Community discussions

MikroTik App

Search found 16 matches

by johnb175
Wed Jul 06, 2022 12:01 am
Forum: General
Topic: RDP brute force prevention...
Replies: 6
Views: 1037

Re: RDP brute force prevention...

I've used port knocking at other sites successfully but this particular person remotes from laptops and phones and I don't believe port knocking is an option for a phone. This was at least some protection to stop brute force attempts.
by johnb175
Tue Jul 05, 2022 11:53 pm
Forum: General
Topic: RDP brute force prevention...
Replies: 6
Views: 1037

RDP brute force prevention...

I have a case for someone that refuses to use VPN and wants one RDP port accessible from the internet. I was trying to implement the brute force prevention firewall rules listed here . While testing when I initiate the first attempt the IP gets added to stage1 and stage2 immediately. When I initiate...
by johnb175
Sun May 02, 2021 6:36 am
Forum: Wireless Networking
Topic: Combo Station/CAP...
Replies: 2
Views: 1027

Re: Combo Station/CAP...

I just wanted to report back that this setup did work. I simply excluded the 5GHz radio from the CAP and set it up in station mode with the appropriate settings. I then added the 5GHz radio as the CAP discovery interface and added it to the bridge with the two ethernet interfaces. It connected to my...
by johnb175
Thu Apr 29, 2021 6:52 am
Forum: Wireless Networking
Topic: Combo Station/CAP...
Replies: 2
Views: 1027

Combo Station/CAP...

I thought I read about this somewhere, but for the life of me I can't find it. I have a network with several CAPs managed by a CAPsMAN all running 6.48.2. I have a remote building that I currently have connected with a 5GHz SXT (RBSXTG-5HPacDr2) in station mode and behind it I have a WAPac (RBwAPG-5...
by johnb175
Tue Apr 20, 2021 11:29 pm
Forum: Wireless Networking
Topic: CAPsMAN Client to Client Forwarding...
Replies: 4
Views: 5091

Re: CAPsMAN Client to Client Forwarding...

Ok, that makes perfect sense and clears things up. Thanks for all the help.
by johnb175
Tue Apr 20, 2021 6:00 pm
Forum: Wireless Networking
Topic: CAPsMAN Client to Client Forwarding...
Replies: 4
Views: 5091

Re: CAPsMAN Client to Client Forwarding...

Wow, this works perfectly. Thank you. During my testing I noticed another peculiar issue. When two devices are connected to the same cap and both are on the same radio (say 2GHz) it blocks communications as it should. However, when one device connects to the 2GHz and one device connects to the 5GHz ...
by johnb175
Tue Apr 20, 2021 12:56 am
Forum: Wireless Networking
Topic: CAPsMAN Client to Client Forwarding...
Replies: 4
Views: 5091

CAPsMAN Client to Client Forwarding...

I have a hex (RB750Gr3) setup as a CAPsMAN along with four WAP ac (RBwAPG-5HacD2Hnd) units as caps. Everything is working great except client to client forwarding. By default client to client forwarding is disabled and in my test environment as long as both devices are connected to the same cap it w...
by johnb175
Fri Mar 12, 2021 12:44 am
Forum: Wireless Networking
Topic: 60Ghz Bug May - Could be..
Replies: 5
Views: 1841

Re: 60Ghz Bug May - Could be..

1. The most stable ROS 6.44.6. I wish I could downgrade to 6.44.6 but my WAP60Gx3 factory firmware is 6.45.8. So I'm stuck. My WAP60Gx3 to two WAP60G stations seems better since I changed the frequency to 64800. All three are running 6.48.1 with the mdmg-fix=yes. I don't see an option for 66000.
by johnb175
Fri Feb 05, 2021 10:36 pm
Forum: Wireless Networking
Topic: WAP60Gx3 AP PtmP
Replies: 0
Views: 660

WAP60Gx3 AP PtmP

I recently installed a WAP60Gx3 AP and two WAP60's as stations all running 6.4.8 stable. Both stations are reporting tx-sector-info: center when viewing /interface w60g monitor 0 so they appear to be aimed correctly. When I am transferring files from the main LAN to the remote LAN behind Station A e...
by johnb175
Fri Jan 29, 2021 10:06 pm
Forum: Wireless Networking
Topic: Force client to specific AP...
Replies: 8
Views: 4834

Re: Force client to specific AP...

Yes, I already have all my IoT devices connected to a separate SSID using a seperate data path with all the necessary iptable rules implemented. They can only access the internet. My issue is I have them connected to the strongest AP and I lock them by access-list to that AP. At some random point th...
by johnb175
Wed Jan 27, 2021 9:53 pm
Forum: Wireless Networking
Topic: Force client to specific AP...
Replies: 8
Views: 4834

Force client to specific AP...

I have a capsman setup and multiple AP's all running 6.4.8 stable around the house. I have access list created that allow a specific MAC addresses to connect to specific AP's and then I put a deny all right after it. This usually works 95% of the time, but sometimes the IoT devices drop and try and ...
by johnb175
Wed Jan 20, 2021 6:53 pm
Forum: Wireless Networking
Topic: 60ghz link unstable
Replies: 25
Views: 7784

Re: 60ghz link unstable

I agree, it's very frustrating. I reset all my devices back to factory defaults (2 WAP60G's and 1 WAP60Gx3 AP), then upgraded them to 6.4.8 (stable). I then applied the cli fix "/interface w60g set wlan60-1 mdmg-fix=yes" on the WAP60Gx3 AP. So far it's been a two days and I have only seen ...
by johnb175
Thu Jan 14, 2021 11:52 pm
Forum: General
Topic: Capsman - config to keep cap up when capsman connection lost
Replies: 3
Views: 677

Re: Capsman - config to keep cap up when capsman connection lost

Yes, I would like to know this info also.
by johnb175
Thu Jan 14, 2021 6:35 pm
Forum: Wireless Networking
Topic: 60Ghz stations losing IP connectivity randomly
Replies: 11
Views: 5116

Re: 60Ghz stations losing IP connectivity randomly

I recently upgraded from a Wireless Wire Kit (PtP) that I was using to connect a MainHouse and a PoolHouse together. I wanted to bring the connection into my shop so I purchased a WAP60gx3 AP and setup a PtMP by reconfiguring the "master" of the PtP kit as a station. I have have had the sa...
by johnb175
Tue Nov 03, 2020 9:30 pm
Forum: Beginner Basics
Topic: Firewall DNS Problem
Replies: 4
Views: 757

Re: Firewall DNS Problem

I figured it out last night. Looking through Winbox on the rule "drop all not coming from LAN" in-interface-list=!LAN" I had the connection type box selected. There was nothing in it (empty white space) but that was stopping DNS queries from reaching the router. type.JPG Once I desele...
by johnb175
Tue Nov 03, 2020 12:17 am
Forum: Beginner Basics
Topic: Firewall DNS Problem
Replies: 4
Views: 757

Firewall DNS Problem

I just setup a RBcAPGi-5acD2nD running stable 6.47.7 firmware as a home router using ether1 as LAN and ether2 as WAN. I've created a address-list for LAN for 192.168.1.0/24. I've implemented the default firewall set below: /ip firewall filter add action=accept chain=input comment="accept establ...