Community discussions

MikroTik App

Search found 1405 matches

by jaclaz
Wed Sep 11, 2024 6:44 pm
Forum: Beginner Basics
Topic: Network traffic gets slower, when adding vlans
Replies: 27
Views: 933

Re: Network traffic gets slower, when adding vlans

Check by opening a terminal and issuing in it: /interface/detect-internet/print if you see it as "none" after you changed it in Winbox (before rebooting) BUT it changes back to "all" after a reboot, there must be a script (or *something else*) that re-initializes it. That whole s...
by jaclaz
Wed Sep 11, 2024 6:28 pm
Forum: Wireless Networking
Topic: Wifi core and repeaters config - Setup issue
Replies: 8
Views: 345

Re: Wifi core and repeaters config - Setup issue

Very likely irrelevant to your (speed) issue, only notes, at a first read: 1) usually bridges are set with auto-mac=no and given a fixed MAC 2) you have wlan1 largely not configured, but in both devices it is set as ap-bridge, if you don't use it, it will be better if disabled on both devices 3) you...
by jaclaz
Wed Sep 11, 2024 3:32 pm
Forum: Beginner Basics
Topic: Is the Mikrotik CRS312-4C+8XG-RM correct for my 10 Gbps ethernet network?
Replies: 2
Views: 177

Re: Is the Mikrotik CRS312-4C+8XG-RM correct for my 10 Gbps ethernet network?

Giving you a much broader and cheaper set of switch choices. Hmmm. Yes and no, if you look at the costs, compared to CAT6/6a/7 patch cables, let's say 5-10 US$ each, using DAC's you are going to need some 20-30 US$ per connection, while using fiber (or copper) SFP's, more like 60-70 US$ at least, s...
by jaclaz
Wed Sep 11, 2024 3:15 pm
Forum: Beginner Basics
Topic: Network traffic gets slower, when adding vlans
Replies: 27
Views: 933

Re: Network traffic gets slower, when adding vlans

Good :) , AND I'll move it one notch up:

1) You do not use VLAN1
2) You DO NOT use VLAN1
3) You do not use Quickset
4) You do not use detect internet
5)...
by jaclaz
Wed Sep 11, 2024 3:10 pm
Forum: General
Topic: Adding a second /24 network troubles
Replies: 7
Views: 287

Re: Adding a second /24 network troubles

Maybe this post will be relevant to your situation:
viewtopic.php?t=187932#p947857
by jaclaz
Wed Sep 11, 2024 2:35 pm
Forum: Useful user articles
Topic: There is no indication when connecting the router to the computer
Replies: 14
Views: 1942

Re: There is no indication when connecting the router to the computer

The whole concept of innocent until proven guilty?

Overridden by Andreotti's famous:
You sin in thinking bad about people - but, often, you guess right.
by jaclaz
Wed Sep 11, 2024 2:27 pm
Forum: Beginner Basics
Topic: Network traffic gets slower, when adding vlans
Replies: 27
Views: 933

Re: Network traffic gets slower, when adding vlans

@holvoeth Your correction is overruled :lol: : Judge Chamberlain Haller: Mr. Gambini? Vinny Gambini: Yes, sir? Judge Chamberlain Haller: That is a lucid, intelligent, well thought-out objection. Vinny Gambini: Thank you, Your Honor. Judge Chamberlain Haller: [in a firm tone] Overruled. rules need to...
by jaclaz
Wed Sep 11, 2024 1:07 pm
Forum: RouterBOARD hardware
Topic: Upgrading older Mikrotik equipment
Replies: 11
Views: 897

Re: Upgrading older Mikrotik equipment

AFAICU SwOS is just fine (and simpler) if the switch is used as "simple" managed switch, but with RoS you have more possibilities, if needed. The way a router (designed as a router) and a switch (designed as a switch) differ is in the way the ports are connected to the CPU and between them...
by jaclaz
Wed Sep 11, 2024 10:40 am
Forum: Beginner Basics
Topic: Network traffic gets slower, when adding vlans
Replies: 27
Views: 933

Re: Network traffic gets slower, when adding vlans

I think I will add this to my Mikrotik Club Rules :wink: :
1) You do not use VLAN1
2) You DO NOT use VLAN1
3) You do not use detect internet
4)...
by jaclaz
Tue Sep 10, 2024 9:14 pm
Forum: Beginner Basics
Topic: Network traffic gets slower, when adding vlans
Replies: 27
Views: 933

Re: Network traffic gets slower, when adding vlans

... or causes random problems (worst case).
Judging from the reports I have seen on the forum, the worst case seems to be the normality...
by jaclaz
Tue Sep 10, 2024 9:08 pm
Forum: Scripting
Topic: Scripting using /system telnet
Replies: 3
Views: 182

Re: Scripting using /system telnet

I think telnet in Mikrotik is "interactive only":
viewtopic.php?t=69786
by jaclaz
Tue Sep 10, 2024 12:17 pm
Forum: Beginner Basics
Topic: ltap mini Routing problems
Replies: 8
Views: 1762

Re: ltap mini Routing problems

But you already have a route towards the internet (it should be provided by the lte1 interface by itself), the one in your screenshot: DAS 0.0.0.0/0 lte1 reachable is telling the router that any address in 0.0.0.0/0 (all the addresses) should go through lte1. From terrminal, you can check with: /ip ...
by jaclaz
Tue Sep 10, 2024 12:20 am
Forum: Beginner Basics
Topic: Dual Router Home Setup Help Needed
Replies: 5
Views: 427

Re: Dual Router Home Setup Help Needed

In modern windows, the default is to NOT replay to pings, so, unless you change that setting, pinging will result in timeout, but even if the error/result is the same it is not like your PC Is not reachable from the Mikrotik, simply the PC does not respond. 192.168.86.x and 192.168.88.x are two diff...
by jaclaz
Mon Sep 09, 2024 11:46 pm
Forum: Beginner Basics
Topic: ltap mini Routing problems
Replies: 8
Views: 1762

Re: ltap mini Routing problems

Interface list is a way to categorize/group items, so It Is the other way round, bridge Is in the category LAN, lte1 is in category WAN, bridge_wlan does not belong (yet) to any category (it doesn't need to belong to any of the two above or to a third one) . In the masquerade rule you use out-interf...
by jaclaz
Mon Sep 09, 2024 5:30 pm
Forum: Beginner Basics
Topic: Regarding the issue of NAT
Replies: 4
Views: 230

Re: Regarding the issue of NAT

It seems "normal" to me.

You have two domains pointing to a same IP address.

When you src-nat and dst-nat to your local network you are using the two domains, but they will both be resolved to the same a.b.c.d IP address, wouldn't they?
by jaclaz
Mon Sep 09, 2024 12:33 pm
Forum: Beginner Basics
Topic: ltap mini Routing problems
Replies: 8
Views: 1762

Re: ltap mini Routing problems

I am not really sure what your intended setup is, but: The bridge_wlan is neither LAN nor WAN: /interface list member add comment=defconf interface=bridge list=LAN add comment=defconf interface=lte1 list=WAN And your firewall nat is only for WAN: /ip firewall nat add action=masquerade chain=srcnat c...
by jaclaz
Mon Sep 09, 2024 12:26 pm
Forum: RouterBOARD hardware
Topic: Upgrading older Mikrotik equipment
Replies: 11
Views: 897

Re: Upgrading older Mikrotik equipment

If you can use fiber, use it. Not only because it is better/faster/whatever, but because temperatures of fiber SFP's are "acceptable", copper SFP's are essentially small electric stoves (that can often create issues for the amount of heat they generate, definitely not good on passive coole...
by jaclaz
Mon Sep 09, 2024 12:03 pm
Forum: Beginner Basics
Topic: Simple Failover - ISP1 PPPoE & ISP2 LTE [SOLVED]
Replies: 7
Views: 471

Re: Simple Failover - ISP1 PPPoE & ISP2 LTE [SOLVED]

If your current config works for you, good :) . You should anyway check this post by rextended on that same thread: https://forum.mikrotik.com/viewtopic.php?t=189277#p958546 Point of note: remove only connections that have a longish remaining timeout, to avoid attempting to remove connections that a...
by jaclaz
Sun Sep 08, 2024 8:58 pm
Forum: RouterBOARD hardware
Topic: Upgrading older Mikrotik equipment
Replies: 11
Views: 897

Re: Upgrading older Mikrotik equipment

The routing speed of the RB5009 is very similar to that of the CCR2004 (actually a little bit faster), so if 8 ports are enough for you, you'd better save the money for the moment. What may make the difference is if you are going to use the SFP(s), the second SFP port of the CCR2004 may be useful fo...
by jaclaz
Sun Sep 08, 2024 3:26 pm
Forum: Beginner Basics
Topic: Creating a wired bridge with a wsAP ac lite
Replies: 1
Views: 124

Re: Creating a wired bridge with a wsAP ac lite

Well, start by posting your current configuration of the wsAC lite, follow this post instructions: https://forum.mikrotik.com/viewtopic.php?t=203686#p1051720 It would be "unusual" that you have it configured "as router" (unless someone fiddled with it) as the common configuration...
by jaclaz
Sun Sep 08, 2024 2:18 pm
Forum: General
Topic: Cube 60Pro ac wall mount - QMP?
Replies: 1
Views: 134

Re: Cube 60Pro ac wall mount - QMP?

The QMP comes (but the good Mikrotik guys do not show an explicit/clear photo of them) with two "attachment" devices: 1) a sort of bayonet plate suitable for the SXT and similar devices 2) a short, round, one You can see it (once you know it exists, in the second photo of the product: http...
by jaclaz
Sun Sep 08, 2024 12:57 pm
Forum: Beginner Basics
Topic: Dual Router Home Setup Help Needed
Replies: 5
Views: 427

Re: Dual Router Home Setup Help Needed

Yes and no, if the devices are on a same network (let's say like in your case in a same /24) communication between them happens (should happen) at L2 level (switching/bridging) if the networks are different the communication happens (should happen) at L3 level (routing) or however some specific sett...
by jaclaz
Sun Sep 08, 2024 12:09 pm
Forum: General
Topic: Need some hardware recommendations for a router
Replies: 2
Views: 189

Re: Need some hardware recommendations for a router

If you need more SFP's probably you should add a (passive cooled) switch, *like*
https://mikrotik.com/product/crs309_1g_8s_in
https://mikrotik.com/product/crs310_1g_5s_4s_in
by jaclaz
Sun Sep 08, 2024 12:01 pm
Forum: RouterBOARD hardware
Topic: Upgrading older Mikrotik equipment
Replies: 11
Views: 897

Re: Upgrading older Mikrotik equipment

Which main board device ( above) would you get? Also What switch for would you get? Strangely enough it depends on your requirements, number and type of devices, internet connection, what kind of speed you want to achieve and which infrastructure you have (cables) and budget. The CCR2004 @$465.00 i...
by jaclaz
Sun Sep 08, 2024 11:47 am
Forum: Wireless Networking
Topic: Ether: bridge port receiving packet with its own MAC address
Replies: 17
Views: 1273

Re: Ether: bridge port receiving packet with its own MAC address

I think the advise was to make your MAC static and different from any other one you have on that machine, see this: https://forum.mikrotik.com/viewtopic.php?t=190747 There are reports that the mechanism the RoS uses to auto-assign MAC can, in certain situations, change the MAC, creating havoc in cer...
by jaclaz
Sat Sep 07, 2024 6:14 pm
Forum: Beginner Basics
Topic: How to configutre LTE Router with passthrough
Replies: 1
Views: 235

Re: How to configutre LTE Router with passthrough

Shouldn't be too different from:
viewtopic.php?t=163396
by jaclaz
Sat Sep 07, 2024 5:38 pm
Forum: General
Topic: Node Red on MIPSBE, possible?
Replies: 3
Views: 252

Re: Node Red on MIPSBE, possible?

