Community discussions

MikroTik App

Search found 42 matches

by trs80
Mon Aug 18, 2008 6:20 pm
Forum: General
Topic: File list display bug in 3.13
Replies: 3
Views: 1082

Re: File list display bug in 3.13

This was on RB532's.

The correct file info/new files show up in the console and winbox lists after an hour or so.
by trs80
Sun Aug 17, 2008 11:09 pm
Forum: General
Topic: File list display bug in 3.13
Replies: 3
Views: 1082

File list display bug in 3.13

(and possibly earlier versions) In 3.13, when I upload files via FTP, the new files do not appear in the list output from '/file print', or in winbox. This happens with new files. If I overwrite an existing file the old file information (size, time stamp) remains (in my case, the old file was 950B, ...
by trs80
Fri Aug 15, 2008 7:52 pm
Forum: General
Topic: Will this setup work? pic attached :)
Replies: 4
Views: 1282

Re: Will this setup work? pic attached :)

1) Move the DSL modem to the x86 box
2) Don't use IPs from the same subnet on all the interfaces
by trs80
Wed Aug 13, 2008 5:42 pm
Forum: General
Topic: default invalid rules in hotspot
Replies: 1
Views: 771

Re: default invalid rules in hotspot

The jump-target chains probably don't exist (I think the hotspot section in the 3.x doc explains this).
by trs80
Wed Aug 13, 2008 5:40 pm
Forum: General
Topic: OSPF Multiple Default Routes
Replies: 9
Views: 4105

Re: OSPF Multiple Default Routes

Make sure you have check-gateway set for your static default gateways.
by trs80
Wed Aug 13, 2008 2:10 am
Forum: General
Topic: hotspot redirect still a problem?
Replies: 43
Views: 5031

Re: hotspot redirect still a problem?

I know there are various incarnations of this problem, but let me just clarify that I haven't had walled-garden issues or any problems with the hotspot dns-name setting. My problem specifically is that the hotspot stops redirecting un-authenticated users to the local login page, present in every ver...
by trs80
Wed Aug 13, 2008 12:02 am
Forum: General
Topic: hotspot redirect still a problem?
Replies: 43
Views: 5031

Re: hotspot redirect still a problem?

SurferTim: You don't have to manually add the static DNS entry; it's added automatically when you enable the hotspot. BUT, you do have to set the hotspot-address too, to be sure it's mapping to the IP address on the interface on which your hotspot runs. Otherwise the router will look up the dns-name...
by trs80
Tue Aug 12, 2008 9:40 pm
Forum: General
Topic: hotspot redirect still a problem?
Replies: 43
Views: 5031

Re: hotspot redirect still a problem?

I'll have to get back to you about dns-name reliability, but if i remember correctly, if the redirect fails I can have a user enter the dns-name into their browser and it'll bring up the login page.
by trs80
Tue Aug 12, 2008 8:57 pm
Forum: General
Topic: hotspot redirect still a problem?
Replies: 43
Views: 5031

Re: hotspot redirect still a problem?

I am using dns-name (as well as hotspot-address), and will continue doing so. This works most of the time. It seems it's the busier hotspots that eventually crap out on the redirect, but I'm hoping 3.12 deals with that [from changelog: *) fixed bug - web server could lock up at startup (no access to...
by trs80
Tue Aug 12, 2008 8:40 pm
Forum: General
Topic: hotspot redirect still a problem?
Replies: 43
Views: 5031

Re: hotspot redirect still a problem?

I'm not having any problem with my walled garden sites. I'm using IPs for some, and domain names for others (without specifying http or https). For example, for authorize.net, I'm using dst-host=*.authorize.net.
by trs80
Fri Aug 08, 2008 11:48 pm
Forum: General
Topic: hotspot redirect still a problem?
Replies: 43
Views: 5031

Re: hotspot redirect still a problem?

I have the a couple SSL sites in there, but this is affecting people well before that even comes into play. The first page unauthenticated users should see is served directly from the hotspot itself. Sometimes they get nothing, other times they get the proxy error.
by trs80
Fri Aug 08, 2008 6:21 pm
Forum: General
Topic: hotspot redirect still a problem?
Replies: 43
Views: 5031

Re: hotspot redirect still a problem?

