Community discussions

MikroTik App

Search found 440 matches

  • 1
  • 2
by abbio90
Thu Nov 28, 2024 10:59 pm
Forum: General
Topic: LTE Interface Problems in OS 7.16.1
Replies: 3
Views: 308

Re: LTE Interface Problems in OS 7.16.1

I recently updated about forty of them and some were difficult. I updated the firmware from 7.12.1 and it was successful. Then I updated to 7.16.1. Updating the lte firmware directly from 7.16.1 did not always work
by abbio90
Thu Nov 28, 2024 1:08 pm
Forum: General
Topic: Mikrotik UserManager Attribute Mikrotik-Recv-Limit Not disconnect User
Replies: 2
Views: 244

Re: Mikrotik UserManager Attribute Mikrotik-Recv-Limit Not disconnect User

Usermanager linked to what? Hotspot? Usually in the radius assignment that reports to usermanager there is the parameter "Interim update" that indicates every time the usermanager user packages are updated. If this is not configured you have the traffic volume consumed only at the end of t...
by abbio90
Mon Nov 25, 2024 10:18 pm
Forum: Scripting
Topic: remove the file only if sent [SOLVED]
Replies: 0
Views: 293

remove the file only if sent [SOLVED]

Hello everyone, I have a script that creates a monthly file, when the new month starts, the script finds the file of the last period. When this is found the variable is set to "true" and the file is forwarded via email. so far everything works. I would then like to read from the logs wheth...
by abbio90
Fri Nov 22, 2024 3:18 pm
Forum: General
Topic: Routing 2 IP adresses
Replies: 2
Views: 248

Re: Routing 2 IP adresses

this will be enough
/ip firewall nat
 add chain=srcnat src-address=10.3.100.0/24 action=masquerade
 add chain=srcnat src-address=192.168.1.0/24 out-interface=ether1 action=masquerade
in the example ether1 is the Wan interface
by abbio90
Fri Nov 22, 2024 3:15 pm
Forum: General
Topic: How to Secure Ether8 Port for AP Without Disrupting Wi-Fi Clients on Mikrotik
Replies: 4
Views: 304

Re: How to Secure Ether8 Port for AP Without Disrupting Wi-Fi Clients on Mikrotik

you could also insert an ARP protection. maybe allow ARP only from DHCP and use static assignment for DHCP. so whoever connects, unless he clones the ma address, doesn't get very far
by abbio90
Fri Nov 22, 2024 9:02 am
Forum: General
Topic: Remote site WAN access through ipsec tunnel
Replies: 4
Views: 396

Re: Remote site WAN access through ipsec tunnel

Basically you want the lan behind the mikrotik to go out on the internet through the fortinet?
by abbio90
Fri Nov 22, 2024 8:54 am
Forum: General
Topic: Can't ping devices in a LAN over WireGuard tunnel
Replies: 3
Views: 320

Re: Can't ping devices in a LAN over WireGuard tunnel

If 192.168.50.0/24 is the uplink of router B, I would say that you should set this rule on it
/ip firewall nat add chain=srcnat dst-address=192.168.50.0/24 action=masquerade
by abbio90
Fri Nov 22, 2024 8:48 am
Forum: General
Topic: Strange slow RX but not TX
Replies: 17
Views: 1722

Re: Strange slow RX but not TX

just for testing, disable hardware offload in /interface bridge Port for a moment and redo the tests.
by abbio90
Fri Nov 22, 2024 8:43 am
Forum: General
Topic: My ISP gives me only ::/64 IPv6 prefix - how do I create multiple subnets?
Replies: 17
Views: 1371

Re: My ISP gives me only ::/64 IPv6 prefix - how do I create multiple subnets?

I didn't know that Hurricane gives a free /64. Obviously it is provided on the AS in their possession? or is it possible to register your own AS? I think that in this case perhaps a /48 is assigned
by abbio90
Thu Nov 21, 2024 11:49 pm
Forum: General
Topic: How does PPP profile remote address pool work?
Replies: 2
Views: 250

Re: How does PPP profile remote address pool work?

mikrotik unlike other brands assigns the pool IPs starting from the end of the same. to assign another address you have to connect a second client that uses the same profile and you will see that it will assign a different IP
by abbio90
Thu Nov 21, 2024 3:13 pm
Forum: General
Topic: Device will use IP from Server
Replies: 17
Views: 902

Re: Device will use IP from Server

Station pseudobridge carries a maximum of 3 Mac addresses, so you will have a ma address masking if you have multiple devices
by abbio90
Thu Nov 21, 2024 3:10 pm
Forum: General
Topic: Extra Nic package [SOLVED]
Replies: 2
Views: 407

Re: Extra Nic package [SOLVED]

Thanks
by abbio90
Thu Nov 21, 2024 8:35 am
Forum: General
Topic: netinstall-cli: cannot install branding
Replies: 6
Views: 959

Re: netinstall-cli: cannot install branding

see also the flashfig tool
by abbio90
Wed Nov 20, 2024 10:33 pm
Forum: General
Topic: Extra Nic package [SOLVED]
Replies: 2
Views: 407

Extra Nic package [SOLVED]

Hi everyone, can anyone tell me what this new mikrotik package is for?
Screenshot_2024-11-20-20-15-38-820_com.android.chrome-edit.jpg
by abbio90
Wed Nov 20, 2024 10:13 pm
Forum: General
Topic: same subnet
Replies: 6
Views: 699

Re: same subnet

by abbio90
Wed Nov 20, 2024 4:55 pm
Forum: General
Topic: HEX Lite for routing between subnets [SOLVED]
Replies: 26
Views: 1673

Re: HEX Lite for routing between subnets [SOLVED]

Yes of course, I agree with you, it's a crazy scenario. Maybe there's a reason why it has to have 4 same IPs. I'm very curious.
by abbio90
Wed Nov 20, 2024 3:00 pm
Forum: General
Topic: HEX Lite for routing between subnets [SOLVED]
Replies: 26
Views: 1673

Re: HEX Lite for routing between subnets [SOLVED]

I think you can insert 4VRF and remap with netmap.
by abbio90
Wed Nov 20, 2024 10:07 am
Forum: General
Topic: check-for-updates and user\group rights
Replies: 5
Views: 620

Re: check-for-updates and user\group rights

In my opinion policy should hide scripts but not enviroriment. through this menu you can give the user the ability to customize variables that are taken from scripts. I'll give you a stupid example, I have scenarios where the user has limited access and to customize their telegram id and personal em...
by abbio90
Sun Nov 17, 2024 5:06 pm
Forum: General
Topic: Smart IPTV app prioritisation vs all other traffic
Replies: 1
Views: 259

Re: Smart IPTV app prioritisation vs all other traffic

I think you should mark the traffic and use queue trees to set priorities
by abbio90
Sun Nov 17, 2024 5:00 pm
Forum: General
Topic: Intermediate CA cert for Let's Encrypt not installed with enable-ssl-certificate
Replies: 2
Views: 773

Re: Intermediate CA cert for Let's Encrypt not installed with enable-ssl-certificate

I created the certificate a few days ago, at the first try it gave me certificate error. It was enough to remove the certificate and recreate it, and after having combined it with /ip service https it started working without error. In the /system certificate I think it is correct that the CA is not ...
by abbio90
Sun Nov 17, 2024 4:32 pm
Forum: General
Topic: Public IP High Availability
Replies: 5
Views: 471

Re: Public IP High Availability

if you have low latency paths you could use public ips through a hosting. establish a tunnel from isp1 to the hosting. create another tunnel from isp2 to the hosting. assign yourself a public ip from the hosting through the tunnels, you could use ospf to assign it dynamically using the best path.
by abbio90
Sat Nov 16, 2024 11:51 pm
Forum: General
Topic: CAPSMAN WiFi Wave2
Replies: 4
Views: 438

Re: CAPSMAN WiFi Wave2

Thanks for the advice, I'll do some field testing next week
by abbio90
Fri Nov 15, 2024 9:25 am
Forum: General
Topic: Hairpin Nat hotspot?
Replies: 1
Views: 240

Re: Hairpin Nat hotspot?

I would like to point out that if after logging in I type https://10.5.50.1/status.html the page appears correctly with a certificate error

It seems that the rules above are not doing their job. is there anything else?
by abbio90
Fri Nov 15, 2024 9:22 am
Forum: General
Topic: Dual WAN LTE (Main) + Cable (Secondary) [SOLVED]
Replies: 10
Views: 917

Re: Dual WAN LTE (Main) + Cable (Secondary) [SOLVED]

take inspiration from this guide.
https://foisfabio.it/index.php/2023/08/ ... recursive/

Then integrate the script into DHCP client as explained in this other guide in the point fig.15

https://foisfabio.it/index.php/2024/03/ ... -vodafone/
by abbio90
Thu Nov 14, 2024 6:41 pm
Forum: General
Topic: CAPSMAN WiFi Wave2
Replies: 4
Views: 438

CAPSMAN WiFi Wave2

I'm configuring capsman, I would like to ensure that when the user moves between the various cAPs the connection does not drop but roaming occurs. Does the configuration seem correct to you? /interface wifi channel add band=2ghz-ax disabled=no frequency=2412 name=channel1 skip-dfs-channels=disabled ...
by abbio90
Thu Nov 14, 2024 12:12 pm
Forum: Announcements
Topic: 📣 WinBox 4 is here 📣
Replies: 1544
Views: 370665

Re: 📣 WinBox 4 is here 📣

it would be nice since the skins don't work and you'll have to get to work, to have the possibility to create a custom menu where for example the user can insert variables even without having policy access. and whoever has policy access can go and read them to interact with the scripts. for example,...
by abbio90
Thu Nov 14, 2024 12:02 pm
Forum: General
Topic: DHCP client on VLAN interface: broadcasts lost
Replies: 2
Views: 298

Re: DHCP client on VLAN interface: broadcasts lost

post the configuration
by abbio90
Thu Nov 14, 2024 10:45 am
Forum: General
Topic: Hairpin Nat hotspot?
Replies: 1
Views: 240

Hairpin Nat hotspot?

good morning everyone, I made a hotspot with mikrotik captive portal that when it was in http worked perfectly. now I switched to https, almost everything works, after I log in however I no longer have access to pages such as https://domani/status.html I note that in ip dns a static query is inserte...
by abbio90
Thu Nov 14, 2024 9:25 am
Forum: General
Topic: VLAN config: RB2011UiAS-2HnD to L009UiGS-2HaxD
Replies: 3
Views: 306