About docker on mipsbe I'vefound this topic, but doesn't report the way to obtain it:
viewtopic.php?t=187595
Well, that is what is generally referred to as "wishful thinking":
https://en.wikipedia.org/wiki/Wishful_thinking
by jaclaz
Sat Sep 07, 2024 3:48 pm
Forum: Beginner Basics
Topic: Dual Router Home Setup Help Needed
Replies: 5
Views: 427

Re: Dual Router Home Setup Help Needed

I think a line must be drawn *somewhere*, between "same network" and "other network". If your PC has 192.168.88.253, i.e. belongs to network 192.168.88..0/24, and the bridge on the Mikrotik is /ip address add address=192.168.88.1/24 comment=defconf interface=bridge network=\ 192....
by jaclaz
Sat Sep 07, 2024 11:13 am
Forum: General
Topic: DHCP is offered but not bound to Brother printers only [SOLVED]
Replies: 36
Views: 1665

Re: DHCP is offered but not bound to Brother printers only [SOLVED]

Good, so kleshlki's example in post #28 or your reported adaptation in post #29 (minus typos/errors) are the right references "as they are". :)
by jaclaz
Fri Sep 06, 2024 11:26 pm
Forum: General
Topic: DHCP is offered but not bound to Brother printers only [SOLVED]
Replies: 36
Views: 1665

Re: DHCP is offered but not bound to Brother printers only [SOLVED]

I made a mistake in the last step — datapath configuration. I fixed it and it worked :)
It would be nice if you could describe exactly what the error(s) and the correction(s) were, so that this thread may become useful as a reference for similar issues.
by jaclaz
Fri Sep 06, 2024 11:15 pm
Forum: Wireless Networking
Topic: Short distance point2point link
Replies: 2
Views: 277

Re: Short distance point2point link

The common reports about 60 GHz Is that you need clear line of view, even some fog or medium heavy rain can compromise the link, tree leaves are a no-no. A Cube in such a setup will likely continuosly fall back to the (much slower) 5 GHz. Besides the SXT SA5 AC, which I believe is intended for much ...
by jaclaz
Fri Sep 06, 2024 8:25 pm
Forum: General
Topic: Convert script to create in terminal
Replies: 4
Views: 319

Re: Convert script to create in terminal

You can also use "/system/script export where name=XXXX" to get the "escaped form" of any script (and then cut-and-paste that as needed).
Good to know, thanks :) .
by jaclaz
Fri Sep 06, 2024 8:00 pm
Forum: Beginner Basics
Topic: Simple Failover - ISP1 PPPoE & ISP2 LTE [SOLVED]
Replies: 7
Views: 471

Re: Simple Failover - ISP1 PPPoE & ISP2 LTE [SOLVED]

When you have PPPoE up: 0 ADS 0.0.0.0/0 pppoe-out1 1<- this is (DHCP) and Active, ALL outbound traffic goes through this 1 S 0.0.0.0/0 192.168.8.1 2 -<- this is (Static) and NOT Active (because of higher distance=2), so it is irrelevant 2 A S 1.1.1.1/32 pppoe-out1 1<- this, (Static) is Active and be...
by jaclaz
Fri Sep 06, 2024 4:54 pm
Forum: General
Topic: Unstable router operations
Replies: 1
Views: 186

Re: Unstable router operations

ROSv7 is too generic.
Different versions of 7.13, 7.14 and 7.15 (besides latest-latest 7.16) have been object of alternate reports of instabilities on Wi-Fi.
From what has been reported, 7.14.3 seems to be the safest bet or - at least - the better "base".
by jaclaz
Fri Sep 06, 2024 3:06 pm
Forum: Beginner Basics
Topic: Simple Failover - ISP1 PPPoE & ISP2 LTE [SOLVED]
Replies: 7
Views: 471

Re: Simple Failover - ISP1 PPPoE & ISP2 LTE [SOLVED]

These: add dst-address=0.0.0.0 gateway=192.168.8.1 distance=2 add dst-address=1.1.1.1 gateway=pppoe-out1 distance=1 Should actually be, I believe: add dst-address=0.0.0.0/0 gateway=192.168.8.1 distance=2 add dst-address=1.1.1.1/32 gateway=pppoe-out1 distance=1 (but maybe the network is implied) But ...
by jaclaz
Fri Sep 06, 2024 11:27 am
Forum: Beginner Basics
Topic: Generic setup script for UK broadband
Replies: 4
Views: 395

Re: RB5009 setup script

At a quick glance I see two common settings missing (cannot say if you avoided them on purpose):
1) static MAC address to the bridge
2) categorizing ether8 as WAN
by jaclaz
Fri Sep 06, 2024 11:09 am
Forum: RouterBOARD hardware
Topic: Outdoor 5G?
Replies: 15
Views: 3196

Re: Outdoor 5G?

We're talking about a boat here, so few other factors make it bit harder of a problem. e.g. it's going to bake in sun, vibrate/move slightly (wind), and perhaps be in salty air. So even @normis's reasonable and fun suggestion to 3D print a case for a Chateau, requires a high-temp printer to use som...
by jaclaz
Thu Sep 05, 2024 11:01 pm
Forum: Beginner Basics
Topic: LAN to LAN basics
Replies: 21
Views: 2047

Re: LAN to LAN basics

@mkx
Well, I paid 1.80 for that same cable, so it costs us nothing - combined - we are still ahead, and we can even afford to pay the unjust and unfair duty the Sheriff of Nottingham just imposed on us.
by jaclaz
Thu Sep 05, 2024 3:16 pm
Forum: Beginner Basics
Topic: LAN to LAN basics
Replies: 21
Views: 2047

Re: LAN to LAN basics

There are AFAICU mainly two consequences of using VLAN1: 1) possible incompatibilities with other vendor devices 2) possible incompatibilities with Mikrotik internal usage of VLAN1 for *some settings*, i.e.: https://forum.mikrotik.com/viewtopic.php?t=206946#p1071170 I am pretty sure that expert, kno...
by jaclaz
Thu Sep 05, 2024 2:53 pm
Forum: General
Topic: VRF with 3 Isolated NAT Networks route from 3 external IPs
Replies: 4
Views: 409

Re: VRF with 3 Isolated NAT Networks route from 3 external IPs

So you have no firewall filter rules that may interfere? I see now that you did declare the vrf's, my bad :oops: . I don't particularly appreciate your naming scheme, when/if you will need to use ether2@port1 you will see why, but this is irrelevant. I cannot see anything blatantly "wrong"...
by jaclaz
Thu Sep 05, 2024 12:49 pm
Forum: Wireless Networking
Topic: Wireless interference between devices in close vicinity
Replies: 17
Views: 991

Re: Wireless interference between devices in close vicinity

Yep, as said RF shielding is tricky business, strange that you did not notice some differences. Well, at least we tried ... An alternative (that you won't like) could be modifying the hAP lite, add an external antenna connector and use an external flat (directional) one: https://forum.mikrotik.com/v...
by jaclaz
Thu Sep 05, 2024 10:57 am
Forum: Beginner Basics
Topic: LAN to LAN basics
Replies: 21
Views: 2047

Re: LAN to LAN basics

Very likely completely unrelated to the issue you still need to solve, but using VLAN1 is what we highly specialized technicians :shock: commonly call "looking for troubles".

JFYI:
viewtopic.php?t=208061&
by jaclaz
Wed Sep 04, 2024 6:39 pm
Forum: General
Topic: /31 through a IPSec over GRE tunnel
Replies: 7
Views: 490

Re: /31 through a IPSec over GRE tunnel

Here are some related info:
viewtopic.php?t=32935
particularly:
viewtopic.php?t=32935#p161412

And this post is the one that (for me) is easier to remember, the concept of a mirror of a /32:
viewtopic.php?t=32935#p382118
by jaclaz
Wed Sep 04, 2024 6:21 pm
Forum: Beginner Basics
Topic: How communicate between router without involving WAN [SOLVED]
Replies: 7
Views: 671

Re: How communicate between router without involving WAN [SOLVED]

Wouldn't this be similar to the "Simple Static Routing" here (minus the two different WANs instead of the single one on the wiki example):
https://wiki.mikrotik.com/wiki/Manual:S ... ic_Routing
by jaclaz
Wed Sep 04, 2024 6:16 pm
Forum: Wireless Networking
Topic: Slow WiFi [SOLVED]
Replies: 31
Views: 2175

Re: Slow WiFi [SOLVED]

In a still not perfect world, but better than this one, wifi-qcom-ac would have probably been still called wifi-qcom-ac, but wifi-qcom would probably have been called wifi-qcom-ax. You would have wifi ac devices, and need wifi-qcom- ac , you would have wifi ax devices, and need wifi-qcom- ax . In th...
by jaclaz
Wed Sep 04, 2024 12:24 pm
Forum: General
Topic: VRF with 3 Isolated NAT Networks route from 3 external IPs
Replies: 4
Views: 409

Re: VRF with 3 Isolated NAT Networks route from 3 external IPs

If it is v7, you are seemingly missing the explicit declaration of the three rouiting tables.
It is better if you post your whole configuration (as opposed to the parts that you believe relevant) as the devil is in the details.
by jaclaz
Wed Sep 04, 2024 12:17 pm
Forum: Beginner Basics
Topic: Communication problem between switch related to VLAN [SOLVED]
Replies: 2
Views: 470

Re: Communication problem between switch related to VLAN [SOLVED]

Plwase recheck your post. RT1 is 192.168.1. 1 , you wrote 192.168.1. 2 in a few places. Post the configuration of the RT1 too. I think it is better to go step by step, i.e. if PC1 connection to RT1 is not working the issue can be in three places, (besides PC1), SW2, SW1 and RT1, but if SRV2 connecti...
by jaclaz
Tue Sep 03, 2024 2:14 pm
Forum: General
Topic: VRF-support for DNS is broken?
Replies: 10
Views: 2354

Re: VRF-support for DNS is broken?

Yep, there was a photo posted some time ago, about picture on the box and actual contents, cannot find it right now, but this one will do:
Image
by jaclaz
Tue Sep 03, 2024 1:50 pm
Forum: RouterBOARD hardware
Topic: RB3011 no more POE on port eth10
Replies: 40
Views: 19371

Re: RB3011 no more POE on port eth10

That TP-LINK thingy is not a standard (which standard?, I love standards, there are so many of them :wink: ) PoE device. The PoE injector that comes with that is intended to be more than anything else an "extension cable" powered by the "normal" power supply that comes with the d...
by jaclaz
Mon Sep 02, 2024 5:27 pm
Forum: General
Topic: wAPR-2nD LTE - registration denied with new modem QUECTEL EC2004-EU [SOLVED]
Replies: 5
Views: 778

Re: wAPR-2nD LTE - registration denied with new modem QUECTEL EC2004-EU [SOLVED]

Now we are waiting for the Stable version before officially using it into production.
JFYI, in Mikrotikish "stable" has a somehow different meaning than "production ready".
I think it is one of those language subtleties that are lost in translation.
by jaclaz
Mon Sep 02, 2024 5:06 pm
Forum: Wireless Networking
Topic: Wireless interference between devices in close vicinity
Replies: 17
Views: 991

Re: Wireless interference between devices in close vicinity

@bpwl That seem like one of the few cases where a cAP might be more useful than a hAP if you mount it on a ceiling or high on a wall. @acrophobic Sure, if you have the possibility a sheet of aluminium some (say) 2 mm thick would be light enough and have the mechanical resistance to hold the two devi...
by jaclaz
Mon Sep 02, 2024 4:14 pm
Forum: General
Topic: Simple failover on dhcp server
Replies: 19
Views: 1067

Re: Simple failover on dhcp server

The / only means "start from root", if you prefer without it it is a "relative path", with it it is an "absolute path": The good thing about RoS (and not only) scripting is that everyone can (within limits) write anything the way he/she likes :) (including overcomplicat...
by jaclaz
Mon Sep 02, 2024 2:07 pm
Forum: General
Topic: Simple failover on dhcp server
Replies: 19
Views: 1067

Re: Simple failover on dhcp server

As said it would IMHO be advisable to add a /32 route for the destination and leave the general 0.0.0.0/0 gateway alone. The gateway set in your lggh devices is only used for (say) NTP or something else, unless you expect days long interruptions of the lte, the 2 wireless devices can live without in...
by jaclaz
Mon Sep 02, 2024 1:01 pm
Forum: General
Topic: Simple failover on dhcp server
Replies: 19
Views: 1067

Re: Simple failover on dhcp server

Thanks for all for the possible solution, i have another question, the ping or the netwatch functions use the system gateway for the instradation, i think that i have to set first it in the script otherwise i have a infinite loop, is correct? Sorry, I don't understand the question, can you try expa...
by jaclaz
Mon Sep 02, 2024 11:04 am
Forum: Wireless Networking
Topic: Wireless interference between devices in close vicinity
Replies: 17
Views: 991

Re: Wireless interference between devices in close vicinity

Wouldn't some tin foil between the two devices (RF shielding) have the same effect of having the devices a few meters apart?
It costs nothing to test, and if it works one could experiment with a very fine metal mesh (mosquito mesh) that could be simply glued/fixed to one side of the hAP Lite.
by jaclaz
Mon Sep 02, 2024 10:43 am
Forum: General
Topic: DHCP and vendor-class-d
Replies: 1
Views: 272

Re: DHCP and vendor-class-d

It is now a Generic matcher:
https://help.mikrotik.com/docs/display/ ... ricmatcher

And if you want to live dangerously, the new 7.16beta3 has an added option, substring matching, see also:
viewtopic.php?t=191884
by jaclaz
Mon Sep 02, 2024 10:29 am
Forum: Announcements
Topic: 📣 WinBox 4 is here 📣
Replies: 902
Views: 152790

Re: 📣 WinBox 4 is here 📣

That's a very interesting comment. As far as we know, most people use Webfig. And Linux/macOS users very much try to avoid Wine at all costs. So thank you, this brings more varied opinions in to the mix. As a side note, and if I may, the idea of optionally removing webfig from the low storage devic...
by jaclaz
Sun Sep 01, 2024 11:14 pm
Forum: General
Topic: Neighbor inconsistency
Replies: 6
Views: 514

Re: Neighbor inconsistency

I don't really know, but there must be something else, you just proved that VLAN devices are at the same time Dynamic and NON-Dynamic, which doesn't sound right.

Schroedinger's VLAN devices? :shock:
by jaclaz
Sun Sep 01, 2024 8:04 pm
Forum: Wireless Networking
Topic: Chateau 5G and Eero Pro
Replies: 4
Views: 402

Re: Chateau 5G and Eero Pro

Yep, the names are confusing (generally) and to add to it every make/brand use some, slightly or greatly, different naming for the same thing. I have no idea how the eero thingies work, but probably you don't need to do anything on the Mikrotik to have it working, at least from what I can understand...
by jaclaz
Sun Sep 01, 2024 3:20 pm
Forum: General
Topic: Forward WAN port to another subnet/router LAN [SOLVED]
Replies: 10
Views: 3361

Re: Forward WAN port to another subnet/router LAN [SOLVED]

YMMV, therefore I'm not going to write exact rules here. You have discovered a truly marvelous proof of this, which this margin is too narrow to contain? :wink: :lol: Seriously, if you can, do post the configuration that actually solved the problem, even if mileage of other members may vary, at lea...
by jaclaz
Sun Sep 01, 2024 3:14 pm
Forum: Wireless Networking
Topic: Chateau 5G and Eero Pro
Replies: 4
Views: 402

Re: Chateau 5G and Eero Pro

I don't want to seem unfriendly or rude, but the proper answer to your question would be: Yes. http://jdebp.info/FGA/questions-with-yes-or-no-answers.html Please describe your overall network setup, then follow the instructions here: https://forum.mikrotik.com/viewtopic.php?t=203686#p1051720 and pos...
by jaclaz
Sun Sep 01, 2024 2:42 pm
Forum: Wireless Networking
Topic: RB911G-5HPnD (2 x ant, WIFI4) VS. hAP ac lite (1 x ant, WIFI5)
Replies: 7
Views: 547

Re: RB911G-5HPnD (2 x ant, WIFI4) VS. hAP ac lite (1 x ant, WIFI5)

The hap AC lite is $59 (official list price). The Ax lite at the same price is a steal, but it has only 2.4 GHz radio, if only 2.4 GHz is ok, no doubt, go for it. The hap AC costs more than the Ax2, $129. The issues with the hap AC (lite or not) are the architecture (MIPSBE) and the (too) little amo...
by jaclaz
Sun Sep 01, 2024 2:16 pm
Forum: General
Topic: Help please, router working only as a bridge.
Replies: 11
Views: 763

Re: Help please, router working only as a bridge.

