Community discussions

Search found 80 matches

by drzen
Fri Oct 11, 2019 3:34 pm
Forum: General
Topic: MacOS Catalina, iOS, Catalyst, SwiftUI & Wine
Replies: 69
Views: 8338

Re: MacOS Catalina, iOS, Catalyst, SwiftUI & Wine

Screenshot 2019-10-11 at 15.12.52.png
I want it.

v.
by drzen
Sat Sep 21, 2019 11:09 pm
Forum: General
Topic: Book for advanced routing
Replies: 2
Views: 605

Book for advanced routing

If you want to start exploring topics such as advanced routing, VLAN, OSPF, BGP, MPLS, IPsec,... here my book: https://m.media-amazon.com/images/I/61TLEN0seDL._AC_UY218_.jpg Index file in pdf format: https://www.zen.pn.it/images/book-routing-en.pdf Paperback: https://www.amazon.com/Theory-laboratori...
by drzen
Sun Sep 01, 2019 4:40 pm
Forum: Forwarding Protocols
Topic: [Advertising] Italian book for advanced routing.
Replies: 3
Views: 646

Re: [Advertising] Italian book for advanced routing.

Would like to see it in English. : - ) Ok. English version is ready. https://m.media-amazon.com/images/I/61TLEN0seDL._AC_UY218_.jpg Index file in pdf format: https://www.zen.pn.it/images/book-routing-en.pdf Paperback: https://www.amazon.com/Theory-laboratories-exercises-Mikrotik-RouterOS/dp/1686046...
by drzen
Sun Sep 01, 2019 4:39 pm
Forum: Forwarding Protocols
Topic: [Advertising] Book for advanced routing
Replies: 0
Views: 570

[Advertising] Book for advanced routing

If you want to start exploring topics such as advanced routing, VLAN, OSPF, BGP, MPLS, IPsec,... here my book: https://m.media-amazon.com/images/I/61TLEN0seDL._AC_UY218_.jpg Index file in pdf format: https://www.zen.pn.it/images/book-routing-en.pdf Paperback: https://www.amazon.com/Theory-laboratori...
by drzen
Mon Jul 08, 2019 4:44 pm
Forum: General
Topic: IDS with Mikrotik and SELKS
Replies: 0
Views: 249

IDS with Mikrotik and SELKS

Hi,

does anyone use SELKS (https://www.stamus-networks.com/open-source/#selks) as IDS for RouterOS?
I'm trying to setup but there are some minor fix to do and I want to share this experience.

Thanks in advance.
v.
by drzen
Wed Jan 16, 2019 6:44 pm
Forum: Forwarding Protocols
Topic: [Advertising] Italian book for advanced routing.
Replies: 3
Views: 646

[Advertising] Italian book for advanced routing.

If you want to start exploring topics such as advanced routing, VLAN, OSPF, BGP, MPLS, IPsec, ... in italian language here my book:
https://www.zen.pn.it/2019/01/routing-book

Index file in pdf format:
https://www.zen.pn.it/images/book2-indice.pdf

Regards.
v.
by drzen
Thu Sep 07, 2017 7:05 pm
Forum: Beginner Basics
Topic: Mikrotik Learning Book
Replies: 24
Views: 36036

Re: Mikrotik Learning Book

If you speak italian: Laboratori ed esercizi per MikroTik RouterOS Link su Amazon: https://www.amazon.it/dp/1521899525/ref=sr_1_1?ie=UTF8&qid=1504185567&sr=8-1 Estratto del capitolo 4 sul routing: estratto del capitolo 4 – routing: https://www.zen.pn.it/wp-content/uploads/2017/08/estrattoCapitolo4Ro...
by drzen
Wed Sep 06, 2017 7:12 pm
Forum: General
Topic: Hotspot concurrency logins
Replies: 0
Views: 329

Hotspot concurrency logins

Hi,

I want to reach this behavior:
- in hotspot I specify max simultosly user to 1
- User connect succefully using device A
- User try to connect using device B
- User is connected in device B
- User is logout in device A

Is this possible using freeradius as RADIUS server?

v.
by drzen
Wed Aug 09, 2017 5:45 pm
Forum: Scripting
Topic: Blacklist Filter update script
Replies: 632
Views: 105828

