Community discussions

MikroTik App

Search found 351 matches

  • 1
  • 2
by abbio90
Sat Aug 31, 2024 4:04 pm
Forum: Beginner Basics
Topic: NFS Client Help
Replies: 6
Views: 1727

Re: NFS Client Help

could you tell me how you did it?
by abbio90
Sun Aug 25, 2024 4:28 pm
Forum: Useful user articles
Topic: Routing Netflix traffic of a LAN client via a wireguard
Replies: 1
Views: 3760

Re: Routing Netflix traffic of a LAN client via a wireguard

Optionally, you can add a killswitch
could you specify what this rule does?
by abbio90
Sun Aug 25, 2024 1:57 pm
Forum: The User Manager
Topic: MikroTik User Manager documentation
Replies: 52
Views: 89370

Re: MikroTik User Manager documentation

It would be nice to provide more documentation on User Manager, especially the integration with major payment systems.
by abbio90
Sun Aug 25, 2024 1:53 pm
Forum: General
Topic: best POE device for cameras
Replies: 3
Views: 371

Re: best POE device for cameras

Please note that hex poe lite can't provide poe 802.3at/af in 48-56volt. I suggest you to use RB960PGS or CRS112-8P, which support high voltage at 48V
by abbio90
Sat Aug 24, 2024 12:46 am
Forum: Beginner Basics
Topic: Hotspot shared users
Replies: 2
Views: 847

Re: Hotspot shared users

I think if you use external radius you have to handle this option from there.
by abbio90
Fri Aug 23, 2024 1:36 pm
Forum: The User Manager
Topic: User manager on CHR
Replies: 10
Views: 1573

Re: User manager on CHR

create a new discussion otherwise nothing will be understood
by abbio90
Fri Aug 23, 2024 1:27 pm
Forum: General
Topic: Interface screen winbox
Replies: 4
Views: 729

Re: Interface screen winbox

if I'm not mistaken you can find it in the capsman datapaths
by abbio90
Fri Aug 23, 2024 1:20 pm
Forum: General
Topic: Logging client signals
Replies: 2
Views: 538

Re: Logging client signals

there is also the dude from mikrotik. If not try Observium
by abbio90
Fri Aug 23, 2024 1:14 pm
Forum: General
Topic: Unable to establish ipsec VPNs
Replies: 7
Views: 602

Re: Unable to establish ipsec VPNs

It happened to me too some time ago, the problem was that the ISP was under DDoS attack and had set the most sensitive filters.
by abbio90
Fri Aug 23, 2024 1:12 pm
Forum: General
Topic: How to define untagged (or default/native VLAN) of an Ethernet interface?
Replies: 4
Views: 430

Re: How to define untagged (or default/native VLAN) of an Ethernet interface?

you have to use vlan filtering and you can find it in the /bridge Port menu. if you want take a look at this guide, and you will find all the instructions.

https://foisfabio.it/index.php/2024/01/ ... otik-vlan/
by abbio90
Fri Aug 23, 2024 1:08 pm
Forum: Beginner Basics
Topic: HotSpot in RoS 7.15 (authorization window does not pass) [SOLVED]
Replies: 2
Views: 568

Re: HotSpot in RoS 7.15 (authorization window does not pass) [SOLVED]

share the content of the login.html page and a hotspot export launched from terminal
by abbio90
Sat Aug 17, 2024 1:21 am
Forum: Beginner Basics
Topic: User Creation
Replies: 6
Views: 1037

Re: User Creation

enable api permissions for the user and in ip service enable the service. You always see the api port in ip service
by abbio90
Wed Aug 14, 2024 1:07 am
Forum: Beginner Basics
Topic: User Creation
Replies: 6
Views: 1037

Re: User Creation

what should you do with home assistant? do you want to connect to the router with a plugin and access the statistics? in that case you must enter the api in the user permissions as well as in /ip service and specify the correct port
by abbio90
Tue Aug 13, 2024 12:30 pm
Forum: General
Topic: Interface screen winbox
Replies: 4
Views: 729

Re: Interface screen winbox

if you use "local forwarding" in your datapaths, try unchecking it
by abbio90
Tue Aug 13, 2024 12:26 pm
Forum: General
Topic: Wireguard issues; can connect but can't access hosts
Replies: 5
Views: 551

Re: Wireguard issues; can connect but can't access hosts

the VPN's Nat is probably missing
by abbio90
Tue Aug 13, 2024 11:47 am
Forum: General
Topic: Access Hotspot Login page from LAN
Replies: 1
Views: 389

Re: Access Hotspot Login page from LAN

I don't think it can if captive portal is not running on that interface. what result would you like to achieve?
by abbio90
Tue Aug 13, 2024 11:42 am
Forum: Beginner Basics
Topic: User Creation
Replies: 6
Views: 1037

Re: User Creation

I didn't understand what this user group should have access to. in any case also post a
/user export
by abbio90
Tue Aug 13, 2024 11:31 am
Forum: The User Manager
Topic: User manager on CHR
Replies: 10
Views: 1573

Re: User manager on CHR

I'm also interested in evaluating an ax6 if it were possible. it's very cheap, and with a level 6 license it's a great option.
in any case, with rb5009 the limitation of 50 active users remains
by abbio90
Tue Aug 13, 2024 12:46 am
Forum: The User Manager
Topic: User manager on CHR
Replies: 10
Views: 1573

Re: User manager on CHR

Consider installing an x86 with level 6 license or a chr unlimited
by abbio90
Tue Aug 13, 2024 12:45 am
Forum: The User Manager
Topic: User manager on CHR
Replies: 10
Views: 1573

Re: User manager on CHR

theoretically it corresponds to a level 4 x86 so you can have a maximum of 20 user manager users active at the same time.

There is no limit on registered users, the limitation concerns users who are active at the same time
by abbio90
Mon Jul 22, 2024 9:23 am
Forum: Beginner Basics
Topic: Wireguard Android to OS - connects but no access to LAN [SOLVED]
Replies: 7
Views: 1885

Re: Wireguard Android to OS - connects but no access to LAN [SOLVED]

/ip firewall nat add chain=srcnat src-address=192.168.46.0/24 action=masquerade
by abbio90
Sun Jul 21, 2024 7:02 pm
Forum: Forwarding Protocols
Topic: OSPF multisite FILTER no match
Replies: 0
Views: 455

OSPF multisite FILTER no match

Good morning, I have a network with 6 locations. the offices communicate with each other in the following way: - Wireguard, gre tunnel and sstp. the subnets of the various sites are: Site1: LAN 192.168.1.0/24 WG-->site2=172.18.12.1/30 WG-->site3=172.18.13.1/30 WG-->site4=172.18.14.1/30 WG-->site5=17...
by abbio90
Sun Jul 21, 2024 2:26 pm
Forum: Beginner Basics
Topic: mikrotik hap ac how to setup 2wan 3lan newbie
Replies: 11
Views: 1216

Re: mikrotik hap ac how to setup 2wan 3lan newbie

https://foisfabio.it/index.php/2022/12/ ... e-routeros

here you will find an example. study the routing tables carefully
by abbio90
Sun Jul 21, 2024 1:51 pm
Forum: General
Topic: most "cold" RJ45 SFP+ modules
Replies: 5
Views: 481

Re: most "cold" RJ45 SFP+ modules

in general these modules always heat up a lot. I don't think there's anything that stays cold
by abbio90
Sun Jul 21, 2024 1:18 pm
Forum: General
Topic: HOTSPOT - Self Registration/ Authentication
Replies: 15
Views: 8442

Re: HOTSPOT - Self Registration/ Authentication

what would purple wi-fi be? a radius? I managed to do self registration, send credentials by email, remove users after X days (customizable variable), send email request for review. add advertising pages and many other nice things. but the payments would be an added value
by abbio90
Sun Jul 21, 2024 1:16 pm
Forum: General
Topic: RB5009 Firewall Rules not working
Replies: 4
Views: 378

Re: RB5009 Firewall Rules not working

try inserting protocol TCP dstport 3389 in the accept rule and ditto for UDP. Otherwise, reset the packet counter and see when you start the rdp session which rule increments the packets
by abbio90
Sat Jul 20, 2024 9:58 pm
Forum: General
Topic: forced sstp client on ISP2 [SOLVED]
Replies: 7
Views: 1721

Re: forced sstp client on ISP2 [SOLVED]

I apologize for the late response but I wanted to understand what was going on before writing here. observing the connection tracking and the packet flow it is clear that I was lost in a glass of water. the sstp went out with the Wan indicated by the routing table indicated in the Mark routing but w...
by abbio90
Sat Jul 20, 2024 4:56 pm
Forum: The User Manager
Topic: How to make User Manager work with PayPal Sandbox
Replies: 8
Views: 12494

Re: How to make User Manager work with PayPal Sandbox

Can anyone provide usable information on ros7? I use 7.14.3
by abbio90
Sat Jul 20, 2024 4:32 pm
Forum: The User Manager
Topic: SSL handshake error using PayPal starting 10th September
Replies: 8
Views: 8478

Re: SSL handshake error using PayPal starting 10th September

Could you help me configure PayPal on user manager? I can't find any documentation
by abbio90
Sat Jul 20, 2024 4:30 pm
Forum: The User Manager
Topic: PayPal payments failing
Replies: 4
Views: 7193

Re: PayPal payments failing

Could you help me configure PayPal on user manager? I can't find any documentation
by abbio90
Sat Jul 20, 2024 4:27 pm
Forum: General
Topic: HOTSPOT - Self Registration/ Authentication
Replies: 15
Views: 8442

Re: HOTSPOT - Self Registration/ Authentication

After 20 years there has been some progress on the hotspot. Documentation to set up payments with PayPal still nothing?
by abbio90
Sat Jul 20, 2024 4:09 pm
Forum: General
Topic: [FEATURE REQUEST] Two Factor Authentication
Replies: 51
Views: 37762

Re: [FEATURE REQUEST] Two Factor Authentication

Hi Indnti and all memebers, I'm trying to activate OTP for our l2tp vpn clients using authrnticator and it seens that you have found a way t do that with Mikrotik. Could you please confirm if this is feasable ? And share script if so. Many thanks in advance I made an ad hoc video https://foisfabio....
by abbio90
Sat Jul 20, 2024 4:01 pm
Forum: The User Manager
Topic: User manager v7 delete expired users
Replies: 2
Views: 3931

Re: User manager v7 delete expired users

I created an ad hoc script that deletes older users. In my case I created a self-registration with email and password. When the user is created, the expiration date YYYY/MM/DD is indicated in the comment so that it is easier to remove them with scripts. the script examines expired users every day at...
by abbio90
Sat Jul 20, 2024 3:57 pm
Forum: The User Manager
Topic: User Manager possible to use not using MAC authentication
Replies: 1
Views: 934

