Community discussions

MikroTik App

Search found 6944 matches

  • 1
  • 2
  • 3
  • 4
  • 5
  • 24
by holvoetn
Wed Dec 04, 2024 7:50 pm
Forum: Wireless Networking
Topic: Which is fastest wifi device
Replies: 12
Views: 408

Re: Which is fastest wifi device

For versatility I would also go for AX2 but ... it has no usb port.

Just netinstalled 5 cap ac ( ros and wifi-qcom-ac) using container on AX3.
First time right on each occurrence.
by holvoetn
Wed Dec 04, 2024 7:36 pm
Forum: Wireless Networking
Topic: RB4011iGS+5HacQ2HnD-IN and WPA3
Replies: 10
Views: 1219

Re: RB4011iGS+5HacQ2HnD-IN and WPA3

Sure. Each slave radio needs to be attached to a master and will take over the physical properties but can have separate SSID and security. Each of those slave radios will be an interface on its own and then the VLAN game can be applied again. Just don't overdo it because each virtual SSID will ulti...
by holvoetn
Wed Dec 04, 2024 7:34 pm
Forum: Beginner Basics
Topic: Port based Routing to 2 identical IP
Replies: 5
Views: 217

Re: Port based Routing to 2 identical IP

Good job !
by holvoetn
Wed Dec 04, 2024 6:54 pm
Forum: Wireless Networking
Topic: Which is fastest wifi device
Replies: 12
Views: 408

Re: Which is fastest wifi device

From those 3, wap AX since it allows for 160MHz channels (if you can use it within your environment. I can :lol: ).
by holvoetn
Wed Dec 04, 2024 4:45 pm
Forum: General
Topic: RB912UAG-2HPnD - wifi interface is missing
Replies: 5
Views: 187

Re: RB912UAG-2HPnD - wifi interface is missing

It does seem odd wireless package is loaded yet not being used ?

You could try to simply MANUALLY add the wifi interface (in case that interface really needs a long time before it becomes operational after startup). What happens then ?
by holvoetn
Wed Dec 04, 2024 4:36 pm
Forum: Beginner Basics
Topic: Port based Routing to 2 identical IP
Replies: 5
Views: 217

Re: Port based Routing to 2 identical IP

I think I have seen a similar question recently and if I'm not mistaking, you need to use some sort of address remapping based on port.

Edit: I knew I saw it already before not too long ago :D

viewtopic.php?p=1108865#p1108865
by holvoetn
Wed Dec 04, 2024 3:53 pm
Forum: General
Topic: VPN Site to site ?
Replies: 10
Views: 340

Re: VPN Site to site ?

What model of mikrotik routers do you have in Venezuela and Espana?
It's hidden in the wall of text :lol:

AC3 in Venezuela, already present.
Planned to buy AC2 for Spain.
by holvoetn
Wed Dec 04, 2024 3:38 pm
Forum: General
Topic: Is mAP still relevant with RouterOS 7.16 ?
Replies: 5
Views: 253

Re: Is mAP still relevant with RouterOS 7.16 ?

100Mbps over 2.4GHz legacy wireless ? Yeah, one can dream. Make no mistake about my sentiments, however. That mAP is still a fabulous device for its price and flexibility ! I even prefer it over mAP Lite (I do keep that one in my backpack wherever I go). But I get what you mean. Everyone always refe...
by holvoetn
Wed Dec 04, 2024 2:50 pm
Forum: General
Topic: VPN Site to site ?
Replies: 10
Views: 340

Re: VPN Site to site ?

For wireguard you only need one public IP, as long as that is present, there is no problem to setup a VPN tunnel which you then can cross from the other side, there are plenty of examples how this should be done, do you have by now also the idea that use of proper interpunction and line breaks is a ...
by holvoetn
Wed Dec 04, 2024 11:25 am
Forum: General
Topic: Is mAP still relevant with RouterOS 7.16 ?
Replies: 5
Views: 253

Re: Is mAP still relevant with RouterOS 7.16 ?

It is more an issue with its routing speed, that may be too slow for your requirements, it should be in the 150-200 Mbit range.
And how are you going to do that with only 100Mb ports ??? :lol:
by holvoetn
Wed Dec 04, 2024 11:23 am
Forum: General
Topic: Is mAP still relevant with RouterOS 7.16 ?
Replies: 5
Views: 253

Re: Is mAP still relevant with RouterOS 7.16 ?

Yes, works just fine !

(IPSEC to Azure, Wireguard, EOIP, , DHCP for about 15 devices, routing, ISP connection of 50/20Mb...)
"only" 19d uptime because I did upgrade of that version, before it was 139d.

2024-12-04_10-22-02.jpg
by holvoetn
Wed Dec 04, 2024 7:53 am
Forum: Beginner Basics
Topic: 5GHz Wireless
Replies: 2
Views: 171

Re: 5GHz Wireless

Can go up to 15 minutes...
by holvoetn
Tue Dec 03, 2024 6:41 pm
Forum: Beginner Basics
Topic: Copying a hAP setup to a hAP ac2
Replies: 2
Views: 155

Re: Copying a hAP setup to a hAP ac2

Manually is the safest way. Also observe defaults which may be present on the ac2 which may have been different on the older one. Go for the newer settings then. Don't copy MAC addresses for bridge or interfaces. They will be filled in by default. On itself it is not really a big deal, done it plent...
by holvoetn
Tue Dec 03, 2024 6:32 pm
Forum: Announcements
Topic: v7.17rc [testing] is released!
Replies: 149
Views: 34871

Re: v7.17rc [testing] is released!

My experience so far is that wifi-qcom-ac is just not worth the trouble, it is way more unstable and there is no significant performance gain so if you don't absolutely need new CAPsMAN just stay with the older wireless package... I disagree. +1 on disagreeing. MAJOR difference in performance betwe...
by holvoetn
Tue Dec 03, 2024 6:26 pm
Forum: Wireless Networking
Topic: Cap to cap connection
Replies: 7
Views: 376

Re: Cap to cap connection

Super, no issue there then !
by holvoetn
Tue Dec 03, 2024 3:34 pm
Forum: Wireless Networking
Topic: Cap to cap connection
Replies: 7
Views: 376

Re: Cap to cap connection

As long as the second device gets sufficient power and it can " see" capsman controller network-wise, no problem. What i want to do is: capsman<----wired--->cap1<---wired--->cap2 Or it is daisy-chained (controller wired to cap wired to 2nd cap) in which case there should not be a problem ...
by holvoetn
Tue Dec 03, 2024 2:55 pm
Forum: Beginner Basics
Topic: firewall drop connection
Replies: 6
Views: 375

Re: firewall drop connection

You got a point.
You can check for src_address!=192.168.88.0/27, dst_address=192.168.88.0/27
by holvoetn
Tue Dec 03, 2024 2:52 pm
Forum: Containers
Topic: Fitting a container inside hAP ax lite LTE6
Replies: 6
Views: 426

Re: Fitting a container inside hAP ax lite LTE6

I doubt that USB-C connector can be used for anything else then powering the device. It's not even mentioned on block diagram (whereas for other devices where I know it works, it clearly is indicated as USB). I even seem to recall Normis (MT staff) mentioned it somewhere (would have to look for it)....
by holvoetn
Tue Dec 03, 2024 11:13 am
Forum: Wireless Networking
Topic: Quectel Redcap RG255C-GL PCI-e 5G Modem Support
Replies: 2
Views: 469

Re: Quectel Redcap RG255C-GL PCI-e 5G Modem Support

Best to fire ticket to support.
They are the only ones able to tell if and when it can be supported.
by holvoetn
Tue Dec 03, 2024 9:13 am
Forum: General
Topic: RouterOS v7.16 on CRS354-48G-4S+2Q+ (and other models) = slow, predictable crash - OOM
Replies: 11
Views: 1843

Re: RouterOS v7.16 on CRS354-48G-4S+2Q+ (and other models) = slow, predictable crash - OOM

Just to check:
did anyone create a ticket to support about this ?
Otherwise chances are high they do not know about it ...
by holvoetn
Tue Dec 03, 2024 8:32 am
Forum: General
Topic: Firewall rules sanity check
Replies: 2
Views: 236

Re: Firewall rules sanity check

Not an expert either so my personal view. Functionally both are mostly the same. In some edge case (which I can not directly imagine) the second version will catch more so I guess it is the better option. On second option: why use 2 rules for hw-offload or not ? Since I have been looking into this m...
by holvoetn
Tue Dec 03, 2024 8:02 am
Forum: Beginner Basics
Topic: Problem after updating to 7.16.2
Replies: 14
Views: 891

Re: Problem after updating to 7.16.2

My initial comment to move that one rule to the top was based on the rest not being secure enough already. The only true way to solve this: Use outgoing vpn to some public accessible ip ( either your own or some cloud server) and use that as pivot point to get back in. And then you can close that op...
by holvoetn
Mon Dec 02, 2024 9:36 pm
Forum: Beginner Basics
Topic: Problem after updating to 7.16.2
Replies: 14
Views: 891

Re: Problem after updating to 7.16.2

Whenever you change something in firewall, clear all connections or wait 10 minutes or reboot.
by holvoetn
Mon Dec 02, 2024 7:09 pm
Forum: Beginner Basics
Topic: Problem after updating to 7.16.2
Replies: 14
Views: 891

Re: Problem after updating to 7.16.2

Move this rule as first on input chain

add action=accept chain=input comment=WinBox dst-port=8321 protocol=tcp
by holvoetn
Mon Dec 02, 2024 6:19 pm
Forum: Beginner Basics
Topic: Problem after updating to 7.16.2
Replies: 14
Views: 891

Re: Problem after updating to 7.16.2

Open terminal
/export file=anynameyouwish
Move file to PC
Open file with text editor and remove serial number, passwds, public IP,...
Post contents between [code] [/code] quotes for easier readability.
by holvoetn
Mon Dec 02, 2024 6:00 pm
Forum: General
Topic: am i using SOHO Firewall or not?
Replies: 38
Views: 2761

Re: am i using SOHO Firewall or not?

That recommendation was repeated in post #11 and #12
I was going to post again in my view starting from default would be the ONLY sensible starting point but alas ... some are more interesting in patching holes instead of starting from a clean, known to be working config.
by holvoetn
Mon Dec 02, 2024 5:55 pm
Forum: Beginner Basics
Topic: HAPac^2 Ethernet Mode
Replies: 5
Views: 526

Re: HAPac^2 Ethernet Mode

My view:
Then you did not reset to default config.
You can also do this from Winbox/webfig, you know ? System / reset configuration.
Uncheck Caps mode
check Keep users.
Uncheck No Default config
Check Do not backup
by holvoetn
Mon Dec 02, 2024 5:28 pm
Forum: Beginner Basics
Topic: firewall drop connection
Replies: 6
Views: 375

Re: firewall drop connection

hmmm... 24 is not a nice binary number like 16 or 32 (110000 vs 10000/100000). Using a subnet mask is out then. You can add those addresses in an address list and use that one in your firewall rule, I would think ? Address list SERVER_RANGE (or whatever), add all addresses from 192.168.88.1 to 192.1...
by holvoetn
Mon Dec 02, 2024 5:09 pm
Forum: General
Topic: Hex REFRESH
Replies: 11
Views: 524

Re: Hex REFRESH

Why the question asking the question? Typically the LTS is acutally the most stable version available, who doesnt want that (rhetorical question)! However, I have moved off vers6 on my main router recently to ver 7.16, as an LTS for ver7 seems unlikely. :-) yep sir, you’re correct. more stable than...
by holvoetn
Mon Dec 02, 2024 4:35 pm
Forum: General
Topic: Hex REFRESH
Replies: 11
Views: 524

Re: Hex REFRESH

Personal view: To be honest, the way MT handles their versions, LTS-label is not really worth a lot to me. Some may value it as being super stable (based on what ??) but there will always be bugs in it which are sorted out in subsequent non-LTS versions. Which is the more stable then ? LTS or the ne...
by holvoetn
Mon Dec 02, 2024 4:03 pm
Forum: General
Topic: Hex REFRESH
Replies: 11
Views: 524

Re: Hex REFRESH

There is no LTS version yet for ROS7 and since Hex Refresh came out of factory with 7.15.3 (I have one right here on my desk), you can not go lower.

