Community discussions

MikroTik App

Search found 1571 matches

by jaclaz
Sun Oct 06, 2024 1:37 am
Forum: Scripting
Topic: by DHCP-CLIENT lease found rogue DHCP-SERVER
Replies: 1
Views: 55

Re: by DHCP-CLIENT lease found rogue DHCP-SERVER

You sure about these double quotes?
interface=$"iface"
by jaclaz
Sun Oct 06, 2024 12:02 am
Forum: Beginner Basics
Topic: List:unknown
Replies: 5
Views: 167

Re: List:unknown

The strength of lists Is that the default firewall (again on soho devices) Is based on those categories (LAN/WAN) so you can easily add to the two categories the wanted interfaces without ever needing to modify firewall filters (and also NAT). Home made and - with all due respect - half baked firewa...
by jaclaz
Sat Oct 05, 2024 11:21 pm
Forum: General
Topic: wireless + ethernet on audio app config
Replies: 7
Views: 166

Re: wireless + ethernet on audio app config

Well, if the CQ-18 Is an AP, It Is an AP and will never become a client device. If you can have the two devices near between them and connect both via ethernet to the mAp then yes, you can have the mAp configured as a bridge for the two ethernet ports and have the wifi either bridged or routed. But ...
by jaclaz
Sat Oct 05, 2024 9:17 pm
Forum: Beginner Basics
Topic: List:unknown
Replies: 5
Views: 167

Re: List:unknown

CHR is Mikrotik Cloud Hosted Router.
It is more or less the same that you have, but intended to be run in a Virtual Machine, so I assume it has the same non-configuration.
by jaclaz
Sat Oct 05, 2024 8:48 pm
Forum: Beginner Basics
Topic: Secondary WAN and failover setup hap ax2 (7.16) for a beginner
Replies: 29
Views: 972

Re: Secondary WAN and failover setup hap ax2 (7.16) for a beginner

Good, happy it is more or less working :). So the links/routes are sometimes "flapping"? Every thirty seconds look suspiciously linked to the running of the netwatch script. Try changing the interval to a higher value or - maybe better - try inserting in the netwatch script a small delay *...
by jaclaz
Sat Oct 05, 2024 7:20 pm
Forum: Beginner Basics
Topic: List:unknown
Replies: 5
Views: 167

Re: List:unknown

I am not sure to understand. Normally the default configuration of Mikrotik devices of the SOHO series is - though basic - rather complete, while the configuration on professional devices is (so I read) almost inexistent. You are talking of the CHR, right? I was just playing with a CHR in a virtual ...
by jaclaz
Sat Oct 05, 2024 7:00 pm
Forum: General
Topic: hap ax3 random wireless disconnects
Replies: 108
Views: 9789

Re: hap ax3 random wireless disconnects

I've recently heard an opinion that connected USB3 device may affect wireless (friends who have ax3 had problems with usb and didn't have without). I had problems before I attached USB disk, and now there isn't much transfers (only error logs by now). Maybe it will be useful if anyone who has probl...
by jaclaz
Sat Oct 05, 2024 4:10 pm
Forum: Beginner Basics
Topic: Router configuration
Replies: 6
Views: 277

Re: Router configuration

RB1100AHx4 list 329$, dual power supply
CCR2004-16G-2S+ list 465$, lots of ports you don't need.

Alternative:
RB5009UG+S+IN list 219$, enough ports for your use, faster in routing than the RB1100AHx4
by jaclaz
Sat Oct 05, 2024 3:55 pm
Forum: General
Topic: wireless + ethernet on audio app config
Replies: 7
Views: 166

Re: wireless + ethernet on audio app config

If I get it right, the CQ-18T will be "main" device, connected wirelessly with the mAp, and the mAp connected via ethernet cable to the Driverrack. From what I can understand, the CQ-18T works as Access Point. This means that the mAp needs to be configured as client, i.e. in Mikrotik jargo...
by jaclaz
Sat Oct 05, 2024 12:31 pm
Forum: General
Topic: OpenVPN does not allow to set Auth-Type for RADIUS
Replies: 2
Views: 81

Re: OpenVPN does not allow to set Auth-Type for RADIUS

You should both open a ticket at Mikrotik Support, while sometimes the developers do read forum posts, it is not given that they will do anything without an opened ticket.
by jaclaz
Sat Oct 05, 2024 12:25 pm
Forum: RouterBOARD hardware
Topic: PW48V-12V85W compatiblity list
Replies: 1
Views: 166

Re: PW48V-12V85W compatiblity list

On this page (third party): https://www.getic.com/product/psu-open-frame-12v-7a-for-ccr-r2 the compatible models are listed as: CCR1016-12G CCR1036-12G-4S CCR1036-12G-4S-EM CCR1036-8G-2S+ CCR1036-8G-2S+EM CCR1016-12S-1S+ CRS326-24S+2Q+RM CCR2004-1G-12S+2XS CCR2116-12G-4S+ but cannot say if the sourc...
by jaclaz
Sat Oct 05, 2024 11:13 am
Forum: General
Topic: RB4011 does not work
Replies: 2
Views: 107

Re: RB4011 does not work

You could try a different power supply, it is a common failure mode for (switching) power supplies to still be able to provide some Volts but not enough Amperes, so that some basic things works (like led lights) but the device doesn't actually boot or doesn't boot completely.
by jaclaz
Fri Oct 04, 2024 8:47 pm
Forum: Beginner Basics
Topic: Router configuration
Replies: 6
Views: 277

Re: Router configuration

It is not clear (to me) what you actually need/want, a router or a switch?

Anyway missing requirements are:
  • number of ports
  • speed of the ISP connection and of the LAN
  • need for SFP sockets/connections
by jaclaz
Fri Oct 04, 2024 7:41 pm
Forum: Beginner Basics
Topic: Secondary WAN and failover setup hap ax2 (7.16) for a beginner
Replies: 29
Views: 972

Re: Secondary WAN and failover setup hap ax2 (7.16) for a beginner

Yep, it looks fine to me. :) Now you have: D d 0.0.0.0/0 5.187.172.1 2 D A d 0.0.0.0/0 192.168.1.1 1 The "main" one is NOT A ctive, the LTE is. If you disable the LTE, the main should immediately be back to A ctive (i.e. D A d). JFYI, when you have more than one table, from CLI you can use...
by jaclaz
Fri Oct 04, 2024 7:19 pm
Forum: Beginner Basics
Topic: Secondary WAN and failover setup hap ax2 (7.16) for a beginner
Replies: 29
Views: 972

Re: Secondary WAN and failover setup hap ax2 (7.16) for a beginner

I could change the distance to 2 and 1 in respective, now the DSL IP is blue not black like others, I created the DSL routing table with FIG, but cannot change the routing table for Dd 0.0.0.0/0 5.187.172.1 ether1 blue line, it is grayed out for main, or should I add with the + a new one? and delet...
by jaclaz
Fri Oct 04, 2024 6:35 pm
Forum: Beginner Basics
Topic: Secondary WAN and failover setup hap ax2 (7.16) for a beginner
Replies: 29
Views: 972

Re: Secondary WAN and failover setup hap ax2 (7.16) for a beginner

Right now you have both the DSL and the LTE routers connected and the two routes "towards internetet" (the 0.0.0.0/0) active at the same time (the + sign tells us this) because they both have the same distance (of 1 which is the default). Next step is changing the distance of the two conne...
by jaclaz
Fri Oct 04, 2024 5:23 pm
Forum: General
Topic: Device got hacked 1 min after connected to internet
Replies: 51
Views: 3890

Re: Device got hacked 1 min after connected to internet

Maybe stupid question, but couldn't the (safe/complex/random/whatever) password be asked during the netinstall process for those (older) devices that still have the blank one?
by jaclaz
Fri Oct 04, 2024 5:17 pm
Forum: Beginner Basics
Topic: Secondary WAN and failover setup hap ax2 (7.16) for a beginner
Replies: 29
Views: 972

Re: Secondary WAN and failover setup hap ax2 (7.16) for a beginner

/interface detect internet is not part of the firewall, it is something that very few people actually use, let alone *need*, and is known to mess things in some subtle ways in some configurations. Disabling it is usually advised, see: https://forum.mikrotik.com/viewtopic.php?t=187814 In the best cas...
by jaclaz
Fri Oct 04, 2024 12:57 pm
Forum: General
Topic: Help Mikrotik AC3
Replies: 1
Views: 80

Re: Help Mikrotik AC3

Follow instructions here and post your configuration:
viewtopic.php?t=203686#p1051720
by jaclaz
Fri Oct 04, 2024 11:09 am
Forum: Beginner Basics
Topic: Secondary WAN and failover setup hap ax2 (7.16) for a beginner
Replies: 29
Views: 972

Re: Secondary WAN and failover setup hap ax2 (7.16) for a beginner

Yes the only change I turned off for the second result the LTE modem, if I turn on I will get the same result, the problem is when I disconnect ether1 internet is gone no internet going trough ether2 But the same LTE modem works fine when connected to ether1? In theory you should be able to connect...
by jaclaz
Thu Oct 03, 2024 11:25 pm
Forum: Beginner Basics
Topic: Secondary WAN and failover setup hap ax2 (7.16) for a beginner
Replies: 29
Views: 972

Re: Secondary WAN and failover setup hap ax2 (7.16) for a beginner

Well, you had just posted an /ip route print where both ether1 and ether2 got their ip route just fine (so the DHCP client worked fine on both interfaces), now your /ip route print seems to show that it only works on ether1 and not (anymore) on ether2, so something has changed. The main ISP modem cr...
by jaclaz
Thu Oct 03, 2024 8:09 pm
Forum: Beginner Basics
Topic: Secondary WAN and failover setup hap ax2 (7.16) for a beginner
Replies: 29
Views: 972

Re: Secondary WAN and failover setup hap ax2 (7.16) for a beginner

Two vlans makes much sense to me. Not only to you, but there are logical priorities, that you are not taking into account, and as well you are not considering how the OP is a beginner. Priorities (in my perverted mind): 1) have a decent setup for 1 internet connection 2) add a second connection 3) ...
by jaclaz
Thu Oct 03, 2024 6:19 pm
Forum: Beginner Basics
Topic: Secondary WAN and failover setup hap ax2 (7.16) for a beginner
Replies: 29
Views: 972

Re: Secondary WAN and failover setup hap ax2 (7.16) for a beginner

@anav there is no reason why OP would want or should have two VLANs. Very likely the double entry in: /ip dhcp-server network is a mistake/accident. OP is a beginner and is trying to get the hang of a simple home/soho setup, no need for now to make it more complex than needed. @bbmikrotik You have t...
by jaclaz
Thu Oct 03, 2024 4:51 pm
Forum: General
Topic: Ether6 on RB5009 only working with 100 Mbps. Hardware fault?
Replies: 7
Views: 292

Re: Ether6 on RB5009 only working with 100 Mbps. Hardware fault?

It could well be one of the pin disconnected (like a cold solder on the PCB).
10/100 use 4 pins/wires, if 1,2,3 and 6 are good, up to 100 the connection is good
1000 uses all 8 of them, so if any among 4,5,7 and 8 is disconnected, 1000 connection will fail.
by jaclaz
Thu Oct 03, 2024 12:00 pm
Forum: Scripting
Topic: DNS Update script error after 7.15 upgrade [SOLVED]
Replies: 8
Views: 272

Re: DNS Update script error after 7.15 upgrade [SOLVED]

7.15 is seemingly much more "strict" than previous versions. It could be a permission/policy issue or something nearly invisible, such as a missing quote or an excess newline. Check this: https://forum.mikrotik.com/viewtopic.php?t=208272 saving the script as .rsc and then dry-run importing...
by jaclaz
Thu Oct 03, 2024 11:37 am
Forum: Beginner Basics
Topic: the irrationality of [find]
Replies: 18
Views: 614

Re: the irrationality of [find]

No, i am not user command /ip hotspot user reset-counters; i used: /ip hotport user reset-counters [find name = "a"]; but it still works for all in case "a" is removed. Exactly. :) You use the command: /ip hotspot user reset-counters [find name = "a"] BUT the find comm...
by jaclaz
Thu Oct 03, 2024 11:27 am
Forum: Beginner Basics
Topic: Secondary WAN and failover setup hap ax2 (7.16) for a beginner
Replies: 29
Views: 972

Re: Secondary WAN and failover setup hap ax2 (7.16) for a beginner

No, you just need to remove the ether2 from the bridge, leaving in the bridge only ether3,4,5. Ether2, once outside the bridge, will be able to have a DHCP client enabled on it, just like it is now ether1. in CLI that would be: /interface bridge port remove [ find interface=ether2 ] Let see if I can...
by jaclaz
Thu Oct 03, 2024 12:33 am
Forum: Beginner Basics
Topic: Secondary WAN and failover setup hap ax2 (7.16) for a beginner
Replies: 29
Views: 972

Re: Secondary WAN and failover setup hap ax2 (7.16) for a beginner

Don't mistake me for a Mikrotik expert, I am also only a beginner, just knowing enough for basic configurations like yours. /interface bridge port add bridge=bridge comment=defconf interface=ether2 Your ether2 is still part of the bridge, hence the DHCP server error, that sees it as slave interface ...
by jaclaz
Wed Oct 02, 2024 11:16 pm
Forum: General
Topic: Switch rule to block out everything but 1 mac, not working as expected
Replies: 9
Views: 291

Re: Switch rule to block out everything but 1 mac, not working as expected

Allow me to disagree Syntax/commands need to be precise, actually exact. Comments need to be descriptive/understandable. The ethernet cable physically connects ether5 to a port on another device identified by the MAC address. Packets/whatever travel back and forth on this ethernet cable. It is clear...
by jaclaz
Wed Oct 02, 2024 7:29 pm
Forum: Beginner Basics
Topic: Secondary WAN and failover setup hap ax2 (7.16) for a beginner
Replies: 29
Views: 972

Re: Secondary WAN and failover setup hap ax2 (7.16) for a beginner

The default is: ether1:WAN ether2-5:joined in a bridge LAN What you have to do is to take ether2 (by convention the lower numbered ports are those that connect to the internet) out of the bridge, so that you will have: ether1:WAN (1) ether2:WAN (2) ether3-5 joined in a bridge:LAN Be careful to not l...
by jaclaz
Wed Oct 02, 2024 6:57 pm
Forum: General
Topic: Switch rule to block out everything but 1 mac, not working as expected
Replies: 9
Views: 291

Re: Switch rule to block out everything but 1 mac, not working as expected

So, there is the need of two "monodirectional" rules:
comment="Allow from 00:E0:4C:00:03:A7 to ether5"
and:
comment="Allow to 00:E0:4C:00:03:A7 from ether5"
? :?:
by jaclaz
Wed Oct 02, 2024 5:07 pm
Forum: Beginner Basics
Topic: Getting no internet on Hap AC Lite
Replies: 3
Views: 157

Re: Getting no internet on Hap AC Lite

Maybe I see it from a different perspective :shock: , but I would have said that the Hap Ac Lite has a reset/wps button (inside a hole) on the front . Like: https://www.youtube.com/watch?v=LMz49kUvH_c This is interesting, however, many/most "consumer" devices have the ethernet ports on wha...
by jaclaz
Wed Oct 02, 2024 4:38 pm
Forum: Beginner Basics
Topic: the irrationality of [find]
Replies: 18
Views: 614

Re: the irrationality of [find]

yes, there are many ways to fix this "bug", I just brought up an irrationality of the [find] condition. But that [find name="a"] works just fine, as it finds nothing and returns nothing. The issue is in the command: /ip hotspot user reset-counters that works for "all" ...
by jaclaz
Wed Oct 02, 2024 11:30 am
Forum: Beginner Basics
Topic: the irrationality of [find]
Replies: 18
Views: 614

Re: the irrationality of [find]

So it is not a quirk of the find command in itsellf, but rather a "wrong implied default" of "all" in the command /ip hotspot user reset-counters?