Re: VLAN config: RB2011UiAS-2HnD to L009UiGS-2HaxD

in the /bridge vlan menu also insert the bridge itself as an interface tagged in the various vlans
by abbio90
Thu Nov 14, 2024 9:01 am
Forum: General
Topic: Slow ipv4 throughput on CCR2116 and CCR2216
Replies: 2
Views: 236

Re: Slow ipv4 throughput on CCR2116 and CCR2216

post the configuration, otherwise you need the crystal ball
by abbio90
Thu Nov 14, 2024 8:46 am
Forum: General
Topic: Managing remotely Multiple MikroTik Routers from a single interface
Replies: 3
Views: 324

Re: Managing remotely Multiple MikroTik Routers from a single interface

you can also do this with The Dude by making him a client on a single vpn server. since you have overlapping you need to remap the subnets using netmap
by abbio90
Thu Nov 14, 2024 8:44 am
Forum: General
Topic: RouterOS 7.17beta4 Webfig--Some Issues [SOLVED]
Replies: 12
Views: 1344

Re: RouterOS 7.17beta4 Webfig--Some Issues [SOLVED]

can you be more clear? I use skins a lot to create limited webfigs and I don't encounter any particular problems.
by abbio90
Thu Nov 14, 2024 8:34 am
Forum: General
Topic: Bonding 802.3ad
Replies: 8
Views: 531

Re: Bonding 802.3ad

among the tests I did on layer 2-3 I tried to set the "Limit Links" parameter to 2, without results, when I did the tests I only had one PC
by abbio90
Thu Nov 14, 2024 8:29 am
Forum: General
Topic: Bonding 802.3ad
Replies: 8
Views: 531

Re: Bonding 802.3ad

or maybe you mean that more than one host must generate traffic to use both interfaces? By setting layer3/4 the traffic passes on both interfaces even with only one host
by abbio90
Thu Nov 14, 2024 8:26 am
Forum: General
Topic: Bonding 802.3ad
Replies: 8
Views: 531

Re: Bonding 802.3ad

are you telling me that if I set up layer 2 and 3 I need to have three slave interfaces to pass traffic on two of them?
by abbio90
Thu Nov 14, 2024 12:10 am
Forum: General
Topic: Force DNS request [SOLVED]
Replies: 8
Views: 666

Re: Force DNS request [SOLVED]

I solved implementing a DoH list and a list update script
by abbio90
Thu Nov 14, 2024 12:08 am
Forum: General
Topic: Bonding 802.3ad
Replies: 8
Views: 531

Bonding 802.3ad

Hi everyone, are there any problems with 802.3ad bonding? I configured a bonding between two routerboards with version 7.16 using two 1gbps ports for each side. All traffic passes on the first slave interface. To make it work I set it to layer3/4 but it doesn't seem correct. It should be on layer2/3...
by abbio90
Wed Nov 13, 2024 9:42 am
Forum: General
Topic: Force DNS request [SOLVED]
Replies: 8
Views: 666

Re: Force DNS request [SOLVED]

by abbio90
Wed Nov 13, 2024 12:11 am
Forum: General
Topic: Force DNS request [SOLVED]
Replies: 8
Views: 666

Re: Force DNS request [SOLVED]

I think the problem is DOH, if I do a torch I see requests towards 8.8.8.8:443. so AdGuard is skipped. How do I manage these requests to process everything from AdGuard?
by abbio90
Tue Nov 12, 2024 4:13 pm
Forum: General
Topic: Force DNS request [SOLVED]
Replies: 8
Views: 666

Re: Force DNS request [SOLVED]

Adguard is in container in mikrotik itself so it has a veth /30 the clients are on multiple vlans with different subnets to the server
by abbio90
Mon Nov 11, 2024 11:35 pm
Forum: General
Topic: VLans over Hotspot server and PtP and PtMP Link
Replies: 4
Views: 854

Re: VLans over Hotspot server and PtP and PtMP Link

I also propose my guide if you want to take a look
https://foisfabio.it/index.php/2024/01/ ... otik-vlan/
by abbio90
Mon Nov 11, 2024 11:33 pm
Forum: General
Topic: MikroTik v.7.16.1 CAPsMAN, datapath doesn't work
Replies: 5
Views: 1119

Re: MikroTik v.7.16.1 CAPsMAN, datapath doesn't work

It might not work because the master wifi interfaces need to be added to the bridge manually
by abbio90
Mon Nov 11, 2024 11:31 pm
Forum: General
Topic: MikroTik v.7.16.1 CAPsMAN, datapath doesn't work
Replies: 5
Views: 1119

Re: MikroTik v.7.16.1 CAPsMAN, datapath doesn't work

with wifi ax and vlan filtering the datapath works perfectly. its cap is also essential to generate the slave interfaces dynamically in bridge Port and bridge vlan
by abbio90
Mon Nov 11, 2024 11:25 pm
Forum: General
Topic: Mikrotik Hotspot user config
Replies: 2
Views: 348

Re: Mikrotik Hotspot user config

you find everything ready in usermanager on routers 7
by abbio90
Mon Nov 11, 2024 11:16 pm
Forum: General
Topic: Force DNS request [SOLVED]
Replies: 8
Views: 666

Force DNS request [SOLVED]

I have an AdGuard container on mikrotik. It works perfectly. I wanted to make a node that if someone changes the dns in the network card all traffic is directed to AdGuard. I created this rule.. /ip firewall nat add chain=dstnat src-address-list=!pi-hole protocoll=udp dst-port=53 action=dst-nat to-a...
by abbio90
Fri Nov 01, 2024 11:03 pm
Forum: Announcements
Topic: 📣 WinBox 4 is here 📣
Replies: 1544
Views: 370665

Re: 📣 WinBox 4 is here 📣

Hi all, skins not working on winbox 4?
by abbio90
Fri Nov 01, 2024 6:08 pm
Forum: General
Topic: Winbox 4 Skin not working
Replies: 0
Views: 253

Winbox 4 Skin not working

Hi all, skins not working on winbox 4?
by abbio90
Mon Oct 28, 2024 10:57 am
Forum: The User Manager
Topic: PayPal payments failing
Replies: 6
Views: 8673

Re: PayPal payments failing

Thanks for the advice, could you give me some guides to implement it?
by abbio90
Mon Oct 28, 2024 10:57 am
Forum: The User Manager
Topic: User manager limitation not working on Mikrotik v7
Replies: 2
Views: 620

Re: User manager limitation not working on Mikrotik v7

by any chance in User manager do you see the traffic used only when the session is closed?
by abbio90
Mon Oct 28, 2024 10:51 am
Forum: The User Manager
Topic: Integration of WireGuard to UserManager
Replies: 4
Views: 1442

Re: Integration of WireGuard to UserManager

if the router reboots what happens?
by abbio90
Mon Oct 28, 2024 10:46 am
Forum: General
Topic: Port Forwarding FROM CHR [SOLVED]
Replies: 9
Views: 692

Re: Port Forwarding FROM CHR [SOLVED]

I am currently testing the configuration on a local chr on which I receive a public IP from the ISP. Then the configuration will go into production on CHR in CLOUD with static public IP without pppoe. the Wireguard tunnel has allowed address 0.0.0.0/0 as I did not want it to create limitations in th...
by abbio90
Sun Oct 27, 2024 7:04 pm
Forum: General
Topic: Port Forwarding FROM CHR [SOLVED]
Replies: 9
Views: 692

Re: Port Forwarding FROM CHR [SOLVED]

regarding the first rule which deals with the mark connection, would chain forward or prerouting be more correct?

everything works with both chains
by abbio90
Sun Oct 27, 2024 6:58 pm
Forum: General
Topic: Port Forwarding FROM CHR [SOLVED]
Replies: 9
Views: 692

Re: Port Forwarding FROM CHR [SOLVED]

I apologize if I expressed myself badly, but what Sindy indicated made the difference. In any case, the CHR configuration is: /interface wireguard add listen-port=13231 mtu=1420 name=wireguard1 /interface vlan add interface=ether1 name=vlan80 vlan-id=80 /interface pppoe-client add add-default-route=...
by abbio90
Sun Oct 27, 2024 3:39 pm
Forum: General
Topic: VXLAN inside Wireguard MTU [SOLVED]
Replies: 3
Views: 502

Re: VXLAN inside Wireguard MTU [SOLVED]

Thanks
by abbio90
Sun Oct 27, 2024 2:16 pm
Forum: General
Topic: Port Forwarding FROM CHR [SOLVED]
Replies: 9
Views: 692

Port Forwarding FROM CHR [SOLVED]

Hi everyone. I have a client under NAT, on which there is a server that I would like to reach remotely. Having a CHR with a public IP, I thought of establishing a wireguard tunnel between the offices and creating a dstnat in the chr towards the server using static routes to reach it. In the same way...
by abbio90
Fri Oct 25, 2024 7:19 pm
Forum: General
Topic: VXLAN inside Wireguard MTU [SOLVED]
Replies: 3
Views: 502

VXLAN inside Wireguard MTU [SOLVED]

Hi everyone, I have a wireguard tunnel between two sites inside it, a vxlan passes that carries the VoIP segment from site 1 to site 2. If wireguard has mtu 1420, do I have to set up vxlan with mtu 1370?
by abbio90
Mon Oct 14, 2024 6:06 pm
Forum: General
Topic: Proxy
Replies: 2
Views: 338

Re: Proxy

I did a thorough analysis and from what I understood the proxy in question is ipfire, so it is connected downstream of the router as if it were a firewall. So I believe it is not possible to install ip Fire in a mikrotik container in order to manage everything with the router. Eventually could you r...
by abbio90
Sun Oct 13, 2024 4:56 pm
Forum: General
Topic: Hotspot problem
Replies: 11
Views: 795

Re: Hotspot problem

I think there are two ways. Directly with netinstall. If you don't have to go step by step, downgrade to 7.12.1 then you should be able to go to 6.49
by abbio90
Wed Oct 09, 2024 2:49 pm
Forum: General
Topic: Proxy
Replies: 2
Views: 338

Proxy

hello everyone. I have a client with a proxy server, this limits access to some sites and blocks access to sites not resolved at DNS level. since a renewal of the main router is planned, what rules should I configure? is the dstnat of port 443 enough? or does the proxy section need to be filled in?
by abbio90
Sun Oct 06, 2024 6:37 pm
Forum: General
Topic: Export session .csv
Replies: 6
Views: 749