But I have the same remark: why the question for LTS ?
by holvoetn
Mon Dec 02, 2024 4:01 pm
Forum: Beginner Basics
Topic: correcting password field via CLI
Replies: 5
Views: 297

Re: correcting password field via CLI

Observation:
user passwd the same as user name ? Then it could just as well be kept blank. Gives the same level of security.
by holvoetn
Mon Dec 02, 2024 3:36 pm
Forum: Beginner Basics
Topic: correcting password field via CLI
Replies: 5
Views: 297

Re: correcting password field via CLI

Prepare everything in Excel or whatever and then use text functions to create the script. Or any other text processing tool of your preference. I once had to move over about 100 DHCP leases based on Mac address from Win DHCP server to RB5009 and used that approach via Excel. Export from MS Windows D...
by holvoetn
Mon Dec 02, 2024 12:45 pm
Forum: Wireless Networking
Topic: "not responding" - f.k.a. SA Query timeout
Replies: 264
Views: 40849

Re: "not responding" - f.k.a. SA Query timeout

@gjmelena
And your point is ?? It's not really clear from your post.

PS I always use create enabled on capsman provisioning, simply to avoid numbers creeping up whenever a reboot/reconnect happens for whatever reason.
by holvoetn
Mon Dec 02, 2024 12:42 pm
Forum: General
Topic: Wireguard is blocked by ISP any other solution
Replies: 19
Views: 929

Re: Wireguard is blocked by ISP any other solution

Or change ISP ?
A party blocking VPN is not worth to receive your money.
by holvoetn
Mon Dec 02, 2024 12:22 pm
Forum: Wireless Networking
Topic: Cap to cap connection
Replies: 7
Views: 376

Re: Cap to cap connection

Yes, the second device is wired to the capsman. Now you are contradicting yourself :D Either it is directly connected and then there is no issue. Or it is daisy-chained (controller wired to cap wired to 2nd cap) in which case there should not be a problem either if that first cap is in full bridged...
by holvoetn
Mon Dec 02, 2024 11:50 am
Forum: Announcements
Topic: 📣 WinBox 4 is here 📣
Replies: 1553
Views: 376489

Re: 📣 WinBox 4 is here 📣

Please implemnt column vertical divider lines as it's much easier to read data and recognize where one info ends and a new one starts.
Agree.

On Windows 11 you can't really see it unless you start hovering over the area with your mouse. Inefficient.
by holvoetn
Sun Dec 01, 2024 7:18 pm
Forum: Wireless Networking
Topic: Frequency control
Replies: 3
Views: 267

Re: Frequency control

Configure 2GHz radio and leave 5GHz as it is ...
by holvoetn
Sun Dec 01, 2024 5:41 pm
Forum: Wireless Networking
Topic: Advice please hardware/Wifi/Wireless/CapsMan/VLAN confusion
Replies: 17
Views: 1584

Re: Advice please hardware/Wifi/Wireless/CapsMan/VLAN confusion

Vlan and qcom-ac using capsman is ... special.
With ax it is really easy.
by holvoetn
Sun Dec 01, 2024 3:55 pm
Forum: Wireless Networking
Topic: Advice please hardware/Wifi/Wireless/CapsMan/VLAN confusion
Replies: 17
Views: 1584

Re: Advice please hardware/Wifi/Wireless/CapsMan/VLAN confusion

No, you do not have to use VLAN.

If you setup devices separately, you can use this approach on each.
https://tangentsoft.com/mikrotik/wiki?n ... ns%20VLANs

But to be honest, once you get how vlans work, they make things easier.
by holvoetn
Sun Dec 01, 2024 2:28 pm
Forum: Wireless Networking
Topic: how to add virtual wifi?
Replies: 4
Views: 339

Re: how to add virtual wifi?

And the solution is ?
Might help others having the same issue as you...
by holvoetn
Sun Dec 01, 2024 2:20 pm
Forum: Beginner Basics
Topic: CHECK MY CONFIGURATION
Replies: 3
Views: 293

Re: CHECK MY CONFIGURATION

First, please have a look at the
code
tag. That makes it easier to read configs.
Fixed.
by holvoetn
Sun Dec 01, 2024 2:11 pm
Forum: Wireless Networking
Topic: Advice please hardware/Wifi/Wireless/CapsMan/VLAN confusion
Replies: 17
Views: 1584

Re: Advice please hardware/Wifi/Wireless/CapsMan/VLAN confusion

1- Your choice. See later. 2- wifi is using qcom drivers. Wireless is using MT own developed drivers. With arrival of AX line, MT decided to use qcom drivers. qcom-ac was also made to get wave2 compatibility for older HW having compatible chipsets. 3- Who knows ? :D 4- It just has been redone with w...
by holvoetn
Sun Dec 01, 2024 12:58 pm
Forum: Beginner Basics
Topic: Forward chain "drop all else"- counter is zero
Replies: 10
Views: 612

Re: Forward chain "drop all else"- counter is zero

It doesn't harm, true.

But if everything is already handled before, it doesn't make sense. That's all.
by holvoetn
Sun Dec 01, 2024 12:33 pm
Forum: Beginner Basics
Topic: help with DHCP on VLAN
Replies: 5
Views: 377

Re: help with DHCP on VLAN

Not sure where to start, quite a bit of things which are off. You may want to start reading this excellent tutorial on setting up VLAN: https://forum.mikrotik.com/viewtopic.php?t=143620 Where is the firewall ? Where is DHCP server for the rest of your network ? Where is address assignments for route...
by holvoetn
Sun Dec 01, 2024 10:47 am
Forum: Beginner Basics
Topic: Forward chain "drop all else"- counter is zero
Replies: 10
Views: 612

Re: Forward chain "drop all else"- counter is zero

Simple explanation. The rule doesn't get hit. As a test, disable the forward, invalid rule. See what happens. It's not because a rule doesn't count it is not working. It simply means all the rest before, catches everything before it gets there. But in default firewall, that specific combination is n...
by holvoetn
Sun Dec 01, 2024 10:45 am
Forum: General
Topic: FOR THE LOVE OF "DEITY OF CHOICE" FIX YOUR FRIGGEN (forum) WEBSITE [SOLVED]
Replies: 94
Views: 6808

Re: FOR THE LOVE OF "DEITY OF CHOICE" FIX YOUR FRIGGEN (forum) WEBSITE [SOLVED]

And now all notifications from the past weeks are coming through :shock:
by holvoetn
Sat Nov 30, 2024 11:08 pm
Forum: Wireless Networking
Topic: how to add virtual wifi?
Replies: 4
Views: 339

Re: how to add virtual wifi?

And where is the virtual wifi in that config ??

If you add it again, don't forget to attach it to bridge.
by holvoetn
Sat Nov 30, 2024 11:05 pm
Forum: General
Topic: am i using SOHO Firewall or not?
Replies: 38
Views: 2761

Re: am i using SOHO Firewall or not?

Netinstall
Start from default
Learn.
by holvoetn
Sat Nov 30, 2024 11:05 pm
Forum: Beginner Basics
Topic: Hex capsman
Replies: 5
Views: 325

Re: Hex capsman

Yes, for managing wave2 radios it is already there.
by holvoetn
Sat Nov 30, 2024 11:04 pm
Forum: Announcements
Topic: v7.17rc [testing] is released!
Replies: 149
Views: 34871

Re: v7.17rc [testing] is released!

That container thing I saw as well.
Luckily it was pretty straightforward to bring them back to life.
by holvoetn
Sat Nov 30, 2024 8:47 pm
Forum: Wireless Networking
Topic: Cap to cap connection
Replies: 7
Views: 376

Re: Cap to cap connection

As long as the second device gets sufficient power and it can " see" capsman controller network-wise, no problem.
by holvoetn
Sat Nov 30, 2024 7:31 pm
Forum: Beginner Basics
Topic: Hex capsman
Replies: 5
Views: 325

Re: Hex capsman

IF , and that's intentionally in capitals, AC3 uses wifi-qcom-ac drivers.
Then wave2 capsman will work on hex.

If AC3 still uses legacy wireless, you need to load wireless package as well on Hex but storage space might become very restricted.
by holvoetn
Sat Nov 30, 2024 4:13 pm
Forum: General
Topic: am i using SOHO Firewall or not?
Replies: 38
Views: 2761

Re: am i using SOHO Firewall or not?

That would be my take as well.
Given the inexperience of the user, no offense intented, it's best to start from default with a netinstalled device.
by holvoetn
Sat Nov 30, 2024 10:54 am
Forum: General
Topic: am i using SOHO Firewall or not?
Replies: 38
Views: 2761

Re: am i using SOHO Firewall or not?

Looks like someone emptied that firewall.
I hope you haven't got it connected to a WAN interface ?
by holvoetn
Fri Nov 29, 2024 8:37 pm
Forum: Announcements
Topic: v7.17rc [testing] is released!
Replies: 149
Views: 34871

Re: v7.17rc [testing] is released!

Well, that planned netinstall came earlier then expected.
Wanted to partition my device for future mishaps. Completely bricked.

Luckily I had an export from 3 days ago. Biggest problem was getting netinstall to work (after some attempts with Windows. I used container on AX3, first time right).
by holvoetn
Fri Nov 29, 2024 8:01 pm
Forum: Beginner Basics
Topic: Just updated mAP firmware and now it's broke
Replies: 4
Views: 351

Re: Just updated mAP firmware and now it's broke

As of 7.13 wireless or wifi-qcom, depending on your device, is a separate package.

I have a couple of mAP devices running just fine with ROS7 incl wireguard and IPSEC tunnels.
by holvoetn
Fri Nov 29, 2024 5:55 pm
Forum: Wireless Networking
Topic: CAPsMAN and VLAN filtering
Replies: 5
Views: 430

Re: CAPsMAN and VLAN filtering

And still you don't answer all questions... ether4 on RB5009 to the swith. ether10 and ether12 from the switch to CAP devices. Which incoming port on the switch ? From your switch config I see there is a trunk specified for ether1 and 12 for VLANs 20 and 30. /interface bridge vlan add bridge=bridge ...
by holvoetn
Fri Nov 29, 2024 5:07 pm
Forum: Wireless Networking
Topic: CAPsMAN and VLAN filtering
Replies: 5
Views: 430

Re: CAPsMAN and VLAN filtering

You did not specify which is the port from your RB5009 going to the switch ?
Which port on the switch does it come in ?

Which ports on switch are feeding CAP devices ?

Also, it is generally advised NOT to use VLAN1. Use VLAN all the way or don't use it all.
by holvoetn
Fri Nov 29, 2024 11:16 am
Forum: Wireless Networking
Topic: CAPsMAN and VLAN filtering
Replies: 5
Views: 430

Re: CAPsMAN and VLAN filtering

You do not specify which router, which switch, which APs (capsman behavior w.r.t. VLAN is quite different when talking about legacy wireless or wave2 wifi) You do not specify how things are connected. And you do not show your config, what you already tried. So I doubt anyone can have a clue, without...
by holvoetn
Fri Nov 29, 2024 11:06 am
Forum: General
Topic: how to create a master port on crs
Replies: 4
Views: 367

Re: how to create a master port on crs

Errmm ... that's an article from 2014 ?!
by holvoetn
Fri Nov 29, 2024 11:03 am
Forum: Announcements
Topic: v7.17rc [testing] is released!
Replies: 149
Views: 34871

Re: v7.17rc [testing] is released!

... something weird happened in 7.17RC...
Really ?
viewtopic.php?p=1111415#p1111415
by holvoetn
Fri Nov 29, 2024 6:54 am
Forum: Wireless Networking
Topic: Capsman update mechanism
Replies: 1
Views: 288

Re: Capsman update mechanism

Has been a while since I used "old" capsman but I assume it still works more or less the same with the wave2 version. When updating, it's started all at once. And since all package files then need to come from your controller, it may feel like it takes more time since you may create a bott...
by holvoetn
Thu Nov 28, 2024 6:31 pm
Forum: General
Topic: LTE Interface Problems in OS 7.16.1
Replies: 3
Views: 348

Re: LTE Interface Problems in OS 7.16.1

I've seen LTE interface disappear due to FW crash on modem (FW bug on AX Lite LTE with FG621-EA modem, some versions ago). You could recreate it but it vanishes again shortly after creating (when the crash happens again). But this should show in logs. It might be possible you have to go back to ROS ...
by holvoetn
Thu Nov 28, 2024 5:35 pm
Forum: Virtualization
Topic: Are there prebuilt Linux Images for Metarouter? (OpenWrt or other Linux distros)
Replies: 2
Views: 409

Re: Are there prebuilt Linux Images for Metarouter? (OpenWrt or other Linux distros)

To make it simple;
Requirements
Container package is compatible with arm arm64 and x86 architectures. Using of remote-image (similar to docker pull) functionality requires a lot of free space in main memory, 16MB SPI flash boards may use pre-build images on USB or other disk media.
by holvoetn
Thu Nov 28, 2024 1:20 pm
Forum: General
Topic: How to block webpages by URL?
Replies: 5
Views: 511

Re: How to block webpages by URL?

