Community discussions

MikroTik App

Search found 1893 matches

  • 1
  • 2
  • 3
  • 4
  • 5
  • 7
by jaclaz
Tue Dec 03, 2024 1:04 am
Forum: Beginner Basics
Topic: help with LTE passthrough and vlan
Replies: 1
Views: 79

Re: help with LTE passthrough and vlan

This:
/ip address
add address=192.168.1.2 interface=vlan3 network=192.168.1.2
Is a /32 address/network.

Very likely you want instead a /24 one, i.e.
/ip address
add address=192.168.1.2/24 interface=vlan3 network=192.168.1.0
by jaclaz
Mon Dec 02, 2024 6:46 pm
Forum: General
Topic: Access LAN B from LAN A, but not LAN A from LAN B
Replies: 20
Views: 721

Re: Access LAN B from LAN A, but not LAN A from LAN B

Very likely you had to login to post and that triggered the "can view attachments" flag.
Take your time, the more you play with the tools and get familiar with them, the better :) .
by jaclaz
Mon Dec 02, 2024 5:21 pm
Forum: General
Topic: Access LAN B from LAN A, but not LAN A from LAN B
Replies: 20
Views: 721

Re: Access LAN B from LAN A, but not LAN A from LAN B

I think all these three solutions should be possible.
Personally I would prefer #3, as the Mikrotik right after the ISP router should allow more control and security, even if the ISP router cannot be put in bridge mode and there will be double NAT.
by jaclaz
Mon Dec 02, 2024 4:57 pm
Forum: Announcements
Topic: v7.17rc [testing] is released!
Replies: 130
Views: 28975

Re: v7.17rc [testing] is released!

Forum users can't check support tickets, so no reason to post ticket numbers here It is of no use for other common forum members, but this way you or other Mikrotik staff happening to pass by and interested in a report on the forum may be able to check in more detail what the issue is, without need...
by jaclaz
Mon Dec 02, 2024 2:22 pm
Forum: General
Topic: Access LAN B from LAN A, but not LAN A from LAN B
Replies: 20
Views: 721

Re: Access LAN B from LAN A, but not LAN A from LAN B

I have no idea, I am just trying to understand the exact requirements and provide some expanded/explained context of your suggestions, so that even an absolute beginner (as the OP clearly is) can understand and replicate them. (my role is only that of a friendly, slightly more familiar with Ros, beg...
by jaclaz
Mon Dec 02, 2024 1:44 pm
Forum: General
Topic: Access LAN B from LAN A, but not LAN A from LAN B
Replies: 20
Views: 721

Re: Access LAN B from LAN A, but not LAN A from LAN B

To better understand, the solution anav suggested is for the topology on the right, whilst you would prefer the one of the left, correct?
It shouldn't be particularly difficult to transform the one into the other.
by jaclaz
Mon Dec 02, 2024 12:16 pm
Forum: General
Topic: Access LAN B from LAN A, but not LAN A from LAN B
Replies: 20
Views: 721

Re: Access LAN B from LAN A, but not LAN A from LAN B

Well, you have a pretty much sane (largely default) configuration, it is just a matter to learn a few things as also your intended final configuration (per anav's post) is pretty much standard. You now have: 1. a single ethernet port (ether1) self-standing and added as WAN to the interface list 2. a...
by jaclaz
Mon Dec 02, 2024 2:30 am
Forum: Wireless Networking
Topic: Improving Localization Accuracy with MikroTik RouterBOARD
Replies: 4
Views: 205

Re: Improving Localization Accuracy with MikroTik RouterBOARD

Which Routerboard device? With which antenna? On which frequency range (2.4 or 5 GHz)? On which Channel in the range? Any change in any of the above may modify - slightly or sensibly - the result. If you are looking for measuring distances, you might want to have a very directional antenna to minimi...
by jaclaz
Mon Dec 02, 2024 1:27 am
Forum: General
Topic: Access LAN B from LAN A, but not LAN A from LAN B
Replies: 20
Views: 721

Re: Access LAN B from LAN A, but not LAN A from LAN B

Ah, ok, MacOS Is - as often happens - doing things its own way, AFAIK in Windows It Is not allowed and on Linux you need to add the -b switch. I now understand better your setup, the first router, the ISP one, is conceptually not really a router, in the sense that being not configurable (if not for ...
by jaclaz
Sun Dec 01, 2024 9:07 pm
Forum: General
Topic: icmp MTU
Replies: 5
Views: 224

Re: icmp MTU

I see, the issue is with (icmp) packet size (which is not MTU). It is strange that forwarded pings go through however, they should still be 56 bytes, I believe it is the default on most Operating Systems. Size of icmp packets in tool netwatch has been only implemented in later 7.x version I believe,...
by jaclaz
Sun Dec 01, 2024 8:15 pm
Forum: General
Topic: icmp MTU
Replies: 5
Views: 224

Re: icmp MTU

I don't know, but it sounds to me not normal :shock: that your router cannot ping normally an IP on the internet.
I would try to solve that problem before looking for a way to replicate a workaround you found :? .
by jaclaz
Sun Dec 01, 2024 8:00 pm
Forum: Beginner Basics
Topic: Firewall - drop rule within input chain
Replies: 11
Views: 608

Re: Firewall - drop rule within input chain

Sure :) , but at the moment you had posted only the input chain rules. I was trying to highlight how futile it was replacing a rule that doesn't do what is its intended goal (because it is in the wrong chain) with a (better) inverted logical approach that as well is in the wrong chain and thus fails...
by jaclaz
Sun Dec 01, 2024 7:29 pm
Forum: General
Topic: Access LAN B from LAN A, but not LAN A from LAN B
Replies: 20
Views: 721

Re: Access LAN B from LAN A, but not LAN A from LAN B

You could set it up like this: https://wiki.mikrotik.com/Manual:Simple_Static_Routing In that example, Router2 needs not an additional route because there is a gateway set (that automatically means 0.0.0.0/0 i.e. "everything" is reachable through it), i.e. the "upstream" route in...
by jaclaz
Sun Dec 01, 2024 6:00 pm
Forum: Virtualization
Topic: How to install Mikrotik CHR on Oracle Cloud always free instance?
Replies: 16
Views: 10864

Re: How to install Mikrotik CHR on Oracle Cloud always free instance?

I've seen this project on github, but I never figured out why it's needed... It depends on what hardware (real or virtual) you run the image on. Since several releases the image Mikrotik provides is not fully compliant with UEFI because the "system partition" is formatted as ext2fs (inste...
by jaclaz
Sun Dec 01, 2024 5:37 pm
Forum: General
Topic: FOR THE LOVE OF "DEITY OF CHOICE" FIX YOUR FRIGGEN (forum) WEBSITE [SOLVED]
Replies: 94
Views: 6546

Re: FOR THE LOVE OF "DEITY OF CHOICE" FIX YOUR FRIGGEN (forum) WEBSITE [SOLVED]

There must have been an obstruction in the notification drainpipe, now removed :wink:
https://www.bbc.co.uk/news/articles/cvg7x8l5pv2o
:lol:
by jaclaz
Sun Dec 01, 2024 5:17 pm
Forum: Beginner Basics
Topic: Firewall - drop rule within input chain
Replies: 11
Views: 608

Re: Firewall - drop rule within input chain

I want to block access to WAN for addresses from the list (that was my comment on this rule). Unless you have another recommendation. The combination of these two rules: add action=accept chain=input src-address-list=Authorized ... add action=drop chain=input comment="drop all else" give ...
by jaclaz
Sun Dec 01, 2024 2:14 pm
Forum: Beginner Basics
Topic: CHECK MY CONFIGURATION
Replies: 3
Views: 253

Re: CHECK MY CONFIGURATION

It seems to me like you have no (sensible) firewall filter rules. This can be very dangerous, your router (and network) is essentially open from the outside. On the other hand you have some not-so-common more advanced settings (ovpn. queues, etc.). It seems like it was configured by someone familiar...
by jaclaz
Sun Dec 01, 2024 1:55 pm
Forum: General
Topic: Bug in version in winbox and in routerboard
Replies: 11
Views: 593

Re: Bug in version in winbox and in routerboard

Hmmm. :? Just for the fun of it, run the Wireless Network watcher from Nirsoft (it is not for wireless only): https://www.nirsoft.net/utils/wireless_network_watcher.html besides other things, it identifies "Network Adapter Company" (cannot say if via MAC or through other means) my guess is...
by jaclaz
Sun Dec 01, 2024 12:57 pm
Forum: Beginner Basics
Topic: Dual Router Configuration Setup Assistance
Replies: 9
Views: 409

Re: Dual Router Configuration Setup Assistance

It seems to me like the first thing you should do is to get Winbox (the dedicated program to manage Mikrotik gear) and use it instead of what you are using now (I presume browser, i.e. webfig). https://mikrotik.com/download One of the distinctive advantages of Winbox is that it can usually connect t...
by jaclaz
Sun Dec 01, 2024 12:18 am
Forum: General
Topic: am i using SOHO Firewall or not?
Replies: 30
Views: 2297

Re: am i using SOHO Firewall or not?

@anav
In the OP's current config the DNS server Is on another device, 192.168.1.9.
by jaclaz
Sat Nov 30, 2024 8:51 pm
Forum: General
Topic: Bug in version in winbox and in routerboard
Replies: 11
Views: 593

Re: Bug in version in winbox and in routerboard

And you also spoof the MAC to a TP-LINK one? :shock:
by jaclaz
Sat Nov 30, 2024 8:22 pm
Forum: Scripting
Topic: Running a script from Netwatch doesn't work
Replies: 12
Views: 626

Re: Running a script from Netwatch doesn't work

Possibly a stupid idea :shock: , but would it be possible to generate a log entry with the variable and its value and then parse it out from the log? :?:
The log is usually volatile (in ram, doesn't survive reboot), isn't it?
by jaclaz
Sat Nov 30, 2024 7:55 pm
Forum: General
Topic: am i using SOHO Firewall or not?
Replies: 30
Views: 2297

Re: am i using SOHO Firewall or not?

@Mossii Maybe you need some background to understand the set of configuration johnson73 provided. Here you define two interface lists, one is LAN or inside/safe, the other one is WAN or outside/dangerous: /interface list add name=WAN add name=LAN Here you define which interfaces are what, a default ...
by jaclaz
Sat Nov 30, 2024 3:59 pm
Forum: Scripting
Topic: Netwatch script to check if plugged in
Replies: 1
Views: 121

Re: Netwatch script to check if plugged in

Netwatch is triggered by a change in the status of pinging <some address>, and the discrimination is only between ping OK and ping NOT OK.

If the pinging always fails, no matter if the ether interface has a connection or not, it won't be triggered, I believe.
by jaclaz
Sat Nov 30, 2024 1:03 pm
Forum: Scripting
Topic: First script problem - just won't execute
Replies: 10
Views: 534

Re: First script problem - just won't execute

Besides it being useful or not, I am failing to understand the logic of the if conditions (i am just trying to understand). The base condition is whether $bound is 1 or not: a. if $bound is not 1, then remove ALL routes with that comment b. if $bound is 1 then: b.1 if there is not a route with that ...
by jaclaz
Sat Nov 30, 2024 12:06 am
Forum: General
Topic: Bug in version in winbox and in routerboard
Replies: 11
Views: 593

Re: Bug in version in winbox and in routerboard

OT, but calling the router Archer AX53 seems to me a touch of genius. :lol:
by jaclaz
Fri Nov 29, 2024 11:42 pm
Forum: General
Topic: Help with Extending WAN Physically with VLAN's.
Replies: 11
Views: 602

Re: Help with Extending WAN Physically with VLAN's.

Not what you asked, but the (good?) ol' way :shock: would have been to protect the router putting it inside an electrical box or, if WAF is involved, a hand made wooden box and keep the LAN topology as is. I guess this shows how old I have become, attempting to solve problems with last century techn...
by jaclaz
Fri Nov 29, 2024 11:33 pm
Forum: General
Topic: How to predefine hostnames for DHCP leases?
Replies: 11
Views: 1566

Re: How to predefine hostnames for DHCP leases?

it is *very* usefull to dynamically booting diskless machines.
This.
I usually boot (dynamically) two or three diskless machines every day, just before breakfast.
by jaclaz
Fri Nov 29, 2024 7:34 pm
Forum: Beginner Basics
Topic: Just updated mAP firmware and now it's broke
Replies: 4
Views: 301

Re: Just updated mAP firmware and now it's broke

Don't worry :) , it happens to everyone, it is the second mistake that happens to everyone (the first one is losing access to the device when fiddling with settings and needing to reset it). The mAP should run fine with latest 6.x version (6.49.17 if I recall correctly) whilst with v 7.x versions it...
by jaclaz
Fri Nov 29, 2024 7:21 pm
Forum: Beginner Basics
Topic: Setup mAP in reverse config from default
Replies: 18
Views: 959

Re: Setup mAP in reverse config from default

0. ether1 is an interface and it has its own "dignity" and you can assign an address to it. But when you add it to a bridge, the bridge is *like* WE ARE THE BORG; YOU WILL BE ASSIMILATED.YOUR UNIQUENESS WILL BE ADDED TO OUR COLLECTIVE. RESISTANCE IS FUTILE. :wink: the individual address of...
by jaclaz
Fri Nov 29, 2024 5:10 pm
Forum: Beginner Basics
Topic: Setup mAP in reverse config from default
Replies: 18
Views: 959

Re: Setup mAP in reverse config from default

Well, which IP address are you pinging? The bridge has none set. Only ether1 has one (and it is a /32): /ip address add address=172.31.246.2 interface=ether1 network=172.31.246.2 Try running /ip address print and post the output. Same for /ip route print, this way we can understand what happens with...
by jaclaz
Fri Nov 29, 2024 4:25 pm
Forum: Beginner Basics
Topic: Setup mAP in reverse config from default
Replies: 18
Views: 959

Re: Setup mAP in reverse config from default

I meant conceptually (since I'm not sure IP firewall rules are even processed when ports are bridged). But just in case, I added accept rules for in/out/fwd at the top of the list, and no difference. There must be a reason for this I don't understand Conceptually firewall should be not part of the ...
by jaclaz
Fri Nov 29, 2024 4:07 pm
Forum: Beginner Basics
Topic: Setup mAP in reverse config from default
Replies: 18
Views: 959