How can it be worked around?
Like checking if "numbers" is defined and only run the command if the condition is true?
by jaclaz
Wed Oct 02, 2024 11:05 am
Forum: Scripting
Topic: FTP - /tool fetch - failure: Unexpected timeout [SOLVED]
Replies: 6
Views: 251

Re: FTP - /tool fetch - failure: Unexpected timeout [SOLVED]

Good. :)

For next time, a good practice when testing/troubleshooting a script is to add commands that shows the actual value variables get.
If you had a:
:put $ftpDstPath
you would have seen that the value was not correct.
by jaclaz
Wed Oct 02, 2024 1:46 am
Forum: Beginner Basics
Topic: Getting no internet on Hap AC Lite
Replies: 3
Views: 157

Re: Getting no internet on Hap AC Lite

Many (important) details are missing or are unclear. On the back of which router? I believe that the AC LITE has not a physical WPS button. :? The 192.168.1.1 is the AC LITE or another device? If the former, how do you connect to it? Winbox, normal browser (Webfig), or what? You should describe with...
by jaclaz
Wed Oct 02, 2024 1:09 am
Forum: Scripting
Topic: FTP - /tool fetch - failure: Unexpected timeout [SOLVED]
Replies: 6
Views: 251

Re: FTP - /tool fetch - failure: Unexpected timeout [SOLVED]

If the server is the same and out of two different ways to connect to it one works and the other doesn't it is more likely that the server response is a (misleading) reflection of something wrong on the client. The FTP error 553 error could mean "I don't like the Path and Name of the file you w...
by jaclaz
Tue Oct 01, 2024 11:47 pm
Forum: RouterBOARD hardware
Topic: Mikrotik CRS326-24G-2S+RM only turns on blue power light
Replies: 2
Views: 172

Re: Mikrotik CRS326-24G-2S+RM only turns on blue power light

The first thing I would try is another power supply/adapter. It Is a common failure mode of (switching) power supplies to be able to still supply *some* Volts but not enough Amperes. The effects on many devices is that some led(s) lights up seemingly normally but when during booting some more "...
by jaclaz
Tue Oct 01, 2024 7:31 pm
Forum: Virtualization
Topic: Router OS 7 on UEFI
Replies: 61
Views: 11216

Re: Router OS 7 on UEFI

OK, so, if anyone is interested in this "universal image", in the attached spreadsheet there are the basic instructions to modify the image so that it boots both in BIOS and in UEFI. NOT a fully tested script, only the needed info and the commands I used manually. Due to the hardcoded addr...
by jaclaz
Tue Oct 01, 2024 5:21 pm
Forum: General
Topic: hap ax3 random wireless disconnects
Replies: 108
Views: 9789

Re: hap ax3 random wireless disconnects

@tangent The origin is (probably) a (I believe now lost forever) twitter post, cited here (which explains some of the reasons to increase DTIM interval for Apple devices): https://www.sniffwifi.com/2016/05/go-to-sleep-go-to-sleep-go-to-sleep.html The analysis seems to make sense, and this "set ...
by jaclaz
Tue Oct 01, 2024 12:06 am
Forum: General
Topic: Mikrotik setup for private home -> Switch + AccessPoints
Replies: 7
Views: 338

Re: Mikrotik setup for private home -> Switch + AccessPoints

Only for the record, there is a lot of confusion around POE and Mikrotik has some own quirks on top of that. 802.3af=POE 802.3at=POE+ 802.3bt=POE++ Mikrotik's 802.3af/at=POE and almost, but not quite, POE+, as mkx noted earlier the amount of current is below the one in the standard, and even raising...
by jaclaz
Mon Sep 30, 2024 7:56 pm
Forum: RouterBOARD hardware
Topic: Extending the SMD LED
Replies: 3
Views: 205

Re: Extending the SMD LED

The "cleanest" option is to use a sensor (soldering on the board will void warranty). A small circuit *like* this one: https://www.arrow.com/en/research-and-events/articles/build-and-use-a-simple-light-detector-sensor-circuit can be used as "led signal extender". Or - even simple...
by jaclaz
Mon Sep 30, 2024 6:49 pm
Forum: General
Topic: hexS with PoE 20°C warmer?
Replies: 7
Views: 297

Re: hexS with PoE 20°C warmer?

Consumer grade equipment can run without any issues at 70C, industry grade goes to 85C or so. Military grade can surpass 120C. Yep, as said it is not "preoccupying", but it all depends on where the sensor is and what kind of dissipation happens. If a temperature sensor is near the *whatev...
by jaclaz
Mon Sep 30, 2024 12:35 pm
Forum: General
Topic: hexS with PoE 20°C warmer?
Replies: 7
Views: 297

Re: hexS with PoE 20°C warmer?

Yep, but 20 degrees? At which voltage are you powering the hexS: 1. when using the jack 2. when using the PoE ? The hexS power supply is 24V. It accepts 12-57V as PoE In, if you are using the (normal) 48V, it could be the voltage regulator/converter that creates the heat, but it doesn't sound right ...
by jaclaz
Mon Sep 30, 2024 12:11 pm
Forum: General
Topic: Mikrotik router asking for ARP resolution of alot of IPs
Replies: 7
Views: 475

Re: Mikrotik router asking for ARP resolution of alot of IPs

I am sorry, I have no idea about that. The (little) theory I understood is that ARP is a L2 protocol, so it should be limited to local network. From this (and the linked to Linux article): https://forum.mikrotik.com/viewtopic.php?t=176461#p865029 I understand that when you do a "normal" pi...
by jaclaz
Sun Sep 29, 2024 8:03 pm
Forum: Virtualization
Topic: Router OS 7 on UEFI
Replies: 61
Views: 11216

Re: Router OS 7 on UEFI

With all due respect for the good guys @Mikrotik, in this particular case something went wrong, they failed, and failed big. If they wanted to have the CHR image to be only BIOS bootable (through their - let's call it "strange" - method, bootsector code and hardcoded map) why did they add ...
by jaclaz
Sun Sep 29, 2024 3:51 am
Forum: Virtualization
Topic: Router OS 7 on UEFI
Replies: 61
Views: 11216

Re: Router OS 7 on UEFI

@jaclaz, I wouldn't get too crazy. Sure, I know, it is more like, you know :wink: The way I see it, if you're gonna build a time machine into a car, why not do it with some *style?* The IPXE could be another royal PITA, I am now a bit rusty about BIOS/UEFI and filesystems, but at least in my days I...
by jaclaz
Sun Sep 29, 2024 2:55 am
Forum: Virtualization
Topic: Router OS 7 on UEFI
Replies: 61
Views: 11216

Re: Router OS 7 on UEFI

@jaclaz, you're the boss - 7.17.beta2 mangled using your gdisk magic made Vultr happy. Good. :) So this part of the problem is solved, at least until the good Mikrotik guys don't change something relevant in the images. A solution to the other part ( keeping compatibility with BIOS booting) is on i...
by jaclaz
Sat Sep 28, 2024 8:10 pm
Forum: Beginner Basics
Topic: Configuring Extension Router Separately [SOLVED]
Replies: 11
Views: 915

Re: Configuring Extension Router Separately [SOLVED]

So you're telling me that until now I've been connecting via RouterOS to the CPE, not the AC Lites? Yep :) . We (highly specialized technicians :roll: ) call that "barking up the wrong tree" :wink: . So if I find the IP for the AC Lites (somewhere in the range 192.168.1.10-192.168.1.200) ...
by jaclaz
Sat Sep 28, 2024 4:04 pm
Forum: Beginner Basics
Topic: Configuring Extension Router Separately [SOLVED]
Replies: 11
Views: 915

Re: Configuring Extension Router Separately [SOLVED]

Well, there is something strange going on. Does the device(s) you are using look *like*: https://mikrotik.com/product/rblhgr#fndtn-gallery https://cdn.mikrotik.com/web-assets/rb_images/1874_m.png or more like: https://mikrotik.com/product/RB952Ui-5ac2nD#fndtn-gallery https://cdn.mikrotik.com/web-ass...
by jaclaz
Sat Sep 28, 2024 1:19 am
Forum: RouterBOARD hardware
Topic: hAP ax Lite USB power
Replies: 12
Views: 4271

Re: hAP ax Lite USB power

Please re-read the post just above yours, all the needed information is there, what is that you have doubts about?
by jaclaz
Sat Sep 28, 2024 12:08 am
Forum: Beginner Basics
Topic: Configuring Extension Router Separately [SOLVED]
Replies: 11
Views: 915

Re: Configuring Extension Router Separately [SOLVED]

Actually, you have none (shown).
Follow the instructions here:
viewtopic.php?t=203686#p1051720
and post your configuration.
You sure that is an AC LITE?
by jaclaz
Fri Sep 27, 2024 11:57 pm
Forum: General
Topic: Mikrotik router asking for ARP resolution of alot of IPs
Replies: 7
Views: 475

Re: Mikrotik router asking for ARP resolution of alot of IPs

Interesting possibility.
But how/why this started happening last friday on multiple devices? :?
by jaclaz
Fri Sep 27, 2024 1:04 am
Forum: Wireless Networking
Topic: Wireless Wire Cube Pro preconfig
Replies: 3
Views: 287

Re: Wireless Wire Cube Pro preconfig

In that same thread there is a link to this post on another thread: https://forum.mikrotik.com/viewtopic.php?t=205042#p1059476 Where the standard configurations of a pair ( both master and slave) are posted. Since you already have one half of the old (good) configuration, It should be easy to recrea...
by jaclaz
Fri Sep 27, 2024 12:38 am
Forum: Virtualization
Topic: Router OS 7 on UEFI
Replies: 61
Views: 11216

Re: Router OS 7 on UEFI

Yep, but the one you should try Is the third one, 7.15.3 using the last modified gdisk script. The idea Is that the last posted gdisk script creates (should create) an image functionally identical to the 7.14.3 modified by the full (including gdisk) kriszos script. Maybe there is still some differen...
by jaclaz
Thu Sep 26, 2024 11:42 pm
Forum: Beginner Basics
Topic: Using locked down LTE modem through RB2011
Replies: 1
Views: 289

Re: Using locked down LTE modem through RB2011

As I see It, a (LTE) modem that has not a bridge mode Is a (LTE) router. So It has a WAN side (the LTE) and a LAN side (on one or more ethernet ports) that you have set with IP address 10.0.0.1. The RB2011 will have as well a WAN side (by convention ether1) and a LAN side (usually a bridge with all ...
by jaclaz
Thu Sep 26, 2024 10:27 am
Forum: Wireless Networking
Topic: No Connection to CAPsMAN [SOLVED]
Replies: 17
Views: 2693

Re: No Connection to CAPsMAN [SOLVED]

So, if I get this right, the CAPSMAN appeared enabled in Winbox/Webfig while it was actually disabled in the actual (CLI/terminal) configuration? :shock:

It seems like a bug that can deceive/trick lots of people. :(
by jaclaz
Wed Sep 25, 2024 7:17 pm
Forum: General
Topic: Device got hacked 1 min after connected to internet
Replies: 51
Views: 3890

Re: Device got hacked 1 min after connected to internet

Back to the off topic SIM card size issues :shock: . I think that it greatly depends on how the actual socket receptacle is made, in theory the nano is thinner than the micro (by a teeny tiny amount, 0.67 instead of 0.76 mm) to allow the adapter to have a "back sheet" (that can often be re...
by jaclaz
Wed Sep 25, 2024 4:57 pm
Forum: General
Topic: Device got hacked 1 min after connected to internet
Replies: 51
Views: 3890

Re: Device got hacked 1 min after connected to internet

Yep, but if the good Mikrotik guys (who have an established record for omitting even vital documentation and even when documenting it, doing it in the most minimal and succinct possible form) felt compelled to put this info in the manual, adding even a picture, it must mean that the issues with that...
by jaclaz
Wed Sep 25, 2024 3:51 pm
Forum: RouterBOARD hardware
Topic: CRS310-8G+2S+IN batches are broken
Replies: 3
Views: 778

Re: CRS310-8G+2S+IN batches are broken

Coincidentally, recent:
viewtopic.php?t=210717
by jaclaz
Wed Sep 25, 2024 3:47 pm
Forum: General
Topic: Device got hacked 1 min after connected to internet
Replies: 51
Views: 3890

Re: Device got hacked 1 min after connected to internet

The good Mikrotik guys did warn you, though :shock: : https://help.mikrotik.com/docs/pages/viewpage.action?pageId=73826313 SIM slot usage https://manuals.plus/wp-content/uploads/2023/10/Chateau-LTE12-Routers-and-Wireless-User-SIM-slot-usage.png SIM card slot is designed to use with Micro SIM cards. ...
by jaclaz
Wed Sep 25, 2024 3:31 pm
Forum: RouterBOARD hardware
Topic: WARNING CRS310-8G - quality by issue with heatsink inside (loose?)
Replies: 4
Views: 1177

Re: WARNING CRS310-8G - quality by issue with heatsink inside (loose?)