Re: Blacklist Filter update script

That would truly be bad. I've been working on other solutions to push out the list, but have yet to find a good process that is simple and available to all users / firewalls. THE solution is to output only raw ip addresses' list. But this solution collides with the length of variables in routeros. ...
by drzen
Wed Aug 09, 2017 5:22 pm
Forum: Scripting
Topic: Blacklist Filter update script
Replies: 632
Views: 105828

Re: Blacklist Filter update script

Great script and hard works. Thanks. A question about security: all go rights but what if your server is violated? For example a malicious code add "/system reset-configuration" or others dangerous commands in front of a downloaded lists? This is the last doubt before adopting your solution. thanks ...
by drzen
Wed Nov 02, 2016 3:17 pm
Forum: General
Topic: DHCP: offering lease <ip address> for <mac address> without success.
Replies: 1
Views: 918

DHCP: offering lease <ip address> for <mac address> without success.

Hi, a strange behaviour. Simple network: - DHCP server - hotspot - ubiquiti unifi antennas - vlan (two SSID, two VLAN) When wireless clients increase I get a lot of: wifi offering lease <ip address> for <mac address> without success. I have already tried in DHCP server "always broadcast" and "author...
by drzen
Tue Mar 29, 2016 11:08 am
Forum: General
Topic: Limit bandwidth based on quota
Replies: 0
Views: 498

Limit bandwidth based on quota

Hi, I have a classical hotspot configuration with freeradius. Now I want to limit user bandwidth as follow: - first 1GB download is done at full speed - exceeding download is done at limited speed (e.g. 1Mbps) - every day (or after 24 hours) this limitation will be reset (full speed) I look these: h...
by drzen
Tue Jan 19, 2016 9:47 pm
Forum: General
Topic: Do you need a logout for your hotspot?
Replies: 0
Views: 528

Do you need a logout for your hotspot?

Hi, One of the problems of hotspot is that user remains connected until you press the "logout" button (or other timeout/idle counters). This effect annoying especially when you manage school networks: the student of the second hour get computer still connected to the Internet because previous studen...
by drzen
Fri Jan 08, 2016 10:25 am
Forum: General
Topic: HTTPS certificates on hotspots
Replies: 16
Views: 2153

HTTPS certificates on hotspots

Hi, I have a router with four hotspots. Now I want to setup HTTPS certificates. Questions: 1. Do I need one hotspot DNS name for every hotspot servers? E.g. hs1.mydomain.com, hs2.mydomain.com,... refer to gateway IPs. 2. Do I need one HTTPS certificate for every hotspot servers? Thanks in advance. v.
by drzen
Fri Nov 27, 2015 1:34 pm
Forum: General
Topic: Looking for packet flow diagram
Replies: 1
Views: 376

Looking for packet flow diagram

Hi to everyone,

I'm looking for a packet flow diagram like:

http://wiki.mikrotik.com/wiki/Manual:Packet_Flow_v6

but referred to hotspot functionality (e.g what is packets flow when hotspot is active?).

Thanks in advance.
v.
by drzen
Thu Nov 26, 2015 5:49 pm
Forum: Wireless Networking
Topic: Does RouterOS support USB wireless devices?
Replies: 1
Views: 788

Does RouterOS support USB wireless devices?

A simple question:

Does RouterOS support USB wireless devices?

v.
by drzen
Fri Aug 28, 2015 11:19 pm
Forum: Scripting
Topic: Fault tolerance: done :)
Replies: 2
Views: 814

Fault tolerance: done :)

Hi, I done a fault tolerance script. Yet another. :) But... this is multi interfaces fault tolerance (with or without dhcp) and automated. Instructions: 1. Configure router as usual. 2. Check that when only a single wan is connect you must browse internet. E.g. disconnect all wans, connect wan2 and ...
by drzen
Mon Jun 01, 2015 11:12 am
Forum: General
Topic: [Bug?] ARP incongruence
Replies: 7
Views: 1249

Re: [Bug?] ARP incongruence

Yes. It's wireless network with so many APs in WDS with bridge mode. But these APs don't do L2 nat but station/CPE at customer end does L2 nat. And there are multiple entries with same mac as there are multiple customers to single CPE which is in bridge mode with L2 nat. There is no fix time as to ...
by drzen
Thu May 14, 2015 11:39 am
Forum: General
Topic: [Bug?] ARP incongruence
Replies: 7
Views: 1249

Re: [Bug?] ARP incongruence

Hi drzen,

I'm facing same issue and can't find any solution. Hotspot disable & enable solves the problem.