Re: Export session .csv

Thanks for your contribution, by directly running the indicated script I found that the header was overwritten when presenting new entries. I modified the script as follows. It seems to work very well, now I need to figure out how I would enter decimals in the download and upload field. Your script ...
by abbio90
Sun Oct 06, 2024 2:56 pm
Forum: General
Topic: Problem to connect to ISP via PPPOE
Replies: 18
Views: 1106

Re: Problem to connect to ISP via PPPOE

silly question, have you tried cloning the mac address using the old router's one?
by abbio90
Sun Oct 06, 2024 11:10 am
Forum: General
Topic: Problem to connect to ISP via PPPOE
Replies: 18
Views: 1106

Re: Problem to connect to ISP via PPPOE

If you see the pppoe server by scanning but the pppoe client does not authenticate, it could be a problem of incorrect credentials. unless some additional parameters are needed for authentication
by abbio90
Sun Oct 06, 2024 11:07 am
Forum: General
Topic: Hotspot problem
Replies: 11
Views: 795

Re: Hotspot problem

then it is not possible to go to YouTube if the authentication has not occurred. send an export of /ip hotspot and /usermanager if you use it. Make sure that before the login it does not ping the usual 8.8.8.8 and 1.1.1.1. maybe on YouTube it goes in offline mode.
by abbio90
Sat Oct 05, 2024 8:31 pm
Forum: General
Topic: Frequecy Scan to file scan1
Replies: 1
Views: 196

Re: Frequecy Scan to file scan1

check that in addition to the country you have entered the installation on outdoor to enable the outdoor frequencies
by abbio90
Sat Oct 05, 2024 8:28 pm
Forum: General
Topic: Problem to connect to ISP via PPPOE
Replies: 18
Views: 1106

Re: Problem to connect to ISP via PPPOE

To get started, if the public interface is running, run a Pppoe scan on it and make sure it sees a server on the other end. If not, you probably need a vlan tagged on the same interface
by abbio90
Sat Oct 05, 2024 8:24 pm
Forum: General
Topic: Export session .csv
Replies: 6
Views: 749

Re: Export session .csv

Hi, I'm resuming this discussion after a long time as the project had been put on hold. Now I have resumed and from the proposed string I have created a script that inserts the session rows into a .csv and keeps it updated. the problem is that in each row the header is inserted again and some rows a...
by abbio90
Sat Oct 05, 2024 11:15 am
Forum: General
Topic: Can't ping a public ip over a vlan interface
Replies: 4
Views: 320

Re: Can't ping a public ip over a vlan interface

in /ip firewall nat do NAT with output list WAN interface. In /interface list, no interface is entered on the WAN list. Add the public interface to this list and it should work
by abbio90
Sat Oct 05, 2024 11:10 am
Forum: General
Topic: wireless + ethernet on audio app config
Replies: 7
Views: 358

Re: wireless + ethernet on audio app config

Quick set should be specifically for User friendly users but from my experience it is easier to write what you want to achieve and configure it from scratch following the various steps. Describe in detail the result needed and let's see if someone can help
by abbio90
Sat Oct 05, 2024 11:08 am
Forum: General
Topic: RB4011 does not work
Replies: 2
Views: 282

Re: RB4011 does not work

On the back there is the console port. Connect with a serial rj45 cable and see what happens
by abbio90
Sat Oct 05, 2024 11:05 am
Forum: General
Topic: bridge setting ip filter problem
Replies: 3
Views: 279

Re: bridge setting ip filter problem

If you don't show the configuration only the crystal ball can help
by abbio90
Sat Oct 05, 2024 11:03 am
Forum: General
Topic: Hotspot problem
Replies: 11
Views: 795

Re: Hotspot problem

also it seems that you use an external radius. so probably in the walled garden there is inserted both the address of the external radius and of YouTube.
by abbio90
Sat Oct 05, 2024 11:01 am
Forum: General
Topic: Hotspot problem
Replies: 11
Views: 795

Re: Hotspot problem

theoretically that message appears on mobile devices when there is no internet browsing.
So it asks if you still want to stay connected.

that said, you should not browse without authentication unless you have enabled trial mode or have put YouTube in the walled garden
by abbio90
Thu Oct 03, 2024 12:33 pm
Forum: Beginner Basics
Topic: I have mikrotik which was working fine before now as users and devices increased. It's making issue with few websites.
Replies: 3
Views: 1022

Re: I have mikrotik which was working fine before now as users and devices increased. It's making issue with few website

add queues based on how traffic needs to be handled. Alternatively you can also implement pcq queues that guarantee guaranteed bandwidth to everyone
by abbio90
Thu Oct 03, 2024 12:01 pm
Forum: RouterBOARD hardware
Topic: Hardware request
Replies: 0
Views: 473

Hardware request

I was surprised by the side din mount of the CRS304. It would be interesting to make an LTE router with at least 4 ports, sma connectors for external antennas and the side din mount. It would be a great revolution for the installation on din rail inside the electrical panels.
by abbio90
Thu Oct 03, 2024 11:59 am
Forum: Announcements
Topic: Newsletter #120 | September 2024
Replies: 56
Views: 18486

Re: Newsletter #120 | September 2024

The side din mount of the CRS304 is phenomenal. It would be interesting to make a LTE router with at least 4 ports, sma connectors for external antennas and the side din mount. It would be a great revolution for din rail installation inside electrical panels.
by abbio90
Thu Oct 03, 2024 11:49 am
Forum: The User Manager
Topic: Script to reset all mac addresses
Replies: 3
Views: 1252

Re: Script to reset all mac addresses

you have to ask the question again more clearly, otherwise no one will answer
by abbio90
Thu Oct 03, 2024 11:47 am
Forum: The User Manager
Topic: Feature request - Option in User manager ROUTERS tab - Remove domain from user-name
Replies: 1
Views: 498

Re: Feature request - Option in User manager ROUTERS tab - Remove domain from user-name

I would also add that it would be interesting to see the part about automated payment systems. There used to be PayPal and other services but there is no documentation about it
by abbio90
Thu Oct 03, 2024 7:31 am
Forum: The User Manager
Topic: Adding users using script
Replies: 10
Views: 9191

Re: Adding users using script

I know the old user manager well. what I'm telling you is that mikrotik wanted to keep that name so whether you like it or not it's called that. then if it doesn't do what it did before that's another matter. but in the official channels it's still called user manager
by abbio90
Wed Oct 02, 2024 11:45 pm
Forum: General
Topic: Problems with fetch command from router to a Shelly Plus Plug S
Replies: 2
Views: 1307

Re: Problems with fetch command from router to a Shelly Plus Plug S

:tool fetch http-method=get user="admin" password="<my_password>" url="http://192.168.0.144/relay/0?turn=on" http-header-field="Content-Type: application/x-www-form-urlencoded" output=none http-auth-scheme=digest
by abbio90
Wed Oct 02, 2024 10:42 am
Forum: The User Manager
Topic: Adding users using script
Replies: 10
Views: 9191

Re: Adding users using script

the user manager package with the name "User manager" what should it be called? I agree that they made a completely new package, but the name remains the same. I don't think it's correct to say that User manager is not on Ros7.


rdnum only exists on Ros7 as you say
by abbio90
Wed Oct 02, 2024 10:30 am
Forum: General
Topic: The mysteries of RouterOS
Replies: 5
Views: 416

Re: The mysteries of RouterOS

if it can be interesting I have created a guide on vlans
https://foisfabio.it/index.php/2024/01/ ... otik-vlan/
by abbio90
Wed Oct 02, 2024 10:12 am
Forum: General
Topic: Wireguard low Throughput
Replies: 2
Views: 293

Re: Wireguard low Throughput

It seems that many users have solved it by forcing the CPU to the maximum and disabling its energy saving. What do you think of this solution? I honestly don't like it that much.
viewtopic.php?t=202007
by abbio90
Tue Oct 01, 2024 10:33 pm
Forum: General
Topic: Wireguard low Throughput
Replies: 2
Views: 293

Wireguard low Throughput

Hello everyone. I should create a peer to peer connection between two locations. The connections in question are two ftth 1000/1000. Currently I have performed tests with a CCR1009 and a hap ax2 and I have a maximum Throughput of 400mbps between the two sites. I simulated the same with ipsec having ...
by abbio90
Sun Sep 29, 2024 11:54 pm
Forum: General
Topic: PUBLIC IP DISTRIBUTE TO VPN
Replies: 6
Views: 816

Re: PUBLIC IP DISTRIBUTE TO VPN

You can rotate the second public ip assignment with l2tp directly to the client. Obviously on the client side you will have to create a routing table that uses that path as default
by abbio90
Sun Sep 29, 2024 9:35 pm
Forum: The User Manager
Topic: Adding users using script
Replies: 10
Views: 9191

Re: Adding users using script

you can also do a sef registration if you want, but we'll go into more detail there
by abbio90
Sun Sep 29, 2024 9:33 pm
Forum: The User Manager
Topic: Adding users using script
Replies: 10
Views: 9191

Re: Adding users using script

since you use script also interesting this command to generate random passwords
{
:local NumberRandom [:rndnum from=100000 to=999999];
:put $NumberRandom
}
by abbio90
Mon Sep 16, 2024 8:35 pm
Forum: The User Manager
Topic: Expire Account Reminder Webpage
Replies: 3
Views: 2122

Re: Expire Account Reminder Webpage

maybe it's better to do it with a script that inserts an address list of expired users
by abbio90
Mon Sep 16, 2024 8:28 pm
Forum: General
Topic: Permissions Trouble
Replies: 2
Views: 765

Re: Permissions Trouble

if it was exposed they probably limited your admin account and created the system account. they often get hacked with APIs
by abbio90
Sat Aug 31, 2024 4:04 pm
Forum: Beginner Basics
Topic: NFS Client Help
Replies: 6
Views: 2365

Re: NFS Client Help

could you tell me how you did it?
by abbio90
Sun Aug 25, 2024 4:28 pm
Forum: Useful user articles
Topic: Routing Netflix traffic of a LAN client via a wireguard
Replies: 1
Views: 6232

Re: Routing Netflix traffic of a LAN client via a wireguard

Optionally, you can add a killswitch
could you specify what this rule does?
by abbio90
Sun Aug 25, 2024 1:57 pm
Forum: The User Manager
Topic: MikroTik User Manager documentation
Replies: 52
Views: 90505

