Community discussions

MikroTik App

Search found 100 matches

by Simonej
Thu May 09, 2024 10:00 pm
Forum: Wireless Networking
Topic: Very bad wifi performance in new HAP ax3
Replies: 22
Views: 2004

Re: Very bad wifi performance in new HAP ax3

@robmaltsystems thanks for sharing your research, I also had my AP stuck with frequency 5500 due to DFS, sounds like a bug to me.
by Simonej
Thu May 09, 2024 9:58 pm
Forum: Wireless Networking
Topic: Audience mesh on RouterOS 7
Replies: 5
Views: 672

Re: Audience mesh on RouterOS 7

Hi, I just managed to have 2x Audience with Caps man enabled, working better than expected!
Use wifi1&2 as standard AP mode (till 2 Wi-Fi networks you can have roaming enabled as CAPs and VLAN), wifi3 as AP + bridge.
If you need help I can share my config.
by Simonej
Tue May 07, 2024 9:10 pm
Forum: Useful user articles
Topic: mDNS between VLANs with just bridge filters - Look Mum, no containers!
Replies: 50
Views: 9490

Re: mDNS between VLANs with just bridge filters - Look Mum, no containers!

This comment above should be pasted on every mDNS related topic.
by Simonej
Mon Feb 26, 2024 12:03 pm
Forum: Announcements
Topic: v7.13.5 [stable] is released!
Replies: 909
Views: 272887

Re: v7.13.5 [stable] is released!

Still waiting on the NAT-PMP docs ...
https://help.mikrotik.com/docs/display/ROS/NAT-PMP
+
https://help.mikrotik.com/docs/display/ROS/Services
5350/udp NAT-PMP client
5351/udp NAT-PMP server
by Simonej
Thu Feb 15, 2024 9:34 pm
Forum: Virtualization
Topic: HowTo: install MikroTik CHR on Proxmox - FULL setup step by step.
Replies: 4
Views: 3662

Re: HowTo: install MikroTik CHR on Proxmox - FULL setup step by step.

Thanks for the interesting video, fully understandable with your English, writing a single sentence is always easier than a full live recording 👍
by Simonej
Mon Jan 15, 2024 3:54 pm
Forum: Announcements
Topic: v7.13.5 [stable] is released!
Replies: 909
Views: 272887

Re: v7.13.2 [stable] is released!

@Maggiore81, don't know if this fit your case but, I'm using a basic script to create ROS backups and I was scared too when read *) console - replace reserved characters in file and script names with underscores with v7.14beta4 { :local Identity [/system identity get name] /system backup save dont-e...
by Simonej
Sun Jan 14, 2024 3:36 pm
Forum: Announcements
Topic: v7.13.5 [stable] is released!
Replies: 909
Views: 272887

Re: v7.13.1 [stable] is released!

I have issues with the backup script. I made an export then upload via FTP. 7.12.1 works, from 7.13 no. The script is described here: https://forum.mikrotik.com/viewtopic.php?p=1048251 I may be wrong but noticed that now terminal is replacing spaces with _ , MT likes us to discover “fun” changes be...
by Simonej
Wed Dec 27, 2023 6:04 pm
Forum: RouterOS beta
Topic: VRF and hidden interfaces
Replies: 6
Views: 5260

Re: VRF and hidden interfaces

Interesting... thanks for sharing!

OT: (from an old post)
If MikroTik didn't hide loopback interface for no good reason (we know it's there!)...
RouterOS version 7.14beta:
*) system - expose "lo" interface;
by Simonej
Wed Dec 27, 2023 1:25 am
Forum: Announcements
Topic: v7.13.5 [stable] is released!
Replies: 909
Views: 272887

Re: v7.13 [stable] is released!

Maybe management-protection=disabled ?
Other parameters that I found are causing troubles between old devices and new drivers; connect-group, connect-priority, disable-pmkid
by Simonej
Tue Dec 19, 2023 12:39 pm
Forum: Announcements
Topic: v7.13.5 [stable] is released!
Replies: 909
Views: 272887

Re: v7.13 [stable] is released!

scripts that include the fetch command for telegram
user policy "ftp" is enabled?
by Simonej
Mon Dec 18, 2023 7:15 pm
Forum: Announcements
Topic: v7.13.5 [stable] is released!
Replies: 909
Views: 272887

Re: v7.13 [stable] is released!

*) fetch - require "ftp" user policy;
is policy=ftp necessary in any script now to use Fetch (also when mode=http/s) or just when mode=ftp is used?
by Simonej
Fri Dec 15, 2023 3:18 pm
Forum: Announcements
Topic: v7.13.5 [stable] is released!
Replies: 909
Views: 272887

Re: v7.13 [stable] is released!

We have a script that triggers on boot and fetches a few files from our provisioning servers (Basic auth and HTTPS).
fetch - require "ftp" user policy;
by Simonej
Tue Nov 21, 2023 9:22 pm
Forum: Announcements
Topic: v7.13beta [testing] is released!
Replies: 467
Views: 95367

Re: v7.13beta [testing] is released!

Based on my tests, nothing is changed from when CAPsMANv2 was introduced, we can understand about the VLAN "passtrough" limitation, they should fix at least the interface naming change to allow us to create a script to fix the VLAN assignment or make the slaves provision profile to obtain ...
by Simonej
Tue Nov 21, 2023 4:54 pm
Forum: Announcements
Topic: v7.13beta [testing] is released!
Replies: 467
Views: 95367

Re: v7.13beta [testing] is released!