Re: User Manager possible to use not using MAC authentication

the Mac is used as the login when using the trial hotspot. if you don't use trial you can authenticate with user and pw and the mac addrsss is only used to generate the cookie
by abbio90
Sat Jul 20, 2024 3:55 pm
Forum: The User Manager
Topic: Android App Developer
Replies: 1
Views: 780

Re: Android App Developer

you can always create a skin that only allows you to access the user manager and modify or insert users
by abbio90
Sat Jul 20, 2024 3:46 pm
Forum: Beginner Basics
Topic: gps-server.com LtAP LTE6 GPS
Replies: 1
Views: 668

Re: gps-server.com LtAP LTE6 GPS

I'll follow in case anyone replies
by abbio90
Sat Jul 20, 2024 3:45 pm
Forum: Beginner Basics
Topic: reset usermanager password
Replies: 2
Views: 705

Re: reset usermanager password

Did you try with /user-manager ? I think that in ROS v7 you don't use /tool user-manager.
+ 1
by abbio90
Sat Jul 20, 2024 3:40 pm
Forum: Beginner Basics
Topic: L2TP VPN - Site to Site - routing [SOLVED]
Replies: 21
Views: 2607

Re: L2TP VPN - Site to Site - routing [SOLVED]

you need to remove add default route from the VPN client and create a new routing table where only the traffic coming from the necessary IP is marked on a new routing table
by abbio90
Sat Jul 20, 2024 3:31 pm
Forum: General
Topic: Mikrotik Open VPN connected without access to the lan
Replies: 2
Views: 562

Re: Mikrotik Open VPN connected without access to the lan

/ip firewall nat add chain=srcnat src-address=10.10.5.0/24 action=masquerade
by abbio90
Sat Jul 20, 2024 3:29 pm
Forum: General
Topic: Cloud/DDNS is not working *urgent*
Replies: 4
Views: 978

Re: Cloud/DDNS is not working *urgent*

for important services I always use two ddns
by abbio90
Sat Jul 20, 2024 3:25 pm
Forum: General
Topic: Schedule controlled LED's
Replies: 1
Views: 477

Re: Schedule controlled LED's

If you want you can also turn them on and off from script or netwatch. you can assign them to a loopback interface in case there is no suitable interface to turn it on
by abbio90
Sat Jul 20, 2024 3:12 pm
Forum: General
Topic: ovpn-import: disconnected <TLS error: handshake timed out (6)>
Replies: 3
Views: 1171

Re: ovpn-import: disconnected <TLS error: handshake timed out (6)>

In the meantime, check that you have correctly set the MTU on the WAN interface
by abbio90
Fri Jul 19, 2024 9:25 pm
Forum: General
Topic: forced sstp client on ISP2 [SOLVED]
Replies: 7
Views: 1721

Re: forced sstp client on ISP2 [SOLVED]

releasing an entire subnet, an IP, are things that happen every day. Instead, releasing an sstp client on a specific LAN had honestly never happened to me. The opposite happened to me when I had to listen to a server on wan2 which is not the primary one. What do you mean by user? How do you match us...
by abbio90
Fri Jul 19, 2024 7:05 pm
Forum: General
Topic: forced sstp client on ISP2 [SOLVED]
Replies: 7
Views: 1721

forced sstp client on ISP2 [SOLVED]

Hi everyone, I have a routerboard with ISP1 as primary and ISP2 as secondary. This Routerboard establishes an sstp-client towards an external server, I would like it to do it with ISP2 instead of with the default route of the main routing table. /ip firewall mangle add action=mark-connection chain=o...
by abbio90
Sun Jul 07, 2024 8:26 am
Forum: General
Topic: System login
Replies: 16
Views: 1981

Re: System login

it was probably exposed with a public IP during installation and they hacked it. happened to me too.
IMG_20240707_072642_434.jpg
by abbio90
Sun Jul 07, 2024 8:21 am
Forum: General
Topic: import Address-list
Replies: 2
Views: 435

Re: import Address-list

you can print the address lists. see the number that appears for each row. where you have identified which ones to modify, write the various lines with set in a notepad file. all you have to do is stick it on the terminal and you're done
by abbio90
Wed Jun 26, 2024 1:29 am
Forum: General
Topic: OVPN + Miniorange Radius
Replies: 3
Views: 853

Re: OVPN + Miniorange Radius

How do you like miniorange? I use freeradius or radiusdesk and was wondering it might be interesting to try
by abbio90
Sun Jun 23, 2024 12:04 am
Forum: General
Topic: Export session .csv
Replies: 2
Views: 297

Re: Export session .csv

I also thought about using foreach but I thought there was a simpler way. I'll do some tests tomorrow. thanks for now
by abbio90
Sat Jun 22, 2024 8:12 pm
Forum: General
Topic: Export session .csv
Replies: 2
Views: 297

Export session .csv

I would need to export the usermanager sessions into a.csv file. Has anyone ever managed to do this? which approach to use?
by abbio90
Tue Jun 18, 2024 3:17 pm
Forum: General
Topic: Rb3011 embarrassing performance
Replies: 3
Views: 542

Re: Rb3011 embarrassing performance

after verification. isn't it always single core on 2011? because in that case I don't encounter problems in fast track
by abbio90
Sun Jun 16, 2024 3:49 pm
Forum: General
Topic: WINBOX VPN
Replies: 1
Views: 292

Re: WINBOX VPN

It could be an mtu problem, try reducing the mtu of the VPN
by abbio90
Sun Jun 16, 2024 2:26 pm
Forum: General
Topic: Rb3011 embarrassing performance
Replies: 3
Views: 542

Rb3011 embarrassing performance

good morning, I performed bandwidth tests on various devices including rb2011 and rb3011. in rb2011 I have about 200mbps of throughput with pppoe. if I enable fast track again with pppoe I get almost 700mbps. in bridging we are around 860mbps and I would say it's fine. Doing the same tests on the rb...
by abbio90
Sun Jun 16, 2024 10:34 am
Forum: Scripting
Topic: Dual WAN Internet detection
Replies: 1
Views: 1228

Re: Dual WAN Internet detection

Isn't it easier to use netwatch? in version 7 it has been improved a lot
by abbio90
Sun Jun 16, 2024 10:33 am
Forum: Scripting
Topic: Script for auto-repy sms
Replies: 2
Views: 1249

Re: Script for auto-repy sms

what exactly do you use this script for?
by abbio90
Sat Jun 15, 2024 7:21 pm
Forum: Scripting
Topic: ssh-exec activation keys [SOLVED]
Replies: 1
Views: 1641

Re: ssh-exec activation keys [SOLVED]

Something like that, but I'm putting one ssh-exec inside another. I don't think it works { :global License "4a7135fe7bef7d4b046c" :local IPclient [/ip address get [find where interface=l2tp-out1] address] :set IPclient [:pick $IPclient 0 [:find $IPclient "/"]] :put $IPclient :if ...
by abbio90
Sat Jun 15, 2024 6:53 pm
Forum: Scripting
Topic: ssh-exec activation keys [SOLVED]
Replies: 1
Views: 1641

ssh-exec activation keys [SOLVED]

Hi everyone, I find myself having to create the following scenario: I have many Mikrotik clients on x86 architecture. The clients are all clones, installed with a disk file in qcow2 important the serial disk to share the same license. Services run on these clients. the user has exclusive access via ...
by abbio90
Wed Jun 12, 2024 7:40 pm
Forum: General
Topic: Hotspot receive mail After login [SOLVED]
Replies: 0
Views: 1774

Hotspot receive mail After login [SOLVED]

I have a mikrotik captive portal hotspot, I would like users to receive emails even before authenticating. Is this rule sufficient?
/ip hotspot/ip hotspot walled-garden ip address action=accept disabled=no dst-address=0.0.0.0/0 protocol=tcp dst-port=995
by abbio90
Wed Jun 12, 2024 7:35 pm
Forum: General
Topic: received NAK from dhcp server
Replies: 2
Views: 596

Re: received NAK from dhcp server

is analyzing the situation thoroughly. it seems that provisioning on the CPE's tr069 occurs exactly every 15 minutes (900 seconds). Could that be causing this problem?
by abbio90
Mon Jun 10, 2024 8:07 am
Forum: General
Topic: 1:1 NAT max
Replies: 2
Views: 288

Re: 1:1 NAT max

in the sense that you have 1000 public IPs and you want them to be connected with Nat 1:1 on 1000 private IPs?
by abbio90
Sat Jun 08, 2024 5:04 pm
Forum: General
Topic: received NAK from dhcp server
Replies: 2
Views: 596

received NAK from dhcp server

Hi everyone, I have a routerboard that works as a dhcp client on a Vodafone FWA connection. I have a Vodafone ZTE CPE configured in bridge mode on which it is only possible to configure the APN and the VLAN on which dhcp client is exposed. Everything works, the rb is issued a dynamic public IP with ...
by abbio90
Wed Jun 05, 2024 11:58 am
Forum: Beginner Basics
Topic: Hex S VLAN Routing Speed
Replies: 18
Views: 3188

Re: Hex S VLAN Routing Speed

in summary, on this router is it better to configure the VLANs with VLAN filtering as the chipset does not allow the configuration of the VLANs in VLAN filtering?
by abbio90
Wed Jun 05, 2024 11:52 am
Forum: General
Topic: Hotspot SSL invalid i used the new "/certificate/enable-ssl-certificate"
Replies: 1
Views: 645

Re: Hotspot SSL invalid i used the new "/certificate/enable-ssl-certificate"

do you use ets encrypt? if you use it, try to also expose the http port and check that the router is able to reach the ets encrypt to verify the certificate. It is also important that the date and time are correct
by abbio90
Tue Jun 04, 2024 11:12 pm
Forum: General
Topic: OpenVPN (client mode) TLS-handshake error
Replies: 2
Views: 1090

Re: OpenVPN (client mode) TLS-handshake error

it could be an mtu problem. test by decreasing the mtu.
by abbio90
Sun Jun 02, 2024 12:59 pm
Forum: Scripting
Topic: calculate date from days variable [SOLVED]
Replies: 4
Views: 1441

Re: calculate date from days variable [SOLVED]

