MikroTik

psycoclan1

pptp is only for a few tests. i use l2tp with ipsec. Since the blacklist configuration in address list and the RAW firewall rule i had no attacks. I believe this was the solution

psycoclan1

This is what i get in the log file : https://ibb.co/Gsq8cps i mean reach it as they can still try to connect using various usernames. Im not sure what im doing wrong. there were a few other IPs in the past which attempted to login with admin/root whatever user/pass to the mikrotik and since i blocke...

psycoclan1

Thanks msatter. I read your script. Correct me if im wrong the script reads the connections table and automatically puts the /24 subnet into an address list and then? you manually set a filter rule? edit : i manually created an address list with the 92.63.194.0/24 subnet called it vpn-attack_1 :) an...

psycoclan1

Hi guys, my vpn server is being attacked by a /24 subnet, not just a single ip. i created a filter rule which is input, and source address is the whole subnet 92.63.194.0/24 and the action is dropped. Few hours later the same person still tries to connect with failed attempts, so i changed the actio...

psycoclan1

Thank you all guys for taking some of your time to help me!! sindy : yeah me too. i have never used any other vpn service other than my own mikrotik server on the cloud. All of my computers, devices work through that server. Now this project is a slightly different and got stuck because i didn't rea...

psycoclan1

xvo : wow that did the job!! Never thought of changing the distance from advanced tab in wlan!!! Now it works after rebooting mikrotik!

psycoclan1

So, as this is a test routeboard i didn't let it run for hours, so probably the routing cache expires eventually. I solely trying to find a solution to forward all traffic through the VPN (even if it's pptp or l2tp. in my case it is l2tp with ipsec). The first solution (quick and dirty one), there i...

psycoclan1

Hi guys, i want to route all of the local traffic through a VPN L2TP connection. Everything works. The part i am stuck at, is that every time i reboot mikrotik, the routes table generates 2 default routes with the same distance = 1. I tried to disable both default routes (wlan client is the gateway ...

psycoclan1

PPTP was a quick configuration to manage my LANs in various locations, thats why i have never been into L2TP. I setup an IPSec server and i can tell it works much better than PPTP. Unfortunatelly, I cannot check from the internet connection with the fault at the moment, as i left that place. But i w...

psycoclan1

Hi guys, I have a VPS with static ip and mikrotik installed (v6.42.6). There i have configured a simple VPN server with local pool addresses. This way i can access remotely my personal computers windows 10 RDP and troubleshooting to small networks which i have with mikrotik routerboards. My VPN work...

psycoclan1

Recently, I came across to a few android applications which promise cost free access on the internet with a strange VPN connection. The main idea behind this, is the user has 0.00 balance in his/her pay-as-you-go sim card and no available traffic. Here comes a strange application which creates a VPN...

psycoclan1

The problem is that it loses its route. When i set it up i added firewall rules (accept gre and port 1723), nat (masquerade pptp-out) and mangle (prerouting src-add=10.100.100.2-10.100.100.254, mark preroute pptp-out and passthrough=yes) The ether1 of the rb750 goes into the modem and i setup a dhcp...

psycoclan1

Ok guys, i have a mikrotik device (x86 vps on a data centre) which is the vpn server all set proper and works perfect. On the other side i got a rb750 which is behind a home dsl router and is set as a vpn client. It works perfectly for days until for an unknown reason the connection drops, the route...

psycoclan1

It looks like im in through their console system. What ip address subnet and gateway details did you put into your ether1 interface to make it accessible over the internet?

Edit : i googled it and found it out

psycoclan1

Oh! Thank you very much for your update. It saved me so much time! Ive asked already and im waiting for their responce. After that mikrotik works perfect yeah?

psycoclan1

I have excaxtly the same problem. Can anyone help us both on this please!

Thank you

psycoclan1

I get a similar message from ICMP. Can you give me an explanation of this message? 0 xxx.yyy.zzz.sss 84 64 53ms redirect host 0 xxx.yyy.zzz.sss 84 64 115ms redirect host 0 xxx.yyy.zzz.eee 56 255 125ms TTL exceeded 1 xxx.yyy.zzz.sss 84 64 0ms redirect host 1 xxx.yyy.zzz.eee 56 255 4ms TTL exceeded 2 ...

psycoclan1

Ok now it's getting more and more interesting this thread.