Have you found any workaround on this.

Please help.

Thanks.

I schedule the script every 1 hour and this resolve the problem.

v.
by drzen
Wed Jan 21, 2015 11:01 pm
Forum: General
Topic: Free and open traffic (netflow) analysis
Replies: 2
Views: 1003

Re: Free and open traffic (netflow) analysis

I believe manage engine netflow analyzer demo version lets you do this for 1 router for free.
Only 30 days demo available. :(
by drzen
Wed Jan 21, 2015 3:29 pm
Forum: General
Topic: Free and open traffic (netflow) analysis
Replies: 2
Views: 1003

Free and open traffic (netflow) analysis

Hi to everyone, I have some Mikrotik ROS installations. Every router has some ethernets nic connected to segment with hotspot login and queues policies. Now the question. Sometimes the site boss say "I want to know where my employees go and where my internet traffic go!". Not a user specific statist...
by drzen
Mon Apr 28, 2014 5:04 pm
Forum: General
Topic: ip helper-address
Replies: 2
Views: 5796

Re: ip helper-address

Hi, in Cisco there is ip helper-address. It's used to forward broadcast to unicast, specially in dhcp and bootp requests. In mikrotik we have ip dhcp-relay that forward all dhcp request. Now the problem: I'm tryng to setup a Apple osx netboot server that use a mix of protocol and request. All go ri...
by drzen
Wed Apr 16, 2014 7:47 pm
Forum: General
Topic: ip helper-address
Replies: 2
Views: 5796

ip helper-address

Hi, in Cisco there is ip helper-address. It's used to forward broadcast to unicast, specially in dhcp and bootp requests. In mikrotik we have ip dhcp-relay that forward all dhcp request. Now the problem: I'm tryng to setup a Apple osx netboot server that use a mix of protocol and request. All go rig...
by drzen
Fri Jan 24, 2014 1:00 pm
Forum: General
Topic: Concept question about hotspot, proxy and bandwith shaping
Replies: 0
Views: 367

Concept question about hotspot, proxy and bandwith shaping

Consider this scenario. - a mikrotik router with network segments (office1, office2, office3, wireless,...) - every segments have a hotspot active - between segments there aren't hotspot (a simple ip wallen garden rule permit this) - every segments have a simple queue to limit bandwidth for the spec...
by drzen
Sat Dec 28, 2013 9:05 am
Forum: General
Topic: RB1100 hotspot hangs every 3 days
Replies: 13
Views: 2615

Re: RB1100 hotspot hangs every 3 days

by drzen
Tue Nov 19, 2013 12:33 pm
Forum: General
Topic: [Bug?] ARP incongruence
Replies: 7
Views: 1249

Re: [Bug?] ARP incongruence

Here the script that bring an wallen garden host and do a make-static into dhcp server: incongruenceHealt :local hosts [/ip hotspot ip-binding find bypassed] :foreach h1 in=$hosts do={ :local mac [/ip hotspot ip-binding get $h1 mac-address] :local comment [/ip hotspot ip-binding get $h1 comment] :lo...
by drzen
Tue Nov 19, 2013 10:52 am
Forum: General
Topic: [Bug?] ARP incongruence
Replies: 7
Views: 1249

[Bug?] ARP incongruence

Hi, We found an ARP incongruence when MT run a lot of DHCP+hotspot requests. Randomly some clients can't see hotspot login page. We have some clients in hotspot wallen garden ip (bypass with only mac address in rules). After some weeks of debug here the results: - when clients can't see login page -...
by drzen
Tue Sep 17, 2013 6:39 pm
Forum: General
Topic: N lans and N wans (ADSL)
Replies: 3
Views: 1052

Re: N lans and N wans (ADSL)

Hi dtoffo :D, yes! This is a my :? copy&paste error. Correct address are: add address=10.10.n.254/24 network=10.10.n.0 broadcast=10.10.n.255 interface=WANn where "n" is the WAN id. Problem 1. Trivially gre service port is on. :) User connect successfully and get correct ip. Tunnel is established. Us...
by drzen
Sun Sep 15, 2013 10:22 am
Forum: General
Topic: N lans and N wans (ADSL)
Replies: 3
Views: 1052

