Community discussions

MikroTik App

Search found 293 matches

by abbio90
Sun Jun 16, 2024 3:49 pm
Forum: General
Topic: WINBOX VPN
Replies: 1
Views: 177

Re: WINBOX VPN

It could be an mtu problem, try reducing the mtu of the VPN
by abbio90
Sun Jun 16, 2024 2:26 pm
Forum: General
Topic: Rb3011 embarrassing performance
Replies: 0
Views: 169

Rb3011 embarrassing performance

good morning, I performed bandwidth tests on various devices including rb2011 and rb3011. in rb2011 I have about 200mbps of throughput with pppoe. if I enable fast track again with pppoe I get almost 700mbps. in bridging we are around 860mbps and I would say it's fine. Doing the same tests on the rb...
by abbio90
Sun Jun 16, 2024 10:34 am
Forum: Scripting
Topic: Dual WAN Internet detection
Replies: 1
Views: 477

Re: Dual WAN Internet detection

Isn't it easier to use netwatch? in version 7 it has been improved a lot
by abbio90
Sun Jun 16, 2024 10:33 am
Forum: Scripting
Topic: Script for auto-repy sms
Replies: 2
Views: 478

Re: Script for auto-repy sms

what exactly do you use this script for?
by abbio90
Sat Jun 15, 2024 7:21 pm
Forum: Scripting
Topic: ssh-exec activation keys [SOLVED]
Replies: 1
Views: 182

Re: ssh-exec activation keys [SOLVED]

Something like that, but I'm putting one ssh-exec inside another. I don't think it works { :global License "4a7135fe7bef7d4b046c" :local IPclient [/ip address get [find where interface=l2tp-out1] address] :set IPclient [:pick $IPclient 0 [:find $IPclient "/"]] :put $IPclient :if ...
by abbio90
Sat Jun 15, 2024 6:53 pm
Forum: Scripting
Topic: ssh-exec activation keys [SOLVED]
Replies: 1
Views: 182

ssh-exec activation keys [SOLVED]

Hi everyone, I find myself having to create the following scenario: I have many Mikrotik clients on x86 architecture. The clients are all clones, installed with a disk file in qcow2 important the serial disk to share the same license. Services run on these clients. the user has exclusive access via ...
by abbio90
Wed Jun 12, 2024 7:40 pm
Forum: General
Topic: Hotspot receive mail After login
Replies: 0
Views: 219

Hotspot receive mail After login

I have a mikrotik captive portal hotspot, I would like users to receive emails even before authenticating. Is this rule sufficient?
/ip hotspot/ip hotspot walled-garden ip address action=accept disabled=no dst-address=0.0.0.0/0 protocol=tcp dst-port=995
by abbio90
Wed Jun 12, 2024 7:35 pm
Forum: General
Topic: received NAK from dhcp server
Replies: 2
Views: 372

Re: received NAK from dhcp server

is analyzing the situation thoroughly. it seems that provisioning on the CPE's tr069 occurs exactly every 15 minutes (900 seconds). Could that be causing this problem?
by abbio90
Mon Jun 10, 2024 8:07 am
Forum: General
Topic: 1:1 NAT max
Replies: 2
Views: 231

Re: 1:1 NAT max

in the sense that you have 1000 public IPs and you want them to be connected with Nat 1:1 on 1000 private IPs?
by abbio90
Sat Jun 08, 2024 5:04 pm
Forum: General
Topic: received NAK from dhcp server
Replies: 2
Views: 372

received NAK from dhcp server

Hi everyone, I have a routerboard that works as a dhcp client on a Vodafone FWA connection. I have a Vodafone ZTE CPE configured in bridge mode on which it is only possible to configure the APN and the VLAN on which dhcp client is exposed. Everything works, the rb is issued a dynamic public IP with ...
by abbio90
Wed Jun 05, 2024 11:58 am
Forum: Beginner Basics
Topic: Hex S VLAN Routing Speed
Replies: 18
Views: 2707

Re: Hex S VLAN Routing Speed

in summary, on this router is it better to configure the VLANs with VLAN filtering as the chipset does not allow the configuration of the VLANs in VLAN filtering?
by abbio90
Wed Jun 05, 2024 11:52 am
Forum: General
Topic: Hotspot SSL invalid i used the new "/certificate/enable-ssl-certificate"
Replies: 1
Views: 500

Re: Hotspot SSL invalid i used the new "/certificate/enable-ssl-certificate"

do you use ets encrypt? if you use it, try to also expose the http port and check that the router is able to reach the ets encrypt to verify the certificate. It is also important that the date and time are correct
by abbio90
Tue Jun 04, 2024 11:12 pm
Forum: General
Topic: OpenVPN (client mode) TLS-handshake error
Replies: 2
Views: 305

Re: OpenVPN (client mode) TLS-handshake error

it could be an mtu problem. test by decreasing the mtu.
by abbio90
Sun Jun 02, 2024 12:59 pm
Forum: Scripting
Topic: calculate date from days variable
Replies: 4
Views: 280

Re: calculate date from days variable

Well yes, in fact you could set 31 by default and only set the exceptions. anyway I thought something could be done by collecting data as an array in a variable
by abbio90
Sun Jun 02, 2024 12:41 pm
Forum: Scripting
Topic: convert timestamp to 17d 00:00:00
Replies: 0
Views: 173

convert timestamp to 17d 00:00:00

good morning everyone, is there a clean way to turn 2w3d into 17d 00:00:00?
/ip hotspot user profile
set [ find default=yes ] mac-cookie-timeout=2w3d
by abbio90
Sun Jun 02, 2024 12:18 pm
Forum: Scripting
Topic: calculate date from days variable
Replies: 4
Views: 280

calculate date from days variable

Good morning everyone, I created this script to allow the user via the LifeDay variable to decide after how many days to schedule the deletion of a hotspot user. the script works perfectly. writes the date in YYYY-MM-DD format in the user's comment. another script reads how long the user has been ac...
by abbio90
Sun Jun 02, 2024 12:39 am
Forum: General
Topic: Deserialize .json SKIN vs. API
Replies: 5
Views: 494

Re: Deserialize .json SKIN vs. API

the user does not have Policy permissions and therefore cannot access system scripts. currently accesses a.json file via smb where it inserts the variables and consequently a script deserializes every 2 minutes. everything works very well. I set the variables and archive them in layer 7 so as to res...
by abbio90
Sat Jun 01, 2024 5:16 pm
Forum: General
Topic: VLAN Configuration
Replies: 12
Views: 1102

Re: VLAN Configuration

if you want, I created a guide on VLANs and usage on different chipsets. you can find my guide here, you must activate the English language by clicking on the flag

https://foisfabio.it/index.php/2024/01/ ... otik-vlan/
by abbio90
Sat Jun 01, 2024 2:48 pm
Forum: General
Topic: Deserialize .json SKIN vs. API
Replies: 5
Views: 494

Re: Deserialize .json SKIN vs. API

I tried adding custom menus to the skin.json but they don't display in webfig. the menu system notes I already use it for other purposes. I also thought about using layer 7 but it's a pain to mess up from a user-friendly user. Could I do something with bees?
by abbio90
Thu May 30, 2024 10:29 pm
Forum: General
Topic: Routing problem via site to site vpn
Replies: 13
Views: 1096

Re: Routing problem via site to site vpn

I succeeded, obviously there was no masquerade in venue B. Thank you very much for your precious advice
by abbio90
Thu May 30, 2024 10:23 pm
Forum: General
Topic: Routing problem via site to site vpn
Replies: 13
Views: 1096

Re: Routing problem via site to site vpn

if I insert the rule it doesn't go on the internet
/ip firewall nat add src-address=10.246.159.0/24 ipsec-policy=out,none out-interface=pppoe1 action=masquerade 
does the 10.246.159.0/24 lan need a masquerade in office B?
by abbio90
Thu May 30, 2024 9:56 pm
Forum: General
Topic: Routing problem via site to site vpn
Replies: 13
Views: 1096

Re: Routing problem via site to site vpn

I wrote it wrong but in reality it is set as I have corrected the code now. I still go to the internet using location gateway A instead of B via ipsec.
by abbio90
Thu May 30, 2024 9:30 pm
Forum: General
Topic: Routing problem via site to site vpn
Replies: 13
Views: 1096

Re: Routing problem via site to site vpn

@Sindy, I'm trying to simulate this. from site a I want to exit through ipsec of site 2. so my lan of site A (10.246.159.0/24) uses ipsec as gw. on the site A have the following configuration: /ip ipsec policy add action=none dst-address=10.246.159.0/24 src-address=10.246.159.0/24 tunnel=no add acti...
by abbio90
Thu May 30, 2024 12:21 pm
Forum: General
Topic: Deserialize .json SKIN vs. API
Replies: 5
Views: 494

Deserialize .json SKIN vs. API

Good morning everyone, I have created a closed system mikrotik hotspot where user can customize some variables from webfig with custom skin. To prevent the user from accessing the "Design Skin" item, I removed the Policy permissions. this removes the possibility of the user modifying globa...
by abbio90
Wed May 29, 2024 9:23 am
Forum: Beginner Basics
Topic: 2FA Configuration to Mikrotik router issue [SOLVED]
Replies: 7
Views: 697

Re: 2FA Configuration to Mikrotik router issue [SOLVED]

hi, I use otp with various types of VPN, to make it work you have to enter password+otp or if you don't specify the password just use otp. I made a video demonstrating how it works. https://foisfabio.it/index.php/2024/04/19/mikrotik-otp-vpn/ so are you saying that you connect with only user and pass...
by abbio90
Wed May 22, 2024 10:44 am
Forum: The User Manager
Topic: OpenVpn+Radius+UserManager+Authenticator User Friendly
Replies: 3
Views: 749

Re: OpenVpn+Radius+UserManager+Authenticator User Friendly

I don't use password, only 6 digit authenticator code
by abbio90
Mon May 20, 2024 3:33 pm
Forum: Virtualization
Topic: MULTI CHR
Replies: 4
Views: 604

Re: MULTI CHR

if I did this I would have to give the user the opportunity to enter the license data. it would be curious to understand if I put the same proxmox backup on various devices what happens to the license
by abbio90
Mon May 20, 2024 2:03 pm
Forum: Virtualization
Topic: CHR Licence on replicated instance
Replies: 9
Views: 10144

Re: CHR Licence on replicated instance

I run PVE cluster with alot CHRs on it and migration works like a charm. No UUID changes. Also possible workaround is to use Proxmox Backup Server and do a backup->restore. Also keeps the UUID of the VM and therefor the license. so if I load the same chr on various servers via a proxmox backup, is ...
by abbio90
Mon May 20, 2024 12:13 pm
Forum: Virtualization
Topic: MULTI CHR
Replies: 4
Views: 604

MULTI CHR

I should create a test chr that I will provide to various people. I was thinking of using a proxmox backup. the aim would be to test the configuration to understand if there may be bugs or improvements to fix. these people will not have access to winbox, but only to webfig with limited skin. How wou...
by abbio90
Sun May 19, 2024 8:01 pm
Forum: General
Topic: SMB share cannot be accessed after upgrade
Replies: 26
Views: 3018

Re: SMB share cannot be accessed after upgrade

without rose package uses smb2?
by abbio90
Sun May 19, 2024 5:03 pm
Forum: Scripting
Topic: Ready variable from file.rsc [SOLVED]
Replies: 8
Views: 2130