Maybe create static interfaces instead of dynamic
by Simonej
Tue Nov 21, 2023 4:10 pm
Forum: Announcements
Topic: v7.13beta [testing] is released!
Replies: 467
Views: 95367

Re: v7.13beta [testing] is released!

@BrateloSlava, there is no evidence on your post about Datapath and in case VLANs are involved with AC devices, only one Wi-Fi network is allow to use. My workaround consist in having the AP configured in standalone mode with interfaces assigned to the bridge, VLAN-ID + configuration.manager=capsman...
by Simonej
Mon Nov 13, 2023 5:25 pm
Forum: Announcements
Topic: v7.13beta [testing] is released!
Replies: 467
Views: 95367

Re: v7.13beta [testing] is released!

- I believe @DanMos79 is asking for an alternative DIY wireless card compatible with WifiWave2 drivers for RB4011, if available in the market. - Just a confirmation, if I update from 7.12 to 7.13 an hAP ac2 with old Wireless driver, will have the new "wireless-7.13...-arm" package installe...
by Simonej
Mon Oct 02, 2023 1:26 pm
Forum: Scripting
Topic: Script to update RouterOS after X days of release
Replies: 51
Views: 9525

Re: Script to update RouterOS after X days of release

I had an easy scheduled script every 30 days; /system package update check-for-updates once :if ([get status] = "New version is available") do={ - backup - then "install" instead of making things complicated and updating X days after release date, I'll be more concerned to not up...
by Simonej
Wed Sep 13, 2023 9:07 pm
Forum: Announcements
Topic: v7.12beta [testing] is released!
Replies: 263
Views: 127349

Re: v7.12beta [testing] is released!

@yottabit this is little bit OT but, MT is pushing hard on Wifiwave2, like station-bridge was unexpected implementation, it's clear from a long time that legacy and new driver are incompatible (or they don't have enough resources to make it working). Based on my recent experience, wireless devices a...
by Simonej
Wed Sep 13, 2023 4:12 pm
Forum: Announcements
Topic: v7.12beta [testing] is released!
Replies: 263
Views: 127349

Re: v7.12beta [testing] is released!

What's new in 7.12beta7 (2023-Sep-13 09:58):

*) wifiwave2 - added station-bridge interface mode (CLI only);
OMG!!!
by Simonej
Fri Sep 08, 2023 4:03 pm
Forum: Announcements
Topic: Newsletter #114 | September 2023
Replies: 72
Views: 16049

Re: Newsletter #114 | September 2023

SXT doesn’t have gain information on the product page. The inclusion of B28 is nice, but I suspect the unit still uses the original antennas which are next to useless for B28.
Still only have 100Mbps Ethernet ports.
https://mikrotik.com/product/sxt_lte6_2023
by Simonej
Fri Sep 08, 2023 1:23 pm
Forum: Announcements
Topic: v7.11.2 [stable] is released!
Replies: 348
Views: 167641

Re: v7.11.2 [stable] are released!

I do not see why 7.11.2 is not mention in the title. "and more" what is that. As it is now, its hard to see what is the latest release while visiting the forum. Please add 7.11.2 to the title of the tread.
Sometimes MT staff listen user suggestions :)
by Simonej
Mon Aug 28, 2023 11:06 am
Forum: General
Topic: Netwatch, how to run script after XX attempts
Replies: 9
Views: 3813

Re: Netwatch, how to run script after XX attempts

I didn't understood what you're trying to achieve... Tuning Watchdog seems to be enough for delay the reboot, or if you want fine-tuning with Netwatch you could check an host, when down with a script, checking another IP, if not reachable your AP will reboot, you can also add the :delay
by Simonej
Mon Aug 28, 2023 10:56 am
Forum: Useful user articles
Topic: DNS over https (DOH) with quad9
Replies: 8
Views: 20395

Re: DNS over https (DOH) with quad9

This is the script I use for quad9: { :do { /ip dns set servers=9.9.9.9,149.112.112.112 use-doh-server="https://dns.quad9.net/dns-query" /tool fetch url="https://support.quad9.net/hc/en-us/article_attachments/4618235579021/digicert-root-ca.pem" dst-path="digicert-root-ca.pem...
by Simonej
Fri Aug 25, 2023 3:36 pm
Forum: General
Topic: Netwatch, how to run script after XX attempts
Replies: 9
Views: 3813

Re: Netwatch, how to run script after XX attempts

Not sure if related but, this is what I have in Netwatch: :if ([/ping 1.1.1.1 count=1 interval=1 as-value]->"ttl") do={ :log ... } else={ :log ... .... } or :if ([/ping [/ip route get [find comment~"..."] gateway] count=1 interval=1 as-value]->"status"="timeout&quo...
by Simonej
Mon Aug 07, 2023 10:07 pm
Forum: Announcements
Topic: v7.11rc is released!
Replies: 195
Views: 50395

Re: v7.11rc is released!