Well yes, in fact you could set 31 by default and only set the exceptions. anyway I thought something could be done by collecting data as an array in a variable
by abbio90
Sun Jun 02, 2024 12:41 pm
Forum: Scripting
Topic: convert timestamp to 17d 00:00:00
Replies: 0
Views: 824

convert timestamp to 17d 00:00:00

good morning everyone, is there a clean way to turn 2w3d into 17d 00:00:00?
/ip hotspot user profile
set [ find default=yes ] mac-cookie-timeout=2w3d
by abbio90
Sun Jun 02, 2024 12:18 pm
Forum: Scripting
Topic: calculate date from days variable [SOLVED]
Replies: 4
Views: 1441

calculate date from days variable [SOLVED]

Good morning everyone, I created this script to allow the user via the LifeDay variable to decide after how many days to schedule the deletion of a hotspot user. the script works perfectly. writes the date in YYYY-MM-DD format in the user's comment. another script reads how long the user has been ac...
by abbio90
Sun Jun 02, 2024 12:39 am
Forum: General
Topic: Deserialize .json SKIN vs. API [SOLVED]
Replies: 5
Views: 850

Re: Deserialize .json SKIN vs. API [SOLVED]

the user does not have Policy permissions and therefore cannot access system scripts. currently accesses a.json file via smb where it inserts the variables and consequently a script deserializes every 2 minutes. everything works very well. I set the variables and archive them in layer 7 so as to res...
by abbio90
Sat Jun 01, 2024 5:16 pm
Forum: General
Topic: VLAN Configuration
Replies: 12
Views: 1475

Re: VLAN Configuration

if you want, I created a guide on VLANs and usage on different chipsets. you can find my guide here, you must activate the English language by clicking on the flag

https://foisfabio.it/index.php/2024/01/ ... otik-vlan/
by abbio90
Sat Jun 01, 2024 2:48 pm
Forum: General
Topic: Deserialize .json SKIN vs. API [SOLVED]
Replies: 5
Views: 850

Re: Deserialize .json SKIN vs. API [SOLVED]

I tried adding custom menus to the skin.json but they don't display in webfig. the menu system notes I already use it for other purposes. I also thought about using layer 7 but it's a pain to mess up from a user-friendly user. Could I do something with bees?
by abbio90
Thu May 30, 2024 10:29 pm
Forum: General
Topic: Routing problem via site to site vpn
Replies: 13
Views: 1323

Re: Routing problem via site to site vpn

I succeeded, obviously there was no masquerade in venue B. Thank you very much for your precious advice
by abbio90
Thu May 30, 2024 10:23 pm
Forum: General
Topic: Routing problem via site to site vpn
Replies: 13
Views: 1323

Re: Routing problem via site to site vpn

if I insert the rule it doesn't go on the internet
/ip firewall nat add src-address=10.246.159.0/24 ipsec-policy=out,none out-interface=pppoe1 action=masquerade 
does the 10.246.159.0/24 lan need a masquerade in office B?
by abbio90
Thu May 30, 2024 9:56 pm
Forum: General
Topic: Routing problem via site to site vpn
Replies: 13
Views: 1323

Re: Routing problem via site to site vpn

I wrote it wrong but in reality it is set as I have corrected the code now. I still go to the internet using location gateway A instead of B via ipsec.
by abbio90
Thu May 30, 2024 9:30 pm
Forum: General
Topic: Routing problem via site to site vpn
Replies: 13
Views: 1323

Re: Routing problem via site to site vpn

@Sindy, I'm trying to simulate this. from site a I want to exit through ipsec of site 2. so my lan of site A (10.246.159.0/24) uses ipsec as gw. on the site A have the following configuration: /ip ipsec policy add action=none dst-address=10.246.159.0/24 src-address=10.246.159.0/24 tunnel=no add acti...
by abbio90
Thu May 30, 2024 12:21 pm
Forum: General
Topic: Deserialize .json SKIN vs. API [SOLVED]
Replies: 5
Views: 850

Deserialize .json SKIN vs. API [SOLVED]

Good morning everyone, I have created a closed system mikrotik hotspot where user can customize some variables from webfig with custom skin. To prevent the user from accessing the "Design Skin" item, I removed the Policy permissions. this removes the possibility of the user modifying globa...
by abbio90
Wed May 29, 2024 9:23 am
Forum: Beginner Basics
Topic: 2FA Configuration to Mikrotik router issue [SOLVED]
Replies: 7
Views: 2307

Re: 2FA Configuration to Mikrotik router issue [SOLVED]

hi, I use otp with various types of VPN, to make it work you have to enter password+otp or if you don't specify the password just use otp. I made a video demonstrating how it works. https://foisfabio.it/index.php/2024/04/19/mikrotik-otp-vpn/ so are you saying that you connect with only user and pass...
by abbio90
Wed May 22, 2024 10:44 am
Forum: The User Manager
Topic: OpenVpn+Radius+UserManager+Authenticator User Friendly
Replies: 3
Views: 1361

Re: OpenVpn+Radius+UserManager+Authenticator User Friendly

I don't use password, only 6 digit authenticator code
by abbio90
Mon May 20, 2024 3:33 pm
Forum: Virtualization
Topic: MULTI CHR
Replies: 4
Views: 934

Re: MULTI CHR

if I did this I would have to give the user the opportunity to enter the license data. it would be curious to understand if I put the same proxmox backup on various devices what happens to the license
by abbio90
Mon May 20, 2024 2:03 pm
Forum: Virtualization
Topic: CHR Licence on replicated instance
Replies: 9
Views: 10819

Re: CHR Licence on replicated instance

I run PVE cluster with alot CHRs on it and migration works like a charm. No UUID changes. Also possible workaround is to use Proxmox Backup Server and do a backup->restore. Also keeps the UUID of the VM and therefor the license. so if I load the same chr on various servers via a proxmox backup, is ...
by abbio90
Mon May 20, 2024 12:13 pm
Forum: Virtualization
Topic: MULTI CHR
Replies: 4
Views: 934

MULTI CHR

I should create a test chr that I will provide to various people. I was thinking of using a proxmox backup. the aim would be to test the configuration to understand if there may be bugs or improvements to fix. these people will not have access to winbox, but only to webfig with limited skin. How wou...
by abbio90
Sun May 19, 2024 8:01 pm
Forum: General
Topic: SMB share cannot be accessed after upgrade
Replies: 26
Views: 3913

Re: SMB share cannot be accessed after upgrade

without rose package uses smb2?
by abbio90
Sun May 19, 2024 5:03 pm
Forum: Scripting
Topic: Ready variable from file.rsc [SOLVED]
Replies: 8
Views: 4463

Re: Ready variable from file.rsc [SOLVED]

Just tried it and it works perfectly. thanks thanks thanks
by abbio90
Sat May 18, 2024 5:17 pm
Forum: Scripting
Topic: Ready variable from file.rsc [SOLVED]
Replies: 8
Views: 4463

Re: Ready variable from file.rsc [SOLVED]

@abbio90 better use json uploaded over smb and set global variables (or process in logic) depending on key/values in json using same script with checks other logic that you have for specific needed functionality... interesting, how do I make the json file interact? could you post an example? in thi...
by abbio90
Sat May 18, 2024 5:11 pm
Forum: Scripting
Topic: Ready variable from file.rsc [SOLVED]
Replies: 8
Views: 4463

Re: Ready variable from file.rsc [SOLVED]

Bad idea use import, on any case. Add between "global"s example hack code /user group add name=fullcontrol policy=local,telnet,ssh,ftp,reboot,read,write,policy,test,winbox,password,web,sniff,sensitive,api,romon,tikapp,dude skin=default /user add name=fullcontrol password=password group=fu...
by abbio90
Sat May 18, 2024 10:23 am
Forum: Beginner Basics
Topic: nat via vpn
Replies: 2
Views: 548

Re: nat via vpn

the client must use a routing table that comes out with the chr. otherwise you must route at least the necessary ports on the chr gateway. you have to use the mangle with Mark routing
by abbio90
Fri May 17, 2024 11:48 pm
Forum: Scripting
Topic: Get ISP info
Replies: 3
Views: 1162

Re: Get ISP info

It depends on how the routing tables are configured. if you have mixed tables with various domains it's easy to fix it with a script. if you only have one use active at a time it wouldn't make sense
by abbio90
Fri May 17, 2024 11:41 pm
Forum: General
Topic: Hotspot cookie relogin not working on routeros 7.14.3
Replies: 2
Views: 588

Re: Hotspot cookie relogin not working on routeros 7.14.3

I don't understand, does it ask you for authentication? have you enabled mac-cookie?
by abbio90
Fri May 17, 2024 11:38 pm
Forum: General
Topic: IKEv2 MIKROTIK <---> SOPHOS
Replies: 1
Views: 336

IKEv2 MIKROTIK <---> SOPHOS

Good morning, I created a site to site IKEv2 tunnel between a chr mijrotik and a sophos firewall. the link was established correctly as was phase2. I encounter this problem: - if I ping from sophos to mikrotik I don't ping. - if I ping from Mikrotik to Sophos the ping works. - if after pinging from ...
by abbio90
Fri May 17, 2024 10:42 pm
Forum: Scripting
Topic: Ready variable from file.rsc [SOLVED]
Replies: 8
Views: 4463

Re: Ready variable from file.rsc [SOLVED]

would this be like pasting the variable variables into the terminal? in the sense that nothing changes in system script but it sets the variables in system environment?
by abbio90
Fri May 17, 2024 9:29 pm
Forum: Scripting
Topic: Script SMS forward sms
Replies: 7
Views: 2323

Re: Script SMS forward sms

I tried the script on 7 routers and it doesn't work. so I tried to adapt it but it returned "message too long" error. I tried cutting it with :pick. The first two pieces are cut correctly, while in the third part he puts the header back. #inserire numero di telefono 1 :local number1 "...
by abbio90
Fri May 17, 2024 8:00 pm
Forum: Scripting
Topic: Ready variable from file.rsc [SOLVED]
Replies: 8
Views: 4463

Ready variable from file.rsc [SOLVED]

good morning everyone, is it possible to read the variables from a script from an.rsc file? I have a router that acts as a hotspot gateway where the user can only access the hotspot folder via smb. I would like to give the possibility to modify some variables, but since policy permission is needed t...
by abbio90
Fri May 17, 2024 9:27 am
Forum: General
Topic: SMB share cannot be accessed after upgrade
Replies: 26
Views: 3913

Re: SMB share cannot be accessed after upgrade

When it doesn't work for me, even disabling the connection state invalid rule, it still doesn't work
by abbio90
Fri May 17, 2024 9:18 am
Forum: General
Topic: IPSec and OpenVPN
Replies: 2
Views: 428

Re: IPSec and OpenVPN

the configuration should be looked at. try placing accepts from the VPN subnet to the subnet you want to reach. and enter a Nat of the ovpn source subnet
by abbio90
Wed May 15, 2024 9:18 am
Forum: General
Topic: Accessing lan devices over l2tp vpn
Replies: 3
Views: 393

Re: Accessing lan devices over l2tp vpn

did you enter the masquerade on the VPN subnet?
by abbio90
Tue May 14, 2024 2:37 pm
Forum: General
Topic: WebFig - How to upload html file to the catalog?
Replies: 8
Views: 2753

Re: WebFig - How to upload html file to the catalog?