Let's list the usual settings when the device is set as a router, the ether1 is "self-standing" (not part of a bridge) has a DHCP client active (it gets its IP address from the ISP router to which is connected) a DHCP server is running on the bridge (to which all othe rinterfaces are added...
by jaclaz
Sun Sep 01, 2024 12:33 pm
Forum: Beginner Basics
Topic: Understanding PTP Bridge operation
Replies: 8
Views: 728

Re: Understanding PTP Bridge operation

Yep, but in the context of Quickset choices, I think (from the already linked threads) that Quickset in "PTP bridge AP" will set mode=bridge anyway, i.e. the "PTP" in the description prevails and sets to have only one single connection, regardless of the license level, maybe one ...
by jaclaz
Sun Sep 01, 2024 2:48 am
Forum: General
Topic: Neighbor inconsistency
Replies: 6
Views: 514

Re: Neighbor inconsistency

by jaclaz
Sat Aug 31, 2024 8:48 pm
Forum: General
Topic: executing script from winbox failed, please check it manually
Replies: 12
Views: 1678

Re: executing script from winbox failed, please check it manually

Well, there is some difference between: An error has occurred and something *like*: script "mynicescript" running on device with MAC 00:ww:xx:yy:zz caused a "device not responding" error on line 42 These pieces of info: 1) name of the script 2) on which device it is running 3) th...
by jaclaz
Sat Aug 31, 2024 8:29 pm
Forum: Wireless Networking
Topic: Access Mikrotik LAN devices: MAC access OK IP access Noy
Replies: 9
Views: 783

Re: Access Mikrotik LAN devices: MAC access OK IP access Noy

The "Typical_AP.rsc" is the configuration for a CRS326-24G-2S+ :shock: (which I doubt is a typical AP :wink:)
by jaclaz
Sat Aug 31, 2024 6:23 pm
Forum: Useful user articles
Topic: Checking if an IP is free, without having an IP address [MS Windows]
Replies: 2
Views: 2087

Re: Checking if an IP is free, without having an IP address [MS Windows]

@rextended Let's assume that by pure chance there is not any Mikrotik device in the customer's network. Doing an IP-scan from windows is a perfectly legit operation, but IMHO the original post over-complicates it a bit. A window computer set to get IP address from DHCP should already get an APIPA ad...
by jaclaz
Sat Aug 31, 2024 3:02 pm
Forum: General
Topic: Simple failover on dhcp server
Replies: 19
Views: 1067

Re: Simple failover on dhcp server

A "normal"/common Netwatch script would do. Usually: The on-down script/commands would change the route to the alternate one The on-up script/commands would restore the previous route. In your case, instead of changing/enabling/disabling routes, you would change the gateway in the dhcp ser...
by jaclaz
Sat Aug 31, 2024 2:29 pm
Forum: Wireless Networking
Topic: Upgraded brand new nRAY 60G master and lost all signs of W60G radio
Replies: 7
Views: 1635

Re: Upgraded brand new nRAY 60G master and lost all signs of W60G radio

To be fair the fact that a given (wrong) practice has been in effect in v6 doesn't justify in any way insisting on it in v7. In other fields, when *something* results in a given number of (minor) accidents or a single serious one, that *something* is usually changed (hopefully for the better). The f...
by jaclaz
Sat Aug 31, 2024 2:09 pm
Forum: Wireless Networking
Topic: Ether: bridge port receiving packet with its own MAC address
Replies: 17
Views: 1273

Re: Ether: bridge port receiving packet with its own MAC address

I guess that what erlinden asked for as "logging" was meant as:
/log print
and copy and paste a few related lines of the log around the "probably loop" error you posted.
by jaclaz
Sat Aug 31, 2024 1:04 pm
Forum: General
Topic: Simple failover on dhcp server
Replies: 19
Views: 1067

Re: Simple failover on dhcp server

I think that with some clever scripting it is possible to change the gateway provided by the two DHCP servers, but the change in the two MIkrotiks DHCP settings will not be actually propagated until next DHCP request/negoitiation/lease. So, when the LTE goes down: 1) all clients in both buildings wi...
by jaclaz
Sat Aug 31, 2024 12:06 pm
Forum: Beginner Basics
Topic: Understanding PTP Bridge operation
Replies: 8
Views: 728

Re: Understanding PTP Bridge operation

To be fair, the default (from factory) configurations of a paired couple is pretty much straightforward, and similar to the "standard" (as quickest would make them) ones, the only (relative) complication is the bonding together of the two 60 and 5 GHz radios. But the bonding is needed to a...
by jaclaz
Sat Aug 31, 2024 11:42 am
Forum: General
Topic: rb4011 - flapping port
Replies: 5
Views: 547

Re: rb4011 - flapping port

Since the replacement with a similar device didn't change result (I doubt that two devices can be defective in exactly the same manner), it is actually possible the the RB750GR3 "filters" some activity on the network that ultimately causes the flapping issue. I would exclude that a commonT...
by jaclaz
Fri Aug 30, 2024 2:20 pm
Forum: General
Topic: Can't get UPnP to work in RouterOS 7.14.1 (Worked in RouterOS 6.x)
Replies: 15
Views: 1327

Re: Can't get UPnP to work in RouterOS 7.14.1 (Worked in RouterOS 6.x)

Good :) , so you can temporarily go for 7.12. But did the new batch come with already 7.14.1? If yes it must be new-new, 7.14.1 came out at the end of march 2024 . Unless you cannot manage to use 7.12 - since it is in production - I would wait for a non-beta version with the feature fixed before upg...
by jaclaz
Fri Aug 30, 2024 12:19 pm
Forum: General
Topic: rb4011 - flapping port
Replies: 5
Views: 547

Re: rb4011 - flapping port

So you think the switch is damaged? It was connected to eth5 for months without any problem. That or *something else* on the network that the unmanaged switch allows through but the 750GR3 intercepts/blocks, hard to say. How many ports has the TP-LINK switch? Try changing them around, it is entirel...
by jaclaz
Fri Aug 30, 2024 12:07 pm
Forum: General
Topic: Simple failover on dhcp server
Replies: 19
Views: 1067

Re: Simple failover on dhcp server

Yes, but I still miss something :? . In a normal situation (both ADSL and LTE up) is : 1) both buildings A and B access internet via LTE and ADSL is only a backup or 2) building A goes through ADSL and building B goes through LTE Or - in other words - does only building B need to switch from LTE to ...
by jaclaz
Fri Aug 30, 2024 11:22 am
Forum: General
Topic: Wifi Interface with no channel
Replies: 6
Views: 404

Re: Wifi Interface with no channel

I tried to manually install loaded missing ARM package but it doesn't install anything.
Isn't it MIPSBE? (not ARM):
https://mikrotik.com/product/RBwAPG-5HacT2HnD
by jaclaz
Fri Aug 30, 2024 11:18 am
Forum: Beginner Basics
Topic: Understanding PTP Bridge operation
Replies: 8
Views: 728

Re: Understanding PTP Bridge operation

We have here, as a reference, the normal cube Pro pairs complete setup (from factory): https://forum.mikrotik.com/viewtopic.php?t=205042#p1059476 One end is mode=bridge and the other is mode=station-bridge, then there is the bonding between the 60 and the 5 GHz interface. And yes, the Quickset does ...
by jaclaz
Fri Aug 30, 2024 10:50 am
Forum: General
Topic: Simple failover on dhcp server
Replies: 19
Views: 1067

Re: Simple failover on dhcp server

I am not sure to understand your setup/what you want to obtain. Normally (with both internet connections working) clients in building A go through internet access A and clients in building B go through internet access B (lte)? And when the lte connection is down you want cliients in building B to sw...
by jaclaz
Thu Aug 29, 2024 9:06 pm
Forum: General
Topic: Guidance on Internal Fiber [SOLVED]
Replies: 9
Views: 1022

Re: Guidance on Internal Fiber [SOLVED]

Possibly simpler is to highlight the modes to better understand the basic incompatibilty: What I purchased for the SFP connector is described as: "1.25G 850nm Multi mode SFP LC Transceiver Fiber Module 550 Meters 1000Base-SX LC MMF for Cisco GLC-SX-MMD/SX-MM/SFP-GE-S,Fortinet,Ubiquiti UniFi UF-...
by jaclaz
Thu Aug 29, 2024 6:50 pm
Forum: Beginner Basics
Topic: Default SOHO Firewall Rules
Replies: 10
Views: 712

Re: Default SOHO Firewall Rules

Only as a side note: The default rules that come with Mikrotik SOHO devices have two features that your ones miss: 1) they are marked in comment as "defconf" which is useful when/if you want to change some of them 2) they have a comment summing up what the rule does As well, the generic ad...
by jaclaz
Thu Aug 29, 2024 6:34 pm
Forum: Beginner Basics
Topic: LAN to LAN basics
Replies: 21
Views: 2047

Re: LAN to LAN basics

You'll have to go through this thread (which is the officially unofficial Mikrotik guide for VLAN by Pcunite):
viewtopic.php?t=143620
by jaclaz
Thu Aug 29, 2024 3:20 pm
Forum: RouterBOARD hardware
Topic: hAP ax lite LTE6 and powersupply
Replies: 3
Views: 344

Re: hAP ax lite LTE6 and powersupply

Thanks for taking your time and explaining it. As far as I can tell by the images. The 5.1k ohm is pulldown resisors, right? It looks like you soldered them to ground. If so, I have something to do tonight. :) No, I didn't solder them (user gwynbleidd reported doing that). Yes, they are pull down r...
by jaclaz
Thu Aug 29, 2024 3:13 pm
Forum: General
Topic: LTE Backup Connection, configuration and setup
Replies: 14
Views: 1154

Re: LTE Backup Connection, configuration and setup

i have fixed the dhcp-client config, changing masquarade to out ether1 makes it no longer work But if you have ether1 in a bridge, likely you have to add the masquerade to the bridge and not to ether1 (which is slave)? Or it means that you need interface-list=LAN because this way you are masqueradi...
by jaclaz
Thu Aug 29, 2024 12:02 pm
Forum: RouterBOARD hardware
Topic: hAP ax lite LTE6 and powersupply
Replies: 3
Views: 344

Re: hAP ax lite LTE6 and powersupply

It is a known issue. The Ax lite (LTE6 or not) uses a USB-C connector AND 5V BUT it is not a USB-C compliant device. It does NOT negotiate with a USB-C power supply the voltage (which is OK, as it needs 5V) nor the amperage (there is a special provision in USB-C specs to allow 3A on 5V passively, ot...
by jaclaz
Thu Aug 29, 2024 11:20 am
Forum: General
Topic: LTE Backup Connection, configuration and setup
Replies: 14
Views: 1154

Re: LTE Backup Connection, configuration and setup

Personally I believe that once something is working, the more "narrow" you can make the related rules/settings, the better, so, yes, I would check if the setup works with the masquerade rule attached to the single port you are interested to as opposed to an interface list. i,e, try; add ac...
by jaclaz
Thu Aug 29, 2024 12:45 am
Forum: General
Topic: CapXL simple VLAN tagging [SOLVED]
Replies: 15
Views: 872

Re: CapXL simple VLAN tagging [SOLVED]

In this guide topic here:
viewtopic.php?t=143620
by jaclaz
Wed Aug 28, 2024 11:14 pm
Forum: General
Topic: LTE Backup Connection, configuration and setup
Replies: 14
Views: 1154

Re: LTE Backup Connection, which hardware would be best?

By default ether1 is WAN on most Mikrotik devices, it is possible that you did not change its categorization to LAN? If this is the case, likely you have some firewall rules that block the connection. Follow the instructions in this post: https://forum.mikrotik.com/viewtopic.php?t=203686#p1051720 an...
by jaclaz
Wed Aug 28, 2024 1:39 pm
Forum: Forwarding Protocols
Topic: VPLS not coming up after router reboot
Replies: 4
Views: 355

Re: VPLS not coming up after router reboot

You will need to use one of these methods: https://forum.mikrotik.com/viewtopic.php?t=185514 https://forum.mikrotik.com/viewtopic.php?t=185514#p929556 The script in itself (or the command added to the scheduler script) should amount to: delay 10s /interface vpls disable [find] delay 5s /interface vp...
by jaclaz
Wed Aug 28, 2024 12:00 pm
Forum: Forwarding Protocols
Topic: VPLS not coming up after router reboot
Replies: 4
Views: 355

Re: VPLS not coming up after router reboot

It sounds like a timing issue when rebooting.
The fact that it happens only some times (and possibly only on some routers) makes it difficult to avoid completely.
Probably the workaround would be a script set to run (say) after 3 minutes after boot that disables and re-enables the VPLS interface.
by jaclaz
Wed Aug 28, 2024 11:52 am
Forum: General
Topic: (2) Different RB5009.. Different Max entries for conn tracking
Replies: 2
Views: 377

Re: (2) Different RB5009.. Different Max entries for conn tracking

If the routers work as they should I would leave them alone. You are using 297 out of 970752 on the one and 113 out of 1015808 on the other. The max-entries depend on the amount of free RAM on the specific machine, it is calculated automatically and it is a read-only property: https://help.mikrotik....
by jaclaz
Wed Aug 28, 2024 11:37 am
Forum: General
Topic: Dynamic DNS [SOLVED]
Replies: 12
Views: 728

Re: Dynamic DNS [SOLVED]

See:
viewtopic.php?t=193667#p984874

Any Dynamic DNS may fail, anyway, and past performance may not necessarily be an accurate forecast of the future reliability.