N lans and N wans (ADSL)

Hi, I have N lans and N wans (adsl). I want that every lan get out from its wan. So lan1 output from wan1, lan2 output from wan2,... lanN output from wanN. I done this with these lines (based on http://aacable.wordpress.com/2011/10/27/mikrotik-policy-routing-based-on-client-ip-address/ example): /ip...
by drzen
Wed Sep 04, 2013 9:00 am
Forum: General
Topic: RB1100 hotspot hangs every 3 days
Replies: 13
Views: 2615

Re: RB1100 hotspot hangs every 3 days

Without more information , I cant really impart any help, however, I can say that we have many RB1100 units in such situations with uptime running into the hundreds of days, using significant AP and VLAN deployments. Some off the cuff questions: Are you running out of DHCP leases? IS the IP Pool bi...
by drzen
Wed Sep 04, 2013 8:16 am
Forum: General
Topic: RB1100 hotspot hangs every 3 days
Replies: 13
Views: 2615

Re: RB1100 hotspot hangs every 3 days

Another puzzle piece: - in mikrotik i have 3 hotspots interface - two are wired and are ok, no problem - the problematic interface is wired in a segment with only Ubiquiti Unifi APs - the APs are configured as "plain-open" AP, no guest portal I think some ARP poison interference between APs and mikr...
by drzen
Tue Sep 03, 2013 7:22 pm
Forum: General
Topic: RB1100 hotspot hangs every 3 days
Replies: 13
Views: 2615

Re: RB1100 hotspot hangs every 3 days

If you're rebooting in the morning, reboot in the evening, manually of course, to see if it tracks a certain amount of time. Use another system to ping it constantly and let you know when it goes down. Have it send an email to you so you can know the exact time. Problem is random in time. Disabling...
by drzen
Tue Sep 03, 2013 6:24 pm
Forum: General
Topic: RB1100 hotspot hangs every 3 days
Replies: 13
Views: 2615

Re: RB1100 hotspot hangs every 3 days

Why dont you upgrade to 5.25 ?

Already done. Same problem.

V.
by drzen
Mon Sep 02, 2013 10:19 am
Forum: General
Topic: RB1100 hotspot hangs every 3 days
Replies: 13
Views: 2615

Re: RB1100 hotspot hangs every 3 days

I have the same problem.
Any news?

v.
by drzen
Mon May 13, 2013 5:47 pm
Forum: General
Topic: Centralized syslog from transparent proxy
Replies: 0
Views: 810

Centralized syslog from transparent proxy

Hi, I have a mikrotik that send web proxy log to a syslog-ng server. For example this is a row in log: May 12 11:02:55 10.10.0.2 web-proxy,account 10.10.65.78 GET http://gsp1.apple.com/pep/gcc action=allow cache=MISS I use these lines in syslog-ng.conf filter f_squid { program("web-proxy"); }; desti...
by drzen
Tue May 07, 2013 6:11 pm
Forum: General
Topic: Proxylizer+hotspot+queue
Replies: 0
Views: 434

Proxylizer+hotspot+queue

Hi, I have a router with some interfaces: wan, office, guest, service,... Every LAN interface have own it's own hotspot with specific bandwidth (dinamically generated simple queue). Now i want to logs webtraffic using http://wiki.mikrotik.com/wiki/Proxylizer/Getting_Started but using same queue traf...
by drzen
Thu Oct 27, 2011 3:42 pm
Forum: General
Topic: Windows 2008 Virtual IP and hotspot
Replies: 7
Views: 996

Re: Windows 2008 Virtual IP and hotspot

Try disabling the 1:1 NAT on the hotspot. That will arp poison the localnet if you don't disable it. /ip hotspot print set X address-pool=none Just done! But no effect. v. No effect? What are you trying to do? Windows 2008 computer won't ping? Can't ping from another localnet computer? Can't ping f...
by drzen
Thu Oct 27, 2011 3:27 pm
Forum: General
Topic: Windows 2008 Virtual IP and hotspot
Replies: 7
Views: 996

Re: Windows 2008 Virtual IP and hotspot

Try disabling the 1:1 NAT on the hotspot. That will arp poison the localnet if you don't disable it. /ip hotspot print set X address-pool=none Just done! But no effect. TS clients receive the second ip address but when I try to surf the web I can not (page expired). If I disable hotspot all go righ...
by drzen
Thu Oct 27, 2011 1:59 pm
Forum: General
Topic: Windows 2008 Virtual IP and hotspot
Replies: 7
Views: 996

Re: Windows 2008 Virtual IP and hotspot

Any help is good.
DHCP work fine... seem an ARP problem.

v.
by drzen
Thu Oct 20, 2011 3:36 pm
Forum: General
Topic: Windows 2008 Virtual IP and hotspot
Replies: 7
Views: 996

Windows 2008 Virtual IP and hotspot

Hi,

anyone have experiences with windows 2008 terminal service Virtual IP and mikrotik hotspot functionality?

