Community discussions

MikroTik App

Search found 44 matches

by fakeusername2022
Thu Oct 19, 2023 12:59 pm
Forum: General
Topic: Contaner RESTART
Replies: 2
Views: 674

Contaner RESTART

Is there any command to restart a container? (other than stop and then start)
by fakeusername2022
Thu Sep 28, 2023 7:45 pm
Forum: General
Topic: Container as VPN
Replies: 18
Views: 4373

Re: Container as VPN

This is what I have done: 1. make sure that you have "ifconfig" AND any requirements it may have bundled inside your container. 2. Create a Bash Script and set it as your Entrypoint (More must be done with this script in No.8 below) 3. Inside the Bash Script use something like ifconfig eth...
by fakeusername2022
Fri Jun 16, 2023 12:06 pm
Forum: Announcements
Topic: v7.10, 7.10.1 and more [stable] are released!
Replies: 366
Views: 132993

Re: v7.10 [stable] is released!

OVPN log:
⏎[Jun 15, 2023, 17:32:18] Client exception in transport_recv: process_server_push_error: Problem accepting server-pushed peer-id: parse/range issue

works well til 7.10
Same problem here...
by fakeusername2022
Fri Jun 16, 2023 12:05 pm
Forum: Announcements
Topic: v7.10, 7.10.1 and more [stable] are released!
Replies: 366
Views: 132993

Re: v7.10 [stable] is released!

My OpenVPN Server stopped working after this update!
I get this error on client side:
"Client exception in transport_recv: process_server_push_error: Problem accepting server-pushed peer-id: parse/range issue"
After downgrading to 7.9 the problem solved!
by fakeusername2022
Fri May 12, 2023 12:47 am
Forum: Announcements
Topic: v7.10beta [testing] is released!
Replies: 249
Views: 54450

Re: v7.10beta [testing] is released!

Please add reboot command to containers.
Sometime it is required to reboot my container on a regular basis due to some bugs... Could not achieve this by scripting Stop and Start commands of the container...
by fakeusername2022
Thu Apr 20, 2023 9:48 pm
Forum: Announcements
Topic: v7.9rc is released!
Replies: 253
Views: 77854

Re: v7.9rc is released!

Any idea if Mikrotik will add support of TLS v1.3 to the SSTP server/client?!
by fakeusername2022
Fri Apr 14, 2023 9:43 am
Forum: Announcements
Topic: v7.9rc is released!
Replies: 253
Views: 77854

Re: v7.9rc is released!

There is a bug with Radius Server and User Manager causes Radius Timeout error for clients trying to connect.
seems to be solved with RC4
*) user-manager - fixed process startup after booting (introduced in v7.9beta4);
by fakeusername2022
Sat Apr 01, 2023 10:09 am
Forum: Announcements
Topic: v7.9rc is released!
Replies: 253
Views: 77854

Re: v7.9rc is released!

There is a bug with Radius Server and User Manager causes Radius Timeout error for clients trying to connect.
by fakeusername2022
Mon Feb 27, 2023 6:33 am
Forum: General
Topic: IKEv2 with EAP-MSCHAPv2 on Android 13 native client
Replies: 12
Views: 14581

Re: IKEv2 with EAP-MSCHAPv2 on Android 13 native client

Why link to strongSwan VPN Client?
It do not have L2TP...
Because this topic is about "IKEv2 with EAP-MSCHAPv2"
by fakeusername2022
Thu Feb 23, 2023 8:54 pm
Forum: General
Topic: IKEv2 with EAP-MSCHAPv2 on Android 13 native client
Replies: 12
Views: 14581

Re: IKEv2 with EAP-MSCHAPv2 on Android 13 native client

Any news on this, the new Android can't connect to L2TP/over IPsec etc? Android 13 does not have a built-in native L2tp client anymore. The problem with IKEV2/EAP-MSCHAPv2 is not solved and you are limited to a client like https://play.google.com/store/apps/details?id=org.strongswan.android&hl=...
by fakeusername2022
Fri Feb 17, 2023 9:59 am
Forum: General
Topic: SSTP and TLS v1.3
Replies: 0
Views: 414

SSTP and TLS v1.3

Hi
Any idea if Mikrotik will add support of TLS v1.3 to the SSTP server/client?!
by fakeusername2022
Fri Feb 17, 2023 9:35 am
Forum: Containers
Topic: run flag in container
Replies: 8
Views: 5190

Re: run flag in container

i want to run https://v2raya.org/en/docs/prologue/installation/docker/ this on mikrotik container when i install the image normally it work but transparent proxy of the container wont work. to run that correctly it should be run with the command bellow # run v2raya docker run -d \ --restart=always ...
by fakeusername2022
Thu Feb 16, 2023 12:28 am
Forum: Containers
Topic: run flag in container
Replies: 8
Views: 5190