Decisions, decisions, always decisions ...
by jaclaz
Tue Aug 27, 2024 11:10 pm
Forum: Beginner Basics
Topic: Wireless wire Cube Pro - RouterOS upgrade cleared pre-configuration
Replies: 2
Views: 384

Re: Wireless wire Cube Pro - RouterOS upgrade cleared pre-configuration

About the log, open a new terrminal Windows in Winbox, in it input /log print This way you can select and copy. About the configuration, the upgrade should have not deleted It completely, maybe when you ran It without the drivers something got corrupted. Follow the instructions here and post the con...
by jaclaz
Tue Aug 27, 2024 7:40 pm
Forum: General
Topic: using SXT LTE6 without sim card?
Replies: 2
Views: 369

Re: using SXT LTE6 without sim card?

Besides the convenience (or non convenience) of having your router up a pole outside :wink: , the SXT LTE6 is not a very fast device, so (it depends on the fiber connection you have) it may be a bottleneck. At what speed you have your fiber connection? If faster than 100 Mbps or so the SXT will be t...
by jaclaz
Tue Aug 27, 2024 6:12 pm
Forum: General
Topic: Dynamic DNS [SOLVED]
Replies: 12
Views: 728

Re: Dynamic DNS [SOLVED]

The Mikrotik DDNS service should be available to people using MIkrotik hardware or a CHR license, see this as an example:
https://foisfabio.it/index.php/2022/12/ ... -gratuito/
by jaclaz
Tue Aug 27, 2024 5:56 pm
Forum: Wireless Networking
Topic: Big Campus Networking help
Replies: 2
Views: 330

Re: Big Campus Networking help

No need for wifi in the basement? Or outside, in the courts or park? Anyway as access point, in Mikrotik catalog you can currently choose between the Cap Ax:and the Cap Ax: https://mikrotik.com/product/cap_ax Maybe and maybe soon, there will be a new device that may be suitable, the Wap Ax. In metri...
by jaclaz
Tue Aug 27, 2024 11:01 am
Forum: General
Topic: Configuring a new internet link on a V7.
Replies: 6
Views: 527

Re: Configuring a new internet link on a V7.

It's strange. You have a DAc (Dynamic, Active, connected) route (generated automatically by the router, hence with distance 0): DAc 100.64.0.0/10 ether8-StartLink 0 And seemingly no other ones interfering, so the destination 100.64.0.1 should be reachable. The one you added to the DHCP client with d...
by jaclaz
Tue Aug 27, 2024 2:48 am
Forum: Beginner Basics
Topic: Forwarding 1 interface to another
Replies: 6
Views: 847

Re: Forwarding 1 interface to another

Routing rules are usually "better", but mangle marks allow more granularity, so if you can obtain the expected result with routing rules, they should be preferred.
by jaclaz
Tue Aug 27, 2024 12:02 am
Forum: Beginner Basics
Topic: Create my first Mikrotik Network
Replies: 33
Views: 1911

Re: Create my first Mikrotik Network

I would not update to 7 yet.
It is not a bad idea, but the procedure is not exactly simple, and if I were you I would wait until you have become more familiar with the devices and their configuration/management.
by jaclaz
Mon Aug 26, 2024 11:52 pm
Forum: Wireless Networking
Topic: PtP wirless bridge with 2 x cAP AC (performance) [SOLVED]
Replies: 11
Views: 1070

Re: PtP wirless bridge with 2 x cAP AC (performance) [SOLVED]

60 GHz needs direct line of sight, no ifs, no buts.
If you have that, go for it, but if you have even a japanese style paper wall between the two devices 60 GHz won't work properly.
Devices like the Cube Pro have a backup at 5 GHz because fog or relatively heavy rain can break the 60 GHz connection.
by jaclaz
Mon Aug 26, 2024 11:34 pm
Forum: Wireless Networking
Topic: SA Query timeout
Replies: 86
Views: 21636

Re: SA Query timeout

I see now, so in the referenced post the new and old AP are to be intended as same AP but new and old bands.
by jaclaz
Mon Aug 26, 2024 9:12 pm
Forum: General
Topic: Configuring a new internet link on a V7.
Replies: 6
Views: 527

Re: Configuring a new internet link on a V7.

Having dst-address the same as the gateway add disabled=no distance=1 dst-address=100.64.0.1/32 gateway=100.64.0.1 \ pref-src="" routing-table=main scope=10 suppress-hw-offload=no \ target-scope=10 which is in route print: 2 As 100.64.0.1/32 100.64.0.1 1 doesn't look right to me :? , maybe...
by jaclaz
Mon Aug 26, 2024 7:58 pm
Forum: Beginner Basics
Topic: Chateau 5G ax - No internet.
Replies: 2
Views: 319

Re: Chateau 5G ax - No internet.

Very often the issue is with the APN. Make sure what the MEO APN should be, "internet" is probably a generic one. In some cases you need to explicitly set: use-network-apn=no https://help.mikrotik.com/docs/display/RKB/Chateau+LTE12+APN+problem https://forum.mikrotik.com/viewtopic.php?t=161...
by jaclaz
Mon Aug 26, 2024 7:52 pm
Forum: Wireless Networking
Topic: SA Query timeout
Replies: 86
Views: 21636

Re: SA Query timeout

Easy bet. It is already known this is the root of the issue. That's why people commonly tinker around with connect-priority.
I thought that was related to issues when roaming with two or more different AP's?
viewtopic.php?p=1093107#p1093107
by jaclaz
Mon Aug 26, 2024 7:32 pm
Forum: Wireless Networking
Topic: SA Query timeout
Replies: 86
Views: 21636

Re: SA Query timeout

Another observation. Normally, the SSID for 2.4GHz and 5GHz are identical. However, for this test, I added "5G" on the end of the SSID so I could force it onto one band or another. When the SSIDs are different, the SA Query timeout errors never occur. Even though the RX signal is poor, it...
by jaclaz
Mon Aug 26, 2024 7:21 pm
Forum: General
Topic: Wi‑Fi 7 / 802.11be
Replies: 64
Views: 21320

Re: Wi‑Fi 7 / 802.11be

And don't hold your breathe while waiting for a new product to appear, it may take longer than you can live without breathing
Corollary:
Do you think that's air you're breathing now? /size] :shock: :lol:
by jaclaz
Mon Aug 26, 2024 7:00 pm
Forum: Wireless Networking
Topic: Wireless AC & AX - CAPsMAN - FT with connect-priority
Replies: 20
Views: 1545

Re: Wireless AC & AX - CAPsMAN - FT with connect-priority

Sorry, but ROSE is clearly not enterprise feature ...
https://help.mikrotik.com/docs/display/ROS/ROSE-storage
ROSE (RouterOS Enterprise) package adds
... and the 2024 award for the most inaccurate package name goes to ... :lol:
by jaclaz
Mon Aug 26, 2024 6:52 pm
Forum: Wireless Networking
Topic: SA Query timeout
Replies: 86
Views: 21636

Re: SA Query timeout

I wonder why the Ax2 is always represented as standing ... :? AFAIK it needs to be standing because of better heat dissipation, but it is possible that the internal antennas are designed to work with the device standing and having it flat on the table reduces their efficiency (or you have a lot of s...
by jaclaz
Mon Aug 26, 2024 6:28 pm
Forum: RouterBOARD hardware
Topic: Default password Frustration
Replies: 101
Views: 11014

Re: Default password Frustration

... unless you first set a secure password (meaning requiring sensible password complexity ...
JFYI:
https://neal.fun/password-game/
by jaclaz
Mon Aug 26, 2024 6:20 pm
Forum: Wireless Networking
Topic: Mikrotik or others on AX wifi access point
Replies: 160
Views: 7583

Re: Mikrotik or others on AX wifi access point

Also made sure the antennas were tightly screwed to the board and aiming at 45 degrees like this. You have strange degrees where you live. :lol: Here the angles in the photo would be between 60 and 72. (they would fit either an hexagon or a pentagon placed on top of your Ax3) https://t4.ftcdn.net/j...
by jaclaz
Mon Aug 26, 2024 6:14 pm
Forum: General
Topic: Configuring a new internet link on a V7.
Replies: 6
Views: 527

Re: Configuring a new internet link on a V7.

Well., post your current configuration:
viewtopic.php?t=203686#p1051720
and describe what you want to achieve.
Post also an output of:
/ip route print
by jaclaz
Mon Aug 26, 2024 6:03 pm
Forum: Beginner Basics
Topic: Create my first Mikrotik Network
Replies: 33
Views: 1911

Re: Create my first Mikrotik Network

When you make a cake, decoration is the last thing. :wink: Postpone access lists to later, once you will have the basics working. The Capsman is running, on the AC2, right? Have you followed the tutorial on the Wiki? https://wiki.mikrotik.com/wiki/Manual:Simple_CAPsMAN_setup Alternatively, did you r...
by jaclaz
Mon Aug 26, 2024 3:19 pm
Forum: RouterBOARD hardware
Topic: Default password Frustration
Replies: 101
Views: 11014

Re: Default password Frustration

Sorry I did not understand the comment directed at me. Can you clarify the point you are making? Unfortunately MikroTik is popular with two very very different groups. Home users that plug and play (or mobile operator that just gives them a router). and professional installers. We have to make both...
by jaclaz
Mon Aug 26, 2024 11:42 am
Forum: RouterBOARD hardware
Topic: Default password Frustration
Replies: 101
Views: 11014

Re: Default password Frustration

It is not like I cited the CRA (which is not yet in effect) casually. Annex 1, Article 1, paragraph 3 (a) is exactly about this: (a) be delivered with a secure by default configuration, including the possibility to reset the product to its original state; This is what MIkrotik is IMHO already doing....
by jaclaz
Sun Aug 25, 2024 11:43 pm
Forum: Wireless Networking
Topic: cAP ax strength & range questions
Replies: 5
Views: 558

Re: cAP ax strength & range questions

Just in case here is my personal translation table: https://forum.mikrotik.com/viewtopic.php?t=208346#p1080389 And I concur that the issues are unlikely to be connected to hardware (it is not like Mikrotik has own proprietary chips or circuits) and AFAICU now they are using not anymore their proprie...
by jaclaz
Sun Aug 25, 2024 9:10 pm
Forum: General
Topic: Mikrotik DDNS just doesn't work
Replies: 3
Views: 422

Re: Mikrotik DDNS just doesn't work

Hmmm, Normis seemingly stated the opposite:
viewtopic.php?p=1090870
Maybe there is confusion in the terms used?
by jaclaz
Sun Aug 25, 2024 7:39 pm
Forum: RouterBOARD hardware
Topic: Default password Frustration
Replies: 101
Views: 11014

Re: Default password Frustration

Do you know the scene from Spaceballs movie?
Yep.
We're at now now. :lol:
... as a non native speaker ...
... which makes a nice round two of us. :wink:
by jaclaz
Sun Aug 25, 2024 4:45 pm
Forum: RouterBOARD hardware
Topic: Default password Frustration
Replies: 101
Views: 11014

Re: Default password Frustration

To be fair: you said "now" like it is something new.
Well, I wrote now meaning now, as in now, would already have been better? :?
Or should I have gone all the way to adding "since the dawn of times" or "AFAICR"? :wink:
by jaclaz
Sun Aug 25, 2024 3:56 pm
Forum: RouterBOARD hardware
Topic: Default password Frustration
Replies: 101
Views: 11014

Re: Default password Frustration

I don't know where you live, but I never ever received a credit/bank card shipped with PIN code in same envelope ever in my whole life. Exactly, as I said, the PIN cannot be shipped in the same envelope as the card, to avoid the possibility that if the card is stolen "in transit" it can b...
by jaclaz
Sun Aug 25, 2024 3:27 pm
Forum: RouterBOARD hardware
Topic: Default password Frustration
Replies: 101
Views: 11014

Re: Default password Frustration

If you check the Annex I, article 1, paragraph 3 of the mentioned CRA it can be read (in a restrictive way) to the effect that shipping a router with a password is not a sufficient measure to prevent unauthorized access to it. :shock: Not unlike what happens now with credit/debit cards (the PIN cann...
by jaclaz
Sun Aug 25, 2024 2:04 pm
Forum: Wireless Networking
Topic: cAP ax strength & range questions
Replies: 5
Views: 558

Re: cAP ax strength & range questions

Welcome to the world of (Mikrotik) wi-fi mysteries. A cap Ax is designed to be mounted on a ceiling (though it is also possible to mount it vertically on a wall, though in this latter case it will likely perform worse). The board is full of reports about the cap Ax being either very good or a terrib...
by jaclaz
Sun Aug 25, 2024 12:51 pm
Forum: RouterBOARD hardware
Topic: Default password Frustration
Replies: 101
Views: 11014

Re: Default password Frustration

I haven't actually read the EU law regarding the passwords, but if every other vendor did it by forcing a password change, instead of random passwords per device, then I am inclined to believe that 'random passwords' wasn't a requirement by law. Possibly because it is not at all clear which specifi...
by jaclaz
Sat Aug 24, 2024 11:54 pm
Forum: General
Topic: best POE device for cameras
Replies: 3
Views: 361