Use external devices more suited for this type of action (and those usually come with a HEAVY price tag).
Not L7 filters on Mikrotik.
by holvoetn
Thu Nov 28, 2024 11:00 am
Forum: Beginner Basics
Topic: im begginer and i have hex refresh
Replies: 5
Views: 409

Re: im begginer and i have hex refresh

Are you expecting us to make your config ?
You may as well ask ChatGPT, who knows what comes out given the limited info you provided.

First show what you already did yourself and you need to describe in a lot more detail what's needed where.
by holvoetn
Thu Nov 28, 2024 9:54 am
Forum: Beginner Basics
Topic: multple vlans same dhcp subnet
Replies: 4
Views: 426

Re: multple vlans same dhcp subnet

For starters ... why create 2 VLANs yet overlapping subnets ? Use 192.168.0.0/24 for first vlan Use 192.168.1.0/24 for second vlan Much easier. You may want to read this nice tutorial: https://forum.mikrotik.com/viewtopic.php?t=143620 Secondly: supout should NEVER be posted here. Only communicated t...
by holvoetn
Wed Nov 27, 2024 10:24 pm
Forum: Wireless Networking
Topic: Any reason not use 20Mhz channel on AX devices, if stability is preferred over max speed?
Replies: 11
Views: 1677

Re: Any reason not use 20Mhz channel on AX devices, if stability is preferred over max speed?

Even for 5GHz I use 20MHz in that setup. All cAP AX and AX3 devices. Stable as a house AND more options to stay on below-DFS channels (scanners in use there don't support higher channels so I had to cut down channel width to create more possibilities to avoid overlaps). That one higher channel is fo...
by holvoetn
Wed Nov 27, 2024 10:12 pm
Forum: Beginner Basics
Topic: routing in mikrotik
Replies: 3
Views: 328

Re: routing in mikrotik

Moved to beginner basics 8)
by holvoetn
Wed Nov 27, 2024 10:12 pm
Forum: Wireless Networking
Topic: Plain 802.11-an better then NV2!
Replies: 13
Views: 6232

Re: Plain 802.11-an better then NV2!

You do know that was a response to a 6-year old thread ??
by holvoetn
Wed Nov 27, 2024 8:00 pm
Forum: Beginner Basics
Topic: routing in mikrotik
Replies: 3
Views: 328

Re: routing in mikrotik

Add route for subnet using gateway where it needs to go to.

So ... routing.
by holvoetn
Wed Nov 27, 2024 7:31 pm
Forum: Wireless Networking
Topic: CAPSMAN Setup Help for better roaming
Replies: 34
Views: 2486

Re: CAPSMAN Setup Help for better roaming

Correct.
by holvoetn
Wed Nov 27, 2024 4:57 pm
Forum: General
Topic: Netinstall issue
Replies: 4
Views: 357

Re: Netinstall issue

Nice link :lol: Want to emphasize again that even after 2 years some users (yeah, me included) have a much higher success rate using Linux for netinstall. Recently I even started using a container option on AX3 (am going to move it to Hex Refresh which I recently added to home lab setup). Another op...
by holvoetn
Wed Nov 27, 2024 4:50 pm
Forum: Beginner Basics
Topic: Secure Remote Access - QuickSet VPN
Replies: 9
Views: 632

Re: Secure Remote Access - QuickSet VPN

Or some cheap VPS in the cloud and install CHR on it, then use that one as pivot point for all Wireguard connections ? Shouldn't be too expensive ? Anav always claims it's about 7$ / month but I don't know what supplier provides it. The IP address doesn't need to be static per se. You can also use a...
by holvoetn
Wed Nov 27, 2024 3:43 pm
Forum: Beginner Basics
Topic: Secure Remote Access - QuickSet VPN
Replies: 9
Views: 632

Re: Secure Remote Access - QuickSet VPN

If your device is passing the requirements, you can also use Mikrotik's Back To Home.
It's meant for those cases where one side is behind CGNAT.
by holvoetn
Wed Nov 27, 2024 1:43 pm
Forum: General
Topic: Complaints from v7.17rc [testing]
Replies: 45
Views: 2543

Re: Complaints from v7.17rc [testing]

Just checked the details of the ticket again ... The problem was that with 7.17b4, after changing device mode to advanced, routerboard settings could be changed without first changing that setting (it was "yes" without doing anything). It seems that part has been "corrected" (7.1...
by holvoetn
Wed Nov 27, 2024 1:28 pm
Forum: General
Topic: Complaints from v7.17rc [testing]
Replies: 45
Views: 2543

Re: Complaints from v7.17rc [testing]

On routerboard, there is an important thing to be taken into account... upgrade or autoupgrade FW to latest version. There have been quite a bit of fixes lately where this upgrade was needed for some corrections to work afterwards. E.g. *) ethernet - improved linking after reboot for hAP ax lite dev...
by holvoetn
Wed Nov 27, 2024 1:10 pm
Forum: Wireless Networking
Topic: cAP or hAPax3?
Replies: 8
Views: 585

Re: cAP or hAPax3?

I could do the corner, but I'd be surprised if it make much difference. Line of sight will be better for most of the area so it will make a difference. 2 APs, let alone table mounted, would fail the WAF (wife acceptance factor) immediately. In fact, it is likely that the AP on the outside of the wa...
by holvoetn
Wed Nov 27, 2024 11:29 am
Forum: Announcements
Topic: v7.16.2 [stable] is released!
Replies: 464
Views: 151708

Re: v7.16.2 [stable] is released!

Since this version has some specific changes related to certificates for capsman, it might be needed to clear certificates on capsman controller.
by holvoetn
Wed Nov 27, 2024 11:09 am
Forum: Wireless Networking
Topic: Chateau 5G ax - 802.11ac and ax support [SOLVED]
Replies: 5
Views: 499

Re: Chateau 5G ax - 802.11ac and ax support [SOLVED]

Just one more question - how can I disable TKIP as encryption method and the legacy standards - a/b/g and leave only n/ac/ax? Currently I haven't checked any of the cyphers and I guess that all of them are acceptable. As for legacy standards, in legacy wireless drivers this was possible to specify....
by holvoetn
Wed Nov 27, 2024 10:54 am
Forum: Announcements
Topic: v7.16.2 [stable] is released!
Replies: 464
Views: 151708

Re: v7.16.2 [stable] is released!

Personal view:
the fact 7.16.2 is being made, makes me think/hope it might take a bit longer before 7.17 becomes stable since all bug fixes here, are also available in 7.17 chain.
And that might be a good thing so more issues can be ironed out for 7.17.
by holvoetn
Wed Nov 27, 2024 10:48 am
Forum: Beginner Basics
Topic: bridge has stopped working, all ports marked as not running
Replies: 12
Views: 683

Re: bridge has stopped working, all ports marked as not running

@EdPa, While I fully understand the rationale for this message in my view the problem here is not the message itself but the fact it currently looks too much like an error (which it is not for a lot of cases, certainly not when no cable or active connection is present). There is also a partially dou...
by holvoetn
Wed Nov 27, 2024 8:39 am
Forum: Wireless Networking
Topic: cAP or hAPax3?
Replies: 8
Views: 585

Re: cAP or hAPax3?

(thread moved) Why not use the corner then ? 2024-11-27_07-36-23.jpg Added options: (as much as I prefer not to, sometimes it can be of use) Can you use powerline adapters in order to be able to place 2 APs in diagonal corners (left bottom and right top) ? If so, I'd go with wAP AX, table mounted. V...
by holvoetn
Wed Nov 27, 2024 8:25 am
Forum: Wireless Networking
Topic: CAPSMAN Setup Help for better roaming
Replies: 34
Views: 2486

Re: CAPSMAN Setup Help for better roaming

You do not need wireless (unless that RB5009 acts as capsman controller for legacy wifi APs).
If you only have AX or Qcom-AC APs, remove wireless from RB5009.

As of 7.13 support is default available in base ROS package to act as capsman controller for wave2 devices.
by holvoetn
Tue Nov 26, 2024 10:35 pm
Forum: Beginner Basics
Topic: HAPac^2 Ethernet Mode
Replies: 5
Views: 526

Re: HAPac^2 Ethernet Mode

Return to default config.

Then use Webfig or Winbox to simply disable wifi interfaces (don't delete, use disable :shock: :? ).
by holvoetn
Tue Nov 26, 2024 10:29 pm
Forum: Wireless Networking
Topic: cAP ax 5GHz low signal strength
Replies: 7
Views: 813

Re: cAP ax 5GHz low signal strength

You are surprised no valid frequency is selected with a config line like this ? set [ find default-name=wifi1 ] channel.band=5ghz-ax .frequency=2300-7300 Steps to be taken 1- start from default config 2- use proper country setting 3- scan your environment, see which channels are free or least used 4...
by holvoetn
Tue Nov 26, 2024 10:15 pm
Forum: Wireless Networking
Topic: Any reason not use 20Mhz channel on AX devices, if stability is preferred over max speed?
Replies: 11
Views: 1677

Re: Any reason not use 20Mhz channel on AX devices, if stability is preferred over max speed?

I have capsman setup with cAP AX devices in warehouse environment where I set the channel width to 20Mhz. No need for more speed with warehouse scanners. I prefer stability there. At home however (really interference-free environment "thanks to" modern building methods, not even GSM signal...
by holvoetn
Tue Nov 26, 2024 10:01 pm
Forum: Announcements
Topic: v7.17rc [testing] is released!
Replies: 149
Views: 34871

Re: v7.17rc [testing] is released!

Without RIF file, we can't fix issues that only some people have observed. For your convenience I upgraded again to 7.17rc1. Result: 2024-11-26_20-26-16.jpg Nice empty windows. Supout could not be created (dead hang and frequent disconnect from Winbox). Downgrading resulted in dead device. I had to...
by holvoetn
Tue Nov 26, 2024 9:41 pm
Forum: Announcements
Topic: v7.17rc [testing] is released!
Replies: 149
Views: 34871

Re: v7.17rc [testing] is released!

some post moved to new place.
viewtopic.php?t=212859

Continue the complaining there please.
by holvoetn
Tue Nov 26, 2024 6:20 pm
Forum: Beginner Basics
Topic: bridge has stopped working, all ports marked as not running
Replies: 12
Views: 683

Re: bridge has stopped working, all ports marked as not running

I see the same behavior in Winbox4 or Webfig on RB5009 (7.17b6) and Hex Refresh (7.17rc1) for ports with no cable in it.
So big possibility it's just that and nothing else.

Or you want my config as well ? :lol:
by holvoetn
Tue Nov 26, 2024 6:11 pm
Forum: Containers
Topic: Issue with container not working on new HEX Refresh (E50UG)
Replies: 23
Views: 1737

Re: Issue with container not working on new HEX Refresh (E50UG)

Sweet, now I don't have to try :lol: And yet I did ... tiny teeny container run from usb1 and it seems to work. 2024-11-26 17:09:33 container,info,debug layer sha256:4c3160818a1f052453d094c490acbae70caa44bbed5fe8ea47be90c560c515fc downloaded 2024-11-26 17:09:33 container,info,debug import successfu...
by holvoetn
Tue Nov 26, 2024 5:24 pm
Forum: Beginner Basics
Topic: bridge has stopped working, all ports marked as not running
Replies: 12
Views: 683

Re: bridge has stopped working, all ports marked as not running

Now you're using a canon to kill a mosquito ...
Config export is not needed here if it is a mere representation issue.
by holvoetn
Tue Nov 26, 2024 5:19 pm
Forum: Containers
Topic: Issue with container not working on new HEX Refresh (E50UG)
Replies: 23
Views: 1737

Re: Issue with container not working on new HEX Refresh (E50UG)

Sweet, now I don't have to try :lol:
by holvoetn
Tue Nov 26, 2024 4:50 pm
Forum: Announcements
Topic: v7.17rc [testing] is released!
Replies: 149
Views: 34871

Re: v7.17rc [testing] is released!