Re: run flag in container

i want to run https://v2raya.org/en/docs/prologue/installation/docker/ this on mikrotik container when i install the image normally it work but transparent proxy of the container wont work. to run that correctly it should be run with the command bellow # run v2raya docker run -d \ --restart=always ...
by fakeusername2022
Wed Feb 15, 2023 9:46 pm
Forum: Containers
Topic: lack of TPROXY module in RouterOS Kernel and Docker containers
Replies: 9
Views: 4073

Re: Docker Container RUN mode for Mikrotik

One step forward... I listed all exposed Kernel modules from RouterOS to a running container (as you know containers do not have any Linux Kernel and depend JUST on the host kernel. Therefore, just the loaded Kernel Modules of the main RouterOS kernel is available to them). So here is the output. Ot...
by fakeusername2022
Wed Feb 15, 2023 9:12 pm
Forum: Containers
Topic: Multiple VETH per container
Replies: 0
Views: 3487

Multiple VETH per container

I think the Container feature MUST add multiple network interface capability at this stage in order to allow more images to be released for Mikrotik...
I saw the bridge workaround but why not being supported easily by the package itself?!
by fakeusername2022
Wed Feb 15, 2023 3:22 pm
Forum: Containers
Topic: lack of TPROXY module in RouterOS Kernel and Docker containers
Replies: 9
Views: 4073

Re: Docker Container RUN mode for Mikrotik

Any suggestions on how to create a docker container for Routeros which supports iptables and it's modules including tproxy?!
Routeros firewall itself does not allow something similar to tproxy, or does it?!
by fakeusername2022
Wed Feb 15, 2023 10:03 am
Forum: Containers
Topic: lack of TPROXY module in RouterOS Kernel and Docker containers
Replies: 9
Views: 4073

lack of TPROXY module in RouterOS Kernel and Docker containers

Hi I am creating a container which uses iptables and specifically focuses on utilizing TPROXY (https://www.kernel.org/doc/Documentation/networking/tproxy.txt) but am not able to add any of the Iptable rules inside the docker environment (I connect to it using running shell). I was curious about the ...
by fakeusername2022
Sun Feb 12, 2023 11:36 pm
Forum: Containers
Topic: how enable container on CHR\x86? Topic is solved
Replies: 46
Views: 30237

Re: how enable container on CHR\x86? Topic is solved

I have the very same issue! Mikrotik must devise a different method for enabling container on x86 or CHR platforms.Some VPS providers perform a gracefull shutdown/restart of the system no matter what. Best to change the method for CHR version...
by fakeusername2022
Mon Feb 06, 2023 7:27 pm
Forum: RouterOS beta
Topic: Feature Request: OpenVPN with UDP and TCP (both)
Replies: 9
Views: 3786

Re: Feature Request: OpenVPN with UDP and TCP (both)

+1 for me.

for some installations i used "port forwarding" to use more TCP port.
but is useful have more OVPN server (as I did in the past with pfsense)

thank you
Multiple TCP or UDP ports might be possible with firewall nat but it is just limited to either TCP or UDP...
by fakeusername2022
Sun Feb 05, 2023 8:02 pm
Forum: RouterOS beta
Topic: Feature Request: OpenVPN with UDP and TCP (both)
Replies: 9
Views: 3786

Re: Feature Request: OpenVPN with UDP and TCP (both)

That article explains it is NOT possible. There is a workaround: run two different servers.
I have a mikrotik router with N IP addresses. Why shouldnt I be able to assign one OVPN server instance to each IP address?!
Same applies to SSTP server configuration...
by fakeusername2022
Sun Feb 05, 2023 2:58 pm
Forum: RouterOS beta
Topic: Source IP address optons for SSTP and OpenVPN clients
Replies: 0
Views: 2168

Source IP address optons for SSTP and OpenVPN clients

Hi
It would be great to add "Src. Address" for OpenVPN and SSTP clients, like what we have for L2TP client.
Screenshot 2023-02-05 162748.png
by fakeusername2022
Sun Feb 05, 2023 2:55 pm
Forum: RouterOS beta
Topic: Feature Request: OpenVPN with UDP and TCP (both)
Replies: 9
Views: 3786

Re: Feature Request: OpenVPN with UDP and TCP (both)

Official OpenVPN does not support that either...
I think it is possible: https://forums.openvpn.net/viewtopic.php?t=10473
by fakeusername2022
Fri Feb 03, 2023 10:16 pm
Forum: RouterOS beta
Topic: Feature Request: OpenVPN with UDP and TCP (both)
Replies: 9
Views: 3786