Re: MikroTik User Manager documentation

It would be nice to provide more documentation on User Manager, especially the integration with major payment systems.
by abbio90
Sun Aug 25, 2024 1:53 pm
Forum: General
Topic: best POE device for cameras
Replies: 3
Views: 502

Re: best POE device for cameras

Please note that hex poe lite can't provide poe 802.3at/af in 48-56volt. I suggest you to use RB960PGS or CRS112-8P, which support high voltage at 48V
by abbio90
Sat Aug 24, 2024 12:46 am
Forum: Beginner Basics
Topic: Hotspot shared users
Replies: 2
Views: 1213

Re: Hotspot shared users

I think if you use external radius you have to handle this option from there.
by abbio90
Fri Aug 23, 2024 1:36 pm
Forum: The User Manager
Topic: User manager on CHR
Replies: 10
Views: 2336

Re: User manager on CHR

create a new discussion otherwise nothing will be understood
by abbio90
Fri Aug 23, 2024 1:27 pm
Forum: General
Topic: Interface screen winbox
Replies: 4
Views: 898

Re: Interface screen winbox

if I'm not mistaken you can find it in the capsman datapaths
by abbio90
Fri Aug 23, 2024 1:20 pm
Forum: General
Topic: Logging client signals
Replies: 2
Views: 723

Re: Logging client signals

there is also the dude from mikrotik. If not try Observium
by abbio90
Fri Aug 23, 2024 1:14 pm
Forum: General
Topic: Unable to establish ipsec VPNs
Replies: 7
Views: 779

Re: Unable to establish ipsec VPNs

It happened to me too some time ago, the problem was that the ISP was under DDoS attack and had set the most sensitive filters.
by abbio90
Fri Aug 23, 2024 1:12 pm
Forum: General
Topic: How to define untagged (or default/native VLAN) of an Ethernet interface?
Replies: 4
Views: 595

Re: How to define untagged (or default/native VLAN) of an Ethernet interface?

you have to use vlan filtering and you can find it in the /bridge Port menu. if you want take a look at this guide, and you will find all the instructions.

https://foisfabio.it/index.php/2024/01/ ... otik-vlan/
by abbio90
Fri Aug 23, 2024 1:08 pm
Forum: Beginner Basics
Topic: HotSpot in RoS 7.15 (authorization window does not pass) [SOLVED]
Replies: 2
Views: 1871

Re: HotSpot in RoS 7.15 (authorization window does not pass) [SOLVED]

share the content of the login.html page and a hotspot export launched from terminal
by abbio90
Sat Aug 17, 2024 1:21 am
Forum: Beginner Basics
Topic: User Creation
Replies: 6
Views: 1442

Re: User Creation

enable api permissions for the user and in ip service enable the service. You always see the api port in ip service
by abbio90
Wed Aug 14, 2024 1:07 am
Forum: Beginner Basics
Topic: User Creation
Replies: 6
Views: 1442

Re: User Creation

what should you do with home assistant? do you want to connect to the router with a plugin and access the statistics? in that case you must enter the api in the user permissions as well as in /ip service and specify the correct port
by abbio90
Tue Aug 13, 2024 12:30 pm
Forum: General
Topic: Interface screen winbox
Replies: 4
Views: 898

Re: Interface screen winbox

if you use "local forwarding" in your datapaths, try unchecking it
by abbio90
Tue Aug 13, 2024 12:26 pm
Forum: General
Topic: Wireguard issues; can connect but can't access hosts
Replies: 5
Views: 730

Re: Wireguard issues; can connect but can't access hosts

the VPN's Nat is probably missing
by abbio90
Tue Aug 13, 2024 11:47 am
Forum: General
Topic: Access Hotspot Login page from LAN
Replies: 1
Views: 1072

Re: Access Hotspot Login page from LAN

I don't think it can if captive portal is not running on that interface. what result would you like to achieve?
by abbio90
Tue Aug 13, 2024 11:42 am
Forum: Beginner Basics
Topic: User Creation
Replies: 6
Views: 1442

Re: User Creation

I didn't understand what this user group should have access to. in any case also post a
/user export
by abbio90
Tue Aug 13, 2024 11:31 am
Forum: The User Manager
Topic: User manager on CHR
Replies: 10
Views: 2336

Re: User manager on CHR

I'm also interested in evaluating an ax6 if it were possible. it's very cheap, and with a level 6 license it's a great option.
in any case, with rb5009 the limitation of 50 active users remains
by abbio90
Tue Aug 13, 2024 12:46 am
Forum: The User Manager
Topic: User manager on CHR
Replies: 10
Views: 2336

Re: User manager on CHR

Consider installing an x86 with level 6 license or a chr unlimited
by abbio90
Tue Aug 13, 2024 12:45 am
Forum: The User Manager
Topic: User manager on CHR
Replies: 10
Views: 2336

Re: User manager on CHR

theoretically it corresponds to a level 4 x86 so you can have a maximum of 20 user manager users active at the same time.

There is no limit on registered users, the limitation concerns users who are active at the same time
by abbio90
Mon Jul 22, 2024 9:23 am
Forum: Beginner Basics
Topic: Wireguard Android to OS - connects but no access to LAN [SOLVED]
Replies: 7
Views: 5178

Re: Wireguard Android to OS - connects but no access to LAN [SOLVED]

/ip firewall nat add chain=srcnat src-address=192.168.46.0/24 action=masquerade
by abbio90
Sun Jul 21, 2024 7:02 pm
Forum: Forwarding Protocols
Topic: OSPF multisite FILTER no match
Replies: 0
Views: 1147

OSPF multisite FILTER no match

Good morning, I have a network with 6 locations. the offices communicate with each other in the following way: - Wireguard, gre tunnel and sstp. the subnets of the various sites are: Site1: LAN 192.168.1.0/24 WG-->site2=172.18.12.1/30 WG-->site3=172.18.13.1/30 WG-->site4=172.18.14.1/30 WG-->site5=17...
by abbio90
Sun Jul 21, 2024 2:26 pm
Forum: Beginner Basics
Topic: mikrotik hap ac how to setup 2wan 3lan newbie
Replies: 11
Views: 1576

Re: mikrotik hap ac how to setup 2wan 3lan newbie

https://foisfabio.it/index.php/2022/12/ ... e-routeros

here you will find an example. study the routing tables carefully
by abbio90
Sun Jul 21, 2024 1:51 pm
Forum: General
Topic: most "cold" RJ45 SFP+ modules
Replies: 5
Views: 697

Re: most "cold" RJ45 SFP+ modules

in general these modules always heat up a lot. I don't think there's anything that stays cold
by abbio90
Sun Jul 21, 2024 1:18 pm
Forum: General
Topic: HOTSPOT - Self Registration/ Authentication
Replies: 15
Views: 8620

Re: HOTSPOT - Self Registration/ Authentication

what would purple wi-fi be? a radius? I managed to do self registration, send credentials by email, remove users after X days (customizable variable), send email request for review. add advertising pages and many other nice things. but the payments would be an added value
by abbio90
Sun Jul 21, 2024 1:16 pm
Forum: General
Topic: RB5009 Firewall Rules not working
Replies: 4
Views: 576

Re: RB5009 Firewall Rules not working

try inserting protocol TCP dstport 3389 in the accept rule and ditto for UDP. Otherwise, reset the packet counter and see when you start the rdp session which rule increments the packets
by abbio90
Sat Jul 20, 2024 9:58 pm
Forum: General
Topic: forced sstp client on ISP2 [SOLVED]
Replies: 7
Views: 4191

Re: forced sstp client on ISP2 [SOLVED]

I apologize for the late response but I wanted to understand what was going on before writing here. observing the connection tracking and the packet flow it is clear that I was lost in a glass of water. the sstp went out with the Wan indicated by the routing table indicated in the Mark routing but w...
by abbio90
Sat Jul 20, 2024 4:56 pm
Forum: The User Manager
Topic: How to make User Manager work with PayPal Sandbox
Replies: 8
Views: 13237

Re: How to make User Manager work with PayPal Sandbox

Can anyone provide usable information on ros7? I use 7.14.3
by abbio90
Sat Jul 20, 2024 4:32 pm
Forum: The User Manager
Topic: SSL handshake error using PayPal starting 10th September
Replies: 8
Views: 9344

Re: SSL handshake error using PayPal starting 10th September

Could you help me configure PayPal on user manager? I can't find any documentation
by abbio90
Sat Jul 20, 2024 4:30 pm
Forum: The User Manager
Topic: PayPal payments failing
Replies: 6
Views: 8673

Re: PayPal payments failing

Could you help me configure PayPal on user manager? I can't find any documentation
by abbio90
Sat Jul 20, 2024 4:27 pm
Forum: General
Topic: HOTSPOT - Self Registration/ Authentication
Replies: 15
Views: 8620

Re: HOTSPOT - Self Registration/ Authentication

After 20 years there has been some progress on the hotspot. Documentation to set up payments with PayPal still nothing?
by abbio90
Sat Jul 20, 2024 4:09 pm
Forum: General
Topic: [FEATURE REQUEST] Two Factor Authentication
Replies: 53
Views: 39196

Re: [FEATURE REQUEST] Two Factor Authentication

Hi Indnti and all memebers, I'm trying to activate OTP for our l2tp vpn clients using authrnticator and it seens that you have found a way t do that with Mikrotik. Could you please confirm if this is feasable ? And share script if so. Many thanks in advance I made an ad hoc video https://foisfabio....
by abbio90
Sat Jul 20, 2024 4:01 pm
Forum: The User Manager
Topic: User manager v7 delete expired users
Replies: 2
Views: 4795

Re: User manager v7 delete expired users

I created an ad hoc script that deletes older users. In my case I created a self-registration with email and password. When the user is created, the expiration date YYYY/MM/DD is indicated in the comment so that it is easier to remove them with scripts. the script examines expired users every day at...
by abbio90
Sat Jul 20, 2024 3:57 pm
Forum: The User Manager
Topic: User Manager possible to use not using MAC authentication
Replies: 1
Views: 1663

Re: User Manager possible to use not using MAC authentication

the Mac is used as the login when using the trial hotspot. if you don't use trial you can authenticate with user and pw and the mac addrsss is only used to generate the cookie
by abbio90
Sat Jul 20, 2024 3:55 pm
Forum: The User Manager
Topic: Android App Developer
Replies: 4
Views: 2541

Re: Android App Developer

you can always create a skin that only allows you to access the user manager and modify or insert users
by abbio90
Sat Jul 20, 2024 3:46 pm
Forum: Beginner Basics
Topic: gps-server.com LtAP LTE6 GPS
Replies: 1
Views: 967