[1] For the love of God, they're not going to release a stable version on Black Friday like they did sometimes in the past... It's already a hectic day in the life of every network operator... Another little surprise as a software update wouldn't be pleasant. And ?? You're not letting updates pass ...
by holvoetn
Tue Nov 26, 2024 3:59 pm
Forum: Beginner Basics
Topic: CRS510-8XS-2XQ stuck on config [SOLVED]
Replies: 6
Views: 397

Re: CRS510-8XS-2XQ stuck on config [SOLVED]

Okido, glad you found it yourself.
Usually one will remember it a lot better then next time :lol:
by holvoetn
Tue Nov 26, 2024 3:16 pm
Forum: Beginner Basics
Topic: CRS510-8XS-2XQ stuck on config [SOLVED]
Replies: 6
Views: 397

Re: CRS510-8XS-2XQ stuck on config [SOLVED]

It might help if you show us export of your config and a bit more info on what you are trying to do (which port trunk/access and which vlan). Terminal export file=anynameyouwish Move file to PC Edit file, remote serial, obfuscate remaining sensitive info Post back between [ code] [/ code] quotes for...
by holvoetn
Tue Nov 26, 2024 1:36 pm
Forum: Beginner Basics
Topic: CRS510-8XS-2XQ stuck on config [SOLVED]
Replies: 6
Views: 397

Re: CRS510-8XS-2XQ stuck on config [SOLVED]

Checkout this VLAN tutorial, the part about switch:

viewtopic.php?t=143620
by holvoetn
Tue Nov 26, 2024 1:32 pm
Forum: Beginner Basics
Topic: bridge has stopped working, all ports marked as not running
Replies: 12
Views: 683

Re: bridge has stopped working, all ports marked as not running

It's not "all ports". Some are active. What client are you using to represent this info ? Which ROS version ? Is something plugged in on those ports ? If not, that may be the reason together with the new style info is being represented in Winbox4/Webfig (7.17beta/rc) I am seeing this too w...
by holvoetn
Tue Nov 26, 2024 1:24 pm
Forum: Wireless Networking
Topic: CapsMan and Cap on the same device [SOLVED]
Replies: 8
Views: 535

Re: CapsMan and Cap on the same device [SOLVED]

Not necessarily something I plan to do but just a pitfall to keep in mind when things are not going as foreseen when you used that method before.
by holvoetn
Tue Nov 26, 2024 10:46 am
Forum: Wireless Networking
Topic: CapsMan and Cap on the same device [SOLVED]
Replies: 8
Views: 535

Re: CapsMan and Cap on the same device [SOLVED]

you can use /interface/wifi/radio provision to provision you local radios according to your provisioning rules. Thats it. Also documented. https://help.mikrotik.com/docs/spaces/ROS/pages/224559120/WiFi#WiFi-RadioProvisioning Woah ! I wasn't aware of that option. Nice ! But there is a caveat That be...
by holvoetn
Tue Nov 26, 2024 8:48 am
Forum: Announcements
Topic: v7.17rc [testing] is released!
Replies: 149
Views: 34871

Re: v7.17rc [testing] is released!

Nope, didn't have the time to do so ( and to be honest, totally forgot).
I had to get my network back up because I had to start working.

I may try again this evening.
by holvoetn
Tue Nov 26, 2024 8:20 am
Forum: Announcements
Topic: v7.17rc [testing] is released!
Replies: 149
Views: 34871

Re: v7.17rc [testing] is released!

Upgraded home-RB5009 from 7.17beta6 to rc1, containers, capsman, ... Winbox3.41 - lots of dialogs with empty info at first (Files, Wireless Registration, Capsman Remote Cap, DHCP Lease, ...). Only after sometimes minutes the info came through. - some containers started, some not. No reason visible w...
by holvoetn
Tue Nov 26, 2024 7:35 am
Forum: Beginner Basics
Topic: Problem with WAX204 (AP mode) in VLAN setup and security questions [SOLVED]
Replies: 4
Views: 344

Re: Problem with WAX204 (AP mode) in VLAN setup and security questions [SOLVED]

When using VLAN on Mikrotik devices, it is generally advised here to NOT use VLAN 1.
Some devices from other brands can do funny things with pvid=1 making the whole thing break down when it passes Tik gear.
by holvoetn
Tue Nov 26, 2024 7:01 am
Forum: RouterBOARD hardware
Topic: Quickset modes C53UiG+5HPaxD2HPaxD
Replies: 11
Views: 1403

Re: Quickset modes C53UiG+5HPaxD2HPaxD

Can you provide a simple drawing (can be on paper) about your understanding of mesh network and what it should look like in total ?
And why the need for a mesh network ?
by holvoetn
Mon Nov 25, 2024 11:00 pm
Forum: Wireless Networking
Topic: Run Two version Capsman in the same Router (CCR2004) [SOLVED]
Replies: 2
Views: 329

Re: Run Two version Capsman in the same Router (CCR2004) [SOLVED]

Yes you can.
When using ROS version 7.13 or higher, load wireless package as well and you have both environments.
by holvoetn
Mon Nov 25, 2024 8:16 pm
Forum: RouterBOARD hardware
Topic: Quickset modes C53UiG+5HPaxD2HPaxD
Replies: 11
Views: 1403

Re: Quickset modes C53UiG+5HPaxD2HPaxD

First comments: 1- remove serial from export of config ! 2- One of the least smart things one can do is rename interfaces. Really ! You're making it harder for yourself and others to review config files. Especially so if you are encountering issues and hunting for problem causes. 3- What packages ar...
by holvoetn
Mon Nov 25, 2024 7:57 pm
Forum: Wireless Networking
Topic: Security setting with WPA3 breaks 2Ghz on hAP AX2
Replies: 4
Views: 385

Re: Security setting with WPA3 breaks 2Ghz on hAP AX2

I have both wifi-qcom and wifi-qcom- ac.

Your ac3 is running wireless or wifi-qcom-ac ?
The former doesn't have WPA3 but I ask to be sure.
by holvoetn
Mon Nov 25, 2024 6:37 pm
Forum: Wireless Networking
Topic: Security setting with WPA3 breaks 2Ghz on hAP AX2
Replies: 4
Views: 385

Re: Security setting with WPA3 breaks 2Ghz on hAP AX2

Unlikely.

I have a bunch of IoT devices REFUSING to connect to 2GHz when WPA3 is added to the mix.
I have a separate SSID ONLY using WPA2 (nothing else security-wise) and then they're happy.
by holvoetn
Mon Nov 25, 2024 6:08 pm
Forum: General
Topic: WAN interface Passes more data than the LAN interface
Replies: 13
Views: 733

Re: WAN interface Passes more data than the LAN interface

Start by simply blocking ALL incoming traffic, then see what happens.
by holvoetn
Mon Nov 25, 2024 5:34 pm
Forum: General
Topic: Doubt regarding network configuration with VLAN in AP
Replies: 8
Views: 540

Re: Doubt regarding network configuration with VLAN in AP

Regarding unmanaged switch, especially when it does not handle VLAN tagged frames correctly: one thing I have already done in the past to circumvent such an issue is using EOIP link between router and AP to virtually bypass unmanaged switch. EOIP link is then used as trunk for VLAN traffic. Ofcourse...
by holvoetn
Mon Nov 25, 2024 3:05 pm
Forum: Beginner Basics
Topic: VLAN setup problem
Replies: 2
Views: 525

Re: VLAN setup problem

You posted your question in the tutorial thread about Using VLAN in RouterOS but it seems you haven't read it...

So again:
viewtopic.php?t=143620
by holvoetn
Mon Nov 25, 2024 8:44 am
Forum: General
Topic: Map Lite - Cant get this thing to work!
Replies: 6
Views: 1641

Re: Map Lite - Cant get this thing to work!

1. Hardware Check -Power Supply: Ensure the mAP Lite is receiving adequate power. If you’re using a USB adapter, try a different adapter with at least 1A output. -LED Behavior: Compare the LED activity to show power and other interfaces. If power supply is not sufficient, the thing will not power o...
by holvoetn
Mon Nov 25, 2024 8:39 am
Forum: General
Topic: Map Lite - Cant get this thing to work!
Replies: 6
Views: 1641

Re: Map Lite - Cant get this thing to work!

Hey @muaazteladia, welcome to the forum! Great to see more knowledgeable and dedicated people joining us. Have a nice weekend! :-)
Errm. NOT !
Couple of things in that response which are blatantly wrong if you know your stuff.
by holvoetn
Mon Nov 25, 2024 8:37 am
Forum: General
Topic: Winbox vs Webfig
Replies: 5
Views: 969

Re: Winbox vs Webfig

Did you write this, or was it generated by ChatGPT ?

Its sounds very GPT like....
To be honest ... I've seen other posts where I had the exact same feeling.
by holvoetn
Mon Nov 25, 2024 8:12 am
Forum: Wireless Networking
Topic: wAP ax as replacement for old UniFi AC Pro?
Replies: 9
Views: 697

Re: wAP ax as replacement for old UniFi AC Pro?

The wAP Ax Is a very new device, so there are not reports on how It behaves. It is standing on my desk here since a little over 2 weeks, under capsman control via RB5009. It behaves really stable (ZERO drops that I can tell on my PC, using Azure Remote Desktop which is VERY sensitive to drops) and ...
by holvoetn
Sun Nov 24, 2024 8:52 pm
Forum: Wireless Networking
Topic: How to increase wifi signal distance/strenght ?
Replies: 10
Views: 724

Re: How to increase wifi signal distance/strenght ?

- 60db is a pretty good signal already.

If you really want to improve that situation ...
( drum roll)

add a cat6 cable.
Or powerline.
Or Moca.

You get where I am going to by now :lol:
by holvoetn
Sun Nov 24, 2024 8:46 pm
Forum: General
Topic: AWS Wireguard Slow
Replies: 21
Views: 1287

Re: AWS Wireguard Slow

RB5009 does have IPSEC HW acceleration.
For quite a while already.
by holvoetn
Sun Nov 24, 2024 8:06 pm
Forum: General
Topic: AWS Wireguard Slow
Replies: 21
Views: 1287

Re: AWS Wireguard Slow

It's not a mute point if one of both ends is a Tik... as was indicated ?
by holvoetn
Sun Nov 24, 2024 6:15 pm
Forum: General
Topic: AWS Wireguard Slow
Replies: 21
Views: 1287

Re: AWS Wireguard Slow

Your point 3 is where I beg to differ.

I tested connections between 2 Tiks using HW offload.

RB5009 to RB5009
Hex Refresh to RB5009
AXLite to RB5009

WG won each time.
by holvoetn
Sun Nov 24, 2024 5:55 pm
Forum: Wireless Networking
Topic: Chateau 5G ax - 802.11ac and ax support [SOLVED]
Replies: 5
Views: 499

Re: Chateau 5G ax - 802.11ac and ax support [SOLVED]

AC or AX band selection are physical settings always driven by master radio. If you set radio to AX, AC clients should connect just fine. Same with 2GHz AX radio and N clients. I have plenty of IoT clients only using N connecting to 2GHz AX radio. Just make sure your security settings are OK. Usuall...
by holvoetn
Sun Nov 24, 2024 5:52 pm
Forum: Wireless Networking
Topic: wAP ax as replacement for old UniFi AC Pro?
Replies: 9
Views: 697

Re: wAP ax as replacement for old UniFi AC Pro?

Should be fine.
WAP AX can use 160MHz wide channel so there should not be that much difference ( provided your environment allows you to use it. Read: relatively interference free).

Unify and wAP AX both use 1gb ether ports, so that's probably going to be your limiting factor anyhow.
by holvoetn
Sun Nov 24, 2024 5:44 pm
Forum: General
Topic: Blocking Video and Music Downloads on MikroTik
Replies: 4
Views: 366

Re: Blocking Video and Music Downloads on MikroTik

You will never win that battle...
If e.g. they start using VPN, you will not see anything about their actions.