The transparent-proxy setting is pretty well known around here already. Plus, the user profile settings apply only for authenticated users. If you have MAC-auth enabled on your hotspot, or if you manually pass-through a user, they'll work just fine. This problem occurs before a user can authenticate...
by trs80
Thu Aug 07, 2008 8:14 pm
Forum: General
Topic: OSPF in 3.11 Still Dropping Default Routes
Replies: 5
Views: 1400

Re: OSPF in 3.11 Still Dropping Default Routes

3.11's default gateway fix is working perfectly for me (failovers between OSPF, DHCP, and BGP default routes).

Two questions: Why do you have all your interfaces manually defined? Why does you bridge interface have to be passive?

Also, your loopback should be passive.
by trs80
Sun Aug 03, 2008 11:46 pm
Forum: General
Topic: Another hotspot problem in 3.x
Replies: 0
Views: 519

Another hotspot problem in 3.x

Looks like with 3.11, enabling hotspot no longer adds the NAT rule for the SMTP server. In 3.10, these rules are added (from /ip firewall nat print dynamic): D chain=hs-unauth action=jump jump-target=hs-smtp dst-port=25 protocol=tcp D chain=hs-auth action=jump jump-target=hs-smtp dst-port=25 protoco...
by trs80
Sun Aug 03, 2008 7:35 pm
Forum: General
Topic: hotspot redirect still a problem?
Replies: 43
Views: 5031

Re: hotspot redirect still a problem?

I already have transparent-proxy disabled, btw.

I thought about the hotspot dns-name, too. But why would it work for a while, and then stop? The static entry is in the router's dns cache, and the dynamic nat/fw rules are supposed to redirect un'auth'd dns requests to the hotspot.
by trs80
Sun Aug 03, 2008 7:14 pm
Forum: General
Topic: hotspot redirect still a problem?
Replies: 43
Views: 5031

Re: hotspot redirect still a problem?

We have a 'splash' page served directly from the router that then redirects to our web server. It'll work fine for a while, and then just stop redirecting un-auth'd users to that splash page. My understanding is the transparent-proxy option applies to authenticated users; this problem occurs with un...
by trs80
Sun Aug 03, 2008 5:48 pm
Forum: General
Topic: hotspot redirect still a problem?
Replies: 43
Views: 5031

hotspot redirect still a problem?

Are other people still having problems with this? Has any reliable workaround surfaced?

This is meant to be a sort of survey, so even if you have no info to offer, just reply saying yes or no.
by trs80
Sat Aug 02, 2008 9:05 pm
Forum: General
Topic: Performance/Load: OpenVPN vs IPSec vs PPtP
Replies: 2
Views: 3318

Performance/Load: OpenVPN vs IPSec vs PPtP

In the past I had IPSec tunnels connecting my various RouterOS gateways to my management center. These tunnels are in constant use for monitoring and management access. We had a lot of problems with load and performance with IPSec on routerboards and switched to IPIP (on the recommendation from an M...
by trs80
Fri Aug 01, 2008 11:08 pm
Forum: General
Topic: IPIP tunnels drop and do not come back up
Replies: 3
Views: 776

Re: IPIP tunnels drop and do not come back up

I have other IPIP tunnels working fine on both sides, so I don't think it's anything to do with blocked packets. No problems with anything else between these two routers, pings, ssh, snmp, etc. I have firewall rules on both sides permitting all traffic from both. I ran the sniffer and found that one...
by trs80
Thu Jul 31, 2008 6:50 pm
Forum: General
Topic: hotspot redirect blocked by mt proxy
Replies: 99
Views: 27185

Re: hotspot redirect blocked by mt proxy

No fix for this just yet, but I noticed something yesterday on one of my routers (3.11) while it was having this problem. First, when things are working properly: 1) The entries under /ip proxy connections are only between hotspot clients and the server hosting the login page. 2) Free memory typical...
by trs80
Thu Jul 31, 2008 6:22 pm
Forum: General
Topic: IPIP tunnels drop and do not come back up
Replies: 3
Views: 776

IPIP tunnels drop and do not come back up

I have IPIP tunnels running between several ros 3.11 routers to a linux server running quagga. If an internet circuit fails at a router, the tunnel drops as expected. However when the circuit comes back, the tunnel does not come back up. I can ping the router from the linux box, and vice-versa. I tr...
by trs80
Sun Jul 06, 2008 6:24 pm
Forum: Wireless Networking
Topic: NEED HELP, STRANGE PROBLEM
Replies: 5
Views: 1417