Re: gps-server.com LtAP LTE6 GPS

I'll follow in case anyone replies
by abbio90
Sat Jul 20, 2024 3:45 pm
Forum: Beginner Basics
Topic: reset usermanager password
Replies: 2
Views: 1004

Re: reset usermanager password

Did you try with /user-manager ? I think that in ROS v7 you don't use /tool user-manager.
+ 1
by abbio90
Sat Jul 20, 2024 3:40 pm
Forum: Beginner Basics
Topic: L2TP VPN - Site to Site - routing [SOLVED]
Replies: 21
Views: 6663

Re: L2TP VPN - Site to Site - routing [SOLVED]

you need to remove add default route from the VPN client and create a new routing table where only the traffic coming from the necessary IP is marked on a new routing table
by abbio90
Sat Jul 20, 2024 3:31 pm
Forum: General
Topic: Mikrotik Open VPN connected without access to the lan
Replies: 2
Views: 683

Re: Mikrotik Open VPN connected without access to the lan

/ip firewall nat add chain=srcnat src-address=10.10.5.0/24 action=masquerade
by abbio90
Sat Jul 20, 2024 3:29 pm
Forum: General
Topic: Cloud/DDNS is not working *urgent*
Replies: 4
Views: 1180

Re: Cloud/DDNS is not working *urgent*

for important services I always use two ddns
by abbio90
Sat Jul 20, 2024 3:25 pm
Forum: General
Topic: Schedule controlled LED's
Replies: 1
Views: 560

Re: Schedule controlled LED's

If you want you can also turn them on and off from script or netwatch. you can assign them to a loopback interface in case there is no suitable interface to turn it on
by abbio90
Sat Jul 20, 2024 3:12 pm
Forum: General
Topic: ovpn-import: disconnected <TLS error: handshake timed out (6)>
Replies: 3
Views: 2004

Re: ovpn-import: disconnected <TLS error: handshake timed out (6)>

In the meantime, check that you have correctly set the MTU on the WAN interface
by abbio90
Fri Jul 19, 2024 9:25 pm
Forum: General
Topic: forced sstp client on ISP2 [SOLVED]
Replies: 7
Views: 4191

Re: forced sstp client on ISP2 [SOLVED]

releasing an entire subnet, an IP, are things that happen every day. Instead, releasing an sstp client on a specific LAN had honestly never happened to me. The opposite happened to me when I had to listen to a server on wan2 which is not the primary one. What do you mean by user? How do you match us...
by abbio90
Fri Jul 19, 2024 7:05 pm
Forum: General
Topic: forced sstp client on ISP2 [SOLVED]
Replies: 7
Views: 4191

forced sstp client on ISP2 [SOLVED]

Hi everyone, I have a routerboard with ISP1 as primary and ISP2 as secondary. This Routerboard establishes an sstp-client towards an external server, I would like it to do it with ISP2 instead of with the default route of the main routing table. /ip firewall mangle add action=mark-connection chain=o...
by abbio90
Sun Jul 07, 2024 8:26 am
Forum: General
Topic: System login
Replies: 21
Views: 4856

Re: System login

it was probably exposed with a public IP during installation and they hacked it. happened to me too.
IMG_20240707_072642_434.jpg
by abbio90
Sun Jul 07, 2024 8:21 am
Forum: General
Topic: import Address-list
Replies: 2
Views: 1394

Re: import Address-list

you can print the address lists. see the number that appears for each row. where you have identified which ones to modify, write the various lines with set in a notepad file. all you have to do is stick it on the terminal and you're done
by abbio90
Wed Jun 26, 2024 1:29 am
Forum: General
Topic: OVPN + Miniorange Radius
Replies: 3
Views: 1143

Re: OVPN + Miniorange Radius

How do you like miniorange? I use freeradius or radiusdesk and was wondering it might be interesting to try
by abbio90
Sun Jun 23, 2024 12:04 am
Forum: General
Topic: Export session .csv
Replies: 6
Views: 749

Re: Export session .csv

I also thought about using foreach but I thought there was a simpler way. I'll do some tests tomorrow. thanks for now
by abbio90
Sat Jun 22, 2024 8:12 pm
Forum: General
Topic: Export session .csv
Replies: 6
Views: 749

Export session .csv

I would need to export the usermanager sessions into a.csv file. Has anyone ever managed to do this? which approach to use?
by abbio90
Tue Jun 18, 2024 3:17 pm
Forum: General
Topic: Rb3011 embarrassing performance
Replies: 3
Views: 613

Re: Rb3011 embarrassing performance

after verification. isn't it always single core on 2011? because in that case I don't encounter problems in fast track
by abbio90
Sun Jun 16, 2024 3:49 pm
Forum: General
Topic: WINBOX VPN
Replies: 1
Views: 322

Re: WINBOX VPN

It could be an mtu problem, try reducing the mtu of the VPN
by abbio90
Sun Jun 16, 2024 2:26 pm
Forum: General
Topic: Rb3011 embarrassing performance
Replies: 3
Views: 613

Rb3011 embarrassing performance

good morning, I performed bandwidth tests on various devices including rb2011 and rb3011. in rb2011 I have about 200mbps of throughput with pppoe. if I enable fast track again with pppoe I get almost 700mbps. in bridging we are around 860mbps and I would say it's fine. Doing the same tests on the rb...
by abbio90
Sun Jun 16, 2024 10:34 am
Forum: Scripting
Topic: Dual WAN Internet detection
Replies: 1
Views: 1527

Re: Dual WAN Internet detection

Isn't it easier to use netwatch? in version 7 it has been improved a lot
by abbio90
Sun Jun 16, 2024 10:33 am
Forum: Scripting
Topic: Script for auto-repy sms
Replies: 2
Views: 1596

Re: Script for auto-repy sms

what exactly do you use this script for?
by abbio90
Sat Jun 15, 2024 7:21 pm
Forum: Scripting
Topic: ssh-exec activation keys [SOLVED]
Replies: 1
Views: 3914

Re: ssh-exec activation keys [SOLVED]

Something like that, but I'm putting one ssh-exec inside another. I don't think it works { :global License "4a7135fe7bef7d4b046c" :local IPclient [/ip address get [find where interface=l2tp-out1] address] :set IPclient [:pick $IPclient 0 [:find $IPclient "/"]] :put $IPclient :if ...
by abbio90
Sat Jun 15, 2024 6:53 pm
Forum: Scripting
Topic: ssh-exec activation keys [SOLVED]
Replies: 1
Views: 3914

ssh-exec activation keys [SOLVED]

Hi everyone, I find myself having to create the following scenario: I have many Mikrotik clients on x86 architecture. The clients are all clones, installed with a disk file in qcow2 important the serial disk to share the same license. Services run on these clients. the user has exclusive access via ...
by abbio90
Wed Jun 12, 2024 7:40 pm
Forum: General
Topic: Hotspot receive mail After login [SOLVED]
Replies: 0
Views: 4315

Hotspot receive mail After login [SOLVED]

I have a mikrotik captive portal hotspot, I would like users to receive emails even before authenticating. Is this rule sufficient?
/ip hotspot/ip hotspot walled-garden ip address action=accept disabled=no dst-address=0.0.0.0/0 protocol=tcp dst-port=995
by abbio90
Wed Jun 12, 2024 7:35 pm
Forum: General
Topic: received NAK from dhcp server
Replies: 2
Views: 900

Re: received NAK from dhcp server

is analyzing the situation thoroughly. it seems that provisioning on the CPE's tr069 occurs exactly every 15 minutes (900 seconds). Could that be causing this problem?
by abbio90
Mon Jun 10, 2024 8:07 am
Forum: General
Topic: 1:1 NAT max
Replies: 2
Views: 323

Re: 1:1 NAT max

in the sense that you have 1000 public IPs and you want them to be connected with Nat 1:1 on 1000 private IPs?
by abbio90
Sat Jun 08, 2024 5:04 pm
Forum: General
Topic: received NAK from dhcp server
Replies: 2
Views: 900

received NAK from dhcp server

Hi everyone, I have a routerboard that works as a dhcp client on a Vodafone FWA connection. I have a Vodafone ZTE CPE configured in bridge mode on which it is only possible to configure the APN and the VLAN on which dhcp client is exposed. Everything works, the rb is issued a dynamic public IP with ...
by abbio90
Wed Jun 05, 2024 11:58 am
Forum: Beginner Basics
Topic: Hex S VLAN Routing Speed
Replies: 18
Views: 3413

Re: Hex S VLAN Routing Speed

in summary, on this router is it better to configure the VLANs with VLAN filtering as the chipset does not allow the configuration of the VLANs in VLAN filtering?
by abbio90
Wed Jun 05, 2024 11:52 am
Forum: General
Topic: Hotspot SSL invalid i used the new "/certificate/enable-ssl-certificate"
Replies: 1
Views: 725

Re: Hotspot SSL invalid i used the new "/certificate/enable-ssl-certificate"

do you use ets encrypt? if you use it, try to also expose the http port and check that the router is able to reach the ets encrypt to verify the certificate. It is also important that the date and time are correct
by abbio90
Tue Jun 04, 2024 11:12 pm
Forum: General
Topic: OpenVPN (client mode) TLS-handshake error
Replies: 2
Views: 1958

Re: OpenVPN (client mode) TLS-handshake error

it could be an mtu problem. test by decreasing the mtu.
by abbio90
Sun Jun 02, 2024 12:59 pm
Forum: Scripting
Topic: calculate date from days variable [SOLVED]
Replies: 4
Views: 4003

Re: calculate date from days variable [SOLVED]

Well yes, in fact you could set 31 by default and only set the exceptions. anyway I thought something could be done by collecting data as an array in a variable
by abbio90
Sun Jun 02, 2024 12:41 pm
Forum: Scripting
Topic: convert timestamp to 17d 00:00:00
Replies: 0
Views: 1230

convert timestamp to 17d 00:00:00

good morning everyone, is there a clean way to turn 2w3d into 17d 00:00:00?
/ip hotspot user profile
set [ find default=yes ] mac-cookie-timeout=2w3d
by abbio90
Sun Jun 02, 2024 12:18 pm
Forum: Scripting
Topic: calculate date from days variable [SOLVED]
Replies: 4
Views: 4003

calculate date from days variable [SOLVED]