Wild idea: how about applying queues so their bandwidth is limited to normal browsing and mail traffic ?
by holvoetn
Sun Nov 24, 2024 5:15 pm
Forum: RouterBOARD hardware
Topic: Bridge filter on L009UiGS not working
Replies: 2
Views: 379

Re: Bridge filter on L009UiGS not working

Without config, nobody can tell.

PS L009 doesn't run ROS6.
by holvoetn
Sun Nov 24, 2024 5:14 pm
Forum: Beginner Basics
Topic: Can't get Wifi clients connected on 2GHz - bug or misconf
Replies: 4
Views: 396

Re: Can't get Wifi clients connected on 2GHz - bug or misconf

Why do you set AX device to 2GHz-N ?
Leave it blank, it will choose on it's own what it should be.

Most IoT devices (in my experience) are only accepting WPA2 at most. Nothing else.
by holvoetn
Sun Nov 24, 2024 5:11 pm
Forum: Wireless Networking
Topic: RB4011iGS+5HacQ2HnD-IN and WPA3
Replies: 10
Views: 1219

Re: RB4011iGS+5HacQ2HnD-IN and WPA3

In 95% of cases: 1 bridge for whatever you want to throw at it. As for VLAN: you may want to check this excellent tutorial: https://forum.mikrotik.com/viewtopic.php?t=143620 Use the wifi interface in your bridge settings. If the radio on your RB4011 is being listed as dynamic, it means you have it c...
by holvoetn
Sun Nov 24, 2024 3:39 pm
Forum: General
Topic: Minimum requirement to be a official Mikrotik consultant
Replies: 14
Views: 901

Re: Minimum requirement to be a official Mikrotik consultant

Some members here never took an exam yet are far more knowledgeable then those being listed as consultant...

My 0.02€...
by holvoetn
Sun Nov 24, 2024 3:37 pm
Forum: General
Topic: Map Lite - Cant get this thing to work!
Replies: 6
Views: 1641

Re: Map Lite - Cant get this thing to work!

Make sure it is properly reset.
Out of the box it should broadcast an SSID.
That's where you need to connect to for further config since default ether will be considered WAN and blocked for entry by firewall.
by holvoetn
Sun Nov 24, 2024 3:31 pm
Forum: Wireless Networking
Topic: RB4011iGS+5HacQ2HnD-IN and WPA3
Replies: 10
Views: 1219

Re: RB4011iGS+5HacQ2HnD-IN and WPA3

Don't set vlan on datapath.
Use interface as with other ports via bridge.

Wireless capsman menu might be there but doesn't do anything anymore if you use wifi-qcom-ac driver.
by holvoetn
Sun Nov 24, 2024 3:16 pm
Forum: Wireless Networking
Topic: RB4011iGS+5HacQ2HnD-IN and WPA3
Replies: 10
Views: 1219

Re: RB4011iGS+5HacQ2HnD-IN and WPA3

Do not setup local radio under capsman.
Treat it as a local radio with vlan etc.
by holvoetn
Sun Nov 24, 2024 3:00 pm
Forum: Wireless Networking
Topic: Mikrotik hAP ax3 (C53UiG+5HPaxD2HPaxD). No Wireless Interface [SOLVED]
Replies: 7
Views: 1056

Re: Mikrotik hAP ax3 (C53UiG+5HPaxD2HPaxD). No Wireless Interface [SOLVED]

That's the page for AC3.
You can tell seeing arm version instead of arm64.

Different thing.

Page for AX3 is correct.

And the only correct driver for AX3 is wifi-qcom.
NOT wifi-qcom-ac.
by holvoetn
Sun Nov 24, 2024 11:08 am
Forum: General
Topic: AWS Wireguard Slow
Replies: 21
Views: 1287

Re: AWS Wireguard Slow

Repeat...

When testing Tik to Tik with both devices capable of HW offloading IPSEC, WG is still faster.
Since one side is Tik, performance will always be dictated by the slowest one.

Wireguard will be faster given same underlying HW.

Do the test yourself.
I already did. Hence my conclusion.
by holvoetn
Sun Nov 24, 2024 11:03 am
Forum: General
Topic: CAP ax - Admin Password Changes After "Reset in CAPS Mode" ?
Replies: 5
Views: 1700

Re: CAP ax - Admin Password Changes After "Reset in CAPS Mode" ?

Interesting ... 7.11.3 may contain a bug then for that part.

But in the mean time we're already at 7.16.1.
by holvoetn
Sun Nov 24, 2024 11:02 am
Forum: General
Topic: VLAN Trunk - DHCP issue
Replies: 12
Views: 771

Re: VLAN Trunk - DHCP issue

Once you define a port properly as trunk, pvid setting doesn't matter anymore.
by holvoetn
Sat Nov 23, 2024 7:11 pm
Forum: General
Topic: AWS Wireguard Slow
Replies: 21
Views: 1287

Re: AWS Wireguard Slow

Drop IPSEC.
It will also be SW based on CHR side and therefor even be slower then WG.

When testing Tik to Tik with both devices capable of HW offloading IPSEC, WG is still faster.

My view ...
by holvoetn
Sat Nov 23, 2024 6:48 pm
Forum: Announcements
Topic: v7.17rc [testing] is released!
Replies: 149
Views: 34871

Re: v7.17rc [testing] is released!

I had a strange behaviour after updating my both CHR CAPsMAN (AX) from 7.17beta6 to 7.17RC1. Both devices lost their CAPsMAN config. All entries were emty (wifi -> Config, Channel, Security, datapath aso.) Next I tried to re-import the settings from an RSC-file, but the import hangs while importing...
by holvoetn
Sat Nov 23, 2024 6:34 pm
Forum: General
Topic: VLAN Trunk - DHCP issue
Replies: 12
Views: 771

Re: VLAN Trunk - DHCP issue

I cleaned it up as you said and understood a little more. However, I think that the edit "add bridge=brLAN ingress-filtering=yes frame-types= admit-only-vlan-tagged interface=ether4" fixed the fact that I could see the other IPs coming from Ubiquiti and now I cannot which is perfect. I be...
by holvoetn
Sat Nov 23, 2024 2:02 pm
Forum: General
Topic: VLAN Trunk - DHCP issue
Replies: 12
Views: 771

Re: VLAN Trunk - DHCP issue

I am going to assume you are using the other ports as untagged for ... vlan 1 ? Something does show on your screenshot indicating it. Rule (somewhere between 1 and 3) for Mikrotik admin: Avoid vlan 1. If you use vlan on Mikrotik, use it all the way. Set proper tagged/ untagged ports with correct vla...
by holvoetn
Sat Nov 23, 2024 11:28 am
Forum: Announcements
Topic: v7.17rc [testing] is released!
Replies: 149
Views: 34871

Re: v7.17rc [testing] is released!

My mistake. It should be there. It's not listed in pheripherals section but others.
by holvoetn
Sat Nov 23, 2024 10:03 am
Forum: Announcements
Topic: v7.17rc [testing] is released!
Replies: 149
Views: 34871

Re: v7.17rc [testing] is released!

What's the point if there is no temperature sensor ?
by holvoetn
Sat Nov 23, 2024 8:52 am
Forum: General
Topic: Wireguard only for WiFi sitting in its own VLAN
Replies: 4
Views: 454

Re: Wireguard only for WiFi sitting in its own VLAN

3. I am not sure if this is LEGAL. your slave WLAN for wireguard has a different BAND from the master. Is this allowed, I know the frequency and such is copied over......... I believe the virtual WLAN can have ONLY its own SSID, and security setting and can be assigned to a different subnet/vlan. T...
by holvoetn
Sat Nov 23, 2024 12:02 am
Forum: Beginner Basics
Topic: RB4011 wont run at default CPU frequency
Replies: 8
Views: 556

Re: RB4011 wont run at default CPU frequency

First enable changing of routerboard settings in device mode.
This will require a reboot.

Then you can change the setting.
by holvoetn
Fri Nov 22, 2024 5:07 pm
Forum: RouterBOARD hardware
Topic: FCC Compliance Testing Support
Replies: 4
Views: 646

Re: FCC Compliance Testing Support

Best to contact support with your specific requests.

support@mikrotik.com
by holvoetn
Fri Nov 22, 2024 4:22 pm
Forum: Wireless Networking
Topic: Framed Route on Chateau 5G
Replies: 4
Views: 2191

Re: Framed Route on Chateau 5G

Same issue for me... Mokrotik support any feedback? is frame routing supported by chateau 5G???
Ask support via support@mikrotik.com to be sure.
This is a user forum, they don't read everything on this place.
by holvoetn
Fri Nov 22, 2024 2:46 pm
Forum: General
Topic: hap ax3 random wireless disconnects
Replies: 140
Views: 16606

Re: hap ax3 random wireless disconnects

FWIW I had AX3 and now wAP AX on my desk. Since I have that wAP AX I use my laptop only via wifi. Zero disconnects. And using Azure Remote Desktop when working from home I would know immediately ... that environment is HIGHLY allergic to disconnects, even for a split second. (Using AX3 I also have u...
by holvoetn
Fri Nov 22, 2024 2:40 pm
Forum: RouterBOARD hardware
Topic: Quickset modes C53UiG+5HPaxD2HPaxD
Replies: 11
Views: 1403

Re: Quickset modes C53UiG+5HPaxD2HPaxD

No screenshots please !
Export of config.
And a clear description of what your problem is and what you want to achieve.
by holvoetn
Thu Nov 21, 2024 11:23 pm
Forum: RouterBOARD hardware
Topic: Which 8 port fanless switch?
Replies: 10
Views: 1714

Re: Which 8 port fanless switch?

Got 5 or 6 of those installed with customer.
They are very good.
by holvoetn
Thu Nov 21, 2024 8:33 pm
Forum: Announcements
Topic: Newsletter #121 | October 2024
Replies: 54
Views: 7925

Re: Newsletter #121 | October 2024

One can dream....
by holvoetn
Thu Nov 21, 2024 6:30 pm
Forum: General
Topic: FOR THE LOVE OF "DEITY OF CHOICE" FIX YOUR FRIGGEN (forum) WEBSITE [SOLVED]
Replies: 94
Views: 6808

Re: FOR THE LOVE OF "DEITY OF CHOICE" FIX YOUR FRIGGEN (forum) WEBSITE [SOLVED]

Side note: one added benefit from this whole situation ... spammers have little interest the past days for this place.
It's remarkably quiet on that front :lol:
by holvoetn
Thu Nov 21, 2024 6:23 pm
Forum: Beginner Basics
Topic: hAP ax3: change default internet port ether1 to ether2 [SOLVED]
Replies: 23
Views: 1453

Re: hAP ax3: change default internet port ether1 to ether2 [SOLVED]

The ether1 is PoE-Out on the A x 3: The A C 3 has it on port 5: I knew that :lol: One of the comments I had when I first got AX3. I have some installations with AC3 powering other stuff and all of a sudden it was changed to ether1 with AX3. This is the key thing to look for: POE IN and POE OUT and ...
by holvoetn
Thu Nov 21, 2024 5:54 pm
Forum: Beginner Basics
Topic: hAP ax3: change default internet port ether1 to ether2 [SOLVED]
Replies: 23
Views: 1453

Re: hAP ax3: change default internet port ether1 to ether2 [SOLVED]

Connect PC to ether3 Connect using Winbox Change Interface List WAN -> remove ether1, add ether2 Change Interface list LAN -> remove ether2, add ether1 Change bridge ports -> remove ether2, add ether1 IP DHCP Client: change client to ether2 And that should be it. Reboot router to be sure (firewall w...
by holvoetn
Thu Nov 21, 2024 5:42 pm
Forum: General
Topic: CRS312-4C+8XG - routing performance
Replies: 4
Views: 365

Re: CRS312-4C+8XG - routing performance

Re: New Hex: be careful how you use the ports. Ether1 is differently connected then ether 2-5 which results in ether1 always passing CPU. Makes a big difference depending on your config. RB5009 is the more future proof option IMHO (and can be rack-mounted if you get the mounting brackets, 4 in 1U if...
by holvoetn
Thu Nov 21, 2024 11:21 am
Forum: General
Topic: [7.6] CAP mode fails after custom netinstall
Replies: 7
Views: 1262