Thanks in advance
v.
by drzen
Sat Dec 18, 2010 3:09 pm
Forum: General
Topic: PPTP + EoIP on 3 zones / 2 buildings
Replies: 7
Views: 1747

Re: PPTP + EoIP on 3 zones / 2 buildings

I don't understand a step: I need an address to phisical eth and an address to bridge interface? Or only for bridge interface? /ip address add address=10.10.4.200/20 broadcast=10.10.15.255 interface=adsl network=10.10.0.0 add address=192.168.20.254/24 broadcast=192.168.20.255 interface=guest network...
by drzen
Fri Dec 17, 2010 11:49 am
Forum: General
Topic: PPTP + EoIP on 3 zones / 2 buildings
Replies: 7
Views: 1747

Re: PPTP + EoIP on 3 zones / 2 buildings

Thanks! Now I'm configuring first router (left router). DHCP servers are only in private and service ethernet, the same that have a bridge (guest netwok isn't bridged and eoip). When connect cable to private I get correct ip, if I connect to service eth I get the same subnetwork ip. This is relevant...
by drzen
Fri Dec 17, 2010 8:24 am
Forum: General
Topic: PPTP + EoIP on 3 zones / 2 buildings
Replies: 7
Views: 1747

Re: PPTP + EoIP on 3 zones / 2 buildings

Thanks.
There is a method to setup dhcp (on mikrotik) on every zone so I can give the correct gateway for each building?


v.
by drzen
Wed Dec 15, 2010 10:32 am
Forum: General
Topic: PPTP + EoIP on 3 zones / 2 buildings
Replies: 7
Views: 1747

PPTP + EoIP on 3 zones / 2 buildings

Hi, I have two buildings with 3 networks on each. I need to create a virtual network with 3 networks. I will use PPTP + EoIP. http://www.zenfamily.it/idea.png Router 1: /interface pptp-server server set enabled=yes /ppp secret add name="USERNAME" service=pptp password="PASS" \ local-address=192.168....
by drzen
Fri Nov 26, 2010 10:57 am
Forum: General
Topic: Interface Tx/Rx rate via SNMP
Replies: 0
Views: 617

Interface Tx/Rx rate via SNMP

Hi,

I'm trying to get Interface Tx/Rx rate (like appear in Winbox interface dialog) via SNMPget.
Is it possible?

Thanks in advance
v.

PS: I use this value in a linux box with a command like this:

snmpget -v 1 -c public 192.168.1.1 1.3.6.1.2.1.2.2.1.10.9
by drzen
Thu Jan 28, 2010 12:15 pm
Forum: General
Topic: Rename an interface
Replies: 6
Views: 11046

Re: Rename an interface

Perfect answer. Thanks!

v.
by drzen
Thu Jan 28, 2010 9:46 am
Forum: General
Topic: Rename an interface
Replies: 6
Views: 11046

Re: Rename an interface

No. When I rename an interface: /interface set "lan wifi" name="eth wifi" all reference (for example rules, hotspot,...) change into new name. So if i do this: /interface set "lan1" name="lan2" /interface add name="lan1" the rules (for example) point to old interface not to new. My target is: add a ...
by drzen
Wed Jan 27, 2010 9:14 pm
Forum: General
Topic: Rename an interface
Replies: 6
Views: 11046

Re: Rename an interface

I want to rename the interface in a live router (i need to add a vrrp interface without changing rules, hotspot,..).

v.
by drzen
Wed Jan 27, 2010 5:42 pm
Forum: Scripting
Topic: VRRP config sync
Replies: 2
Views: 3369

Re: VRRP config sync

Ok, this is good.
Someone has just do this sync with C++ or PHP API?