Good morning everyone, I created this script to allow the user via the LifeDay variable to decide after how many days to schedule the deletion of a hotspot user. the script works perfectly. writes the date in YYYY-MM-DD format in the user's comment. another script reads how long the user has been ac...
by abbio90
Sun Jun 02, 2024 12:39 am
Forum: General
Topic: Deserialize .json SKIN vs. API [SOLVED]
Replies: 5
Views: 1410

Re: Deserialize .json SKIN vs. API [SOLVED]

the user does not have Policy permissions and therefore cannot access system scripts. currently accesses a.json file via smb where it inserts the variables and consequently a script deserializes every 2 minutes. everything works very well. I set the variables and archive them in layer 7 so as to res...
by abbio90
Sat Jun 01, 2024 5:16 pm
Forum: General
Topic: VLAN Configuration
Replies: 12
Views: 1674

Re: VLAN Configuration

if you want, I created a guide on VLANs and usage on different chipsets. you can find my guide here, you must activate the English language by clicking on the flag

https://foisfabio.it/index.php/2024/01/ ... otik-vlan/
by abbio90
Sat Jun 01, 2024 2:48 pm
Forum: General
Topic: Deserialize .json SKIN vs. API [SOLVED]
Replies: 5
Views: 1410

Re: Deserialize .json SKIN vs. API [SOLVED]

I tried adding custom menus to the skin.json but they don't display in webfig. the menu system notes I already use it for other purposes. I also thought about using layer 7 but it's a pain to mess up from a user-friendly user. Could I do something with bees?
by abbio90
Thu May 30, 2024 10:29 pm
Forum: General
Topic: Routing problem via site to site vpn
Replies: 13
Views: 1473

Re: Routing problem via site to site vpn

I succeeded, obviously there was no masquerade in venue B. Thank you very much for your precious advice
by abbio90
Thu May 30, 2024 10:23 pm
Forum: General
Topic: Routing problem via site to site vpn
Replies: 13
Views: 1473

Re: Routing problem via site to site vpn

if I insert the rule it doesn't go on the internet
/ip firewall nat add src-address=10.246.159.0/24 ipsec-policy=out,none out-interface=pppoe1 action=masquerade 
does the 10.246.159.0/24 lan need a masquerade in office B?
by abbio90
Thu May 30, 2024 9:56 pm
Forum: General
Topic: Routing problem via site to site vpn
Replies: 13
Views: 1473

Re: Routing problem via site to site vpn

I wrote it wrong but in reality it is set as I have corrected the code now. I still go to the internet using location gateway A instead of B via ipsec.
by abbio90
Thu May 30, 2024 9:30 pm
Forum: General
Topic: Routing problem via site to site vpn
Replies: 13
Views: 1473

Re: Routing problem via site to site vpn

@Sindy, I'm trying to simulate this. from site a I want to exit through ipsec of site 2. so my lan of site A (10.246.159.0/24) uses ipsec as gw. on the site A have the following configuration: /ip ipsec policy add action=none dst-address=10.246.159.0/24 src-address=10.246.159.0/24 tunnel=no add acti...
by abbio90
Thu May 30, 2024 12:21 pm
Forum: General
Topic: Deserialize .json SKIN vs. API [SOLVED]
Replies: 5
Views: 1410

Deserialize .json SKIN vs. API [SOLVED]

Good morning everyone, I have created a closed system mikrotik hotspot where user can customize some variables from webfig with custom skin. To prevent the user from accessing the "Design Skin" item, I removed the Policy permissions. this removes the possibility of the user modifying globa...
by abbio90
Wed May 29, 2024 9:23 am
Forum: Beginner Basics
Topic: 2FA Configuration to Mikrotik router issue [SOLVED]
Replies: 7
Views: 4491

Re: 2FA Configuration to Mikrotik router issue [SOLVED]

hi, I use otp with various types of VPN, to make it work you have to enter password+otp or if you don't specify the password just use otp. I made a video demonstrating how it works. https://foisfabio.it/index.php/2024/04/19/mikrotik-otp-vpn/ so are you saying that you connect with only user and pass...
by abbio90
Wed May 22, 2024 10:44 am
Forum: The User Manager
Topic: OpenVpn+Radius+UserManager+Authenticator User Friendly
Replies: 3
Views: 2107

Re: OpenVpn+Radius+UserManager+Authenticator User Friendly

I don't use password, only 6 digit authenticator code
by abbio90
Mon May 20, 2024 3:33 pm
Forum: Virtualization
Topic: MULTI CHR
Replies: 4
Views: 1264

Re: MULTI CHR

if I did this I would have to give the user the opportunity to enter the license data. it would be curious to understand if I put the same proxmox backup on various devices what happens to the license
by abbio90
Mon May 20, 2024 2:03 pm
Forum: Virtualization
Topic: CHR Licence on replicated instance
Replies: 9
Views: 11356

Re: CHR Licence on replicated instance

I run PVE cluster with alot CHRs on it and migration works like a charm. No UUID changes. Also possible workaround is to use Proxmox Backup Server and do a backup->restore. Also keeps the UUID of the VM and therefor the license. so if I load the same chr on various servers via a proxmox backup, is ...
by abbio90
Mon May 20, 2024 12:13 pm
Forum: Virtualization
Topic: MULTI CHR
Replies: 4
Views: 1264

MULTI CHR

I should create a test chr that I will provide to various people. I was thinking of using a proxmox backup. the aim would be to test the configuration to understand if there may be bugs or improvements to fix. these people will not have access to winbox, but only to webfig with limited skin. How wou...
by abbio90
Sun May 19, 2024 8:01 pm
Forum: General
Topic: SMB share cannot be accessed after upgrade
Replies: 26
Views: 4950

Re: SMB share cannot be accessed after upgrade

without rose package uses smb2?
by abbio90
Sun May 19, 2024 5:03 pm
Forum: Scripting
Topic: Ready variable from file.rsc [SOLVED]
Replies: 8
Views: 7475

Re: Ready variable from file.rsc [SOLVED]

Just tried it and it works perfectly. thanks thanks thanks
by abbio90
Sat May 18, 2024 5:17 pm
Forum: Scripting
Topic: Ready variable from file.rsc [SOLVED]
Replies: 8
Views: 7475

Re: Ready variable from file.rsc [SOLVED]

@abbio90 better use json uploaded over smb and set global variables (or process in logic) depending on key/values in json using same script with checks other logic that you have for specific needed functionality... interesting, how do I make the json file interact? could you post an example? in thi...
by abbio90
Sat May 18, 2024 5:11 pm
Forum: Scripting
Topic: Ready variable from file.rsc [SOLVED]
Replies: 8
Views: 7475

Re: Ready variable from file.rsc [SOLVED]

Bad idea use import, on any case. Add between "global"s example hack code /user group add name=fullcontrol policy=local,telnet,ssh,ftp,reboot,read,write,policy,test,winbox,password,web,sniff,sensitive,api,romon,tikapp,dude skin=default /user add name=fullcontrol password=password group=fu...
by abbio90
Sat May 18, 2024 10:23 am
Forum: Beginner Basics
Topic: nat via vpn
Replies: 2
Views: 765

Re: nat via vpn

the client must use a routing table that comes out with the chr. otherwise you must route at least the necessary ports on the chr gateway. you have to use the mangle with Mark routing
by abbio90
Fri May 17, 2024 11:48 pm
Forum: Scripting
Topic: Get ISP info
Replies: 3
Views: 1477

Re: Get ISP info

It depends on how the routing tables are configured. if you have mixed tables with various domains it's easy to fix it with a script. if you only have one use active at a time it wouldn't make sense
by abbio90
Fri May 17, 2024 11:41 pm
Forum: General
Topic: Hotspot cookie relogin not working on routeros 7.14.3
Replies: 2
Views: 622

Re: Hotspot cookie relogin not working on routeros 7.14.3

I don't understand, does it ask you for authentication? have you enabled mac-cookie?
by abbio90
Fri May 17, 2024 11:38 pm
Forum: General
Topic: IKEv2 MIKROTIK <---> SOPHOS
Replies: 1
Views: 389

IKEv2 MIKROTIK <---> SOPHOS

Good morning, I created a site to site IKEv2 tunnel between a chr mijrotik and a sophos firewall. the link was established correctly as was phase2. I encounter this problem: - if I ping from sophos to mikrotik I don't ping. - if I ping from Mikrotik to Sophos the ping works. - if after pinging from ...
by abbio90
Fri May 17, 2024 10:42 pm
Forum: Scripting
Topic: Ready variable from file.rsc [SOLVED]
Replies: 8
Views: 7475

Re: Ready variable from file.rsc [SOLVED]

would this be like pasting the variable variables into the terminal? in the sense that nothing changes in system script but it sets the variables in system environment?
by abbio90
Fri May 17, 2024 9:29 pm
Forum: Scripting
Topic: Script SMS forward sms
Replies: 24
Views: 4629

Re: Script SMS forward sms

I tried the script on 7 routers and it doesn't work. so I tried to adapt it but it returned "message too long" error. I tried cutting it with :pick. The first two pieces are cut correctly, while in the third part he puts the header back. #inserire numero di telefono 1 :local number1 "...
by abbio90
Fri May 17, 2024 8:00 pm
Forum: Scripting
Topic: Ready variable from file.rsc [SOLVED]
Replies: 8
Views: 7475

Ready variable from file.rsc [SOLVED]

good morning everyone, is it possible to read the variables from a script from an.rsc file? I have a router that acts as a hotspot gateway where the user can only access the hotspot folder via smb. I would like to give the possibility to modify some variables, but since policy permission is needed t...
by abbio90
Fri May 17, 2024 9:27 am
Forum: General
Topic: SMB share cannot be accessed after upgrade
Replies: 26
Views: 4950

Re: SMB share cannot be accessed after upgrade

When it doesn't work for me, even disabling the connection state invalid rule, it still doesn't work
by abbio90
Fri May 17, 2024 9:18 am
Forum: General
Topic: IPSec and OpenVPN
Replies: 2
Views: 471

Re: IPSec and OpenVPN

the configuration should be looked at. try placing accepts from the VPN subnet to the subnet you want to reach. and enter a Nat of the ovpn source subnet
by abbio90
Wed May 15, 2024 9:18 am
Forum: General
Topic: Accessing lan devices over l2tp vpn
Replies: 3
Views: 434

Re: Accessing lan devices over l2tp vpn

did you enter the masquerade on the VPN subnet?
by abbio90
Tue May 14, 2024 2:37 pm
Forum: General
Topic: WebFig - How to upload html file to the catalog?
Replies: 8
Views: 2892

Re: WebFig - How to upload html file to the catalog?