Re: best POE device for cameras

Then I need to get the POE Power into the device. 4 cameras take 0.5 amps each. Seems like there are lots of POE power supplies available. What should I use for this? 0.5 amps? :shock: Maybe they use 0.5A@12V or 0.5A@24V. Most PoE cameras are nowadays 802.3af, which usually work @48V, and to be af ...
by jaclaz
Sat Aug 24, 2024 7:29 pm
Forum: Beginner Basics
Topic: hEX on Switch should manage access to printer [SOLVED]
Replies: 20
Views: 1620

Re: hEX on Switch should manage access to printer

Then the issue is related to VLAN settings. No idea about those, I can only observe that you are not using the exacts settings anav suggested (cannot say if those would make a difference). You have the routes as DAC, so you don't need to add them as static. Maybe you can go through this: https://for...
by jaclaz
Sat Aug 24, 2024 7:08 pm
Forum: Wireless Networking
Topic: Mikrotik or others on AX wifi access point
Replies: 160
Views: 7583

Re: Mikrotik or others on AX wifi access point

conditions are IMHO AND combined. ssid-regex+passphrase must match both. Dunno what's wrong with their logic. Maybe passphrase is not a filtering parameter. So the only remaining filter param is ssid-regexp and first rule wins. Yes, passphrase is not listed among the "filtering parameters"...
by jaclaz
Sat Aug 24, 2024 6:05 pm
Forum: Beginner Basics
Topic: hEX on Switch should manage access to printer [SOLVED]
Replies: 20
Views: 1620

Re: hEX on Switch should manage access to printer

By posting only partial configuration you are making much more difficult to follow your settings. Please post the whole configuration. This: /ip firewall address-list add address=10.0.0.10 list=ZugriffAufDrucker /ip firewall filter add action=accept chain=forward dst-address=10.0.101.250 src-address...
by jaclaz
Sat Aug 24, 2024 5:49 pm
Forum: Beginner Basics
Topic: Forwarding 1 interface to another
Replies: 6
Views: 847

Re: Forwarding 1 interface to another

After I tried this solution, the router became a brick. No internet, no vpn, on access to the router via 192.168.88.1 ip address. It is improbable, those settings are only related to outbound traffic and wi-fi, it is more likely that *something else* caused the issue. Anyway, you should be able to ...
by jaclaz
Sat Aug 24, 2024 4:59 pm
Forum: Wireless Networking
Topic: Mikrotik or others on AX wifi access point
Replies: 160
Views: 7583

Re: Mikrotik or others on AX wifi access point

"The rules are checked in the order they appear in the list. Only management actions specified in the first matching rule are applied to each connection." Maybe the relevant statement is a few lines after that: Just make sure that the specific client doesn't get matched by a more generic ...
by jaclaz
Sat Aug 24, 2024 4:30 pm
Forum: RouterBOARD hardware
Topic: Load balancer on a RB5009UPr+S+ for 3 connected devices
Replies: 7
Views: 1341

Re: Load balancer on a RB5009UPr+S+ for 3 connected devices

Well, whatever/whomever produced the snippet you posted did not understand the question, let alone provide a meaningful answer. (actually it is wrong even as an answer to another question). Once removed the abstraction level of the variables, it amounts to fiddling with IP addresses of a local port,...
by jaclaz
Sat Aug 24, 2024 3:03 pm
Forum: Useful user articles
Topic: There is no indication when connecting the router to the computer
Replies: 14
Views: 1942

Re: There is no indication when connecting the router to the computer

I connect the patch cord to the laptop connector. If you don't have *anything* plugged into a wall socket, then you have no power. Your device is a cap Ac, it is - at least by name - an Access Point, not a Router, hence the initial perplexity. It can only be powered via PoE: https://mikrotik.com/pr...
by jaclaz
Sat Aug 24, 2024 2:20 pm
Forum: Useful user articles
Topic: There is no indication when connecting the router to the computer
Replies: 14
Views: 1942

Re: There is no indication when connecting the router to the computer

Let's start form the basics. 1) Which exact device model is it? 2)How are you powering it? From what you write it seems like the device has not power at all. The device needs power, they normally have a DC jack socket, a few can be powered from PoE (Power over Ethernet), but of course in this case y...
by jaclaz
Sat Aug 24, 2024 11:59 am
Forum: RouterBOARD hardware
Topic: Default password Frustration
Replies: 101
Views: 11014

Re: Default password Frustration

Yep. :) this remains valid anyway:
Always drive defensively. Expect the unexpected.
by jaclaz
Sat Aug 24, 2024 11:56 am
Forum: Beginner Basics
Topic: Create my first Mikrotik Network
Replies: 33
Views: 1911

Re: Create my first Mikrotik Network

@Njumaen AFAIK size of packets is unrelated. The opinion on the forum is that the data from tests Mikrotik publishes are largely inaccurate in the sense that they represent some peculiar lab/test conditions. What has been observed is that coincidentally the value for routing, 25 firewall rules, 512 ...
by jaclaz
Sat Aug 24, 2024 11:43 am
Forum: RouterBOARD hardware
Topic: Default password Frustration
Replies: 101
Views: 11014

Re: Default password Frustration

After all, most exploits are done over network without physical access to device being compromised. Yes, and - again - the insecurity is mainly the fact that *somehow* there is access to the device files from the outside, the Meris that has been cited was a bug that allowed to download the database...
by jaclaz
Fri Aug 23, 2024 8:20 pm
Forum: Beginner Basics
Topic: my clients receive router IP as DNS
Replies: 7
Views: 825

Re: my clients receive router IP as DNS

I asked if it is good solution to have DNS server on the MikroTik router or it is better that any client receive the ISP dns. Well, initially you only provided statements, only later you asked the questions, which however, without context, can only be answered as "it depends". The DNS ser...
by jaclaz
Fri Aug 23, 2024 6:11 pm
Forum: Beginner Basics
Topic: Create my first Mikrotik Network
Replies: 33
Views: 1911

Re: Create my first Mikrotik Network

Still the RB3011 can route in theory at 452.6 Mbps 512 byte packets with 25 firewall rules https://mikrotik.com/product/RB3011UiAS-RM#fndtn-testresults as opposed to 986.3 Mbps of the hap ac2 https://mikrotik.com/product/hap_ac2#fndtn-testresults If OP's WAN is already at 500 mbps, the RB3011 is cur...
by jaclaz
Fri Aug 23, 2024 5:29 pm
Forum: RouterBOARD hardware
Topic: Load balancer on a RB5009UPr+S+ for 3 connected devices
Replies: 7
Views: 1341

Re: Load balancer on a RB5009UPr+S+ for 3 connected devices

If I get this right, you are looking for some sort of failover (more than load balancing) among three target IP's?

You only connect to 1 IP (IP#1) and you expect the Mikrotik to forward/route your connection to any of three other IP's (IP#2, IP#3, IP#4) depending on the availability?
by jaclaz
Fri Aug 23, 2024 4:52 pm
Forum: Beginner Basics
Topic: Understanding/configuration problem switching/routing/NAT
Replies: 10
Views: 1203

Re: Understanding/configuration problem switching/routing/NAT

I don't understand your setup. You first add an interface to a bridge (with only one port?) and then you add an IP address to the interface (and not to the bridge). Try removing the IP address from the ether2 and add it to the bridge: /ip address add address=192.168.14.250/24 interface=bridge1 Then ...
by jaclaz
Fri Aug 23, 2024 4:29 pm
Forum: 3rd party tools
Topic: RouterFleet - Centralized backup and management (OpenSource)
Replies: 3
Views: 2666

Re: RouterFleet - Centralized backup and management (OpenSource)

It's free?
From the project page:
License

RouterFleet is released under the MIT License. Feel free to explore, modify, and distribute the software as per the license agreement.
https://github.com/eduardogsilva/router ... in/LICENSE
by jaclaz
Fri Aug 23, 2024 2:44 pm
Forum: Scripting
Topic: variables in string
Replies: 20
Views: 941

Re: variables in string

by jaclaz
Fri Aug 23, 2024 2:32 pm
Forum: Beginner Basics
Topic: New to Mikrotik
Replies: 19
Views: 1280

Re: New to Mikrotik

This doesn't happen with a Zyxcel 12v 4a adapter. Yep. Your device specs: DC jack input Voltage 12-28 V Max power consumption 23 W Max power consumption without attachments 17 W would require no less than 17/12=1.42A@12V or 17/24=0.71A@24V or - better - 23/12=1.92A@12V or 23/24=0.96A@24V Still, if ...
by jaclaz
Fri Aug 23, 2024 2:00 pm
Forum: Beginner Basics
Topic: my clients receive router IP as DNS
Replies: 7
Views: 825

Re: my clients receive router IP as DNS

gianry, you evidently have not noticed that the previous replies contain (some) sarcasm. You did not provide a configuration, only a (non-understandable) snippet/screenshot and a very partial description of the settings you used. If you want some sensible replies you should post your configuration: ...
by jaclaz
Thu Aug 22, 2024 8:21 pm
Forum: Beginner Basics
Topic: unable to get internet connection
Replies: 14
Views: 829

Re: unable to get internet connection

However it is working now!!! Good. :) Can someone explain the difference between my initial config and this? Your connection/route to 10.0.0.1/32 became ADC, the A is active (as before) but it is not anymore static, it is DC (Dynamic and Connected) and has a distance of 0 which means that the route...
by jaclaz
Thu Aug 22, 2024 11:16 am
Forum: Beginner Basics
Topic: unable to get internet connection
Replies: 14
Views: 829

Re: unable to get internet connection

Why is that route distance 2?
It should not matter since you have no other routes for 0.0.0.0/0, still it should normally have distance 1.
You should probably specify out-interface=ether1 in your /ip firewall nat masquerade rule. but that is also - I believe - not relevant.
by jaclaz
Thu Aug 22, 2024 10:49 am
Forum: General
Topic: Fetch returns "failure: Unexpected payload received"
Replies: 14
Views: 748

Re: Fetch returns "failure: Unexpected payload received"

So that Shelly uses digest and fetch supports it directly, good to know.

It remains strange that curl with -anyauth didn't work/didn't provide this info, but all is well that ends well :).
by jaclaz
Wed Aug 21, 2024 7:25 pm
Forum: General
Topic: Identifying mysterious script
Replies: 3
Views: 611

Re: Identifying mysterious script

Should be related to the built-in ssh server:
https://help.mikrotik.com/docs/display/ROS/SSH
try disabling ssh in services:
https://help.mikrotik.com/docs/display/ROS/Services
by jaclaz
Wed Aug 21, 2024 7:16 pm
Forum: Beginner Basics
Topic: unable to get internet connection
Replies: 14
Views: 829

Re: unable to get internet connection

Post again the /ip route print output.

Maybe you can ask the VPS server provider if they have a known to be working Mikrotik setup.

The only other thing I can think of is adding a 10.0.0.x IP address to ether1. :-?

Let's wait if some of the more experienced members have a solution.
by jaclaz
Wed Aug 21, 2024 7:00 pm
Forum: General
Topic: Fetch returns "failure: Unexpected payload received"
Replies: 14
Views: 748

Re: Fetch returns "failure: Unexpected payload received"

Try with the -v (verbose) switch, possibly there will be more details. Checking the capture of the browser, it mentions "algorithm=SHA-256," the Shelly1 and 1plus, from what I read should be using basic auth, later devices do actually use a different method of authentication: https://shell...
by jaclaz
Wed Aug 21, 2024 5:27 pm
Forum: Beginner Basics
Topic: unable to get internet connection
Replies: 14
Views: 829

Re: unable to get internet connection

Basically it means 10.0.0.1 on interface ether1, or 10.0.0.1 reachable through interface ether1. There are two "modifiers" for gateway addresses: https://wiki.mikrotik.com/wiki/Manual:IP/Route gateway (IP | interface | IP%interface | IP@table[, IP | string, [..]]; Default: "") Ar...
by jaclaz
Wed Aug 21, 2024 4:50 pm
Forum: General
Topic: Fetch returns "failure: Unexpected payload received"
Replies: 14
Views: 748

Re: Fetch returns "failure: Unexpected payload received"

In a Windows command prompt, curl does not work with the Shelly authentication enabled. It works fine with the Shelly authentication disabled. Post the exact CURL command you are using. No error provided when it fails? Under Windows, try running. curl -v -u "user" http://192.168.0.144/.. ...
by jaclaz
Wed Aug 21, 2024 4:34 pm
Forum: Beginner Basics
Topic: unable to get internet connection
Replies: 14
Views: 829

Re: unable to get internet connection

The "no route to host" is normal, as that route (#0 in the screenshot) is "S" but not "A".

No idea what the problem is, but - for what it costs - I would try a route with gateway=10.0.0.1%ether1
by jaclaz
Wed Aug 21, 2024 4:03 pm
Forum: Beginner Basics
Topic: unable to get internet connection
Replies: 14
Views: 829

Re: unable to get internet connection

Post the output of:
/ip route print
by jaclaz
Wed Aug 21, 2024 3:50 pm
Forum: General
Topic: Fetch returns "failure: Unexpected payload received"
Replies: 14
Views: 748

Re: Fetch returns "failure: Unexpected payload received"

Try it on a PC (with curl installed/running), then - if it works - you need a script for "basic auth", see my previous edited post.
by jaclaz
Wed Aug 21, 2024 3:37 pm
Forum: General
Topic: Fetch returns "failure: Unexpected payload received"
Replies: 14
Views: 748

Re: Fetch returns "failure: Unexpected payload received"

The user:password actually works from a browser. Very likely because the browser itself manages to encrypt/encode/hash/whatever the username/password before sending it to the Shelly. https://reqbin.com/req/c-fkj7kdqi/curl-request-with-credentials Try with curl: curl http://192.168.0.144 --user &quo...
by jaclaz
Wed Aug 21, 2024 2:56 pm
Forum: Wireless Networking
Topic: Does size of antenna matter?
Replies: 64
Views: 3846

Re: Does size of antenna matter?