Feature Request: OpenVPN with UDP and TCP (both)

Hi, Would be great to be able to have the builtin OpenVPN with both TCP and UDP enabled. Currently it is just limited to one protocol and port while theorically RouterOS can allow both being enabled on different ports. It is usefull for The Internet Enemy countries VPN access and also Road Warrior V...
by fakeusername2022
Mon Jan 09, 2023 7:33 am
Forum: General
Topic: IKEv2 with EAP-MSCHAPv2 on Android 13 native client
Replies: 12
Views: 14581

Re: IKEv2 with EAP-MSCHAPv2 on Android 13 native client

Maybe someone in the andrid community can report the issue. Maybe Mikrotik Dev Team can handle this?!
by fakeusername2022
Mon Jan 09, 2023 7:31 am
Forum: General
Topic: Simple Queu DST and Firewall Address Lists
Replies: 0
Views: 286

Simple Queu DST and Firewall Address Lists

Is it possbible to use a Firewall address list as DST of a Simple Queue?!!!
If not, any possibility to consider this as a feature?
by fakeusername2022
Mon Nov 28, 2022 12:51 pm
Forum: General
Topic: Simple queue for IKEv2 IPSEC RoadWarrior tunnel VPN
Replies: 0
Views: 435

Simple queue for IKEv2 IPSEC RoadWarrior tunnel VPN

Am I making mistakes in my configuration or it is true that we cannot use simple queues to shape traffic of dynamic IP addresses assigned to clients of my IKEv2 Roadwarrior setup?! (My setup is baed on https://help.mikrotik.com/docs/display/ROS/IPsec#IPsec-RoadWarriorsetupusingIKEv2withEAP-MSCHAPv2a...
by fakeusername2022
Mon Nov 28, 2022 12:02 pm
Forum: General
Topic: Native IKEv2 client issue in Android 11
Replies: 2
Views: 1701

Re: Native IKEv2 client issue in Android 11

Maybe the same issue descibed in this post? viewtopic.php?t=191155
by fakeusername2022
Sun Nov 27, 2022 1:09 pm
Forum: General
Topic: IKEv2 with EAP-MSCHAPv2 on Android 13 native client
Replies: 12
Views: 14581

Re: IKEv2 with EAP-MSCHAPv2 on Android 13 native client

I have a "MyDomianName.co" pem file and the private key issued by CloudFlare. I have used this as the Radius and also IKEv2 identity. Here is the export: /certificate/print detail where name="MyDomianName.co" Flags: K - private-key; L - crl; C - smart-card-key; A - authority; I -...
by fakeusername2022
Sun Nov 27, 2022 2:14 am
Forum: General
Topic: L2TP VPN Config Issue
Replies: 7
Views: 1680

Re: L2TP VPN Config Issue

find proxy-arp in this wiki topic https://wiki.mikrotik.com/wiki/Manual:Interface/L2TP and read the section and lines above it:
by fakeusername2022
Sun Nov 27, 2022 2:08 am
Forum: General
Topic: IKEv2 with EAP-MSCHAPv2 on Android 13 native client
Replies: 12
Views: 14581

Re: IKEv2 with EAP-MSCHAPv2 on Android 13 native client

Hi Sindy, I have attached two IPSEC logs. One from StrongSwan client on android and the other from Android'd native client (version 13) [both on the same phone]. StrongSwan_Works.log.txt AndroidNative_DoesNotWork.log.txt P.S. The very same server config also works pretty fine with the latest IOS ver...
by fakeusername2022
Sat Nov 26, 2022 8:28 pm
Forum: General
Topic: Ipsec vpn traffic limit?
Replies: 6
Views: 3095

Re: Ipsec vpn traffic limit?

Old topic but want to share my experience here. Used help topic https://help.mikrotik.com/docs/display/ROS/IPsec#IPsec-RoadWarriorsetupusingIKEv2withEAP-MSCHAPv2authenticationhandledbyUserManager(RouterOSv7) and have a running IKEv2+Radius setup for my roadwarrior clinets now. BUT neither the simple...
by fakeusername2022
Fri Nov 25, 2022 11:59 pm
Forum: General
Topic: IKEv2 with EAP-MSCHAPv2 on Android 13 native client
Replies: 12
Views: 14581