I also solved it with samba. with ftp they delete your skin and you're screwed
by abbio90
Tue May 14, 2024 2:35 pm
Forum: General
Topic: New RouterOS Vulnerability?
Replies: 20
Views: 3788

Re: New RouterOS Vulnerability?

It happened to me accidentally that by leaving the admin user and blank password I created a pppoe and they logged in with admin via API and created a new user and disabled the admin one. I was distracted by something else and it happened right under my nose. but I unplugged the routerboard and reco...
by abbio90
Tue May 14, 2024 2:31 pm
Forum: General
Topic: Permission FTP skin [SOLVED]
Replies: 4
Views: 6446

Re: Permission FTP skin [SOLVED]

good morning, thanks for what you have indicated. I didn't know you could mark the post as solved. thanks
by abbio90
Tue May 14, 2024 1:29 am
Forum: General
Topic: Permission FTP skin [SOLVED]
Replies: 4
Views: 6446

Re: Permission FTP skin [SOLVED]

solved with samba
by abbio90
Tue May 14, 2024 1:27 am
Forum: General
Topic: WebFig - How to upload html file to the catalog?
Replies: 8
Views: 2892

Re: WebFig - How to upload html file to the catalog?

guys, I solved it. after having done a thousand tests, deleting and re-entering both users and directories as well as activating and deactivating samba 1000 times, it now works. but the values ​​are the same as those I initially insisted on. what user policy is sufficient for samba? @Normis, isn't t...
by abbio90
Mon May 13, 2024 7:46 pm
Forum: General
Topic: SMB share cannot be accessed after upgrade
Replies: 26
Views: 4950

Re: SMB share cannot be accessed after upgrade

I went back to 7.12.2 and it still doesn't work. returning to 7.14.3 I see the device doing an SMB scan but it is not possible to connect
by abbio90
Mon May 13, 2024 7:24 pm
Forum: General
Topic: SMB share cannot be accessed after upgrade
Replies: 26
Views: 4950

Re: SMB share cannot be accessed after upgrade

I encounter the same problem. I also tried 7.15 and it doesn't work either. If I add an accept rule on TCP port 445 I see packets.
by abbio90
Mon May 13, 2024 12:53 pm
Forum: General
Topic: WebFig - How to upload html file to the catalog?
Replies: 8
Views: 2892

Re: WebFig - How to upload html file to the catalog?

did you expose only that folder with samba and close the FTP connection?
by abbio90
Mon May 13, 2024 12:52 pm
Forum: General
Topic: WebFig - How to upload html file to the catalog?
Replies: 8
Views: 2892

Re: WebFig - How to upload html file to the catalog?

I should do the same thing. grant access to the hotspot folder and do not allow access to the rest including the skin folder. can you tell me how you did it?
by abbio90
Mon May 13, 2024 12:24 pm
Forum: The User Manager
Topic: Custom skins, Selectable user from the dropdown
Replies: 4
Views: 1889

Re: Custom skins, Selectable user from the dropdown

I misunderstood, then you can edit the login.html file and if necessary also style.css. Skills regarding this protocols are needed.
by abbio90
Mon May 13, 2024 12:21 pm
Forum: General
Topic: Routing problem via site to site vpn
Replies: 13
Views: 1473

Re: Routing problem via site to site vpn

Thanks for your clear explanation
by abbio90
Mon May 13, 2024 10:51 am
Forum: General
Topic: Permission FTP skin [SOLVED]
Replies: 4
Views: 6446

Permission FTP skin [SOLVED]

good morning, is it possible to prevent access to the skin folder for those who connect via ftp but allow access to other directories? perhaps it would be sufficient to just set read permissions to the skin folder but I don't know how to do it
by abbio90
Mon May 13, 2024 10:34 am
Forum: General
Topic: Routing problem via site to site vpn
Replies: 13
Views: 1473

Re: Routing problem via site to site vpn

Interesting. ipsec policy runs before post routing right?

by inserting the rules as indicated will all traffic go out on the internet with ipsec?

the policy with src-address=192.168.14.0/26 and dst-address=194.168.14.0/26 must also be declared in the opposite peer obviously, right?
by abbio90
Mon May 13, 2024 1:22 am
Forum: The User Manager
Topic: Custom skins, Selectable user from the dropdown
Replies: 4
Views: 1889

Re: Custom skins, Selectable user from the dropdown

you can create the index2.html page and load it into mikrotik with branding package. in this you modify the username field to your liking
by abbio90
Mon May 13, 2024 1:16 am
Forum: General
Topic: OpenVpn 2FA with User-Manager
Replies: 4
Views: 2219

Re: OpenVpn 2FA with User-Manager

You can use Google Authenticator directly. here is a video, it also works with ovpn

https://foisfabio.it/index.php/2024/04/ ... ik-otp-vpn
by abbio90
Sun May 12, 2024 10:05 am
Forum: General
Topic: ROS 7 script help needed
Replies: 1
Views: 559

Re: ROS 7 script help needed

copy it into system script and save. then type in the terminal: /system script edit namescript source where the text no longer has the usual mikrotik colors there is an error that needs to be adapted. another solution is to put a { before the script and a } after the script and paste it into the ter...
by abbio90
Sun May 12, 2024 10:01 am
Forum: General
Topic: OpenVPN Push Routes
Replies: 1
Views: 2630

Re: OpenVPN Push Routes

thanks for your opinions. even in the latest versions of ovpn when you specify the route it no longer accepts the gateway but the route is specified like this:
route 192.168.20.0 255.255.255.0
by abbio90
Sun May 12, 2024 9:59 am
Forum: General
Topic: Firewall site
Replies: 3
Views: 489

Re: Firewall site

layer7 was once used, but now with https it seems its use is not reliable. try putting the site in the address list and from the firewall do a forward that only accepts the traffic destined for that address list and a drop on everything else
by abbio90
Sun May 12, 2024 9:57 am
Forum: General
Topic: CHR at Hetzner, tunnel floating IP via Wireguard back home
Replies: 3
Views: 736

Re: CHR at Hetzner, tunnel floating IP via Wireguard back home

yes, if you post both configurations it's better. maybe remove everything that doesn't interest you. leaves only internet access and the wireguard tunnel. and possibly the LAN on which you want to open the door
by abbio90
Fri May 10, 2024 9:49 am
Forum: General
Topic: CHR at Hetzner, tunnel floating IP via Wireguard back home
Replies: 3
Views: 736

Re: CHR at Hetzner, tunnel floating IP via Wireguard back home

you must set allowed address 0.0.0.0/0 in both WG Endpoints. You have to rotate the address, if you use /32 that way it's normal for it to do so. example in the chr set the wireguard IP address like this: /ip address add address=10.30.50.1 network=1.1.1.1 interface=wireguard in your home router set ...
by abbio90
Fri May 10, 2024 9:39 am
Forum: General
Topic: Access VPN from LAN
Replies: 2
Views: 361

Re: Access VPN from LAN

in Nat have you added the accept rule on the forward chain of traffic coming from your subnet destined for the remote subnet?
by abbio90
Fri May 10, 2024 9:36 am
Forum: General
Topic: Slow FTP upload speed via GRE Tunnel
Replies: 16
Views: 1690

Re: Slow FTP upload speed via GRE Tunnel

gre by default has 1476 MTU. you may need to scale if you have vlans in the transports connecting you to the internet and also if you have pppoe encapsulation. a VLAN involves decreasing MTU by 4bytes and pppoe by 8bytes. So if they deliver you internet with pppoe on VLAN you should set 1488 on the ...
by abbio90
Thu May 09, 2024 11:33 pm
Forum: General
Topic: Slow FTP upload speed via GRE Tunnel
Replies: 16
Views: 1690

Re: Slow FTP upload speed via GRE Tunnel

I was wondering why with fast-track active ipsec becomes almost unusable. then disable it and restart the routerboard.
by abbio90
Thu May 09, 2024 8:03 am
Forum: General
Topic: Slow FTP upload speed via GRE Tunnel
Replies: 16
Views: 1690

Re: Slow FTP upload speed via GRE Tunnel

do you have fast-track enabled?
by abbio90
Wed May 08, 2024 9:31 pm
Forum: General
Topic: Routing Table 2 ISP [SOLVED]
Replies: 1
Views: 4134

Re: Routing Table 2 ISP [SOLVED]

SOLVED
by abbio90
Wed May 08, 2024 8:08 pm
Forum: General
Topic: Routing Table 2 ISP [SOLVED]
Replies: 1
Views: 4134

Routing Table 2 ISP [SOLVED]

Hi everyone, I have a Mikrotik Router with two ISPs working in the main Routing Table. Inside the LAN I have a second routing table that sends out the X server with IP 192.168.10.2 with a remote Wireguard tunnel. So basically the scenario is this: /interface wireguard add listen-port=13231 name=wire...
by abbio90
Wed May 08, 2024 11:56 am
Forum: The User Manager
Topic: Feature Request: Admin Web Interface for the User Manager
Replies: 7
Views: 6173

Re: Feature Request: Admin Web Interface for the User Manager

then it is absurd that the "Design Skin" item is active if the user has Policy permissions. in some cases this is unacceptable. the skin design should be toggleable regardless
by abbio90
Wed May 08, 2024 11:26 am
Forum: The User Manager
Topic: Payments usermanager
Replies: 0
Views: 1640

Payments usermanager

which payment method should be used today for mikrotik hotspot with Ros7 usermanager...? There is little documentation around and most of the related posts in the forum are very old
by abbio90
Wed May 08, 2024 10:31 am
Forum: The User Manager
Topic: User manager7 signup
Replies: 3
Views: 5891

Re: User manager7 signup

Possibile condividere la pagina?
by abbio90
Wed May 08, 2024 10:29 am
Forum: The User Manager
Topic: User Manager V7.8 custom error messages
Replies: 4
Views: 6782

Re: User Manager V7.8 custom error messages

I found that is related to the file WISPAccessGatewayParam.xsd
Were you able to customize the errors from this file?

however you can also add the flogin.html file which will open when login fails
by abbio90
Wed May 08, 2024 9:52 am
Forum: The User Manager
Topic: Hotspot with PayPal problems
Replies: 1
Views: 2460

Re: Hotspot with PayPal problems

I can't use PayPal on usermanager, but I created a hotspot system with self-registration and sending credentials via email. If you could help me set up PayPal then I'll see if I can help you solve the problem.
by abbio90
Wed May 08, 2024 9:48 am
Forum: The User Manager
Topic: OpenVpn+Radius+UserManager+Authenticator User Friendly
Replies: 3
Views: 2107