It should be checked, if under the thermal pad there is another chip, and from the white L shaped marks it seems like the heatsink should have gone over TWO chips, the one where the thermal pad still is and the other one without thermal pad, it would make little sense to place the heatsink in a so m...
by jaclaz
Wed Sep 25, 2024 2:17 pm
Forum: General
Topic: Device got hacked 1 min after connected to internet
Replies: 51
Views: 3890

Re: Device got hacked 1 min after connected to internet

Only for the record, and as a side-side note, besides using the "right" adapter and not attempt to combine two into one, metal adapters (as opposed to plastic) do exist, they don't cost (IMHO) excessively more and they are much more sturdy and the SIM fits in them more tightly.
by jaclaz
Wed Sep 25, 2024 2:06 pm
Forum: Scripting
Topic: logical "or" over number
Replies: 20
Views: 1504

Re: logical "or" over number

The built-in bitwise XOR: https://wiki.mikrotik.com/wiki/Manual:Scripting#Bitwise_Operators should work also for IPv6 and num data types: Bitwise Operators Bitwise operators are working on number, IP and IPv6 address data types. So, using your code but with IPv6 (and : instead of . as separator) you...
by jaclaz
Wed Sep 25, 2024 11:42 am
Forum: RouterBOARD hardware
Topic: Request information on the antenna connector!
Replies: 1
Views: 234

Re: Request information on the antenna connector!

Check if they are of this kind called MS156:
viewtopic.php?t=153582
by jaclaz
Wed Sep 25, 2024 1:18 am
Forum: Virtualization
Topic: Router OS 7 on UEFI
Replies: 61
Views: 11216

Re: Router OS 7 on UEFI

Very good :) . So, as soon as Sindy will be able to (hopefully) report success in the environment(s) he uses, the matter should be pseudo-solved. Still, if the image (with just the ext2 to Fat16 conversion) works, running the gdisk script makes little sense, once set aside the things we have learned...
by jaclaz
Wed Sep 25, 2024 12:51 am
Forum: General
Topic: Device got hacked 1 min after connected to internet
Replies: 51
Views: 3890

Re: Device got hacked 1 min after connected to internet

Removed once and destroyed nanosim-to-microsim-to-sim adapter because it was very difficult to pull it out. Sure, life stinks. :( Anyway, there are three common adapters in a kit: 1. nano to micro 2. micro to standard 3. nano to standard Sometimes 1+2 doesn't make 3. The nano to micro is so thin on...
by jaclaz
Tue Sep 24, 2024 11:25 pm
Forum: General
Topic: Device got hacked 1 min after connected to internet
Replies: 51
Views: 3890

Re: Device got hacked 1 min after connected to internet

Isn't there a (removable) SIM card? :-?
by jaclaz
Tue Sep 24, 2024 10:56 pm
Forum: General
Topic: Question for help on wireless cubes [SOLVED]
Replies: 12
Views: 953

Re: Question for help on wireless cubes [SOLVED]

To expand on the above, wireless wire kit is philosophically like a two ports managed switch. An IP address for it is needed only for management, it can be *any* address, as long as it is reachable. This particular two ports switch is however divided in two, so it needs two IP addresses, again, sinc...
by jaclaz
Tue Sep 24, 2024 9:17 pm
Forum: Virtualization
Topic: Router OS 7 on UEFI
Replies: 61
Views: 11216

Re: Router OS 7 on UEFI

Sorry, double post.
by jaclaz
Tue Sep 24, 2024 9:06 pm
Forum: Virtualization
Topic: Router OS 7 on UEFI
Replies: 61
Views: 11216

Re: Router OS 7 on UEFI

OK, it has been a nightmare (as it often happens) but I found out that the chr-7.15.3.uefi-fat.raw image (thanks Amm0) boots in virtualbox. A .vmdk descriptor is needed, but it is easy to make: # Disk DescriptorFile version=1 createType= RW 262144 FLAT "chr-7.15.3.uefi-fat.raw" 0 ddb.uuid....
by jaclaz
Tue Sep 24, 2024 12:08 pm
Forum: Wireless Networking
Topic: Missing wAP ax successor to wAP ac, what are outdoor AX WiFi alternatives?
Replies: 35
Views: 3632

Re: Missing wAP ax successor to wAP ac, what are outdoor AX WiFi alternatives?

Link to the actual page containing links to the various documents: https://fccid.io/TV7WAPGR52AX A rendering of the new device can be found in: https://fccid.io/TV7WAPGR52AX/Label/Label-7634072 It appears like a rather compact device, probably around 10x15x3 cm. I haven't found actual photos, but I ...
by jaclaz
Tue Sep 24, 2024 11:23 am
Forum: Virtualization
Topic: Router OS 7 on UEFI
Replies: 61
Views: 11216

Re: Router OS 7 on UEFI

About BIOS booting, it cannot really work, as some parts are misssing: 1. MBR boot code - check 2. MBR partition entry for the first partition active - check 2. Magic Bytes (55AA) in the MBR - check 3. Boot code in the bootsector - check (to be verified) 5. BPB (Bios Parameter Block) in the bootsect...
by jaclaz
Tue Sep 24, 2024 2:33 am
Forum: Virtualization
Topic: Router OS 7 on UEFI
Replies: 61
Views: 11216

Re: Router OS 7 on UEFI

Yes, each partition is one sector bigger in the GPT partition table than in the MBR one. The two partitions start on both MBR and GPT partition tables on Sector 34 and 65570. In the GPT the first partition goes then over the second. The second goes over the space marked as occupied by the backup GPT...
by jaclaz
Mon Sep 23, 2024 8:25 pm
Forum: Virtualization
Topic: Router OS 7 on UEFI
Replies: 61
Views: 11216

Re: Router OS 7 on UEFI

Well, the overall script changes anyway the filesystem from ext2/3 to FAT(32), evidently that is the "key" (and compatible with the UEFI requirement). On PC's, there are UEFI installable drivers (some made by the motherboard manufacturers or the one by P.Batard, the Author of Rufus for NTF...
by jaclaz
Mon Sep 23, 2024 11:35 am
Forum: Virtualization
Topic: Router OS 7 on UEFI
Replies: 61
Views: 11216

Re: Router OS 7 on UEFI

@Ammo Problem: partitions 2 and 1 overlap: Partition 2: 65570 to 258048 Partition 1: 34 to 65570 Aborting write of new partition table. .... Recovery/transformation command (? for help): /dev/nbd0 disconnected That is not "an error", it is a "critical error", as it means that the...
by jaclaz
Mon Sep 23, 2024 1:08 am
Forum: Virtualization
Topic: Router OS 7 on UEFI
Replies: 61
Views: 11216

Re: Router OS 7 on UEFI

@Ammo Ok, the Linux version then finds the same errors as the Windows version I tested and after the changes it writes to the image. (Do you want to proceed? (Y/N): OK; writing new GUID partition table (GPT) to /dev/nbd0. The operation has completed successfully). But what is the same output with th...
by jaclaz
Sun Sep 22, 2024 11:26 pm
Forum: Virtualization
Topic: Router OS 7 on UEFI
Replies: 61
Views: 11216

Re: Router OS 7 on UEFI

So we are back to the reason why I made a few slightly different scripts. The first one is the one that should produce an image most similar to the one as modified by the original script. I don't have handy a suitable Linux environments right now, not a suitable VM, so I am not able to test the resu...
by jaclaz
Sun Sep 22, 2024 7:05 pm
Forum: Virtualization
Topic: Router OS 7 on UEFI
Replies: 61
Views: 11216

Re: Router OS 7 on UEFI

Ah. OK. In any case the three different scripts may come useful in case there is the need to experiment, should the chosen one fail (for this or that reason). The script that I believe creates the most correct output is this one (the one called "MODIFIED SCRIPT3 (pure EFI/GPT, NO Hybrid) "...
by jaclaz
Sun Sep 22, 2024 6:46 pm
Forum: RouterBOARD hardware
Topic: RB5009UPr+S+IN PoE-out on half ports only
Replies: 6
Views: 610

Re: RB5009UPr+S+IN PoE-out on half ports only

can i have OFF, port 1,2,3,4,5 and ON port 6,7,8? Yes. (there is always some confusion between interface and port, as they can be synonym or mean different things, as a matter of fact the single ports (or standalone interfaces) are changed under a /interface sub-menu. /interface ethernet poe set et...
by jaclaz
Sun Sep 22, 2024 5:08 pm
Forum: RouterBOARD hardware
Topic: WARNING CRS310-8G - quality by issue with heatsink inside (loose?)
Replies: 4
Views: 1177

Re: WARNING CRS310-8G - quality by issue with heatsink inside (loose?)

in this case, what adhesive you use? replace the current adhesive? Usually you just get a replacement thermal pad, if you cannot find one of the exact size you can buy a larger one and cut it yourself to measure. Specific thermal epoxy glues do exist, but if the original was setup with a thermal pa...
by jaclaz
Sun Sep 22, 2024 4:55 pm
Forum: Beginner Basics
Topic: POE - How does it work ?
Replies: 1
Views: 369

Re: POE - How does it work ?

Yes and no (mostly no). Your RB5009 can provide PoE (PoE 802.3af and - almost - PoE+ 802.3at) and comes with a 48V2A96W power adapter, BUT the output on a single port is current limited, so you can have on a single port 440 mA (@48V). The CRS310 has no provision for PoE in, but accepts 18-57 V on th...
by jaclaz
Sun Sep 22, 2024 4:24 pm
Forum: RouterBOARD hardware
Topic: RB5009UPr+S+IN PoE-out on half ports only
Replies: 6
Views: 610

Re: RB5009UPr+S+IN PoE-out on half ports only

I am not sure to understand the problem, PoE can be switched :
poe-on=auto-on | forced-on | off
on a per-interface basis:
https://help.mikrotik.com/docs/display/ ... rtSettings
Port Settings

PoE-Out can be configured under the menu. Each port can be controlled independently.
by jaclaz
Sun Sep 22, 2024 4:14 pm
Forum: General
Topic: Too many winboxes
Replies: 11
Views: 902

Re: Too many winboxes

Improving, learning, experimenting, maintaining, monitoring -- that's the whole point.
I thought that the point was more like improvise, adapt, overcome, let it be :shock: (i.e. have the d@mn network running, then leave it alone until/if it breaks :wink: ) .
by jaclaz
Sun Sep 22, 2024 3:54 pm
Forum: Virtualization
Topic: Router OS 7 on UEFI
Replies: 61
Views: 11216

Re: Router OS 7 on UEFI

I can offer testing the images on both Proxmox and Hyper-V and, once that proves successful, even in the paid environment, but I suspect the logistics might be a bit complicated. If you have the time/will to test (before the images), the actual gdisk script on a Linux machine, it's fine, no need to...
by jaclaz
Sun Sep 22, 2024 1:14 pm
Forum: General
Topic: Networking Advice
Replies: 11
Views: 852

Re: Networking Advice

Only as a side-side note, I could never understand the (I believe general) love for DHCP on simple, small, "static" networks. Of course it is a must have for wireless, and useful for cabled PC's, but cameras? I can imagine very few things as "static" as cameras, you have to go th...
by jaclaz
Sun Sep 22, 2024 12:58 am
Forum: General
Topic: Networking Advice
Replies: 11
Views: 852

Re: Networking Advice

Yes, that way could work. But the switch has NOT any network, it is L2, the AP can have the "normal" network and be bridged to the rest of the network, if there is a connection from the Hex to the PoE switch to which the other cameras are connected, the two added cameras can have the same ...
by jaclaz
Sun Sep 22, 2024 12:17 am
Forum: General
Topic: Too many winboxes
Replies: 11
Views: 902

Re: Too many winboxes


I think I speak for almost everyone,
writing that there is no one who does such a foolish thing.
I instead suspect that there are plenty of people doing even more foolish things, only they don't have the ingenuity (or the guts) to publicly admit doing them.
by jaclaz
Sat Sep 21, 2024 11:57 pm
Forum: Virtualization
Topic: Router OS 7 on UEFI
Replies: 61
Views: 11216

Re: Router OS 7 on UEFI

Good to know. I believe that also using the 7.14.3 image as base and replacing/resyncing the files on the two partitions with the 7.15.3 ones should work. Is there a free environment where the image bootability can be tested? I made a few tests and the image for 7.15.3 should be fixable through a sl...
by jaclaz
Sat Sep 21, 2024 2:12 am
Forum: Beginner Basics
Topic: Using netwatch for link backup, I need help
Replies: 2
Views: 426

Re: Using netwatch for link backup, I need help

Double post, removed.
by jaclaz
Sat Sep 21, 2024 2:11 am
Forum: Beginner Basics
Topic: Using netwatch for link backup, I need help
Replies: 2
Views: 426

Re: Using netwatch for link backup, I need help

Do you mean like inserting a
delay 10s
before the line running PrincipalDown script?
by jaclaz
Sat Sep 21, 2024 12:19 am
Forum: General
Topic: Networking Advice
Replies: 11
Views: 852

Re: Networking Advice

You could have the two added cameras on a small, completely different, network, with only three devices in it, let's say 10.0.0.0/29 (ok, six addresses). Then you could use the Hex (or a hap Ax lite) placed near the Windows PC to route or netmap them to 192.168.5.x addresses, but of course this devi...
by jaclaz
Fri Sep 20, 2024 11:22 pm
Forum: General
Topic: Networking Advice
Replies: 11
Views: 852

Re: Networking Advice

A switch is L2. IP addresses are L3. For all it matters to the switch you could connect to one of its ports a device with *any* IP address, it is a connection on another level. The issue (or non issue) is only that the two networks won't be anymore physically separated, i.e. the two added cameras wi...
by jaclaz
Fri Sep 20, 2024 7:25 pm
Forum: Virtualization
Topic: Router OS 7 on UEFI
Replies: 61
Views: 11216

Re: Router OS 7 on UEFI

Yes and no :shock: , that may (or may not) be the issue (that then could be solved by only creating a FAT32 volume with the boot loader on it), but the script additionally attempts to solve the non-bootable issue by using a hybrid MBR alright, besides the FAT formatting: ( echo 2 # use GPT echo t # ...
by jaclaz
Fri Sep 20, 2024 2:26 pm
Forum: Beginner Basics
Topic: Connected to internet on WAN but not on LAN [SOLVED]
Replies: 13
Views: 964