@MTStaff
could you please expain
*) wifiwave2 - changed default behavior for handling duplicate client MAC addresses, added settings for changing it (CLI only);
EDIT: is security.connect-group + connect-priority ?
by Simonej
Mon Aug 07, 2023 9:43 pm
Forum: General
Topic: DNS over HTTPS
Replies: 258
Views: 123351

Re: DNS over HTTPS

At the end when I tried to use config for NextDNS, my "Free HDD space" went to 0. These certificates occupied all my free space (1000KB, AC2, ROS 7.10.2 )!!! This is what I'm using to "clean" certificates for NextDNS: /tool fetch url="https://curl.se/ca/cacert.pem" dst...
by Simonej
Mon Aug 07, 2023 8:14 pm
Forum: Wireless Networking
Topic: support for 802.11r
Replies: 52
Views: 12402

Re: support for 802.11r

/interface wifiwave2 set [find] rrm=no wnm=no
or
/interface wifiwave2 steering set [find] rrm=no wnm=no
by Simonej
Thu Aug 03, 2023 10:14 am
Forum: Virtualization
Topic: Request RTL8215B 2.5G interface Support ( PCI passthrough )
Replies: 1
Views: 2172

Re: Request RTL8215B 2.5G interface Support ( PCI passthrough )

Maybe this can help:
connect adapter to router, generate supout.rif file and send it to support@mikrotik.com with brief explanation. After that we can add it to RouterOS
viewtopic.php?p=1015420
by Simonej
Tue Jul 18, 2023 10:14 am
Forum: Announcements
Topic: v7.11beta [testing] is released!
Replies: 373
Views: 108693

Re: v7.11beta [testing] is released!

We'll update the documentation shortly.
Thanks, waiting for it.
Is always CAPsMAN + ft=yes required for a device to roam between APs?
by Simonej
Tue Jul 18, 2023 9:42 am
Forum: Announcements
Topic: v7.11beta [testing] is released!
Replies: 373
Views: 108693

Re: v7.11beta [testing] is released!

@FToms,
/interface wifiwave2 configuration set  rrm=yes
is not working anymore, any info about the new "steering" options?
/interface wifiwave2 steering add neighbor-group     rrm     wnm   
by Simonej
Mon Jul 17, 2023 1:26 pm
Forum: Announcements
Topic: v7.11beta [testing] is released!
Replies: 373
Views: 108693

Re: v7.11beta [testing] is released!

@Guntis,
/interface wifiwave2 configuration set  rrm=yes
is not working anymore, any info about the new "steering" options?
/interface wifiwave2 steering add neighbor-group     rrm     wnm   
by Simonej
Mon Jul 10, 2023 10:55 am
Forum: Announcements
Topic: v7.11beta [testing] is released!
Replies: 373
Views: 108693

Re: v7.11beta [testing] is released!

Once is detected speed 1G and once 100M with the same device.
Hi, I would not bother support for this if this happens when not using the device, I had the same behaviour on some PCs, it's ethernet going in low power mode, maybe check ErP setting in BIOS.
by Simonej
Mon Jun 19, 2023 12:44 pm
Forum: Wireless Networking
Topic: Is roaming better with campsman?
Replies: 18
Views: 4374

Re: Is roaming better with campsman?

We are probably trying to achieve the same goal... have FT over DS working
by Simonej
Sun Jun 18, 2023 10:56 pm
Forum: Wireless Networking
Topic: Is roaming better with campsman?
Replies: 18
Views: 4374

Re: Is roaming better with campsman?

There is no real advantage and probably is not suggested, it's just because APs are working with no issue (except for all the recent troubles that we are all fighting with) and I'm only interested in 802.11r (Roaming).
I'm collecting info from my tests that will be reported in a post.
by Simonej
Sun Jun 18, 2023 10:41 pm
Forum: Wireless Networking
Topic: Is roaming better with campsman?
Replies: 18
Views: 4374

Re: Is roaming better with campsman?

In my case are 2/3 APs configured as "stand-alone" with all the settings.
No need to distribute the provisioned configuration.
by Simonej
Sun Jun 18, 2023 10:14 pm
Forum: Wireless Networking
Topic: Is roaming better with campsman?
Replies: 18
Views: 4374

Re: Is roaming better with campsman?

Could you please share more information? Actually what I'm testing is: 1) on Router: /interface wifiwave2 capsman set ca-certificate=auto certificate=auto interfaces=(Bridge or Management VLAN) require-peer-certificate=no upgrade-policy=(none or suggest-same-version) enabled=yes 2) on APs: /interfa...
by Simonej
Sun Jun 18, 2023 5:45 pm
Forum: Wireless Networking
Topic: Is roaming better with campsman?
Replies: 18
Views: 4374

Re: Is roaming better with campsman?

Hi @Rox169, I'm testing something that may be useful for you (if works), CAPsMAN without provisioning, just for Fast Transition.
Still dealing with support waiting some answers.

At the moment goal not reached but could be ROS7.10...
by Simonej
Wed Jun 07, 2023 3:10 pm
Forum: Announcements
Topic: v7.10rc is released!
Replies: 183
Views: 54854

Re: v7.10rc is released!

Related to the @holvoetn question, it would be nice to receive a clear statement about the Wi-Fi issues. About my specific case, I'm using AC devices updated to v7.10rc3 and still affected by those issues: - ...rejected, can't find PMKSA. - ...rejected, FT: PMKID in Reassoc Req did not match with th...
by Simonej
Tue May 30, 2023 9:35 pm
Forum: Announcements
Topic: v7.9.1 [stable] is released!
Replies: 59
Views: 18822

Re: v7.9.1 [stable] is released!