It seems like you say. https://www.intel.com/content/www/us/en/support/articles/000005714/wireless/legacy-intel-wireless-products.html All wireless products with 802.11n support MIMO. https://info.support.huawei.com/info-finder/encyclopedia/en/MIMO.html Mainstream home wireless routers in the market...
by jaclaz
Wed Aug 21, 2024 2:11 pm
Forum: Wireless Networking
Topic: Does size of antenna matter?
Replies: 64
Views: 3846

Re: Does size of antenna matter?

Those are the 2.4 GHz antennas, compare with the picture here:
viewtopic.php?p=1087853&hilit=antenna#p1087603
by jaclaz
Wed Aug 21, 2024 2:05 pm
Forum: Beginner Basics
Topic: New to Mikrotik
Replies: 19
Views: 1280

Re: New to Mikrotik

There may be some settings that need to be changed/tuned, but it shouldn't reboot by itself. The configuration you posted indicates: # managed by CAPsMAN that wifi settings are managed by capsman, but us this the case? (i.e. do you really have anothe Mikrotik device that is controlling this one?) Po...
by jaclaz
Wed Aug 21, 2024 2:12 am
Forum: Beginner Basics
Topic: New to Mikrotik
Replies: 19
Views: 1280

Re: New to Mikrotik

Wait a minute, the d53g is this one:
https://mikrotik.com/product/chateau_5g
it is an AC device, it should use the wifi-qcom-ac package, not the wifi-qcom, which is for AX devices.
It is confusing, but read carefully:

https://help.mikrotik.com/docs/display/ROS/Packages
by jaclaz
Wed Aug 21, 2024 1:59 am
Forum: RouterBOARD hardware
Topic: Default password Frustration
Replies: 101
Views: 11014

Re: Default password Frustration

The article says: While the vulnerability was patched after its detection back in 2018, it’s still being exploited in compromised devices that do not use the patched RouterOS versions, or that use the default usernames and passwords. The last part of the sentence is "captain obvious" speak...
by jaclaz
Wed Aug 21, 2024 12:46 am
Forum: RouterBOARD hardware
Topic: Default password Frustration
Replies: 101
Views: 11014

Re: Default password Frustration

But, if I recall correctly, the 250,000 of Meris were connected to a router os bug/vulnerability, not to 250,000 compromised passwords.
by jaclaz
Wed Aug 21, 2024 12:35 am
Forum: Beginner Basics
Topic: New to Mikrotik
Replies: 19
Views: 1280

Re: New to Mikrotik

This is strange.
A package like qcom should be installabile in any moment (i.e. also after the installation of the main routeros package).
Maybe you can try a new netinstall, making available both the routeros and qcom package.
by jaclaz
Tue Aug 20, 2024 11:41 pm
Forum: Beginner Basics
Topic: New to Mikrotik
Replies: 19
Views: 1280

Re: New to Mikrotik

But now, with the appropriate qcom package installed, the wifi is running, right?
by jaclaz
Tue Aug 20, 2024 9:07 pm
Forum: Beginner Basics
Topic: Chateau LTE18 ax - no wifi networks / missing default setup [SOLVED]
Replies: 3
Views: 495

Re: Chateau LTE18 ax - no wifi networks / missing default setup [SOLVED]

You probably got the wrong package, Mikrotik has a strange way to name them Ax=wifi-qcom https://help.mikrotik.com/docs/display/ROS/Packages wifi-qcom (arm, arm64) Mandatory driver package for 802.11ax interfaces. Introduced in 7.13. Wifi CAPsMAN support comes with the system package. Wireless is fo...
by jaclaz
Tue Aug 20, 2024 6:43 pm
Forum: RouterBOARD hardware
Topic: RB3011 no more POE on port eth10
Replies: 40
Views: 19371

Re: RB3011 no more POE on port eth10

The hex s should be very low power (6 W without attachments): https://mikrotik.com/product/hex_s which would be 0.25A@24V or less than half what the RB3011: https://mikrotik.com/product/RB3011UiAS-RM should be capable of providing (0.60A@24V). Which exact model is the WiFI AP that doesn't work? Is i...
by jaclaz
Tue Aug 20, 2024 6:25 pm
Forum: Beginner Basics
Topic: HEX Lite for Different Subnets [SOLVED]
Replies: 6
Views: 1069

Re: HEX Lite for Different Subnets [SOLVED]

So, you have the (dynamic) routes alright. It should work, unless there is something else in firewall (or somewhere else) blocking the connection. As mentioned in the linked to thread/post by mkx. You can try disabling (temporarily) all the firewall rules. But which devices are at IP's 192.168.0.30 ...
by jaclaz
Tue Aug 20, 2024 3:35 pm
Forum: Wireless Networking
Topic: Outdoor Ap: mounting height, model to choose
Replies: 8
Views: 599

Re: Outdoor Ap: mounting height, model to choose

"Having a look" does not mean "base design on" nor "here, Mikrotik, take my money and give me one of those". The OP has seemingly not the *need* to replace his currently working (even if not optimally) setup, and since that device does not exist (yet) and there isn't ev...
by jaclaz
Tue Aug 20, 2024 2:54 pm
Forum: RouterBOARD hardware
Topic: Default password Frustration
Replies: 101
Views: 11014

Re: Default password Frustration

But given the situation, as I am closer to 60 than 50, I am pulling my hair regarding these stickers that probably are designed by some 18 year old. No way I can read them without strong light and a magnifying glass. The good news :) are that at nearly 60 you still have hairs to pull. The bad news ...
by jaclaz
Tue Aug 20, 2024 2:40 pm
Forum: Wireless Networking
Topic: Outdoor Ap: mounting height, model to choose
Replies: 8
Views: 599

Re: Outdoor Ap: mounting height, model to choose

Don you think that HGO antenna's will help to focus the signal in the way I need with a proper orientation (probably the classic 45°)? That has to be seen. The HGO cannot be oriented, it is "straight". You will need a similar antenna, but with the possibility to be set at some angles, or ...
by jaclaz
Tue Aug 20, 2024 10:45 am
Forum: Beginner Basics
Topic: HEX Lite for Different Subnets [SOLVED]
Replies: 6
Views: 1069

Re: HEX Lite for Different Subnets [SOLVED]

Let's divide the thing in two: 1) succeed in pinging from one network to the other (and viceversa) 2) limit communications to between only two devices, one on each network Your scheme and description is about ether4 (192.168.0.x) and ether5 (192.168.10.x). The snippet of configuration you posted is ...
by jaclaz
Tue Aug 20, 2024 10:17 am
Forum: Beginner Basics
Topic: New to Mikrotik
Replies: 19
Views: 1280

Re: New to Mikrotik

Follow the instructions here:
viewtopic.php?t=203686#p1051720
and post your configuration.
by jaclaz
Mon Aug 19, 2024 9:11 pm
Forum: Beginner Basics
Topic: New to Mikrotik
Replies: 19
Views: 1280

Re: New to Mikrotik

There is a procedure (lights/flickering/timing/etc. may vary a little bit with models) detailed here: https://help.mikrotik.com/docs/display/ROS/Reset+Button Depending on the date the device was manufactured once the device is reset the credentials will be either: older devices: user:admin password:...
by jaclaz
Mon Aug 19, 2024 6:56 pm
Forum: Beginner Basics
Topic: New to Mikrotik
Replies: 19
Views: 1280

Re: New to Mikrotik

But am I correct in assuming that we should have connected the router to a laptop/pc with ethernet then enter the config page to enable WiFi? As you say, it is an assumption. Obviously how a device will behave depends on its configuration. In the case of a brand-new, still in the box, device, its b...
by jaclaz
Mon Aug 19, 2024 3:35 pm
Forum: General
Topic: mAP (RBmAP2nD) supports a PoE camera on 2nd eth?
Replies: 6
Views: 1729

Re: mAP (RBmAP2nD) supports a PoE camera on 2nd eth?

The answer is, yes it supports a PoE cameras on the eth2 but both PoE (router input and camera input) should be AT mode, AF mode is not supported. So be sure all 4 pairs of cable are connected Excuse me, can you clarify? 802.3at is a sort of superset of 802.3af (in the sense that a 802.3at PSE can ...
by jaclaz
Mon Aug 19, 2024 2:31 pm
Forum: Beginner Basics
Topic: LAN to LAN basics
Replies: 21
Views: 2047

Re: LAN to LAN basics

I think the world is divided between those that report how they self-locked themselves out of a Mikrotik quite a few times when experimenting/learning and those that don't. The latter ones are liars :wink: . On a device like the RB2011 where number of ports should not be a problem, a good idea is to...
by jaclaz
Mon Aug 19, 2024 1:04 pm
Forum: Beginner Basics
Topic: LAN to LAN basics
Replies: 21
Views: 2047

Re: LAN to LAN basics

SInce you have no wireless requirements, you can go "virtual" and use GNS3 with CHR, it is very handy to make tests and understand the syntax of ROS and also experiment with "crazy" setups, even if once you have a configuration working it needs to be tested on the real device/net...
by jaclaz
Mon Aug 19, 2024 12:50 pm
Forum: General
Topic: Reset Not Working RBD52G-5HacD2HnD
Replies: 3
Views: 585

Re: Reset Not Working RBD52G-5HacD2HnD

Cannot sat specifically about the ac2, but newish Mikrotik routers come with a user admin and a "random" password preset. The password is (un-[1]) readable both on a sticker on the device and on a label attached to the instructions. AFAIK the reset should get back to those values. [1] prin...
by jaclaz
Sun Aug 18, 2024 10:48 pm
Forum: Wireless Networking
Topic: Outdoor Ap: mounting height, model to choose
Replies: 8
Views: 599

Re: Outdoor Ap: mounting height, model to choose

It's not like there are many devices with the requested features:
1. Ax
2. Dual band 2.4 and 5 GHz
3. Omnidirectional or however neithet sector nor directional

In practice only the netmetal ax:

https://mikrotik.com/product/netmetal_ax
(+ HGO antennas)
by jaclaz
Sun Aug 18, 2024 8:34 pm
Forum: Beginner Basics
Topic: Missing Wireguard config documentation
Replies: 3
Views: 677

Re: Missing Wireguard config documentation

https://i.chzbgr.com/full/6623623680/hB259C047/what-has-been-seen-cannot-be-unseen Wayback Machine to the rescue 8) : The 908118 is the post number, the thread is 182601: http://web.archive.org/web/20230524024549/https://forum.mikrotik.com/viewtopic.php?t=182601 http://web.archive.org/web/202401150...
by jaclaz
Sat Aug 17, 2024 11:28 am
Forum: Beginner Basics
Topic: Internet access OK from LAN but not from the router itself
Replies: 8
Views: 856

Re: Internet access OK from LAN but not from the router itself

I find this very perplexing, I cannot believe that the good Mikrotik guys are intentionally lying, reporting in changelog a new feature that doesn't actually exist/work and even (as always mis-) document it on the help page. I don't know if anyone has filed a ticket at support, but I think you shoul...
by jaclaz
Fri Aug 16, 2024 8:22 pm
Forum: Beginner Basics
Topic: Network addresses scan [SOLVED]
Replies: 3
Views: 927

Re: Network addresses scan [SOLVED]

ip scan?

https://help.mikrotik.com/docs/display/ROS/IP+Scan

arp table may not contain all devices connected AFAICT.
by jaclaz
Fri Aug 16, 2024 7:08 pm
Forum: Beginner Basics
Topic: Internet access OK from LAN but not from the router itself
Replies: 8
Views: 856

Re: Internet access OK from LAN but not from the router itself

Which confirms that the tests with interface= work, while any with the src-address= fail. Someone more expert may be able to explain WHY this happens. In any case the "interface=" should be intended as "out-interface=" (or at least this explains nicely why interface=bridge does n...
by jaclaz
Fri Aug 16, 2024 3:12 pm
Forum: General
Topic: How to ping SFP Gpon module [SOLVED]
Replies: 6
Views: 1035

Re: How to ping SFP Gpon module [SOLVED]

Nothing important, but since you have ether1 added to the bridge, the default DHCP client on it is invalid, you should disable it to avoid the red message:
/ip dhcp-client
# DHCP client can not run on slave or passthrough interface!
add comment=defconf interface=ether1
by jaclaz
Fri Aug 16, 2024 1:37 pm
Forum: General
Topic: How to ping SFP Gpon module [SOLVED]
Replies: 6
Views: 1035

Re: How to ping SFP Gpon module [SOLVED]

You should freddle the gruntbug, or maybe try foonting the turlingdromes.