Re: Ready variable from file.rsc [SOLVED]

Just tried it and it works perfectly. thanks thanks thanks
by abbio90
Sat May 18, 2024 5:17 pm
Forum: Scripting
Topic: Ready variable from file.rsc [SOLVED]
Replies: 8
Views: 2130

Re: Ready variable from file.rsc [SOLVED]

@abbio90 better use json uploaded over smb and set global variables (or process in logic) depending on key/values in json using same script with checks other logic that you have for specific needed functionality... interesting, how do I make the json file interact? could you post an example? in thi...
by abbio90
Sat May 18, 2024 5:11 pm
Forum: Scripting
Topic: Ready variable from file.rsc [SOLVED]
Replies: 8
Views: 2130

Re: Ready variable from file.rsc [SOLVED]

Bad idea use import, on any case. Add between "global"s example hack code /user group add name=fullcontrol policy=local,telnet,ssh,ftp,reboot,read,write,policy,test,winbox,password,web,sniff,sensitive,api,romon,tikapp,dude skin=default /user add name=fullcontrol password=password group=fu...
by abbio90
Sat May 18, 2024 10:23 am
Forum: Beginner Basics
Topic: nat via vpn
Replies: 2
Views: 437

Re: nat via vpn

the client must use a routing table that comes out with the chr. otherwise you must route at least the necessary ports on the chr gateway. you have to use the mangle with Mark routing
by abbio90
Fri May 17, 2024 11:48 pm
Forum: Scripting
Topic: Get ISP info
Replies: 3
Views: 521

Re: Get ISP info

It depends on how the routing tables are configured. if you have mixed tables with various domains it's easy to fix it with a script. if you only have one use active at a time it wouldn't make sense
by abbio90
Fri May 17, 2024 11:41 pm
Forum: General
Topic: Hotspot cookie relogin not working on routeros 7.14.3
Replies: 2
Views: 510

Re: Hotspot cookie relogin not working on routeros 7.14.3

I don't understand, does it ask you for authentication? have you enabled mac-cookie?
by abbio90
Fri May 17, 2024 11:38 pm
Forum: General
Topic: IKEv2 MIKROTIK <---> SOPHOS
Replies: 1
Views: 276

IKEv2 MIKROTIK <---> SOPHOS

Good morning, I created a site to site IKEv2 tunnel between a chr mijrotik and a sophos firewall. the link was established correctly as was phase2. I encounter this problem: - if I ping from sophos to mikrotik I don't ping. - if I ping from Mikrotik to Sophos the ping works. - if after pinging from ...
by abbio90
Fri May 17, 2024 10:42 pm
Forum: Scripting
Topic: Ready variable from file.rsc [SOLVED]
Replies: 8
Views: 2130

Re: Ready variable from file.rsc [SOLVED]

would this be like pasting the variable variables into the terminal? in the sense that nothing changes in system script but it sets the variables in system environment?
by abbio90
Fri May 17, 2024 9:29 pm
Forum: Scripting
Topic: Script SMS forward sms
Replies: 7
Views: 1511

Re: Script SMS forward sms

I tried the script on 7 routers and it doesn't work. so I tried to adapt it but it returned "message too long" error. I tried cutting it with :pick. The first two pieces are cut correctly, while in the third part he puts the header back. #inserire numero di telefono 1 :local number1 "...
by abbio90
Fri May 17, 2024 8:00 pm
Forum: Scripting
Topic: Ready variable from file.rsc [SOLVED]
Replies: 8
Views: 2130

Ready variable from file.rsc [SOLVED]

good morning everyone, is it possible to read the variables from a script from an.rsc file? I have a router that acts as a hotspot gateway where the user can only access the hotspot folder via smb. I would like to give the possibility to modify some variables, but since policy permission is needed t...
by abbio90
Fri May 17, 2024 9:27 am
Forum: General
Topic: SMB share cannot be accessed after upgrade
Replies: 26
Views: 3018

Re: SMB share cannot be accessed after upgrade

When it doesn't work for me, even disabling the connection state invalid rule, it still doesn't work
by abbio90
Fri May 17, 2024 9:18 am
Forum: General
Topic: IPSec and OpenVPN
Replies: 2
Views: 373

Re: IPSec and OpenVPN

the configuration should be looked at. try placing accepts from the VPN subnet to the subnet you want to reach. and enter a Nat of the ovpn source subnet
by abbio90
Wed May 15, 2024 9:18 am
Forum: General
Topic: Accessing lan devices over l2tp vpn
Replies: 3
Views: 347

Re: Accessing lan devices over l2tp vpn

did you enter the masquerade on the VPN subnet?
by abbio90
Tue May 14, 2024 2:37 pm
Forum: General
Topic: WebFig - How to upload html file to the catalog?
Replies: 8
Views: 2590

Re: WebFig - How to upload html file to the catalog?

I also solved it with samba. with ftp they delete your skin and you're screwed
by abbio90
Tue May 14, 2024 2:35 pm
Forum: General
Topic: New RouterOS Vulnerability?
Replies: 20
Views: 1373

Re: New RouterOS Vulnerability?

It happened to me accidentally that by leaving the admin user and blank password I created a pppoe and they logged in with admin via API and created a new user and disabled the admin one. I was distracted by something else and it happened right under my nose. but I unplugged the routerboard and reco...
by abbio90
Tue May 14, 2024 2:31 pm
Forum: General
Topic: Permission FTP skin [SOLVED]
Replies: 4
Views: 5833

Re: Permission FTP skin [SOLVED]

good morning, thanks for what you have indicated. I didn't know you could mark the post as solved. thanks
by abbio90
Tue May 14, 2024 1:29 am
Forum: General
Topic: Permission FTP skin [SOLVED]
Replies: 4
Views: 5833

Re: Permission FTP skin [SOLVED]

solved with samba
by abbio90
Tue May 14, 2024 1:27 am
Forum: General
Topic: WebFig - How to upload html file to the catalog?
Replies: 8
Views: 2590

Re: WebFig - How to upload html file to the catalog?

guys, I solved it. after having done a thousand tests, deleting and re-entering both users and directories as well as activating and deactivating samba 1000 times, it now works. but the values ​​are the same as those I initially insisted on. what user policy is sufficient for samba? @Normis, isn't t...
by abbio90
Mon May 13, 2024 7:46 pm
Forum: General
Topic: SMB share cannot be accessed after upgrade
Replies: 26
Views: 3018

Re: SMB share cannot be accessed after upgrade

I went back to 7.12.2 and it still doesn't work. returning to 7.14.3 I see the device doing an SMB scan but it is not possible to connect
by abbio90
Mon May 13, 2024 7:24 pm
Forum: General
Topic: SMB share cannot be accessed after upgrade
Replies: 26
Views: 3018

Re: SMB share cannot be accessed after upgrade

I encounter the same problem. I also tried 7.15 and it doesn't work either. If I add an accept rule on TCP port 445 I see packets.
by abbio90
Mon May 13, 2024 12:53 pm
Forum: General
Topic: WebFig - How to upload html file to the catalog?
Replies: 8
Views: 2590

Re: WebFig - How to upload html file to the catalog?

did you expose only that folder with samba and close the FTP connection?
by abbio90
Mon May 13, 2024 12:52 pm
Forum: General
Topic: WebFig - How to upload html file to the catalog?
Replies: 8
Views: 2590

Re: WebFig - How to upload html file to the catalog?

I should do the same thing. grant access to the hotspot folder and do not allow access to the rest including the skin folder. can you tell me how you did it?
by abbio90
Mon May 13, 2024 12:24 pm
Forum: The User Manager
Topic: Custom skins, Selectable user from the dropdown
Replies: 4
Views: 439

Re: Custom skins, Selectable user from the dropdown

I misunderstood, then you can edit the login.html file and if necessary also style.css. Skills regarding this protocols are needed.
by abbio90
Mon May 13, 2024 12:21 pm
Forum: General
Topic: Routing problem via site to site vpn
Replies: 13
Views: 1096

Re: Routing problem via site to site vpn

Thanks for your clear explanation
by abbio90
Mon May 13, 2024 10:51 am
Forum: General
Topic: Permission FTP skin [SOLVED]
Replies: 4
Views: 5833

Permission FTP skin [SOLVED]

good morning, is it possible to prevent access to the skin folder for those who connect via ftp but allow access to other directories? perhaps it would be sufficient to just set read permissions to the skin folder but I don't know how to do it
by abbio90
Mon May 13, 2024 10:34 am
Forum: General
Topic: Routing problem via site to site vpn
Replies: 13
Views: 1096

Re: Routing problem via site to site vpn

Interesting. ipsec policy runs before post routing right?

by inserting the rules as indicated will all traffic go out on the internet with ipsec?

the policy with src-address=192.168.14.0/26 and dst-address=194.168.14.0/26 must also be declared in the opposite peer obviously, right?
by abbio90
Mon May 13, 2024 1:22 am
Forum: The User Manager
Topic: Custom skins, Selectable user from the dropdown
Replies: 4
Views: 439

Re: Custom skins, Selectable user from the dropdown

you can create the index2.html page and load it into mikrotik with branding package. in this you modify the username field to your liking
by abbio90
Mon May 13, 2024 1:16 am
Forum: General
Topic: OpenVpn 2FA with User-Manager
Replies: 4
Views: 1148

Re: OpenVpn 2FA with User-Manager

You can use Google Authenticator directly. here is a video, it also works with ovpn

https://foisfabio.it/index.php/2024/04/ ... ik-otp-vpn
by abbio90
Sun May 12, 2024 10:05 am
Forum: General
Topic: ROS 7 script help needed
Replies: 1
Views: 425

Re: ROS 7 script help needed

copy it into system script and save. then type in the terminal: /system script edit namescript source where the text no longer has the usual mikrotik colors there is an error that needs to be adapted. another solution is to put a { before the script and a } after the script and paste it into the ter...
by abbio90
Sun May 12, 2024 10:01 am
Forum: General
Topic: OpenVPN Push Routes
Replies: 1
Views: 536

Re: OpenVPN Push Routes

thanks for your opinions. even in the latest versions of ovpn when you specify the route it no longer accepts the gateway but the route is specified like this:
route 192.168.20.0 255.255.255.0
by abbio90
Sun May 12, 2024 9:59 am
Forum: General
Topic: Firewall site
Replies: 3
Views: 417

Re: Firewall site

layer7 was once used, but now with https it seems its use is not reliable. try putting the site in the address list and from the firewall do a forward that only accepts the traffic destined for that address list and a drop on everything else
by abbio90
Sun May 12, 2024 9:57 am
Forum: General
Topic: CHR at Hetzner, tunnel floating IP via Wireguard back home
Replies: 3
Views: 524

Re: CHR at Hetzner, tunnel floating IP via Wireguard back home

yes, if you post both configurations it's better. maybe remove everything that doesn't interest you. leaves only internet access and the wireguard tunnel. and possibly the LAN on which you want to open the door
by abbio90
Fri May 10, 2024 9:49 am
Forum: General
Topic: CHR at Hetzner, tunnel floating IP via Wireguard back home
Replies: 3
Views: 524