Thanks in advance
v.
by drzen
Wed Jan 27, 2010 10:49 am
Forum: General
Topic: Rename an interface
Replies: 6
Views: 11046

Rename an interface

Hi, how can I rename an interface without victimizing the rest of the configuration? For example: Before: /interface ethernet set 2 mac-address=00:01:18:C4:05:BD name="lan wifi" /ip hotspot interface="lan wifi" name=wifi_hotspot_server profile=wifi_server_profile After rename: /interface ethernet se...
by drzen
Wed Jan 27, 2010 8:25 am
Forum: Scripting
Topic: VRRP config sync
Replies: 2
Views: 3369

VRRP config sync

Hi, I would like to keep my backup VRRP routers config synced (firewall/mangle/hotspot/vpn etc). Network is http://forum.mikrotik.com/viewtopic.php?f=2&t=38669 I want to refine idea posted in http://forum.mikrotik.com/viewtopic.php?f=9&t=37384 So i want to do two script: one running on master router...
by drzen
Tue Jan 26, 2010 5:46 pm
Forum: General
Topic: Hardware fault tollerance
Replies: 5
Views: 1488

Re: Hardware fault tollerance

I do a more specific post in scripting section about master/backup configuration sync.

Look at http://forum.mikrotik.com/viewtopic.php?f=9&t=38689

thanks
v.
by drzen
Tue Jan 26, 2010 3:04 pm
Forum: General
Topic: Hardware fault tollerance
Replies: 5
Views: 1488

Re: Hardware fault tollerance

Well, I think that is the solution for me. Some doubts: 1. I have two routers R1, R2. 2. R1 is completly configured (firewall rules, nat, hotspot,...) 3. R2 without any configuration 4. For each interfaces (X is the lan id - see network diagram before): R1 configuration: /ip address add address=192....
by drzen
Tue Jan 26, 2010 2:45 pm
Forum: General
Topic: Hardware fault tollerance
Replies: 5
Views: 1488

Re: Hardware fault tollerance

Ok.
I start reading: http://wiki.mikrotik.com/wiki/VRRP

v.
by drzen
Tue Jan 26, 2010 2:36 pm
Forum: General
Topic: Hardware fault tollerance
Replies: 5
Views: 1488

Hardware fault tollerance

Hi, I have a routerOS with 7 lan interface (with hotspot, bandwidth queues,...) and 1 wan interface. Here the overview: http://www.zenfamily.it/schemaFT.png Now I want to give more stability with an hardware failover. What I want is a system similar to cisco pix where two routers are seen as a singl...
by drzen
Sat Oct 24, 2009 5:03 pm
Forum: General
Topic: Interim-Update and FreeRadius
Replies: 3
Views: 2645

Re: Interim-Update and FreeRadius

You need to send DM (disconnect message).

http://wiki.freeradius.org/Disconnect_Messages
Thanks for tip. What's to send (to client) is user is already good for accounting (aka I don't want disconnect)?


v.
by drzen
Wed Oct 21, 2009 8:18 am
Forum: General
Topic: Interim-Update and FreeRadius
Replies: 3
Views: 2645

Interim-Update and FreeRadius

Hi, I have a freeradius with a routerOs 2.9 hotspot. All go right about authentication. Clients connect to router, hotspot send auth frame and freeradius respond to request. Now I want to set Interim-Update so I can disconnect clients in some condition (for example account disabled). I set Interim-U...
by drzen
Tue Jan 20, 2009 4:45 pm
Forum: General
Topic: Tree queues and traffic priority
Replies: 14
Views: 7664

Re: Tree queues and traffic priority

drzen, In order to have control over the traffic in your described setup, you need need to know what traffic can go out a certain port of your router and set up mangle for ALL of it. You must not miss one packet that can go out that port. And setup a queue that gives priority to Internet traffic yo...
by drzen
Tue Jan 20, 2009 10:03 am
Forum: General
Topic: Tree queues and traffic priority
Replies: 14
Views: 7664

Re: Tree queues and traffic priority

It is not wrong, but only in case you limit upload and download together. You need separate packet marks for upload and download and separate limits. Ok. I wanna limit upload and download together. If I wanna prioritize traffic like describe in the last page of janism Pdf (see at http://mum.mikroti...
by drzen
Tue Jan 20, 2009 8:56 am
Forum: General
Topic: Tree queues and traffic priority
Replies: 14
Views: 7664

Re: Tree queues and traffic priority

I write this little php page to automatic compile bandwidth rules:

http://lnx.zenfamily.it/progetti/routerOS

Is this correct?

v.
by drzen
Tue Jan 20, 2009 8:30 am
Forum: General
Topic: 6 or 1 hotspot?
Replies: 14
Views: 1339

Re: 6 or 1 hotspot?