Re: Connected to internet on WAN but not on LAN [SOLVED]

It should be avoided by using fasttrack, but you seem like having it enabled alright. Maybe it is an artifact of the test, or of the device used for it, see this thread (where another possible cure, queues, seems to come out like being often worse than the illness): https://forum.mikrotik.com/viewto...
by jaclaz
Fri Sep 20, 2024 12:10 pm
Forum: Virtualization
Topic: Router OS 7 on UEFI
Replies: 61
Views: 11216

Re: Router OS 7 on UEFI

Yep, essentially the posted bash script makes use of gdisk (a version of it can run also on Windows, if you are not running Linux) by Roderick Smith, which is the defacto standard for checking/correcting/modifying MBR and GPT images or disks: https://www.rodsbooks.com/gdisk/ and can - among other th...
by jaclaz
Fri Sep 20, 2024 11:39 am
Forum: Wireless Networking
Topic: Wireless distance setting on hAP ac lite
Replies: 3
Views: 484

Re: Wireless distance setting on hAP ac lite

The setting shouold be only on the "wireless" package (not on wifi/qcom-ac). https://help.mikrotik.com/docs/display/ROS/Wireless+Interface distance (integer | dynamic | indoors; Default: dynamic) How long to wait for confirmation of unicast frames (ACKs) before considering transmission uns...
by jaclaz
Fri Sep 20, 2024 11:19 am
Forum: Beginner Basics
Topic: Connected to internet on WAN but not on LAN [SOLVED]
Replies: 13
Views: 964

Re: Connected to internet on WAN but not on LAN [SOLVED]

It works now with IPv4 Fullstack ! Thanks for the help.
Good. :)

I still wonder how the "IP sharing" works when the ISP router is set as router.
Maybe they do some kind of remapping of ports, assigning one fourth of them to each of the four co-users? :?
by jaclaz
Thu Sep 19, 2024 9:00 pm
Forum: Beginner Basics
Topic: Connected to internet on WAN but not on LAN [SOLVED]
Replies: 13
Views: 964

Re: Connected to internet on WAN but not on LAN [SOLVED]

Your configuration seems just fine to me. Since the ether1 is getting its IP from the ISP router/modem (and consequently routes), it is likely to be an issue with what your ISP provides. Your case seems very similar to this one, same Freebox and same issues with bridge vs. router mode: https://forum...
by jaclaz
Thu Sep 19, 2024 7:32 pm
Forum: Beginner Basics
Topic: Connected to internet on WAN but not on LAN [SOLVED]
Replies: 13
Views: 964

Re: Connected to internet on WAN but not on LAN [SOLVED]

Hard to say without knowing your configuration.
It could be a mis-configuration of NAT or firewall filters, but also any issue with routes and/or missing/conflicting IP addresses.

Follow the instructions here:
viewtopic.php?t=203686#p1051720
and post your configuration.
by jaclaz
Thu Sep 19, 2024 12:10 pm
Forum: Wireless Networking
Topic: iOS 18 Wi-Fi connectivity issue [SOLVED]
Replies: 71
Views: 4395

Re: iOS 18 Wi-Fi connectivity issue [SOLVED]

Only as a side note, in the few "official" videos from Mikrotik I have watched (I simply cannot bear videos, but that's just me) I have noticed that the good Mikrotik guys often use Macs, so I believed that they are "Apple users" (last time I had a Mac and an iPad I was practical...
by jaclaz
Thu Sep 19, 2024 11:59 am
Forum: Beginner Basics
Topic: Most devices on Ether2, one new device on Ether3 can't communicate
Replies: 7
Views: 769

Re: Most devices on Ether2, one new device on Ether3 can't communicate

I cannot see at first sight anything obvious, but I am a bit perplexed by your settings for static ARP, I don't know but it seems to me like you risk some kind of conflict between your static arp entries and DHCP leases, I am not sure that this is "right": /ip arp add address=192.168.88.24...
by jaclaz
Thu Sep 19, 2024 1:19 am
Forum: Beginner Basics
Topic: CRS312-4C+8XG port mirroring [SOLVED]
Replies: 15
Views: 1038

Re: CRS312-4C+8XG port mirroring [SOLVED]

Yep, rest assured it is not you fault, usually when searching on Google the first results are on the (old) wiki that often gives obsolete info, then, when you get to the right "help" site finding the relevant information you are looking for is often challenging. The way the topics are orga...
by jaclaz
Thu Sep 19, 2024 12:19 am
Forum: Beginner Basics
Topic: Lost permisions on router
Replies: 11
Views: 704

Re: Lost permisions on router

Ah, ok, it should be clear that nothing is ever perfectly secure, but the probabilities of something happening (or not happening) should always be considered when attempting to implement settings or procedures intended as defense or countermeasures. In a post-mortem it is of course different and unt...
by jaclaz
Wed Sep 18, 2024 11:38 pm
Forum: General
Topic: Problems navigating from the Ether2 interface
Replies: 5
Views: 493

Re: Problems navigating from the Ether2 interface

I am not sure to understand what you did.
You should post the output of /ip route print at the exact time and in the exact conditions when you are having the issue you are trying to troubleshoot.
If you change some of the conditions, the output may be misleading.
by jaclaz
Wed Sep 18, 2024 11:20 pm
Forum: Beginner Basics
Topic: Playing with VRFs - what am I doing wrong?
Replies: 21
Views: 1462

Re: Playing with VRFs - what am I doing wrong?

Yep, so - essentially - we are still (back) in the "you'd better use a different network, or you could ..., but ...". BTW mtest001 has already posted another tested approach using (or mis-using) proxy-arp here: https://forum.mikrotik.com/viewtopic.php?t=200602 this proving that VRF's are n...
by jaclaz
Wed Sep 18, 2024 8:36 pm
Forum: Beginner Basics
Topic: Lost permisions on router
Replies: 11
Views: 704

Re: Lost permisions on router

We all know about exploits which (often with help of a user) compromise some LAN-connected computer which then serves as entry point for further attacks. With all due respect, surely they exist, but what is the ratio from_LAN/from_WAN, more like 1:100 or more like 1:10000000000000000 zillion occurr...
by jaclaz
Wed Sep 18, 2024 8:27 pm
Forum: Scripting
Topic: fetch failure: maximum connection count reached
Replies: 5
Views: 573

Re: fetch failure: maximum connection count reached

Maybe you have some previous instances that did not release connection, see: https://forum.mikrotik.com/viewtopic.php?t=45719 That could actually be connected with DHCP connection issue, if I get the linked thread right, fetch attempts to connect and if it fails, the job may remain "hanging&quo...
by jaclaz
Wed Sep 18, 2024 8:10 pm
Forum: Beginner Basics
Topic: Playing with VRFs - what am I doing wrong?
Replies: 21
Views: 1462

Re: Playing with VRFs - what am I doing wrong?

If the LAN side is also on 192.168.1.x/24? :? This is where I always fail to get a proper answer. I have always thought (and I may well be very wrong) that if the LAN side interface is 192.168.1.x/24 the other interface(s) can be either: 1) in the same 192.168.1.x/24 and then the device needs to be ...
by jaclaz
Wed Sep 18, 2024 7:57 pm
Forum: General
Topic: Problems navigating from the Ether2 interface
Replies: 5
Views: 493

Re: Problems navigating from the Ether2 interface

Yes, all your routes involving 190.xxx.xxx.254 are ISH in the /ip route print you posted. Even the Dynamic one for that network is DIcH, even if it has distance 0, being dynamic (like your other dynamic routes) it should be DAc. It is like you had no ethernet cable connected to ether2 (or however no...
by jaclaz
Wed Sep 18, 2024 6:47 pm
Forum: Beginner Basics
Topic: Playing with VRFs - what am I doing wrong?
Replies: 21
Views: 1462

Re: Playing with VRFs - what am I doing wrong?

Maybe I'm missing something here... But what is the point of using VRF for ISP failover? — VRFs have nothing to do with "automatic failover". Failover works without VRFs, and so layering VRF on top of failover mechanisms just make config even more complex. The point is about having multip...
by jaclaz
Wed Sep 18, 2024 6:01 pm
Forum: General
Topic: Problems navigating from the Ether2 interface
Replies: 5
Views: 493

Re: Problems navigating from the Ether2 interface

You have a direct route on 190.xxx.xxx.254, besides the recursive one via 8.8.8.8: /ip route add disabled=no dst-address=0.0.0.0/0 gateway=190.xxx.xxx.254 routing-table=\ main suppress-hw-offload=no add check-gateway=ping comment="RUTA FIBERTEL" disabled=no distance=10 \ dst-address=0.0.0....
by jaclaz
Wed Sep 18, 2024 5:46 pm
Forum: Wireless Networking
Topic: sim not present with hAP ax lite LTE6 [SOLVED]
Replies: 12
Views: 788

Re: sim not present with hAP ax lite LTE6 [SOLVED]

I guess it greatly depends on the "type" of shop/business, small ones, possibly managed by younger people, go for newish devices, such as sumup, zettle or similar.
But I would say that - say - 90- 95%+ use the solution provided by the bank (which ends up being Ingenico).
by jaclaz
Wed Sep 18, 2024 3:49 pm
Forum: Beginner Basics
Topic: Lost permisions on router
Replies: 11
Views: 704

Re: Lost permisions on router

Make an export if possible, that will help you reconfigure after netinstall.
Unless there is some other trick, I don't think so, If it is the same attack as on the given link the admin user is prevented from opening Terminal.
by jaclaz
Wed Sep 18, 2024 2:48 pm
Forum: Beginner Basics
Topic: Configuring Extension Router Separately [SOLVED]
Replies: 11
Views: 915

Re: Configuring Extension Router Separately [SOLVED]

Are both router1 and router2 Mikrotik devices? If yes, which models? ether1 is a (the first) RJ45 port lte1 is (usually the only) LTE interface (3G/4G modem) The wifi interfaces are "wlan" (wlan1, wlan2). You normally use the scheduler for disabling an interface for a given period (daily o...
by jaclaz
Wed Sep 18, 2024 2:36 pm
Forum: Beginner Basics
Topic: Lost permisions on router
Replies: 11
Views: 704

Re: Lost permisions on router

It sounds like your device has been attacked/hacked, there are several reports that an user "system" is created with all privileges and admin is limited to only a few ones. https://forum.mikrotik.com/viewtopic.php?t=202945 Only way out - I believe - is netinstall and start again from scrat...
by jaclaz
Wed Sep 18, 2024 2:30 pm
Forum: RouterBOARD hardware
Topic: Atheros AR5B22 wireless mini-PCIe in RBM33G
Replies: 2
Views: 417

Re: Atheros AR5B22 wireless mini-PCIe in RBM33G

A list of compatible devices (or more likely chipsets) has been posted here:
viewtopic.php?t=196111
it seems like limited to vary few devices and the AR5B22 or AR9462 are not among them.
by jaclaz
Wed Sep 18, 2024 2:15 pm
Forum: Wireless Networking
Topic: sim not present with hAP ax lite LTE6 [SOLVED]
Replies: 12
Views: 788

Re: sim not present with hAP ax lite LTE6 [SOLVED]

At least here in Italy most "mobile" POS (Point of Sale) card readers come with their own (GSM or LTE, cannot say) modem and SIM (cannot say if physical SIM or e-sim) as they are provided (rented) by the bank or financial firm that has the convention with the cards (like Visa, Mastercard, ...
by jaclaz
Wed Sep 18, 2024 1:43 pm
Forum: Wireless Networking
Topic: Can't get IP from
Replies: 1
Views: 301

Re: Can't get IP from

Post your complete configuration for review, (anonymizing/masking sensible data) instructions here:
viewtopic.php?t=203686#p1051720

Or compare your setup with the one in this thread:
viewtopic.php?t=196448
maybe the solution is there.
by jaclaz
Wed Sep 18, 2024 12:53 pm
Forum: General
Topic: Inter-VLAN connection not working correctly
Replies: 2
Views: 426

Re: Inter-VLAN connection not working correctly

Maybe related, maybe not, Windows (I am presuming Windows 10 or 11) does normally not respond to pings (if the network is categorized as Public, it should work if Private, but sometimes it is needed to change a firewall rule on windows). See: https://community.fortinet.com/t5/FortiGate/Troubleshooti...
by jaclaz
Wed Sep 18, 2024 11:57 am
Forum: Beginner Basics
Topic: Playing with VRFs - what am I doing wrong?
Replies: 21
Views: 1462

Re: Playing with VRFs - what am I doing wrong?