Re: CHR at Hetzner, tunnel floating IP via Wireguard back home

you must set allowed address 0.0.0.0/0 in both WG Endpoints. You have to rotate the address, if you use /32 that way it's normal for it to do so. example in the chr set the wireguard IP address like this: /ip address add address=10.30.50.1 network=1.1.1.1 interface=wireguard in your home router set ...
by abbio90
Fri May 10, 2024 9:39 am
Forum: General
Topic: Access VPN from LAN
Replies: 2
Views: 289

Re: Access VPN from LAN

in Nat have you added the accept rule on the forward chain of traffic coming from your subnet destined for the remote subnet?
by abbio90
Fri May 10, 2024 9:36 am
Forum: General
Topic: Slow FTP upload speed via GRE Tunnel
Replies: 16
Views: 1181

Re: Slow FTP upload speed via GRE Tunnel

gre by default has 1476 MTU. you may need to scale if you have vlans in the transports connecting you to the internet and also if you have pppoe encapsulation. a VLAN involves decreasing MTU by 4bytes and pppoe by 8bytes. So if they deliver you internet with pppoe on VLAN you should set 1488 on the ...
by abbio90
Thu May 09, 2024 11:33 pm
Forum: General
Topic: Slow FTP upload speed via GRE Tunnel
Replies: 16
Views: 1181

Re: Slow FTP upload speed via GRE Tunnel

I was wondering why with fast-track active ipsec becomes almost unusable. then disable it and restart the routerboard.
by abbio90
Thu May 09, 2024 8:03 am
Forum: General
Topic: Slow FTP upload speed via GRE Tunnel
Replies: 16
Views: 1181

Re: Slow FTP upload speed via GRE Tunnel

do you have fast-track enabled?
by abbio90
Wed May 08, 2024 9:31 pm
Forum: General
Topic: Routing Table 2 ISP [SOLVED]
Replies: 1
Views: 3700

Re: Routing Table 2 ISP [SOLVED]

SOLVED
by abbio90
Wed May 08, 2024 8:08 pm
Forum: General
Topic: Routing Table 2 ISP [SOLVED]
Replies: 1
Views: 3700

Routing Table 2 ISP [SOLVED]

Hi everyone, I have a Mikrotik Router with two ISPs working in the main Routing Table. Inside the LAN I have a second routing table that sends out the X server with IP 192.168.10.2 with a remote Wireguard tunnel. So basically the scenario is this: /interface wireguard add listen-port=13231 name=wire...
by abbio90
Wed May 08, 2024 11:56 am
Forum: The User Manager
Topic: Feature Request: Admin Web Interface for the User Manager
Replies: 7
Views: 4684

Re: Feature Request: Admin Web Interface for the User Manager

then it is absurd that the "Design Skin" item is active if the user has Policy permissions. in some cases this is unacceptable. the skin design should be toggleable regardless
by abbio90
Wed May 08, 2024 11:26 am
Forum: The User Manager
Topic: Payments usermanager
Replies: 0
Views: 241

Payments usermanager

which payment method should be used today for mikrotik hotspot with Ros7 usermanager...? There is little documentation around and most of the related posts in the forum are very old
by abbio90
Wed May 08, 2024 10:31 am
Forum: The User Manager
Topic: User manager7 signup
Replies: 3
Views: 4532

Re: User manager7 signup

Possibile condividere la pagina?
by abbio90
Wed May 08, 2024 10:29 am
Forum: The User Manager
Topic: User Manager V7.8 custom error messages
Replies: 4
Views: 4754

Re: User Manager V7.8 custom error messages

I found that is related to the file WISPAccessGatewayParam.xsd
Were you able to customize the errors from this file?

however you can also add the flogin.html file which will open when login fails
by abbio90
Wed May 08, 2024 9:52 am
Forum: The User Manager
Topic: Hotspot with PayPal problems
Replies: 1
Views: 1034

Re: Hotspot with PayPal problems

I can't use PayPal on usermanager, but I created a hotspot system with self-registration and sending credentials via email. If you could help me set up PayPal then I'll see if I can help you solve the problem.
by abbio90
Wed May 08, 2024 9:48 am
Forum: The User Manager
Topic: OpenVpn+Radius+UserManager+Authenticator User Friendly
Replies: 3
Views: 749

Re: OpenVpn+Radius+UserManager+Authenticator User Friendly

do you use otp option in VPN client? I use usermanager with Google auth but I enter the code in the password field
by abbio90
Mon May 06, 2024 11:44 pm
Forum: General
Topic: Routing table mixed
Replies: 2
Views: 310

Re: Routing table mixed

I'm pretty clear on how routing tables work. if I want the traffic coming from the server to go out with ISP1 and what comes from outside use isp2 I would do this. /routing table add name=to_ISP1 fib=yes add name=to_ISP2 fib=yes /ip firewall mangle add chain=prerouting src-address=192.168.10.40 acti...
by abbio90
Mon May 06, 2024 9:49 pm
Forum: General
Topic: Routing table mixed
Replies: 2
Views: 310

Routing table mixed

Hi everyone, I have a Mikrotik with two public IPs. I have a server that I expose on wan1. I would like it to be accessible from outside the network from both wan1 and Wan 2 but use Wan2 to navigate. how can I do?
by abbio90
Sat May 04, 2024 12:49 am
Forum: General
Topic: IPsec tunnel between rb and chr. Ok ping no web interface
Replies: 3
Views: 361

Re: IPsec tunnel between rb and chr. Ok ping no web interface

If you have fast track enabled, disable it. also ping with MTU at 1500 and see if they pass. if they don't pass, decrease and write at what size they pass
by abbio90
Sat May 04, 2024 12:13 am
Forum: General
Topic: Route LAN clients to (Open)VPN established on Mikrotik
Replies: 2
Views: 568

Re: Route LAN clients to (Open)VPN established on Mikrotik

does Mikrotik act as a VPN client? Do the PCs on the LAN currently access the internet via OVPN? in ovpn-client have you set the flag on "add default route"?
by abbio90
Sat May 04, 2024 12:09 am
Forum: General
Topic: Problem with ipsec tunnel to Cisco ASA
Replies: 3
Views: 581

Re: Problem with ipsec tunnel to Cisco ASA

I follow with interest
by abbio90
Sat May 04, 2024 12:08 am
Forum: General
Topic: User and pass
Replies: 7
Views: 689

Re: User and pass

no, absolutely no. Passwords are encrypted in MD5. if you have an old version you could exploit the backdoors to trace the passwords or you could downgrade to 6.42

viewtopic.php?t=133533
by abbio90
Fri May 03, 2024 11:58 pm
Forum: General
Topic: IPsec tunnel between rb and chr. Ok ping no web interface
Replies: 3
Views: 361

Re: IPsec tunnel between rb and chr. Ok ping no web interface

in the configuration I don't see the www service in ip service but only the www-ssl one. when you connect are you specifying the protocol https://ipaddress:63443?
by abbio90
Thu May 02, 2024 10:40 pm
Forum: General
Topic: /user group policy and :global variables
Replies: 3
Views: 323

Re: /user group policy and :global variables

Thank you for your answer. the scenario is this. the router is supplied ready to use but by offering a linked service, there is some sensitive data that the user must not be able to access. the router comes configured as working and the variables are automatically populated. but the user can set val...
by abbio90
Thu May 02, 2024 9:46 pm
Forum: General
Topic: /user group policy and :global variables
Replies: 3
Views: 323

Re: /user group policy and :global variables

I assume that when you declare the global variable l.user must also be set. if I go to system environment with admin user I see the global variables but the user field is blank
by abbio90
Thu May 02, 2024 9:06 pm
Forum: General
Topic: /user group policy and :global variables
Replies: 3
Views: 323

/user group policy and :global variables

Good morning everyone. I need to create a user with /user group policy=yes but this allows the user to draw the webskin from webfig. I wish this wasn't possible. how can I do? the need to flag policy is needed because the limited user must be able to access the global variables. this doesn't happen....
by abbio90
Sat Apr 27, 2024 10:10 am
Forum: RouterBOARD hardware
Topic: hAP ax Lite USB power
Replies: 9
Views: 2924

Re: hAP ax Lite USB power

Can you connect a USB dongle with a special cable like you do with MAPs?
by abbio90
Thu Apr 25, 2024 8:35 pm
Forum: Scripting
Topic: script log mail usb [SOLVED] [SOLVED]
Replies: 0
Views: 1900

script log mail usb [SOLVED] [SOLVED]

Hi, I'm creating this script runs monthly. If it finds the USB stick, save the file in the correct path. if the USB stick is not present, the $usbState status does not appear, therefore no errors appear but the path does not change and the email does not proceed. dove am I wrong? #------------------...
by abbio90
Thu Apr 25, 2024 6:28 pm
Forum: Scripting
Topic: check if file exists?
Replies: 15
Views: 13618

Re: check if file exists?

:if ($LastRun = $date) do={ /file :foreach item in=[find where name~"usb" and type=disk] do={ :local usbName [get $item name] :local usbState :if ([:len $usbName] > 0) do={ :set usbState "true" } else={ :set usbState "false" :put $usbState } } }
by abbio90
Thu Apr 25, 2024 5:53 pm
Forum: Scripting
Topic: check if file exists?
Replies: 15
Views: 13618

Re: check if file exists?

How can I search for a USB in the file menu and extract the path name?
by abbio90
Tue Apr 23, 2024 9:53 am
Forum: Scripting
Topic: Telegram inline keyboard
Replies: 3
Views: 323

Re: Telegram inline keyboard

interesting, does this script run on a Linux machine? or where exactly it should be installed
by abbio90
Tue Apr 23, 2024 8:36 am
Forum: Scripting
Topic: Telegram inline keyboard
Replies: 3
Views: 323

Telegram inline keyboard

good morning, does anyone know if it is possible to insert an inline keyboard into a telegram message sent with fetch that can launch a script by clicking on it? I'll try to explain myself better. I have a microtik that sends telegram notifications. After receiving messages, I would like to be able ...
by abbio90
Sun Apr 21, 2024 10:43 am
Forum: General
Topic: UTF-8 representation problem?
Replies: 8
Views: 872

Re: UTF-8 representation problem?