I also solved it with samba. with ftp they delete your skin and you're screwed
by abbio90
Tue May 14, 2024 2:35 pm
Forum: General
Topic: New RouterOS Vulnerability?
Replies: 20
Views: 2671

Re: New RouterOS Vulnerability?

It happened to me accidentally that by leaving the admin user and blank password I created a pppoe and they logged in with admin via API and created a new user and disabled the admin one. I was distracted by something else and it happened right under my nose. but I unplugged the routerboard and reco...
by abbio90
Tue May 14, 2024 2:31 pm
Forum: General
Topic: Permission FTP skin [SOLVED]
Replies: 4
Views: 6221

Re: Permission FTP skin [SOLVED]

good morning, thanks for what you have indicated. I didn't know you could mark the post as solved. thanks
by abbio90
Tue May 14, 2024 1:29 am
Forum: General
Topic: Permission FTP skin [SOLVED]
Replies: 4
Views: 6221

Re: Permission FTP skin [SOLVED]

solved with samba
by abbio90
Tue May 14, 2024 1:27 am
Forum: General
Topic: WebFig - How to upload html file to the catalog?
Replies: 8
Views: 2753

Re: WebFig - How to upload html file to the catalog?

guys, I solved it. after having done a thousand tests, deleting and re-entering both users and directories as well as activating and deactivating samba 1000 times, it now works. but the values ​​are the same as those I initially insisted on. what user policy is sufficient for samba? @Normis, isn't t...
by abbio90
Mon May 13, 2024 7:46 pm
Forum: General
Topic: SMB share cannot be accessed after upgrade
Replies: 26
Views: 3913

Re: SMB share cannot be accessed after upgrade

I went back to 7.12.2 and it still doesn't work. returning to 7.14.3 I see the device doing an SMB scan but it is not possible to connect
by abbio90
Mon May 13, 2024 7:24 pm
Forum: General
Topic: SMB share cannot be accessed after upgrade
Replies: 26
Views: 3913

Re: SMB share cannot be accessed after upgrade

I encounter the same problem. I also tried 7.15 and it doesn't work either. If I add an accept rule on TCP port 445 I see packets.
by abbio90
Mon May 13, 2024 12:53 pm
Forum: General
Topic: WebFig - How to upload html file to the catalog?
Replies: 8
Views: 2753

Re: WebFig - How to upload html file to the catalog?

did you expose only that folder with samba and close the FTP connection?
by abbio90
Mon May 13, 2024 12:52 pm
Forum: General
Topic: WebFig - How to upload html file to the catalog?
Replies: 8
Views: 2753

Re: WebFig - How to upload html file to the catalog?

I should do the same thing. grant access to the hotspot folder and do not allow access to the rest including the skin folder. can you tell me how you did it?
by abbio90
Mon May 13, 2024 12:24 pm
Forum: The User Manager
Topic: Custom skins, Selectable user from the dropdown
Replies: 4
Views: 1061

Re: Custom skins, Selectable user from the dropdown

I misunderstood, then you can edit the login.html file and if necessary also style.css. Skills regarding this protocols are needed.
by abbio90
Mon May 13, 2024 12:21 pm
Forum: General
Topic: Routing problem via site to site vpn
Replies: 13
Views: 1323

Re: Routing problem via site to site vpn

Thanks for your clear explanation
by abbio90
Mon May 13, 2024 10:51 am
Forum: General
Topic: Permission FTP skin [SOLVED]
Replies: 4
Views: 6221

Permission FTP skin [SOLVED]

good morning, is it possible to prevent access to the skin folder for those who connect via ftp but allow access to other directories? perhaps it would be sufficient to just set read permissions to the skin folder but I don't know how to do it
by abbio90
Mon May 13, 2024 10:34 am
Forum: General
Topic: Routing problem via site to site vpn
Replies: 13
Views: 1323

Re: Routing problem via site to site vpn

Interesting. ipsec policy runs before post routing right?

by inserting the rules as indicated will all traffic go out on the internet with ipsec?

the policy with src-address=192.168.14.0/26 and dst-address=194.168.14.0/26 must also be declared in the opposite peer obviously, right?
by abbio90
Mon May 13, 2024 1:22 am
Forum: The User Manager
Topic: Custom skins, Selectable user from the dropdown
Replies: 4
Views: 1061

Re: Custom skins, Selectable user from the dropdown

you can create the index2.html page and load it into mikrotik with branding package. in this you modify the username field to your liking
by abbio90
Mon May 13, 2024 1:16 am
Forum: General
Topic: OpenVpn 2FA with User-Manager
Replies: 4
Views: 1664

Re: OpenVpn 2FA with User-Manager

You can use Google Authenticator directly. here is a video, it also works with ovpn

https://foisfabio.it/index.php/2024/04/ ... ik-otp-vpn
by abbio90
Sun May 12, 2024 10:05 am
Forum: General
Topic: ROS 7 script help needed
Replies: 1
Views: 484

Re: ROS 7 script help needed

copy it into system script and save. then type in the terminal: /system script edit namescript source where the text no longer has the usual mikrotik colors there is an error that needs to be adapted. another solution is to put a { before the script and a } after the script and paste it into the ter...
by abbio90
Sun May 12, 2024 10:01 am
Forum: General
Topic: OpenVPN Push Routes
Replies: 1
Views: 1624

Re: OpenVPN Push Routes

thanks for your opinions. even in the latest versions of ovpn when you specify the route it no longer accepts the gateway but the route is specified like this:
route 192.168.20.0 255.255.255.0
by abbio90
Sun May 12, 2024 9:59 am
Forum: General
Topic: Firewall site
Replies: 3
Views: 456

Re: Firewall site

layer7 was once used, but now with https it seems its use is not reliable. try putting the site in the address list and from the firewall do a forward that only accepts the traffic destined for that address list and a drop on everything else
by abbio90
Sun May 12, 2024 9:57 am
Forum: General
Topic: CHR at Hetzner, tunnel floating IP via Wireguard back home
Replies: 3
Views: 625

Re: CHR at Hetzner, tunnel floating IP via Wireguard back home

yes, if you post both configurations it's better. maybe remove everything that doesn't interest you. leaves only internet access and the wireguard tunnel. and possibly the LAN on which you want to open the door
by abbio90
Fri May 10, 2024 9:49 am
Forum: General
Topic: CHR at Hetzner, tunnel floating IP via Wireguard back home
Replies: 3
Views: 625

Re: CHR at Hetzner, tunnel floating IP via Wireguard back home

you must set allowed address 0.0.0.0/0 in both WG Endpoints. You have to rotate the address, if you use /32 that way it's normal for it to do so. example in the chr set the wireguard IP address like this: /ip address add address=10.30.50.1 network=1.1.1.1 interface=wireguard in your home router set ...
by abbio90
Fri May 10, 2024 9:39 am
Forum: General
Topic: Access VPN from LAN
Replies: 2
Views: 320

Re: Access VPN from LAN

in Nat have you added the accept rule on the forward chain of traffic coming from your subnet destined for the remote subnet?
by abbio90
Fri May 10, 2024 9:36 am
Forum: General
Topic: Slow FTP upload speed via GRE Tunnel
Replies: 16
Views: 1448

Re: Slow FTP upload speed via GRE Tunnel

gre by default has 1476 MTU. you may need to scale if you have vlans in the transports connecting you to the internet and also if you have pppoe encapsulation. a VLAN involves decreasing MTU by 4bytes and pppoe by 8bytes. So if they deliver you internet with pppoe on VLAN you should set 1488 on the ...
by abbio90
Thu May 09, 2024 11:33 pm
Forum: General
Topic: Slow FTP upload speed via GRE Tunnel
Replies: 16
Views: 1448

Re: Slow FTP upload speed via GRE Tunnel

I was wondering why with fast-track active ipsec becomes almost unusable. then disable it and restart the routerboard.
by abbio90
Thu May 09, 2024 8:03 am
Forum: General
Topic: Slow FTP upload speed via GRE Tunnel
Replies: 16
Views: 1448

Re: Slow FTP upload speed via GRE Tunnel

do you have fast-track enabled?
by abbio90
Wed May 08, 2024 9:31 pm
Forum: General
Topic: Routing Table 2 ISP [SOLVED]
Replies: 1
Views: 3944

Re: Routing Table 2 ISP [SOLVED]

SOLVED
by abbio90
Wed May 08, 2024 8:08 pm
Forum: General
Topic: Routing Table 2 ISP [SOLVED]
Replies: 1
Views: 3944

Routing Table 2 ISP [SOLVED]

Hi everyone, I have a Mikrotik Router with two ISPs working in the main Routing Table. Inside the LAN I have a second routing table that sends out the X server with IP 192.168.10.2 with a remote Wireguard tunnel. So basically the scenario is this: /interface wireguard add listen-port=13231 name=wire...
by abbio90
Wed May 08, 2024 11:56 am
Forum: The User Manager
Topic: Feature Request: Admin Web Interface for the User Manager
Replies: 7
Views: 5354

Re: Feature Request: Admin Web Interface for the User Manager

then it is absurd that the "Design Skin" item is active if the user has Policy permissions. in some cases this is unacceptable. the skin design should be toggleable regardless
by abbio90
Wed May 08, 2024 11:26 am
Forum: The User Manager
Topic: Payments usermanager
Replies: 0
Views: 947

Payments usermanager

which payment method should be used today for mikrotik hotspot with Ros7 usermanager...? There is little documentation around and most of the related posts in the forum are very old
by abbio90
Wed May 08, 2024 10:31 am
Forum: The User Manager
Topic: User manager7 signup
Replies: 3
Views: 5055

Re: User manager7 signup

Possibile condividere la pagina?
by abbio90
Wed May 08, 2024 10:29 am
Forum: The User Manager
Topic: User Manager V7.8 custom error messages
Replies: 4
Views: 5766

Re: User Manager V7.8 custom error messages

I found that is related to the file WISPAccessGatewayParam.xsd
Were you able to customize the errors from this file?

however you can also add the flogin.html file which will open when login fails
by abbio90
Wed May 08, 2024 9:52 am
Forum: The User Manager
Topic: Hotspot with PayPal problems
Replies: 1
Views: 1730