@aleab The issue you are having is a known one. There is not (yet, seemingly things are in the works) support for DNS in vrf's. I have a similar setup, in my case I "reversed" the vrf, putting it on the LAN side, so that the interfaces on the WAN side are on "main", and thus the ...
by jaclaz
Wed Sep 18, 2024 3:11 am
Forum: Wireless Networking
Topic: sim not present with hAP ax lite LTE6 [SOLVED]
Replies: 12
Views: 788

Re: sim not present with hAP ax lite LTE6 [SOLVED]

This type of SIM holders are tricky, it is not Mikrotik only, they are used on other manufacturers devices as well, in many cases that extra push is needed and there is the risk of accidentally damage the SIM with the tool used, ideally one should use a plastic one. And sometimes the SIM gets stuck ...
by jaclaz
Wed Sep 18, 2024 2:39 am
Forum: Beginner Basics
Topic: RB750 no POE [SOLVED]
Replies: 6
Views: 588

Re: RB750 no POE [SOLVED]

by jaclaz
Wed Sep 18, 2024 1:43 am
Forum: General
Topic: RB5009 PoE + RB260GSP
Replies: 2
Views: 331

Re: RB5009 PoE + RB260GSP

Not with a 48V power supply. They may work if you power the RB5009 at a lower voltage 24V or so. But if you do so, all Poe out ports of the RB5009 will be at this lower voltage and other devices actually 802.3af/at compatibile that you may want to connect to other ports won't work. There are splitte...
by jaclaz
Wed Sep 18, 2024 1:26 am
Forum: Wireless Networking
Topic: sim not present with hAP ax lite LTE6 [SOLVED]
Replies: 12
Views: 788

Re: sim not present with hAP ax lite LTE6 [SOLVED]

Place the hap Ax lite vertical on its "feet" (or rotate the photo you posted 90 degrees counterclockwise) and compare against the instructions picture. It seems to me rather accurate. And you are inserting the SIM with a different orientation from that picture/drawing. With the hap Ax lite...
by jaclaz
Wed Sep 18, 2024 1:07 am
Forum: Beginner Basics
Topic: RB750 no POE [SOLVED]
Replies: 6
Views: 588

Re: RB750 no POE [SOLVED]

Which camera? Most cameras are either non-PoE (and need a splitter/converter) or 802.3af. To extremely simplify, 802.3af means 48V. That Hex PoE lite is passive PoE, which - again extremely simplified - means 24V. They talk very different languages. The power adapter coming with the Hex is 24V 2.5A,...
by jaclaz
Tue Sep 17, 2024 12:46 pm
Forum: Wireless Networking
Topic: New in RouterOs v7.15.3, especially on mANTbox ax 15s, I have troubles
Replies: 9
Views: 1878

Re: New in RouterOs v7.15.3, especially on mANTbox ax 15s, I have troubles

And again: To get some meaningful help you should follow the instructions here: https://forum.mikrotik.com/viewtopic.php?t=203686#p1051720 and post your current configuration. About the DHCP server, if - as it should be - you have a bridge between ether1 and wifi interfaces, and you have a DHCP clie...
by jaclaz
Mon Sep 16, 2024 12:44 pm
Forum: General
Topic: Masquerade on interface with multiple public IPs addresses [SOLVED]
Replies: 4
Views: 488

Re: Masquerade on interface with multiple public IPs addresses [SOLVED]

To further explain, the "general" action is src-nat, masquerade is a special form of source nat that auto-computes the ip address.
See:
viewtopic.php?t=11368
viewtopic.php?t=98960
by jaclaz
Sun Sep 15, 2024 8:21 pm
Forum: Beginner Basics
Topic: VLANs to segreggate network
Replies: 8
Views: 746

Re: VLANs to segreggate network

Do you think that is a valid strategy?
No idea, but you should post again your current configuration, so that some members experienced with VLANs (and VAPs) may give you some more hints/advices.
by jaclaz
Sun Sep 15, 2024 7:52 pm
Forum: Beginner Basics
Topic: VLANs to segreggate network
Replies: 8
Views: 746

Re: VLANs to segreggate network

Maybe connected, maybe not, but VLAN1 is generally a no-no:
viewtopic.php?t=208061
by jaclaz
Sun Sep 15, 2024 6:58 pm
Forum: General
Topic: Access to default gateway using bonded links not reachable
Replies: 1
Views: 255

Re: Access to default gateway using bonded links not reachable

But does it remain unreachable even if you (for testing) disable the "main" 0.0.0.0 route or set it with distance 3?
by jaclaz
Sun Sep 15, 2024 4:58 pm
Forum: General
Topic: My new hAP ax lite LTE6 looses its lte after a few days
Replies: 27
Views: 1346

Re: My new hAP ax lite LTE6 looses its lte after a few days

The 04 should be fine, it is the 05 (now removed) that created the biggest issues: https://forum.mikrotik.com/viewtopic.php?t=204440#p1058092 Still blindly updating everything together at the same time just because someone, even Mikrotik, tells you to do so is not particularly smart, because if you ...
by jaclaz
Sun Sep 15, 2024 4:39 pm
Forum: General
Topic: My new hAP ax lite LTE6 looses its lte after a few days
Replies: 27
Views: 1346

Re: My new hAP ax lite LTE6 looses its lte after a few days

You must upgrade the device to the last stable version, not downgrade! He knows, he is asking if there is a way back, should the upgrade not provide increased stability. Not saying that it always pays to be prudent/conservative, but right now the OP with an oldish RoS version and oldish modem firmw...
by jaclaz
Sun Sep 15, 2024 4:34 pm
Forum: General
Topic: My new hAP ax lite LTE6 looses its lte after a few days
Replies: 27
Views: 1346

Re: My new hAP ax lite LTE6 looses its lte after a few days

Downgrading from running RoS version to any earlier one (down to the factory installed one, no earlier) is always possible and relatively easy, see: https://forum.mikrotik.com/viewtopic.php?t=194542 There has been a change in wireless packaging/modules between 7.12.x and 7.13, but that shouldn't be ...
by jaclaz
Sun Sep 15, 2024 4:20 pm
Forum: Beginner Basics
Topic: hAP AX2 POE issues
Replies: 8
Views: 621

Re: hAP AX2 POE issues

Yes, but the dubitative form is anyway appropriate when the standard power supply is used, the 24V/1.2A are IMHO very "tight" to power both the "main" device and another one via (passive) PoE. As said PoE is already a mess in itself, but the good Mikrotik guys, with their lacking...
by jaclaz
Sun Sep 15, 2024 3:38 pm
Forum: Beginner Basics
Topic: RB5009 VLANs [SOLVED]
Replies: 4
Views: 634

Re: RB5009 VLANs [SOLVED]

re:vlan ID 99 The board parser shows them in green (as if they were a comment and not a valid setting): add bridge=LAN_bridge tagged=ether2_Switch_1,ether3_Switch_2,LAN_bridge \ untagged="ether4_SmartHome_Controller1,ether5_SmartHome_Controller2,ether6_NVR,ether7_Synology,ethe\ r8_ProxMox"...
by jaclaz
Sun Sep 15, 2024 3:28 pm
Forum: General
Topic: My new hAP ax lite LTE6 looses its lte after a few days
Replies: 27
Views: 1346

Re: My new hAP ax lite LTE6 looses its lte after a few days

For the moment I wouldn't update the RoS (unless you are missing some other feature implemented in later versions) and definitely not the firmware of the LTE thingy, given the issues reported on the mentioned thread that seems objectively worse than the ones you are reporting.:
by jaclaz
Sun Sep 15, 2024 3:19 pm
Forum: Beginner Basics
Topic: hAP AX2 POE issues
Replies: 8
Views: 621

Re: hAP AX2 POE issues

PoE is a mess in itself, and Mikrotik doesn't help with the confusing documentation they provide. The hap Ax2 is documented as having PoE out: PoE-out ports Ether 1 PoE out Passive PoE Max out per port output (input 18-30 V) 600 mA Max total out (A) 0.6 A Total output current 0.6 Total output power ...
by jaclaz
Sun Sep 15, 2024 11:49 am
Forum: Containers
Topic: Containers won't start after power loss
Replies: 8
Views: 7262

Re: Containers won't start after power loss

You seem to be affected by the USB device detection bug holvoeth mentioned. It seems to be affecting some devices (USB sticks from a given brand, namely Sandisk) more than other ones, there are a couple workarounds that you could try integrating in your script, either reset the USB bus or rename the...
by jaclaz
Sun Sep 15, 2024 11:42 am
Forum: General
Topic: My new hAP ax lite LTE6 looses its lte after a few days
Replies: 27
Views: 1346

Re: My new hAP ax lite LTE6 looses its lte after a few days

Not at all a "solution" to your issue, but if the failures are one or two weeks apart a workaround would be to set a scheduler to reboot the router once every (say) two days at (still say) 4:00 in the morning (i.e. at the time when it is likely not in use). I would however check if the con...
by jaclaz
Sat Sep 14, 2024 5:19 pm
Forum: Beginner Basics
Topic: ltap mini Routing problems
Replies: 13
Views: 2263

Re: ltap mini Routing problems

It could be. Rebooting when testing a configuration is almost always a good idea, not only because some settings actually *need* a reboot to work, but because a reboot is the best simulation of what happens next time you have mains returning after a blackout or when you take power out for any other ...
by jaclaz
Sat Sep 14, 2024 12:58 pm
Forum: Beginner Basics
Topic: ltap mini Routing problems
Replies: 13
Views: 2263

Re: ltap mini Routing problems

I don't know, at first sight your dhcp settings look fine to me: /ip address add address=192.168.88.1/24 comment=defconf interface=bridge network=\ 192.168.88.0 add address=192.168.89.1/24 comment=myconf interface=wlan1 network=\ 192.168.89.0 /ip pool add name=dhcp_pool0 ranges=192.168.89.64-192.168...
by jaclaz
Sat Sep 14, 2024 12:01 pm
Forum: Beginner Basics
Topic: hAP AX2 POE issues
Replies: 8
Views: 621

Re: hAP AX2 POE issues

Coughy, which EXACT "POE device" are you trying to power? Make/model, please. Mikrotik devices such as the hapAX2 provide a (actually a bit limited in current) out voltage that is at the same level as the voltage that powers the device. So if you are powering the Ax2 with the standard 1.2A...
by jaclaz
Sat Sep 14, 2024 11:47 am
Forum: Beginner Basics
Topic: CRS312-4C+8XG port mirroring [SOLVED]
Replies: 15
Views: 1038

Re: CRS312-4C+8XG port mirroring [SOLVED]

Yep, your proposal is just fine, everything is in one place, and it would be even better if the settings would be moved from "main"
/interface ethernet switch port
to its own level:
/interface ethernet switch port mirroring
or
/interface ethernet switch port mirrors
by jaclaz
Sat Sep 14, 2024 11:40 am
Forum: Beginner Basics
Topic: Is the Mikrotik CRS312-4C+8XG-RM correct for my 10 Gbps ethernet network?
Replies: 9
Views: 907

Re: Is the Mikrotik CRS312-4C+8XG-RM correct for my 10 Gbps ethernet network?

Maybe a bit OT, cannot say if things have changed (probably they did) or whether my following anecdotal data was the effect of a "rogue" device, but I remember many years ago a small office network brought down to its knees when a NAS device was added to it. It came out that the device was...
by jaclaz
Fri Sep 13, 2024 8:31 pm
Forum: General
Topic: Question for help on wireless cubes [SOLVED]
Replies: 12
Views: 953

Re: Question for help on wireless cubes [SOLVED]

Yep, I understand now, you like to win easily, don't you? :lol: You should never copy and paste a whole configuration anyway. For three reasons: 1) some commands may sort of overwrite existing settings improperly (as an example increasing a reference) 2) some commands may make no sense (to the under...
by jaclaz
Fri Sep 13, 2024 7:18 pm
Forum: General
Topic: Question for help on wireless cubes [SOLVED]
Replies: 12
Views: 953

Re: Question for help on wireless cubes [SOLVED]

Yes, you can do the reset from the button or - if you have access to the unit (like you have) from terminal command line or winbox (easier). See configuration reset here: https://help.mikrotik.com/docs/display/ROS/Configuration+Management https://help.mikrotik.com/docs/display/ROS/Configuration+Mana...
by jaclaz
Fri Sep 13, 2024 5:51 pm
Forum: General
Topic: Question for help on wireless cubes [SOLVED]
Replies: 12
Views: 953

Re: Question for help on wireless cubes [SOLVED]

In theory, there is a default configuration (made in factory) that can (maybe) still recovered doing a reset. But for all we know it could also be that (for whatever reasons) there has been an error in packaging or an exchange of units in this or that passage from Mikrotik to the importer, from the ...
by jaclaz
Fri Sep 13, 2024 5:40 pm
Forum: Wireless Networking
Topic: 370m, 1GBit, stable: LHG-60G, nRay, ...
Replies: 12
Views: 700

Re: 370m, 1GBit, stable: LHG-60G, nRay, ...

Sorry, I meant the cube pro ... which has both 60GHz and 5GHz radios. Then an actual default configuration is here: https://forum.mikrotik.com/viewtopic.php?t=205042#p1059476 The wlan1 and w60g are bonded into interface bond1: Master: /interface w60g set [ find ] disabled=no mode=bridge name=wlan60...
by jaclaz
Fri Sep 13, 2024 5:29 pm
Forum: Beginner Basics
Topic: CRS312-4C+8XG port mirroring [SOLVED]
Replies: 15
Views: 1038

Re: CRS312-4C+8XG port mirroring [SOLVED]

Well, if I have ether1, ether2, etc., I surely can have mirror-source1, mirror-source2 and mirroring1, mirroring2, etc. BTW, I don't oppose to changing names of properties/obiects/whatever I am opposing to the idea that *something* to work needs settings in two different places. Another, still IMHO ...
by jaclaz
Fri Sep 13, 2024 5:16 pm
Forum: General
Topic: Question for help on wireless cubes [SOLVED]
Replies: 12
Views: 953

Re: Question for help on wireless cubes [SOLVED]

Cannot say why your deices are like you describe, but setting them up as they should be is relatively easy. The 192.168.88.1 is the default for a "single" Mikrotik device. Cube Pro pairs usually have 192.168.88.2 and 192.168.88.3. Maybe someone tested them and ran Quickset (or whatever), b...
by jaclaz
Fri Sep 13, 2024 4:11 pm
Forum: Beginner Basics
Topic: CRS312-4C+8XG port mirroring [SOLVED]
Replies: 15
Views: 1038

Re: CRS312-4C+8XG port mirroring [SOLVED]

Here you are:
#Hypothetical syntax
/interface ethernet switch
set switch1 mirror-source1=ether2 mirror-source2=ether4  mirror-source3=ether4 mirror-target=ether3 mirroring1=egress mirroring2=ingress mirroring3=both
by jaclaz
Fri Sep 13, 2024 4:02 pm
Forum: Beginner Basics
Topic: Is the Mikrotik CRS312-4C+8XG-RM correct for my 10 Gbps ethernet network?
Replies: 9
Views: 907

Re: Is the Mikrotik CRS312-4C+8XG-RM correct for my 10 Gbps ethernet network?

Optical cables are more robust than one thinks, BUT they don't like to be bent with a smallish radius nor to be pinched. I wouldn't say that they are fragile, they only need to be treated with some respect. Though field connectors/splice ferrules do exist, they are not exactly easy to assemble, even...
by jaclaz
Fri Sep 13, 2024 3:12 pm
Forum: Wireless Networking
Topic: 370m, 1GBit, stable: LHG-60G, nRay, ...
Replies: 12
Views: 700

Re: 370m, 1GBit, stable: LHG-60G, nRay, ...

I believe that the speed of the 60 GHz link degrades (decreases) if (say) the rain increases until connection is lost but the 5 GHz link replaces it immediately. How long is the "immediately" I cannot really say. Since the two interfaces are in a bonding, they are essentially a same interf...
by jaclaz
Fri Sep 13, 2024 2:46 pm
Forum: RouterBOARD hardware
Topic: Upgrading older Mikrotik equipment
Replies: 16
Views: 1755

Re: Upgrading older Mikrotik equipment

@mworsnop
It seems to me like a good plan :) .