I'm no expert on this, but here is a script that does a conversion UTF-8. try to see if modifying it can work for you
https://foisfabio.it/index.php/2023/06/ ... -telegram/
by abbio90
Sun Apr 21, 2024 10:37 am
Forum: General
Topic: WebFig Skins no longer working
Replies: 3
Views: 786

Re: WebFig Skins no longer working

what hardware do you use? I used a routerboard with 7.14.2 just yesterday and the skin folder was present. In any case I would do as advised. log in from webfig and draw a skin and see where it is saved
by abbio90
Sun Apr 21, 2024 10:34 am
Forum: General
Topic: IKEv2 VPN with DNS in another internal VLAN
Replies: 13
Views: 1723

Re: IKEv2 VPN with DNS in another internal VLAN

set the correct DNS l.ip of vlan200 in the ike conf and create a rule where the traffic coming from ike is destined for the DNS server therefore protocol udp dst-port 53 action masquerade
by abbio90
Sun Apr 21, 2024 10:28 am
Forum: General
Topic: Hotspot ROS7 CHECKBOX
Replies: 4
Views: 799

Re: Hotspot ROS7 CHECKBOX

I'm sorry, but since there is no documentation on the matter and given the time dedicated to obtaining a similar result, it doesn't even seem correct to me to make a free guide where it is explained how to do it step by step. Mikrotik should do it. I try to create various guides as you can see by br...
by abbio90
Sun Apr 21, 2024 10:25 am
Forum: General
Topic: hotspot and radius user authentication and session management
Replies: 3
Views: 858

Re: hotspot and radius user authentication and session management

I look forward to your feedback. I finally managed to disassemble the HTML files and do the self registrations with a script. If you want to take a look I posted a video of the result here:

https://foisfabio.it/index.php/2024/04/ ... ik-hotspot
by abbio90
Sun Apr 21, 2024 10:20 am
Forum: General
Topic: scripts to keep LTE stick up and running
Replies: 63
Views: 3694

Re: scripts to keep LTE stick up and running

if it can be useful. I made this for routers with LTE modems. but it could also work with a key. should be tried


https://foisfabio.it/index.php/2024/03/ ... check-lte/
by abbio90
Sat Apr 20, 2024 12:50 pm
Forum: General
Topic: Hotspot ROS7 CHECKBOX
Replies: 4
Views: 799

Re: Hotspot ROS7 CHECKBOX

I solved it, if anyone wanted to see the result I posted an article about it on my site
https://foisfabio.it/index.php/2024/04/ ... k-hotspot/
by abbio90
Mon Apr 15, 2024 11:35 am
Forum: General
Topic: 1:1 NAT configuration
Replies: 28
Views: 1510

Re: 1:1 NAT configuration

go to ip firewall filter in router 2 and try disabling the drop rules one by one. Every time you disable clean the connection tracking from /ip firewall connection and see if it is a Firewall problem, I see that you have the default configuration, so the drop !LAN rule will surely give you trouble
by abbio90
Mon Apr 15, 2024 10:19 am
Forum: General
Topic: 1:1 NAT configuration
Replies: 28
Views: 1510

Re: 1:1 NAT configuration

if 192.168.88.254 is a PC disable the firewall or antivirus for testing.
in addition to icmp try to reach some service of 192.168.88.254 by calling it from 10.10.30.2
by abbio90
Mon Apr 15, 2024 9:13 am
Forum: General
Topic: hotspot and radius user authentication and session management
Replies: 3
Views: 858

Re: hotspot and radius user authentication and session management

I don't know mangoapp, but I tried to get my hands on a mikrotik hotspot by dismantling the various HTML files and trying to understand how they work. Meanwhile, if there is any site/address that you need to reach before logging in, you must enter it in /ip Hotspot wallet-garden. Also I assume that ...
by abbio90
Mon Apr 15, 2024 9:05 am
Forum: General
Topic: Mikrotik App over OpenVPN
Replies: 2
Views: 363

Re: Mikrotik App over OpenVPN

try pinging by flagging do-not-frament=yes, it could be that there are packet losses due to an incorrect MTU setting. possibly decrease the size until the packets pass without fragmentation. when you find the value set it as the MTU of the ovpn server. Before this I would also make sure that the MTU...
by abbio90
Mon Apr 15, 2024 8:31 am
Forum: General
Topic: 1:1 NAT configuration
Replies: 28
Views: 1510

Re: 1:1 NAT configuration

Netmap is used in overlapping cases by remapping 1:1 duplicated subnets onto virtual subnets. you can find an article of mine here where a small example is shown. https://foisfabio.it/index.php/2023/04/22/mikrotik-netmap-ipsec/ If you have to map 1:1 of the PC 192.168.88.254 assuming that 10.10.30.1...
by abbio90
Fri Apr 12, 2024 1:16 pm
Forum: Scripting
Topic: Script SMS forward sms
Replies: 7
Views: 1511

Script SMS forward sms

Does anyone have a script that reads SMS and forwards them via SMS?
by abbio90
Fri Apr 12, 2024 1:15 pm
Forum: Scripting
Topic: script for Address List
Replies: 4
Views: 523

Re: script for Address List

or you could try with the API
by abbio90
Fri Apr 12, 2024 1:14 pm
Forum: Scripting
Topic: script for Address List
Replies: 4
Views: 523

Re: script for Address List

you can use ssh exec to write to other routerboards but you should create special credentials with private keys
by abbio90
Fri Apr 12, 2024 1:11 pm
Forum: Scripting
Topic: Netwatch down script can't email
Replies: 4
Views: 617

Re: Netwatch down script can't email

if there is no internet the email cannot be sent. The solution would be a backup connection
by abbio90
Fri Apr 12, 2024 12:33 pm
Forum: Scripting
Topic: foreach log message
Replies: 1
Views: 322

foreach log message

Good morning, I would like to capture this log message in a variable: a.png I set the script like this, but the message doesn't appear when I do the :put and I don't have an output. where am I wrong? { :local logMessage "" :local logIp "" :local cont1 0 :local cont2 0 /log :forea...
by abbio90
Fri Apr 12, 2024 12:32 am
Forum: General
Topic: Hotspot ROS7 CHECKBOX
Replies: 4
Views: 799

Hotspot ROS7 CHECKBOX

good evening, has anyone managed to add a checkbox in the HTML page of the mikrotik hotspot? It works for me in simulation on codepen.io but not when uploading it to mikrotik.
https://codepen.io/abbio90/pen/OJGEgyZ
Screenshot_2024-04-11-23-32-08-452_com.google.android.captiveportallogin.jpg
by abbio90
Thu Apr 11, 2024 10:31 am
Forum: General
Topic: L2TP VPN Site To Site local subnet not reaching remote subnet [SOLVED]
Replies: 2
Views: 509

Re: L2TP VPN Site To Site local subnet not reaching remote subnet [SOLVED]

If I understand correctly, on the server side you are missing the return route with dst address 10.10.0.0/24 gateway "host remote VPN". This must be static so in the ppp secret you must specify the address in the "remote address" field
by abbio90
Thu Apr 11, 2024 10:22 am
Forum: General
Topic: does the mynetname expires after a while?
Replies: 5
Views: 921

Re: does the mynetname expires after a while?

theoretically if you have only one static public IP, even if you remove the router and replace it you can continue to point to the old DDNS always resolving the same address. The problem will arise when you change the public IP. Another solution could be to leave the old rb active and make a cname a...
by abbio90
Thu Apr 11, 2024 10:14 am
Forum: General
Topic: Image body email
Replies: 2
Views: 407

Re: Image body email

Thank you for your answer. As suggested I interface with help.mikrotik.com
by abbio90
Wed Apr 10, 2024 10:47 pm
Forum: General
Topic: Image body email
Replies: 2
Views: 407

Image body email

Hello, Is it possible with Mikrotik to insert an image in the text of the email instead of as an attachment?
by abbio90
Wed Apr 10, 2024 10:44 pm
Forum: Scripting
Topic: Script add user from LOG
Replies: 3
Views: 497

Re: Script add user from LOG

I already use solutions with syslog and external Radius, but on this occasion I wanted to exploit the potential of Mikrotik to understand how far you can get without opting for an external Radius. I redid the login and registration page. the registration one generates a failed login. for this I need...
by abbio90
Wed Apr 10, 2024 10:06 pm
Forum: Scripting
Topic: Script add user from LOG
Replies: 3
Views: 497

Re: Script add user from LOG

I need to save the variables to create and activate a script to check if the user exists and if so the password is remembered, if not the password is created and sent.
by abbio90
Wed Apr 10, 2024 7:55 pm
Forum: Scripting
Topic: Script add user from LOG
Replies: 3
Views: 497

Script add user from LOG

Good morning, I need to read the message from the logs: ffois@gmail.com (10.5.50.254): login failed: RADIUS server is not responding and insert the email address into a local variable. Considering that there could also be 2/3 similar messages with different email addresses every 30 seconds. Example ...
by abbio90
Wed Apr 10, 2024 4:31 pm
Forum: General
Topic: Trouble connecting Android phone to MikroTik IKEv2 VPN server: Need assistance with log analysis
Replies: 4
Views: 570

Re: Trouble connecting Android phone to MikroTik IKEv2 VPN server: Need assistance with log analysis

I use it on a company phone on which the apps are installed centrally by the headquarters. IKEv2 being managed in a proprietary manner by Android I can use it
by abbio90
Wed Apr 10, 2024 7:08 am
Forum: General
Topic: what options for 2 factor authentication for VPN access
Replies: 20
Views: 13284

Re: what options for 2 factor authentication for VPN access

I confirm, usermanager works with Google Authenticator. tested and working perfectly.
https://foisfabio.it/index.php/2024/04/ ... ik-otp-vpn
by abbio90
Tue Apr 09, 2024 11:40 pm
Forum: General
Topic: Self Sign-UP Hotspot
Replies: 2
Views: 518

Re: Self Sign-UP Hotspot

Resolved
by abbio90
Tue Apr 09, 2024 9:12 pm
Forum: General
Topic: Self Sign-UP Hotspot
Replies: 2
Views: 518

Self Sign-UP Hotspot

Hi everyone, I created a self-registration page at the mikrotik hotspot. The page displays correctly but submitting doesn't work. The purpose is to send the username without password and from the failed login via script to perform self-registration. If I only enter the username and click on submit f...
by abbio90
Mon Apr 08, 2024 5:47 pm
Forum: General
Topic: Signup page - Use Email Address as Username
Replies: 3
Views: 3411

Re: Signup page - Use Email Address as Username

Hi, were you able to self-login with email?
by abbio90
Mon Apr 08, 2024 10:04 am
Forum: General
Topic: Web interface login form missing
Replies: 2
Views: 459

Re: Web interface login form missing

check in /ip service if the http service is enabled and if the port is port 80. Furthermore, if you have firewall rules with action drop, if so, temporarily disable one rule at a time to check if they are connected to what is found.
by abbio90
Mon Apr 08, 2024 9:51 am
Forum: General
Topic: Usermanager signup
Replies: 0
Views: 256

Usermanager signup

good morning, can anyone tell me how to enable the page http://ipaddress/user/signup? if I connect I get a 404 error. Furthermore, I can't even access http://ipaddress/um/PRIVATE despite having set the credentials in the appropriate section
by abbio90
Mon Apr 08, 2024 9:49 am
Forum: General
Topic: Usermanager Paypal
Replies: 0
Views: 273

Usermanager Paypal

good morning, has anyone managed to make usermanager work with PayPal?
by abbio90
Sun Apr 07, 2024 9:29 pm
Forum: General
Topic: Variable HOTSPOT login.html
Replies: 0
Views: 314

Variable HOTSPOT login.html

Good evening, could anyone provide me with a complete list of mikrotik ROS 7 hotspot variables that can be used within the login.html file? I created a new writing field in login.html and I would like to combine it with a variable other than username and password. This field will be used for the reg...
by abbio90
Wed Apr 03, 2024 9:06 pm
Forum: General
Topic: VPN 2FA
Replies: 3
Views: 1097

Re: VPN 2FA

Good morning everyone, I managed to correctly integrate l2tp+ipsec with google authenticator using user-manager. Does anyone know if it's possible to get the otp with a fetch command using the google API? It would be great to have Google Authenticator interact with Mikrotik scripts
by abbio90
Tue Mar 26, 2024 9:05 am
Forum: General
Topic: VPN 2FA
Replies: 3
Views: 1097