Re: NEED HELP, STRANGE PROBLEM

I misunderstood the Jumafes's question, I think. If I'm reading your question correctly, you have wlan1 in ap-bridge mode, with the hotspot running on there. You have 192.168.5.1 on your ether2 interface and 192.168.5.2 on wlan1. The problem is likely that, since ether2 and wlan1 are not bridged tog...
by trs80
Sun Jul 06, 2008 5:51 pm
Forum: Wireless Networking
Topic: NEED HELP, STRANGE PROBLEM
Replies: 5
Views: 1417

Re: NEED HELP, STRANGE PROBLEM

Which version of ROS are you running? I've had a similar problem with my hotspots on 3.10 (and prior versions of 3.x). I have a ticket open with MT on the issue; we've been going back and forth. It seems a lot of people on the forums are having the same problem, too. My suspicion is that this is bec...
by trs80
Sun Jul 06, 2008 5:47 pm
Forum: Wireless Networking
Topic: Wireless access lists
Replies: 6
Views: 8768

Re: Wireless access lists

Is it possible for an ACL entry to match any MAC? I'd like to do two rules, one that prevents stations with poor signals from associating, and the second allowing any other station to associate.
by trs80
Sun Jul 06, 2008 5:24 pm
Forum: Wireless Networking
Topic: Wireless access lists
Replies: 6
Views: 8768

Re: Wireless access lists

Adding each user to an ACL isn't an option for us. We're running back haul and client associations on the same wireless interfaces. I'd rather not do it that way, but it's been fine and exposes more radios for potential paying customers... We're concerned that the poor signal affects the back haul l...
by trs80
Sat Jul 05, 2008 12:14 am
Forum: Wireless Networking
Topic: Wireless access lists
Replies: 6
Views: 8768

Wireless access lists

I want to prevent stations with signals less than -88db ("less than" following the negative, e.g. -89 < -88). I tried a simple ACL on one interface (default auth and forwarding enabled on wlan2): /interface wireless access-list add interface=wlan2 signal-range=-120.-89 authentication=no forwarding=n...
by trs80
Mon Jun 30, 2008 4:06 pm
Forum: General
Topic: OSPF & BGP Default Route
Replies: 0
Views: 571

OSPF & BGP Default Route

I'm having trouble with default routes on ASBR's. Here is a somewhat simplified diagram of how I'm set up: (gw1) --- [r1] --- <r2> --- <r3> --- [r4] --- (gw2) 1) gw1 is on a DSL circuit to one ISP, with an OSPF adjacency with r1 2) r1 has OSPF adjacencies with gw1 and r2 3) r2 has OSPF adjacency wit...
by trs80
Tue Jun 17, 2008 5:28 am
Forum: General
Topic: OSPF LSA Age
Replies: 0
Views: 600

OSPF LSA Age

OSPF LSA age is 1800 seconds, but I routinely have entries in the LSA table with an age well above 1800. They should be dropping out after 1800s if the router hasn't received an update containing that network. Instead, they stay there, with age counter climbing higher and higher. Anyone else see thi...
by trs80
Wed May 21, 2008 8:49 pm
Forum: General
Topic: OSPF Hello Source Address
Replies: 1
Views: 819

Re: OSPF Hello Source Address

Additional info: I added a loopback interface to r1 with IP 10.0.0.1/32. It uses the physical interface address (172.16.0.1) as the source address for OSPF traffic. I tried disabling both the loopback interface and its address (10.0.0.2/32) on r2, and also tried removing the address, but OSPF packet...
by trs80
Wed May 21, 2008 7:55 pm
Forum: General
Topic: OSPF Hello Source Address
Replies: 1
Views: 819

OSPF Hello Source Address

I had OSPF running between two routers, r1 & r2. r1 has IP 172.16.0.1/29, r2 has 172.16.0.2/29. This worked perfectly fine until I add a loopback interface on r2, with IP 10.0.0.2/32. OSPF Hello packets from r2 are now sourced from the loopback address, instead of from the physical interface address...
by trs80
Sun Oct 28, 2007 1:06 am
Forum: General
Topic: RC9 performance
Replies: 12
Views: 2861

Re: RC9 performance

The crappy radio signal seems to be related to having a virtual AP interface enabled. With that enabled, all associations to the physical interface degraded severely. After disabling it, things went back to normal.
by trs80
Sun Oct 28, 2007 12:52 am
Forum: General
Topic: RC9 performance
Replies: 12
Views: 2861