Hello, is anyone having issues connecting iOS 16.5 devices to AC Wifiwave2 AP? Android phones are working.
I'm aware of troubles with MT AX WiFi but never had problems in the last few weeks using 7.8 and 7.9 (only AC APs).
Reboot is not helping.
Sending supout to support right now.
by Simonej
Tue May 09, 2023 9:18 pm
Forum: Announcements
Topic: v7.9 [stable] is released!
Replies: 242
Views: 56454

Re: v7.9 [stable] is released!

@nannou9, if you are affected by the same problem I have, bridge hardware offload on devices with 2 switch chips, you need to disable HW offloading then reboot. On RB4011 series SFP+ port is always working. I was fooled by MSTP but not related. Just received confirmation that v7.10 beta "will&q...
by Simonej
Sun May 07, 2023 6:20 am
Forum: Announcements
Topic: v7.9 [stable] is released!
Replies: 242
Views: 56454

Re: v7.9 [stable] is released!

Just a reminder, v7.9 is still affected with the bug from v7.8 on Bridge Hardware Offloading on devices with multiple switch chips (like RB4011 series). https://forum.mikrotik.com/viewtopic.php?p=989794#p989794 Ticket is closed and fix should be released in the next version. in the meantime Support ...
by Simonej
Sat May 06, 2023 2:59 am
Forum: Beginner Basics
Topic: DHCP offering lease [ip] for [mac] without success [SOLVED]
Replies: 17
Views: 6281

Re: DHCP offering lease [ip] for [mac] without success [SOLVED]

Don't know if this is the same case, but I too have received a lot of similar logs.
Are you using v7.9? It should have improved the situation.
by Simonej
Thu Apr 06, 2023 9:21 pm
Forum: Announcements
Topic: v7.9rc is released!
Replies: 253
Views: 77544

Re: v7.9rc is released!

Send this link to support...............
viewtopic.php?t=194993#p993491
@rextended is this related to the WiFi error that happens on Audience with wifiwave2 confirmed also by @mkx?
I already sent your post months ago to support (was a different post maybe from v7.4).
by Simonej
Thu Mar 30, 2023 9:30 pm
Forum: Announcements
Topic: v7.8 [stable] is released!
Replies: 425
Views: 142599

Re: v7.8 [stable] is released!

In my case, the SFP port is working well due to not being connected to the switch. Coming from v7.7, everything was fine. Make a few reboots and good luck! Issue confirmed by Support, SUP-110494; ...it seems to be related to bridge HW offloading for devices with multiple switch chips, and it seems ...
by Simonej
Wed Mar 29, 2023 5:30 pm
Forum: Announcements
Topic: v7.8 [stable] is released!
Replies: 425
Views: 142599

Re: v7.8 [stable] is released!

from v7.8 changelog: *) bridge - improved HW offloading logic; as reported few posts before, I was fooled by the change of protocol-mode from MSTP to None, this worked but it was a strange behaviour. Already lost some days of headache on this, ended enabling IGMP-Snoppimg on bridge (not related with...
by Simonej
Wed Mar 29, 2023 4:22 pm
Forum: Announcements
Topic: v7.8 [stable] is released!
Replies: 425
Views: 142599

Re: v7.8 [stable] is released!

Lucky you @pe1chl, it's verified on two different devices with similar config., dealing with support for assistance, hope it's my fault, had an entire company blocked due to this issue.
by Simonej
Wed Mar 29, 2023 12:44 pm
Forum: Announcements
Topic: v7.8 [stable] is released!
Replies: 425
Views: 142599

Re: v7.8 [stable] is released!

@Lojza007 with RB4011 I'm having a similar issue, in my case is related to Hardware Offload and is "partially solved" with hw=no on the Bridge Ports or completely disabling it. Another test suggested is to disable ports on Switch 2. In my case, the SFP port is working well due to not being...
by Simonej
Sun Mar 26, 2023 4:09 am
Forum: Announcements
Topic: v7.8 [stable] is released!
Replies: 425
Views: 142599

Re: v7.8 [stable] is released!

Is anyone having problems with devices unable to get the local IP using RB4011 (RTL8367) from v7.8?
With v7.7 everything worked well, no config changes after the update to v.7.8, solved disabling Bridge Hardware Offload.
Already wrote to support and spent a couple of days also doing Netinstall.
by Simonej
Fri Mar 24, 2023 7:15 pm
Forum: Announcements
Topic: v7.9beta [testing] is released!
Replies: 118
Views: 27305

Re: v7.9beta [testing] is released!

@osc86, sae-pwe=hash-to-element | hunting-and-pecking always had problems with this.
by Simonej
Wed Mar 15, 2023 1:17 am
Forum: Announcements
Topic: v7.8 [stable] is released!
Replies: 425
Views: 142599

Re: v7.8 [stable] is released!

I have problem with:
board-name: RB1100AHx4...
Are you using Spanning Tree protocol on the bridge?
by Simonej
Tue Mar 14, 2023 9:01 pm
Forum: General
Topic: Possible bridge problem with v7.8?
Replies: 8
Views: 1832

Re: Possible bridge problem with v7.8?

Thanks @sirbryan for clarification, waiting for support to know if mine is a bug.
Are you using MSTP on your devices? Or RSTP?

Using the extracted config to test with other devices and are working as expected.
by Simonej
Tue Mar 14, 2023 4:15 am
Forum: General
Topic: Possible bridge problem with v7.8?
Replies: 8
Views: 1832

Re: Possible bridge problem with v7.8?

