE usb-modem. How to send SMS?

Hi! I have a similar setup ( RB3011 and Huawei E8372 ). LTE failover works great however I cannot send SMS from the router through the LTE interface. This particular modem has it's own management page (it's like a mini router) and SMS works great from there so the problem seems to be communication b...
by techlord
Tue Jan 28, 2020 11:43 am
Forum: Beginner Basics
Topic: hAP ac and PoE IP-camera
Replies: 14
Views: 2006

Re: hAP ac and PoE IP-camera

Not very experienced on POE myself but if you have a camera that expects 802.3af negotiation it may not work. Try to find the camera datasheet and see if Passive POE is also supported.
by techlord
Tue Jan 28, 2020 11:31 am
Forum: Beginner Basics
Topic: hAP ac and PoE IP-camera
Replies: 14
Views: 2006

Re: hAP ac and PoE IP-camera

zhirukhin, on the HAP AC specs it clearly states it supports Passive POE only. Passive POE is just throwing DC voltage on the relevant wires and the other end can take it or not. The Mikrotiks do not actively change Voltage, what they get on IN (via DC adaptor or POE-IN) they throw on OUT POE ports....
by techlord
Wed Jan 22, 2020 10:11 am
Forum: General
Topic: 5Ghz on cAP ac not visible [SOLVED]
Replies: 6
Views: 1351

Re: 5Ghz on cAP ac not visible [SOLVED]

Hi! I think you have something wrong in your config. Each country has a limit related to how much power an AP can put out. This power output level can be influenced in the config by the following: - antenna gain - tx power what ROS does, according to what I read on the forums: 1. it checks country m...
by techlord
Tue Jan 21, 2020 2:34 pm
Forum: General
Topic: Another customer rejects MT solution
Replies: 4
Views: 848

Re: Another customer rejects MT solution

In my opinion, adding those protocols would bring Mikrotik in the true enterprise region. Adding to the existing granularity for wifi settings and capsman and good prices, they would just kill any competition. I don't get it why it's not considered ( or maybe it is?) as even the SOHO focused vendors...
by techlord
Mon Jan 20, 2020 3:29 pm
Forum: General
Topic: RB2011: Failover only to specific ports?
Replies: 2
Views: 493

Re: RB2011: Failover only to specific ports?

Hi! I think you are approaching this the wrong way. Restricting communication between physical ports at port level ( ex: ETH1 blocked to ETH2 or ETH5 to LTE ) is weird and not sure it can be achieved. You should focus on doing the restrictions at IP level. Without further information on what your se...
by techlord
Mon Jan 20, 2020 10:15 am
Forum: General
Topic: L2TP/IPSEC VPN with Samsung Note 8
Replies: 6
Views: 1267

Re: L2TP/IPSEC VPN with Samsung Note 8

So if you want your phone to route all traffic through the tunnel you must go to advanced options of the tunnel and look for forwarding routes and put there 0.0.0.0/0. Also check your NAT/masquerade settings in the mikrotik.
by techlord
Mon Jan 20, 2020 10:08 am
Forum: Wireless Networking
Topic: CAPS TX Power Antenna Gain CAPSMAN
Replies: 3
Views: 2291

Re: CAPS TX Power Antenna Gain CAPSMAN

Ok, got it, thanks Zacharias.
by techlord
Fri Jan 17, 2020 6:38 pm
Forum: General
Topic: L2TP/IPSEC VPN with Samsung Note 8
Replies: 6
Views: 1267

Re: L2TP/IPSEC VPN with Samsung Note 8

Hi! I've written down the steps I took to have L2TP/IPSEC from my S8 with Android 9 to my Mikrotik. https://forum.mikrotik.com/viewtopic.php?f=2&t=155058&p=769642&hilit=l2tp#p769642 The config is done in WebFig but I guess you can translate them to CLI. Why would you leave the VPN on when at home on...
by techlord
Wed Jan 15, 2020 11:53 am
Forum: Wireless Networking
Topic: CAPS TX Power Antenna Gain CAPSMAN
Replies: 3
Views: 2291

CAPS TX Power Antenna Gain CAPSMAN

Hi! I've been struggling to understand how AP (in my case CAP AC) TX Power is influenced by different settings. My setup is this: - RB3011 with CAPSMAN, local forwarding enabled - 2x CAP ACs managed by CAPSMAN Everything works well, happy with the setup. Issue: CAP1 has: - 18 dBm on 2.4Ghz - 17 dBm ...
by techlord
Tue Jan 14, 2020 8:41 pm
Forum: Beginner Basics
Topic: Router hapLite clients can't access other router in network [SOLVED]
Replies: 6
Views: 1739

Re: Router hapLite clients can't access other router in network [SOLVED]

Hi!