Re: Setup mAP in reverse config from default

Do I have to adjust firewall rules to permit something here?
We won't know until you post your current configuration for review.
by jaclaz
Fri Nov 29, 2024 4:06 pm
Forum: Beginner Basics
Topic: Setup mAP in reverse config from default
Replies: 18
Views: 959

Re: Setup mAP in reverse config from default

Well, the setup I posted is (intentionally) static only, it is that of a device that I use to give wireless connectivity to a device that has only a wired port but is physically in a room where there is not an ethernet cable arriving nearby. In your case you may want or need to set it with a DHCP cl...
by jaclaz
Fri Nov 29, 2024 11:44 am
Forum: Beginner Basics
Topic: Best way to setup backup route
Replies: 11
Views: 699

Re: Best way to setup backup route

Yep, sometimes the terminology can be confusing. Routes are just routes (and the go in /ip route). Routing rules are a mechanism for policy routing (that go in /routing rules) that allow to "filter" and modify some particular connections, you can think of them as similar to mangle rules (t...
by jaclaz
Fri Nov 29, 2024 11:20 am
Forum: Beginner Basics
Topic: Setup mAP in reverse config from default
Replies: 18
Views: 959

Re: Setup mAP in reverse config from default

Ok, here is the (very, very basic) configuration that you could use as a base: # nov/29/2024 10:09:05 by RouterOS 6.49.17 # software id = [redacted] # # model = RouterBOARD 941-2nD # serial number = [redacted] /interface bridge add admin-mac=[redacted] auto-mac=no name=bridge1 /interface wireless se...
by jaclaz
Fri Nov 29, 2024 11:13 am
Forum: Beginner Basics
Topic: Setup mAP in reverse config from default
Replies: 18
Views: 959

Re: Setup mAP in reverse config from default

Post what you have, see instructions here:
viewtopic.php?t=203686#p1051720

If you want a reference, I have somewhere a hap lite (should be very similar to the map/map lite) with a very simple configuration that I can share.
by jaclaz
Thu Nov 28, 2024 9:28 pm
Forum: Beginner Basics
Topic: Only one direction PING possible
Replies: 6
Views: 818

Re: Only one direction PING possible

You must have somehow mixed the printout. Let's start with the main router (the one you posted the configuration on first post) you have on it two IP addresses assigned: /ip address add address=192.168.1.1/24 interface=LAN-Bridge network=192.168.1.0 add address=192.168.0.3/24 interface=ether1-WAN ne...
by jaclaz
Thu Nov 28, 2024 7:04 pm
Forum: General
Topic: fingerprinting
Replies: 8
Views: 873

Re: fingerprinting

Wait for 802.11az wide adoption? :shock:
by jaclaz
Thu Nov 28, 2024 7:02 pm
Forum: Beginner Basics
Topic: Best way to setup backup route
Replies: 11
Views: 699

Re: Best way to setup backup route

Because I setup all my forwarding firewall rules to be port specific (eg: rule applies if going out ether1). How do you handle that? Is there a way to make the rules to refer to a group of ports (so it will automatically apply to port 1 and port 3)? Or do I have to duplicate a bunch of rules? Since...
by jaclaz
Thu Nov 28, 2024 5:27 pm
Forum: General
Topic: fingerprinting
Replies: 8
Views: 873

Re: fingerprinting

Excuse me rextended, if I get this right, that means an untold: Hey, user, you won't connect to my wifi. The more knowledgeable users might read the above unwritten message as: Hey, user, you won't connect to my wifi unless you disable the randomized MAC address feature of your device (yes the one t...
by jaclaz
Thu Nov 28, 2024 5:14 pm
Forum: Beginner Basics
Topic: multple vlans same dhcp subnet
Replies: 4
Views: 372

Re: multple vlans same dhcp subnet

...and - as generic advice - don't use VLAN1, it is used internally and can cause issues in a configuration. Use (say) VLAN10 and VLAN20, instead. ether2? Instead of a supout, follow this post here: https://forum.mikrotik.com/viewtopic.php?t=203686#p1051720 and post your (anonymized) configuration. ...
by jaclaz
Wed Nov 27, 2024 7:20 pm
Forum: Wireless Networking
Topic: Connect Mikrotik as Bridge Station to a router from a different company
Replies: 3
Views: 284

Re: Connect Mikrotik as Bridge Station to a router from a different company

If you use the Mikrotik as a switch you need to use one of the available (station-) bridge modes, if you are going to use it as a router, then you want to the "plain" station mode.
by jaclaz
Wed Nov 27, 2024 4:12 pm
Forum: General
Topic: Netinstall issue
Replies: 4
Views: 324

Re: Netinstall issue

Any bright ideas? Cannot say if bright, but once removed possible issues with the Windows firewall, the common advice is to have ONLY the ethernet port in use enabled on the PC (if it is a laptop or however has also another wireless interface - and you did that) and use a dumb switch between the PC...
by jaclaz
Wed Nov 27, 2024 3:49 pm
Forum: Wireless Networking
Topic: Connect Mikrotik as Bridge Station to a router from a different company
Replies: 3
Views: 284

Re: Connect Mikrotik as Bridge Station to a router from a different company

One Mikrotik would be enough. You want to use station pseudobridge mode (or possibly station-pseudobridge-clone). If you have two Mikrotiks, you can use station bridge mode, but if there is a single device connected to the station, there should be no difference in practice between the three and four...
by jaclaz
Wed Nov 27, 2024 11:24 am
Forum: Beginner Basics
Topic: bridge has stopped working, all ports marked as not running
Replies: 12
Views: 643

Re: bridge has stopped working, all ports marked as not running

Maybe it could be changed from "not running" (that does sound like there is a problem with the interface) to something like "no connection" (that would mean both an empty port or a port connected to a device that is off)? :?:
by jaclaz
Wed Nov 27, 2024 11:05 am
Forum: General
Topic: Subnet-to-subnet only works in one direction
Replies: 2
Views: 273

Re: Subnet-to-subnet only works in one direction

You have three bridges? /ip address add address=192.168.131.1/24 interface="Infrastructure Bridge" network=192.168.131.0 add address=192.168.132.1/24 interface="Full-access Bridge" network=192.168.132.0 add address=192.168.133.1/24 interface="Limited-access Bridge" netw...
by jaclaz
Wed Nov 27, 2024 12:07 am
Forum: Beginner Basics
Topic: Setup mAP in reverse config from default
Replies: 18
Views: 959

Re: Setup mAP in reverse config from default

In Mikrotik client is called "station".
And there are a few modes available, you want station pseudobridge, see:
https://help.mikrotik.com/docs/spaces/R ... tion+Modes
by jaclaz
Tue Nov 26, 2024 12:19 pm
Forum: General
Topic: HEX Lite for routing between subnets [SOLVED]
Replies: 26
Views: 1674

Re: HEX Lite for routing between subnets [SOLVED]

I am happy to report that I can finally get UDP packets from the devices to the controller. Thank you to all who contributed!
It would be useful if you could post the final configuration that works for you, so that it can be useful as a reference for other people that may need something similar.
by jaclaz
Mon Nov 25, 2024 8:48 pm
Forum: RouterBOARD hardware
Topic: Quickset modes C53UiG+5HPaxD2HPaxD
Replies: 11
Views: 1370

Re: Quickset modes C53UiG+5HPaxD2HPaxD

This is a snippet from the posted file: /interface wifi # chains not supported set [ find default-name=wifi1 ] channel.skip-dfs-channels=disabled \ configuration.antenna-gain=0 .chains=0,1,2,3,4,5,6,7 .country=Italy \ .dtim-period=1 .hide-ssid=no .manager=local .mode=ap .multicast-enhance=\ disabled...
by jaclaz
Mon Nov 25, 2024 7:01 pm
Forum: Wireless Networking
Topic: Mini ISP Setup, help needed
Replies: 9
Views: 541

Re: Mini ISP Setup, help needed

Yep, but you cannot squeeze lemon juice from cucumbers, if all OP can get is: 300Mbps download / 50Mbps upload. that's it. I would assume that some firewall rules will be needed, the 750 GR3 that can be expected in theory to have 265.2 Mbps routing is weak, the hex refresh at 498.1 Mbps seems like m...
by jaclaz
Mon Nov 25, 2024 2:26 pm
Forum: Wireless Networking
Topic: Mini ISP Setup, help needed
Replies: 9
Views: 541

Re: Mini ISP Setup, help needed

Yep, but you are planning to have 2, 20 or 200 customers? The 750Gr3 as "central router" seems like a very weak device for many users, but if you are convinced that it is powerful enough and if you have to buy new, a new more powerful version of the hex was just released: https://mikrotik....
by jaclaz
Mon Nov 25, 2024 12:07 pm
Forum: Wireless Networking
Topic: wAP ax as replacement for old UniFi AC Pro?
Replies: 9
Views: 665

Re: wAP ax as replacement for old UniFi AC Pro?

Yep, I meant coverage (and its "shape"). Let's take a square room 6m x 6m. The ideal situation would be a cAP in the center of the ceiling as it supposedly toroidal (doughnut) emission shape should cover everything. If you put a wAP on (say) the north wall, in the middle, it will probably ...
by jaclaz
Mon Nov 25, 2024 1:38 am
Forum: General
Topic: Minimum requirement to be a official Mikrotik consultant
Replies: 14
Views: 859

Re: Minimum requirement to be a official Mikrotik consultant

To be fair, "we expect" has a meaning which Is (IMHO) very different from "are required".
It seems more like a "good willing wish" than a contractual clause.
by jaclaz
Mon Nov 25, 2024 1:08 am
Forum: Wireless Networking
Topic: wAP ax as replacement for old UniFi AC Pro?
Replies: 9
Views: 665

Re: wAP ax as replacement for old UniFi AC Pro?

Then probably the wAP is just fine for your use, and the cAP - set aside the 160 MHz width - would have been less suitable. But it is really hard to say as indoors there are reflections/absorptions/whatever that may make the real world coverage different from the theoretical or geometrical one. The ...
by jaclaz
Sun Nov 24, 2024 8:22 pm
Forum: Beginner Basics
Topic: Only one direction PING possible
Replies: 6
Views: 818

Re: Only one direction PING possible

Very likely in routers 3 and 2 you have a route for 0.0.0.0/0 pointing "upstream". And of course in main router you have a route for 0.0.0.0/0 pointing to the ISP router: /ip route add disabled=no distance=1 dst-address=0.0.0.0/0 gateway=192.168.0.1 \ pref-src="" routing-table=ma...
by jaclaz
Sun Nov 24, 2024 7:09 pm
Forum: Wireless Networking
Topic: How to increase wifi signal distance/strenght ?
Replies: 10
Views: 684

Re: How to increase wifi signal distance/strenght ?

I can’t increase the transmit power on my mobile device (in this case the PlayStation 5) but it’s maybe possible to do it on my mikrotik right ? Yep, but it is two way communication. The PS5 may be able to "hear" the Mikrotik if it "shouts", but the Mikrotik may still not be abl...
by jaclaz
Sun Nov 24, 2024 6:57 pm
Forum: Wireless Networking
Topic: wAP ax as replacement for old UniFi AC Pro?
Replies: 9
Views: 665

Re: wAP ax as replacement for old UniFi AC Pro?

Be aware of the meaning of the model name and consequently its radiation pattern: c=ceiling omnidirectional (360°, at least in theory) w=wall directional 90° to maybe 120° or so. The radiation pattern of the Wap seems to be like an off center ball with a flat bottom, see: https://forum.mikrotik.com/...
by jaclaz
Sun Nov 24, 2024 12:26 pm
Forum: General
Topic: Winbox vs Webfig
Replies: 5
Views: 944

Re: Winbox vs Webfig

I like to think that since RouterOS is under the hood a derivative from Linux, GUI parts, both Winbox and Webfig, are "overlays" over textual commands. You can normally connect to a Mikrotik device via SSH (or telnet) and do all the configuration on the command line. What happens - particu...
by jaclaz
Sun Nov 24, 2024 2:29 am
Forum: Wireless Networking
Topic: cAP AC XL to bridge from apartment wifi?
Replies: 5
Views: 408

Re: cAP AC XL to bridge from apartment wifi?

Ah, I see now, you were talking CAD, the price in US$ are correct ( in line with official list price). The cost of shipping seems crazy to me, I understand that Canada is a large country, but the parcel would be small and weight less than half a kg. The cAP ac XL on that same site Is 145 CAD/99 US$,...
by jaclaz
Sat Nov 23, 2024 6:01 pm
Forum: Wireless Networking
Topic: cAP AC XL to bridge from apartment wifi?
Replies: 5
Views: 408

Re: cAP AC XL to bridge from apartment wifi?

The Cap AC XL, before and besides any other consideration, is now an old device, with only 16 Mbyte of storage, which is already starting to be an issue with current Ros v7 (upgrading may be complex). You could consider the newish Wap Ax: https://mikrotik.com/product/wap_ax It is talked about here: ...
by jaclaz
Sat Nov 23, 2024 5:27 pm
Forum: Beginner Basics
Topic: Brand new CRS-305-1G-4S+-IN, login doesn't work
Replies: 12
Views: 2348

Re: Brand new CRS-305-1G-4S+-IN, login doesn't work

There is no secret.
There are some requirements for security mandated by the EU that the good Mikrotik guys believe they are complying with in this way.