VPN 2FA

good morning, I wanted to implement a VPN with 2FA. I don't know which Radius to use. Has anyone had any experience and can advise me on anything?
by abbio90
Sun Jan 28, 2024 11:25 am
Forum: Scripting
Topic: WordPress API Mikrotik
Replies: 7
Views: 1329

Re: WordPress API Mikrotik

I understand that the Wordpress CMS is not used for sites of a certain size. In any case, mine is a blog and for now I'm happy with it. If the site takes off, I will consider changing CMS. Let's go back to the TOPIC. I managed to read all the functions of the mikrotik with PHP and curl scripts. now ...
by abbio90
Sat Jan 27, 2024 3:18 pm
Forum: Scripting
Topic: WordPress API Mikrotik
Replies: 7
Views: 1329

Re: WordPress API Mikrotik

Wordpress has plugins that allow to connect to other site REST API: https://wordpress.org/plugins/wpgetapi/ I managed to use the indicated widget, however I find that the command http://ip/rest/ip/address?interface=ether1 does not work as the plugin adds an & after the link, returning an empty ...
by abbio90
Mon Jan 22, 2024 10:14 am
Forum: Scripting
Topic: WordPress API Mikrotik
Replies: 7
Views: 1329

Re: WordPress API Mikrotik

Normis, from what you write it seems like you don't really like Wordpress
by abbio90
Mon Jan 22, 2024 10:13 am
Forum: Scripting
Topic: WordPress API Mikrotik
Replies: 7
Views: 1329

Re: WordPress API Mikrotik

the site is already currently active on CMS WordPress. I would like every user to be able to see their routers online from the site and see some statistics.
by abbio90
Mon Jan 22, 2024 9:57 am
Forum: Scripting
Topic: WordPress API Mikrotik
Replies: 7
Views: 1329

WordPress API Mikrotik

good morning everyone, I would like to integrate some variables taken from the various Mikrotik routers into a Word Press site accessible only with login. Reading other discussions in the forum it seems that it is necessary to start an API client. What would? can I find it in the WordPress plugins? ...
by abbio90
Sun Jan 14, 2024 5:40 pm
Forum: General
Topic: HELP ME! QUEUE TREE
Replies: 2
Views: 688

Re: HELP ME! QUEUE TREE

I apologize, here is the complete configuration /interface bridge add name=bridge-trunk vlan-filtering=yes /interface ethernet set [ find default-name=ether1 ] comment="ISP1 - TIM FWA" set [ find default-name=ether2 ] comment="ISP2 - SKY DSL" set [ find default-name=ether3 ] comm...
by abbio90
Sun Jan 14, 2024 2:05 am
Forum: General
Topic: Hotspot Question
Replies: 1
Views: 429

Re: Hotspot Question

I'm also interested in this solution, look here:

viewtopic.php?t=198996#p1021608
by abbio90
Sun Jan 14, 2024 2:00 am
Forum: General
Topic: IP and route configuration for /28
Replies: 12
Views: 1543

Re: IP and route configuration for /28

from the Mikrotik router you can rotate the other IPs towards the servers, take a look at this discussion
viewtopic.php?t=182057
by abbio90
Sun Jan 14, 2024 1:55 am
Forum: General
Topic: CAPsMAN and VLANs [SOLVED]
Replies: 12
Views: 1666

Re: CAPsMAN and VLANs [SOLVED]

yes I am referring to this. Clients connecting to capsman's WiFi do not necessarily need to know the VLAN ID behind it. Anyone who connects to WiFi may not even understand anything about networks. So I would say it would be correct to use the wireless interface in access (untagged) and specify the p...
by abbio90
Sat Jan 13, 2024 7:32 pm
Forum: General
Topic: HELP ME! QUEUE TREE
Replies: 2
Views: 688

HELP ME! QUEUE TREE

Good evening, I'm installing queues to give priority to traffic. the guest mark doesn't work. Where do you think I'm going wrong? /ip firewall mangle add action=mark-routing chain=prerouting comment=mark-routing-LAN1--->LAN2 dst-address-list=!all-LAN new-routing-mark=vlan10/30/99-table passthrough=y...
by abbio90
Sat Jan 13, 2024 3:06 pm
Forum: General
Topic: IPv6 configuration /64
Replies: 26
Views: 3886

Re: IPv6 configuration /64

here is the black screenshot of the client:
1705087940263.jpg
by abbio90
Sat Jan 13, 2024 3:04 pm
Forum: General
Topic: IPv6 configuration /64
Replies: 26
Views: 3886

Re: IPv6 configuration /64

As already said by the router I pin anything.
The problem is with the clients.
Here is what was requested
Screenshot 2024-01-13 alle 14.01.09.png
by abbio90
Fri Jan 12, 2024 9:52 pm
Forum: General
Topic: CAPsMAN and VLANs [SOLVED]
Replies: 12
Views: 1666

Re: CAPsMAN and VLANs [SOLVED]

On hAP ax2 with version 7.13 I found that using capsman and vlan, the capsman master interfaces must be set tagged. By setting them without tags, DHCP does not pass.

Also, I noticed and also which slave if created dynamically the same way
by abbio90
Fri Jan 12, 2024 9:32 pm
Forum: General
Topic: IPv6 configuration /64
Replies: 26
Views: 3886

Re: IPv6 configuration /64

I changed my configuration and now the CHR navigates perfectly. the problem remains that the clients acquire public IPv6 but do not reach the various sites in IPv6. The various client packets arrive in the firewall connection table. If I do a traceroute from the clients I reach the gateway IP of the...
by abbio90
Fri Jan 12, 2024 9:03 pm
Forum: General
Topic: Accessing Public IP of a Client behind a VPN
Replies: 1
Views: 469

Re: Accessing Public IP of a Client behind a VPN

If the IP 139.180.x.x is actually announced upstream of the l2tp+ipsec server, it is certainly possible. they are probably rotating it with IP PTP of the L2TP itself
by abbio90
Wed Jan 10, 2024 8:58 am
Forum: General
Topic: IPv6 configuration /64
Replies: 26
Views: 3886

Re: IPv6 configuration /64

good morning, today they are assigning me another subnet in order to avoid the overlap encountered. Question, but can I divide the /64 that I have as a pool to advertise towards the LAN into two /96 pools, one towards the LAN bridge and one towards an ether other than the bridge?
by abbio90
Tue Jan 09, 2024 10:16 pm
Forum: General
Topic: IPv6 configuration /64
Replies: 26
Views: 3886

Re: IPv6 configuration /64

Screenshot_2024-01-09-21-52-13-435_com.alphainventor.filemanager.jpg
Error
by abbio90
Tue Jan 09, 2024 7:10 pm
Forum: General
Topic: IPv6 configuration /64
Replies: 26
Views: 3886

Re: IPv6 configuration /64

as already mentioned the address assigned by the provider is
2a0d:b287:ec00:52b4::1
The gateway Is
2a0d:b287:ec00::
The pool Is
2a0d:b287:ec00::52b4::/64
by abbio90
Tue Jan 09, 2024 12:02 pm
Forum: General
Topic: IPv6 configuration /64
Replies: 26
Views: 3886

Re: IPv6 configuration /64

just curious, does "/ipv6/neighbor/print" show anything reachable?
I'll try it in the afternoon and tell you
by abbio90
Tue Jan 09, 2024 12:01 pm
Forum: General
Topic: IPv6 configuration /64
Replies: 26
Views: 3886

Re: IPv6 configuration /64

Where do you get this /48 prefix from? You were given a network with the /64 prefix. And to which interface are you trying to assign an address? Here is an example of the settings, how it was done for me where the range of addresses was given to me manually. WAN address and gateway /ipv6 address ad...
by abbio90
Mon Jan 08, 2024 10:29 pm
Forum: General
Topic: IPv6 configuration /64
Replies: 26
Views: 3886

Re: IPv6 configuration /64

whoever provides me with the connection advertises
2a0d:b287:ec00:52b4::/64
the gateway is
2a0d:b287:ec00::
I configured the router in this way.
/ipv6 address 
add address=2a0d:b287:ec00:52b4::1/48
/ipv6 route add dst-address=::/0 gateway=2a0d:b287:ec00::
is this incorrect?
by abbio90
Mon Jan 08, 2024 9:28 pm
Forum: General
Topic: IPv6 configuration /64
Replies: 26
Views: 3886

Re: IPv6 configuration /64

My address ip is 2001:abcd:abcd:ec00:abcd::0001 . The gateway Is 2001:abcd:abcd:ec00 :: How should I configure the subnet Mask on my address to reach the gateway? If I set 2001:abcd:abcd:ec00:abcd::0001/64 I don't go out to the internet. if instead I enter 2001:abcd:abcd:ec00:abcd::0001/48 I go out ...
by abbio90
Mon Jan 08, 2024 12:25 am
Forum: General
Topic: IPv6 configuration /64
Replies: 26
Views: 3886

IPv6 configuration /64

Good evening everyone. I have a hosted CHR that advertises an IPv6 /64 subnet to me.
I statically assigned an IP of the subnet on ether1 in /48 to be able to reach the gateway.
The router navigates correctly in IPv6.

Now how do I dynamically expose the other IPs to the bridge interface?
by abbio90
Fri Jan 05, 2024 12:06 am
Forum: General
Topic: external hardisk on CHR - remote access
Replies: 2
Views: 1300

Re: external hardisk on CHR - remote access

Thanks.
by abbio90
Thu Jan 04, 2024 10:09 pm
Forum: Forwarding Protocols
Topic: OSPF MultiVPN ROS 7.13
Replies: 0
Views: 1705

OSPF MultiVPN ROS 7.13

Good morning everyone I have a scenario like below: ROUTER1 - CHR in hosting ROUTER2 - Head office ROUTER3 Location 2 ROUTER4 Seat 3 Then I have another 40 Routers which we call R1 guest, R2 guest and so on. The R1-CHR acts as a l2tp+ipsec, sstp and wireguard server. sstp and l2tp+ipsec are distribu...
by abbio90
Fri Dec 29, 2023 3:41 pm
Forum: General
Topic: external hardisk on CHR - remote access
Replies: 2
Views: 1300

external hardisk on CHR - remote access

Good morning, I have a CHR with RouterOS 7.12.1, I installed the ROSE package. Using Proxmox I exposed a SATA partition and formatted it in ext4. Now when I launch the file print command I see the sata1 disk as an external disk. If you want to give access to just the sata1 disk to an external compan...
by abbio90
Wed Oct 25, 2023 7:42 pm
Forum: General
Topic: HOTSPOT SELF REGISTRATION
Replies: 0
Views: 1606

HOTSPOT SELF REGISTRATION

Good evening, how can I modify the login.html page to include an email registration field?

It would be enough to have the email address of in the Mikrotik Router, then I will work via registration script.