Re: [7.6] CAP mode fails after custom netinstall

Caps mode for wave2 only became available as of 7.8. So use latest stable.
by holvoetn
Thu Nov 21, 2024 7:46 am
Forum: Wireless Networking
Topic: No default steering neighbour group with CAPsMAN [SOLVED]
Replies: 29
Views: 5612

Re: No default steering neighbour group with CAPsMAN [SOLVED]

No, you can't!? One level up you can define custom steering settings which can refer to an existing neighbor-group, but as far as I can tell there is no possibility to create your own custom neighbor-group. Really ? /interface/wifi/steering> add neighbor-group=test name=test DONE. Don't confuse wit...
by holvoetn
Thu Nov 21, 2024 7:42 am
Forum: General
Topic: FOR THE LOVE OF "DEITY OF CHOICE" FIX YOUR FRIGGEN (forum) WEBSITE [SOLVED]
Replies: 94
Views: 6808

Re: FOR THE LOVE OF "DEITY OF CHOICE" FIX YOUR FRIGGEN (forum) WEBSITE [SOLVED]


Looks like my residential IP was blocked - using Tor to post this. They must be dropping address blocks that originated attacks, and I got caught on the crossfire.
Fire ticket to support to have it unblocked, or at least get explanation.
by holvoetn
Thu Nov 21, 2024 7:38 am
Forum: RouterBOARD hardware
Topic: Quickset modes C53UiG+5HPaxD2HPaxD
Replies: 11
Views: 1403

Re: Quickset modes C53UiG+5HPaxD2HPaxD

What's wrong with the default settings ?
by holvoetn
Thu Nov 21, 2024 7:35 am
Forum: Wireless Networking
Topic: RB4011iGS+5HacQ2HnD-IN and WPA3
Replies: 10
Views: 1219

Re: RB4011iGS+5HacQ2HnD-IN and WPA3

You may have to uninstall wireless driver on the RB4011 and add wifi-qcom-ac. You will loose 2.4GHz radio on that device but 5GHz radio can be used as local radio with WPA3. Not within capsman. Just a minute ... It will also be able to be used as capsman controller for AX devices. Now comes the nift...
by holvoetn
Tue Nov 19, 2024 7:12 pm
Forum: General
Topic: FOR THE LOVE OF "DEITY OF CHOICE" FIX YOUR FRIGGEN (forum) WEBSITE [SOLVED]
Replies: 94
Views: 6808

Re: FOR THE LOVE OF "DEITY OF CHOICE" FIX YOUR FRIGGEN (forum) WEBSITE [SOLVED]

Not really.
Just got error page referring to overload.
by holvoetn
Tue Nov 19, 2024 6:19 pm
Forum: Beginner Basics
Topic: hAP ac2 - routeros-7.16.1-arm - wifi [SOLVED]
Replies: 2
Views: 397

Re: hAP ac2 - routeros-7.16.1-arm - wifi [SOLVED]

Added info for clarification: as of 7.13 you are required to load the wireless or wifi package as well when doing netinstall. Not only main ROS package. BTW that Help page you linked to, go 1 level up and then see what's written there, section Old 802.11ac ARM CPU devices: https://help.mikrotik.com/...
by holvoetn
Sun Nov 17, 2024 5:42 pm
Forum: Wireless Networking
Topic: wAP ax?
Replies: 246
Views: 28664

Re: wAP ax?

Not even sure if I have it right but it works, its snappy, no complaints.
Now, was this so hard to admit ? :lol:
by holvoetn
Sun Nov 17, 2024 11:32 am
Forum: Beginner Basics
Topic: Do switch rules on the RB5009ug+s+in work to assign VLAN by MAC?
Replies: 2
Views: 263

Re: Do switch rules on the RB5009ug+s+in work to assign VLAN by MAC?

That first article you link to refers to a table with supported switch chips and models. Neither 88E6393 ( swich used in RB5009) nor RB5009 are mentioned there. The second link you mention is related to netpower, which is mentioned in the first table. So why do you think those instructions would app...
by holvoetn
Sat Nov 16, 2024 7:27 pm
Forum: Wireless Networking
Topic: Caps network connectivity issue dhcp deassigned assigned
Replies: 12
Views: 1453

Re: Caps network connectivity issue dhcp deassigned assigned

How many caps and connected to which power source ? Sure it can handle the combined load ?
by holvoetn
Sat Nov 16, 2024 12:22 pm
Forum: Beginner Basics
Topic: Netwatch a Windows 11 firewalled client
Replies: 9
Views: 460

Re: Netwatch a Windows 11 firewalled client

That's not how it works in my head.

Once wireguard tunnel is up, you pass firewall. Period.
Firewall doesn't know nor care what goes through that tunnel.

If peer settings have a dedicated ip, you can always contact that address IF wireguard is active.

That's the whole point of a VPN.
by holvoetn
Sat Nov 16, 2024 10:50 am
Forum: Beginner Basics
Topic: Netwatch a Windows 11 firewalled client
Replies: 9
Views: 460

Re: Netwatch a Windows 11 firewalled client

The whole point of using a VPN like Wireguard is to travel through firewall if needed.

So what's the problem ?
Netwatch to peer IP address.
by holvoetn
Sat Nov 16, 2024 10:25 am
Forum: Wireless Networking
Topic: Caps network connectivity issue dhcp deassigned assigned
Replies: 12
Views: 1453

Re: Caps network connectivity issue dhcp deassigned assigned

Also check log files both on AP and controller around the time disconnects happen.
They might give you a better idea to find the reason.
by holvoetn
Sat Nov 16, 2024 9:36 am
Forum: Announcements
Topic: v7.17beta [testing] is released!
Replies: 773
Views: 156193

Re: v7.17beta [testing] is released!

As already mentioned before
Traffic- gen: I can understand why that's blocked by default.
Bandwidth test / speedtest: You always need a target device responding before it does anything. So why block this as well ?
by holvoetn
Fri Nov 15, 2024 6:57 pm
Forum: Beginner Basics
Topic: SXT LTE6 kit with FG621-EA sim slot switch
Replies: 1
Views: 179

Re: SXT LTE6 kit with FG621-EA sim slot switch

Pretty sure it is there on SXT with R11-e.
So it must be related to the modem ?

Already asked support about it ? Most likely they forgot to add it in Winbox with the new modem.
by holvoetn
Fri Nov 15, 2024 5:35 pm
Forum: General
Topic: FOR THE LOVE OF "DEITY OF CHOICE" FIX YOUR FRIGGEN (forum) WEBSITE [SOLVED]
Replies: 94
Views: 6808

Re: FOR THE LOVE OF "DEITY OF CHOICE" FIX YOUR FRIGGEN WEBSITE [SOLVED]

Already launched a support ticket ?
You do know MT staff doesn't frequent this place that much ?

PS the problem is with forum, not website. Just to get the requirements correct ...

:lol: :lol:

Edit: SUP-171456 created
by holvoetn
Fri Nov 15, 2024 5:31 pm
Forum: Beginner Basics
Topic: hAP ax^2 WiFI as station/WAN
Replies: 1
Views: 205

Re: hAP ax^2 WiFI as station/WAN

It is pointless to post any configuration as the device has been reset many times and there is no config set on it that could cause the problem. Bold statement. It is the config anyhow ... and if you don't show it, how can we point out to you what's wrong ? Start with upgrading to latest stable (7....
by holvoetn
Fri Nov 15, 2024 4:33 pm
Forum: General
Topic: RB5009 and VLANs
Replies: 19
Views: 1163

Re: RB5009 and VLANs

Hi, I'm still in the process of configuring my RB5009 with VLANs (learning quite a bit along the way). I'd like to set up two VLANs, vlan-10 and vlan-20. It should be possible to connect to vlan-10 from ether2 and to vlan-20 from ether3. It should also be possible to connect to vlan-10 and vlan-20 ...
by holvoetn
Fri Nov 15, 2024 8:20 am
Forum: RouterBOARD hardware
Topic: Quickset modes C53UiG+5HPaxD2HPaxD
Replies: 11
Views: 1403

Re: Quickset modes C53UiG+5HPaxD2HPaxD

It's known around here that quite some Quickset modes are missing since AX-line came out.
Having said that ... a lot of seasoned users rarely use it (if ever).
I never do.
by holvoetn
Fri Nov 15, 2024 8:08 am
Forum: General
Topic: CapsMan - "slower" timeout before deprovisioning possible?
Replies: 2
Views: 244

Re: CapsMan - "slower" timeout before deprovisioning possible?

That's for locking the AP to the first controller it finds (in case there are multiple).
I assume having multiple and switching over, will result in the same breakdown.

<interested in the answer to this one so following ...>
by holvoetn
Thu Nov 14, 2024 8:21 pm
Forum: General
Topic: wAP AC wireless or qcom?
Replies: 14
Views: 745

Re: wAP AC wireless or qcom?

I think/ hope we all (most ?) here have the same intentions. Help others and learn something out of it while doing so.

Some members can be quite snappy and vocal but even for those I think the underlying motivation is the same.
by holvoetn
Thu Nov 14, 2024 8:18 pm
Forum: General
Topic: How to flush the default firewall [SOLVED]
Replies: 6
Views: 517

Re: How to flush the default firewall [SOLVED]

I would strongly recommend to start from default and only change when you fully understand what the impact is.

Some rules are built-in and can effectively not be removed.
by holvoetn
Thu Nov 14, 2024 8:15 pm
Forum: RouterBOARD hardware
Topic: CCR2004-16G-2S+PC ports "flapping" on v7.15.3
Replies: 3
Views: 654

Re: CCR2004-16G-2S+PC ports "flapping" on v7.15.3

Do the log files show anything useful when it happens ?
Mac conflict somewhere?
by holvoetn
Thu Nov 14, 2024 8:13 pm
Forum: General
Topic: CAPSMAN WiFi Wave2
Replies: 4
Views: 460

Re: CAPSMAN WiFi Wave2

At first sight it looks ok.

Have you tested it when moving around ?
You should see roaming messages in log file.
by holvoetn
Thu Nov 14, 2024 7:59 pm
Forum: Wireless Networking
Topic: wAP ax?
Replies: 246
Views: 28664

Re: wAP ax?

A config with capsman or pure wifi is basically only 1 line difference. Enabling of capsman controller on the controller. Setting controller to capsman or capsman-or-local on the AP radio. The rest is more or less the same (apart from possibly provisioning on capsman controller, there you have a dif...
by holvoetn
Thu Nov 14, 2024 5:49 pm
Forum: Beginner Basics
Topic: Netinstall and default password
Replies: 3
Views: 373

Re: Netinstall and default password

First thing I do with every new device: Take picture from sticker with passwd, let OCR do its thing and put the info away so I can find it back. Then I add my own user and remove admin. And then we start ... kirasakuya: If you have a lot of devices, your distributor should be able to provide you a t...
by holvoetn
Thu Nov 14, 2024 5:42 pm
Forum: Wireless Networking
Topic: wAP ax?
Replies: 246
Views: 28664

Re: wAP ax?

Load wifi-qcom-ac drivers on it and then redo your tests.
by holvoetn
Thu Nov 14, 2024 4:49 pm
Forum: Announcements
Topic: v7.17beta [testing] is released!
Replies: 773
Views: 156193

Re: v7.17beta [testing] is released!

I just upgraded following devices without any hitch (home/lab setup):
RB5009
AX2
wAP AX
AX Lite
Hex Refresh
by holvoetn
Thu Nov 14, 2024 4:47 pm
Forum: Wireless Networking
Topic: wAP ax?
Replies: 246
Views: 28664

Re: wAP ax?

What bloatware ? You either split everything out over the required tabs or you can (if you want) put almost everything on the configuration tab and simply apply. With old capsman it was exactly the same. Wave2 config and capsman setup is 95% to 99% the same. You just have to keep in mind (when using...
by holvoetn
Thu Nov 14, 2024 4:18 pm
Forum: Wireless Networking
Topic: wAP ax?
Replies: 246
Views: 28664

Re: wAP ax?

No offense but it strikes me as odd how you can easily SEE errors in config files w.r.t. VLANs, mangling, firewall, ... (and very extensively and fast too !) but you struggle with capsman setup ?
by holvoetn
Thu Nov 14, 2024 3:48 pm
Forum: General
Topic: wAP AC wireless or qcom?
Replies: 14
Views: 745

Re: wAP AC wireless or qcom?