JFYI:
viewtopic.php?p=1093341
by jaclaz
Sat Nov 23, 2024 4:10 pm
Forum: General
Topic: HEX Lite for routing between subnets [SOLVED]
Replies: 26
Views: 1674

Re: HEX Lite for routing between subnets [SOLVED]

Ok, I did a few tests in GNS3, and the vrf approach seems to be working (at least I can ping both with ICMP and UDP from PC to the two targets). Setup: VPCS named PC-source set with ip 192.168.0.254/24 connected to ether1 of a Mikrotik CHR (runnning 7.15.3) VPCS named target1 set with ip 192.168.10....
by jaclaz
Fri Nov 22, 2024 5:06 pm
Forum: Beginner Basics
Topic: hAP ax3: change default internet port ether1 to ether2 [SOLVED]
Replies: 23
Views: 1412

Re: hAP ax3: change default internet port ether1 to ether2 [SOLVED]

Yes, that one (with no marker) is static, the one below it is coming from the DHCP and is marked with D (Dynamic). And then you can remove the (only) static rule, the markings on the first: # DST-ADDRESS GATEWAY DISTANCE 0 As+ 0.0.0.0/0 10.221.215.1 1 mean that it is #0 (i.e. you can remove it) then...
by jaclaz
Fri Nov 22, 2024 4:36 pm
Forum: General
Topic: HEX Lite for routing between subnets [SOLVED]
Replies: 26
Views: 1674

Re: HEX Lite for routing between subnets [SOLVED]

I don't know, as said I believe (but I may well be wrong) that netmap maps "everything", but maybe there is the need to specify protocols and/or ports. :? But then it could be that for *some reasons* your tool/program/whatever does not expect this kind of netmapping from/to IP addresses. I...
by jaclaz
Fri Nov 22, 2024 11:07 am
Forum: Beginner Basics
Topic: hAP ax3: change default internet port ether1 to ether2 [SOLVED]
Replies: 23
Views: 1412

Re: hAP ax3: change default internet port ether1 to ether2 [SOLVED]

Yep, but you probably should do the reverse. Remove the static address and let the DHCP client run. Since the DHCP server is managed (I believe) by your ISP if they change it (for whatever reason) to another subnet your static assigned address will become m00t. Moreover the DHCP server will provide ...
by jaclaz
Fri Nov 22, 2024 7:49 am
Forum: Beginner Basics
Topic: hAP ax3: change default internet port ether1 to ether2 [SOLVED]
Replies: 23
Views: 1412

Re: hAP ax3: change default internet port ether1 to ether2 [SOLVED]

It looks mostly fine to me :) , the only thing you should re-check is: /ip address add address=192.168.88.1/24 comment=defconf interface=bridge network=\ 192.168.88.0 add address=10.221.215.2/24 interface=ether5 network=10.221.215.0 /ip dhcp-client add comment=defconf interface=ether5 ether5 has bot...
by jaclaz
Thu Nov 21, 2024 11:13 pm
Forum: Beginner Basics
Topic: hAP ax3: change default internet port ether1 to ether2 [SOLVED]
Replies: 23
Views: 1412

Re: hAP ax3: change default internet port ether1 to ether2 [SOLVED]

The advice Is to NOT touch anymore Quickset, not even for viewing its current settings. Is time you start evolving from absolute beginner, read this post: https://forum.mikrotik.com/viewtopic.php?t=203686#p1051720 and follow the instructions and post your full configuration. There is something "...
by jaclaz
Thu Nov 21, 2024 6:48 pm
Forum: Beginner Basics
Topic: hAP ax3: change default internet port ether1 to ether2 [SOLVED]
Replies: 23
Views: 1412

Re: hAP ax3: change default internet port ether1 to ether2 [SOLVED]

My appologies, I have never seen that eth1 is a combined port. Yep :) , and of course which port has PoE IN is not specified on the Ax3 page, probably it is left as an exercise for the reader. The sad news (OT but not much) are that this sloppy way to document devices and their features is becoming...
by jaclaz
Thu Nov 21, 2024 6:07 pm
Forum: Beginner Basics
Topic: hAP ax3: change default internet port ether1 to ether2 [SOLVED]
Replies: 23
Views: 1412

Re: hAP ax3: change default internet port ether1 to ether2 [SOLVED]

Befor you follow these steps (which are explained quit well!): The eth1 is a PoE in port, you will have to connect the cAP AX to eth5 of the hAP AX3 to have it powering the cAP AX. The ether1 is PoE-Out on the A x 3: https://mikrotik.com/product/hap_ax3 PoE-out Details PoE-out ports Ether 1 PoE out...
by jaclaz
Thu Nov 21, 2024 5:36 pm
Forum: General
Topic: CRS312-4C+8XG - routing performance
Replies: 4
Views: 353

Re: CRS312-4C+8XG - routing performance

Well, the CRS should be written as C R S to better convey the performance of the device. And the proxy for real world performance is the 512 byte packet, so without any firewall rule, it is more like 300 Mbps. For around 1 Gb throughput, I presume with just 1 WAN connection, instead of a replacement...
by jaclaz
Thu Nov 21, 2024 3:10 pm
Forum: Beginner Basics
Topic: Solid blue and flashing link light / New Install
Replies: 3
Views: 282

Re: Solid blue and flashing link light / New Install

What I don't understand from your post is whether you just took the two cubes out of the box(es) and attempted connecting them or if you configured them (via Winbox or Webfig or SSH). In the first case it could be a factory mis-configuration of one device, in the second it could be a mis-configurati...
by jaclaz
Thu Nov 21, 2024 3:03 pm
Forum: General
Topic: HEX Lite for routing between subnets [SOLVED]
Replies: 26
Views: 1674

Re: HEX Lite for routing between subnets [SOLVED]

there must be a typo/inversion in the referenced post :shock: chain is dstnat action is netmap. your: /ip firewall nat add action=dst-nat chain=netmap dst-address=192.168.0.170 to-addresses=192.168.10.2 add action=dst-nat chain=netmap dst-address=192.168.0.171 to-addresses=192.168.10.2 should be: /i...
by jaclaz
Thu Nov 21, 2024 12:47 pm
Forum: General
Topic: HEX Lite for routing between subnets [SOLVED]
Replies: 26
Views: 1674

Re: HEX Lite for routing between subnets [SOLVED]

I would define "rare" the case that something Sob suggests is not working. Post your full configuration, maybe there is *something else* that needs to be corrected or some "wrong" other setting that some of forum members may be able to spot.. Netmap (from what I understand) shoul...
by jaclaz
Thu Nov 21, 2024 12:29 pm
Forum: General
Topic: HEX Lite for routing between subnets [SOLVED]
Replies: 26
Views: 1674

Re: HEX Lite for routing between subnets [SOLVED]

So you are on 6.x (routing-mark in /ip route).
Sob's suggestion here:
viewtopic.php?t=187178#p942405
uses netmap, not dst-nat.
That may (or may not) make a difference.
by jaclaz
Thu Nov 21, 2024 12:23 am
Forum: General
Topic: same subnet
Replies: 6
Views: 699

Re: same subnet

Only as a side note, in the 192.168 range you have only 256 /24 subnets.
In the 10 range you have 256*256=65536.
A collision is still possible, but it is definitely less probable.
Particularly if users use 192.168.x.0/24 ranges :wink:
by jaclaz
Wed Nov 20, 2024 7:25 pm
Forum: General
Topic: HEX Lite for routing between subnets [SOLVED]
Replies: 26
Views: 1674

Re: HEX Lite for routing between subnets [SOLVED]

I think a line must be drawn somewhere, it is not the first and only case why someone might want or need to have several devices with the same IP. Only as examples: https://forum.mikrotik.com/viewtopic.php?t=119134 https://forum.mikrotik.com/viewtopic.php?t=187178 https://forum.mikrotik.com/viewtopi...
by jaclaz
Tue Nov 19, 2024 6:28 pm
Forum: Beginner Basics
Topic: L009UiGS-2HaxD as WiFi Bridge?
Replies: 7
Views: 1124

Re: L009UiGS-2HaxD as WiFi Bridge?

Well, your ISP router should be running a DHCP server, which you want to keep as "authoritative". You can set the Mikrotik as an AP bridge (i.e with all intefaces, including the Radio/Wi-Fi into a single bridge, with only one ether interface - advised - kept out of the bridge for emergency...
by jaclaz
Sun Nov 17, 2024 8:38 pm
Forum: General
Topic: RB3011UiAS Slow Upload [SOLVED]
Replies: 4
Views: 455

Re: RB3011UiAS Slow Upload [SOLVED]

Interesting that the LCD use can have such dramatic consequences. If we consider the usual proxy for real world speed, routing 512 bytes packets with 25 firewall rules:: https://mikrotik.com/product/RB3011UiAS-RM#fndtn-testresults at 452.6 Mbps you are already at the upper limit of what is achievabl...
by jaclaz
Sun Nov 17, 2024 12:05 pm
Forum: Beginner Basics
Topic: L009UiGS-2HaxD as WiFi Bridge?
Replies: 7
Views: 1124

Re: L009UiGS-2HaxD as WiFi Bridge?

Let's clear the requisites/intended setup first. The network/internet is connected by wire to the Mikrotik and you want some devices (printer as an example) to connect wirelessly to it. If this is the case, you want the Mikrotik to be an Access Point, not a client (station). Even if it is technicall...
by jaclaz
Sun Nov 17, 2024 2:49 am
Forum: General
Topic: CRS112-8P low voltage error for 24V POE devices
Replies: 8
Views: 567

Re: CRS112-8P low voltage error for 24V POE devices

... or some sort of step-down-device from 48V to 24V you could just plug between the 48V supply. Or something like that.
... like:

https://mikrotik.com/product/rbgpoe_con_hp
by jaclaz
Sat Nov 16, 2024 12:03 pm
Forum: Beginner Basics
Topic: Netwatch a Windows 11 firewalled client
Replies: 9
Views: 442

Re: Netwatch a Windows 11 firewalled client

You could add a custom rule to the Windows firewall allowing reply to ping only if the ping comes from a given IP address, some examples here: https://www.wintips.org/how-to-allow-ping-in-windows-firewall/ https://superuser.com/questions/1696779/enable-ping-in-windows-server-for-specific-ip-addresse...
by jaclaz
Fri Nov 15, 2024 11:49 am
Forum: Beginner Basics
Topic: Chateau 5G free space problem
Replies: 8
Views: 716

Re: Chateau 5G free space problem

...and that $500 piece of hardware is now discontinued: https://mikrotik.com/product/chateau_5g and the new one has 128 Mb: https://mikrotik.com/product/chateau_5g_ax for around the same price (if you consider some inflation). The good Mikrotik guys were IMHO a bit "tight" when designing t...
by jaclaz
Fri Nov 15, 2024 11:31 am
Forum: RouterBOARD hardware
Topic: Recommend router and switch connected with private fiber
Replies: 38
Views: 2903

Re: Recommend router and switch connected with private fiber

You know, it all depends on the family and their LIAF (Lack of Internet Acceptation Factor), staying a few days without internet might be viewed either as a good, relaxing experience or as an unbearable nightmare. If the cameras are "just for fun" it won't be an issue, but if they are actu...
by jaclaz
Fri Nov 15, 2024 11:05 am
Forum: General
Topic: wAP coverage -- picture included
Replies: 43
Views: 2856

Re: wAP coverage -- picture included

Viktors says wAP stands for "wireless access point". 😉
I think that that is only to distinguish it from wired access points :roll: :wink:
:lol:
by jaclaz
Fri Nov 15, 2024 1:01 am
Forum: RouterBOARD hardware
Topic: Recommend router and switch connected with private fiber
Replies: 38
Views: 2903

Re: Recommend router and switch connected with private fiber

To be fair, 36 bucks at a 7% compound interest could become over 50$ in 5 years time. One of Murphy's Law corollaries tells us that if a SPF fails, it will do so just after 6 PM on Friday or anyway before 1 PM on Saturday. So one needs to evaluate if 4-5 days without the link are worth around 50 dol...
by jaclaz
Thu Nov 14, 2024 11:53 pm
Forum: Wireless Networking
Topic: multiple upgrade cAP XL ac through CAPs Manager
Replies: 2
Views: 291

Re: multiple upgrade cAP XL ac through CAPs Manager

You cannot normally update from 6.x.y to 7.16 directly. The procedure is to first update to 7.12 something and only then update to higher version. Upgrading 18 devices all together without having tested the procedure on a 19th identical device in lab seems to me a bit bold, but maybe I am overcautio...
by jaclaz
Thu Nov 14, 2024 11:09 pm
Forum: General
Topic: Sonos bridge RX looped packet.
Replies: 4
Views: 321

Re: Sonos bridge RX looped packet.

The simple switch may (or may not) use a different loop prevention method (or none at all). The Mikrotik switch may ( or may not) run STP or RSTP or something else: https://www.geeksforgeeks.org/difference-between-spanning-tree-protocol-stp-and-rapid-spanning-tree-protocol-rstp/ You could try disabl...
by jaclaz
Thu Nov 14, 2024 9:11 pm
Forum: Beginner Basics
Topic: Map devices with identical IP to external IP based on port
Replies: 5
Views: 452

Re: Map devices with identical IP to external IP based on port

When you say in Mikrotik (example): 192.168.1.1/24 You are saying: IP address: 192.168.1.1 Netmask: 255.255.255.0 or 24 in CIDR notation When you are saying: 192.168.1.0/24 You are saying: Network: 192.168.1.0 Netmask: 255.255.255.0 or 24 in CIDR notation In some places it may be unneeded, but in mo...
by jaclaz
Thu Nov 14, 2024 8:17 pm
Forum: General
Topic: 💀⚠️CRITICAL: Never trust who provides scripts containing "/import" from "/tool fetch" from external sources.
Replies: 35
Views: 4996

Re: 💀⚠️CRITICAL: Never trust who provides scripts containing "/import" from "/tool fetch" from external sources.

Depends where you live, in small communities, people with same interest/occupation gathers and talk, you never know what you can find out... Well, in small communities you don't even need to share interests or occupation, if the boyfriend of the cousin of the friend of your brother-in-law likes a f...
by jaclaz
Thu Nov 14, 2024 8:01 pm
Forum: General
Topic: 💀⚠️CRITICAL: Never trust who provides scripts containing "/import" from "/tool fetch" from external sources.
Replies: 35
Views: 4996

Re: 💀⚠️CRITICAL: Never trust who provides scripts containing "/import" from "/tool fetch" from external sources.

Key word "environment", which makes company environments much more sensitive than home users environment. If somehow I find out that my ISP is using such way to update their router, from public source script without proper automated source checks / sanitization, I will be concerned and pr...
by jaclaz
Thu Nov 14, 2024 7:52 pm
Forum: RouterBOARD hardware
Topic: Recommend router and switch connected with private fiber
Replies: 38
Views: 2903

Re: Recommend router and switch connected with private fiber

Sure, you can disable radios just fine.