If you go for the XS+85LC01D you are "safe", there shouldn't be any compatibility issues, and you have some slack for changing the hardware to even faster speeds in the future.
by jaclaz
Fri Sep 13, 2024 12:54 pm
Forum: Beginner Basics
Topic: CRS312-4C+8XG port mirroring [SOLVED]
Replies: 15
Views: 1038

Re: CRS312-4C+8XG port mirroring [SOLVED]

It is one of those (actually trifling) things that make you believe that sometimes the good Mikrotik guys do not think too much before changing a syntax. I mean, I do understand how the new syntax allows to select whether the miroring is ingress or egress traffic (or both) but it could have been imp...
by jaclaz
Thu Sep 12, 2024 9:01 pm
Forum: Beginner Basics
Topic: CRS312-4C+8XG port mirroring [SOLVED]
Replies: 15
Views: 1038

Re: CRS312-4C+8XG port mirroring [SOLVED]

I am on 7.16rc4, but it also happened with 7.15. https://help.mikrotik.com/docs/display/ROS/CRS3xx%2C+CRS5xx%2C+CCR2116%2C+CCR2216+switch+chip+features#CRS3xx,CRS5xx,CCR2116,CCR2216switchchipfeatures-PortBasedMirroring Port Based Mirroring Starting from RouterOS version 7.15, it is possible to conf...
by jaclaz
Thu Sep 12, 2024 8:47 pm
Forum: Beginner Basics
Topic: CRS312-4C+8XG port mirroring [SOLVED]
Replies: 15
Views: 1038

Re: CRS312-4C+8XG port mirroring [SOLVED]

But do you have a "switch1"? I asked for the output of /interface/ethernet/switch because yours could be called "switch2" or "mickey mouse", and in some cases it may be easier to refer to the number (that you should get from the output of print). Or try command line aut...
by jaclaz
Thu Sep 12, 2024 8:07 pm
Forum: Beginner Basics
Topic: CRS312-4C+8XG port mirroring [SOLVED]
Replies: 15
Views: 1038

Re: CRS312-4C+8XG port mirroring [SOLVED]

What do you get with: /interface ethernet switch print The command seems loosely of the kind: set <object> <attribute1=value1> <attribute2=value2> Once you are in: /interface/ethernet/switch the command: set switch1 mirror-source=ether2 mirror-target=ether7 is different from the one you posted: set ...
by jaclaz
Thu Sep 12, 2024 5:46 pm
Forum: Wireless Networking
Topic: 370m, 1GBit, stable: LHG-60G, nRay, ...
Replies: 12
Views: 700

Re: 370m, 1GBit, stable: LHG-60G, nRay, ...

Yep, there isn't that much choice (within Mikrotik range of products) for a suitable single device with dual band 60/5GHz links, I believe only: https://mikrotik.com/product/wireless_wire_cube_pro It is just a kit of two Cube Pro's pre-configured, it is not cheaper than two separate Cube Pro's but s...
by jaclaz
Thu Sep 12, 2024 4:47 pm
Forum: General
Topic: SOLVED | RouterOS bridge blocking traffic but not SwOS [SOLVED]
Replies: 8
Views: 1019

Re: RouterOS bridge blocking traffic but not SwOS [SOLVED]

Semi-random idea, but do you really-really needs to run 7.15.3? I know that Mikrotik calls it "stable", but it is still relatively new and testing RoS on switches is probably less common than on routers, so it is still IMHO well possible that there is a not yet reported/solved bug in the s...
by jaclaz
Thu Sep 12, 2024 4:36 pm
Forum: Forwarding Protocols
Topic: Not Access with Static Route [PLEASE HELP] [SOLVED]
Replies: 2
Views: 626

Re: Not Access with Static Route [PLEASE HELP] [SOLVED]

I think you inverted the screenshots or inverted the scheme/drawing addresses. One router has 1 static route and two Dynamic/Automatic one: AS 0.0.0.0/0 gateway=172.16.0.1 <- this sets the interface with ip address 172.16.0.1 as the gateway for ALL outbound traffic DAC172.16.0.0/30 gateway=? <- this...
by jaclaz
Thu Sep 12, 2024 2:18 pm
Forum: Wireless Networking
Topic: 370m, 1GBit, stable: LHG-60G, nRay, ...
Replies: 12
Views: 700

Re: 370m, 1GBit, stable: LHG-60G, nRay, ...

The issue is - I believe - your definition of "connection". Devices such as the Cube have built in - not so casually - a 5GHz "failover" radio, this means that the 60 GHz will - occasionally - fail, the 5 GHz is much less prone to issues with adverse climate (fog/heavy rain). So ...
by jaclaz
Thu Sep 12, 2024 11:49 am
Forum: Wireless Networking
Topic: Wifi core and repeaters config - Setup issue
Replies: 10
Views: 762

Re: Wifi core and repeaters config - Setup issue

Ooops :oops: . my bad, I wrongly assumed that you were making a sort of wireless wire connection. Not at all an expert with Mikrotiks, particularly when it comes to wireless settings, but from what I understand when you are using AFRINET to connect (say) a laptop and start downloading a large file, ...
by jaclaz
Wed Sep 11, 2024 6:44 pm
Forum: Beginner Basics
Topic: Network traffic gets slower, when adding vlans
Replies: 27
Views: 1369

Re: Network traffic gets slower, when adding vlans

Check by opening a terminal and issuing in it: /interface/detect-internet/print if you see it as "none" after you changed it in Winbox (before rebooting) BUT it changes back to "all" after a reboot, there must be a script (or *something else*) that re-initializes it. That whole s...
by jaclaz
Wed Sep 11, 2024 6:28 pm
Forum: Wireless Networking
Topic: Wifi core and repeaters config - Setup issue
Replies: 10
Views: 762

Re: Wifi core and repeaters config - Setup issue

Very likely irrelevant to your (speed) issue, only notes, at a first read: 1) usually bridges are set with auto-mac=no and given a fixed MAC 2) you have wlan1 largely not configured, but in both devices it is set as ap-bridge, if you don't use it, it will be better if disabled on both devices 3) you...
by jaclaz
Wed Sep 11, 2024 3:32 pm
Forum: Beginner Basics
Topic: Is the Mikrotik CRS312-4C+8XG-RM correct for my 10 Gbps ethernet network?
Replies: 9
Views: 907

Re: Is the Mikrotik CRS312-4C+8XG-RM correct for my 10 Gbps ethernet network?

Giving you a much broader and cheaper set of switch choices. Hmmm. Yes and no, if you look at the costs, compared to CAT6/6a/7 patch cables, let's say 5-10 US$ each, using DAC's you are going to need some 20-30 US$ per connection, while using fiber (or copper) SFP's, more like 60-70 US$ at least, s...
by jaclaz
Wed Sep 11, 2024 3:15 pm
Forum: Beginner Basics
Topic: Network traffic gets slower, when adding vlans
Replies: 27
Views: 1369

Re: Network traffic gets slower, when adding vlans

Good :) , AND I'll move it one notch up:

1) You do not use VLAN1
2) You DO NOT use VLAN1
3) You do not use Quickset
4) You do not use detect internet
5)...
by jaclaz
Wed Sep 11, 2024 3:10 pm
Forum: General
Topic: Adding a second /24 network troubles
Replies: 7
Views: 478

Re: Adding a second /24 network troubles

Maybe this post will be relevant to your situation:
viewtopic.php?t=187932#p947857
by jaclaz
Wed Sep 11, 2024 2:35 pm
Forum: Useful user articles
Topic: There is no indication when connecting the router to the computer
Replies: 14
Views: 4363

Re: There is no indication when connecting the router to the computer

The whole concept of innocent until proven guilty?

Overridden by Andreotti's famous:
You sin in thinking bad about people - but, often, you guess right.
by jaclaz
Wed Sep 11, 2024 2:27 pm
Forum: Beginner Basics
Topic: Network traffic gets slower, when adding vlans
Replies: 27
Views: 1369

Re: Network traffic gets slower, when adding vlans

@holvoeth Your correction is overruled :lol: : Judge Chamberlain Haller: Mr. Gambini? Vinny Gambini: Yes, sir? Judge Chamberlain Haller: That is a lucid, intelligent, well thought-out objection. Vinny Gambini: Thank you, Your Honor. Judge Chamberlain Haller: [in a firm tone] Overruled. rules need to...
by jaclaz
Wed Sep 11, 2024 1:07 pm
Forum: RouterBOARD hardware
Topic: Upgrading older Mikrotik equipment
Replies: 16
Views: 1755

Re: Upgrading older Mikrotik equipment

AFAICU SwOS is just fine (and simpler) if the switch is used as "simple" managed switch, but with RoS you have more possibilities, if needed. The way a router (designed as a router) and a switch (designed as a switch) differ is in the way the ports are connected to the CPU and between them...
by jaclaz
Wed Sep 11, 2024 10:40 am
Forum: Beginner Basics
Topic: Network traffic gets slower, when adding vlans
Replies: 27
Views: 1369

Re: Network traffic gets slower, when adding vlans

I think I will add this to my Mikrotik Club Rules :wink: :
1) You do not use VLAN1
2) You DO NOT use VLAN1
3) You do not use detect internet
4)...
by jaclaz
Tue Sep 10, 2024 9:14 pm
Forum: Beginner Basics
Topic: Network traffic gets slower, when adding vlans
Replies: 27
Views: 1369

Re: Network traffic gets slower, when adding vlans

... or causes random problems (worst case).
Judging from the reports I have seen on the forum, the worst case seems to be the normality...
by jaclaz
Tue Sep 10, 2024 9:08 pm
Forum: Scripting
Topic: Scripting using /system telnet
Replies: 4
Views: 550

Re: Scripting using /system telnet

I think telnet in Mikrotik is "interactive only":
viewtopic.php?t=69786
by jaclaz
Tue Sep 10, 2024 12:17 pm
Forum: Beginner Basics
Topic: ltap mini Routing problems
Replies: 13
Views: 2263

Re: ltap mini Routing problems

But you already have a route towards the internet (it should be provided by the lte1 interface by itself), the one in your screenshot: DAS 0.0.0.0/0 lte1 reachable is telling the router that any address in 0.0.0.0/0 (all the addresses) should go through lte1. From terrminal, you can check with: /ip ...
by jaclaz
Tue Sep 10, 2024 12:20 am
Forum: Beginner Basics
Topic: Dual Router Home Setup Help Needed
Replies: 5
Views: 590

Re: Dual Router Home Setup Help Needed

In modern windows, the default is to NOT replay to pings, so, unless you change that setting, pinging will result in timeout, but even if the error/result is the same it is not like your PC Is not reachable from the Mikrotik, simply the PC does not respond. 192.168.86.x and 192.168.88.x are two diff...
by jaclaz
Mon Sep 09, 2024 11:46 pm
Forum: Beginner Basics
Topic: ltap mini Routing problems
Replies: 13
Views: 2263

Re: ltap mini Routing problems

Interface list is a way to categorize/group items, so It Is the other way round, bridge Is in the category LAN, lte1 is in category WAN, bridge_wlan does not belong (yet) to any category (it doesn't need to belong to any of the two above or to a third one) . In the masquerade rule you use out-interf...
by jaclaz
Mon Sep 09, 2024 5:30 pm
Forum: Beginner Basics
Topic: Regarding the issue of NAT
Replies: 7
Views: 723

Re: Regarding the issue of NAT

It seems "normal" to me.

You have two domains pointing to a same IP address.

When you src-nat and dst-nat to your local network you are using the two domains, but they will both be resolved to the same a.b.c.d IP address, wouldn't they?
by jaclaz
Mon Sep 09, 2024 12:33 pm
Forum: Beginner Basics
Topic: ltap mini Routing problems
Replies: 13
Views: 2263

Re: ltap mini Routing problems

I am not really sure what your intended setup is, but: The bridge_wlan is neither LAN nor WAN: /interface list member add comment=defconf interface=bridge list=LAN add comment=defconf interface=lte1 list=WAN And your firewall nat is only for WAN: /ip firewall nat add action=masquerade chain=srcnat c...
by jaclaz
Mon Sep 09, 2024 12:26 pm
Forum: RouterBOARD hardware
Topic: Upgrading older Mikrotik equipment
Replies: 16
Views: 1755

Re: Upgrading older Mikrotik equipment

If you can use fiber, use it. Not only because it is better/faster/whatever, but because temperatures of fiber SFP's are "acceptable", copper SFP's are essentially small electric stoves (that can often create issues for the amount of heat they generate, definitely not good on passive coole...
by jaclaz
Mon Sep 09, 2024 12:03 pm
Forum: Beginner Basics
Topic: Simple Failover - ISP1 PPPoE & ISP2 LTE [SOLVED]
Replies: 7
Views: 791

Re: Simple Failover - ISP1 PPPoE & ISP2 LTE [SOLVED]

If your current config works for you, good :) . You should anyway check this post by rextended on that same thread: https://forum.mikrotik.com/viewtopic.php?t=189277#p958546 Point of note: remove only connections that have a longish remaining timeout, to avoid attempting to remove connections that a...
by jaclaz
Sun Sep 08, 2024 8:58 pm
Forum: RouterBOARD hardware
Topic: Upgrading older Mikrotik equipment
Replies: 16
Views: 1755

Re: Upgrading older Mikrotik equipment

The routing speed of the RB5009 is very similar to that of the CCR2004 (actually a little bit faster), so if 8 ports are enough for you, you'd better save the money for the moment. What may make the difference is if you are going to use the SFP(s), the second SFP port of the CCR2004 may be useful fo...
by jaclaz
Sun Sep 08, 2024 3:26 pm
Forum: Beginner Basics
Topic: Creating a wired bridge with a wsAP ac lite
Replies: 2
Views: 396

Re: Creating a wired bridge with a wsAP ac lite

Well, start by posting your current configuration of the wsAC lite, follow this post instructions: https://forum.mikrotik.com/viewtopic.php?t=203686#p1051720 It would be "unusual" that you have it configured "as router" (unless someone fiddled with it) as the common configuration...
by jaclaz
Sun Sep 08, 2024 2:18 pm
Forum: General
Topic: Cube 60Pro ac wall mount - QMP?
Replies: 1
Views: 226

Re: Cube 60Pro ac wall mount - QMP?