You are giving very little info on what you set up. I suspect you are missing forwarding firewall rules in the hap lite but post the full configuration (without sensitive data) so we can help.
by techlord
Tue Jan 14, 2020 3:28 pm
Forum: Beginner Basics
Topic: Best practice for multiple offices interconnection
Replies: 2
Views: 1122

Re: Best practice for multiple offices interconnection

I am presuming all sites have Mikrotiks as gateways. I would do something simple. - Connect all 3 sites between them (imagine a triangle) with GRE+IPSEC - Enable OSPF on the GRE interfaces and on the bridge interfaces you will have: - encryption between sites ( choose IPSEC parameters acording to th...
by techlord
Tue Jan 14, 2020 9:45 am
Forum: Beginner Basics
Topic: Why dont I get internet on m LAN bridge when I have internet WAN Port?
Replies: 3
Views: 1444

Re: Why dont I get internet on m LAN bridge when I have internet WAN Port?

This may be a shot in the dark but I would remove dst-address=0.0.0.0/0 from "/ip firewall nat add action=masquerade chain=srcnat dst-address=0.0.0.0/0 ipsec-policy=\ out,none out-interface=ether1" Not sure how ROS evaluates that 0.0.0.0. I can't find anything else wrong with the config but I am not...
by techlord
Mon Jan 13, 2020 9:34 pm
Forum: General
Topic: Assign static IP address to VPN client problem
Replies: 9
Views: 1509

Re: Assign static IP address to VPN client problem

Hi! To put it simply, this is how the protocol works. Everything coming via the L2TP tunnel will reach only the router. You cannot do anything to reach IPs behind that router but in the same subnet as the l2tp client. As you've already seen, doing different subnets ( 1 for internal and a different o...
by techlord
Mon Jan 13, 2020 7:47 pm
Forum: Wireless Networking
Topic: CAPsMAN signal strength question
Replies: 2
Views: 1694

Re: CAPsMAN signal strength question

Hi. I think it is perfectly normal to have different values there. - On client side you can see the strength of the signal received, signal transmitted by the AP. in this case the AP is the transmitter (TX) and the client is the receiver (RX) - on CAPSMAN registration table you can see the strength ...
by techlord
Mon Jan 13, 2020 5:09 pm
Forum: General
Topic: securing a current home network
Replies: 5
Views: 839

Re: securing a current home network

Hi! Here is what I would do looking at your diagram - Configure 2 vlans ( ex vlan10 for "internal" and vlan 11 for cameras") and 2 network subnets, one for each vlan (ex 192.168.0.0/24 and 192.168.1.0/24), in the hap ac2 - optional - configure 2 dhcp servers for these vlans or only for vlan 10 if yo...
by techlord
Wed Jan 08, 2020 9:37 pm
Forum: Beginner Basics
Topic: L2TP/IPSec VPN
Replies: 2
Views: 921

Re: L2TP/IPSec VPN

Hi! For you to get help you would need to explain better what you need and export your configuration. I struggled with L2TP/IPSEC a few days back and wrote a small tutorial on it in this thread: https://forum.mikrotik.com/viewtopic.php?f=2&t=155058 I am not 100% sure but I think you did this: - defi...
by techlord
Sun Jan 05, 2020 7:15 pm
Forum: General
Topic: Did MikoTik ever fix DHCPv6?
Replies: 3
Views: 821

Re: Did MikoTik ever fix DHCPv6?

I've been searching the forum for this info too. I get a /56 from my ISP, I assign it in a pool and create a DHCPv6 server that uses the pool. As it seems the DHCPv6 will not give addresses to endpoints, how do I use SLAAC so stations get IPs from that pool? can anyone provide a short tutorial?
by techlord
Fri Jan 03, 2020 8:09 pm
Forum: General
Topic: creating l2tp server
Replies: 11
Views: 1813

Re: creating l2tp server

Glad it helps. I actually think this forum needs a good [TUTORIAL] section with configuration examples for most features. the Wiki is a little...bland? There are countless threads with requests for help configuring stuff and you have to read for hours and pick what you need...
by techlord
Fri Jan 03, 2020 12:24 am
Forum: General
Topic: creating l2tp server
Replies: 11
Views: 1813