Re: Hotspot with PayPal problems

I can't use PayPal on usermanager, but I created a hotspot system with self-registration and sending credentials via email. If you could help me set up PayPal then I'll see if I can help you solve the problem.
by abbio90
Wed May 08, 2024 9:48 am
Forum: The User Manager
Topic: OpenVpn+Radius+UserManager+Authenticator User Friendly
Replies: 3
Views: 1361

Re: OpenVpn+Radius+UserManager+Authenticator User Friendly

do you use otp option in VPN client? I use usermanager with Google auth but I enter the code in the password field
by abbio90
Mon May 06, 2024 11:44 pm
Forum: General
Topic: Routing table mixed
Replies: 2
Views: 350

Re: Routing table mixed

I'm pretty clear on how routing tables work. if I want the traffic coming from the server to go out with ISP1 and what comes from outside use isp2 I would do this. /routing table add name=to_ISP1 fib=yes add name=to_ISP2 fib=yes /ip firewall mangle add chain=prerouting src-address=192.168.10.40 acti...
by abbio90
Mon May 06, 2024 9:49 pm
Forum: General
Topic: Routing table mixed
Replies: 2
Views: 350

Routing table mixed

Hi everyone, I have a Mikrotik with two public IPs. I have a server that I expose on wan1. I would like it to be accessible from outside the network from both wan1 and Wan 2 but use Wan2 to navigate. how can I do?
by abbio90
Sat May 04, 2024 12:49 am
Forum: General
Topic: IPsec tunnel between rb and chr. Ok ping no web interface
Replies: 3
Views: 457

Re: IPsec tunnel between rb and chr. Ok ping no web interface

If you have fast track enabled, disable it. also ping with MTU at 1500 and see if they pass. if they don't pass, decrease and write at what size they pass
by abbio90
Sat May 04, 2024 12:13 am
Forum: General
Topic: Route LAN clients to (Open)VPN established on Mikrotik
Replies: 2
Views: 634

Re: Route LAN clients to (Open)VPN established on Mikrotik

does Mikrotik act as a VPN client? Do the PCs on the LAN currently access the internet via OVPN? in ovpn-client have you set the flag on "add default route"?
by abbio90
Sat May 04, 2024 12:09 am
Forum: General
Topic: Problem with ipsec tunnel to Cisco ASA
Replies: 3
Views: 618

Re: Problem with ipsec tunnel to Cisco ASA

I follow with interest
by abbio90
Sat May 04, 2024 12:08 am
Forum: General
Topic: User and pass
Replies: 7
Views: 787

Re: User and pass

no, absolutely no. Passwords are encrypted in MD5. if you have an old version you could exploit the backdoors to trace the passwords or you could downgrade to 6.42

viewtopic.php?t=133533
by abbio90
Fri May 03, 2024 11:58 pm
Forum: General
Topic: IPsec tunnel between rb and chr. Ok ping no web interface
Replies: 3
Views: 457

Re: IPsec tunnel between rb and chr. Ok ping no web interface

in the configuration I don't see the www service in ip service but only the www-ssl one. when you connect are you specifying the protocol https://ipaddress:63443?
by abbio90
Thu May 02, 2024 10:40 pm
Forum: General
Topic: /user group policy and :global variables
Replies: 3
Views: 454

Re: /user group policy and :global variables

Thank you for your answer. the scenario is this. the router is supplied ready to use but by offering a linked service, there is some sensitive data that the user must not be able to access. the router comes configured as working and the variables are automatically populated. but the user can set val...
by abbio90
Thu May 02, 2024 9:46 pm
Forum: General
Topic: /user group policy and :global variables
Replies: 3
Views: 454

Re: /user group policy and :global variables

I assume that when you declare the global variable l.user must also be set. if I go to system environment with admin user I see the global variables but the user field is blank
by abbio90
Thu May 02, 2024 9:06 pm
Forum: General
Topic: /user group policy and :global variables
Replies: 3
Views: 454

/user group policy and :global variables

Good morning everyone. I need to create a user with /user group policy=yes but this allows the user to draw the webskin from webfig. I wish this wasn't possible. how can I do? the need to flag policy is needed because the limited user must be able to access the global variables. this doesn't happen....
by abbio90
Sat Apr 27, 2024 10:10 am
Forum: RouterBOARD hardware
Topic: hAP ax Lite USB power
Replies: 10
Views: 3880

Re: hAP ax Lite USB power

Can you connect a USB dongle with a special cable like you do with MAPs?
by abbio90
Thu Apr 25, 2024 8:35 pm
Forum: Scripting
Topic: script log mail usb [SOLVED] [SOLVED]
Replies: 0
Views: 4270

script log mail usb [SOLVED] [SOLVED]

Hi, I'm creating this script runs monthly. If it finds the USB stick, save the file in the correct path. if the USB stick is not present, the $usbState status does not appear, therefore no errors appear but the path does not change and the email does not proceed. dove am I wrong? #------------------...
by abbio90
Thu Apr 25, 2024 6:28 pm
Forum: Scripting
Topic: check if file exists?
Replies: 15
Views: 14453

Re: check if file exists?

:if ($LastRun = $date) do={ /file :foreach item in=[find where name~"usb" and type=disk] do={ :local usbName [get $item name] :local usbState :if ([:len $usbName] > 0) do={ :set usbState "true" } else={ :set usbState "false" :put $usbState } } }
by abbio90
Thu Apr 25, 2024 5:53 pm
Forum: Scripting
Topic: check if file exists?
Replies: 15
Views: 14453

Re: check if file exists?

How can I search for a USB in the file menu and extract the path name?
by abbio90
Tue Apr 23, 2024 9:53 am
Forum: Scripting
Topic: Telegram inline keyboard
Replies: 3
Views: 981

Re: Telegram inline keyboard

interesting, does this script run on a Linux machine? or where exactly it should be installed
by abbio90
Tue Apr 23, 2024 8:36 am
Forum: Scripting
Topic: Telegram inline keyboard
Replies: 3
Views: 981

Telegram inline keyboard

good morning, does anyone know if it is possible to insert an inline keyboard into a telegram message sent with fetch that can launch a script by clicking on it? I'll try to explain myself better. I have a microtik that sends telegram notifications. After receiving messages, I would like to be able ...
by abbio90
Sun Apr 21, 2024 10:43 am
Forum: General
Topic: UTF-8 representation problem?
Replies: 8
Views: 1072

Re: UTF-8 representation problem?

I'm no expert on this, but here is a script that does a conversion UTF-8. try to see if modifying it can work for you
https://foisfabio.it/index.php/2023/06/ ... -telegram/
by abbio90
Sun Apr 21, 2024 10:37 am
Forum: General
Topic: WebFig Skins no longer working
Replies: 4
Views: 1248

Re: WebFig Skins no longer working

what hardware do you use? I used a routerboard with 7.14.2 just yesterday and the skin folder was present. In any case I would do as advised. log in from webfig and draw a skin and see where it is saved
by abbio90
Sun Apr 21, 2024 10:34 am
Forum: General
Topic: IKEv2 VPN with DNS in another internal VLAN
Replies: 13
Views: 1995

Re: IKEv2 VPN with DNS in another internal VLAN

set the correct DNS l.ip of vlan200 in the ike conf and create a rule where the traffic coming from ike is destined for the DNS server therefore protocol udp dst-port 53 action masquerade
by abbio90
Sun Apr 21, 2024 10:28 am
Forum: General
Topic: Hotspot ROS7 CHECKBOX [SOLVED]
Replies: 4
Views: 888

Re: Hotspot ROS7 CHECKBOX [SOLVED]

I'm sorry, but since there is no documentation on the matter and given the time dedicated to obtaining a similar result, it doesn't even seem correct to me to make a free guide where it is explained how to do it step by step. Mikrotik should do it. I try to create various guides as you can see by br...
by abbio90
Sun Apr 21, 2024 10:25 am
Forum: General
Topic: hotspot and radius user authentication and session management
Replies: 3
Views: 1139

Re: hotspot and radius user authentication and session management

I look forward to your feedback. I finally managed to disassemble the HTML files and do the self registrations with a script. If you want to take a look I posted a video of the result here:

https://foisfabio.it/index.php/2024/04/ ... ik-hotspot
by abbio90
Sun Apr 21, 2024 10:20 am
Forum: General
Topic: scripts to keep LTE stick up and running
Replies: 63
Views: 4416

Re: scripts to keep LTE stick up and running

if it can be useful. I made this for routers with LTE modems. but it could also work with a key. should be tried


https://foisfabio.it/index.php/2024/03/ ... check-lte/
by abbio90
Sat Apr 20, 2024 12:50 pm
Forum: General
Topic: Hotspot ROS7 CHECKBOX [SOLVED]
Replies: 4
Views: 888

Re: Hotspot ROS7 CHECKBOX [SOLVED]

I solved it, if anyone wanted to see the result I posted an article about it on my site
https://foisfabio.it/index.php/2024/04/ ... k-hotspot/
by abbio90
Mon Apr 15, 2024 11:35 am
Forum: General
Topic: 1:1 NAT configuration
Replies: 28
Views: 2116

Re: 1:1 NAT configuration

go to ip firewall filter in router 2 and try disabling the drop rules one by one. Every time you disable clean the connection tracking from /ip firewall connection and see if it is a Firewall problem, I see that you have the default configuration, so the drop !LAN rule will surely give you trouble
by abbio90
Mon Apr 15, 2024 10:19 am
Forum: General
Topic: 1:1 NAT configuration
Replies: 28
Views: 2116

Re: 1:1 NAT configuration

if 192.168.88.254 is a PC disable the firewall or antivirus for testing.
in addition to icmp try to reach some service of 192.168.88.254 by calling it from 10.10.30.2
by abbio90
Mon Apr 15, 2024 9:13 am
Forum: General
Topic: hotspot and radius user authentication and session management
Replies: 3
Views: 1139

Re: hotspot and radius user authentication and session management

I don't know mangoapp, but I tried to get my hands on a mikrotik hotspot by dismantling the various HTML files and trying to understand how they work. Meanwhile, if there is any site/address that you need to reach before logging in, you must enter it in /ip Hotspot wallet-garden. Also I assume that ...
by abbio90
Mon Apr 15, 2024 9:05 am
Forum: General
Topic: Mikrotik App over OpenVPN
Replies: 2
Views: 431

Re: Mikrotik App over OpenVPN

try pinging by flagging do-not-frament=yes, it could be that there are packet losses due to an incorrect MTU setting. possibly decrease the size until the packets pass without fragmentation. when you find the value set it as the MTU of the ovpn server. Before this I would also make sure that the MTU...
by abbio90
Mon Apr 15, 2024 8:31 am
Forum: General
Topic: 1:1 NAT configuration
Replies: 28
Views: 2116