The QMP comes (but the good Mikrotik guys do not show an explicit/clear photo of them) with two "attachment" devices: 1) a sort of bayonet plate suitable for the SXT and similar devices 2) a short, round, one You can see it (once you know it exists, in the second photo of the product: http...
by jaclaz
Sun Sep 08, 2024 12:57 pm
Forum: Beginner Basics
Topic: Dual Router Home Setup Help Needed
Replies: 5
Views: 590

Re: Dual Router Home Setup Help Needed

Yes and no, if the devices are on a same network (let's say like in your case in a same /24) communication between them happens (should happen) at L2 level (switching/bridging) if the networks are different the communication happens (should happen) at L3 level (routing) or however some specific sett...
by jaclaz
Sun Sep 08, 2024 12:09 pm
Forum: General
Topic: Need some hardware recommendations for a router
Replies: 2
Views: 304

Re: Need some hardware recommendations for a router

If you need more SFP's probably you should add a (passive cooled) switch, *like*
https://mikrotik.com/product/crs309_1g_8s_in
https://mikrotik.com/product/crs310_1g_5s_4s_in
by jaclaz
Sun Sep 08, 2024 12:01 pm
Forum: RouterBOARD hardware
Topic: Upgrading older Mikrotik equipment
Replies: 16
Views: 1755

Re: Upgrading older Mikrotik equipment

Which main board device ( above) would you get? Also What switch for would you get? Strangely enough it depends on your requirements, number and type of devices, internet connection, what kind of speed you want to achieve and which infrastructure you have (cables) and budget. The CCR2004 @$465.00 i...
by jaclaz
Sun Sep 08, 2024 11:47 am
Forum: Wireless Networking
Topic: Ether: bridge port receiving packet with its own MAC address [SOLVED]
Replies: 19
Views: 1709

Re: Ether: bridge port receiving packet with its own MAC address [SOLVED]

I think the advise was to make your MAC static and different from any other one you have on that machine, see this: https://forum.mikrotik.com/viewtopic.php?t=190747 There are reports that the mechanism the RoS uses to auto-assign MAC can, in certain situations, change the MAC, creating havoc in cer...
by jaclaz
Sat Sep 07, 2024 6:14 pm
Forum: Beginner Basics
Topic: How to configutre LTE Router with passthrough
Replies: 1
Views: 330

Re: How to configutre LTE Router with passthrough

Shouldn't be too different from:
viewtopic.php?t=163396
by jaclaz
Sat Sep 07, 2024 5:38 pm
Forum: General
Topic: Node Red on MIPSBE, possible?
Replies: 3
Views: 359

Re: Node Red on MIPSBE, possible?

About docker on mipsbe I'vefound this topic, but doesn't report the way to obtain it:
viewtopic.php?t=187595
Well, that is what is generally referred to as "wishful thinking":
https://en.wikipedia.org/wiki/Wishful_thinking
by jaclaz
Sat Sep 07, 2024 3:48 pm
Forum: Beginner Basics
Topic: Dual Router Home Setup Help Needed
Replies: 5
Views: 590

Re: Dual Router Home Setup Help Needed

I think a line must be drawn *somewhere*, between "same network" and "other network". If your PC has 192.168.88.253, i.e. belongs to network 192.168.88..0/24, and the bridge on the Mikrotik is /ip address add address=192.168.88.1/24 comment=defconf interface=bridge network=\ 192....
by jaclaz
Sat Sep 07, 2024 11:13 am
Forum: General
Topic: DHCP is offered but not bound to Brother printers only [SOLVED]
Replies: 36
Views: 2203

Re: DHCP is offered but not bound to Brother printers only [SOLVED]

Good, so kleshlki's example in post #28 or your reported adaptation in post #29 (minus typos/errors) are the right references "as they are". :)
by jaclaz
Fri Sep 06, 2024 11:26 pm
Forum: General
Topic: DHCP is offered but not bound to Brother printers only [SOLVED]
Replies: 36
Views: 2203

Re: DHCP is offered but not bound to Brother printers only [SOLVED]

I made a mistake in the last step — datapath configuration. I fixed it and it worked :)
It would be nice if you could describe exactly what the error(s) and the correction(s) were, so that this thread may become useful as a reference for similar issues.
by jaclaz
Fri Sep 06, 2024 11:15 pm
Forum: Wireless Networking
Topic: Short distance point2point link
Replies: 2
Views: 362

Re: Short distance point2point link

The common reports about 60 GHz Is that you need clear line of view, even some fog or medium heavy rain can compromise the link, tree leaves are a no-no. A Cube in such a setup will likely continuosly fall back to the (much slower) 5 GHz. Besides the SXT SA5 AC, which I believe is intended for much ...
by jaclaz
Fri Sep 06, 2024 8:25 pm
Forum: General
Topic: Convert script to create in terminal
Replies: 4
Views: 435

Re: Convert script to create in terminal

You can also use "/system/script export where name=XXXX" to get the "escaped form" of any script (and then cut-and-paste that as needed).
Good to know, thanks :) .
by jaclaz
Fri Sep 06, 2024 8:00 pm
Forum: Beginner Basics
Topic: Simple Failover - ISP1 PPPoE & ISP2 LTE [SOLVED]
Replies: 7
Views: 791

Re: Simple Failover - ISP1 PPPoE & ISP2 LTE [SOLVED]

When you have PPPoE up: 0 ADS 0.0.0.0/0 pppoe-out1 1<- this is (DHCP) and Active, ALL outbound traffic goes through this 1 S 0.0.0.0/0 192.168.8.1 2 -<- this is (Static) and NOT Active (because of higher distance=2), so it is irrelevant 2 A S 1.1.1.1/32 pppoe-out1 1<- this, (Static) is Active and be...
by jaclaz
Fri Sep 06, 2024 4:54 pm
Forum: General
Topic: Unstable router operations
Replies: 1
Views: 262

Re: Unstable router operations

ROSv7 is too generic.
Different versions of 7.13, 7.14 and 7.15 (besides latest-latest 7.16) have been object of alternate reports of instabilities on Wi-Fi.
From what has been reported, 7.14.3 seems to be the safest bet or - at least - the better "base".
by jaclaz
Fri Sep 06, 2024 3:06 pm
Forum: Beginner Basics
Topic: Simple Failover - ISP1 PPPoE & ISP2 LTE [SOLVED]
Replies: 7
Views: 791

Re: Simple Failover - ISP1 PPPoE & ISP2 LTE [SOLVED]

These: add dst-address=0.0.0.0 gateway=192.168.8.1 distance=2 add dst-address=1.1.1.1 gateway=pppoe-out1 distance=1 Should actually be, I believe: add dst-address=0.0.0.0/0 gateway=192.168.8.1 distance=2 add dst-address=1.1.1.1/32 gateway=pppoe-out1 distance=1 (but maybe the network is implied) But ...
by jaclaz
Fri Sep 06, 2024 11:27 am
Forum: Beginner Basics
Topic: Generic setup script for UK broadband
Replies: 4
Views: 534

Re: RB5009 setup script

At a quick glance I see two common settings missing (cannot say if you avoided them on purpose):
1) static MAC address to the bridge
2) categorizing ether8 as WAN
by jaclaz
Fri Sep 06, 2024 11:09 am
Forum: RouterBOARD hardware
Topic: Outdoor 5G?
Replies: 15
Views: 3504

Re: Outdoor 5G?

We're talking about a boat here, so few other factors make it bit harder of a problem. e.g. it's going to bake in sun, vibrate/move slightly (wind), and perhaps be in salty air. So even @normis's reasonable and fun suggestion to 3D print a case for a Chateau, requires a high-temp printer to use som...
by jaclaz
Thu Sep 05, 2024 11:01 pm
Forum: Beginner Basics
Topic: LAN to LAN basics
Replies: 21
Views: 2309

Re: LAN to LAN basics

@mkx
Well, I paid 1.80 for that same cable, so it costs us nothing - combined - we are still ahead, and we can even afford to pay the unjust and unfair duty the Sheriff of Nottingham just imposed on us.
by jaclaz
Thu Sep 05, 2024 3:16 pm
Forum: Beginner Basics
Topic: LAN to LAN basics
Replies: 21
Views: 2309

Re: LAN to LAN basics

There are AFAICU mainly two consequences of using VLAN1: 1) possible incompatibilities with other vendor devices 2) possible incompatibilities with Mikrotik internal usage of VLAN1 for *some settings*, i.e.: https://forum.mikrotik.com/viewtopic.php?t=206946#p1071170 I am pretty sure that expert, kno...
by jaclaz
Thu Sep 05, 2024 2:53 pm
Forum: General
Topic: VRF with 3 Isolated NAT Networks route from 3 external IPs
Replies: 4
Views: 532

Re: VRF with 3 Isolated NAT Networks route from 3 external IPs

So you have no firewall filter rules that may interfere? I see now that you did declare the vrf's, my bad :oops: . I don't particularly appreciate your naming scheme, when/if you will need to use ether2@port1 you will see why, but this is irrelevant. I cannot see anything blatantly "wrong"...
by jaclaz
Thu Sep 05, 2024 12:49 pm
Forum: Wireless Networking
Topic: Wireless interference between devices in close vicinity
Replies: 17
Views: 1260

Re: Wireless interference between devices in close vicinity

Yep, as said RF shielding is tricky business, strange that you did not notice some differences. Well, at least we tried ... An alternative (that you won't like) could be modifying the hAP lite, add an external antenna connector and use an external flat (directional) one: https://forum.mikrotik.com/v...
by jaclaz
Thu Sep 05, 2024 10:57 am
Forum: Beginner Basics
Topic: LAN to LAN basics
Replies: 21
Views: 2309

Re: LAN to LAN basics

Very likely completely unrelated to the issue you still need to solve, but using VLAN1 is what we highly specialized technicians :shock: commonly call "looking for troubles".

JFYI:
viewtopic.php?t=208061&
by jaclaz
Wed Sep 04, 2024 6:39 pm
Forum: General
Topic: /31 through a IPSec over GRE tunnel
Replies: 7
Views: 584

Re: /31 through a IPSec over GRE tunnel

Here are some related info:
viewtopic.php?t=32935
particularly:
viewtopic.php?t=32935#p161412

And this post is the one that (for me) is easier to remember, the concept of a mirror of a /32:
viewtopic.php?t=32935#p382118
by jaclaz
Wed Sep 04, 2024 6:21 pm
Forum: Beginner Basics
Topic: How communicate between router without involving WAN [SOLVED]
Replies: 7
Views: 896

Re: How communicate between router without involving WAN [SOLVED]

Wouldn't this be similar to the "Simple Static Routing" here (minus the two different WANs instead of the single one on the wiki example):
https://wiki.mikrotik.com/wiki/Manual:S ... ic_Routing
by jaclaz
Wed Sep 04, 2024 6:16 pm
Forum: Wireless Networking
Topic: Slow WiFi [SOLVED]
Replies: 31
Views: 2597

Re: Slow WiFi [SOLVED]

In a still not perfect world, but better than this one, wifi-qcom-ac would have probably been still called wifi-qcom-ac, but wifi-qcom would probably have been called wifi-qcom-ax. You would have wifi ac devices, and need wifi-qcom- ac , you would have wifi ax devices, and need wifi-qcom- ax . In th...
by jaclaz
Wed Sep 04, 2024 12:24 pm
Forum: General
Topic: VRF with 3 Isolated NAT Networks route from 3 external IPs
Replies: 4
Views: 532

Re: VRF with 3 Isolated NAT Networks route from 3 external IPs

If it is v7, you are seemingly missing the explicit declaration of the three rouiting tables.
It is better if you post your whole configuration (as opposed to the parts that you believe relevant) as the devil is in the details.
by jaclaz
Wed Sep 04, 2024 12:17 pm
Forum: Beginner Basics
Topic: Communication problem between switch related to VLAN [SOLVED]
Replies: 2
Views: 606

Re: Communication problem between switch related to VLAN [SOLVED]

Plwase recheck your post. RT1 is 192.168.1. 1 , you wrote 192.168.1. 2 in a few places. Post the configuration of the RT1 too. I think it is better to go step by step, i.e. if PC1 connection to RT1 is not working the issue can be in three places, (besides PC1), SW2, SW1 and RT1, but if SRV2 connecti...
by jaclaz
Tue Sep 03, 2024 2:14 pm
Forum: General
Topic: VRF-support for DNS is broken?
Replies: 10
Views: 2497

Re: VRF-support for DNS is broken?