There is extensive documentation, also on replacing: https://help.mikrotik.com/docs/spaces/ROS/pages/224559120/WiFi#WiFi-Replacing'wireless'package Hmmm ... To do this, it is necessary to uninstall the 'wireless' package, then install 'wifi-qcom-ac'. So extensive they missed 2 reboot steps to make ...
by holvoetn
Thu Nov 14, 2024 3:29 pm
Forum: General
Topic: wAP AC wireless or qcom?
Replies: 14
Views: 745

Re: wAP AC wireless or qcom?

I just uploaded wifi-qcom-ac-7.16.1-arm.npk. It shows in FILES. Rebooted, but it was not installed and disappeared from FILES. Did it again and this time clicked DISABLE for the wireless package. Rebooted and same result. Am I doing this incorrectly? Assuming ROS version 7.13 or higher: First set w...
by holvoetn
Thu Nov 14, 2024 3:28 pm
Forum: General
Topic: wAP AC wireless or qcom?
Replies: 14
Views: 745

Re: wAP AC wireless or qcom?

I don't quite understand the difference between should and advised. You asked if you should use it. No, you do not have to. Old wireless also works. That's what "should" means in the context of the question you asked. But it is advised, as in RECOMMENDED by most users here knowing what it...
by holvoetn
Thu Nov 14, 2024 3:02 pm
Forum: General
Topic: wAP AC wireless or qcom?
Replies: 14
Views: 745

Re: wAP AC wireless or qcom?

"Should", no.
Advised, yes.

There is a remarkable difference in wifi performance when you can use wave2 drivers and as of 7.16 storage problem for those 16Mb-devices is reduced (not entirely gone but for simple AP function, it's ok).
by holvoetn
Thu Nov 14, 2024 1:12 pm
Forum: General
Topic: RB5009 and VLANs
Replies: 19
Views: 1163

Re: RB5009 and VLANs

Reset again to factory conditions.
But then you will loose your earlier created user account.
by holvoetn
Thu Nov 14, 2024 1:07 pm
Forum: General
Topic: RB5009 and VLANs
Replies: 19
Views: 1163

Re: RB5009 and VLANs

I rarely start from a blank device since with some ROS versions default settings can change.
I mostly start from default config when setting up a new device or when doing a major overhaul (tip: enable "keep users" :D )
by holvoetn
Thu Nov 14, 2024 12:50 pm
Forum: General
Topic: RB5009 and VLANs
Replies: 19
Views: 1163

Re: RB5009 and VLANs

My way is to copy-paste blocks in terminal.
So you can see what response comes back (in case some typo was made or wrong command).

I never import scripts in total. Certainly not complete config.
by holvoetn
Thu Nov 14, 2024 12:48 pm
Forum: SwOS
Topic: RB260GS - Cannot reset to factory defaults [SOLVED]
Replies: 10
Views: 784

Re: RB260GS - Cannot reset to factory defaults [SOLVED]

:lol:

Thanks for letting us know anyhow 8)
by holvoetn
Thu Nov 14, 2024 10:21 am
Forum: SwOS
Topic: RB260GS - Cannot reset to factory defaults [SOLVED]
Replies: 10
Views: 784

Re: RB260GS - Cannot reset to factory defaults [SOLVED]

You don't happen to have a device which already has a default factory passwd ?
Check for sticker.
Open your web browser, the default IP management address is 192.168.88.1, with username: admin and no password (or, for some models, check user and wireless passwords on the sticker)
by holvoetn
Thu Nov 14, 2024 9:16 am
Forum: Beginner Basics
Topic: Change SSID in Winbox
Replies: 1
Views: 193

Re: Change SSID in Winbox

Nobody has a crystal ball ... unfortunately. So it's hard to tell without knowing what exactly you are trying to do. From the error message I firstly assumed you are creating a virtual/slave wireless/wifi interface, which always needs to be tied to a master interface. But that on itself is already s...
by holvoetn
Wed Nov 13, 2024 8:14 pm
Forum: Wireless Networking
Topic: wAP ax?
Replies: 246
Views: 28664

Re: wAP ax?

Old or new capsman are conceptually the same.
by holvoetn
Wed Nov 13, 2024 4:31 pm
Forum: General
Topic: RBmAPL-2nD admin access to ethernet
Replies: 10
Views: 537

Re: RBmAPL-2nD admin access to ethernet

Hmmm ... not if you want to use that same interface list later on to filter in a firewall rule ?
The aim is to drop wifi access but allow ethernet access.
by holvoetn
Wed Nov 13, 2024 3:51 pm
Forum: Beginner Basics
Topic: How to firewall when behind ISP modem
Replies: 13
Views: 700

Re: How to firewall when behind ISP modem

Yes, so what ?
I got no problems with that setup.
by holvoetn
Wed Nov 13, 2024 3:44 pm
Forum: Wireless Networking
Topic: Mikrotik disconnect problem
Replies: 5
Views: 461

Re: Mikrotik disconnect problem

In that case, you will have to provide a lot more info. What do you mean with "users" ? Disconnected how/when ? Anything visible in log files ? Config of your device ? Context in which the device is being used (network diagram may help, much easier then words and words and words ...) etc etc
by holvoetn
Wed Nov 13, 2024 3:04 pm
Forum: General
Topic: RBmAPL-2nD admin access to ethernet
Replies: 10
Views: 537

Re: RBmAPL-2nD admin access to ethernet

mAP was my very first Mikrotik, some years ago already. I still use it for quick setups left or right. I don't like spoon-feeding so I'll give you the raw steps to complete out of the top of my head (I didn't test this). Up to you to see if you can see why they are needed and how you are going to im...
by holvoetn
Wed Nov 13, 2024 2:13 pm
Forum: General
Topic: RB5009 and VLANs
Replies: 19
Views: 1163

Re: RB5009 and VLANs

I think it's default with recent v7 ... even if device actually doesn't support L3HW which makes this setting irrelevant. That setting doesn't even exist on the RB5009. That command won't execute at all. Correct. [xyz@RB5009_KT] /interface/ethernet/switch> print Columns: NAME, TYPE # NAME TYPE 0 sw...
by holvoetn
Wed Nov 13, 2024 1:58 pm
Forum: Beginner Basics
Topic: How to firewall when behind ISP modem
Replies: 13
Views: 700

Re: How to firewall when behind ISP modem

Is the default rule set a good starting point to allow me to expose my router and "not be hacked"? Simple answer: yes. And if you do not have any or very limited port forwarding on your ISP router towards that RB5009, chances are even slimmer that anything will happen. I have the same set...
by holvoetn
Wed Nov 13, 2024 1:31 pm
Forum: General
Topic: RB5009 and VLANs
Replies: 19
Views: 1163

Re: RB5009 and VLANs

Brief comments: # FIXME: Do I need to explicitly set this? # /interface/ethernet/switch set 0 l3-hw-offloading=yes No. Where did you get this from ? Certainly not from the VLAN guide... # FIXME: I've removed distance=1 from the line below, is that ok? /ip route add gateway=192.168.0.1 There will be ...
by holvoetn
Wed Nov 13, 2024 12:55 pm
Forum: Wireless Networking
Topic: wAP ax?
Replies: 246
Views: 28664

Re: wAP ax?

On a recent installation of 7 APs for a shop, I deliberately used cap AC (and square case, I like it a lot more then the round one) with wave2 drivers.
Cap AX was WAY too big there (and wAP AX wasn't released yet).
by holvoetn
Wed Nov 13, 2024 12:46 pm
Forum: Beginner Basics
Topic: cAP ac (RBcAPGi-5acD2nD)
Replies: 4
Views: 342

Re: cAP ac (RBcAPGi-5acD2nD)

1 screenshot tells us not that much. But ... from the looks of it you do not have any wireless interfaces. How did you move to ROS 7.16.1 on that device ? I guess you simply downloaded arm NPK from website and used it to upgrade ? In that case you don't have the wireless drivers (needed as from 7.13...
by holvoetn
Wed Nov 13, 2024 12:42 pm
Forum: General
Topic: RB5009 and VLANs
Replies: 19
Views: 1163

Re: RB5009 and VLANs

Quick comments:

few are going to follow config files on external locations.
Best to post here in between [code] [/code] quotes.

0-8 = 9 ports. RB5009 only has 8 ether ports. Unless you are also going to use SFP ?
by holvoetn
Wed Nov 13, 2024 12:25 pm
Forum: General
Topic: RBmAPL-2nD admin access to ethernet
Replies: 10
Views: 537

Re: RBmAPL-2nD admin access to ethernet

You missed this sentence:
If your mAP is completely within your own network, then you can open that gate with little problems.
And you did not answer this one.
But if that device is a true AP, why the different subnets ?
by holvoetn
Wed Nov 13, 2024 12:16 pm
Forum: General
Topic: RBmAPL-2nD admin access to ethernet
Replies: 10
Views: 537

Re: RBmAPL-2nD admin access to ethernet

It might be as simple as allowing input to Winbox port coming from ether1 but be careful there ... because if that device ether1 is actually connected to the Big Wide Web, then you open Winbox access for anyone having fun with password cracking tools. And they WILL get in, the only question is "...
by holvoetn
Wed Nov 13, 2024 11:02 am
Forum: Beginner Basics
Topic: cAP ac (RBcAPGi-5acD2nD)
Replies: 4
Views: 342

Re: cAP ac (RBcAPGi-5acD2nD)

Are you sure the wifi channel used after reset is not one subject to Radar detection ? It can take up to 10 minutes before it comes visible.
by holvoetn
Wed Nov 13, 2024 9:35 am
Forum: General
Topic: Routeros V7.15.3 randomly deleted users once a day.
Replies: 16
Views: 957

Re: Routeros V7.15.3 randomly deleted users once a day.

Also check how much free space is on flash storage ... You didn't mention device model but some devices have tiny flash storage (16MB or even a bit less) and depending on amount of packages installed and complexity of configuration it may run out of space, which may cause ROS to loose configuration...
by holvoetn
Wed Nov 13, 2024 8:50 am
Forum: Wireless Networking
Topic: wAP ax?
Replies: 246
Views: 28664

Re: wAP ax?

I replaced AX3 with wAP AX in my office / lab setup.
It's a lot more discreet and I wasn't using any of the other ether ports on that AX3.

Haven't used fixed ethernet cable anymore for my laptop since then 8)
by holvoetn
Wed Nov 13, 2024 8:05 am
Forum: Beginner Basics
Topic: capsman on L009UiGS-RM
Replies: 2
Views: 233

Re: capsman on L009UiGS-RM

Nothing to be done as of 7.13.

All hooks are there for any device to act as capsman controller for wave2 radios.
by holvoetn
Tue Nov 12, 2024 10:51 am
Forum: Beginner Basics
Topic: Set Up problem
Replies: 6
Views: 566

Re: Set Up problem

Also don't forget, netinstall needs to be run in admin mode on Windows.
by holvoetn
Mon Nov 11, 2024 2:55 pm
Forum: Beginner Basics
Topic: Part of my network does not have access to google.com
Replies: 38
Views: 1589

Re: Part of my network does not have access to google.com

The network config does not look very good, everything is on the same bridge.
FWIW that is in most cases the advised way to setup things.
One bridge only.
by holvoetn
Mon Nov 11, 2024 1:20 pm
Forum: Wireless Networking
Topic: Mikrotik disconnect problem
Replies: 5
Views: 461

Re: Mikrotik disconnect problem

Link to external site removed.
Please attach directly + clarify model type.
by holvoetn
Mon Nov 11, 2024 12:12 pm
Forum: Beginner Basics
Topic: Hardware compatibility issue
Replies: 1
Views: 250

Re: Hardware compatibility issue

Can not comment on XQ+CM0000-XS but be advised S+RJ10 is known to get really hot.
You can not place them side by side nor top to bottom so you would loose about half your SFP-ports.
by holvoetn
Mon Nov 11, 2024 11:03 am
Forum: Wireless Networking
Topic: wAP ax?
Replies: 246
Views: 28664

Re: wAP ax?

Support confirmed: is due to different chipset and it is not going to change.