Or - possibly better - follow the instructions here:
viewtopic.php?t=203686#p1051720
and post your complete configuration and a description of your network topology and of the issue you are having.
by jaclaz
Fri Aug 16, 2024 12:51 pm
Forum: Beginner Basics
Topic: netinstall on RB951G - revert from OpenWRT
Replies: 4
Views: 715

Re: netinstall on RB951G - revert from OpenWRT

The laptop is running windows 11. Which may be (or not) part of the problem. For *some reasons* netinstall can be finnicky, there are mainly two issues: 1) *whatever* running on the laptop 2) timing problem The #2 can usually be solved putting a dumb switch between the laptop and the device, #1 is ...
by jaclaz
Fri Aug 16, 2024 12:27 pm
Forum: RouterBOARD hardware
Topic: hAP ac2 antenna mod
Replies: 6
Views: 5758

Re: hAP ac2 antenna mod

by jaclaz
Fri Aug 16, 2024 1:31 am
Forum: General
Topic: Interface MAC limitation
Replies: 1
Views: 383

Re: Interface MAC limitation

Something like what is discussed here?
viewtopic.php?t=114153
by jaclaz
Thu Aug 15, 2024 7:52 pm
Forum: Wireless Networking
Topic: Is there a guid for setting up multiple CAP AX with 1 controller
Replies: 5
Views: 623

Re: Is there a guid for setting up multiple CAP AX with 1 controller

There are two (actually three) CAPSMANs. All of them are called CAPSMAN, in order to easily understand the differences among them. The first one is not used anymore, forget about it. Two remain. One is called sometimes "CAPSMAN", "OLD CAPSMAN" "CAPSMAN v1", "legacy...
by jaclaz
Thu Aug 15, 2024 12:18 pm
Forum: Beginner Basics
Topic: configuration lost on reboot?
Replies: 11
Views: 754

Re: configuration lost on reboot?

@jonglauser I am losing you. If you have a configuration that is working when set the first time and upon reboot (provided that the configuration is not "lost" anymore) it doesn't work anymore, it means that a part of the configuration does not take immediate effect until a reboot is made ...
by jaclaz
Thu Aug 15, 2024 1:23 am
Forum: Beginner Basics
Topic: 3rd party system installed, can't connect to any devices on the router.
Replies: 40
Views: 2442

Re: 3rd party system installed, can't connect to any devices on the router.

If you were asked the exact same question, what would you say?
I don't know, try asking on the Mikrotik forum.
:lol:
by jaclaz
Wed Aug 14, 2024 8:46 pm
Forum: Beginner Basics
Topic: configuration lost on reboot?
Replies: 11
Views: 754

Re: configuration lost on reboot?

Good, now try adding an IP address to the bridge, let's say 192.168.88.10/24. Then try connecting the PC to one of the other ports of the device, (you will need to set your PC connection to VLAN 10 I believe). Anyway experiment on which ports and with which VLAN id you can connect. Once you have suc...
by jaclaz
Wed Aug 14, 2024 8:12 pm
Forum: Beginner Basics
Topic: configuration lost on reboot?
Replies: 11
Views: 754

Re: configuration lost on reboot?

You don't have any firewall filter rules, so it cannot be that blocking your connection. Remove ether5 also from: /interface bridge vlan add bridge=bridge1 tagged=ether2,ether3,ether4,ether5 vlan-ids=2 add bridge=bridge1 untagged=ether2,ether3,ether4,ether5 vlan-ids=10 add bridge=bridge1 tagged=ethe...
by jaclaz
Wed Aug 14, 2024 7:59 pm
Forum: General
Topic: VRF Configuration doesn't work on MikroTik CCR Router
Replies: 6
Views: 602

Re: VRF Configuration doesn't work on MikroTik CCR Router

It is not like you started from fresh and only added a VRF configuration, the configuration you posted has (among other things) a wireguard connection, a macvlan, a number of src-nat and dst-nat settings, custom firewall rules and there are clear signs of having been configured and re-configured sev...
by jaclaz
Wed Aug 14, 2024 7:12 pm
Forum: Beginner Basics
Topic: configuration lost on reboot?
Replies: 11
Views: 754

Re: configuration lost on reboot?

It is not that (for whatever reason) you have enabled "safe mode"? (accidental pressing of F4 or similar?) https://help.mikrotik.com/docs/display/ROS/Configuration+Management#ConfigurationManagement-SafeMode It is also possible that some of the changes you make appear to be working, but wh...
by jaclaz
Wed Aug 14, 2024 5:15 pm
Forum: Beginner Basics
Topic: Can't change network
Replies: 11
Views: 697

Re: Can't change network

The problem is that it starts with 10.0.8.0, it won't allocate addresses up to 10.0.13.254 if the network is /22. What I need is to have addresses from 10.0.10.2 to 10.0.13.254. You cannot. Check here: https://www.calculator.net/ip-subnet-calculator.html?cclass=any&csubnet=22&cip=10.0.10.1&...
by jaclaz
Wed Aug 14, 2024 1:11 pm
Forum: RouterBOARD hardware
Topic: Mikrotik1100AHx4 simultaneous connection from AC and DC
Replies: 3
Views: 632

Re: Mikrotik1100AHx4 simultaneous connection from AC and DC

Yes. The issue (or non issue) is that usually (cannot say specifically the 1100, but I see no reason why it should be different) Mikrotik devices *like* higher voltage, i.e. when connected on different connectors with (say) 24V and 48V they will draw power from the 48V one. Since the internal (dual)...
by jaclaz
Wed Aug 14, 2024 12:12 pm
Forum: Wireless Networking
Topic: WIFI connecting issues
Replies: 6
Views: 983

Re: WIFI connecting issues

Search on the forum for "SA Query timeout" there are a few threads reporting similar symptoms, and various settings to try, though AFAIK not a definite explanation and remedy.
by jaclaz
Wed Aug 14, 2024 11:56 am
Forum: Beginner Basics
Topic: 2 ISP Internet / 1 LAN WIFI Router Combine 2 ISP to Network
Replies: 11
Views: 896

Re: 2 ISP Internet / 1 LAN WIFI Router Combine 2 ISP to Network

This is MikroTik forum, you can not advertise other competitor brands. If you want provide a solution, must still inside MikroTik products. You mean like hinting on an Alfa Romeo forum that a given BMW model drives better? It might be frown upon by other members but I doubt that it is against the f...
by jaclaz
Wed Aug 14, 2024 11:46 am
Forum: Beginner Basics
Topic: Internet access OK from LAN but not from the router itself
Replies: 8
Views: 856

Re: Internet access OK from LAN but not from the router itself

The masquerading seems to work OK... I am not sure to follow you, actually I am pretty sure I am not following you. I meant what happens in the log when running specifically the commands: /ping 8.8.8.8 vrf=vrf_starlink /ping 8.8.8.8 vrf=vrf_orange /ping 8.8.8.8 vrf=main /ping 8.8.8.8 src-address=19...
by jaclaz
Tue Aug 13, 2024 8:41 pm
Forum: Beginner Basics
Topic: 2 ISP Internet / 1 LAN WIFI Router Combine 2 ISP to Network
Replies: 11
Views: 896

Re: 2 ISP Internet / 1 LAN WIFI Router Combine 2 ISP to Network

If you think I can change anything from this configuration, please let me know... Well, if you provide your actual configuration (no, "it is the same as the one in this video" doesn't count) surely some experienced members will have a look at it. Follow the instructions here: https://foru...
by jaclaz
Tue Aug 13, 2024 8:33 pm
Forum: Wireless Networking
Topic: Missing wAP ax successor to wAP ac, what are outdoor AX WiFi alternatives?
Replies: 24
Views: 2282

Re: Missing wAP ax successor to wAP ac, what are outdoor AX WiFi alternatives?

You should install a "lightning arrestor" and ground that one(s) (besides the pole - if any).
Example only:
https://www.l-com.com/rf-surge-protecto ... -m-dc-6ghz

And yes, ground is ground, so you can (actually should) mount on the same steel.
by jaclaz
Tue Aug 13, 2024 7:55 pm
Forum: General
Topic: Frequent Crashes After Updates on MikroTik hAP ac3 – Seeking Solutions
Replies: 8
Views: 579

Re: Frequent Crashes After Updates on MikroTik hAP ac3 – Seeking Solutions

I understand, but if I import block by block, won't I just bring the problem back again? Can't the exported file be cleaned up somehow? I currently have a solution to the problem that is relatively quick, but going through all the steps you mentioned seems like it will take a lot of time. No, the p...
by jaclaz
Tue Aug 13, 2024 7:08 pm
Forum: Beginner Basics
Topic: Problems connecting to ISPs PPPoE
Replies: 10
Views: 1209

Re: Problems connecting to ISPs PPPoE

Well, if it comes on a VLAN (and this would be among the data your ISP gave you for connection) you need to "translate" it in the Mikrotik, assigning the WAN (usually ether1) port the appropriate vlan-id, *like*: https://forum.mikrotik.com/viewtopic.php?t=205934#p1064214 Depending on the s...
by jaclaz
Tue Aug 13, 2024 6:17 pm
Forum: Wireless Networking
Topic: Missing wAP ax successor to wAP ac, what are outdoor AX WiFi alternatives?
Replies: 24
Views: 2282

Re: Missing wAP ax successor to wAP ac, what are outdoor AX WiFi alternatives?

It greatly depends on cable. Ordinary cables may loose 1-4db/m :shock: A good, very low attenuation, antenna extension cable could be in the order of magnitude of 0.3/0.4/0.5 db/m (at 2.4 GHz, expect 50% more on 5 GHz). These - generally speaking - are more stiff, and have issues if bent too "t...
by jaclaz
Tue Aug 13, 2024 5:17 pm
Forum: Wireless Networking
Topic: mANTbox ax 15s increase radio power
Replies: 7
Views: 648

Re: mANTbox ax 15s increase radio power

I see :) , you are right on the convenience border between using or not using capsman:
viewtopic.php?t=204733#p1057385
by jaclaz
Tue Aug 13, 2024 5:00 pm
Forum: General
Topic: PoE limit to 200mbps
Replies: 30
Views: 2308

Re: PoE limit to 200mbps

You have a DHCP client on ether1 that cannot work because ether1 is part of (slave to) the bridge. Ros is trying to tell you that. The one on bridge is running, you should know whether you have *need* for the devices to use it or not. Very likely not, as the two devices should form a sort of "w...
by jaclaz
Tue Aug 13, 2024 2:51 pm
Forum: General
Topic: ECMP recursive routes [SOLVED]
Replies: 30
Views: 3092

Re: ECMP recursive routes [SOLVED]

Let's quote it: Route Selection There can be multiple routes with the same destination received from various routing protocols and from static configurations but only one (best) destination can be used for packet forwarding. To determine the best path, RIB runs a Route Selection algorithm that picks...
by jaclaz
Tue Aug 13, 2024 2:36 pm
Forum: Beginner Basics
Topic: Internet access OK from LAN but not from the router itself
Replies: 8
Views: 856

Re: Internet access OK from LAN but not from the router itself

Maybe is the one obtained by DHCP client on ether1 (or ether2) in the 192.168.1.0 range (i.e. the one "nearest" to the gateway). I am not sure to follow you on why you are using two DHCP clients (that must be in the same network range of 192.168.1.0 as the two servers). Isn't there a risk ...
by jaclaz
Tue Aug 13, 2024 2:15 pm
Forum: Wireless Networking
Topic: mANTbox ax 15s increase radio power
Replies: 7
Views: 648

Re: mANTbox ax 15s increase radio power

No idea, but are you using CAP/CAPSMAN for a single access point?
by jaclaz
Tue Aug 13, 2024 2:12 pm
Forum: General
Topic: PoE limit to 200mbps
Replies: 30
Views: 2308

Re: PoE limit to 200mbps

Side notes: Why is hardware offload disabled on ether1 of the "transmitter"? /interface bridge port add bridge=bridge1 interface=wlan2 add bridge=bridge1 hw=no interface=ether1 add bridge=bridge1 interface=wlan1 Try setting it hw=yes. You have a DHCP server attempting to run on a slave int...
by jaclaz
Tue Aug 13, 2024 12:26 am
Forum: Wireless Networking
Topic: mANTbox ax 15s increase radio power
Replies: 7
Views: 648

Re: mANTbox ax 15s increase radio power

Antenna gain dBi for 2.4 GHz 12 ... Antenna gain dBi for 5 GHz 15 So, not really. But low reception at 50 meters is definitely not normal, the mantbox Ax 15 s is (should be) capable of km links. A couple of (good?) questions are: 1) what does your friend mean by "low" reception? 2) and wh...
by jaclaz
Mon Aug 12, 2024 11:25 pm
Forum: Beginner Basics
Topic: 2 ISP Internet / 1 LAN WIFI Router Combine 2 ISP to Network
Replies: 11
Views: 896

Re: 2 ISP Internet / 1 LAN WIFI Router Combine 2 ISP to Network

If you take (temporarily) the Hex out of the equation and you connect a PC to one of the two ISP devices do you have internet or not? Most ISP dsl devices are not modems [1], they are modem/routers. A good hint Is the number of ports they have, a modem usually has two ports, a modem/router usually h...
by jaclaz
Mon Aug 12, 2024 7:38 pm
Forum: General
Topic: Can't get UPnP to work in RouterOS 7.14.1 (Worked in RouterOS 6.x)
Replies: 15
Views: 1327

Re: Can't get UPnP to work in RouterOS 7.14.1 (Worked in RouterOS 6.x)

My best solution, at least so far, is to downgrade the routers back to RouterOS 6 Yep, I would actually reverse the prospective: why did you upgrade (now) to 7.14.1? If you have some setup working nicely why do you want to risk an issue with it (unless version 7.xx offers some new feature that you ...
by jaclaz
Mon Aug 12, 2024 7:20 pm
Forum: General
Topic: Can't get UPnP to work in RouterOS 7.14.1 (Worked in RouterOS 6.x)
Replies: 15
Views: 1327

Re: Can't get UPnP to work in RouterOS 7.14.1 (Worked in RouterOS 6.x)

Well, you are mixing the upnpc versions, try using ONLY the latest 2.27. This way results would be comparable. Run: upnpc -l on both the 7 and 6 devices. Then upnpc -u http://192.168.88.1:2828/gateway_description.xml -l on the 7 and upnpc -u http://192.168.88.1:2828/gateway.xml -l on the 6. The issu...
by jaclaz
Mon Aug 12, 2024 6:47 pm
Forum: General
Topic: Can't get UPnP to work in RouterOS 7.14.1 (Worked in RouterOS 6.x)
Replies: 15
Views: 1327