Hi,

no because you change the interfaces.
So... this isn't a solution for me. :-(
by drzen
Mon Jan 19, 2009 5:51 pm
Forum: General
Topic: 6 or 1 hotspot?
Replies: 14
Views: 1339

Re: 6 or 1 hotspot?

You have to connect all LANs to one routerboard (one with the hotspot) and make a bridge with ether or WLANs you need to autenticate, then the hotspot is installed in this interface bridge.

Ok. But this preserve my actully firewall rules and QoS queues?

v.
by drzen
Tue Jan 13, 2009 6:34 pm
Forum: General
Topic: 6 or 1 hotspot?
Replies: 14
Views: 1339

Re: 6 or 1 hotspot?

I am a little confused now. What devices are on each of these interfaces? I presume each network is on a separate ethernet port on the RB493, correct? How does each device connected to these ports get the ip assignment? Is one (or more) box a dhcp server? Or static ips? - Each lan is in his separat...
by drzen
Tue Jan 13, 2009 5:50 pm
Forum: General
Topic: 6 or 1 hotspot?
Replies: 14
Views: 1339

Re: 6 or 1 hotspot?

ADD: I think my question is: If you want all these computers to communicate with each other, why are you netmasking them off from each other, only to reconnect them somewhere in the routing? Is assigning a 10.10.0.0/20 network out of the question? Then connect all the interfaces (ether2-7) like a h...
by drzen
Tue Jan 13, 2009 3:46 pm
Forum: General
Topic: 6 or 1 hotspot?
Replies: 14
Views: 1339

Re: 6 or 1 hotspot?

One hotspot then. :D
but in which interface? In winbox can only select a interface....
by drzen
Tue Jan 13, 2009 3:36 pm
Forum: General
Topic: 6 or 1 hotspot?
Replies: 14
Views: 1339

Re: 6 or 1 hotspot?

More details: - I have already a Radius server for users accounts. - The routerOS is already in a RB493 box - The lan aren't access point but complex lans (with servers, printers,....) - I need to authorized (and autheticate) every users when try to connect to internet via wan interface. what's abou...
by drzen
Tue Jan 13, 2009 9:48 am
Forum: General
Topic: 6 or 1 hotspot?
Replies: 14
Views: 1339

6 or 1 hotspot?

Hi, this is the network: http://www.zenfamily.it/files/network.jpg I need that every users from every lans will be autheticated when use internet connection (so when exit from wan interface). Note that no authentication is needed if a user from one lan transit over routerOs to another lan. How to do...
by drzen
Mon Jan 12, 2009 5:30 pm
Forum: General
Topic: Tree queues and traffic priority
Replies: 14
Views: 7664

Re: Tree queues and traffic priority

Ok, now I'm ready to go (read read read all materials) for a really configuration. First step 1. A mangle for each lan interface - chain prerouting (mark incoming traffic) 2. A first Q1 queue type PCQ max-limit: 10 MB on global-out 3. A queue for each mangle/lan interface with type PCQ with no max-l...
by drzen
Fri Dec 05, 2008 11:06 am
Forum: General
Topic: Tree queues and traffic priority
Replies: 14
Views: 7664

Re: Tree queues and traffic priority

Thanks! Now I print and read. After that... apply.
by drzen
Tue Dec 02, 2008 4:54 pm
Forum: General
Topic: Tree queues and traffic priority
Replies: 14
Views: 7664

Tree queues and traffic priority

Hi, this is the network: http://www.zenfamily.it/files/network.jpg WAN have 10Mbps Bandwidth I want to give: - a minimun of 500 Kbps for Lan 1 and Lan 2 - a minimun of 2 Mbps for Lan 3 to Lan 6 * these Bandwidths are refereed to internet (wan) connection. No limit to traffic from lan 1 to lan2 and s...
by drzen
Fri Oct 03, 2008 10:04 am
Forum: General
Topic: Bandwidth Managment and Queues
Replies: 1
Views: 707