Then (what I would do if radios is disabled and the antennas are unwanted) you should replace the big ears with dummy loads, to be on the safe side.
by jaclaz
Thu Nov 14, 2024 6:59 pm
Forum: Scripting
Topic: Address lists downloader (DShield, Spamhaus DROP/EDROP, etc)
Replies: 307
Views: 88453

Re: Address lists downloader (DShield, Spamhaus DROP/EDROP, etc)

But there is nothing to argue about, when doing *anything* there are some risks involved, everyone should be able to evaluate these risks and decide whether to take them or not.

Personally, if it wasn't that I need internet access, I would have only air-gapped systems :wink: .
:lol:
by jaclaz
Thu Nov 14, 2024 6:39 pm
Forum: Scripting
Topic: Address lists downloader (DShield, Spamhaus DROP/EDROP, etc)
Replies: 307
Views: 88453

Re: Address lists downloader (DShield, Spamhaus DROP/EDROP, etc)

The raised issue is not related to MITM attacks, possible attack vector is the following, whenever you "blindly" trust a third party and use a given external address/domain on which you have not full control: 1) someone (in perfect good faith) provides a service of some kind 2) you connect...
by jaclaz
Thu Nov 14, 2024 6:05 pm
Forum: Wireless Networking
Topic: Problem with Wireless, DHCP does not working. [SOLVED]
Replies: 4
Views: 419

Re: Problem with Wireless, DHCP does not working. [SOLVED]

Possibly not connected to your issue, but you have a couple instances of "something" with an asterisk followed by a (hex) number, this means that there was something with a valid name/reference that was later deleted or renamed. These entries are in the best case doing nothing, in the wors...
by jaclaz
Thu Nov 14, 2024 5:51 pm
Forum: Beginner Basics
Topic: Time problem all the time
Replies: 4
Views: 348

Re: Time problem all the time

How can I check if the time is synchronized in which log?
In the normal log there should be an entry each time the date/time is synchronized via NTP, an entry *like*:
2024-09-19T07:47:44.224614-04:00 system,critical,info ntp change time Sep/18/2024 23:16:01 => Sep/19/2024 07:47:44
by jaclaz
Thu Nov 14, 2024 4:58 pm
Forum: General
Topic: wAP AC wireless or qcom?
Replies: 14
Views: 712

Re: wAP AC wireless or qcom?

So extensive they missed 2 reboot steps to make it clear, as shown by the last posts in this thread :lol:
"Extensive" does not necessarily mean "accurate", let alone "clear".
:lol:
by jaclaz
Thu Nov 14, 2024 11:45 am
Forum: SwOS
Topic: RB260GS - Cannot reset to factory defaults [SOLVED]
Replies: 10
Views: 736

Re: RB260GS - Cannot reset to factory defaults [SOLVED]

Is there a way of netinstall RB260GS? Yes and no :shock: No netinstall, but BOOTP/TFTP should work, see: https://forum.mikrotik.com/viewtopic.php?t=145981 The info is now here: https://wiki.mikrotik.com/SwOS/RB250_RB260#Reinstall_SwOS_firmware In any case the ACT led needs to be blinking, so that i...
by jaclaz
Thu Nov 14, 2024 11:22 am
Forum: RouterBOARD hardware
Topic: HEX S sometimes fails to start properly [SOLVED]
Replies: 7
Views: 1148

Re: HEX S sometimes fails to start properly [SOLVED]

Happy to hear a story of success. :)
by jaclaz
Thu Nov 14, 2024 11:15 am
Forum: RouterBOARD hardware
Topic: Recommend router and switch connected with private fiber
Replies: 38
Views: 2903

Re: Recommend router and switch connected with private fiber

Well, a camera stream can be in order of magnitude of 2 to 4 Mbps (high resolution ones 8 Mbps), good old rule of the thumb is double the camera resolution if using (as most do) H.264, see:
https://reolink.com/blog/ip-camera-band ... lculation/

So a few cameras won't make a problem in your setup.
by jaclaz
Thu Nov 14, 2024 11:01 am
Forum: Beginner Basics
Topic: Time problem all the time
Replies: 4
Views: 348

Re: Time problem all the time

Also, in log, you should see when the time changes and by what amount, the sync should happen once every day or less often and the change should be seconds at the most. The "default" mode for the NTP client is "unicast", unless you have reasons for it to be set as "multicast...
by jaclaz
Wed Nov 13, 2024 9:27 pm
Forum: Beginner Basics
Topic: Map devices with identical IP to external IP based on port
Replies: 5
Views: 452

Re: Map devices with identical IP to external IP based on port

Well, you have something wrong in the way you copied the configuration here adapting to your addresses. The configuration posted by Sob there: https://forum.mikrotik.com/viewtopic.php?t=187178#p942405 is the "reverse" of the one you just posted, and it uses an approach that is (was) intend...
by jaclaz
Wed Nov 13, 2024 11:37 am
Forum: RouterBOARD hardware
Topic: Recommend router and switch connected with private fiber
Replies: 38
Views: 2903

Re: Recommend router and switch connected with private fiber

I don't think that the one or the other solution would give you any particular issue or advantage, they seem to me substantially the same in performance, and given the 50/100 internet speed they are both fine, speedwise. If you can afford the higher expense, the two L009's would IMHO be better for a...
by jaclaz
Wed Nov 13, 2024 1:22 am
Forum: Wireless Networking
Topic: wAP ax?
Replies: 246
Views: 28202

Re: wAP ax?

WAP has seemingly a much higher WAF.
by jaclaz
Tue Nov 12, 2024 11:54 pm
Forum: Wireless Networking
Topic: Brand New 2024 SXT LTE Kit Connection Issue.
Replies: 3
Views: 311

Re: Brand New 2024 SXT LTE Kit Connection Issue.

What you report Is strange, if I get It right.

Use network APN must be set to no if you are manually setting an APN, if use network APN is set to yes, the one you are providing will be ignored, see:
viewtopic.php?t=210031
by jaclaz
Tue Nov 12, 2024 8:34 pm
Forum: Beginner Basics
Topic: How does (my) firewalling/routing work? [SOLVED]
Replies: 14
Views: 895

Re: How does (my) firewalling/routing work? [SOLVED]

I'll work on that later when wife is in bed. I want to stay married. Well, JFYI, if you happen to accidentally cut off internet, it is unlikely that the marriage will break up :o , the outcome is usually either that of wife not talking to you for several days or deciding - since there is nothing be...
by jaclaz
Tue Nov 12, 2024 7:23 pm
Forum: Beginner Basics
Topic: Dual APN Question - Use a second APN for a specific device
Replies: 7
Views: 900

Re: Dual APN Question - Use a second APN for a specific device

Let's go one by one. #1 If you try "/ip route print" in terminal, you will find that the routes you are getting (after a reboot) come from the DHCP client(s) and likely have a distance of 0 or 1 (i.e. they are "very near"). You can do two things (up to you to decide which one or ...
by jaclaz
Tue Nov 12, 2024 12:46 pm
Forum: RouterBOARD hardware
Topic: RB951Ui-2HnD port Running (R- flag) without cable connected to it
Replies: 5
Views: 491

Re: RB951Ui-2HnD port Running (R- flag) without cable connected to it

Maybe new package, but from the looks of the one in the picture not new devices. From the screenshot, ether4 transmits something but doesn't receive anything (and this could be - though I cannot imagine how - some false contact or the like mistaking an empty port for a connected one) but ether2 tran...
by jaclaz
Tue Nov 12, 2024 11:52 am
Forum: General
Topic: Firewall ports are open but replication wont work. Please help
Replies: 1
Views: 256

Re: Firewall ports are open but replication wont work. Please help

Hmmm. :? This: add action=accept chain=forward disabled=yes dst-address=192.168.13.145 in-interface= *11 out-interface=bridge1 while might not be related to the issue at hand (it is disabled so, not actually running), is a sign that the router config has been changed/edited the *11 (more generally a...
by jaclaz
Tue Nov 12, 2024 10:49 am
Forum: Beginner Basics
Topic: Set Up problem
Replies: 6
Views: 551

Re: Set Up problem

Vista specifically should not be an issue, there are generically some possible issues with netinstall under windows, connected to its firewall and/or - when doing it on a laptop - with services and programs installed by the manufacturer, but usually they lead to netinstall not seeing the router requ...
by jaclaz
Mon Nov 11, 2024 8:11 pm
Forum: Beginner Basics
Topic: Cant get Wireguard client to work
Replies: 50
Views: 3302

Re: Cant get Wireguard client to work

Should not be related, but:
/interface list member
add interface=bridge1 list=LAN
add interface=ether1 list=WAN
add interface=wireguard1 list=LAN

wireguard1 should be WAN conceptually.
by jaclaz
Mon Nov 11, 2024 6:07 pm
Forum: Beginner Basics
Topic: How does (my) firewalling/routing work? [SOLVED]
Replies: 14
Views: 895

Re: How does (my) firewalling/routing work? [SOLVED]

Yolks on me, much thanks!!!!
You are welcome :) , but you still have to correct the first three.
(I am worrying about people that may copy and paste these rules without critically checking them)
by jaclaz
Mon Nov 11, 2024 5:58 pm
Forum: Beginner Basics
Topic: How does (my) firewalling/routing work? [SOLVED]
Replies: 14
Views: 895

Re: How does (my) firewalling/routing work? [SOLVED]

anav, you probably have a typo, those "AUTHORIZED" and "DNS/port 53" rules should be on input chain, not forward, right? :?
by jaclaz
Mon Nov 11, 2024 2:49 pm
Forum: Beginner Basics
Topic: How does (my) firewalling/routing work? [SOLVED]
Replies: 14
Views: 895

Re: How does (my) firewalling/routing work? [SOLVED]

Only as a side note, your exported entries are just fine, "disabled=yes" is Mikrotik's way to explicit the enable state and your D marked lines sport "disabled=yes" just fine. The advised approach, as jvanhambelgium stated, is to have a set of explicit rules targeting the traffic...
by jaclaz
Mon Nov 11, 2024 1:12 pm
Forum: RouterBOARD hardware
Topic: Product idea: rack mountable PoE injector
Replies: 10
Views: 979

Re: Product idea: rack mountable PoE injector

Active ones (802.3af/at) do exist, *like*:
https://www.newegg.com/p/3C6-001B-009D5?
by jaclaz
Mon Nov 11, 2024 11:12 am
Forum: Beginner Basics
Topic: Configuring wireless on wAP R from zero
Replies: 15
Views: 893

Re: Configuring wireless on wAP R from zero

I agree that the the firmware should be aligned to software :) , what I am not convinced of is to set it as automatic, since the software update is anyway advised as been done manually, I don't see how having the firmware set to automatic is "better", you have anyway to remember to reboot ...
by jaclaz
Mon Nov 11, 2024 10:47 am
Forum: Beginner Basics
Topic: Completely lost with regards to VLANs
Replies: 8
Views: 599

Re: Completely lost with regards to VLANs

The first rule is to not use VLAN 1 (it can be used but you should really know what you are doing), rename them to VLAN 10 and VLAN 20, to exclude possible issues that are very difficult to find and troubleshoot.

The complete guide is here:
viewtopic.php?t=143620
by jaclaz
Mon Nov 11, 2024 10:41 am
Forum: Scripting
Topic: "ip route find where' strange behavior
Replies: 10
Views: 693

Re: "ip route find where' strange behavior

I see, right idea, but wrong cat. :wink:
by jaclaz
Sun Nov 10, 2024 12:44 pm
Forum: Beginner Basics
Topic: Configuring wireless on wAP R from zero
Replies: 15
Views: 893

Re: Configuring wireless on wAP R from zero

... although personally I use the later ... Couldn't that be called "preaching virtue but practicing vice"? :shock: :lol: Seriously, I have found at least one case where firmware upgrading caused issues (in an old 6.4x.yz version): https://forum.mikrotik.com/viewtopic.php?t=180096 It seem...
by jaclaz
Sun Nov 10, 2024 12:13 pm
Forum: Scripting
Topic: "ip route find where' strange behavior
Replies: 10
Views: 693

Re: "ip route find where' strange behavior

Maybe "routes" is a reserved variable name, try using "myroute" instead of "routes". And/or try with put instead of assigning the result to a variable. Also, you can probably remove the "where" (but that shouldn't change anything): https://forum.mikrotik.com/v...
by jaclaz
Sun Nov 10, 2024 11:20 am
Forum: Beginner Basics
Topic: Configuring wireless on wAP R from zero
Replies: 15
Views: 893

Re: Configuring wireless on wAP R from zero

Yes, limited to the routeboard firmware, automatic update is probably OK, still the usual advice is to have Routerboard firmware release "aligned" to the Ros (let's call it "software") version, so if setting the one, there is the risk to have it automatically be one or more versi...
by jaclaz
Sun Nov 10, 2024 2:28 am
Forum: Beginner Basics
Topic: Set Up problem
Replies: 6
Views: 551

Re: Set Up problem

Also, maybe It Is not your case, but before connecting a device to internet you should make sure to disable all services but Winbox and limit It to LAN interface(s), possibly changing its default port number. AND add a new user, give It full powers, and a strong password and remove or disable the de...
by jaclaz
Sun Nov 10, 2024 2:09 am
Forum: Beginner Basics
Topic: Configuring wireless on wAP R from zero
Replies: 15
Views: 893

Re: Configuring wireless on wAP R from zero

Please allow me to doubt the advice in #1, the good Mikrotik guys are not particularly cautious when tagging a release as "stable" and - if not common - it is far from unusual that in releases marked as stable (and thus subject of automatic updates) new or regression bugs appear. Of course...
by jaclaz
Sat Nov 09, 2024 8:07 pm
Forum: Wireless Networking
Topic: Half a Bridge Is NOT Better Than None!
Replies: 2
Views: 266

Re: Half a Bridge Is NOT Better Than None!

Only hurricane winds or heavy rain too?

JFYI, issues with water have been reported several times:
viewtopic.php?t=189614
by jaclaz
Thu Nov 07, 2024 11:21 pm
Forum: Wireless Networking
Topic: wAP ax?
Replies: 246
Views: 28202

Re: wAP ax?

Well, access points on external walls seem to me a rather common need.

Anyway the coverage Is surely not 180 degrees, more like 120 or less.

