Check speed from cable AP end, to be sure there is no fancy config in router.However the connection speed test is around 16Mbps (If connected directly to home router 2.4 GHz it's ~83 Mbps).
How can I investigate this ?
Actually without 'verbose' it takes exactly 20min. Very interesting.In previous betas it was actually completing but after very long time, like 20m.
Read, understand and implement. What more do you expect from us if we know nothing about your current config.Not sure what to do with the wiki article. How do I make it work for me, though?
This is DNS where? In IP -> DHCP server -> Networks? Or in IP -> DNS? If only in first, clients never will use AD DNS for resolution.This is my DNS in MKT:
188.8.131.52 - 184.108.40.206
MKT is DHCP for LAN 192.168.110.0/24
Very poor signal, according to thisRSRP: -106 dBmHow are your signal levels (RSRP, RSRQ, etc.)
RsRQ: -13.0 dB
SINR 7dB ( changing in limits from 5 to 10 )
https://wiki.mikrotik.com/wiki/Manual:CHR#freeThe free license level allows CHR to run indefinitely. It is limited to 1Mbps upload per interface.
Yes it is completely empty.I'm not really sure if the RB1100 is in the "default settings are completely empty" category (like the CCR)...
/ip firewall filter add action=accept chain=frorward dst-port=1723 protocol=tcp
Processor architecture, hAP is mipsbe, hAP Lite is smips.I don't know what smips device is, I have hAP and two hAP lites. Maybe I don't need the whole smips package.
Check Winbox version, it must be at least 3.19my RB750Gr3 with 6.41.5 version. After reboot it must be upgraded. But after that he did not start correctly, i can not seen him in winbox
Don't want to enable proxy-arp on LAN interface, to access devices on internal network.I assume you have good reasons to take all this burden (registry tweaking or implementing my trick) rather than running the L2TP/IPsec directly on the outer Mikrotik.
/ip firewall nat add action=masquerade chain=srcnat out-interface=ether13WAN
Review firewall input chain, perhaps you have unnecessary ports or protocols open. Best practice is to close all, except only those you are using.i don't use IPSEC at all how can i disable it?
/radius add address=192.168.7.70 secret=AgileroSecret123 service=ppp src-address=192.168.7.1
I can't ping my AD Server (192.168.7.70) using udp 1812/1813
reg add HKLM\SYSTEM\CurrentControlSet\Services\PolicyAgent /v AssumeUDPEncapsulationContextOnSendRule /t REG_DWORD /d 0x2 /f
/caps-man provisioning add name-format=identity
/system backup save name=$filename password=xxxxx :delay 3s /export file=$filename
We also wanted to participate in this project to extend our infrastructure. It seems, EU money will go to another company. Perhaps Mikrotik don't need this money?The project requirements for WiFi4EU are:
support IEEE 802.11r
But unfortunately Microtik does not meet the requirements.
/ppp profile add dns-server=192.168.90.254 local-address=192.168.90.254 name=vpn-profile \ remote-address=vpn-pool use-encryption=yes
/interface wireless set [ find default-name=wlan1 ] band=2ghz-b/g/n frequency=2422 name=wlan2.4 \ ssid=NETGEAR48 mode=station-pseudobridge
Everything outside default protection rules. It should be only warning, nothing else.What is considered unsafe entry? And how would you determine that particular entry is unsafe in specific firewall?would check firewall rules for unsafe entries on every upgrade
It's fixed, niceAfter posting, a white screen is shown instead of the usual next screen.
However, the posting appears when reloading the forum.
/caps-man manager set enabled=yes package-path=/ upgrade-policy=suggest-same-version
Or better, let the CAP choose the channel and to avoid conflicts with other devices set reselect channel every 1 minuteTry a different channel.
/caps-man channel add band=2ghz-g/n reselect-interval=1m name="ch 2"
Do you restored from .backup file not from configuration backup (.rsc file)?maybe it infected the backup file ?
/caps-man provisioning enable 0 :delay 1 /caps-man radio provision numbers=[find]
/caps-man provisioning disable 0 :delay 1 /caps-man radio provision numbers=[find]
Perhaps, but I found it very useful. And it's from MikrotikStrange link that was.
+1001Could we expect that 6.40.5 will become "bugfix" or 6.40.6 with fixes from 6.41?
6.40.5 is the last with "old-known-bridge-implementation" technology and not all want to upgrade to "new-better-but-not-too-familiarized" one.
add action=masquerade chain=srcnat out-interface=bridgeopen src-address=\ 10.35.0.0/24