Yep, there was a photo posted some time ago, about picture on the box and actual contents, cannot find it right now, but this one will do:
Image
by jaclaz
Tue Sep 03, 2024 1:50 pm
Forum: RouterBOARD hardware
Topic: RB3011 no more POE on port eth10
Replies: 41
Views: 19842

Re: RB3011 no more POE on port eth10

That TP-LINK thingy is not a standard (which standard?, I love standards, there are so many of them :wink: ) PoE device. The PoE injector that comes with that is intended to be more than anything else an "extension cable" powered by the "normal" power supply that comes with the d...
by jaclaz
Mon Sep 02, 2024 5:27 pm
Forum: General
Topic: wAPR-2nD LTE - registration denied with new modem QUECTEL EC2004-EU [SOLVED]
Replies: 5
Views: 998

Re: wAPR-2nD LTE - registration denied with new modem QUECTEL EC2004-EU [SOLVED]

Now we are waiting for the Stable version before officially using it into production.
JFYI, in Mikrotikish "stable" has a somehow different meaning than "production ready".
I think it is one of those language subtleties that are lost in translation.
by jaclaz
Mon Sep 02, 2024 5:06 pm
Forum: Wireless Networking
Topic: Wireless interference between devices in close vicinity
Replies: 17
Views: 1260

Re: Wireless interference between devices in close vicinity

@bpwl That seem like one of the few cases where a cAP might be more useful than a hAP if you mount it on a ceiling or high on a wall. @acrophobic Sure, if you have the possibility a sheet of aluminium some (say) 2 mm thick would be light enough and have the mechanical resistance to hold the two devi...
by jaclaz
Mon Sep 02, 2024 4:14 pm
Forum: General
Topic: Simple failover on dhcp server
Replies: 19
Views: 1299

Re: Simple failover on dhcp server

The / only means "start from root", if you prefer without it it is a "relative path", with it it is an "absolute path": The good thing about RoS (and not only) scripting is that everyone can (within limits) write anything the way he/she likes :) (including overcomplicat...
by jaclaz
Mon Sep 02, 2024 2:07 pm
Forum: General
Topic: Simple failover on dhcp server
Replies: 19
Views: 1299

Re: Simple failover on dhcp server

As said it would IMHO be advisable to add a /32 route for the destination and leave the general 0.0.0.0/0 gateway alone. The gateway set in your lggh devices is only used for (say) NTP or something else, unless you expect days long interruptions of the lte, the 2 wireless devices can live without in...
by jaclaz
Mon Sep 02, 2024 1:01 pm
Forum: General
Topic: Simple failover on dhcp server
Replies: 19
Views: 1299

Re: Simple failover on dhcp server

Thanks for all for the possible solution, i have another question, the ping or the netwatch functions use the system gateway for the instradation, i think that i have to set first it in the script otherwise i have a infinite loop, is correct? Sorry, I don't understand the question, can you try expa...
by jaclaz
Mon Sep 02, 2024 11:04 am
Forum: Wireless Networking
Topic: Wireless interference between devices in close vicinity
Replies: 17
Views: 1260

Re: Wireless interference between devices in close vicinity

Wouldn't some tin foil between the two devices (RF shielding) have the same effect of having the devices a few meters apart?
It costs nothing to test, and if it works one could experiment with a very fine metal mesh (mosquito mesh) that could be simply glued/fixed to one side of the hAP Lite.
by jaclaz
Mon Sep 02, 2024 10:43 am
Forum: General
Topic: DHCP and vendor-class-d
Replies: 1
Views: 370

Re: DHCP and vendor-class-d

It is now a Generic matcher:
https://help.mikrotik.com/docs/display/ ... ricmatcher

And if you want to live dangerously, the new 7.16beta3 has an added option, substring matching, see also:
viewtopic.php?t=191884
by jaclaz
Mon Sep 02, 2024 10:29 am
Forum: Announcements
Topic: 📣 WinBox 4 is here 📣
Replies: 1283
Views: 235371

Re: 📣 WinBox 4 is here 📣

That's a very interesting comment. As far as we know, most people use Webfig. And Linux/macOS users very much try to avoid Wine at all costs. So thank you, this brings more varied opinions in to the mix. As a side note, and if I may, the idea of optionally removing webfig from the low storage devic...
by jaclaz
Sun Sep 01, 2024 11:14 pm
Forum: General
Topic: Neighbor inconsistency
Replies: 6
Views: 586

Re: Neighbor inconsistency

I don't really know, but there must be something else, you just proved that VLAN devices are at the same time Dynamic and NON-Dynamic, which doesn't sound right.

Schroedinger's VLAN devices? :shock:
by jaclaz
Sun Sep 01, 2024 8:04 pm
Forum: Wireless Networking
Topic: Chateau 5G and Eero Pro
Replies: 4
Views: 457

Re: Chateau 5G and Eero Pro

Yep, the names are confusing (generally) and to add to it every make/brand use some, slightly or greatly, different naming for the same thing. I have no idea how the eero thingies work, but probably you don't need to do anything on the Mikrotik to have it working, at least from what I can understand...
by jaclaz
Sun Sep 01, 2024 3:20 pm
Forum: General
Topic: Forward WAN port to another subnet/router LAN [SOLVED]
Replies: 10
Views: 3625

Re: Forward WAN port to another subnet/router LAN [SOLVED]

YMMV, therefore I'm not going to write exact rules here. You have discovered a truly marvelous proof of this, which this margin is too narrow to contain? :wink: :lol: Seriously, if you can, do post the configuration that actually solved the problem, even if mileage of other members may vary, at lea...
by jaclaz
Sun Sep 01, 2024 3:14 pm
Forum: Wireless Networking
Topic: Chateau 5G and Eero Pro
Replies: 4
Views: 457

Re: Chateau 5G and Eero Pro

I don't want to seem unfriendly or rude, but the proper answer to your question would be: Yes. http://jdebp.info/FGA/questions-with-yes-or-no-answers.html Please describe your overall network setup, then follow the instructions here: https://forum.mikrotik.com/viewtopic.php?t=203686#p1051720 and pos...
by jaclaz
Sun Sep 01, 2024 2:42 pm
Forum: Wireless Networking
Topic: RB911G-5HPnD (2 x ant, WIFI4) VS. hAP ac lite (1 x ant, WIFI5)
Replies: 7
Views: 613

Re: RB911G-5HPnD (2 x ant, WIFI4) VS. hAP ac lite (1 x ant, WIFI5)

The hap AC lite is $59 (official list price). The Ax lite at the same price is a steal, but it has only 2.4 GHz radio, if only 2.4 GHz is ok, no doubt, go for it. The hap AC costs more than the Ax2, $129. The issues with the hap AC (lite or not) are the architecture (MIPSBE) and the (too) little amo...
by jaclaz
Sun Sep 01, 2024 2:16 pm
Forum: General
Topic: Help please, router working only as a bridge.
Replies: 11
Views: 869

Re: Help please, router working only as a bridge.

Let's list the usual settings when the device is set as a router, the ether1 is "self-standing" (not part of a bridge) has a DHCP client active (it gets its IP address from the ISP router to which is connected) a DHCP server is running on the bridge (to which all othe rinterfaces are added...
by jaclaz
Sun Sep 01, 2024 12:33 pm
Forum: Beginner Basics
Topic: Understanding PTP Bridge operation
Replies: 8
Views: 824

Re: Understanding PTP Bridge operation

Yep, but in the context of Quickset choices, I think (from the already linked threads) that Quickset in "PTP bridge AP" will set mode=bridge anyway, i.e. the "PTP" in the description prevails and sets to have only one single connection, regardless of the license level, maybe one ...
by jaclaz
Sun Sep 01, 2024 2:48 am
Forum: General
Topic: Neighbor inconsistency
Replies: 6
Views: 586

Re: Neighbor inconsistency

by jaclaz
Sat Aug 31, 2024 8:48 pm
Forum: General
Topic: executing script from winbox failed, please check it manually
Replies: 13
Views: 2261

Re: executing script from winbox failed, please check it manually

Well, there is some difference between: An error has occurred and something *like*: script "mynicescript" running on device with MAC 00:ww:xx:yy:zz caused a "device not responding" error on line 42 These pieces of info: 1) name of the script 2) on which device it is running 3) th...
by jaclaz
Sat Aug 31, 2024 8:29 pm
Forum: Wireless Networking
Topic: Access Mikrotik LAN devices: MAC access OK IP access Noy
Replies: 9
Views: 888

Re: Access Mikrotik LAN devices: MAC access OK IP access Noy

The "Typical_AP.rsc" is the configuration for a CRS326-24G-2S+ :shock: (which I doubt is a typical AP :wink:)
by jaclaz
Sat Aug 31, 2024 6:23 pm
Forum: Useful user articles
Topic: Checking if an IP is free, without having an IP address [MS Windows]
Replies: 2
Views: 4064

Re: Checking if an IP is free, without having an IP address [MS Windows]

@rextended Let's assume that by pure chance there is not any Mikrotik device in the customer's network. Doing an IP-scan from windows is a perfectly legit operation, but IMHO the original post over-complicates it a bit. A window computer set to get IP address from DHCP should already get an APIPA ad...
by jaclaz
Sat Aug 31, 2024 3:02 pm
Forum: General
Topic: Simple failover on dhcp server
Replies: 19
Views: 1299

Re: Simple failover on dhcp server

A "normal"/common Netwatch script would do. Usually: The on-down script/commands would change the route to the alternate one The on-up script/commands would restore the previous route. In your case, instead of changing/enabling/disabling routes, you would change the gateway in the dhcp ser...
by jaclaz
Sat Aug 31, 2024 2:29 pm
Forum: Wireless Networking
Topic: Upgraded brand new nRAY 60G master and lost all signs of W60G radio
Replies: 7
Views: 1764

Re: Upgraded brand new nRAY 60G master and lost all signs of W60G radio

To be fair the fact that a given (wrong) practice has been in effect in v6 doesn't justify in any way insisting on it in v7. In other fields, when *something* results in a given number of (minor) accidents or a single serious one, that *something* is usually changed (hopefully for the better). The f...
by jaclaz
Sat Aug 31, 2024 2:09 pm
Forum: Wireless Networking
Topic: Ether: bridge port receiving packet with its own MAC address [SOLVED]
Replies: 19
Views: 1709

Re: Ether: bridge port receiving packet with its own MAC address [SOLVED]

I guess that what erlinden asked for as "logging" was meant as:
/log print
and copy and paste a few related lines of the log around the "probably loop" error you posted.
by jaclaz
Sat Aug 31, 2024 1:04 pm
Forum: General
Topic: Simple failover on dhcp server
Replies: 19
Views: 1299

Re: Simple failover on dhcp server

I think that with some clever scripting it is possible to change the gateway provided by the two DHCP servers, but the change in the two MIkrotiks DHCP settings will not be actually propagated until next DHCP request/negoitiation/lease. So, when the LTE goes down: 1) all clients in both buildings wi...
by jaclaz
Sat Aug 31, 2024 12:06 pm
Forum: Beginner Basics
Topic: Understanding PTP Bridge operation
Replies: 8
Views: 824

Re: Understanding PTP Bridge operation

To be fair, the default (from factory) configurations of a paired couple is pretty much straightforward, and similar to the "standard" (as quickest would make them) ones, the only (relative) complication is the bonding together of the two 60 and 5 GHz radios. But the bonding is needed to a...
by jaclaz
Sat Aug 31, 2024 11:42 am
Forum: General
Topic: rb4011 - flapping port
Replies: 5
Views: 618

Re: rb4011 - flapping port

Since the replacement with a similar device didn't change result (I doubt that two devices can be defective in exactly the same manner), it is actually possible the the RB750GR3 "filters" some activity on the network that ultimately causes the flapping issue. I would exclude that a commonT...
by jaclaz
Fri Aug 30, 2024 2:20 pm
Forum: General
Topic: Can't get UPnP to work in RouterOS 7.14.1 (Worked in RouterOS 6.x)
Replies: 17
Views: 1725

Re: Can't get UPnP to work in RouterOS 7.14.1 (Worked in RouterOS 6.x)

Good :) , so you can temporarily go for 7.12. But did the new batch come with already 7.14.1? If yes it must be new-new, 7.14.1 came out at the end of march 2024 . Unless you cannot manage to use 7.12 - since it is in production - I would wait for a non-beta version with the feature fixed before upg...
by jaclaz
Fri Aug 30, 2024 12:19 pm
Forum: General
Topic: rb4011 - flapping port
Replies: 5
Views: 618

Re: rb4011 - flapping port

So you think the switch is damaged? It was connected to eth5 for months without any problem. That or *something else* on the network that the unmanaged switch allows through but the 750GR3 intercepts/blocks, hard to say. How many ports has the TP-LINK switch? Try changing them around, it is entirel...
by jaclaz
Fri Aug 30, 2024 12:07 pm
Forum: General
Topic: Simple failover on dhcp server
Replies: 19
Views: 1299

Re: Simple failover on dhcp server

Yes, but I still miss something :? . In a normal situation (both ADSL and LTE up) is : 1) both buildings A and B access internet via LTE and ADSL is only a backup or 2) building A goes through ADSL and building B goes through LTE Or - in other words - does only building B need to switch from LTE to ...
by jaclaz
Fri Aug 30, 2024 11:22 am
Forum: General
Topic: Wifi Interface with no channel
Replies: 6
Views: 504

Re: Wifi Interface with no channel

I tried to manually install loaded missing ARM package but it doesn't install anything.
Isn't it MIPSBE? (not ARM):
https://mikrotik.com/product/RBwAPG-5HacT2HnD
by jaclaz
Fri Aug 30, 2024 11:18 am
Forum: Beginner Basics
Topic: Understanding PTP Bridge operation
Replies: 8
Views: 824

Re: Understanding PTP Bridge operation

We have here, as a reference, the normal cube Pro pairs complete setup (from factory): https://forum.mikrotik.com/viewtopic.php?t=205042#p1059476 One end is mode=bridge and the other is mode=station-bridge, then there is the bonding between the 60 and the 5 GHz interface. And yes, the Quickset does ...
by jaclaz
Fri Aug 30, 2024 10:50 am
Forum: General
Topic: Simple failover on dhcp server
Replies: 19
Views: 1299

Re: Simple failover on dhcp server

I am not sure to understand your setup/what you want to obtain. Normally (with both internet connections working) clients in building A go through internet access A and clients in building B go through internet access B (lte)? And when the lte connection is down you want cliients in building B to sw...
by jaclaz
Thu Aug 29, 2024 9:06 pm
Forum: General
Topic: Guidance on Internal Fiber [SOLVED]
Replies: 9
Views: 1189

Re: Guidance on Internal Fiber [SOLVED]

Possibly simpler is to highlight the modes to better understand the basic incompatibilty: What I purchased for the SFP connector is described as: "1.25G 850nm Multi mode SFP LC Transceiver Fiber Module 550 Meters 1000Base-SX LC MMF for Cisco GLC-SX-MMD/SX-MM/SFP-GE-S,Fortinet,Ubiquiti UniFi UF-...
by jaclaz
Thu Aug 29, 2024 6:50 pm
Forum: Beginner Basics
Topic: Default SOHO Firewall Rules
Replies: 10
Views: 853

Re: Default SOHO Firewall Rules

Only as a side note: The default rules that come with Mikrotik SOHO devices have two features that your ones miss: 1) they are marked in comment as "defconf" which is useful when/if you want to change some of them 2) they have a comment summing up what the rule does As well, the generic ad...
by jaclaz
Thu Aug 29, 2024 6:34 pm
Forum: Beginner Basics
Topic: LAN to LAN basics
Replies: 21
Views: 2309

Re: LAN to LAN basics

You'll have to go through this thread (which is the officially unofficial Mikrotik guide for VLAN by Pcunite):
viewtopic.php?t=143620
by jaclaz
Thu Aug 29, 2024 3:20 pm
Forum: RouterBOARD hardware
Topic: hAP ax lite LTE6 and powersupply
Replies: 3
Views: 408

Re: hAP ax lite LTE6 and powersupply

Thanks for taking your time and explaining it. As far as I can tell by the images. The 5.1k ohm is pulldown resisors, right? It looks like you soldered them to ground. If so, I have something to do tonight. :) No, I didn't solder them (user gwynbleidd reported doing that). Yes, they are pull down r...