On the other thread here:
viewtopic.php?t=212255
the shape of emissions is described with links to the FCC documentation.
by jaclaz
Thu Nov 07, 2024 11:14 am
Forum: General
Topic: wAP coverage -- picture included
Replies: 43
Views: 2856

Re: wAP coverage -- picture included

maybe an option like mANTBox ax 15s can be considered, i know is not so cheap as the wAP but can be very useful https://mikrotik.com/product/mantbox_ax_15s Yep, but I think OP is already beyond the WAP, a Netmetal Ax (+antenna(s)) is going to cost much more. What is not clear (to me) is how wide th...
by jaclaz
Wed Nov 06, 2024 2:26 pm
Forum: General
Topic: Loopback interface sending DHCP broadcasts [SOLVED]
Replies: 7
Views: 601

Re: Loopback interface sending DHCP broadcasts [SOLVED]

... and it is Rule #4 of my Mikrotik Club Rules:
1) You do not use VLAN1
2) You DO NOT use VLAN1
3) You do not use Quickset
4) You do not use detect internet
5)....

If the good Mikrotik guys would remove it, I would need to change the list ... :lol:
by jaclaz
Wed Nov 06, 2024 12:11 pm
Forum: Wireless Networking
Topic: Cube 60ac Pro not connecting.
Replies: 2
Views: 326

Re: Cube 60ac Pro not connecting.

Unless you changed the original configuration, the Cube Pro original one has a static IP 192.168.88.3 or 192.168.88.2 on the ethernet port, it is not grabbing it from anywhere, so it sounds like the device is not booting properly, and - even if the IP is gone because the configuration is invalid - t...
by jaclaz
Wed Nov 06, 2024 12:00 pm
Forum: General
Topic: VLANs - there has to be a simpler way!
Replies: 17
Views: 1250

Re: VLANs - there has to be a simpler way!

If I may, there are some inconsistencies in the actual question. There are seemingly two of them: 1) Is there a simple way to VLAN? 2) How can I have a Guest network? Answers: #1 No, it is a complex, advanced topic. #2 Yes, actually two ways, one at L3 level (tangent) and one at L2 level (original M...
by jaclaz
Tue Nov 05, 2024 11:44 pm
Forum: General
Topic: wAP coverage -- picture included
Replies: 43
Views: 2856

Re: wAP coverage -- picture included

They are not common, but they exist.
Example:
https://www.quwireless.com/product/qusector-7v-120-2
120 degrees, dual connector, mimo 2x2.
by jaclaz
Tue Nov 05, 2024 3:35 pm
Forum: Beginner Basics
Topic: Problem with failover to backup ISP [SOLVED]
Replies: 10
Views: 708

Re: Problem with failover to backup ISP [SOLVED]

And again /ip route print will show whether the routes are static or dynamic or if coming from the dhcp, etc..
by jaclaz
Tue Nov 05, 2024 11:05 am
Forum: Beginner Basics
Topic: Problem with failover to backup ISP [SOLVED]
Replies: 10
Views: 708

Re: Problem with failover to backup ISP [SOLVED]

Provide the output of /ip route print, twice, once when in the "normal" state and once when you have the ISP WAN cable detached, as it will be more clear what actually happens. As a side note, and JFYI, another possible approach (IMHO simpler): https://forum.mikrotik.com/viewtopic.php?t=19...
by jaclaz
Tue Nov 05, 2024 10:55 am
Forum: General
Topic: VLANs - there has to be a simpler way!
Replies: 17
Views: 1250

Re: VLANs - there has to be a simpler way!

Just to be clear, this config only applies to the cAP? There's no additional config for the hEX? If not, the new firewall rules being added to the cAP won't affect the current set of rules on the hEX? Yes and no. Yes, the "tangent's way" only applies to the cAp, but no, the described appr...
by jaclaz
Tue Nov 05, 2024 1:23 am
Forum: General
Topic: VLANs - there has to be a simpler way!
Replies: 17
Views: 1250

Re: VLANs - there has to be a simpler way!

What if I told you that you don't *need* a VLAN?

https://tangentsoft.com/mikrotik/wiki?n ... ns%20VLANs
by jaclaz
Mon Nov 04, 2024 11:35 pm
Forum: Beginner Basics
Topic: hAP ac2 - help me make it into a simple managed switch please
Replies: 11
Views: 729

Re: hAP ac2 - help me make it into a simple managed switch please

Ah, ok, I thought that mac-telnet was dependent on telnet service, good to know that it Is instead completely independent and thus must be restricted separately.
by jaclaz
Mon Nov 04, 2024 6:57 pm
Forum: Beginner Basics
Topic: hAP ac2 - help me make it into a simple managed switch please
Replies: 11
Views: 729

Re: hAP ac2 - help me make it into a simple managed switch please

Thank you :) , so one should go for the: https://help.mikrotik.com/docs/spaces/ROS/pages/328229/IP+Services way and disable services, to prevent access from anything but Winbox, then, if I get it right, the none in mac-server has in practice the same effect as disabling the telnet service, but this ...
by jaclaz
Mon Nov 04, 2024 5:56 pm
Forum: General
Topic: wAP coverage -- picture included
Replies: 43
Views: 2856

Re: wAP coverage -- picture included

No, the device comes without antennas. The photo on Mikrotik store is more explicit :wink: https://www.mikrotik-store.eu/media/images/org/L23UGSR-5HaxD2HaxD-NM-Beispielantennen_1.png The top cover has two passages so you would normally use two external antenna connected with a (short) piece of cable...
by jaclaz
Mon Nov 04, 2024 5:39 pm
Forum: Beginner Basics
Topic: hAP ac2 - help me make it into a simple managed switch please
Replies: 11
Views: 729

Re: hAP ac2 - help me make it into a simple managed switch please

I see now, that prevents telnet connections, thanks :) .(I wish the good Mikrotik guys had called it "/tool mac-server telnet") But the moment the device has an IP address one can still connect via browser/webfig? :? I.e. is there a need for a firewall rule *like*: /ip firewall filter add ...
by jaclaz
Mon Nov 04, 2024 2:09 pm
Forum: General
Topic: wAP coverage -- picture included
Replies: 43
Views: 2856

Re: wAP coverage -- picture included

@infabo Maybe we should rename to: CSS->CASS (Cloud Actually Switching Switch) and CRS->CARS (Cloud Almost Routing Switch) @flynno Maybe stupid question, but aren't the two HGO-antenna-OUT directly mounted too near to each other to do any good? I know it is even on Mikrotik official pictures: https:...
by jaclaz
Mon Nov 04, 2024 1:17 pm
Forum: Scripting
Topic: Voltage monitoring script not working in ROS v7
Replies: 4
Views: 735

Re: Voltage monitoring script not working in ROS v7

I think it is a matter of (double) quotes. The dot means "concatenate" (same as - to give you an example - & in Excel formulas), text and variable(s) needs to be separated. And seemingly you missed a closing round bracket (or maybe they are not needed. Your test: /tool e-mail send to=e...
by jaclaz
Mon Nov 04, 2024 12:58 pm
Forum: Beginner Basics
Topic: Not enough permissions? [SOLVED]
Replies: 17
Views: 1637

Re: Not enough permissions? [SOLVED]

Bravo... Grazie. :) Though I am not convinced that my hypothesis holds, I think that attackers won't spend much time on a "difficult" device (unless of course it is a targeted attack) it is far easer for them go looking for another one, I presume that they go for the low-hanging fruits (t...
by jaclaz
Mon Nov 04, 2024 12:14 pm
Forum: Beginner Basics
Topic: hAP ac2 - help me make it into a simple managed switch please
Replies: 11
Views: 729

Re: hAP ac2 - help me make it into a simple managed switch please

@anav Now that the OP issue is solved, can we talk of the absolute minimum configuration? In my perverted mind it would be: /interface bridge add admin-mac=<tt:uu:vv:xx:yy:zz> admin-mac=no name=bridge1 /interface bridge port add bridge=bridge1 interface=all /ip dhcp client add disabled=no interface=...
by jaclaz
Mon Nov 04, 2024 11:48 am
Forum: General
Topic: wAP coverage -- picture included
Replies: 43
Views: 2856

Re: wAP coverage -- picture included

In case you missed: this thread was about wAP and @Normis tried to explain that wAP (due to being wall AP) doesn't really have spherical radiation pattern. Well, we do have a drawing: https://fccid.io/TV7WAPGR52AX/Test-Report/Antenna-specification-7634095 I think we can define the pattern as "...
by jaclaz
Mon Nov 04, 2024 11:21 am
Forum: RouterBOARD hardware
Topic: Chateau LTE18 ax what Antenna Ports?
Replies: 2
Views: 793

Re: Chateau LTE18 ax what Antenna Ports?

Reading the manual would help: https://help.mikrotik.com/docs/spaces/UM/pages/141197416/Chateau+LTE18+ax the hint is here. Antenna usage SMA connectors are for LTE antennas. External antenna sockets are located on the back of the device. Device comes with connected wireless antennas, LTE antennas ar...
by jaclaz
Sun Nov 03, 2024 5:11 pm
Forum: RouterBOARD hardware
Topic: Support for external LTE antennas
Replies: 11
Views: 1188

Re: Support for external LTE antennas

They do sell this pigtail: https://mikrotik.com/product/acsmaufl Which should be a hint towards the DIY path, but if I get it right the U.fl connector(s) are on the actual modem card, so it can be applied to *any* of their LtE products. Example for the WAP ac LTE6: https://forum.mikrotik.com/viewtop...
by jaclaz
Sun Nov 03, 2024 2:50 pm
Forum: Wireless Networking
Topic: Connection lost when lease extended?
Replies: 16
Views: 1517

Re: Connection lost when lease extended?

If it is a new installation, it doesn't surprise me that much, it is not unusual that the settings need to be tweaked/tuned, these new devices have a lot of "delicate" settings. Only anecdotal data, and likely completely unrelated to your case, but not so long ago I had a largish Viessman ...
by jaclaz
Sun Nov 03, 2024 2:16 pm
Forum: Beginner Basics
Topic: Separate internet while using 3 modems
Replies: 12
Views: 808

Re: Separate internet while using 3 modems

Well, yes, firewall is the thing that might (or might not) allow the ports on the different subnets to talk to each other, so, it is about firewall. Not so sure about routing, in the sense that the routes (at IP level) should be autogenerated in the Mikrotik router, i.e. come out as DAC (dynamic, ac...
by jaclaz
Sun Nov 03, 2024 11:57 am
Forum: Beginner Basics
Topic: Separate internet while using 3 modems
Replies: 12
Views: 808

Re: Separate internet while using 3 modems

"Forcing" the internet access to the one or the other router (ether1/ether2/ether3) could be - I believe - done with routing rules based on source ports (ether4/ether5/ether6): https://help.mikrotik.com/docs/spaces/ROS/pages/59965508/Policy+Routing The other requirement (windows share acro...
by jaclaz
Sat Nov 02, 2024 8:54 pm
Forum: Beginner Basics
Topic: L009UiGS-2HaxD as WiFi Bridge?
Replies: 7
Views: 1124

Re: L009UiGS-2HaxD as WiFi Bridge?

No, different devices have (or have not) a number of quicksets (it seems like more recent ones have few of them that's why I asked if your L009 had it). It is not a bad thing in an absolute way, as quickset is known to be prone to cause issues, unless used "from clean" (and this piece of i...
by jaclaz
Sat Nov 02, 2024 4:59 pm
Forum: Beginner Basics
Topic: Not enough permissions? [SOLVED]
Replies: 17
Views: 1637

Re: Not enough permissions? [SOLVED]

What we don't know (or at least I don't know) is what changes the attackers make to the router configuration, it is possible that they do not make any besides changing the permissions to user "admin" and adding the "system" one (of which they set the password to a complex one). I...
by jaclaz
Sat Nov 02, 2024 4:19 pm
Forum: Beginner Basics
Topic: Can Ping websites. No internet when trying to access
Replies: 4
Views: 425

Re: Can Ping websites. No internet when trying to access

Let's see how accurate is my crystal ball (I just got it back from the guy that tunes it, but sometimes he doesn't set it right ): a. User 1: J***** K******, commonly called "dad", age 48, Sagittarius User 2: F**** G******, commonly called "mom" age 47, Gemini User 3: R**** K****...
by jaclaz
Sat Nov 02, 2024 3:53 pm
Forum: Beginner Basics
Topic: L009UiGS-2HaxD as WiFi Bridge?
Replies: 7
Views: 1124

Re: L009UiGS-2HaxD as WiFi Bridge?

If I get it right you want to have your L009 in the garage as a "client[1]" to an Access Point that is in your home, right? Is the Access Point also a Mikrotik device or not? The WiFi standards do not really cover this usage, so different manufactures have worked around with different solu...
by jaclaz
Fri Nov 01, 2024 6:06 pm
Forum: Wireless Networking
Topic: Connection lost when lease extended?
Replies: 16
Views: 1517

Re: Connection lost when lease extended?