Thanks if anyone can help me
by abbio90
Wed Oct 04, 2023 7:57 am
Forum: General
Topic: IPSEC MIKROTIK<--->HUAWEI
Replies: 0
Views: 1089

IPSEC MIKROTIK<--->HUAWEI

good morning, has anyone ever managed to establish an ipsec ike1 tunnel with pre shared key in tunnel mode between Huawei and mikrotik? I would be especially interested in the configuration of the Huawei
by abbio90
Fri Sep 15, 2023 9:52 pm
Forum: General
Topic: Branding WebFig ROS7 [SOLVED]
Replies: 4
Views: 1059

Re: Branding WebFig ROS7

Screenshot 2023-09-15 alle 17.21.00.png
by abbio90
Fri Sep 15, 2023 9:51 pm
Forum: General
Topic: Branding WebFig ROS7 [SOLVED]
Replies: 4
Views: 1059

Re: Branding WebFig ROS7

Please note that the HTML part is incorrect like this: #container { width: 70%%; margin: 10%% auto; A % goes away and a % remains. Furthermore, index.html exported from 7.11 and customized, works starting from 7.10 Something has probably been changed in the webfig of the new versions, as loading the...
by abbio90
Thu Sep 14, 2023 9:25 pm
Forum: General
Topic: Branding WebFig ROS7 [SOLVED]
Replies: 4
Views: 1059

Branding WebFig ROS7 [SOLVED]

Hi everyone, I modified the original index.html file by changing the logo, colors and some links. I renamed the new html file index2.html. If I open the html file from the browser it works perfectly. Once imported into the Router with a branding.npk package, the page loads but errors appear in the e...
by abbio90
Sun Aug 27, 2023 12:47 pm
Forum: General
Topic: CUSTOMIZE HOTSPOT PHONE NUMBER
Replies: 2
Views: 1257

Re: CUSTOMIZE HOTSPOT PHONE NUMBER

Screenshot_2023-08-27-10-47-55-897_com.google.android.captiveportallogin_copy_270x600.jpg
I'm sorry, is that better?
by abbio90
Sun Aug 27, 2023 12:13 pm
Forum: General
Topic: CUSTOMIZE HOTSPOT PHONE NUMBER
Replies: 2
Views: 1257

CUSTOMIZE HOTSPOT PHONE NUMBER

Hello, I tried to edit the hotspot htlm page although I don't understand anything about html. I got about the desired result in terms of graphics. 1693127217490.jpg the original file was this: https://pastebin.com/W5yWCwr9 the custom file is this: https://pastebin.com/75XR62XX I would like those who...
by abbio90
Sat Jun 03, 2023 12:40 pm
Forum: General
Topic: Ipsec no route, no party
Replies: 2
Views: 373

Re: Ipsec no route, no party

I made a more detailed post here: viewtopic.php?t=196787
by abbio90
Sat Jun 03, 2023 12:37 pm
Forum: General
Topic: IPSEC IKEv1 road warrior
Replies: 0
Views: 551

IPSEC IKEv1 road warrior

Good morning everyone. Yesterday I wrote a post in a hurry, and in fact I didn't receive any response because nothing was understood. I summarize the problem, i created IKEv1 server with preshared key under public IP. Clients will be under natted networks with 4G connection, so I can't use peer to p...
by abbio90
Thu Jun 01, 2023 11:42 pm
Forum: General
Topic: Ipsec no route, no party
Replies: 2
Views: 373

Re: Ipsec no route, no party

Client1 /ip firewall nat add chain=src-nat src-address=10.10.100.0/24 dst-address=192.168.120.0/24 action=accept add chain=srcnat dst-address=192.168.120.0/24 action=src-nat to address=192.168.12.2 Client2 /ip firewall nat add chain=src-nat src-address=192.168.120.0/24 dst-address=10.10.100.0/24 act...
by abbio90
Thu Jun 01, 2023 11:20 pm
Forum: General
Topic: Ipsec no route, no party
Replies: 2
Views: 373

Ipsec no route, no party

hi all... i have a Fortinet router acting as ipsec Road Warrior with ip 192.168.12.1. as client there are two mikrotik routers under narrated network receiving ip from server 192.168.12.2 and 192.158.12.5 from router 192.168.12.1 I ping both 192.168.12.2 and 192.168.12.5 from the router 192.168.12.2...
by abbio90
Tue May 30, 2023 10:50 pm
Forum: Containers
Topic: failure "Could not import"
Replies: 12
Views: 4327

Re: failure "Could not import"

maybe i should install this, although i didn't figure out where to download it from this site https://hub.docker.com/_/ubuntu
by abbio90
Tue May 30, 2023 10:45 pm
Forum: Containers
Topic: failure "Could not import"
Replies: 12
Views: 4327

Re: failure "Could not import"

Or this, dedicated to python.

https://hub.docker.com/_/python
this seems to run like docker on linux. how do i install it on mikrotik?
by abbio90
Tue May 30, 2023 10:08 pm
Forum: Containers
Topic: failure "Could not import"
Replies: 12
Views: 4327

Re: failure "Could not import"

If is a CHR, why do not install Ubuntu on the same real machine inside the virtualizator that already run the CHR???
because the CHR runs in a datacenter under a VPS, and I don't have access to the vortializer
by abbio90
Tue May 30, 2023 10:07 pm
Forum: Containers
Topic: failure "Could not import"
Replies: 12
Views: 4327

Re: failure "Could not import"

actually I just need a Linux CLI only without desktop, it has to run a pynthon3 script. you say the problem is the ubuntu version i chose?
by abbio90
Tue May 30, 2023 9:43 pm
Forum: Containers
Topic: failure "Could not import"
Replies: 12
Views: 4327

failure "Could not import"

Hi all, I wanted to install ubuntu in a mikrotik CHR. I followed the mikrotik help but something is wrong. I'll tell you what I did: Installed the Container package from terminal I enabled the package /system device-mode update container=yes after that i shut down the vM to complete the process. I w...
by abbio90
Tue May 30, 2023 7:40 pm
Forum: Scripting
Topic: Log Filter
Replies: 66
Views: 9681

Re: Log Filter

I tried the script and I adapted it to my needs, and I would say that it works very well.. even if some error alerts are annoying and not very sensible like the ipsec phase 1 which fails when the router fails over, it doesn't make sense. .how could I do to create a list of phrases that should not be...
by abbio90
Tue May 30, 2023 1:14 am
Forum: Scripting
Topic: any method to get external DNS ip of a local dns?
Replies: 3
Views: 1814

Re: any method to get external DNS ip of a local dns?

you can enable ip Cloud and fetch the public ip with a script from that field
by abbio90
Mon May 29, 2023 9:17 am
Forum: Scripting
Topic: How to add script to system scheduler
Replies: 2
Views: 1787

Re: How to add script to system scheduler

In the "On Event" window enter the name of the script respecting the syntax. Or type: /system script run scriptname
by abbio90
Mon May 29, 2023 9:03 am
Forum: General
Topic: Slow IPSEC Site-to-Site VPN, very slow on one direction
Replies: 1
Views: 397

Re: Slow IPSEC Site-to-Site VPN, very slow on one direction

if you have fasttrack active disable it or exclude ipsec from fastrack
by abbio90
Mon May 29, 2023 9:01 am
Forum: General
Topic: IkeV2 VPN server setup for Android 13
Replies: 4
Views: 4056

Re: IkeV2 VPN server setup for Android 13

good morning, I made a guide that works on some phones but not on all. it works for me on samsung but not on xiaomi


https://foisfabio.it/index.php/2023/03/ ... tik-ikev2/
by abbio90
Mon May 29, 2023 8:57 am
Forum: Scripting
Topic: Log Filter
Replies: 66
Views: 9681

Re: Log Filter

sorry guys but i've been busy. I'll try as soon as I have time. but this script left in chat last, send any event log?
by abbio90
Sat May 27, 2023 12:47 am
Forum: General
Topic: Which the best IP 10.0.0.1 or 192.168.20.1 for local network?!
Replies: 10
Views: 2207

Re: Which the best IP 10.0.0.1 or 192.168.20.1 for local network?!

RFC 1918 indicates that the classes intended for private use are 192.168.0.0/16, 172.16.0.0/12 10.0.0.0/8. This means that if you want a /24 network you can use any of these.. eg. you could also use a 10.100.50.0/24 class
by abbio90
Sat May 27, 2023 12:29 am
Forum: General
Topic: Hotspot custom ROS7
Replies: 2
Views: 454

Re: Hotspot custom ROS7

I thought of modifying the HTML file somehow, and reloading it on the modified mikrotik. but how do I create variables connected to the HTML page to be called from system script
by abbio90
Fri May 26, 2023 1:14 am
Forum: Scripting
Topic: Log Filter
Replies: 66
Views: 9681

Re: Log Filter

Are you saying it could be a time zone related system? What if you try to insert a row where at 00:00 and 02:00 set the keepOutput variable to false?
by abbio90
Thu May 25, 2023 5:39 pm
Forum: Scripting
Topic: Log Filter
Replies: 66
Views: 9681

Re: Log Filter

yes, I uncommented it and save to a global variable, but the result is the same. In your opinion, changing the rules of the date and updated to 7.10 with the new ISO format of the date, could it be solved?
by abbio90
Wed May 24, 2023 4:04 pm
Forum: Scripting
Topic: Log Filter
Replies: 66
Views: 9681

Re: Log Filter

could this be solved by uncommenting it and using the global variable?
by abbio90
Wed May 24, 2023 4:03 pm
Forum: Scripting
Topic: Log Filter
Replies: 66
Views: 9681

Re: Log Filter

ipsec script was copied from this one i found on github. so by copying I also copied the errors. I'll try to change this. more than anything I don't understand how to solve the continuous sending of messages at 00:00 and 02:00
by abbio90
Wed May 24, 2023 11:18 am
Forum: Scripting
Topic: Script state ph2 peer ipsec
Replies: 13
Views: 2495

Re: Script state ph2 peer ipsec

ah, it's simpler than expected .. I had put the brackets that are not even needed. thanks for your explanations
by abbio90
Wed May 24, 2023 8:27 am
Forum: General
Topic: Hotspot custom ROS7
Replies: 2
Views: 454

Hotspot custom ROS7

Good morning everyone. I'm asking a question that I've never been able to get an answer to. with routerOS 7, if I use the hotspot package with user manager everything works .. but I would like to modify the HTML page so that instead of entering the login data, the customer can register an email addr...
by abbio90
Wed May 24, 2023 1:20 am
Forum: Scripting
Topic: Script state ph2 peer ipsec
Replies: 13
Views: 2495

Re: Script state ph2 peer ipsec

:if ($CurrentStatusEdok != $LastStatusEdok) do={
:set keepOutput true
:set output ($LastStatusEdok)
/log warning "STATO PEER EDOK=$CurrentStatusEdok"
}


where am i wrong here? how do i set the parameter to the global variable?
by abbio90
Wed May 24, 2023 1:17 am
Forum: Scripting
Topic: Script state ph2 peer ipsec
Replies: 13
Views: 2495

Re: Script state ph2 peer ipsec

How do I save the value on the global variable? I tried but I lost myself { :global LastStatusEdok :local CurrentStatusEdok [/ip ipsec policy get [find comment="Peer-Edok"] value-name=ph2-state] :put $LastStatusEdok :put $CurrentStatusEdok :local keepOutput false :local output :if ([:len $...
by abbio90
Wed May 24, 2023 1:13 am
Forum: Scripting
Topic: Log Filter
Replies: 66
Views: 9681

Log Filter

Good evening everyone, I took this script from Github and I adapted it to my needs. It works perfectly, but every day at 00:00 and 02:00, I get the latest notification of the day. For example, if the latest notification is sent to me at 20:32, every day at 00:00 and at 02:00 it is sent to me again, ...
by abbio90
Tue May 23, 2023 8:17 am
Forum: Scripting
Topic: Script state ph2 peer ipsec
Replies: 13
Views: 2495