What we have :

2x CCR routers
1x edgeswitch ubnt 48ports+poe
1x cisco switch 24ports
1x ESXi server

20x ubnt APs

How would you deploy the core network with this equipement?

psycoclan1

Yes you are right. I stated it in a wrong way. I meant that in our network there are multiple vlans which divide clients by region (area), regardless that the former engineer didnt keep them in tact. Obviously these vlans have various ip ranges assigned to them, so on layer 3 firewall policies may a...

psycoclan1

I agree partially. But my problem is the lack of documentation which leads to such problems. I cant find a way to overcome all these issues so far. I got problems like this and i cannot solve them

psycoclan1

There is no documentation at all. Not even the private ip ranges that are used. This makes it difficult in order to make a full customers list with ip and etc. The first thing i am planning to do is to change all the clients into pppoe clients on the bras server. And when its done i want to implemen...

psycoclan1

I see what you mean. The bras router in the network does nothing but around 20-30 pppoe connections. The managed switch as far as i know does a lot of vlans. I cant go deeper on the switch because i dont have the login details. Noone has it. The sfp1 from the core router has a lot of different real ...

psycoclan1

I was struggling the past few weeks on how to make a core router to be as much efficient as it can. Lets take it from the beginning. I work for a company which provides wireless internet in more than 500 clients. All the clients are connected via 5ghz equipment (ubnt products) to 5ghz APs. The APs a...

psycoclan1

Thank youfor your reply. I sent them a demo request already. I hope they can be our solution.

psycoclan1

I am looking for a wireless ISP user management software solution which can handle the bank payments, the cash payments, the various speed and traffic limits of our wireless connected clients. I got in touch with DMA and Powercode but they both dont seem to understand the nature of my business. My w...

psycoclan1

Well its better for you to change job, because you will find yourself in serious trouble, when one of your clients realise that his communication is being routed through china...loool!!!

psycoclan1

lets say for start i want my whole local network to route through the vpn. when i choose that, i completelly lose the connection to the internet!

psycoclan1

I have a mikrotik router which works perfectly. Last few days i am trying to reroute my traffic through a vpn client gateway instead of my dsl modem. The PPTP connection is established, and in winbox when i traceroute, i follow the vpn path, but my devices follow the dsl modem. What seems to be the ...

psycoclan1

Hello guys, it seems i have a problem here which i cant completely understand and fix it.. I used the sniffer perfectly until today...Today i renabled my transparent web proxy which redirects all the port 80 traffic to port 8989. As soon as i did that the sniffer stopped working. I checked the accou...

psycoclan1

1. configure sniffer to stream to device running wireshark: /tool sniffer set streaming-enabled=yes streaming-server=ip.of.wireshark.box /tool sniffer start I know this thread is a few years old but i came across earlier with it. I followed these 2 commands and as soon as i clicked on Start button ...

psycoclan1

Hello guys, I want to connect to a vpn server through my mikrotik and some of the IPs on my LAN i want them to use the VPN client as gateway. i established the VPN connection in mikrotik, i can see the ip address under ip->addresses. I did a masquerade for a certain network (192.168.4.0/24) on the p...

psycoclan1

Cheers mate!!! Ive never thought about it before!!! Thank you very much! You saved me of a lot of effort and time!!

psycoclan1

Hello guys, ill go straight to the point. I have a mikrotik router and a DSL. Behind mikrotik router is my whole LAN. Mikrotik has 2 LAN cards (its a PC with 8GB flash card) dsl modem : 192.168.1.1/24 ether1-dsl : 192.168.1.2/24 ether2-lan : 192.168.2.1/24 dhcp server on ether2 192.168.2.10-192.168....

psycoclan1

Thats what i thought from the first time but yes if he set his devices ip manually then he can have access. So im looking for a "proper" and permanent solution. Liodakis thank you for your reply. My mikrotik PC has 1 LAN port (the built-in one) at the moment so im not quite sure how i can ...

psycoclan1

MT (192.168.1.3) is connected through lan cable into the one port of DSL (192.168.1.1) modem. The wifi AP (192.168.1.2) is connected to the DSL modem as well through Lan cable. The user is connected to the AP wirelessly. MT is the only DHCP server of the network and most of the devices are connected...

psycoclan1

Hello friends, My network is 1 PC as router (DHCP Server etc), 1 DSL modem (gateway), and another wifi AP. I want to block one MAC address from accessing the internet and the network generally. So i added a firewall rule : General : Chain : Forward Advanced : Src MAC address : The address of the des...

psycoclan1

Hello guys, i have bought the RB750g and i want to install it into a network. My network has one dsl modem/router, 3 ubnt unifis, and 2 ubnt NanoStation M2 loco. My dsl router (thomson 585v7) is my dhcp server at the moment (10.0.0.0/24) for the whole network, but every time it reaches 25-30 IPs no ...

psycoclan1

Make sure you have a default route, and NAT out the interface. It's kinda hard to be more specific without more specific information from you. At the very least you should post your interface configuration, IP addresses, routing table, and NAT rules. How can i check the default route and how to NAT...

psycoclan1

Hello guys, a friend of mine has a dsl router connected to his mikrotik. His mikrotik network is 10.115.0.0/24. My mikrotik network is 10.124.39.0/24 and we are connected through OSPF routing protocol. He shares his internet connection through mikrotik NAT but everyone's IP is in his network. I trie...