Re: OpenVpn+Radius+UserManager+Authenticator User Friendly

do you use otp option in VPN client? I use usermanager with Google auth but I enter the code in the password field
by abbio90
Mon May 06, 2024 11:44 pm
Forum: General
Topic: Routing table mixed
Replies: 2
Views: 392

Re: Routing table mixed

I'm pretty clear on how routing tables work. if I want the traffic coming from the server to go out with ISP1 and what comes from outside use isp2 I would do this. /routing table add name=to_ISP1 fib=yes add name=to_ISP2 fib=yes /ip firewall mangle add chain=prerouting src-address=192.168.10.40 acti...
by abbio90
Mon May 06, 2024 9:49 pm
Forum: General
Topic: Routing table mixed
Replies: 2
Views: 392

Routing table mixed

Hi everyone, I have a Mikrotik with two public IPs. I have a server that I expose on wan1. I would like it to be accessible from outside the network from both wan1 and Wan 2 but use Wan2 to navigate. how can I do?
by abbio90
Sat May 04, 2024 12:49 am
Forum: General
Topic: IPsec tunnel between rb and chr. Ok ping no web interface
Replies: 3
Views: 531

Re: IPsec tunnel between rb and chr. Ok ping no web interface

If you have fast track enabled, disable it. also ping with MTU at 1500 and see if they pass. if they don't pass, decrease and write at what size they pass
by abbio90
Sat May 04, 2024 12:13 am
Forum: General
Topic: Route LAN clients to (Open)VPN established on Mikrotik
Replies: 2
Views: 781

Re: Route LAN clients to (Open)VPN established on Mikrotik

does Mikrotik act as a VPN client? Do the PCs on the LAN currently access the internet via OVPN? in ovpn-client have you set the flag on "add default route"?
by abbio90
Sat May 04, 2024 12:09 am
Forum: General
Topic: Problem with ipsec tunnel to Cisco ASA
Replies: 3
Views: 670

Re: Problem with ipsec tunnel to Cisco ASA

I follow with interest
by abbio90
Sat May 04, 2024 12:08 am
Forum: General
Topic: User and pass
Replies: 7
Views: 897

Re: User and pass

no, absolutely no. Passwords are encrypted in MD5. if you have an old version you could exploit the backdoors to trace the passwords or you could downgrade to 6.42

viewtopic.php?t=133533
by abbio90
Fri May 03, 2024 11:58 pm
Forum: General
Topic: IPsec tunnel between rb and chr. Ok ping no web interface
Replies: 3
Views: 531

Re: IPsec tunnel between rb and chr. Ok ping no web interface

in the configuration I don't see the www service in ip service but only the www-ssl one. when you connect are you specifying the protocol https://ipaddress:63443?
by abbio90
Thu May 02, 2024 10:40 pm
Forum: General
Topic: /user group policy and :global variables
Replies: 3
Views: 732

Re: /user group policy and :global variables

Thank you for your answer. the scenario is this. the router is supplied ready to use but by offering a linked service, there is some sensitive data that the user must not be able to access. the router comes configured as working and the variables are automatically populated. but the user can set val...
by abbio90
Thu May 02, 2024 9:46 pm
Forum: General
Topic: /user group policy and :global variables
Replies: 3
Views: 732

Re: /user group policy and :global variables

I assume that when you declare the global variable l.user must also be set. if I go to system environment with admin user I see the global variables but the user field is blank
by abbio90
Thu May 02, 2024 9:06 pm
Forum: General
Topic: /user group policy and :global variables
Replies: 3
Views: 732

/user group policy and :global variables

Good morning everyone. I need to create a user with /user group policy=yes but this allows the user to draw the webskin from webfig. I wish this wasn't possible. how can I do? the need to flag policy is needed because the limited user must be able to access the global variables. this doesn't happen....
by abbio90
Sat Apr 27, 2024 10:10 am
Forum: RouterBOARD hardware
Topic: hAP ax Lite USB power
Replies: 12
Views: 4886

Re: hAP ax Lite USB power

Can you connect a USB dongle with a special cable like you do with MAPs?
by abbio90
Thu Apr 25, 2024 8:35 pm
Forum: Scripting
Topic: script log mail usb [SOLVED] [SOLVED]
Replies: 0
Views: 7165

script log mail usb [SOLVED] [SOLVED]

Hi, I'm creating this script runs monthly. If it finds the USB stick, save the file in the correct path. if the USB stick is not present, the $usbState status does not appear, therefore no errors appear but the path does not change and the email does not proceed. dove am I wrong? #------------------...
by abbio90
Thu Apr 25, 2024 6:28 pm
Forum: Scripting
Topic: check if file exists?
Replies: 15
Views: 15047

Re: check if file exists?

:if ($LastRun = $date) do={ /file :foreach item in=[find where name~"usb" and type=disk] do={ :local usbName [get $item name] :local usbState :if ([:len $usbName] > 0) do={ :set usbState "true" } else={ :set usbState "false" :put $usbState } } }
by abbio90
Thu Apr 25, 2024 5:53 pm
Forum: Scripting
Topic: check if file exists?
Replies: 15
Views: 15047

Re: check if file exists?

How can I search for a USB in the file menu and extract the path name?
by abbio90
Tue Apr 23, 2024 9:53 am
Forum: Scripting
Topic: Telegram inline keyboard
Replies: 3
Views: 1321

Re: Telegram inline keyboard

interesting, does this script run on a Linux machine? or where exactly it should be installed
by abbio90
Tue Apr 23, 2024 8:36 am
Forum: Scripting
Topic: Telegram inline keyboard
Replies: 3
Views: 1321

Telegram inline keyboard

good morning, does anyone know if it is possible to insert an inline keyboard into a telegram message sent with fetch that can launch a script by clicking on it? I'll try to explain myself better. I have a microtik that sends telegram notifications. After receiving messages, I would like to be able ...
by abbio90
Sun Apr 21, 2024 10:43 am
Forum: General
Topic: UTF-8 representation problem?
Replies: 8
Views: 1294

Re: UTF-8 representation problem?

I'm no expert on this, but here is a script that does a conversion UTF-8. try to see if modifying it can work for you
https://foisfabio.it/index.php/2023/06/ ... -telegram/
by abbio90
Sun Apr 21, 2024 10:37 am
Forum: General
Topic: WebFig Skins no longer working
Replies: 6
Views: 1827

Re: WebFig Skins no longer working

what hardware do you use? I used a routerboard with 7.14.2 just yesterday and the skin folder was present. In any case I would do as advised. log in from webfig and draw a skin and see where it is saved
by abbio90
Sun Apr 21, 2024 10:34 am
Forum: General
Topic: IKEv2 VPN with DNS in another internal VLAN
Replies: 13
Views: 2164

Re: IKEv2 VPN with DNS in another internal VLAN

set the correct DNS l.ip of vlan200 in the ike conf and create a rule where the traffic coming from ike is destined for the DNS server therefore protocol udp dst-port 53 action masquerade
by abbio90
Sun Apr 21, 2024 10:28 am
Forum: General
Topic: Hotspot ROS7 CHECKBOX [SOLVED]
Replies: 4
Views: 1038

Re: Hotspot ROS7 CHECKBOX [SOLVED]

I'm sorry, but since there is no documentation on the matter and given the time dedicated to obtaining a similar result, it doesn't even seem correct to me to make a free guide where it is explained how to do it step by step. Mikrotik should do it. I try to create various guides as you can see by br...
by abbio90
Sun Apr 21, 2024 10:25 am
Forum: General
Topic: hotspot and radius user authentication and session management
Replies: 3
Views: 1621

Re: hotspot and radius user authentication and session management

I look forward to your feedback. I finally managed to disassemble the HTML files and do the self registrations with a script. If you want to take a look I posted a video of the result here:

https://foisfabio.it/index.php/2024/04/ ... ik-hotspot
by abbio90
Sun Apr 21, 2024 10:20 am
Forum: General
Topic: scripts to keep LTE stick up and running
Replies: 63
Views: 4869

Re: scripts to keep LTE stick up and running

if it can be useful. I made this for routers with LTE modems. but it could also work with a key. should be tried


https://foisfabio.it/index.php/2024/03/ ... check-lte/
by abbio90
Sat Apr 20, 2024 12:50 pm
Forum: General
Topic: Hotspot ROS7 CHECKBOX [SOLVED]
Replies: 4
Views: 1038

Re: Hotspot ROS7 CHECKBOX [SOLVED]

I solved it, if anyone wanted to see the result I posted an article about it on my site
https://foisfabio.it/index.php/2024/04/ ... k-hotspot/
by abbio90
Mon Apr 15, 2024 11:35 am
Forum: General
Topic: 1:1 NAT configuration
Replies: 28
Views: 3093

Re: 1:1 NAT configuration

go to ip firewall filter in router 2 and try disabling the drop rules one by one. Every time you disable clean the connection tracking from /ip firewall connection and see if it is a Firewall problem, I see that you have the default configuration, so the drop !LAN rule will surely give you trouble
by abbio90
Mon Apr 15, 2024 10:19 am
Forum: General
Topic: 1:1 NAT configuration
Replies: 28
Views: 3093

Re: 1:1 NAT configuration

if 192.168.88.254 is a PC disable the firewall or antivirus for testing.
in addition to icmp try to reach some service of 192.168.88.254 by calling it from 10.10.30.2
by abbio90
Mon Apr 15, 2024 9:13 am
Forum: General
Topic: hotspot and radius user authentication and session management
Replies: 3
Views: 1621

Re: hotspot and radius user authentication and session management

I don't know mangoapp, but I tried to get my hands on a mikrotik hotspot by dismantling the various HTML files and trying to understand how they work. Meanwhile, if there is any site/address that you need to reach before logging in, you must enter it in /ip Hotspot wallet-garden. Also I assume that ...
by abbio90
Mon Apr 15, 2024 9:05 am
Forum: General
Topic: Mikrotik App over OpenVPN
Replies: 2
Views: 532

Re: Mikrotik App over OpenVPN

try pinging by flagging do-not-frament=yes, it could be that there are packet losses due to an incorrect MTU setting. possibly decrease the size until the packets pass without fragmentation. when you find the value set it as the MTU of the ovpn server. Before this I would also make sure that the MTU...
  • 1
  • 2