Side question, but do you really-really need DHCP client on the boiler?
I mean, if you don't go around with your access point (be it the ax or the ax2) the boiler should be pretty much static.
Cannot you set it to a static address and see if the disconnecitons continue or stop?
by jaclaz
Fri Nov 01, 2024 11:50 am
Forum: The Dude
Topic: Teltonika SMS gateway for notifikations
Replies: 3
Views: 452

Re: Teltonika SMS gateway for notifikations

No idea about the actual issue, but also the board parser seems to behave just like you describe, it "interrupts" the hyperlink on the first space (after the "The"). So it could be something similar. Try replacing the spaces with %20, a http URL must contain no spaces: https://fo...
by jaclaz
Fri Nov 01, 2024 11:14 am
Forum: Beginner Basics
Topic: Help with setting up my first Mikrotik
Replies: 5
Views: 511

Re: Help with setting up my first Mikrotik

From what I understand the default configuration is good enough in most cases, particularly, for an internet facing router, do not change the firewall rules until you have understood them[1] (which definitely will take some time) and make sure that interfaces are correctly categorized as LAN and WAN...
by jaclaz
Fri Nov 01, 2024 1:35 am
Forum: Wireless Networking
Topic: SXTsq 5ac as a PtP link - looking for suggestions for improvements
Replies: 8
Views: 1069

Re: SXTsq 5ac as a PtP link - looking for suggestions for improvements

Very interesting, thanks. All the tweaks you did make a lot of sense to me, what I find surprising Is the relevance of the positioning. 5 db difference in 10-15 cm displacement seems a lot, I wonder what the reason could be for such a dramatic change at such a short distance, I believed that there w...
by jaclaz
Thu Oct 31, 2024 4:47 pm
Forum: RouterBOARD hardware
Topic: Hap AX3 as an access point
Replies: 15
Views: 1653

Re: Hap AX3 as an access point

Is the power supply provided with the RB5009 sufficient? That is a 24V 1,5A power adapter. Yes and no (actually no and yes, but ...) :shock: . The power supply provided with the "PoE Out" version of the RB5009 (RB5009 UPr +S+IN ) is the 48V 2A: https://mikrotik.com/product/48v2a96w so it ...
by jaclaz
Thu Oct 31, 2024 2:02 pm
Forum: General
Topic: Small bug in DHCP Relay settings 6.49.17 [SOLVED]
Replies: 2
Views: 326

Re: Small bug in DHCP Relay settings 6.49.17 [SOLVED]

Ah, OK :) , I tried again (started from scratch after a reset with no default configuration to be sure) and you are right, though the "logic" is inverted, I can confirm that now it works as you described, then it was only a false alarm, sorry :oops: I wonder how it could have happened yest...
by jaclaz
Thu Oct 31, 2024 11:58 am
Forum: General
Topic: Small bug in DHCP Relay settings 6.49.17 [SOLVED]
Replies: 2
Views: 326

Small bug in DHCP Relay settings 6.49.17 [SOLVED]

While doing some "crazy" experiments on a hap lite running 6.49.17 I happened to find a "strange" thing related to the /ip dhcp-relay. I tried adding a dhcp relay: /ip dhcp-relay add dhcp-server=192.168.1.151 interface=bridge1 name=relay1 ok. The I tried adding a second one, and ...
by jaclaz
Thu Oct 31, 2024 11:18 am
Forum: Beginner Basics
Topic: POE Questions
Replies: 9
Views: 678

Re: POE Questions

Good (all is well that ends well). :) The 8.9 W (183 mA@48.9V) that you see on the RB5009 is what I would have expected for a device that is essentially a media converter/modem, but even if you add to it the wireless (and that is enough to have the Mikrotik freak out) the added draw for the radio(s)...
by jaclaz
Thu Oct 31, 2024 10:47 am
Forum: RouterBOARD hardware
Topic: Hap AX3 as an access point
Replies: 15
Views: 1653

Re: Hap AX3 as an access point

Not that it anywhere documented properly, but the RB5009UPr+S+IN should be compatible with BOTH 802.3af/at (the latter limited to 440 mA) AND with the "old" Mikrotik passive power @24V. If you power the RB5009 at 24V (by either passive PoE or jack/terminal) it will output 24V (Passive PoE ...
by jaclaz
Wed Oct 30, 2024 7:40 pm
Forum: Wireless Networking
Topic: SXTsq 5ac as a PtP link - looking for suggestions for improvements
Replies: 8
Views: 1069

Re: SXTsq 5ac as a PtP link - looking for suggestions for improvements

Contacted LinITX.com and they helped me tweak the settings on both APs. Now I am getting solid 400-500Mbps link between the aerials and I am very happy with the bridge! And, unless they are a trade secrets, can you share these tweaks? (I am assuming that they are "generic good practice" t...
by jaclaz
Wed Oct 30, 2024 7:25 pm
Forum: Beginner Basics
Topic: Not enough permissions? [SOLVED]
Replies: 17
Views: 1637

Re: Not enough permissions? [SOLVED]

Check the users you have. A normal Mikrotik (default) has only "admin" as user (and it is generally recommended to change the name to something else). There are botnets that try to accesa Mikrotik devices and if they succeed, they remove permissions from "admin" and add a user &q...
by jaclaz
Wed Oct 30, 2024 4:38 pm
Forum: Beginner Basics
Topic: POE Questions
Replies: 9
Views: 678

Re: POE Questions

But your splitter is one with the conversion at 12V? It is entirely possible that the "default" power supply is oversized ( and by turning off the radio surely you reduced the power needed). As well it is possible that a device provided with a 12V supply actually accepts a much wider range...
by jaclaz
Wed Oct 30, 2024 11:50 am
Forum: General
Topic: WireGuard link on 7.15 gets stuck after peer was down, a ping or cycling the peer will unstuck it [SOLVED]
Replies: 16
Views: 4161

Re: WireGuard link on 7.15 gets stuck after peer was down, a ping or cycling the peer will unstuck it [SOLVED]

You could experiment with the Mikrotik Cloud service: https://help.mikrotik.com/docs/spaces/ROS/pages/97779929/Cloud#Cloud-Updatetime no idea how fast it is (and whether its uptime is reliable enough). From the little experience I have with NTP, the time it takes to sync is "random", somet...
by jaclaz
Wed Oct 30, 2024 11:30 am
Forum: Beginner Basics
Topic: Secondary WAN and failover setup hap ax2 (7.16) for a beginner [SOLVED]
Replies: 60
Views: 3807

Re: Secondary WAN and failover setup hap ax2 (7.16) for a beginner [SOLVED]

It seems just fine to me :) in the sense that it should work, but is not really what I suggested. The idea was that the manual addresses given to the Mikrotik interfaces should be outside the range of the addresses the DHCP of the ISP and LTE would lease, so that when/if you connect additionally ano...
by jaclaz
Wed Oct 30, 2024 1:25 am
Forum: Beginner Basics
Topic: Brand new CRS-305-1G-4S+-IN, login doesn't work
Replies: 12
Views: 2348

Re: Brand new CRS-305-1G-4S+-IN, login doesn't work

New passwords do not contain those characters anymore.
Sure, but how do you know whether the device ericmason64 is having issues with has an "old style" or a "new style" password?
by jaclaz
Tue Oct 29, 2024 11:04 pm
Forum: Beginner Basics
Topic: Brand new CRS-305-1G-4S+-IN, login doesn't work
Replies: 12
Views: 2348

Re: Brand new CRS-305-1G-4S+-IN, login doesn't work

Be very aware of possible ambiguous characters like oO0, Il1, G6, B8, S5, Z2, the password Is usually written in tiny characters in a not particularly readable font.
by jaclaz
Tue Oct 29, 2024 10:52 pm
Forum: Beginner Basics
Topic: Secondary WAN and failover setup hap ax2 (7.16) for a beginner [SOLVED]
Replies: 60
Views: 3807

Re: Secondary WAN and failover setup hap ax2 (7.16) for a beginner [SOLVED]

Of course It depends, but usually DHCP servers (in *any* device) are pre- configured to not cover the whole address space of the network. As an example, Mikrotik devices are usually configured (defconf) for addresses 192.168.88.10 to 192.168.88.254, while keeping for itself 192.168.88.1. (the wirele...
by jaclaz
Tue Oct 29, 2024 8:06 pm
Forum: Beginner Basics
Topic: POE Questions
Replies: 9
Views: 678

Re: POE Questions

It looks a lot like an Altice UBC1326 (AA00) made by UBEE in Vietnam. I thought that our good guys at italian TIM/Telecom were good at re-branding/re-naming routers in the most confusing manner possible :shock: , but it seems like the french SFR people are even better at it :lol: . Check here: https...
by jaclaz
Tue Oct 29, 2024 4:35 pm
Forum: General
Topic: RouterOS x86, no support for Chelsio T540 VF? [SOLVED]
Replies: 47
Views: 2515

Re: RouterOS x86, no support for Chelsio T540 VF? [SOLVED]

Maybe it is just a case of serendipity, one of the good Mikrotik developers had this driver/fix/whatever ready in his drawer but never found the time/opportunity to add it to ROS, and crosswind's request just triggered the mechanism that allowed adding it to the next release. About the UEFI booting ...
by jaclaz
Tue Oct 29, 2024 4:16 pm
Forum: Beginner Basics
Topic: POE Questions
Replies: 9
Views: 678

Re: POE Questions

Post the exact model of that ISP box, maybe specs can be found. Loosely, if the replacement power supply is @12V, it seems like it wants 12V (or maybe 24V) while the Mikrotik will output PoE at the highest available power source (in your case only the default power brick @48V). The PoE splitter that...
by jaclaz
Tue Oct 29, 2024 12:46 pm
Forum: Wireless Networking
Topic: Best hardware for indoor extension of high speed wireless connection
Replies: 6
Views: 696

Re: Best hardware for indoor extension of high speed wireless connection

I see, in historical buildings - besides the (high) costs - the paperwork/authorizations are usually an issue (please read as "huge PITA").. It is strange how each country has different (besides standards) local uses when it comes to wiring. When I was living in Germany for a short period ...
by jaclaz
Tue Oct 29, 2024 2:24 am
Forum: Wireless Networking
Topic: Mikrotik hAP ax2 as a media bridge, versus other options (Mikrotik models or others)
Replies: 4
Views: 836

Re: Mikrotik hAP ax2 as a media bridge, versus other options (Mikrotik models or others)

Unlike what one could imagine from intuition a higher antenna gain is not necessarily correlated with "better" or "faster" connection. If norms are followed, there is a limit in the output power of the device (tramission), It depends on the device, but if the limit on a given cha...
by jaclaz
Tue Oct 29, 2024 2:13 am
Forum: Wireless Networking
Topic: RF Characteristics of hAP AC Lite
Replies: 8
Views: 532

Re: RF Characteristics of hAP AC Lite

Well, if 2.4GHz only is needed, maybe the Ax Lite should be considered.
by jaclaz
Tue Oct 29, 2024 1:18 am
Forum: General
Topic: RouterOS x86, no support for Chelsio T540 VF? [SOLVED]
Replies: 47
Views: 2515

Re: RouterOS x86, no support for Chelsio T540 VF? [SOLVED]

how is it possible for someone to get a "Forum Guru" tag while being so confidently and completely wrong about something like this? No correlation, JFYI. As an example, I got mine automatically when reaching a certain number of posts, the tag is independent from my knowledge or how much a...
by jaclaz
Mon Oct 28, 2024 2:53 pm
Forum: Wireless Networking
Topic: Mikrotik hAP ax2 as a media bridge, versus other options (Mikrotik models or others)
Replies: 4
Views: 836

Re: Mikrotik hAP ax2 as a media bridge, versus other options (Mikrotik models or others)

If the "source" is "slow" it is not like having an AX device will make it faster, from what you write, an AC Lite TC seems like a good bet:
https://mikrotik.com/product/RB952Ui-5ac2nD-TC
by jaclaz
Mon Oct 28, 2024 2:31 pm
Forum: Wireless Networking
Topic: RF Characteristics of hAP AC Lite
Replies: 8
Views: 532

Re: RF Characteristics of hAP AC Lite

Here is a (better) photo of the AC Lite TC. The board seems identical, and definitely in one corner (now top left on this photo) there are two PCB antennas on two contiguous sides, so at 90°: https://nanoteh.md/en/quickview/9858 https://6e616e6f7465680a.ultracdn.net/radix/img/items/20210219/11/602f8...
by jaclaz
Mon Oct 28, 2024 2:17 pm
Forum: RouterBOARD hardware
Topic: Replacement rack ear screws
Replies: 4
Views: 492

Re: Replacement rack ear screws

A fellow forum user @arnd did measurements and posted results in this post . I strongly believe that all MT rack-mountable devices use same type of "ear mounting" screws... But I don't fully trust that piece of info because of this post (about the 4011 that has a different way to mount ea...
by jaclaz
Mon Oct 28, 2024 1:15 pm
Forum: Wireless Networking
Topic: RF Characteristics of hAP AC Lite
Replies: 8
Views: 532

Re: RF Characteristics of hAP AC Lite

Here is a maybe better description: https://www.arednmesh.org/comment/10459#comment-10459 One connector is definitely in the left hand corner, but you are right, the other two are on the opposite side of the PCB. In any case the thingy seems intended to stay flat, not vertical, at least in the inten...
by jaclaz
Mon Oct 28, 2024 12:57 pm
Forum: RouterBOARD hardware
Topic: Replacement rack ear screws
Replies: 4
Views: 492

Re: Replacement rack ear screws

Can you check the measure of the hole and the thickness of the ear? The screws should be either M4 8 mm length, or M3 6 mm, but if they are a couple mm longer it shouldn't be an issue. Or you can get a suitable kit on (say) Amazon, example: https://www.amazon.com/SZHKM-480pcs-Assortment-Stainless-As...
by jaclaz
Mon Oct 28, 2024 11:09 am
Forum: Wireless Networking
Topic: RF Characteristics of hAP AC Lite
Replies: 8
Views: 532

Re: RF Characteristics of hAP AC Lite

Look if you can find some data on the FCC documents: https://fccid.io/TV7RB952-5AC2ND In the internal photo: https://fccid.io/TV7RB952-5AC2ND/Internal-Photos/Internal-Photos-3088357 the two antennas are the two dark blocks in bottom left corner, they should be omnidirectional thus emissions should h...
by jaclaz
Mon Oct 28, 2024 10:48 am
Forum: Wireless Networking
Topic: WiFi Disconnect Issues with hAP ax² - Seeking Advice on Stable Version and Future Updates
Replies: 8
Views: 1328

Re: WiFi Disconnect Issues with hAP ax² - Seeking Advice on Stable Version and Future Updates

Yep, I understand, but due to the way Mikrotik creates the updates (since they "mix" bug fixes with new features) just updating because a new version came out can actually be less safe. :shock: The same new feature that creates the instability (whatever it is) may well - for all we know - ...
by jaclaz
Sun Oct 27, 2024 8:06 pm
Forum: Wireless Networking
Topic: Best hardware for indoor extension of high speed wireless connection
Replies: 6
Views: 696

Re: Best hardware for indoor extension of high speed wireless connection

Coax cables (of course it depends on the exact type and on the actual conditions they are in) can actually be very fast, up to 2.5 Gb in theory, but the quality of the cables matters, I think that realistically something around 1 GB can be achieved on *any* coaxial cable. MoCA adapters/converters ca...
by jaclaz
Sun Oct 27, 2024 5:49 pm
Forum: RouterBOARD hardware
Topic: Recommend router and switch connected with private fiber
Replies: 38
Views: 2903

Re: Recommend router and switch connected with private fiber

Well, RouiterOS 7 (on a beefy enough device, such as a RB5009, but given the slow internet connection also an Ax2/3 might do, cannot say) can run containers, including Pi-hole and Adguard.

