Processor architecture, hAP is mipsbe, hAP Lite is smips.I don't know what smips device is, I have hAP and two hAP lites. Maybe I don't need the whole smips package.
Check Winbox version, it must be at least 3.19my RB750Gr3 with 6.41.5 version. After reboot it must be upgraded. But after that he did not start correctly, i can not seen him in winbox
Don't want to enable proxy-arp on LAN interface, to access devices on internal network.I assume you have good reasons to take all this burden (registry tweaking or implementing my trick) rather than running the L2TP/IPsec directly on the outer Mikrotik.
/ip firewall nat add action=masquerade chain=srcnat out-interface=ether13WAN
Review firewall input chain, perhaps you have unnecessary ports or protocols open. Best practice is to close all, except only those you are using.i don't use IPSEC at all how can i disable it?
/radius add address=192.168.7.70 secret=AgileroSecret123 service=ppp src-address=192.168.7.1
I can't ping my AD Server (192.168.7.70) using udp 1812/1813
reg add HKLM\SYSTEM\CurrentControlSet\Services\PolicyAgent /v AssumeUDPEncapsulationContextOnSendRule /t REG_DWORD /d 0x2 /f
/caps-man provisioning add name-format=identity
/system backup save name=$filename password=xxxxx :delay 3s /export file=$filename
We also wanted to participate in this project to extend our infrastructure. It seems, EU money will go to another company. Perhaps Mikrotik don't need this money?The project requirements for WiFi4EU are:
support IEEE 802.11r
But unfortunately Microtik does not meet the requirements.
/ppp profile add dns-server=192.168.90.254 local-address=192.168.90.254 name=vpn-profile \ remote-address=vpn-pool use-encryption=yes
/interface wireless set [ find default-name=wlan1 ] band=2ghz-b/g/n frequency=2422 name=wlan2.4 \ ssid=NETGEAR48 mode=station-pseudobridge
Everything outside default protection rules. It should be only warning, nothing else.What is considered unsafe entry? And how would you determine that particular entry is unsafe in specific firewall?would check firewall rules for unsafe entries on every upgrade
It's fixed, niceAfter posting, a white screen is shown instead of the usual next screen.
However, the posting appears when reloading the forum.
/caps-man manager set enabled=yes package-path=/ upgrade-policy=suggest-same-version
Or better, let the CAP choose the channel and to avoid conflicts with other devices set reselect channel every 1 minuteTry a different channel.
/caps-man channel add band=2ghz-g/n reselect-interval=1m name="ch 2"
Do you restored from .backup file not from configuration backup (.rsc file)?maybe it infected the backup file ?
/caps-man provisioning enable 0 :delay 1 /caps-man radio provision numbers=[find]
/caps-man provisioning disable 0 :delay 1 /caps-man radio provision numbers=[find]
Perhaps, but I found it very useful. And it's from MikrotikStrange link that was.
+1001Could we expect that 6.40.5 will become "bugfix" or 6.40.6 with fixes from 6.41?
6.40.5 is the last with "old-known-bridge-implementation" technology and not all want to upgrade to "new-better-but-not-too-familiarized" one.
add action=masquerade chain=srcnat out-interface=bridgeopen src-address=\ 10.35.0.0/24
PPTP port is 1723. I have only this port open and no rules for GRE.Hi
I have setup pptp server with ip pool, ppp profile, secret and pptp server and firewall filter rules for tcp port 1732 and protocol GRE
This error is on router? Or You are using router as NTP server and this error is on clients?SNTP client cannot synchronize time, error server-ip-mismatch.(
No.So should I be worried that my initial Firewall configuration missing those "Drop Invalid connections" rules?
add action=accept chain=forward comment="" connection-state=established,related
What exactlynot working? http? ping to 22.214.171.124? ping to external ip of router? everything?What is not working:
Connect to internet from "wifiguests"
/ip firewall nat add action=masquerade chain=srcnat out-interface=WAN
/ip firewall address-list add address=sam9s.synology.me list=host_synology
chain=dstnat action=dst-nat to-addresses=192.168.1.252 to-ports=3389 protocol=tcp dst-port=4001
+1Winbox 3.x is OK, only one problem which I have is - durig upload file (for example new Router OS) is not posible working in active window.
After file is uploaded, then is possible working.
In winbox 2.2.18 this works. Can you fix it?
Agree to this. Consolidated changelog for bugfix versions would be very useful.Thanks for the link, it is really useful. But as I said before: I don't care about many changes let's say in 6.35.4 which are fixing 6.35.3 bugs, I just need to see summary of changes from 6.34.6 to 6.36.4.
/interface wireless access-list add interface=wlan1 mac-address=00:23:4D:76:8F:F5 add interface=wlan1 mac-address=00:23:4D:76:8F:F5 time=8h-20h,sun,mon,tue,wed,thu,fri,sat \ vlan-mode=no-tag
chain=forward protocol=tcp src-address=172.16.5.5 dst-port=25 action=accept chain=forward protocol=tcp src-address=172.16.5.0/24 dst-port=25 action=drop
/ip dhcp-client add add-default-route=yes default-route-distance=0 dhcp-options=hostname,clientid interface=eth1
Remove frequency from channel settings, it will let CAPs themselves choose the best channel.
/caps-man channel add band=2ghz-onlyn extension-channel=Ce frequency=2412 name=channel1 tx-power=30 width=20 add band=5ghz-a/n/ac extension-channel=Ceee frequency=5210 name=channel42 tx-power=10 width=20
/ip firewall filter add chain=forward connection-state=established,related
I don't mean physically accessible. If You can connect to router A from outside, also router B will be accessible.So i won't be able to connect to routerB from other network outside of routerA ???
I can declare my SuperManagementTool works with Microsoft Server, does it mean it is supported by Microsoft?
I dont understand because its declared by Kiawe that TikTool alows to manage/admin MikroTik routers...isnt it?
/caps-man provisioning add action=create-dynamic-enabled master-configuration=Config1 name-format=identity
[admin@] /ip firewall connection> print Flags: E - expected, S - seen-reply, A - assured, C - confirmed, D - dying, F - fasttrack, s - srcnat, d - dstnat
In my tests, if CAP loses connection to CAPsMAN, it shuts down the radio. So, You are right, CAPsMAN device availability is critical in such network.There any way that if the controller fails, the wireless network continue working, as is the case with the driver Ubiquiti?
/system reset-configuration no-defaults=yes
Enable client-to-client forwarding for staff network.Hello, please, help. I configure capsman with 2 SSID for staff and guest. Mode Local forfarding. All it's work. Wireless clients staff dont see clients guest, but wireless clients can't see each other inside staff network.
http://www.mikrotik.com/download/share/ ... mipsbe.npkHi!
Where can I get package of CAPsMan v2 for 6.29 (RC20)? in all_files is not there..
Or at least 'Windows' menu where we can see all open sub-windows and switch between them.1. "taskbar" for windows inside winbox. Now bigger windows cover smaller all the time. All admins I talk to are pissed of because of this.