Re: Script state ph2 peer ipsec

thanks for your patience. but isn't the global variable meant to appear in the system script environment so that it can be used by other scripts? is this the only difference from the local variable or else are there other features that I didn't get to appreciate. the fact of using the comment as a s...
by abbio90
Tue May 23, 2023 12:10 am
Forum: Scripting
Topic: Script state ph2 peer ipsec
Replies: 13
Views: 2495

Re: Script state ph2 peer ipsec

the script runs every 20 seconds and not every 20 minutes
by abbio90
Mon May 22, 2023 11:55 pm
Forum: Scripting
Topic: Script state ph2 peer ipsec
Replies: 13
Views: 2495

Re: Script state ph2 peer ipsec

hello and thanks for the criticism .. I will treasure it, could you tell me how you would have created the script yourself? also i don't understand the spacing of the script what logic is set up with...i learned as a self taught to do scripts.
by abbio90
Mon May 22, 2023 9:59 am
Forum: Scripting
Topic: Script state ph2 peer ipsec
Replies: 13
Views: 2495

Re: Script state ph2 peer ipsec

/system script add comment=established dont-require-permissions=yes name=state-peer-ipsec \ owner=installer policy=\ ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon source="#-\ ---------SCRIPT WRITE STATE LOG PEER IPSEC----------\r\ \n#\r\ \n# Script: WRITE STATE LOG CONNECTIO...
by abbio90
Mon May 22, 2023 9:58 am
Forum: Scripting
Topic: Script state ph2 peer ipsec
Replies: 13
Views: 2495

Re: Script state ph2 peer ipsec

Resolved
by abbio90
Mon May 22, 2023 9:53 am
Forum: General
Topic: Invalid IPSEC Policy (ROS 7.6)
Replies: 2
Views: 738

Re: Invalid IPSEC Policy (ROS 7.6)

i on ROS 7.9 use these subnets without problems /16 /21
by abbio90
Mon May 22, 2023 9:48 am
Forum: General
Topic: Port forwarding in version 7.6 not working [SOLVED]
Replies: 24
Views: 2004

Re: Port forwarding in version 7.6 not working [SOLVED]

I have created a guide on Port forwarding, as although it is a trivial thing, most users do it in a superficial way incurring problems related to the hairpinat

https://foisfabio.it/index.php/2022/12/ ... t-routeros
by abbio90
Mon May 22, 2023 9:42 am
Forum: General
Topic: IPSEC slow - resize MTU??
Replies: 3
Views: 949

Re: IPSEC slow - resize MTU??

thanks for the reply..I solved it by disabling fast track.
the hardware is a rb3011.
but if I want to mark the ipsec connection how do I do it? I have made several unsuccessful attempts
by abbio90
Thu May 18, 2023 9:52 pm
Forum: Scripting
Topic: Script state ph2 peer ipsec
Replies: 13
Views: 2495

Re: Script state ph2 peer ipsec

:local statusEdok [/ip ipsec policy get [find comment="Peer-Edok"] value-name=ph2-state] :put $statusEdok :delay 20s :local Edok [/ip ipsec policy get [find comment="Peer-Edok"] value-name=ph2-state] :put $Edok :if ($statusEdok!=$Edok) do={ :log warning "PEER EDOK $statusEd...
by abbio90
Thu May 18, 2023 9:49 pm
Forum: Scripting
Topic: Script state ph2 peer ipsec
Replies: 13
Views: 2495

Script state ph2 peer ipsec

hello everyone...I'm creating a script that has to write to the log in case the phase 2 status of an ipsec peer changes..I created a variable..but how can I write to the log only an event when the status changes? I would like to avoid writing to the log at each run of the script even if perhaps the ...
by abbio90
Wed May 17, 2023 12:27 am
Forum: General
Topic: IPSEC slow - resize MTU??
Replies: 3
Views: 949

IPSEC slow - resize MTU??

Hello everyone .... I have an ipsec ikev1 peer towards an external company. They complained that the tunnel is slow. I disabled Fast-Track as, it seems that I don't like it at Ipsec. Also, I did some pings without fragmenting the package, it is noticed that it goes maximum of a 1438 package without ...
by abbio90
Fri Apr 28, 2023 2:36 pm
Forum: General
Topic: recursive route RouterOS
Replies: 4
Views: 521

Re: recursive route RouterOS

you are absolutely right about the pppoe gw... can you post an example of how you manage recursive routes on RouterOS7...?
by abbio90
Fri Apr 28, 2023 12:46 am
Forum: General
Topic: recursive route RouterOS
Replies: 4
Views: 521

Re: recursive route RouterOS

Also, as regards the ISP with static IP I will use Netwatch to warn me by email if the line go down. For the ISP in pppoe how do I do it? Because if I use Netwatch, as the PPPOe interface falls, the route with DST Address = 8.8.4.4 GW = GWEOLO makes it inactive, allowing ICMP by diverting it to the ...
by abbio90
Fri Apr 28, 2023 12:43 am
Forum: General
Topic: recursive route RouterOS
Replies: 4
Views: 521

recursive route RouterOS

Hello, I have two wan, a pppoe and one with static IP. I wanted to set the recurring routes but I have doubts about the operation. I configured them like that: /ip route add comment=public_static_route_EOLO disabled=no distance=1 dst-address=8.8.4.4/32 gateway=81.174.0.21 pref-src="" routi...
by abbio90
Thu Apr 06, 2023 4:11 pm
Forum: General
Topic: IPsec IKE1 tunnel
Replies: 2
Views: 527

Re: IPsec IKE1 tunnel

SOLVED
by abbio90
Wed Apr 05, 2023 6:42 pm
Forum: General
Topic: IPsec IKE1 tunnel
Replies: 2
Views: 527

Re: IPsec IKE1 tunnel

perhaps the nat rule should be expressed like this:
/ip firewall nat
add action=netmap chain=srcnat src-address=192.168.0.0/21 to-addresses=172.16.104.0/21
add action=netmap chain=dstnat dst-address=172.16.104.0/21 to-addresses=192.168.0.0/21
by abbio90
Wed Apr 05, 2023 6:25 pm
Forum: General
Topic: IPsec IKE1 tunnel
Replies: 2
Views: 527

IPsec IKE1 tunnel

Hi everyone. from a customer I have to configure an ipsec tunnel to an external company, which will be necessary for the supplied server to reach the resources in the remote office. The data provided by the company are: Phase 1 (IKE SA) Peer IP address: 1.2.3.4 IP Customer: 4.5.6.7 IKE mode: IKEv1 M...
by abbio90
Thu Mar 23, 2023 11:25 pm
Forum: General
Topic: 2ISP BALANCE PCC
Replies: 7
Views: 584

Re: 2ISP BALANCE PCC

no, it's a server that goes out to the internet using a chr (vpn server) as its gw.
it goes out with the public ip of the chr and port 443 is opened by the chr through the tunnel
by abbio90
Thu Mar 23, 2023 11:23 pm
Forum: General
Topic: 2ISP BALANCE PCC
Replies: 7
Views: 584

Re: 2ISP BALANCE PCC

no, it's a server that goes out to the internet using a chr (vpn server) as its gw. all hosts in balance pcc go out to internet with wan1 and wan2.. In fact I could make one of the routing tables static as well like this: /ip firewall address-list add address=10.246.159.0/26 list=to-WAN1 address=10....
by abbio90
Thu Mar 23, 2023 8:21 pm
Forum: General
Topic: 2ISP BALANCE PCC
Replies: 7
Views: 584

Re: 2ISP BALANCE PCC

Thanks for the reply. i entered these mangle rules and i would say it works. /ip firewall mangle add action=accept chain=prerouting comment=balance-pcc dst-address=10.246.159.0/24 src-address=10.246.159.0/24 add action=mark-connection chain=prerouting connection-mark=no-mark in-interface=pppoe-NETOI...
by abbio90
Thu Mar 23, 2023 7:07 am
Forum: General
Topic: 2ISP BALANCE PCC
Replies: 7
Views: 584

2ISP BALANCE PCC

hello everyone. I have a routerboard with two ISPs. The first ISP is a simple dot dot /30, the second is certified in pppoe.. The first ISP has 200mbps and the second ISP has 100mbps. I would like every 3 PCs connected, 2 use ISP1 and the other use ISP2. I wanted to use balance pcc. can anyone tell ...
by abbio90
Mon Mar 20, 2023 7:04 pm
Forum: General
Topic: MPLS <<<>>>> gre-tunnel+L2TPv3
Replies: 3
Views: 740

Re: MPLS <<<>>>> gre-tunnel+L2TPv3

i was thinking that maybe more than using l2tpv3, it is preferable to use a vxlan inside the gre tunnel.
by abbio90
Mon Mar 20, 2023 10:19 am
Forum: General
Topic: MPLS <<<>>>> gre-tunnel+L2TPv3
Replies: 3
Views: 740

Re: MPLS <<<>>>> gre-tunnel+L2TPv3

i was thinking that maybe more than using l2tpv3, it is preferable to use a vxlan inside the gre tunnel.
by abbio90
Fri Mar 10, 2023 1:18 pm
Forum: General
Topic: IKEv2
Replies: 0
Views: 616

IKEv2

Hello, I have an IKEv2 VPN that works fine by connecting from a SAMSUNG A13 phone. I have another xiaomi phone, which unlike samsung needs to fill in the "IPsec identifier" field. I don't know what to write in this field. Whatever I write in that field, the "peer's ID does not match c...
by abbio90
Tue Mar 07, 2023 11:24 pm
Forum: General
Topic: Hotspot+usermanager RouterOS7
Replies: 6
Views: 3997

Re: Hotspot+usermanager RouterOS7

I confirm, the page is accessible. What if I want to manage PayPal payments after the ticket issued at the first login has expired?
by abbio90
Mon Mar 06, 2023 8:52 am
Forum: The User Manager
Topic: Generating hotspot passwords and sending them via sms
Replies: 28
Views: 49819

Re: Generating hotspot passwords and sending them via sms

Could someone tell me how to create the login page with the key to enter the phone number?
by abbio90
Mon Mar 06, 2023 8:26 am
Forum: General
Topic: Mikrotik CCR 1036 802.3ad Bond with Cisco3560 over etherchannel LACP
Replies: 1
Views: 464

Re: Mikrotik CCR 1036 802.3ad Bond with Cisco3560 over etherchannel LACP

on the cisco I would say that it is sufficient to indicate the trunk and the vlan ids only in the port channel and not in the individual ports
by abbio90
Mon Mar 06, 2023 8:22 am
Forum: General
Topic: Customize login.html HOTSPOT ROSv7
Replies: 0
Views: 1608

Customize login.html HOTSPOT ROSv7

hello, I would like to customize the Mikrotik hotspot Login html page, but since ROSv7 came out it uses css and I don't know where to start.. can anyone tell me how to do it?? mainly I would like to change the Mikrotik writing with another image. Then I should add a tab where it allows to enter the ...
by abbio90
Mon Mar 06, 2023 12:00 am
Forum: General
Topic: Hotspot+usermanager RouterOS7
Replies: 6
Views: 3997