No idea how complex (or simple) it is to run one.
by jaclaz
Sun Oct 27, 2024 2:30 pm
Forum: General
Topic: hap ax3 random wireless disconnects
Replies: 140
Views: 16279

Re: hap ax3 random wireless disconnects

7.15 patch notes include wifi-qcom driver update.
I thought that the issues were caused mainly by that driver update :shock: , it doesn't sound like a desired new functionality ... :lol:
by jaclaz
Sun Oct 27, 2024 2:10 pm
Forum: Beginner Basics
Topic: Secondary WAN and failover setup hap ax2 (7.16) for a beginner [SOLVED]
Replies: 60
Views: 3807

Re: Secondary WAN and failover setup hap ax2 (7.16) for a beginner [SOLVED]

@KiwiBloke I believe the question is up for debate, and possible answers to it can be different depending on use and hardware involved, some devices (ISP router and LTE modem router) might have very good built-in firewalls or may have not any. If we take for granted that the Mikrotik firewall is the...
by jaclaz
Sun Oct 27, 2024 10:14 am
Forum: Scripting
Topic: Script for CENTRAL-BACKUPS
Replies: 3
Views: 454

Re: Script for CENTRAL-BACKUPS

Only to clear how it seems like we ( baragoon, rextended and myself) are a bunch of crazy guys there was an initial post by user andreacar: https://forum.mikrotik.com/memberlist.php?mode=viewprofile&u=225916 promoting an article on his blog: https://andreacaracciolo.it/2024/10/26/mikrotik-centra...
by jaclaz
Sun Oct 27, 2024 9:59 am
Forum: Beginner Basics
Topic: Secondary WAN and failover setup hap ax2 (7.16) for a beginner [SOLVED]
Replies: 60
Views: 3807

Re: Secondary WAN and failover setup hap ax2 (7.16) for a beginner [SOLVED]

Rethinking about it, I think this is "normal" (and had to be expected) due to the dynamic nature of the setup. It should be tested/checked, but this is what I believe it is happening: 1) Since the route to the LTE is created by the LTE modem DHCP, when you turn it off it simply disappears ...
by jaclaz
Sun Oct 27, 2024 9:38 am
Forum: RouterBOARD hardware
Topic: Recommend router and switch connected with private fiber
Replies: 38
Views: 2903

Re: Recommend router and switch connected with private fiber

I would probably go with two L009 since they are switches with SFP Hmmm. You must have missed the memo about the "on the cheap" requirement :wink: , you go to the OP parents telling them how it is much better to spend 2x119$=238$ instead of 2x40=80$ to be able to switch at 1352.09 Mbps (i...
by jaclaz
Sat Oct 26, 2024 8:14 pm
Forum: RouterBOARD hardware
Topic: Recommend router and switch connected with private fiber
Replies: 38
Views: 2903

Re: Recommend router and switch connected with private fiber

Or you could do with a couple of these:
https://www.crxconec.com/en/product/CC-10-00026.html

You can find them as Intellinet IWP-BOX SC-6 or EAN : 4049759111489, at least here they can be found for 7/10 €/each.
by jaclaz
Sat Oct 26, 2024 7:51 pm
Forum: Scripting
Topic: Script for CENTRAL-BACKUPS
Replies: 3
Views: 454

Re: Script for CENTRAL-BACKUPS

I can translate the "article" easily, in one sentence: Here is a video about it: https://www.youtube.com/watch?v=YRscjpVouXA No subtitles, nice (tiny) quad Winbox screenshots. Maybe someone with a huge screen, putting youtube fullscreen, may be able to read something in it. BTW the site re...
by jaclaz
Sat Oct 26, 2024 6:18 pm
Forum: RouterBOARD hardware
Topic: Recommend router and switch connected with private fiber
Replies: 38
Views: 2903

Re: Recommend router and switch connected with private fiber

Yep, as I see it, if you go down the rack avenue go down it in full (and it has a steep price), otherwise either have long cables from the wall or use wall plates on a box, and keystones all the way. The Hex/hexS/hex refresh are not "rack mountable", the RB5009 or the L009 (say) and higher...
by jaclaz
Sat Oct 26, 2024 12:37 pm
Forum: General
Topic: How to block YouTube effectively
Replies: 44
Views: 17712

Re: How to block YouTube effectively

"you get internet on your workplace and you are not allowed to use it to stream youtube for background music and video, if we find you doing that you are fired on the spot". Then you don't have to worry about site blocking anymore. https://www.imdb.com/title/tt0079470/quotes/?item=qt04719...
by jaclaz
Sat Oct 26, 2024 12:01 pm
Forum: RouterBOARD hardware
Topic: Recommend router and switch connected with private fiber
Replies: 38
Views: 2903

Re: Recommend router and switch connected with private fiber

Yep, but don't take me as an example of "clean", "neat" cables architect. As long as something works, it is enough for me (I know people that buy patch cables with a given colour because they fit better in the environment). I like orange cables, they give you a sense of calm urge...
by jaclaz
Sat Oct 26, 2024 11:33 am
Forum: Wireless Networking
Topic: Connect to Hotel Wifi
Replies: 21
Views: 2588

Re: Connect to Hotel Wifi

It is strange, "consumer" devices all have a basic default configuration (including firewall) AFAIK (all with comment "defconf"). Typical default firewall set (it may depend on the exact version of RouterOS yoiu are running, these come from 6.48.6) /ip firewall filter add action=...
by jaclaz
Sat Oct 26, 2024 2:55 am
Forum: RouterBOARD hardware
Topic: Recommend router and switch connected with private fiber
Replies: 38
Views: 2903

Re: Recommend router and switch connected with private fiber

Well, a wall plate Is 11$, a patch panel has at least 4 connector and It Is more around 70$, if you don't see the difference, your parents surely will. :roll: :wink: But yes, if you are going to make anyway a panel (why?[1]) you can add a fiber keystone to It. [1] I mean, you are not going to put to...
by jaclaz
Sat Oct 26, 2024 2:32 am
Forum: General
Topic: RouterOS x86, no support for Chelsio T540 VF? [SOLVED]
Replies: 47
Views: 2515

Re: RouterOS x86, no support for Chelsio T540 VF? [SOLVED]

Amm0 has a dedicated GitHub repository with the updated scripts/mods, AND pre-made corrected images, see here: https://forum.mikrotik.com/viewtopic.php?t=184254 https://github.com/tikoci/fat-chr/releases You can try one of the pre-made images. There are no issues when updating, once an image works i...
by jaclaz
Fri Oct 25, 2024 11:43 pm
Forum: Wireless Networking
Topic: WiFi Disconnect Issues with hAP ax² - Seeking Advice on Stable Version and Future Updates
Replies: 8
Views: 1328

Re: WiFi Disconnect Issues with hAP ax² - Seeking Advice on Stable Version and Future Updates

If I may, a meta-question. Why (the heck) are most people here on the forum obsessed with updating? Besides the obvious mistakes the good Mikrotik guys insist on making, pushing out new versions without appropriate testing, and mixing all together, without even an attempt to prioritize them, new fea...
by jaclaz
Fri Oct 25, 2024 11:15 pm
Forum: General
Topic: RouterOS 7 WAN failover -- ARP?
Replies: 11
Views: 695

Re: RouterOS 7 WAN failover -- ARP?

I have no idea how easy It was in v6, but It can be fairly easy in v7.

JFYI:
viewtopic.php?t=198999
by jaclaz
Fri Oct 25, 2024 8:36 pm
Forum: Beginner Basics
Topic: so I can use cAP ax as my router?!?! [SOLVED]
Replies: 9
Views: 837

Re: so I can use cAP ax as my router?!?! [SOLVED]

The "efficiently" depends on the Mikrotik device involved, the mentioned map lite is barely capable of routing 100 Mbps (but it is a 3.5 W device) a Cap AX is rather capable and should top at around 1 Gbps (but it is 11 W). Even if you can, it doesn't mean you should, an hap Ax2 is a more ...
by jaclaz
Fri Oct 25, 2024 8:04 pm
Forum: RouterBOARD hardware
Topic: Recommend router and switch connected with private fiber
Replies: 38
Views: 2903

Re: Recommend router and switch connected with private fiber

Well, if you hadn't this "fiber opportunity", anyone would have advised you a CAT6 cable, 1 Gb speed. With the two RB260GS, you need (for single mode fiber) two of these: https://mikrotik.com/product/S-31DLC20D-181 and thus get a 1.25 Gb connection. A camera feed may be what 10-15 Mbps? Hi...
by jaclaz
Fri Oct 25, 2024 7:02 pm
Forum: Beginner Basics
Topic: Can POE be "daisy chained" ?
Replies: 1
Views: 275

Re: Can POE be "daisy chained" ?

Yes and no, mostly no. CSS610-8P-2S+IN PoE-out Details PoE-out ports Ether1-Ether8 PoE out 802.3af/at Max out per port output (input 18-30 V) 1000 mA Max out per port output (input 30-57 V) 625 mA Total output power 140 CRS112-8P-4S-IN Powering Details Number of DC inputs 2 (DC jack) DC jack input V...
by jaclaz
Fri Oct 25, 2024 4:00 pm
Forum: RouterBOARD hardware
Topic: Recommend router and switch connected with private fiber
Replies: 38
Views: 2903

Re: Recommend router and switch connected with private fiber

If you are on the cheap, you can get away with two RB260GS'. one on each side of the 250 feet fiber, list price 2x$39.95. The "main" router (in the house), for the low speeds you are going to get from the ISP, could be an Ax2 or Ax3 (99-139$) and you would save one AP. Or even an Ax Lite (...
by jaclaz
Thu Oct 24, 2024 7:00 pm
Forum: Wireless Networking
Topic: Best hardware for indoor extension of high speed wireless connection
Replies: 6
Views: 696

Re: Best hardware for indoor extension of high speed wireless connection

How are the coaxial cables laid?

Fiber is really thin (much thinner than a coaxial cable (or any ethernet > CAT3 cable), and can normally replace old cables in *any* conduit/paasage/hole, the only thing one needs to be careful with is small (very small) radius curves.
by jaclaz
Thu Oct 24, 2024 3:08 pm
Forum: Wireless Networking
Topic: Poor Wi-Fi range on cAP AX
Replies: 15
Views: 1153

Re: Poor Wi-Fi range on cAP AX

I don't see any AX3 falling from the ceiling ... I got a couple hanging upside down (also AC3, exact same enclosure). That plastic foot is designed to be used for it. Vertical mount on desk, horizontal mount on desk but also wall mount and ceiling mount . Interesting. :roll: Instead of a large blac...
by jaclaz
Thu Oct 24, 2024 12:45 pm
Forum: Wireless Networking
Topic: Poor Wi-Fi range on cAP AX
Replies: 15
Views: 1153

Re: Poor Wi-Fi range on cAP AX

Of course I will drill the housing and on the end they will be outside and I will have kind of white & black spider on the wall. Naaah, you don't want that HGO antenna, besides it being black, it has not the hinge at the bottom, they are straight to the connector only. You can get a (white) thi...
by jaclaz
Thu Oct 24, 2024 10:57 am
Forum: RouterBOARD hardware
Topic: rbwsAP-5hac2nd discontinued
Replies: 5
Views: 4263

Re: rbwsAP-5hac2nd discontinued

The newish Wap Ax may be suitable, without the base/support it can be wall mounted and it is small enough to be unobtrusive:

viewtopic.php?t=196813
https://www.wifihw.cz/img.asp?attid=3848208
by jaclaz
Wed Oct 23, 2024 8:20 pm
Forum: General
Topic: hAC ax2 Mode Button To Power Off and Power On when pressed? [SOLVED]
Replies: 5
Views: 469

Re: hAC ax2 Mode Button To Power Off and Power On when pressed? [SOLVED]

Don't unplug/replug, and certainly don't make your parents do that. Buy an extension cable with a switch (with light) and a surge protector. mkx is very correct in describing the best possible approach, but it must be convenient for the user. I can imagine (old) parents unplugging, but I have diffic...
by jaclaz
Wed Oct 23, 2024 4:16 pm
Forum: Beginner Basics
Topic: Auto Failover 2 ISP SAME Ip Range
Replies: 1
Views: 287

Re: Auto Failover 2 ISP SAME Ip Range

Well, you have the same IP range, but different IP addresses 192.168.3. 3 and 192.168.3. 4 , so it is nothing "special", it is a normal situation with two distinct gateways. The only issue may be if one of the two gateways is also a DHCP server, if that device goes down you will have troub...
by jaclaz
Wed Oct 23, 2024 11:33 am
Forum: General
Topic: Datasheet for new improved hEX?
Replies: 66
Views: 6872

Re: Datasheet for new improved hEX?

I use these quite a lot, anything I buy gets swapped over to a multi 2.1-2.5mm plug, I did a couple of items last week, a new record player and my hAP ax2 which are now rocking this type of dual plug https://www.farnell.com/datasheets/2286781.pdf Interesting hobby :shock: , voiding warranties of ne...
by jaclaz
Tue Oct 22, 2024 11:35 pm
Forum: Beginner Basics
Topic: why my computer assigned IANA IP?
Replies: 39
Views: 1835

Re: why my computer assigned IANA IP?

Unlikely, Power/Power management issues should not influence MAC addresses or DHCP mis-assignments.
by jaclaz
Tue Oct 22, 2024 9:12 pm
Forum: Beginner Basics
Topic: why my computer assigned IANA IP?
Replies: 39
Views: 1835

Re: why my computer assigned IANA IP?

was reading some forums and someone suggested this: https://support.windwardsoftware.com/support/solutions/articles/66000487622-disable-power-saving-and-power-options-in-windows it doesn't work the behavior doesnt change at reboot Sure, last time my car engine didn't start I did make sure that tire...
by jaclaz
Tue Oct 22, 2024 9:02 pm
Forum: General
Topic: Datasheet for new improved hEX?
Replies: 66
Views: 6872

Re: Datasheet for new improved hEX?