Re: RC9 performance

This release is worse than rc6. Associations on a B radio (XR2) went from excellent to completely unusable -- links that were at 60% are now showing up at 80%, and connection quality dropped from better than 70% down to below 20%. I upgraded because the hotspot just would not do RADIUS authenticatio...
by trs80
Fri Sep 14, 2007 9:34 pm
Forum: General
Topic: Bridge Forwarding Table via SNMP
Replies: 1
Views: 726

Bridge Forwarding Table via SNMP

The docs say MT routers support RFC1493: [quote] dot1dBridge.dot1dBase.dot1dBaseBridgeAddress dot1dBridge.dot1dStp.dot1dStpProtocolSpecification dot1dBridge.dot1dStp.dot1dStpPriority dot1dBridge.dot1dTp.dot1dTpFdbTable.dot1dTpFdbEntry.dot1dTpFdbAddress dot1dBridge.dot1dTp.dot1dTpFdbTable.dot1dTpFdbE...
by trs80
Wed May 16, 2007 6:29 pm
Forum: General
Topic: Vists PPTP
Replies: 2
Views: 710

Vists PPTP

I have an MT running 2.9.38 as a PPTP server, using local accounts under /ppp secret. With XP, all works fine. With Vista, I ran into problems using VJ header compression, but with that disabled, Vista PPTP clients no longer kill the CPU on the board. But they still can't connect. Next thing to look...
by trs80
Sat Jan 20, 2007 11:45 pm
Forum: Wireless Networking
Topic: Hotspot on Virtual AP
Replies: 1
Views: 989

Hotspot on Virtual AP

I have one wireless interface (wlan1) and one virtual AP (vap1) on that interface. I have a hotspot setup on each of these, hs1 on wlan1, and hs2 on vap1. Both are configured the same except for the IP stuff (different subnets). Problem is that the hotspot on vap1 doesn't work at all. No redirect to...
by trs80
Wed Jun 07, 2006 6:26 pm
Forum: General
Topic: Version 2.9.25 out
Replies: 28
Views: 4579

Does this release fix the problem with Intel wireless cards? It's not mentioned in the changelog.
by trs80
Tue Apr 18, 2006 3:48 am
Forum: General
Topic: PPtP client-side routes
Replies: 5
Views: 1647

PPtP client-side routes

I have an MT pptp server configured to accept client connections from a few Windows XP systems. I want to make it so Windows uses the pptp connection to route to networks that are connected to the MT, and to use whatever default gateway it had before establishing the pptp connection (i.e., "use defa...
by trs80
Wed Mar 08, 2006 7:53 pm
Forum: General
Topic: connection-state=established not working
Replies: 2
Views: 2865

I just added that today, after seeing it in another thread. Someone had posted their rule set as an example.

In any case, it's ACKs that are dropped, so that additional match specification should permit those.
by trs80
Wed Mar 08, 2006 6:47 pm
Forum: General
Topic: connection-state=established not working
Replies: 2
Views: 2865

connection-state=established not working

I'm having trouble with return packets to a firewall running 2.9.10. There is no output filter, and the input filter is: 0 chain=input tcp-flags=!syn connection-state=established action=accept 1 chain=input connection-state=related action=accept ... 9 chain=input action=log log-prefix="" 10 chain=in...
by trs80
Mon Feb 06, 2006 6:28 pm
Forum: Wireless Networking
Topic: 802.11 Tunables
Replies: 0
Views: 927

802.11 Tunables

I'm running a number of RB532's, 512's, and WRAP's, with SR-2 cards and RouterOS v2.9.6 to v2.9.10. I'll be upgrading to .12 soon, for the tx-power fix in the new Atheros driver. First, does RouterOS use 802.11 RTS/CTS at all? I did not see any in a recent analysis of frames from one of my nodes. If...
by trs80
Mon Jun 27, 2005 2:34 am
Forum: Scripting
Topic: problems with 'get'
Replies: 2
Views: 1424

problems with 'get'

I need to use the value of various parameters in a script, but end up with null returns from command substitutions. I think it's a problem with 'get', in general, but there is a scripting problem with it as well: First, from the CLI, executing: /system resource get uptime returns nothing. But, execu...
by trs80
Fri Jun 24, 2005 1:04 am
Forum: General
Topic: SSH problem: ssh_exchange_identification
Replies: 0
Views: 1111

SSH problem: ssh_exchange_identification

Hi all, I'm running RouterOS 2.8.21. I can connect perfectly fine with telnet, winbox, etc.... SSH used to work as well, but suddenly started failing with: "ssh_exchange_identification: Connection closed by remote host" I've only seen this error on a regular linux server with openssh, in which case ...