Nice catch @un9edsda! I can be wrong, the link is for "...set up VLAN filtering (by using the /interface ethernet switch menu)", I used different approach and from what I remember bridge was offloaded, ports also. It's curious how the first device worked for a long time and why disabling M...
by Simonej
Mon Mar 13, 2023 8:17 pm
Forum: Announcements
Topic: v7.8 [stable] is released!
Replies: 425
Views: 142599

Re: v7.8 [stable] is released!

Is anyone having problems with protocol-mode=mstp in RB4011 devices?
viewtopic.php?p=989794
by Simonej
Mon Mar 13, 2023 6:15 pm
Forum: General
Topic: Possible bridge problem with v7.8?
Replies: 8
Views: 1832

Re: Possible bridge problem with v7.8?

Right, I'll post more details later, in the meantime network diagram is very basic; 1) RB4011 Wi-Fi version with 3 VLANs -> TP-Link switch connected to ethernet4 (Access port). This device worked for more than a year with updates from 7.1 to 7.7 . 2) RB4011 with 4 VLANS, unable to get IP on ethernet...
by Simonej
Mon Mar 13, 2023 5:06 pm
Forum: General
Topic: Possible bridge problem with v7.8?
Replies: 8
Views: 1832

Possible bridge problem with v7.8?

Hello, opening this topic to share a recent experience and read any opinion before opening an unuseful ticket to support. Before starting, I'm not an advanced user and the use cases for those devices are between home and small office, pretty basic config with a couple of VLANs configured following t...
by Simonej
Wed Mar 01, 2023 4:49 am
Forum: Announcements
Topic: v7.8 [stable] is released!
Replies: 425
Views: 142599

Re: v7.8 [stable] is released!

iPhone 12 with iOS 16.3.1 cannot connect to WiFi if wpa3-psk is enabled. Which MT device? Try to forget and reconnect to the network. PS: @MikroTik Staff, Audience devices with Wifiwave2 package are affected, from around v7.4, by an error at every reboot; system,error,critical RBD25G-5HPacQD2HPnD: ...
by Simonej
Tue Jan 17, 2023 4:26 pm
Forum: Announcements
Topic: v7.7 [stable] is released!
Replies: 357
Views: 115851

Re: v7.7 [stable] is released!

*) wifiwave2 - fixed 4-way handshake with TKIP;
This means thath WiFiWave2 devices are capable to be used as repeater in Station mode?
by Simonej
Tue Dec 06, 2022 4:09 pm
Forum: Wireless Networking
Topic: Multi SSID with iOS 16 not supported?
Replies: 14
Views: 1735

Re: Multi SSID with iOS 16 not supported?

I have an Audience with similar config, which version of ROS are you using? Try to use only WPA2 and ROS7.6 This is my WiFi config from Audience used at home: ## LAN Wi-Fi ROS7.6 ### /interface wifiwave2 security add authentication-types=wpa3-psk encryption=ccmp ft=yes group-encryption=ccmp name=&qu...
by Simonej
Tue Nov 29, 2022 12:51 am
Forum: Beginner Basics
Topic: VLAN on switch chip without Bridge
Replies: 4
Views: 1391

Re: VLAN on switch chip without Bridge

Interesting, thanks again for sharing the detailed explanation.
In my personal case I have an RB4011 with couple of VLANs configured as standard bridge-way and an wAP LTE (without wireless active) as second WAN using the second example switch-way without bridge.
by Simonej
Mon Nov 28, 2022 9:57 pm
Forum: Beginner Basics
Topic: VLAN on switch chip without Bridge
Replies: 4
Views: 1391

Re: VLAN on switch chip without Bridge

Understood, thanks!
I was fooled by the fact that hAP has only 1 or 2 ports and it worked for me without any bridge, but not sure it was offloaded.
by Simonej
Mon Nov 28, 2022 5:20 pm
Forum: RouterOS beta
Topic: mDNS repeater feature
Replies: 330
Views: 103906

Re: mDNS repeater feature

Could agree with your statement, currently using DNS Static for printers, Chromecast etc... but for example mobile phones are not able to the printer using ip or name.
by Simonej
Mon Nov 28, 2022 5:09 pm
Forum: Beginner Basics
Topic: VLAN on switch chip without Bridge
Replies: 4
Views: 1391

VLAN on switch chip without Bridge

Hello, I'm in the process of configure two VLANs on a wAP AC, if I understood how VLAN should work in MikroTIk; - New devices with Hardware Offloaded Bridge VLAN Filtering -> https://help.mikrotik.com/docs/display/ROS/Basic+VLAN+switching#BasicVLANswitching-CRS3xx,CRS5xxseriesswitches,CCR2116,CCR221...
by Simonej
Mon Nov 28, 2022 2:23 pm
Forum: RouterOS beta
Topic: mDNS repeater feature
Replies: 330
Views: 103906

Re: mDNS repeater feature

Hello, in the meantime we wait for the highly desired mDNS repeater/reflector, has someone tried any container package and is able to give some advice for the easiest one? Those are the ones found: - https://hub.docker.com/r/yuxzhu/mdns-reflector - https://hub.docker.com/r/ydkn/avahi - https://hub.d...
by Simonej
Thu Nov 03, 2022 9:46 pm
Forum: Announcements
Topic: v7.7beta [testing] is released!
Replies: 322
Views: 126175

Re: v7.7beta [testing] is released!