Re: Can't get UPnP to work in RouterOS 7.14.1 (Worked in RouterOS 6.x)

Yes, I saw that thread, but I wasn't able to find any useful hints on how to solve it. That one seemingly solved by itself, upnpc couldn't find the device but upnp did work on the OP network. Sort of what is reported here: https://superuser.com/questions/873998/miniupnp-thinks-my-router-doesnt-supp...
by jaclaz
Mon Aug 12, 2024 4:48 pm
Forum: General
Topic: Can't get UPnP to work in RouterOS 7.14.1 (Worked in RouterOS 6.x)
Replies: 15
Views: 1327

Re: Can't get UPnP to work in RouterOS 7.14.1 (Worked in RouterOS 6.x)

There is at least another case where upnpc had troubles with detecting the UPNP: https://forum.mikrotik.com/viewtopic.php?t=201510 but actual devices were actually working. You seem to be running an older version: (c) 2005-2019 Thomas Bernard. than the OP in the other thread: (c) 2005-2022 Thomas Be...
by jaclaz
Mon Aug 12, 2024 4:08 pm
Forum: Wireless Networking
Topic: Mikrotik or others on AX wifi access point
Replies: 160
Views: 7583

Re: Mikrotik or others on AX wifi access point

Reviews are a dime a dozen, authoritative ones are somewhat harder to find. Following is a definitely non-authoritative one, for what it is worth. Are the mikrotk access point so good or not ? It depends. :shock: Do you want to spend sleepless nights studying and experimenting because you believe (w...
by jaclaz
Mon Aug 12, 2024 1:54 pm
Forum: Scripting
Topic: Disable the prompt from the terminal. [SOLVED]
Replies: 17
Views: 1936

Re: Disable the prompt from the terminal. [SOLVED]

Thanks everyone for the suggestions. My question was simply to get clean output without printing the prompt, just like the "@echo off" statement in Windows cmd. The @echo off command in a batch does not suppress prompt , it suppresses echoing the following commands (including the prompt),...
by jaclaz
Mon Aug 12, 2024 1:38 pm
Forum: General
Topic: Random switch crashes on routerOS 7.15.3
Replies: 1
Views: 394

Re: Random switch crashes on routerOS 7.15.3

The basic issue is that the good Mikrotik guys like to call "stable" something that is usually very unlike it, It is more like a "feature freeze" release, but from that to have a "stable" in the sense of "reliable" OS, there is a long way. Ideally you should h...
by jaclaz
Mon Aug 12, 2024 11:46 am
Forum: Beginner Basics
Topic: Struggling to hard reset and provision cAP-2nD
Replies: 2
Views: 400

Re: Struggling to hard reset and provision cAP-2nD

The netinstall procedure is a bit finnicky, but doable, if using a recent Windows there may be settings on firewall or in some other program that need to be changed, using netinstall from Linux is said to be more reliable, but reports vary, it also depends on which RoS version/netinstall version you...
by jaclaz
Mon Aug 12, 2024 11:26 am
Forum: General
Topic: VXLAN NAT Problem [SOLVED]
Replies: 21
Views: 8075

Re: VXLAN NAT Problem [SOLVED]

Is it this one?
viewtopic.php?p=1059441
What's new in 7.14 (2024-Feb-29 09:10):
...
*) firewall - fixed underlying VXLAN/EoIP tunnel reusing packet marks of encapsulated packets;
...
by jaclaz
Sun Aug 11, 2024 11:56 pm
Forum: General
Topic: [SOLVED] Configuring IoT VLAN across devices
Replies: 9
Views: 965

Re: Configuring IoT VLAN across devices

Yes, I'm aware that's the wrongest way of doing this and for what is worth I'd
never hire myself as a network engineer :D
Well, you are doing it wrong. :shock:
This way you cannot experience the satisfaction when you fire yourself. :wink: :lol:
by jaclaz
Sun Aug 11, 2024 11:45 pm
Forum: Beginner Basics
Topic: [Solved] Second IP assigned to the bridge - traffic from that subnet is not routed
Replies: 3
Views: 461

Re: [Solved] Second IP assigned to the bridge - traffic from that subnet is not routed

That's exactly the reason why two pairs of eyes are better than one. :) Especially with complex configurations (or any kind of long text) it is very easy to develop a sort of "tunnel vision" or "selective blindness" and simply fail to see something even when reading and re-readin...
by jaclaz
Sun Aug 11, 2024 11:17 pm
Forum: Beginner Basics
Topic: Basic internet config
Replies: 11
Views: 740

Re: Basic internet config

Good. :D I forgot to say that you should have rebooted to see the effects. Very likely disabling and then reenabling the LTE interface would have been enough, but rebooting is actually better as it is already a "test" of what will happen next time you lose power or need to reboot for other...
by jaclaz
Sun Aug 11, 2024 9:02 pm
Forum: Beginner Basics
Topic: [Solved] Second IP assigned to the bridge - traffic from that subnet is not routed
Replies: 3
Views: 461

Re: Second IP assigned to the bridge - traffic from that subnet is not routed

Is it not the same issue with "return routes"? You have them for 192.168.1.0/24: add disabled=no distance=1 dst-address=192.168.1.0/24 gateway=bridge \ routing-table=vrf_orange suppress-hw-offload=no add disabled=no distance=1 dst-address=192.168.1.0/24 gateway=bridge \ routing-table=vrf_s...
by jaclaz
Sun Aug 11, 2024 8:50 pm
Forum: Beginner Basics
Topic: Basic internet config
Replies: 11
Views: 740

Re: Basic internet config

Yep, the export is fine. You seemingly have the LTE IP address set manually: /ip address ... add address=10.20.248.246 interface=lte1 network=10.20.248.246 Are you sure-sure that this is what you need/want? AFAIK in LTE connection the address of the LTE interface is automatically assigned by the ISP...
by jaclaz
Sun Aug 11, 2024 6:19 pm
Forum: General
Topic: [SOLVED] Configuring IoT VLAN across devices
Replies: 9
Views: 965

Re: Configuring IoT VLAN across devices

So far, I've created on one of the ceiling APs: the virtual interface linked to the wlan1 (2GHz) one, a vlan bridge, a vlan dhcp client, all tagged accordingly, and on the CRS310 the corresponding vlan bridge and vlan dhcp server, but can't seem to obtain a DHCP address. So, let's start from that p...
by jaclaz
Sun Aug 11, 2024 5:24 pm
Forum: Beginner Basics
Topic: SXT LTE6 KIT Beginner problems [SOLVED]
Replies: 11
Views: 1328

Re: SXT LTE6 KIT Beginner problems [SOLVED]

Yep, even better if there was a drop down list with an item "Automatic ISP APN" (or similar) fixed/not removable to which you can add your APN and then you are free to select either. In CLI, an "auto" option could be added to /interface lte apn add apn=auto That would allow the c...
by jaclaz
Sun Aug 11, 2024 3:35 pm
Forum: Beginner Basics
Topic: Backup internet interface
Replies: 1
Views: 364

Re: Backup internet interface

What you should look for is "failover". There are different ways to do that, if you search the forum for that keyword you will find many examples. Your specific case may be more complex than others depending on how you are using the radio(s) on your Mikrotik router, usually in configuratio...
by jaclaz
Sun Aug 11, 2024 3:13 pm
Forum: Beginner Basics
Topic: SXT LTE6 KIT Beginner problems [SOLVED]
Replies: 11
Views: 1328

Re: SXT LTE6 KIT Beginner problems [SOLVED]

Good. :) I wonder why in the late what? 4 years or so :shock: , no Mikrotik developer thought to add a check-box for "use-network-apn" on the main Quick Set page (the one you posted screenshots of), given that the default is "yes" and this makes the manually entered apn not used ...
by jaclaz
Sun Aug 11, 2024 2:22 pm
Forum: Beginner Basics
Topic: Basic internet config
Replies: 11
Views: 740

Re: Basic internet config

Unfortunately that screenshot shows only a small part of the configuration.
Follow the instructions in this post:
viewtopic.php?t=203686#p1051720
and post your full configuration.
by jaclaz
Sun Aug 11, 2024 2:16 pm
Forum: Beginner Basics
Topic: SXT LTE6 KIT Beginner problems [SOLVED]
Replies: 11
Views: 1328

Re: SXT LTE6 KIT Beginner problems [SOLVED]

This: /interface lte apn add apn=internet.telekom use-network-apn=yes May be the issue, you should edit the entry setting use-network-apn=no See: https://forum.mikrotik.com/viewtopic.php?t=161619 See also, it should be possible to disable it via GUI too: https://blog.linitx.com/mikrotik-lte-how-to-c...
by jaclaz
Sun Aug 11, 2024 11:51 am
Forum: Beginner Basics
Topic: SXT LTE6 KIT Beginner problems [SOLVED]
Replies: 11
Views: 1328

Re: SXT LTE6 KIT Beginner problems [SOLVED]

Post your complete configuration, follow these insteructions:
viewtopic.php?t=203686#p1051720
by jaclaz
Sun Aug 11, 2024 11:30 am
Forum: RouterBOARD hardware
Topic: hAP ax lite
Replies: 95
Views: 21192

Re: hAP ax lite

Actually it IS a USB-C port, physically. The problem is that Mikrotik does not state that's only physically a USB-C port, but not electrically. This is false advertisement and is both unacceptable and illegal. Right or wrong as it may be, it is not "false advertisement", let alone "i...
by jaclaz
Sat Aug 10, 2024 11:37 pm
Forum: Beginner Basics
Topic: SXT LTE6 KIT Beginner problems [SOLVED]
Replies: 11
Views: 1328

Re: SXT LTE6 KIT Beginner problems [SOLVED]

Try disabling IPv6
/ipv6/settings/set disable-ipv6=yes
/system/reboot
by jaclaz
Sat Aug 10, 2024 2:04 pm
Forum: General
Topic: PoE limit to 200mbps
Replies: 30
Views: 2308

Re: PoE limit to 200mbps

Ok.
For next time, that device is called a "PoE injector".

No matter where it comes from, you need to remove that "speed=100Mbps" as a first step.
by jaclaz
Sat Aug 10, 2024 12:47 pm
Forum: General
Topic: PoE limit to 200mbps
Replies: 30
Views: 2308

Re: PoE limit to 200mbps

Which devices are POE 1,2.3?

Are they simple power injectors?

Or something else, like Poe switches or the like?

How exactly are you performing the speedtest on the router and on the connection between Poe1 and PTP1?
by jaclaz
Sat Aug 10, 2024 12:37 pm
Forum: Beginner Basics
Topic: Route via a Specific Interface Only
Replies: 16
Views: 5023

Re: Route via a Specific Interface Only

I assume these gateway addresses are just VERY BAD examples
You cannot route via Google/Cloudflare DNS servers! (unless I am missing something obvious)
Those are "recursive routes", see here:
viewtopic.php?t=209281
by jaclaz
Fri Aug 09, 2024 11:27 pm
Forum: Beginner Basics
Topic: LAN to LAN basics
Replies: 21
Views: 2047

Re: LAN to LAN basics

The problem here is that very likely the ISP modem/router is simply not capable of routing between the two LAN subnets. Conceptually ISP routers have only two interfaces, an outside one (be it DSL, FTTH, FTTC, ethernet, whatever) or WAN and an inside one or LAN. This single inside one is internally ...
by jaclaz
Fri Aug 09, 2024 3:51 pm
Forum: General
Topic: VRF routing issue on 7.14 [SOLVED]
Replies: 34
Views: 7662

Re: VRF routing issue on 7.14 [SOLVED]

Well, at least we tried.
It would have been too d@mn simple to have the interface notation that is just fine in route/gateway also work in queues.
by jaclaz
Fri Aug 09, 2024 3:47 pm
Forum: General
Topic: hap ax3
Replies: 8
Views: 2243

Re: hap ax3

I don't find it "smart" to run an Ax3 with no antennas connected, even if radio is off. The radios are off, no antenna connected, everything is fine. The radios are turned on accidentally, no antenna connected, radios may fry. What happens when you reset the router (are the radios automati...
by jaclaz
Fri Aug 09, 2024 3:21 pm
Forum: General
Topic: VRF routing issue on 7.14 [SOLVED]
Replies: 34
Views: 7662

Re: VRF routing issue on 7.14 [SOLVED]

target=sfp.111@VRF_TEST ? :?:
by jaclaz
Fri Aug 09, 2024 2:34 pm
Forum: General
Topic: Policy routing [SOLVED]
Replies: 9
Views: 1712

Re: Policy routing [SOLVED]

I consider - visually - both routing rules and mangling as "sieves". https://www.globalgilson.com/blog/sieve-sizes Routing rules - generally speaking - are sieves with larger sized openings (coarse series), mangle marks can catch smaller particles (fine series). The help page is clear enou...
by jaclaz
Fri Aug 09, 2024 11:32 am
Forum: General
Topic: Policy routing [SOLVED]
Replies: 9
Views: 1712

Re: Policy routing [SOLVED]

lookup looks up first on the set table and if the address/route is not found has a look for it also in main/other table(s). lookup-only-in-table looks up on the set table and if the address/route is not found gives up. I believe we can say that you can do with mangle everything routing rules can do,...
by jaclaz
Thu Aug 08, 2024 11:09 pm
Forum: General
Topic: Steps to configure CRS326-24S+2Q+RM as a L3 Switch wihtout Router-on-a-stick
Replies: 23
Views: 1385

Re: Steps to configure CRS326-24S+2Q+RM as a L3 Switch wihtout Router-on-a-stick

To be fair the proposal originally came from a "Member Candidate". Not that It makes much difference, the "Forum Guru" title is automatically assigned by the board when a member reaches a certain number of posts, it is sort of honorary/a sign of seniority. Take me, as and example...