Bandwidth Managment and Queues

Hi, I need some help about this configuration: +--- Lan 1 WAN --- Router os ---- Lan 2 +--- Lan 3 WAN have 10Mbps Bandwidth I want to give: - a minimun of 2 Mbps for Lan 1 - a minimun of 4 Mbps for Lan 2 - a minimun of 4 Mbps for Lan 3 * these Bandwidths are refereed to internet (wan) connection. No...
by drzen
Thu Mar 13, 2008 11:11 am
Forum: General
Topic: Routing problem (2 RouterOS & load balancing)
Replies: 2
Views: 673

Re: Routing problem (2 RouterOS & load balancing)

Are you configured static routes on routers to connect both PC? *on left router: > ip route add dst-address=192.168.1.0/24 gateway=10.10.20 8.2/20 *on right router: > ip route add dst-address=10.10.0.0/20 gateway=10.10.20 8.1/20 Yes. The problem seems the load balancing. For example: pinging from p...
by drzen
Wed Mar 12, 2008 2:05 pm
Forum: General
Topic: Routing problem (2 RouterOS & load balancing)
Replies: 2
Views: 673

Routing problem (2 RouterOS & load balancing)

Hi, here my network: http://img403.imageshack.us/img403/3531/forumff1.th.jpg now pc1 can explorer the web usin wan1, wan2 of fw01, and pc02 using fw02. wan1 and wan2 are load balancing using this schema: http://wiki.mikrotik.com/wiki/Load_Balancing but pc1/pc2 cannot ping pc2/pc1 using backbone. How...
by drzen
Mon Feb 25, 2008 9:30 pm
Forum: General
Topic: Different pptp server on different NICs
Replies: 2
Views: 542

Re: Different pptp server on different NICs

1. different user for different nics
2. some nics use differente radius servers
3. different ip-address

v.
by drzen
Mon Feb 25, 2008 10:33 am
Forum: General
Topic: [resolved] Load balancing with pptp server
Replies: 1
Views: 1242

Re: [resolved] Load balancing with pptp server

add a routing

destination 0.0.0.0
gw 192.168.101.105

with no mark connection!


z.
by drzen
Mon Feb 25, 2008 10:10 am
Forum: General
Topic: Different pptp server on different NICs
Replies: 2
Views: 542

Different pptp server on different NICs

Hi,

how to setup different pptp server on different NICs?

I have 3 NIC and want 3 different pptp server.

thanks in advance
z.
by drzen
Wed Feb 20, 2008 3:25 pm
Forum: General
Topic: [resolved] Load balancing with pptp server
Replies: 1
Views: 1242

[resolved] Load balancing with pptp server

Hi, I have a MT with 3 nic: 2 wan 1 lan Two wan have public ip addresses and are load balancing adsl like: http://wiki.mikrotik.com/wiki/Load_Balancing_Persistent Now I want to make a pptp server using wan1. I do pptp server and can connect from lan to wan1 but no response from external to wan1. Any...
by drzen
Mon Nov 26, 2007 3:34 pm
Forum: General
Topic: Where is my mistake?
Replies: 4
Views: 812

Re: Where is my mistake?

ok. I do the correct address.


/ip address add address=200.200.200.107/29 interface=wan2

(in my case the interface name is wan2)

but no result. Take a look of picture.

v.
by drzen
Tue Nov 20, 2007 1:44 pm
Forum: General
Topic: Where is my mistake?
Replies: 4
Views: 812

Where is my mistake?

Hi, 3 nic: lan, wan and dmz. I want connect a server in dmz (internal ip 10.10.224.10) with external 200.200.200.107 I do these steps: # setup lan /ip address add address=10.10.0.2/20 interface=lan # setup wan /ip address add address=200.200.200.106/29 interface=wan # setup default gateway /ip route...
by drzen
Fri Oct 19, 2007 9:54 am
Forum: General
Topic: PPTP over hotspot
Replies: 2
Views: 964

PPTP over hotspot

Hi, I have 3 homed router: WAN, LAN, PUBLIC-LAN These are permission rules: From WAN to LAN: nothing permit From LAN to *: all permit From PUBLIC-LAN to LAN: nothing permit From PUBLIC-LAN to WAN: captive portal (hotspot) Everything go right. Now I want add a PPTP over PUBLIC-LAN to permit some clie...