Re: 1:1 NAT configuration

Netmap is used in overlapping cases by remapping 1:1 duplicated subnets onto virtual subnets. you can find an article of mine here where a small example is shown. https://foisfabio.it/index.php/2023/04/22/mikrotik-netmap-ipsec/ If you have to map 1:1 of the PC 192.168.88.254 assuming that 10.10.30.1...
by abbio90
Fri Apr 12, 2024 1:16 pm
Forum: Scripting
Topic: Script SMS forward sms
Replies: 7
Views: 2323

Script SMS forward sms

Does anyone have a script that reads SMS and forwards them via SMS?
by abbio90
Fri Apr 12, 2024 1:15 pm
Forum: Scripting
Topic: script for Address List
Replies: 4
Views: 1147

Re: script for Address List

or you could try with the API
by abbio90
Fri Apr 12, 2024 1:14 pm
Forum: Scripting
Topic: script for Address List
Replies: 4
Views: 1147

Re: script for Address List

you can use ssh exec to write to other routerboards but you should create special credentials with private keys
by abbio90
Fri Apr 12, 2024 1:11 pm
Forum: Scripting
Topic: Netwatch down script can't email
Replies: 4
Views: 1328

Re: Netwatch down script can't email

if there is no internet the email cannot be sent. The solution would be a backup connection
by abbio90
Fri Apr 12, 2024 12:33 pm
Forum: Scripting
Topic: foreach log message
Replies: 1
Views: 932

foreach log message

Good morning, I would like to capture this log message in a variable: a.png I set the script like this, but the message doesn't appear when I do the :put and I don't have an output. where am I wrong? { :local logMessage "" :local logIp "" :local cont1 0 :local cont2 0 /log :forea...
by abbio90
Fri Apr 12, 2024 12:32 am
Forum: General
Topic: Hotspot ROS7 CHECKBOX [SOLVED]
Replies: 4
Views: 888

Hotspot ROS7 CHECKBOX [SOLVED]

good evening, has anyone managed to add a checkbox in the HTML page of the mikrotik hotspot? It works for me in simulation on codepen.io but not when uploading it to mikrotik.
https://codepen.io/abbio90/pen/OJGEgyZ
Screenshot_2024-04-11-23-32-08-452_com.google.android.captiveportallogin.jpg
by abbio90
Thu Apr 11, 2024 10:31 am
Forum: General
Topic: L2TP VPN Site To Site local subnet not reaching remote subnet [SOLVED]
Replies: 2
Views: 642

Re: L2TP VPN Site To Site local subnet not reaching remote subnet [SOLVED]

If I understand correctly, on the server side you are missing the return route with dst address 10.10.0.0/24 gateway "host remote VPN". This must be static so in the ppp secret you must specify the address in the "remote address" field
by abbio90
Thu Apr 11, 2024 10:22 am
Forum: General
Topic: does the mynetname expires after a while?
Replies: 5
Views: 1113

Re: does the mynetname expires after a while?

theoretically if you have only one static public IP, even if you remove the router and replace it you can continue to point to the old DDNS always resolving the same address. The problem will arise when you change the public IP. Another solution could be to leave the old rb active and make a cname a...
by abbio90
Thu Apr 11, 2024 10:14 am
Forum: General
Topic: Image body email
Replies: 2
Views: 468

Re: Image body email

Thank you for your answer. As suggested I interface with help.mikrotik.com
by abbio90
Wed Apr 10, 2024 10:47 pm
Forum: General
Topic: Image body email
Replies: 2
Views: 468

Image body email

Hello, Is it possible with Mikrotik to insert an image in the text of the email instead of as an attachment?
by abbio90
Wed Apr 10, 2024 10:44 pm
Forum: Scripting
Topic: Script add user from LOG
Replies: 3
Views: 1152

Re: Script add user from LOG

I already use solutions with syslog and external Radius, but on this occasion I wanted to exploit the potential of Mikrotik to understand how far you can get without opting for an external Radius. I redid the login and registration page. the registration one generates a failed login. for this I need...
by abbio90
Wed Apr 10, 2024 10:06 pm
Forum: Scripting
Topic: Script add user from LOG
Replies: 3
Views: 1152

Re: Script add user from LOG

I need to save the variables to create and activate a script to check if the user exists and if so the password is remembered, if not the password is created and sent.
by abbio90
Wed Apr 10, 2024 7:55 pm
Forum: Scripting
Topic: Script add user from LOG
Replies: 3
Views: 1152

Script add user from LOG

Good morning, I need to read the message from the logs: ffois@gmail.com (10.5.50.254): login failed: RADIUS server is not responding and insert the email address into a local variable. Considering that there could also be 2/3 similar messages with different email addresses every 30 seconds. Example ...
by abbio90
Wed Apr 10, 2024 4:31 pm
Forum: General
Topic: Trouble connecting Android phone to MikroTik IKEv2 VPN server: Need assistance with log analysis
Replies: 4
Views: 1290

Re: Trouble connecting Android phone to MikroTik IKEv2 VPN server: Need assistance with log analysis

I use it on a company phone on which the apps are installed centrally by the headquarters. IKEv2 being managed in a proprietary manner by Android I can use it
by abbio90
Wed Apr 10, 2024 7:08 am
Forum: General
Topic: what options for 2 factor authentication for VPN access [SOLVED]
Replies: 21
Views: 16109

Re: what options for 2 factor authentication for VPN access [SOLVED]

I confirm, usermanager works with Google Authenticator. tested and working perfectly.
https://foisfabio.it/index.php/2024/04/ ... ik-otp-vpn
by abbio90
Tue Apr 09, 2024 11:40 pm
Forum: General
Topic: Self Sign-UP Hotspot
Replies: 2
Views: 982

Re: Self Sign-UP Hotspot

Resolved
by abbio90
Tue Apr 09, 2024 9:12 pm
Forum: General
Topic: Self Sign-UP Hotspot
Replies: 2
Views: 982

Self Sign-UP Hotspot

Hi everyone, I created a self-registration page at the mikrotik hotspot. The page displays correctly but submitting doesn't work. The purpose is to send the username without password and from the failed login via script to perform self-registration. If I only enter the username and click on submit f...
by abbio90
Mon Apr 08, 2024 5:47 pm
Forum: General
Topic: Signup page - Use Email Address as Username
Replies: 3
Views: 3555

Re: Signup page - Use Email Address as Username

Hi, were you able to self-login with email?
by abbio90
Mon Apr 08, 2024 10:04 am
Forum: General
Topic: Web interface login form missing
Replies: 2
Views: 542

Re: Web interface login form missing

check in /ip service if the http service is enabled and if the port is port 80. Furthermore, if you have firewall rules with action drop, if so, temporarily disable one rule at a time to check if they are connected to what is found.
by abbio90
Mon Apr 08, 2024 9:51 am
Forum: General
Topic: Usermanager signup
Replies: 0
Views: 327

Usermanager signup

good morning, can anyone tell me how to enable the page http://ipaddress/user/signup? if I connect I get a 404 error. Furthermore, I can't even access http://ipaddress/um/PRIVATE despite having set the credentials in the appropriate section
by abbio90
Mon Apr 08, 2024 9:49 am
Forum: General
Topic: Usermanager Paypal
Replies: 0
Views: 346

Usermanager Paypal

good morning, has anyone managed to make usermanager work with PayPal?
by abbio90
Sun Apr 07, 2024 9:29 pm
Forum: General
Topic: Variable HOTSPOT login.html
Replies: 0
Views: 402

Variable HOTSPOT login.html

Good evening, could anyone provide me with a complete list of mikrotik ROS 7 hotspot variables that can be used within the login.html file? I created a new writing field in login.html and I would like to combine it with a variable other than username and password. This field will be used for the reg...
by abbio90
Wed Apr 03, 2024 9:06 pm
Forum: General
Topic: VPN 2FA
Replies: 3
Views: 1402

Re: VPN 2FA

Good morning everyone, I managed to correctly integrate l2tp+ipsec with google authenticator using user-manager. Does anyone know if it's possible to get the otp with a fetch command using the google API? It would be great to have Google Authenticator interact with Mikrotik scripts
by abbio90
Tue Mar 26, 2024 9:05 am
Forum: General
Topic: VPN 2FA
Replies: 3
Views: 1402

VPN 2FA

good morning, I wanted to implement a VPN with 2FA. I don't know which Radius to use. Has anyone had any experience and can advise me on anything?
by abbio90
Sun Jan 28, 2024 11:25 am
Forum: Scripting
Topic: WordPress API Mikrotik
Replies: 8
Views: 2322

Re: WordPress API Mikrotik

I understand that the Wordpress CMS is not used for sites of a certain size. In any case, mine is a blog and for now I'm happy with it. If the site takes off, I will consider changing CMS. Let's go back to the TOPIC. I managed to read all the functions of the mikrotik with PHP and curl scripts. now ...
by abbio90
Sat Jan 27, 2024 3:18 pm
Forum: Scripting
Topic: WordPress API Mikrotik
Replies: 8
Views: 2322

Re: WordPress API Mikrotik

Wordpress has plugins that allow to connect to other site REST API: https://wordpress.org/plugins/wpgetapi/ I managed to use the indicated widget, however I find that the command http://ip/rest/ip/address?interface=ether1 does not work as the plugin adds an & after the link, returning an empty ...
by abbio90
Mon Jan 22, 2024 10:14 am
Forum: Scripting
Topic: WordPress API Mikrotik
Replies: 8
Views: 2322

Re: WordPress API Mikrotik

Normis, from what you write it seems like you don't really like Wordpress
by abbio90
Mon Jan 22, 2024 10:13 am
Forum: Scripting
Topic: WordPress API Mikrotik
Replies: 8
Views: 2322

Re: WordPress API Mikrotik

the site is already currently active on CMS WordPress. I would like every user to be able to see their routers online from the site and see some statistics.
by abbio90
Mon Jan 22, 2024 9:57 am
Forum: Scripting
Topic: WordPress API Mikrotik
Replies: 8
Views: 2322

WordPress API Mikrotik

good morning everyone, I would like to integrate some variables taken from the various Mikrotik routers into a Word Press site accessible only with login. Reading other discussions in the forum it seems that it is necessary to start an API client. What would? can I find it in the WordPress plugins? ...
by abbio90
Sun Jan 14, 2024 5:40 pm
Forum: General
Topic: HELP ME! QUEUE TREE
Replies: 2
Views: 801