So another thing to keep in mind when users complain about radio not functioning if wrong one got the wrong settings.
by holvoetn
Sun Nov 10, 2024 6:11 pm
Forum: General
Topic: Datasheet for new improved hEX?
Replies: 66
Views: 7014

Re: Datasheet for new improved hEX?

In tool profile it shows cpu0/2/3/3.
by holvoetn
Sun Nov 10, 2024 5:01 pm
Forum: General
Topic: Block anydesk/teamviewer [SOLVED]
Replies: 14
Views: 5290

Re: Block anydesk/teamviewer [SOLVED]

As indicated above, you can not simply block it using Tik HW.
by holvoetn
Sun Nov 10, 2024 4:49 pm
Forum: General
Topic: Datasheet for new improved hEX?
Replies: 66
Views: 7014

Re: Datasheet for new improved hEX?

Some rudimentary tests ... Setup: PC connected to HEX under test (old or new) -> ISP modem -> RB5009 Iperf test from PC to iperf container on RB5009 IPSEC over GRE (easiest to setup) Old Hex: 154Mb down / 60.6 up (I did notice in the process tree a line called mt7621crypto) New Hex, WAN on ether1: 6...
by holvoetn
Sun Nov 10, 2024 4:34 pm
Forum: General
Topic: Datasheet for new improved hEX?
Replies: 66
Views: 7014

Re: Datasheet for new improved hEX?

A ARM64 CPU run at 32bit mode?
Exactly same as AX Lite.
Also 64-bit cpu running in 32-bit mode.
by holvoetn
Sun Nov 10, 2024 1:19 pm
Forum: Beginner Basics
Topic: Configuring wireless on wAP R from zero
Replies: 15
Views: 929

Re: Configuring wireless on wAP R from zero

There have been recent ROS versions where one of the prerequisites was the routerboard version needed to be upgraded as well ( or at least be a certain version). No ? Staying aligned makes sure there will be no conflict for that part. Mkx: I do recall some post from you stating esp. on ROS6 routerbo...
by holvoetn
Sun Nov 10, 2024 11:06 am
Forum: General
Topic: Datasheet for new improved hEX?
Replies: 66
Views: 7014

Re: Datasheet for new improved hEX?

Then why are ipsec features listed as being tied to mt7621 on MT Help pages related to IPSEC ?
That's the main reason for my assumption. You may still be correct with your assessment, though.

If I find some time today, I may setup some tests between rb5009 and both hex models to see what happens.
by holvoetn
Sun Nov 10, 2024 9:12 am
Forum: RouterBOARD hardware
Topic: Help in choosing a Mikrotik router
Replies: 4
Views: 917

Re: Help in choosing a Mikrotik router

It all depends on the requirements and apart from VPN using Wireguard or IPSEC, none have been given. For both VPN options, all MT devices can do this (ROS7). Wireguard is always a SW solution. Some devices can use HW offload for IPSEC (depending on used encryption method). But even then some router...
by holvoetn
Sun Nov 10, 2024 7:44 am
Forum: General
Topic: ZeroTier Version Upgrade
Replies: 12
Views: 2098

Re: ZeroTier Version Upgrade

Ask support.
They are the only ones able to answer that question.
Please let us know if you get a response :D

And no, you can not upgrade yourself.
by holvoetn
Sun Nov 10, 2024 7:37 am
Forum: Beginner Basics
Topic: Configuring wireless on wAP R from zero
Replies: 15
Views: 929

Re: Configuring wireless on wAP R from zero

There is a difference on setting auto-upgrade to yes for routerboard (=FW) and doing auto-upgrade for ROS. Last one: big no-no ! Your explanation 100% applies there. First one: I haven't yet seen a case where it caused troubles to keep Routerboard and ROS at the same level. Have you ? The only thing...
by holvoetn
Sun Nov 10, 2024 7:29 am
Forum: General
Topic: Datasheet for new improved hEX?
Replies: 66
Views: 7014

Re: Datasheet for new improved hEX?

One rationale I can think of: for the primary use of old Hex, meaning router towards ISP device with maximum speed of 500-600Mbps, this is effectively an upgrade. It has dual core ARM now (which allows things like zerotier etc to be used), more memory, more storage, and all other ports are now nicel...
by holvoetn
Sat Nov 09, 2024 11:14 pm
Forum: Beginner Basics
Topic: Trying to wrap my head around VLANs
Replies: 17
Views: 1555

Re: Trying to wrap my head around VLANs

You'll die in 2 days then... :lol:

(PS same here 8) )
by holvoetn
Sat Nov 09, 2024 11:00 pm
Forum: Beginner Basics
Topic: Set Up problem
Replies: 6
Views: 566

Re: Set Up problem

Since this is about a second hand device: Netinstall might be your best option.
Then you are sure there is nothing left behind, intentionally or by accident.
by holvoetn
Sat Nov 09, 2024 4:31 pm
Forum: RouterBOARD hardware
Topic: RB3011 really broken?
Replies: 8
Views: 555

Re: RB3011 really broken?

Sorry ... :?

< back to my corner ...>
by holvoetn
Sat Nov 09, 2024 4:30 pm
Forum: General
Topic: Datasheet for new improved hEX?
Replies: 66
Views: 7014

Re: Datasheet for new improved hEX?

Old Hex was already odd with its dual bus setup but what they did here is not really logical.
Hopefully there is some logic somewhere but I fail to see it.

For me no biggie, I have at least 1 device in my office/lab environment still happy with 100Mb.
by holvoetn
Sat Nov 09, 2024 4:15 pm
Forum: RouterBOARD hardware
Topic: RB3011 really broken?
Replies: 8
Views: 555

Re: RB3011 really broken?

Isn't that the same display which can cause performance problems ??
by holvoetn
Sat Nov 09, 2024 4:03 pm
Forum: General
Topic: Datasheet for new improved hEX?
Replies: 66
Views: 7014

Re: Datasheet for new improved hEX?

OK Iperf from PC towards RB5009-iperf-container (to be sure wifi is not the bottle neck) PC connected to ether1 on Hex Refresh, set as access port VLAN2: speeds peaking sometimes towards 500-600Mbps but rarely more, average 363 Mbps. CPU around 20% PC connected to ether4 on Hex Refresh, set as acces...
by holvoetn
Sat Nov 09, 2024 12:36 pm
Forum: RouterBOARD hardware
Topic: RB3011 really broken?
Replies: 8
Views: 555

Re: RB3011 really broken?

Might not be so easy to do yourself but AFAIK there should be some repair shops offering such service.

Ask for an offer and then evaluate if it's worth the cost or go immediately for brand new shiny RB5009 :lol:
by holvoetn
Sat Nov 09, 2024 9:23 am
Forum: Beginner Basics
Topic: WAN and LAN through the same cable ?
Replies: 2
Views: 959

Re: WAN and LAN through the same cable ?

Sure, why not ?
You simply need to clearly identify what traffic goes over which VLAN and then it's a normal VLAN setup.
by holvoetn
Sat Nov 09, 2024 8:36 am
Forum: RouterBOARD hardware
Topic: RB 3011
Replies: 2
Views: 296

Re: RB 3011

Hard to tell without a crystal ball.

We need to see your config.
by holvoetn
Sat Nov 09, 2024 7:56 am
Forum: General
Topic: Datasheet for new improved hEX?
Replies: 66
Views: 7014

Re: Datasheet for new improved hEX?

Just reran some tests. While traffic testing and pushing about 1Gbps (laptop to wAP AX , UDP, over Wifi) , cpu on Hex Refresh was 0 to 1%. All ports have H indicator except for ether1 (which is to be expected with the new HW config). I swapped the Refresh for the old Hex I have at my desk. I used et...
by holvoetn
Fri Nov 08, 2024 11:52 pm
Forum: General
Topic: Datasheet for new improved hEX?
Replies: 66
Views: 7014

Re: Datasheet for new improved hEX?

Did some testing earlier, mainly to test wap ax but it was connected via vlan to hex refresh and then rb5009. Pushed little over 900mbps via wifi, across that hex and it wasn't even sweating. So vlan hw offloading must be operational already. I think ... Have to run those tests again and check param...
by holvoetn
Fri Nov 08, 2024 11:20 pm
Forum: General
Topic: Datasheet for new improved hEX?
Replies: 66
Views: 7014

Re: Datasheet for new improved hEX?

It's effectively the case. MT7621 is being listed as switch chip. > system/routerboard/print routerboard: yes board-name: hEX model: E50UG serial-number: blabla firmware-type: en7562 factory-firmware: 7.15.3 current-firmware: 7.17beta4 upgrade-firmware: 7.17beta4
by holvoetn
Fri Nov 08, 2024 8:45 pm
Forum: Wireless Networking
Topic: wAP ax?
Replies: 246
Views: 28664

Re: wAP ax?

I was indeed referring to renaming the interfaces, bad wording from my side. And yes, I'm also thinking we simply may have to live with it. Anyhow, I launched a support ticket, we'll see what they say about it if they consider changing it or not. A "No" I already have, a "yes" I ...
by holvoetn
Fri Nov 08, 2024 7:57 pm
Forum: Announcements
Topic: v7.17beta [testing] is released!
Replies: 773
Views: 156193

Re: v7.17beta [testing] is released!

I believe he just upgraded to latest beta without checking what the impact would be and only learned of this change after. This particular case is a user problem not system problem. I know quite well what I'm doing and why I'm doing it. Starting from ROS7 I think I haven't missed testing a single b...
by holvoetn
Fri Nov 08, 2024 7:17 pm
Forum: Announcements
Topic: v7.17beta [testing] is released!
Replies: 773
Views: 156193

Re: v7.17beta [testing] is released!

Hence why I post here.
Device mode advanced should still result in routerboard settings to be disabled at first.
It wasn't.
by holvoetn
Fri Nov 08, 2024 6:51 pm
Forum: Wireless Networking
Topic: wAP ax?
Replies: 246
Views: 28664

Re: wAP ax?

When you have the chance please test if the load is distributed across multiple CPU cores

thank you
From what I can see, it is.
Not equally distributed (sometimes up to 10% difference) but it is effectively being distributed.
by holvoetn
Fri Nov 08, 2024 6:30 pm
Forum: Wireless Networking
Topic: wAP ax?
Replies: 246
Views: 28664

Re: wAP ax?

Plus note ... It effectively does use 160MHz channel. AX211 card in my laptop can use it just fine. Did some rudimentary testing from laptop (using Btest windows app) over wap AX over Hex Refresh (yes, got me that too to play with) towards RB5009. I saw speeds around and just over 900Mbps on downloa...
by holvoetn
Fri Nov 08, 2024 6:27 pm
Forum: Announcements
Topic: v7.17beta [testing] is released!
Replies: 773
Views: 156193

Re: v7.17beta [testing] is released!

Both my wAP AX's where supplied with 7.15.x.
Previous poster omitted the fact I did an upgrade in between unpacking and noticing this "challenge" :lol:
by holvoetn
Fri Nov 08, 2024 6:24 pm
Forum: Wireless Networking
Topic: wAP ax?
Replies: 246
Views: 28664

Re: wAP ax?

I get the explanation (and already suspected as such) but setting the order of those interfaces is something which is done by startup script. It was already a mess when they changed from legacy to AX and now it has changed again within AX. Double mess. Search this place when initial AX devices came ...
by holvoetn
Fri Nov 08, 2024 3:38 pm
Forum: Wireless Networking
Topic: wAP ax?
Replies: 246
Views: 28664

Re: wAP ax?

Related to wap ax ... anyone noticed the order of wifi1/2 has been changed ... AGAIN ?? Wifi1 = 2Ghz Wifi2 = 5Ghz extract from defconf: /interface wifi { :local ifcId [/interface wifi find where default-name=wifi1] set $ifcId configuration.mode=ap channel.band=2ghz-ax disabled=no set $ifcId channel....
by holvoetn
Fri Nov 08, 2024 3:04 pm
Forum: Announcements
Topic: v7.17beta [testing] is released!
Replies: 773
Views: 156193

Re: v7.17beta [testing] is released!

Just unpacked a new wAP AX. First thing I did (after setting new user and passwd) was upgrade to testing 7.17b4 (it's a home device for experimenting first). Then I wanted to upgrade routerboard settings to auto-upgrade and I can not. Blocked by device settings. I know how to solve this but this mea...
  • 1
  • 2
  • 3
  • 4
  • 5
  • 24