IKEv2 with EAP-MSCHAPv2 on Android 13 native client

Hi I have a fully functional IKEv2 with EAP-MSCHAPv2 IPSEC config which works SUPER PRETTY FINE with Windows 11 and StrongSwan Android clients, BUT it does not work with native client of android 13! In my ROS 7.6 logs I get "got fatal error: AUTHENTICATION_FAILED" when trying from the nati...
by fakeusername2022
Tue Oct 25, 2022 11:03 pm
Forum: RouterOS beta
Topic: OpenVPN UDP and TCP
Replies: 5
Views: 2804

Re: OpenVPN UDP and TCP

Flexibility?!
by fakeusername2022
Sun Oct 23, 2022 8:32 pm
Forum: General
Topic: Firewall does not drop incoming multicast packets (224.0.0.252)
Replies: 6
Views: 1138

Re: Firewall does not drop incoming multicast packets (224.0.0.252)

Could this be a bug in ROS 7.6 or something by design when working with multicasts?!
How can we mention mikrotik dev team here?
by fakeusername2022
Sat Oct 22, 2022 10:31 pm
Forum: General
Topic: Firewall does not drop incoming multicast packets (224.0.0.252)
Replies: 6
Views: 1138

Re: Firewall does not drop incoming multicast packets (224.0.0.252)

Did you try to add it as "raw" rule?
It worked with Raw rules... Any comment on "Why"?!
by fakeusername2022
Sat Oct 22, 2022 10:21 pm
Forum: General
Topic: Firewall does not drop incoming multicast packets (224.0.0.252)
Replies: 6
Views: 1138

Re: Firewall does not drop incoming multicast packets (224.0.0.252)

Yes, I know that the Torch shows whatever is passing. By "Not Working", I meant not being logged. If it was filtered then the it must be also logged (of course when logging is enabled). So I blocked ALL incoming packets from the subnet sending massive broadcast and multicast packets BUT ev...
by fakeusername2022
Sat Oct 22, 2022 2:21 pm
Forum: General
Topic: Firewall does not drop incoming multicast packets (224.0.0.252)
Replies: 6
Views: 1138

Firewall does not drop incoming multicast packets (224.0.0.252)

Hey Running ROS 7.6 it seems that the firewall is not able to drop packets hitting router ether1 interface with DST IP address 224.0.0.252. Tried blocking using DST packet type as Multicast, blocking by dst IP address as /32 and 224/8 and also blocking by src ip address sendig these packets. None of...
by fakeusername2022
Sat Oct 22, 2022 2:14 pm
Forum: RouterOS beta
Topic: OpenVPN UDP and TCP
Replies: 5
Views: 2804

Re: OpenVPN UDP and TCP

Yes, Why not!
Being able to run OpenVPN server with UDP and TCP on diff ports at the same time.
by fakeusername2022
Fri Oct 21, 2022 4:06 pm
Forum: General
Topic: Queue for sharing variable max available wan BW
Replies: 0
Views: 298

Queue for sharing variable max available wan BW

Hi Assume a scenrio where we have a Starlink as WAN. The maximum availale BW is not fixed and changes from 10Mbps to 180Mbps with no specific pattern. What would be the BEST possible method to share the availale unknown-max-bandwifth of the WAN with users equally?! To my knowledge the PCQ works but ...
by fakeusername2022
Mon Oct 17, 2022 8:48 am
Forum: Virtualization
Topic: Using local (main) disk of a CHR for Conatianers
Replies: 2
Views: 2350

Re: Using local (main) disk of a CHR for Conatianers

I was avale to use my main disk for mountpoaints and also the container space. It has been working fine on a VPS with CHR.
by fakeusername2022
Mon Oct 17, 2022 8:46 am
Forum: RouterOS beta
Topic: OpenVPN UDP and TCP
Replies: 5
Views: 2804

OpenVPN UDP and TCP

Dear Mikrotik dev team
Isn't it better to be able to have OpenVPN UDP and TCP available together instead of either one of them?
by fakeusername2022
Wed Oct 12, 2022 2:22 pm
Forum: Virtualization
Topic: Using local (main) disk of a CHR for Conatianers
Replies: 2
Views: 2350

Using local (main) disk of a CHR for Conatianers

Hi
I am running CHR on a VR with 50Gbyte local disk and thats the way the VM provider works. Cannot create partitions or add secondary disks.
Is there any way to use the local disk which CHR is running from for containers or adding aditional disks is mandatory?!
Thanks!
by fakeusername2022
Tue Sep 27, 2022 10:56 pm
Forum: General
Topic: Basic Queue question
Replies: 0
Views: 327

Basic Queue question

A very basic setup. I have a router connected to internet with a 1Gbps link on ether1 interface. I have some PPP clients connecting over lan on ether2. They are NATed to get net access from ether1 and are using IP address 192.168.1.X/24. I add a simple queue limit for IP address 192.168.1.10/24 e.g....