Well, several resellers provide this info (which is missing on Mikrotik power supplies official pages), example: https://www.batna24.com/en/p/mikrotik-saw302401200ga-power-supply-rmmip Anyway, it is a "standard" 5.5mm*2.1mm DC Plug. Should be 11 mm long, but I have seen in the wild slightl...
by jaclaz
Tue Oct 22, 2024 7:27 pm
Forum: Beginner Basics
Topic: why my computer assigned IANA IP?
Replies: 39
Views: 1835

Re: why my computer assigned IANA IP?

It is a long time I don't deal with docking stations, so this info may be outdated/not applicable, there are two kinds of docking stations, AFAICR, one that *somehow* bridges the laptop network card (sort of passthrough and thus has the same MAC on the network), and one that has an own, different fr...
by jaclaz
Tue Oct 22, 2024 2:25 am
Forum: Beginner Basics
Topic: why my computer assigned IANA IP?
Replies: 39
Views: 1835

Re: why my computer assigned IANA IP?

In terminal, run
/log print
then you can copy and paste the text.
by jaclaz
Mon Oct 21, 2024 2:42 am
Forum: Beginner Basics
Topic: why my computer assigned IANA IP?
Replies: 39
Views: 1835

Re: why my computer assigned IANA IP?

Conceptually an APIPA address Is generated when these two happen: 1) a device connected has a DHCP client 2) for *some reasons* the DHCP server fails to lease an address to it A computer that falls back to an APIPA address will try periodically to get a "proper" IP address from the DHCP se...
by jaclaz
Sun Oct 20, 2024 6:32 pm
Forum: Beginner Basics
Topic: why my computer assigned IANA IP?
Replies: 39
Views: 1835

Re: why my computer assigned IANA IP?

Yes, you can delete it. But do check again the ARP list in a week time, APIPA addresses tend to appear out of nowhere on wednesday and friday nights (with or without a full moon) :wink: :lol: . Seriously, a same given MAC can have more than one IP address, that APIPA one most likely was created at t...
by jaclaz
Sun Oct 20, 2024 6:22 pm
Forum: Scripting
Topic: KNOT - Execute AT commands through a script [SOLVED]
Replies: 3
Views: 420

Re: KNOT - Execute AT commands through a script [SOLVED]

Yep :) , the link to thread #207137 you just posted looks very different from the link to the thread #207137 I suggested. :lol:
by jaclaz
Sun Oct 20, 2024 5:12 pm
Forum: General
Topic: disconnected, register to other interface
Replies: 9
Views: 849

Re: disconnected, register to other interface

It depends on what you want to do. As mkx wrote Note that in new wifi drivers it's not possible to disable legacy radio standards, it's only possible to cap it to certain radio standards and disable newest ones (yes, sometimes this can be necessary). and according to this: https://forum.mikrotik.com...
by jaclaz
Sun Oct 20, 2024 4:57 pm
Forum: Beginner Basics
Topic: No internet access HAP AC lite LTE 6
Replies: 6
Views: 455

Re: No internet access HAP AC lite LTE 6

A presumably default firewall configuration can be extracted from this thread: https://forum.mikrotik.com/viewtopic.php?t=199154 /ip firewall filter add action=accept chain=input comment="defconf: accept established,related,untracked" connection-state=established,related,untracked add acti...
by jaclaz
Sun Oct 20, 2024 4:51 pm
Forum: Scripting
Topic: KNOT - Execute AT commands through a script [SOLVED]
Replies: 3
Views: 420

Re: KNOT - Execute AT commands through a script [SOLVED]

It is not easy/straightforward, and there are limitations. For ARM devices there is a "better" solution through a container: https://forum.mikrotik.com/viewtopic.php?t=193785 the same thread contains some hints towards the possibility of using /interface/ppp-client/at-chat: https://forum.m...
by jaclaz
Sun Oct 20, 2024 4:20 pm
Forum: Beginner Basics
Topic: mikrotik advanced Firewall Rules
Replies: 9
Views: 882

Re: mikrotik advanced Firewall Rules

So, if I get this right, the three rules are a way to write something logically *like* (pseudo-pseudo code):
IF (NOT LAN AND NOT WAN) THEN DROP
or "accept only from LAN and WAN"
Correct? :?:
Good to know. :)
by jaclaz
Sun Oct 20, 2024 2:54 pm
Forum: General
Topic: disconnected, register to other interface
Replies: 9
Views: 849

Re: disconnected, register to other interface

What is wrong with allowing 802.11b for 2ghz? Not a direct answer to your question, but I have read in multiple places how having b enabled slows down connection. I don' t think it is really-really true, in the sense that having it enabled AND having a b device connected does slow it a bit, but hav...
by jaclaz
Sun Oct 20, 2024 2:01 pm
Forum: Beginner Basics
Topic: add an DNS server to Mikrotik router
Replies: 6
Views: 1374

Re: add an DNS server to Mikrotik router

This should be the cleaned up version in CODE tags: # 2024-10-04 18:08:16 by RouterOS 7.16 # software id = UE3C-1FI0 # # model = RB760iGS # serial number = /interface bridge add admin-mac=00:00:00:00:00:00 auto-mac=no comment=defconf name=local \ port-cost-mode=short /interface ethernet set [ find d...
by jaclaz
Sun Oct 20, 2024 12:59 pm
Forum: Wireless Networking
Topic: hAP ax^3 - AP-Bridge support
Replies: 12
Views: 936

Re: hAP ax^3 - AP-Bridge support

Are we allowed to state that the adjective "graceful" cannot be used to describe the transition between old and new/wireless and wifi/capsman and capsman(2)? :?
:lol:
by jaclaz
Sun Oct 20, 2024 12:44 pm
Forum: RouterBOARD hardware
Topic: RB941-2ND/TC Still Produce/Support?
Replies: 7
Views: 1343

Re: RB941-2ND/TC Still Produce/Support?

Yep, but would it be better an egg today tomorrow or a hen tomorrow some unknown time in the future? :?:
:lol:
by jaclaz
Sun Oct 20, 2024 12:37 pm
Forum: Virtualization
Topic: Router OS 7 on UEFI
Replies: 65
Views: 14114

Re: Router OS 7 on UEFI

Hey! When I was setting up ROS 7.1.3 on Hyper-V Gen2, I found it helpful to use a VHDX file for the installation. Make sure the image you’re using is compatible with UEFI boot since that can cause issues if it’s not. I had some trouble downloading the image smoothly too, so I ended up switching net...
by jaclaz
Sun Oct 20, 2024 3:09 am
Forum: Beginner Basics
Topic: ISP modem and MikroTik (CRS310-8G+2S+IN) no link on interface, cannot connect to internet
Replies: 16
Views: 4433

Re: ISP modem and MikroTik (CRS310-8G+2S+IN) no link on interface, cannot connect to internet

It Is still not at all clear ( to me ) if the issue Is just the DHCP client or something else. I would try the following experiment: 1) connect ISP router->dumb switch->Mikrotik (ether1) 2) the ether1 should get an IP address and connection established 3) check which ip the ether1 got, with /ip addr...
by jaclaz
Sat Oct 19, 2024 8:05 pm
Forum: RouterBOARD hardware
Topic: RB941-2ND/TC Still Produce/Support?
Replies: 7
Views: 1343

Re: RB941-2ND/TC Still Produce/Support?

Surely there are a few "holes" in Mikrotik product range, the hex is now to be considered "obsolete" an the "new hex" is near to be ready for production/sale: https://mt.lv/hex_october the plan seems to be selling it for the same price of the current hex (same 50-60 pri...
by jaclaz
Sat Oct 19, 2024 5:27 pm
Forum: RouterBOARD hardware
Topic: RB941-2ND/TC Still Produce/Support?
Replies: 7
Views: 1343

Re: RB941-2ND/TC Still Produce/Support?

But if mikrotik has similar product, with minimum all port gigabit Ethernet, dual core arm64 processor, 1024MB Ram and 512MB Internal Storage, USB 3.0, and price still under $50, I think I will save money and consider to buy new mikrotik hardware. ... and also be able to make coffee (black, strong ...
by jaclaz
Sat Oct 19, 2024 2:51 pm
Forum: Beginner Basics
Topic: Need help and suggestions for new network
Replies: 14
Views: 887

Re: Need help and suggestions for new network

And - IMHO - leave the desktop alone, unless it is a low power one (but then probably it won't have enough "juice" to run with 10 Gb interfaces) . Until a few years ago (with much slower networks) it made a lot of sense to use re-purposed desktops passive cooled thin clients to do any kind...
by jaclaz
Fri Oct 18, 2024 11:20 pm
Forum: General
Topic: External antenna for MikroTik mAP 2nD [SOLVED]
Replies: 6
Views: 1869

Re: External antenna for MikroTik mAP 2nD [SOLVED]

Yes and no.
Yes It will work.
No that Is not intended for permanent connection, It Is a kind of probe, for temporary connection and It Is too long to be practical.

But this should do:
https://it.aliexpress.com/item/1005007500175358.html
the key is the "mini".
by jaclaz
Fri Oct 18, 2024 2:53 pm
Forum: Beginner Basics
Topic: Need help and suggestions for new network
Replies: 14
Views: 887

Re: Need help and suggestions for new network

There are two sides to your "underlying" issue. If you think you can outsmart your kids, you are wrong :shock: , they will find a way out, before or later. But on the other hand, knowing that - one way or the other - you will lose your battle, you (and them) can still have a lot of fun fig...
by jaclaz
Fri Oct 18, 2024 11:12 am
Forum: Scripting
Topic: import dry-run inconsistent results (bug?)
Replies: 3
Views: 702

Re: import dry-run inconsistent results (bug?)

The line x column 24 corresponds to just before the = sign in "set [ find default-name=" Could it be that (for *whatever* reason) the issue is in the path? I.e. would a one liner work? /interface wifi set [ find default-name=wifi1 ] configuration.manager=capsman datapath=capdp disabled=no ...
by jaclaz
Fri Oct 18, 2024 12:43 am
Forum: Beginner Basics
Topic: Need help and suggestions for new network
Replies: 14
Views: 887

Re: Need help and suggestions for new network

I will throw on the table the idea of using wall access points *like* the TP-Link EAP615-Wall: https://www.tp-link.com/en/business-networking/omada-sdn-access-point/eap615-wall/ No idea if these specific devices are any good, but the concept seems perfect for a newly cabled building, a small PoE pow...
by jaclaz
Thu Oct 17, 2024 11:16 pm
Forum: RouterBOARD hardware
Topic: RB5009 vs RB4011
Replies: 8
Views: 2106

Re: RB5009 vs RB4011

Naah, with a RB5009/L009 rackmount kit K-79 you can mount a single RB5009 in a standard rack: https://mikrotik.com/product/rb5009_mount#fndtn-gallery https://cdn.mikrotik.com/web-assets/rb_images/2071_hi_res.png The list price of the two routers Is the same $219, It Is strange that on your local mar...
by jaclaz
Thu Oct 17, 2024 1:53 am
Forum: Beginner Basics
Topic: hAP ax^3 - access to NAS
Replies: 11
Views: 2296

Re: hAP ax^3 - access to NAS

Cannot really say. Windows (not only 10/11, also - though in a minor way - also Vista and 7) has a lot of complications related to networking, like the differences between private and public network and in 10 and 11 additionally there are some default rules in the internal firewall that may well pre...
by jaclaz
Wed Oct 16, 2024 11:45 pm
Forum: RouterBOARD hardware
Topic: Any recommendation for 57V PSU (RB5009)?
Replies: 10
Views: 2015

Re: Any recommendation for 57V PSU (RB5009)?

As often happens It depends, while having the lowest acceptable voltage may be a good thing for the internal power supply, It Is not such a good thing for the cable (and connectors). If we have an hypothetical powered device that accepts *any* voltage and needs the same 24W of the previous example, ...
by jaclaz
Wed Oct 16, 2024 9:15 pm
Forum: RouterBOARD hardware
Topic: Any recommendation for 57V PSU (RB5009)?
Replies: 10
Views: 2015

Re: Any recommendation for 57V PSU (RB5009)?

I wouldn't go to the max voltage (57V). It won't bring you any benefit over 48V. Better to get a beefy 48V PSU than a flimsy 57V. The router's internal electronics (DC/DC converter) will step down the voltage anyway. It's never a good idea to operate a device at its absolute maximum ratings if you ...
by jaclaz
Wed Oct 16, 2024 8:32 pm
Forum: Beginner Basics
Topic: Airprint for guest network
Replies: 8
Views: 1081

Re: Airprint for guest network

... and the usual advice: don't use VLAN1 on Mikrotiks.
by jaclaz
Wed Oct 16, 2024 5:40 pm
Forum: Beginner Basics
Topic: hAP ax^3 - access to NAS
Replies: 11
Views: 2296

Re: hAP ax^3 - access to NAS

Typically you add all ports to the bridge and disable the DHCP server, the device will become a "switch". The DHCP client that normally runs on ether1 can then be removed (it should become disabled anyway the moment ether1 becomes slave to the bridge). The device should be "pass-throu...
by jaclaz
Wed Oct 16, 2024 3:34 pm
Forum: Beginner Basics
Topic: Mikrotik novice and PTP setup
Replies: 11
Views: 857

Re: Mikrotik novice and PTP setup

So, the two configuration you posted are working? Good. :) The general advice is to not use the default "admin" as username, what is happening at large is that on devices on which there is not a valid (secure) password set and the (only) user is "admin" and the device is accessib...
by jaclaz
Wed Oct 16, 2024 12:11 am
Forum: Beginner Basics
Topic: hAP ax^3 - access to NAS
Replies: 11
Views: 2296

Re: hAP ax^3 - access to NAS

For simple setups, there Is only one device that acts as router, this Is either the ISP modem/router or - if that device Is used only essentially as modem/adapter, the first device behind It, vital as firewall. This device Is the border between WAN (outside, here be lions) and LAN (inside, home). Ev...
by jaclaz
Tue Oct 15, 2024 11:21 pm
Forum: Beginner Basics
Topic: I can't install mikrotik os x86.
Replies: 11
Views: 873

Re: I can't install mikrotik os x86.

Sometimes it is only to do new, strange things, go where no men has been before and similar.
Is It "smart" or produttive?
Certainly not, but It can be a lot of fun.
  • 1
  • 2
  • 3
  • 4
  • 5
  • 7