Re: HELP ME! QUEUE TREE

I apologize, here is the complete configuration /interface bridge add name=bridge-trunk vlan-filtering=yes /interface ethernet set [ find default-name=ether1 ] comment="ISP1 - TIM FWA" set [ find default-name=ether2 ] comment="ISP2 - SKY DSL" set [ find default-name=ether3 ] comm...
by abbio90
Sun Jan 14, 2024 2:05 am
Forum: General
Topic: Hotspot Question
Replies: 1
Views: 454

Re: Hotspot Question

I'm also interested in this solution, look here:

viewtopic.php?t=198996#p1021608
by abbio90
Sun Jan 14, 2024 2:00 am
Forum: General
Topic: IP and route configuration for /28
Replies: 12
Views: 1672

Re: IP and route configuration for /28

from the Mikrotik router you can rotate the other IPs towards the servers, take a look at this discussion
viewtopic.php?t=182057
by abbio90
Sun Jan 14, 2024 1:55 am
Forum: General
Topic: CAPsMAN and VLANs [SOLVED]
Replies: 12
Views: 1894

Re: CAPsMAN and VLANs [SOLVED]

yes I am referring to this. Clients connecting to capsman's WiFi do not necessarily need to know the VLAN ID behind it. Anyone who connects to WiFi may not even understand anything about networks. So I would say it would be correct to use the wireless interface in access (untagged) and specify the p...
by abbio90
Sat Jan 13, 2024 7:32 pm
Forum: General
Topic: HELP ME! QUEUE TREE
Replies: 2
Views: 801

HELP ME! QUEUE TREE

Good evening, I'm installing queues to give priority to traffic. the guest mark doesn't work. Where do you think I'm going wrong? /ip firewall mangle add action=mark-routing chain=prerouting comment=mark-routing-LAN1--->LAN2 dst-address-list=!all-LAN new-routing-mark=vlan10/30/99-table passthrough=y...
by abbio90
Sat Jan 13, 2024 3:06 pm
Forum: General
Topic: IPv6 configuration /64
Replies: 26
Views: 4721

Re: IPv6 configuration /64

here is the black screenshot of the client:
1705087940263.jpg
by abbio90
Sat Jan 13, 2024 3:04 pm
Forum: General
Topic: IPv6 configuration /64
Replies: 26
Views: 4721

Re: IPv6 configuration /64

As already said by the router I pin anything.
The problem is with the clients.
Here is what was requested
Screenshot 2024-01-13 alle 14.01.09.png
by abbio90
Fri Jan 12, 2024 9:52 pm
Forum: General
Topic: CAPsMAN and VLANs [SOLVED]
Replies: 12
Views: 1894

Re: CAPsMAN and VLANs [SOLVED]

On hAP ax2 with version 7.13 I found that using capsman and vlan, the capsman master interfaces must be set tagged. By setting them without tags, DHCP does not pass.

Also, I noticed and also which slave if created dynamically the same way
by abbio90
Fri Jan 12, 2024 9:32 pm
Forum: General
Topic: IPv6 configuration /64
Replies: 26
Views: 4721

Re: IPv6 configuration /64

I changed my configuration and now the CHR navigates perfectly. the problem remains that the clients acquire public IPv6 but do not reach the various sites in IPv6. The various client packets arrive in the firewall connection table. If I do a traceroute from the clients I reach the gateway IP of the...
by abbio90
Fri Jan 12, 2024 9:03 pm
Forum: General
Topic: Accessing Public IP of a Client behind a VPN
Replies: 1
Views: 501

Re: Accessing Public IP of a Client behind a VPN

If the IP 139.180.x.x is actually announced upstream of the l2tp+ipsec server, it is certainly possible. they are probably rotating it with IP PTP of the L2TP itself
by abbio90
Wed Jan 10, 2024 8:58 am
Forum: General
Topic: IPv6 configuration /64
Replies: 26
Views: 4721

Re: IPv6 configuration /64

good morning, today they are assigning me another subnet in order to avoid the overlap encountered. Question, but can I divide the /64 that I have as a pool to advertise towards the LAN into two /96 pools, one towards the LAN bridge and one towards an ether other than the bridge?
by abbio90
Tue Jan 09, 2024 10:16 pm
Forum: General
Topic: IPv6 configuration /64
Replies: 26
Views: 4721

Re: IPv6 configuration /64

Screenshot_2024-01-09-21-52-13-435_com.alphainventor.filemanager.jpg
Error
by abbio90
Tue Jan 09, 2024 7:10 pm
Forum: General
Topic: IPv6 configuration /64
Replies: 26
Views: 4721

Re: IPv6 configuration /64

as already mentioned the address assigned by the provider is
2a0d:b287:ec00:52b4::1
The gateway Is
2a0d:b287:ec00::
The pool Is
2a0d:b287:ec00::52b4::/64
by abbio90
Tue Jan 09, 2024 12:02 pm
Forum: General
Topic: IPv6 configuration /64
Replies: 26
Views: 4721

Re: IPv6 configuration /64

just curious, does "/ipv6/neighbor/print" show anything reachable?
I'll try it in the afternoon and tell you
by abbio90
Tue Jan 09, 2024 12:01 pm
Forum: General
Topic: IPv6 configuration /64
Replies: 26
Views: 4721

Re: IPv6 configuration /64

Where do you get this /48 prefix from? You were given a network with the /64 prefix. And to which interface are you trying to assign an address? Here is an example of the settings, how it was done for me where the range of addresses was given to me manually. WAN address and gateway /ipv6 address ad...
by abbio90
Mon Jan 08, 2024 10:29 pm
Forum: General
Topic: IPv6 configuration /64
Replies: 26
Views: 4721

Re: IPv6 configuration /64

whoever provides me with the connection advertises
2a0d:b287:ec00:52b4::/64
the gateway is
2a0d:b287:ec00::
I configured the router in this way.
/ipv6 address 
add address=2a0d:b287:ec00:52b4::1/48
/ipv6 route add dst-address=::/0 gateway=2a0d:b287:ec00::
is this incorrect?
by abbio90
Mon Jan 08, 2024 9:28 pm
Forum: General
Topic: IPv6 configuration /64
Replies: 26
Views: 4721

Re: IPv6 configuration /64

My address ip is 2001:abcd:abcd:ec00:abcd::0001 . The gateway Is 2001:abcd:abcd:ec00 :: How should I configure the subnet Mask on my address to reach the gateway? If I set 2001:abcd:abcd:ec00:abcd::0001/64 I don't go out to the internet. if instead I enter 2001:abcd:abcd:ec00:abcd::0001/48 I go out ...
by abbio90
Mon Jan 08, 2024 12:25 am
Forum: General
Topic: IPv6 configuration /64
Replies: 26
Views: 4721

IPv6 configuration /64

Good evening everyone. I have a hosted CHR that advertises an IPv6 /64 subnet to me.
I statically assigned an IP of the subnet on ether1 in /48 to be able to reach the gateway.
The router navigates correctly in IPv6.

Now how do I dynamically expose the other IPs to the bridge interface?
by abbio90
Fri Jan 05, 2024 12:06 am
Forum: General
Topic: external hardisk on CHR - remote access
Replies: 2
Views: 1329

Re: external hardisk on CHR - remote access

Thanks.
by abbio90
Thu Jan 04, 2024 10:09 pm
Forum: Forwarding Protocols
Topic: OSPF MultiVPN ROS 7.13
Replies: 0
Views: 2084

OSPF MultiVPN ROS 7.13

Good morning everyone I have a scenario like below: ROUTER1 - CHR in hosting ROUTER2 - Head office ROUTER3 Location 2 ROUTER4 Seat 3 Then I have another 40 Routers which we call R1 guest, R2 guest and so on. The R1-CHR acts as a l2tp+ipsec, sstp and wireguard server. sstp and l2tp+ipsec are distribu...
by abbio90
Fri Dec 29, 2023 3:41 pm
Forum: General
Topic: external hardisk on CHR - remote access
Replies: 2
Views: 1329

external hardisk on CHR - remote access

Good morning, I have a CHR with RouterOS 7.12.1, I installed the ROSE package. Using Proxmox I exposed a SATA partition and formatted it in ext4. Now when I launch the file print command I see the sata1 disk as an external disk. If you want to give access to just the sata1 disk to an external compan...
by abbio90
Wed Oct 25, 2023 7:42 pm
Forum: General
Topic: HOTSPOT SELF REGISTRATION
Replies: 0
Views: 1618

HOTSPOT SELF REGISTRATION

Good evening, how can I modify the login.html page to include an email registration field?

It would be enough to have the email address of in the Mikrotik Router, then I will work via registration script.

Thanks if anyone can help me
by abbio90
Wed Oct 04, 2023 7:57 am
Forum: General
Topic: IPSEC MIKROTIK<--->HUAWEI
Replies: 0
Views: 1115

IPSEC MIKROTIK<--->HUAWEI

good morning, has anyone ever managed to establish an ipsec ike1 tunnel with pre shared key in tunnel mode between Huawei and mikrotik? I would be especially interested in the configuration of the Huawei
by abbio90
Fri Sep 15, 2023 9:52 pm
Forum: General
Topic: Branding WebFig ROS7 [SOLVED]
Replies: 4
Views: 1110

Re: Branding WebFig ROS7

Screenshot 2023-09-15 alle 17.21.00.png
by abbio90
Fri Sep 15, 2023 9:51 pm
Forum: General
Topic: Branding WebFig ROS7 [SOLVED]
Replies: 4
Views: 1110

Re: Branding WebFig ROS7

Please note that the HTML part is incorrect like this: #container { width: 70%%; margin: 10%% auto; A % goes away and a % remains. Furthermore, index.html exported from 7.11 and customized, works starting from 7.10 Something has probably been changed in the webfig of the new versions, as loading the...
by abbio90
Thu Sep 14, 2023 9:25 pm
Forum: General
Topic: Branding WebFig ROS7 [SOLVED]
Replies: 4
Views: 1110

Branding WebFig ROS7 [SOLVED]

Hi everyone, I modified the original index.html file by changing the logo, colors and some links. I renamed the new html file index2.html. If I open the html file from the browser it works perfectly. Once imported into the Router with a branding.npk package, the page loads but errors appear in the e...
by abbio90
Sun Aug 27, 2023 12:47 pm
Forum: General
Topic: CUSTOMIZE HOTSPOT PHONE NUMBER
Replies: 2
Views: 1308