Hello, I want to report that with WifiWave2 /interface wifiwave2 add...configuration.client-isolation=yes is not working anymore
by Simonej
Thu Nov 03, 2022 12:30 pm
Forum: General
Topic: De-Brand Chateau 5G
Replies: 1
Views: 454

Re: De-Brand Chateau 5G

Branding is just a package https://help.mikrotik.com/docs/display/ROS/Branding, this is what @normis suggested:
Netinstall without keeping config will wipe the device to factory settings and remove any OEM labels
Have fun!
by Simonej
Mon Oct 24, 2022 12:00 pm
Forum: General
Topic: AQM performance measurements on cAP ac
Replies: 6
Views: 1372

Re: AQM performance measurements on cAP ac

Thanks for sharing, so interesting!
by Simonej
Mon Sep 26, 2022 12:06 pm
Forum: General
Topic: Using NoTrack for WireGuard tunnel
Replies: 16
Views: 2338

Re: Using NoTrack for WireGuard tunnel

Very well explained, thanks @sindy. My use case is the first one you mentioned, Wireguard "server" providing the "client" access to internet. I'll test again using your suggestion and report. @Simonej, can you see the difference between the two types of packets mentioned above? N...
by Simonej
Sun Sep 25, 2022 11:03 pm
Forum: General
Topic: Using NoTrack for WireGuard tunnel
Replies: 16
Views: 2338

Re: Using NoTrack for WireGuard tunnel

Agree @anav, I don't expect anything, will probably be a waste of time but it's just for learning and testing.

PS: hope everything is going well after the hurricane, wish for the best to all canadians
by Simonej
Sun Sep 25, 2022 8:45 pm
Forum: General
Topic: Using NoTrack for WireGuard tunnel
Replies: 16
Views: 2338

Re: Using NoTrack for WireGuard tunnel

Dear users, trying to use NoTrack following the suggestions from @msatter and @sindy for WireGuard in Road Warrior mode, read several times and did multiple tests, no success. This is the firewall config part relevant: /interface wireguard add listen-port=13231 name=WireGuard private-key="...&q...
by Simonej
Thu Sep 22, 2022 10:48 pm
Forum: Scripting
Topic: I have 0 knowledge on scripting: Script to update HTTPS certificate
Replies: 10
Views: 1611

Re: I have 0 knowledge on scripting: Script to update HTTPS certificate

@own3r1138 there's so much interesting to learn in the MikroTik world that I pasted the wrong link without giving you all the credit.
by Simonej
Thu Sep 22, 2022 10:05 pm
Forum: Scripting
Topic: I have 0 knowledge on scripting: Script to update HTTPS certificate
Replies: 10
Views: 1611

Re: I have 0 knowledge on scripting: Script to update HTTPS certificate

Any hint is really appreciated, I'll post a corrected version based on your suggestions.
By the way, was tested several times before posting.
by Simonej
Thu Sep 22, 2022 9:02 pm
Forum: Scripting
Topic: I have 0 knowledge on scripting: Script to update HTTPS certificate
Replies: 10
Views: 1611

Re: I have 0 knowledge on scripting: Script to update HTTPS certificate

Agree, it's an adapted version from ilium007's code. Feel free to delete the post if not useful.
As you correct, I have no knowledge, just trying to learn :)
by Simonej
Thu Sep 22, 2022 6:21 pm
Forum: Scripting
Topic: I have 0 knowledge on scripting: Script to update HTTPS certificate
Replies: 10
Views: 1611

I have 0 knowledge on scripting: Script to update HTTPS certificate

Hello, tried to search for a script to update HTTPS Let's Encrypt certificate and the only one suitable is from ilium007 , here is an adapted version: :local MyDDNS "my.dd.ns"; :local WANinterface "WAN"; :local RouterAddress "192.168.88.1"; :local ServiceWWW [/ip servic...
by Simonej
Wed Sep 14, 2022 7:40 pm
Forum: General
Topic: Layer7 DoH blocking [SOLVED]
Replies: 7
Views: 2283

Re: Layer7 DoH blocking [SOLVED]

Not an expert as @rextended is, but let me give you my point; as you I'm using external DNS service for my router, and I want to make sure some stupid devices are not using other services, redirect DNS requests from LAN devices to port 53 it's easy using NAT firewall rules; - DoT, drop dst-port=853 ...
by Simonej
Thu Aug 25, 2022 10:39 pm
Forum: General
Topic: Simple MSTP question [SOLVED]
Replies: 3
Views: 888

Re: Simple MSTP question [SOLVED]

THANK YOU!
Just as confirmation, is this example (sorry not very precise) correct?
Image
by Simonej
Thu Aug 25, 2022 10:20 pm
Forum: General
Topic: Using NoTrack for WireGuard tunnel
Replies: 16
Views: 2338

Re: Using NoTrack for WireGuard tunnel

Not an expert, have a single peer in Wireguard, the only way in my case was to use action=accept , this was not working: /ip firewall raw add action=notrack chain=prerouting in-interface-list=VPN ... /ip firewall filter add action=accept chain=input connection-state=established,related,untracked plu...
by Simonej
Thu Aug 25, 2022 9:49 pm
Forum: General
Topic: Simple MSTP question [SOLVED]
Replies: 3
Views: 888

Simple MSTP question [SOLVED]

Hello, tried to search but the answer was not clear;
for a router with a single bridge and multiple VLANs (vlan-filtering=yes) is MSTP useful? Or RSTP is enough?
A switch with VLAN will be added in the future, this should have the same setting on the bridge?