Re: creating l2tp server

I have seen cases where the L2TP connections come up without IPSEC encryption so I would suggest adding a firewall rule to block this. /ip firewall filter add action=reject chain=input comment="Reject L2TP with no IPSEC" dst-port=1701 \ in-interface=PPPoE ipsec-policy=in,none protocol=udp reject-wi...
by techlord
Thu Jan 02, 2020 4:49 pm
Forum: General
Topic: creating l2tp server
Replies: 11
Views: 1813

Re: creating l2tp server

Hi! I've just finished setting up my L2TP/IPSEC server on my RB3011 (6.46.1) and I have to say it was a pain....most tutorials are incomplete or obsolete related to newest ROS versions. Not only that, the router got frozen a lot during ipsec parameters changes and it needed hard reboot. Now it's sta...
by techlord
Tue Dec 31, 2019 4:32 pm
Forum: Beginner Basics
Topic: Dual WAN Failover
Replies: 1
Views: 779

Re: Dual WAN Failover

Hi! Did you see this one? https://forum.mikrotik.com/viewtopic.php?t=81083 Quote from that thread: "Putting it all together into three lines that you can cut and paste. Just change "192.168.1.1" to the ip of your primary gateway and "192.168.2.254" to the IP of your failover gateway: /ip route add d...
by techlord
Sat Dec 28, 2019 3:59 pm
Forum: Wireless Networking
Topic: CAP AC WiFi throughput
Replies: 3
Views: 2135

Re: CAP AC WiFi throughput

Hi! Thanks for your reply. I played around with manual rate settings and allowed radio protocols (n,ac,a,g) and I did some tests: - manually choosing the rates did help the 5Ghz a little, I see a small increase in throughput, maybe 5%, now i may reach 300Mbps but not always. - the same manual settin...
by techlord
Sat Dec 28, 2019 1:09 pm
Forum: Wireless Networking
Topic: CAP AC WiFi throughput
Replies: 3
Views: 2135

CAP AC WiFi throughput

Hi guys! I have the following setup at home. - RB3011 for the Internet connection (PPPoE) and running CAPSMAN - 2x CAP ACs, 1 for each floor in the house The ISP is providing a speedtest site in its network so I am using that for my throughput tests. My subscription has 500 Mbps. 1) The laptop conne...
by techlord
Fri Dec 27, 2019 8:35 pm
Forum: Wireless Networking
Topic: CAPsman with 2GHz and 5GHz networks [SOLVED]
Replies: 6
Views: 4602

Re: CAPsman with 2GHz and 5GHz networks [SOLVED]

Hi! I have a similar hardware config - 1 RB3011 and 2x CAP ACs. Here is what I did to have separate SSIDs. Go to CAPSMAN config and start from right to left: 1) Create 1 security config to define your wifi secret 2) Create 1 datapath that suits your needs 3) Create 2 Channel configs Config 1 - whate...
by techlord
Wed Dec 18, 2019 6:05 pm
Forum: RouterBOARD hardware
Topic: Hardware Wishlist
Replies: 18
Views: 5902

Re: Hardware Wishlist

Can we add our own? - cheap 12-16 copper gigabit rack mounted switch (probably with swos) - a second version with POE ports would be cool - cap ac exterior casing - cap ac lite ( I need 2 gigabit interfaces, poe in, poe out), 2 n chains, 1 ac chain at the minimum) and exterior casing If I were Mikro...
by techlord
Tue Nov 19, 2019 5:52 pm
Forum: Forwarding Protocols
Topic: Multicast over GRE Tunnel RB3011
Replies: 4
Views: 2118

Re: Multicast over GRE Tunnel RB3011

Hi! As no one answered, I'll try to point you in the right direction. To route multicast across layer 3 interfaces (those GRE you have) you need a multicast routing protocol such as PIM. I am new to the mikrotik environment so I cannot help much with the setup. Maybe this will help: https://wiki.mik...
by techlord
Mon Nov 18, 2019 5:04 pm
Forum: RouterBOARD hardware
Topic: Mikrotik "SOHO" hardware setup
Replies: 1
Views: 1892

Mikrotik "SOHO" hardware setup

Hi guys! I've decided to move up from the consumer products ( tp-link, asus and so on) for my home (which is also the office) and, after reading intensively forums, I've settled on mikrotik for the price/performance/features good ratio. I could use some help on choosing the hardware. Location - 2 fl...