Re: CUSTOMIZE HOTSPOT PHONE NUMBER

Screenshot_2023-08-27-10-47-55-897_com.google.android.captiveportallogin_copy_270x600.jpg
I'm sorry, is that better?
by abbio90
Sun Aug 27, 2023 12:13 pm
Forum: General
Topic: CUSTOMIZE HOTSPOT PHONE NUMBER
Replies: 2
Views: 1308

CUSTOMIZE HOTSPOT PHONE NUMBER

Hello, I tried to edit the hotspot htlm page although I don't understand anything about html. I got about the desired result in terms of graphics. 1693127217490.jpg the original file was this: https://pastebin.com/W5yWCwr9 the custom file is this: https://pastebin.com/75XR62XX I would like those who...
by abbio90
Sat Jun 03, 2023 12:40 pm
Forum: General
Topic: Ipsec no route, no party
Replies: 2
Views: 389

Re: Ipsec no route, no party

I made a more detailed post here: viewtopic.php?t=196787
by abbio90
Sat Jun 03, 2023 12:37 pm
Forum: General
Topic: IPSEC IKEv1 road warrior
Replies: 0
Views: 598

IPSEC IKEv1 road warrior

Good morning everyone. Yesterday I wrote a post in a hurry, and in fact I didn't receive any response because nothing was understood. I summarize the problem, i created IKEv1 server with preshared key under public IP. Clients will be under natted networks with 4G connection, so I can't use peer to p...
by abbio90
Thu Jun 01, 2023 11:42 pm
Forum: General
Topic: Ipsec no route, no party
Replies: 2
Views: 389

Re: Ipsec no route, no party

Client1 /ip firewall nat add chain=src-nat src-address=10.10.100.0/24 dst-address=192.168.120.0/24 action=accept add chain=srcnat dst-address=192.168.120.0/24 action=src-nat to address=192.168.12.2 Client2 /ip firewall nat add chain=src-nat src-address=192.168.120.0/24 dst-address=10.10.100.0/24 act...
by abbio90
Thu Jun 01, 2023 11:20 pm
Forum: General
Topic: Ipsec no route, no party
Replies: 2
Views: 389

Ipsec no route, no party

hi all... i have a Fortinet router acting as ipsec Road Warrior with ip 192.168.12.1. as client there are two mikrotik routers under narrated network receiving ip from server 192.168.12.2 and 192.158.12.5 from router 192.168.12.1 I ping both 192.168.12.2 and 192.168.12.5 from the router 192.168.12.2...
by abbio90
Tue May 30, 2023 10:50 pm
Forum: Containers
Topic: failure "Could not import"
Replies: 12
Views: 6820

Re: failure "Could not import"

maybe i should install this, although i didn't figure out where to download it from this site https://hub.docker.com/_/ubuntu
by abbio90
Tue May 30, 2023 10:45 pm
Forum: Containers
Topic: failure "Could not import"
Replies: 12
Views: 6820

Re: failure "Could not import"

Or this, dedicated to python.

https://hub.docker.com/_/python
this seems to run like docker on linux. how do i install it on mikrotik?
by abbio90
Tue May 30, 2023 10:08 pm
Forum: Containers
Topic: failure "Could not import"
Replies: 12
Views: 6820

Re: failure "Could not import"

If is a CHR, why do not install Ubuntu on the same real machine inside the virtualizator that already run the CHR???
because the CHR runs in a datacenter under a VPS, and I don't have access to the vortializer
by abbio90
Tue May 30, 2023 10:07 pm
Forum: Containers
Topic: failure "Could not import"
Replies: 12
Views: 6820

Re: failure "Could not import"

actually I just need a Linux CLI only without desktop, it has to run a pynthon3 script. you say the problem is the ubuntu version i chose?
by abbio90
Tue May 30, 2023 9:43 pm
Forum: Containers
Topic: failure "Could not import"
Replies: 12
Views: 6820

failure "Could not import"

Hi all, I wanted to install ubuntu in a mikrotik CHR. I followed the mikrotik help but something is wrong. I'll tell you what I did: Installed the Container package from terminal I enabled the package /system device-mode update container=yes after that i shut down the vM to complete the process. I w...
by abbio90
Tue May 30, 2023 7:40 pm
Forum: Scripting
Topic: Log Filter
Replies: 66
Views: 11595

Re: Log Filter

I tried the script and I adapted it to my needs, and I would say that it works very well.. even if some error alerts are annoying and not very sensible like the ipsec phase 1 which fails when the router fails over, it doesn't make sense. .how could I do to create a list of phrases that should not be...
by abbio90
Tue May 30, 2023 1:14 am
Forum: Scripting
Topic: any method to get external DNS ip of a local dns?
Replies: 3
Views: 1884

Re: any method to get external DNS ip of a local dns?

you can enable ip Cloud and fetch the public ip with a script from that field
by abbio90
Mon May 29, 2023 9:17 am
Forum: Scripting
Topic: How to add script to system scheduler
Replies: 2
Views: 1869

Re: How to add script to system scheduler

In the "On Event" window enter the name of the script respecting the syntax. Or type: /system script run scriptname
by abbio90
Mon May 29, 2023 9:03 am
Forum: General
Topic: Slow IPSEC Site-to-Site VPN, very slow on one direction
Replies: 1
Views: 444

Re: Slow IPSEC Site-to-Site VPN, very slow on one direction

if you have fasttrack active disable it or exclude ipsec from fastrack
by abbio90
Mon May 29, 2023 9:01 am
Forum: General
Topic: IkeV2 VPN server setup for Android 13
Replies: 5
Views: 6353

Re: IkeV2 VPN server setup for Android 13

good morning, I made a guide that works on some phones but not on all. it works for me on samsung but not on xiaomi


https://foisfabio.it/index.php/2023/03/ ... tik-ikev2/
by abbio90
Mon May 29, 2023 8:57 am
Forum: Scripting
Topic: Log Filter
Replies: 66
Views: 11595

Re: Log Filter

sorry guys but i've been busy. I'll try as soon as I have time. but this script left in chat last, send any event log?
by abbio90
Sat May 27, 2023 12:47 am
Forum: General
Topic: Which the best IP 10.0.0.1 or 192.168.20.1 for local network?!
Replies: 10
Views: 2561

Re: Which the best IP 10.0.0.1 or 192.168.20.1 for local network?!

RFC 1918 indicates that the classes intended for private use are 192.168.0.0/16, 172.16.0.0/12 10.0.0.0/8. This means that if you want a /24 network you can use any of these.. eg. you could also use a 10.100.50.0/24 class
by abbio90
Sat May 27, 2023 12:29 am
Forum: General
Topic: Hotspot custom ROS7 [SOLVED]
Replies: 2
Views: 549

Re: Hotspot custom ROS7 [SOLVED]

I thought of modifying the HTML file somehow, and reloading it on the modified mikrotik. but how do I create variables connected to the HTML page to be called from system script
by abbio90
Fri May 26, 2023 1:14 am
Forum: Scripting
Topic: Log Filter
Replies: 66
Views: 11595

Re: Log Filter

Are you saying it could be a time zone related system? What if you try to insert a row where at 00:00 and 02:00 set the keepOutput variable to false?
by abbio90
Thu May 25, 2023 5:39 pm
Forum: Scripting
Topic: Log Filter
Replies: 66
Views: 11595

Re: Log Filter

yes, I uncommented it and save to a global variable, but the result is the same. In your opinion, changing the rules of the date and updated to 7.10 with the new ISO format of the date, could it be solved?
by abbio90
Wed May 24, 2023 4:04 pm
Forum: Scripting
Topic: Log Filter
Replies: 66
Views: 11595

Re: Log Filter

could this be solved by uncommenting it and using the global variable?
by abbio90
Wed May 24, 2023 4:03 pm
Forum: Scripting
Topic: Log Filter
Replies: 66
Views: 11595

Re: Log Filter

ipsec script was copied from this one i found on github. so by copying I also copied the errors. I'll try to change this. more than anything I don't understand how to solve the continuous sending of messages at 00:00 and 02:00
by abbio90
Wed May 24, 2023 11:18 am
Forum: Scripting
Topic: Script state ph2 peer ipsec
Replies: 13
Views: 2601

Re: Script state ph2 peer ipsec

ah, it's simpler than expected .. I had put the brackets that are not even needed. thanks for your explanations
by abbio90
Wed May 24, 2023 8:27 am
Forum: General
Topic: Hotspot custom ROS7 [SOLVED]
Replies: 2
Views: 549

Hotspot custom ROS7 [SOLVED]

Good morning everyone. I'm asking a question that I've never been able to get an answer to. with routerOS 7, if I use the hotspot package with user manager everything works .. but I would like to modify the HTML page so that instead of entering the login data, the customer can register an email addr...
by abbio90
Wed May 24, 2023 1:20 am
Forum: Scripting
Topic: Script state ph2 peer ipsec
Replies: 13
Views: 2601

Re: Script state ph2 peer ipsec

:if ($CurrentStatusEdok != $LastStatusEdok) do={
:set keepOutput true
:set output ($LastStatusEdok)
/log warning "STATO PEER EDOK=$CurrentStatusEdok"
}


where am i wrong here? how do i set the parameter to the global variable?
by abbio90
Wed May 24, 2023 1:17 am
Forum: Scripting
Topic: Script state ph2 peer ipsec
Replies: 13
Views: 2601

Re: Script state ph2 peer ipsec

How do I save the value on the global variable? I tried but I lost myself { :global LastStatusEdok :local CurrentStatusEdok [/ip ipsec policy get [find comment="Peer-Edok"] value-name=ph2-state] :put $LastStatusEdok :put $CurrentStatusEdok :local keepOutput false :local output :if ([:len $...
by abbio90
Wed May 24, 2023 1:13 am
Forum: Scripting
Topic: Log Filter
Replies: 66
Views: 11595

Log Filter

Good evening everyone, I took this script from Github and I adapted it to my needs. It works perfectly, but every day at 00:00 and 02:00, I get the latest notification of the day. For example, if the latest notification is sent to me at 20:32, every day at 00:00 and at 02:00 it is sent to me again, ...
by abbio90
Tue May 23, 2023 8:17 am
Forum: Scripting
Topic: Script state ph2 peer ipsec
Replies: 13
Views: 2601

Re: Script state ph2 peer ipsec

thanks for your patience. but isn't the global variable meant to appear in the system script environment so that it can be used by other scripts? is this the only difference from the local variable or else are there other features that I didn't get to appreciate. the fact of using the comment as a s...
by abbio90
Tue May 23, 2023 12:10 am
Forum: Scripting
Topic: Script state ph2 peer ipsec
Replies: 13
Views: 2601

Re: Script state ph2 peer ipsec

the script runs every 20 seconds and not every 20 minutes
  • 1
  • 2