Thanks
by Simonej
Tue Aug 23, 2022 4:07 pm
Forum: Announcements
Topic: v7.5rc is released!
Replies: 86
Views: 21956

Re: v7.5rc is released!

If anyone is having problem connecting devices with WPA3, try
/interface/wifiwave2/security/set (yourWiFiprofile) sae-pwe=hunting-and-pecking
also, GCMP encryption should work with WPA3-Personal? Unable to connect any device.
by Simonej
Tue Aug 23, 2022 12:16 am
Forum: Announcements
Topic: v7.5beta [testing] is released!
Replies: 138
Views: 47852

Re: v7.5beta [testing] is released!

If anyone is having problem connecting devices with WPA3, try
/interface/wifiwave2/security/set (yourWiFiprofile) sae-pwe=hunting-and-pecking
also, GCMP encryption should work with WPA3-Personal? Unable to connect any device.
by Simonej
Fri Aug 05, 2022 9:35 pm
Forum: Announcements
Topic: v7.4 [stable] is released!
Replies: 224
Views: 56708

Re: v7.4 [stable] is released!

*) route - added option to join static IGMP and MLD groups (available in "/routing/gmp" menu);
Hello, this could be useful as multicast repeater?
Trying to avoid Avahi as container but getting crazy from more than a year due to the Chromecast and printer on a different VLAN.
by Simonej
Mon Jul 25, 2022 1:06 am
Forum: General
Topic: What is Detect Internet for?
Replies: 12
Views: 8019

Re: What is Detect Internet for?

Came here searching for the same question...
by Simonej
Thu Jul 14, 2022 7:55 pm
Forum: Announcements
Topic: v7.4rc is released!
Replies: 116
Views: 31084

Re: v7.4rc is released!

@Panbambaryla not an expert but make sure in Bridge -> Ports -> VLAN, Frame Types is not "admit only VLAN tagged"
by Simonej
Mon Jul 11, 2022 7:03 pm
Forum: Scripting
Topic: CrowdSec open-source and collaborative IPS
Replies: 2
Views: 2401

Re: CrowdSec open-source and collaborative IPS

Really interesting, thanks for sharing!
This has to be installed to an external device like Raspberry Pi or container?
by Simonej
Thu Jul 07, 2022 12:04 pm
Forum: General
Topic: How to check if router is alive?
Replies: 4
Views: 900

Re: How to check if router is alive?

After some tests, without reinvent the wheel, the https://help.mikrotik.com/docs/display/ ... v4RAWRules Building Advanced Firewall is an appropriate solution.
Limit ICMP or block IP can cause some problems with Wireguard.
by Simonej
Mon Jul 04, 2022 10:19 pm
Forum: General
Topic: How to check if router is alive?
Replies: 4
Views: 900

Re: How to check if router is alive?

All clear @sindy, appreciated the detailed answer as always! SNMP from a static IP is not an option in this case, it's just a rudimental solution for home device, ping or any check will be operated from casual location or mobile phone. Was looking for a rule that can limit the pings to the router li...
by Simonej
Mon Jul 04, 2022 12:55 pm
Forum: General
Topic: How to check if router is alive?
Replies: 4
Views: 900

How to check if router is alive?

Hello, using RouterOS from a few years without any critical problem, recently had some issues and I was thinking for an easy way to make sure that the router in online; MikroTiks's Building Advanced Firewall guide is suggesting to accept ICMP, this way it's possible to ping the public IP or DDNS. /i...
by Simonej
Fri Jun 24, 2022 1:52 am
Forum: General
Topic: QoS for SOHO
Replies: 3
Views: 1759

Re: QoS for SOHO

Thanks @anserk, was reading all topic, your post https://forum.mikrotik.com/viewtopic.php?p=939421#p939048 is very intresting. Following your suggestions I ran some non-professional tests; INTERNET QUEUE | QUEUE TREE | CAKE | BRDIGE -> WAN | 500M | 7,5% CPU queue /queue type add cake-ack-filter=filt...
by Simonej
Tue Jun 21, 2022 8:57 pm
Forum: General
Topic: QoS for SOHO
Replies: 3
Views: 1759

QoS for SOHO

Hello, trying to learn more about QoS on Mikrotik, the goal is to avoid any VoIP issue and have greater browsing experience. Starting from the presentation by Penny Tone https://mum.mikrotik.com/presentations/US16/presentation_3004_1462512668.pdf , the awesome pcunite's guide https://forum.mikrotik....
by Simonej
Fri Jun 10, 2022 2:16 pm
Forum: Scripting
Topic: Address lists downloader (DShield, Spamhaus DROP/EDROP, etc)
Replies: 289
Views: 78328

Re: Address lists downloader (DShield, Spamhaus DROP/EDROP, etc)

An huge THANKS from all the readers, your contribution is precious.
Wish you all the best.