psycoclan1

You cannot. i see. is it possible then to setup an PPTP Server on my MT bridged with the PPTP Client i use to go online, and then setup a PPTP Client on his MT which will call my MT? |NETWORK||PPTP Server|----VPN-----|MY_Mikrotik||PPTP Client|-|PPTP Server 2|-------------|Friend's Mikrotik||PPTP Cl...

psycoclan1

You can only proxy HTTP. That said, dst-port can take multiple ports: "dst-port=80,8080,8888".

hm i understand, but how can i proxy VoIP telephony through this setup?

psycoclan1

http://wiki.mikrotik.com/wiki/How_to_make_transparent_web_proxy ip firewall nat add in-interface=ether1 dst-port=80 protocol=tcp action=redirect to-ports=8080 chain=dstnat thank you for the quick reply i assume that in my case i have to change : action=redirect to-ports=62222 but as long as i want ...

psycoclan1

2) Set DST-NAT rule to HTTP traffic to the proxy;

I have some trouble with the 2nd step. how can i setup this?

psycoclan1

Ok guys look. My home setup is a Mikrotik (10.124.39.65/24) wifi router (4,1v) which is on the rooftop. There is a PPTP client connection to another friend to share his internet connection. A wifi Access Point (TP-LINK) (10.124.38.67/24) is in my home to share the internet to my dad's pc! I have set...

psycoclan1

cheers mate! thank you very much!

psycoclan1

Ok guys, here's a new question :) i have a friend in the wireless network who is connected to internet through my proxy server (10.124.39.65:62222). Now he bought a Linksys PAP2T to have a voip number. He doesnt have a routerboard so he bought a mikrotik rb750. How can i setup the proxy client insid...

psycoclan1

My MT is connected into a wireless network. At the moment i have a VPN client installed on MT which connects me to another guy's MT with internet connection. Now i want to add a proxy client in MT and then separate my applications From proxy i want only to route my VOIP telephone (adapter), games, a...

psycoclan1

Look at the OSPF routing table - what is the cost of the two routes? The undesirable route will still have a lower cost than the one you want. I should have been more explicit originally: look at the costs and increase the interface cost of the undesirable route by so much that the entire route's c...

psycoclan1

Look at the OSPF routing table - what is the cost of the two routes? The undesirable route will still have a lower cost than the one you want. I should have been more explicit originally: look at the costs and increase the interface cost of the undesirable route by so much that the entire route's c...

psycoclan1

The best thing to do would be to change the cost of the interface the undesirable link goes through. Make that cost very high. At that point the other link will be preferred, but you can still fall back to the worse link when the primary fails. Undesireable link's cost is higher than the other's bu...

psycoclan1

Ok guys, here's the problem i have. I am a member of a metropolitan wireless network in greece and i have 2 backbone links. I want to reach a specific destination which can be reached in 2 ways. The problem is that the route 1 (cost 45) is somehow the "default" route but a link between me ...

psycoclan1

yeah, i knew that it has to be 100/100. both sides have pacific wireless Grid 24dbi antennas. i'll take a look tomorrow!

which is the lowest acceptable CCQ value for a stable link? maybe 80% ? and what can somebody do to optimize the link, additional to allignment?

psycoclan1

How much % in CCQ should i expect in a link of about 6km distance? at the moment i have :

Signal strenght : -69dbm
Tx signal strenght : -69dbm

SNR : 33db

Tx/Rx CCQ : 55/64 %

clear line of sight

2,4GHz 24dbi antennas and LMR-400 ~6m cable both sides!

psycoclan1

finally we fixed the problem. i got in contact with the other guy who was working on that AP yesterday and he told me that he enabled the wireless logging. the links dont work because the first has some wireless card issues (on 2347mhz the signal is -45db and on 2357mhz the signal is falling to -55d...

psycoclan1

this happened a couple of hours ago and i cannot find the source of that problem. I've got 2 wireless links in 2,4GHz and both of them arent working at the moment. i cannot check the otherside coz i have no access rights to these nodes! could someone plz let me know what causes this problem? and how...

psycoclan1

oh thanks a lot. another question. is it possible to create 2 scripts, the first with the settings for the AP device and the other one for the wds station??? in order to make it simplier to install?

psycoclan1

Hello guys can somebody help me? i'm new to mikrotik and i would like to bridge 2 RBs. can somebody tell me how to bridge these 2 wireless intrefaces?
thank you in advance.

psycoclan1

Hello guys and nice to meet you. since this is my first post i would like to tell you that i use mikrotik pc as router in a wifi network in greece.a friend of mine has a vpn server and has given me an account to use his dsl line. since now i was calling his computer to connect to the internet for ju...

Search found 58 matches