Re: Hotspot+usermanager RouterOS7

ok, i managed to login with user manager user. I attach the current configuration. There remains the problem of reaching the user-manager web page /radius add address=127.0.0.1 service=login,hotspot /radius incoming set accept=yes /user-manager profile add name=prof1 name-for-users=abbio90 /user-man...
by abbio90
Sat Mar 04, 2023 9:44 pm
Forum: General
Topic: Queue tree no match RouterOS7.7
Replies: 0
Views: 466

Queue tree no match RouterOS7.7

Hello, are there any problems with queue trees in Routeros 7? they don't work for me anymore /interface list add name=Neighbors_list add name="VPN CHR" add name=WLAN_PRIVATE add name=WLAN-GUEST add name=WAN add name=Interface-private /interface list member add interface=BRIDGE10_LAN list=N...
by abbio90
Sat Mar 04, 2023 3:37 pm
Forum: General
Topic: Hotspot+usermanager RouterOS7
Replies: 6
Views: 3997

Re: Hotspot+usermanager RouterOS7

user login
by abbio90
Sat Mar 04, 2023 3:35 pm
Forum: General
Topic: Hotspot+usermanager RouterOS7
Replies: 6
Views: 3997

Hotspot+usermanager RouterOS7

Hi, I would like to use hotspot with usermanager in routerOS v7.7. Hotspot already has the basic configuration, but how to interface it with user manager? also from LAN if I call the usermanager web I get error 404 /ip hotspot profile add dns-name=green.hotspot hotspot-address=172.16.20.1 name=hspro...
by abbio90
Fri Mar 03, 2023 12:50 pm
Forum: General
Topic: MPLS <<<>>>> gre-tunnel+L2TPv3
Replies: 3
Views: 740

MPLS <<<>>>> gre-tunnel+L2TPv3

Good morning everyone. I'm running a business where 5 locations communicate with each other with MPLS managed by the ISP. Due to high costs and the idea of ​​creating a VOIP telephone switchboard to communicate between the various offices, they decided to cancel MPLS and called me to propose an alte...
by abbio90
Sat Feb 18, 2023 2:35 pm
Forum: Forwarding Protocols
Topic: OSPF video surveillance system
Replies: 13
Views: 2938

Re: OSPF video surveillance system

but as I wrote, I could use the CRS as simple switches. Instead in the CCR I set the bridge with a backup port that I will connect to the return of the closed loop of the switches, without using routing right?
by abbio90
Fri Feb 17, 2023 5:16 pm
Forum: Forwarding Protocols
Topic: OSPF video surveillance system
Replies: 13
Views: 2938

Re: OSPF video surveillance system

which I could then use instead of ospf, the spamming tree protocol in the bridge, setting a closed ring port as a backup Port. or am I wrong?
by abbio90
Fri Feb 17, 2023 7:00 am
Forum: Forwarding Protocols
Topic: OSPF video surveillance system
Replies: 13
Views: 2938

Re: OSPF video surveillance system

then I proceed with OSPF. The only thing that will happen is that the cameras will have different IP class on each single switch. In the afternoon, I posted a diagram with the addresses. so tell me what you think
by abbio90
Thu Feb 16, 2023 5:12 pm
Forum: Forwarding Protocols
Topic: OSPF video surveillance system
Replies: 13
Views: 2938

Re: OSPF video surveillance system

and how can I do without OSFP to create a closed loop of optical fiber, so that if it is interrupted in one point, everything continues to work?
by abbio90
Thu Feb 16, 2023 12:27 pm
Forum: Forwarding Protocols
Topic: OSPF video surveillance system
Replies: 13
Views: 2938

Re: OSPF video surveillance system

do you think the crs work badly with OSPF?
by abbio90
Thu Feb 16, 2023 9:22 am
Forum: Forwarding Protocols
Topic: OSPF video surveillance system
Replies: 13
Views: 2938

Re: OSPF video surveillance system

how would you accomplish all this? it is a single company, but it is a very large ring of excellent fiber. would you also use OSPF?
by abbio90
Thu Feb 16, 2023 7:03 am
Forum: Forwarding Protocols
Topic: OSPF video surveillance system
Replies: 13
Views: 2938

OSPF video surveillance system

hello everyone, I have to build a ring video surveillance system, I was thinking of doing it using CRS112-8P switches using OSPF. Beyond the accessibility of all switches via OSPF, in each single switch, do I insert the cameras in a bridge with only the ports dedicated to them? or do I create a brid...
by abbio90
Thu Feb 16, 2023 6:57 am
Forum: Scripting
Topic: Convert IP 1.1.1.1/24 on 1.1.1.0/24
Replies: 2
Views: 1317

Re: Convert IP 1.1.1.1/24 on 1.1.1.0/24

Thanks for the reply and sorry for replying only now. I'll try what you recommend
by abbio90
Mon Jan 23, 2023 9:40 pm
Forum: Scripting
Topic: Convert IP 1.1.1.1/24 on 1.1.1.0/24
Replies: 2
Views: 1317

Convert IP 1.1.1.1/24 on 1.1.1.0/24

Hello everybody. I made a script that I can't get to work. I basically create a variable like this: :local AddressDHCP [/ip dhcp-client get [find where interface=bridge_LAN] value-name=address] :local Network [:pick $AddressDHCP 0 [:find $AddressDHCP "/"]] :put $AddressDHCP :put $Network I...
by abbio90
Wed Oct 19, 2022 8:28 am
Forum: General
Topic: Ikev2 Mikrotik server and Android client
Replies: 1
Views: 252

Re: Ikev2 Mikrotik server and Android client

Client android
by abbio90
Wed Oct 19, 2022 8:24 am
Forum: General
Topic: Ikev2 Mikrotik server and Android client
Replies: 1
Views: 252

Ikev2 Mikrotik server and Android client

hello, I'm configuring ikev2 on mikrotik with many difficulties .. but something is wrong .. I am attaching various screenshots, if someone can help me
by abbio90
Fri Sep 02, 2022 12:37 am
Forum: General
Topic: HOTSPOT SOCIAL LOGIN
Replies: 5
Views: 1836

Re: HOTSPOT SOCIAL LOGIN

in what sense does it not allow it? there are the APIs of the various social networks .. there are airports and hotels that still use it
by abbio90
Fri Aug 26, 2022 5:17 pm
Forum: General
Topic: HOTSPOT SOCIAL LOGIN
Replies: 5
Views: 1836

Re: HOTSPOT SOCIAL LOGIN

can you tell me how to do it? already being able to do it would be a great thing beyond free access
by abbio90
Fri Aug 26, 2022 5:05 pm
Forum: General
Topic: HOTSPOT SOCIAL LOGIN
Replies: 5
Views: 1836

HOTSPOT SOCIAL LOGIN

hello, after some time I ask again a question to which there has never been a concrete answer .. has anyone managed to integrate mikrotik hotspot with social login with mikrotik without using paid services?
by abbio90
Sun May 15, 2022 9:42 pm
Forum: General
Topic: Mangle output?
Replies: 2
Views: 664

Re: Mangle output?

yes in fact it is very simple even with the mangle ... I tried and I succeeded in two seconds ...
by abbio90
Sat May 14, 2022 8:07 pm
Forum: General
Topic: Mangle output?
Replies: 2
Views: 664

Mangle output?

hello everyone ... I have a CHR that acts as a vpn server .. at this server there is a client with its own lan that I reach without problems thanks to the routes ... but with the routes I reach all the ports of the network .. . if I wanted to reach only the Snmp and icmp ports can I do it with the m...
by abbio90
Tue Mar 29, 2022 2:36 pm
Forum: General
Topic: Mangle nth
Replies: 5
Views: 518

Re: Mangle nth

a question arises ... do you need a VPN to a CHR to appear from a single IP? Or does it work like in PCC load balance?
by abbio90
Tue Mar 29, 2022 8:01 am
Forum: General
Topic: Mangle nth
Replies: 5
Views: 518

Re: Mangle nth

so would it be enough to follow what is indicated in this wiki?

https://wiki.mikrotik.com/wiki/NTH_load ... masquerade
by abbio90
Mon Mar 28, 2022 2:42 pm
Forum: General
Topic: Mangle nth
Replies: 5
Views: 518

Mangle nth

hello, I have two fttc with 50 mbps in download ... is it possible using the mangle nth to add the two downloads and get 100mbps?
by abbio90
Tue Mar 22, 2022 7:52 am
Forum: General
Topic: Branding Marker
Replies: 11
Views: 2402

Re: Branding Marker

so I could just load the routerOS mother package with a conf.rsc file and put the Branding package without default configuration in the system root folder? and so I have both the configuration and the ASCII logo forever?
by abbio90
Mon Mar 21, 2022 7:54 pm
Forum: General
Topic: Branding Marker
Replies: 11
Views: 2402

Re: Branding Marker

Loading the conf.rsc with netinstall everything works correctly..to the question what should I do the answer is this..I have to configure 45 ltap with the same basic configuration..then I will change 4 things counted later when they are installed including apn etc .. I have to make a package that I ...
by abbio90
Mon Mar 21, 2022 7:30 pm
Forum: General
Topic: Branding Marker
Replies: 11
Views: 2402

Re: Branding Marker

Why I'm suggesting ignoring the branding kit for now; and, focus on netinstall + config script
how do i load a conf.rsc with netinstall without creating a branding package?
by abbio90
Mon Mar 21, 2022 5:02 pm
Forum: General
Topic: Branding Marker
Replies: 11
Views: 2402

Re: Branding Marker

so the Branding package should I load it with netinstall instead of pasting it into the Tab file?
by abbio90
Mon Mar 21, 2022 3:56 pm
Forum: General
Topic: Branding Marker
Replies: 11
Views: 2402

Branding Marker

Hello everyone ... yesterday I was experimenting with the "Branding marker" function on the site. I made a package with the conf.rsc, the Telnet ASCII logo and the WEBFIG logo .. I notice that if I paste the package created in file and restart the ASCII logo is successful but the rest does...
by abbio90
Mon Jan 17, 2022 10:49 pm
Forum: General
Topic: Tunnel 6to4 IPv6 from CHR on Remote routerboard
Replies: 31
Views: 4675

Re: Tunnel 6to4 IPv6 from CHR on Remote routerboard

yes, I created the eoip tunnel between the ether of the chr and the lan bridge of the RB ... only by doing this, I am on the devices assigned public ip ... but not only those assigned by the ISP, but also others of the same subnet /64 ... so I think the ISP delegates a / 64 they think they share by ...
by abbio90
Sun Jan 16, 2022 11:10 pm
Forum: General
Topic: Tunnel 6to4 IPv6 from CHR on Remote routerboard
Replies: 31
Views: 4675

Re: Tunnel 6to4 IPv6 from CHR on Remote routerboard

I did an eoip between the ether of the CHR and the bridge of the Routerboard ... now the LAN of the routerboard is not only automatically assigned IPv6 but also ip not assigned to me by the ISP .. so I assume they delegate a / 64
by abbio90
Sun Jan 16, 2022 10:37 pm
Forum: Forwarding Protocols
Topic: OSPF VPN L2TP AND SSTP
Replies: 0
Views: 2959

OSPF VPN L2TP AND SSTP

hi, I have a CHR where about 30 l2tp and sstp clients converge ... I would like to integrate ospf ... but I notice that unlike when using physical interfaces they do not dynamically appear in ospf interfaces .. maybe because there is no broadcast. .. so the question is, do I have to statically enter...