PS: Always used $update url=[$checkurl as indicated, not other ways.
by Simonej
Fri Jun 10, 2022 12:50 pm
Forum: Scripting
Topic: Address lists downloader (DShield, Spamhaus DROP/EDROP, etc)
Replies: 289
Views: 78328

Re: Address lists downloader (DShield, Spamhaus DROP/EDROP, etc)

Hello @msatter, still trying to understand your and @rextended suggestions for $checkurl (already tried several times without success, I feel soo dump...), may I ask why you removed
content?
Thank you
by Simonej
Tue Jun 07, 2022 11:42 am
Forum: Scripting
Topic: Address lists downloader (DShield, Spamhaus DROP/EDROP, etc)
Replies: 289
Views: 78328

Re: Address lists downloader (DShield, Spamhaus DROP/EDROP, etc)

Can't help, still fighting with [$checkur url=https://... but I also had the same error with Greensnow, you can find my updated list viewtopic.php?p=936764#p936764
by Simonej
Mon Jun 06, 2022 1:34 pm
Forum: Scripting
Topic: Address lists downloader (DShield, Spamhaus DROP/EDROP, etc)
Replies: 289
Views: 78328

Re: Address lists downloader (DShield, Spamhaus DROP/EDROP, etc)

https://forum.mikrotik.com/viewtopic.php?t=152632#p937136 Apologies for asking again, looking to integrate your suggestions for redirect, without success. In terminal with :put ([$checkurl "https://snort.org/downloads/ip-block-list"]) I was able to read the correct url, any hint on how to...
by Simonej
Fri Jun 03, 2022 2:47 pm
Forum: Scripting
Topic: Address lists downloader (DShield, Spamhaus DROP/EDROP, etc)
Replies: 289
Views: 78328

Re: Address lists downloader (DShield, Spamhaus DROP/EDROP, etc)

@kevinds you're right... "all" Blocklist.de contains everything... 8) @rextended is your solution easily implementable in msatter version? https://forum.mikrotik.com/viewtopic.php?t=152632#p935938 Tried to integrate reading your post https://forum.mikrotik.com/viewtopic.php?p=930372#p93045...
by Simonej
Fri Jun 03, 2022 1:37 pm
Forum: Scripting
Topic: Address lists downloader (DShield, Spamhaus DROP/EDROP, etc)
Replies: 289
Views: 78328

Re: Address lists downloader (DShield, Spamhaus DROP/EDROP, etc)

@kevinds just an error on the log (for Darklist.de and Greensnow.co), there are more useful informations? I removed the other variables here but are present on the code :) Adding more lists just for learning purposes, which one is duplicated? @msatter you had the answer for "Snort" list, i...
by Simonej
Thu Jun 02, 2022 2:37 pm
Forum: Scripting
Topic: Address lists downloader (DShield, Spamhaus DROP/EDROP, etc)
Replies: 289
Views: 78328

Re: Address lists downloader (DShield, Spamhaus DROP/EDROP, etc)

Apologies for another dumb question, looking and found some great IP lists, Darklist.de, Greensnow.co and Snort are returning an error, any idea why? Here are the ones found; $update url=https://feodotracker.abuse.ch/downloads/ipblocklist.txt description/listname="Abuse.ch Feodo Tracker" d...
by Simonej
Wed Jun 01, 2022 10:22 pm
Forum: General
Topic: DDoS story, or WARNING: use 'conection-limit' with caution!
Replies: 168
Views: 112967

Re: DDoS story, or WARNING: use 'conection-limit' with caution!

Dear MT fans, following the great advice from @Chupaka and MikroTik help, ( https://help.mikrotik.com/docs/pages/viewpage.action?pageId=28606504 ), I added to the firewall some protections, here as example: /ip firewall filter / mangle add action=jump chain=input comment="Jump Input to Chain&qu...
by Simonej
Wed Jun 01, 2022 9:53 pm
Forum: Scripting
Topic: Address lists downloader (DShield, Spamhaus DROP/EDROP, etc)
Replies: 289
Views: 78328

Re: Address lists downloader (DShield, Spamhaus DROP/EDROP, etc)

THANK YOU msatter for your AWESOME contribution!
by Simonej
Wed Jun 01, 2022 3:01 pm
Forum: Announcements
Topic: v7.3rc [testing] is released!
Replies: 452
Views: 105687

Re: v7.3rc [testing] is released!

@hecatae ww2 works on 7.3rc1. but still no go for samsung phones on WPA3 & Android 12 WPA3 on Android 12 (Google phone) is a long time problem, I never succed a connection with my phones, WPA3 was a Google bug, solved this winter, still not working with MT devices, the only way is to use only W...
by Simonej
Mon May 30, 2022 1:02 am
Forum: Scripting
Topic: Address lists downloader (DShield, Spamhaus DROP/EDROP, etc)
Replies: 289
Views: 78328

Re: Address lists downloader (DShield, Spamhaus DROP/EDROP, etc)

AWESOME @msatter !
It's working with
delimiter=("\n")
seems to be mandatory also on your updated version of the script, correct?
by Simonej
Sun May 29, 2022 12:13 pm
Forum: Scripting
Topic: Address lists downloader (DShield, Spamhaus DROP/EDROP, etc)
Replies: 289
Views: 78328

Re: Address lists downloader (DShield, Spamhaus DROP/EDROP, etc)

Hello!
Could be a good idea to integrate TOR Exits?
https://check.torproject.org/torbulkexitlist
https://www.dan.me.uk/torlist/
https://www.dan.me.uk/torlist/?exit

Tried to integrate with $update with no success, address were 1,2,3,4,5,6....