pptp is only for a few tests. i use l2tp with ipsec. Since the blacklist configuration in address list and the RAW firewall rule i had no attacks. I believe this was the solution
This is what i get in the log file : https://ibb.co/Gsq8cps i mean reach it as they can still try to connect using various usernames. Im not sure what im doing wrong. there were a few other IPs in the past which attempted to login with admin/root whatever user/pass to the mikrotik and since i blocke...
Thanks msatter. I read your script. Correct me if im wrong the script reads the connections table and automatically puts the /24 subnet into an address list and then? you manually set a filter rule? edit : i manually created an address list with the 92.63.194.0/24 subnet called it vpn-attack_1 :) an...
Hi guys, my vpn server is being attacked by a /24 subnet, not just a single ip. i created a filter rule which is input, and source address is the whole subnet 92.63.194.0/24 and the action is dropped. Few hours later the same person still tries to connect with failed attempts, so i changed the actio...
Thank you all guys for taking some of your time to help me!! sindy : yeah me too. i have never used any other vpn service other than my own mikrotik server on the cloud. All of my computers, devices work through that server. Now this project is a slightly different and got stuck because i didn't rea...
So, as this is a test routeboard i didn't let it run for hours, so probably the routing cache expires eventually. I solely trying to find a solution to forward all traffic through the VPN (even if it's pptp or l2tp. in my case it is l2tp with ipsec). The first solution (quick and dirty one), there i...
Hi guys, i want to route all of the local traffic through a VPN L2TP connection. Everything works. The part i am stuck at, is that every time i reboot mikrotik, the routes table generates 2 default routes with the same distance = 1. I tried to disable both default routes (wlan client is the gateway ...
PPTP was a quick configuration to manage my LANs in various locations, thats why i have never been into L2TP. I setup an IPSec server and i can tell it works much better than PPTP. Unfortunatelly, I cannot check from the internet connection with the fault at the moment, as i left that place. But i w...
Hi guys, I have a VPS with static ip and mikrotik installed (v6.42.6). There i have configured a simple VPN server with local pool addresses. This way i can access remotely my personal computers windows 10 RDP and troubleshooting to small networks which i have with mikrotik routerboards. My VPN work...
Recently, I came across to a few android applications which promise cost free access on the internet with a strange VPN connection. The main idea behind this, is the user has 0.00 balance in his/her pay-as-you-go sim card and no available traffic. Here comes a strange application which creates a VPN...
The problem is that it loses its route. When i set it up i added firewall rules (accept gre and port 1723), nat (masquerade pptp-out) and mangle (prerouting src-add=10.100.100.2-10.100.100.254, mark preroute pptp-out and passthrough=yes) The ether1 of the rb750 goes into the modem and i setup a dhcp...
Ok guys, i have a mikrotik device (x86 vps on a data centre) which is the vpn server all set proper and works perfect. On the other side i got a rb750 which is behind a home dsl router and is set as a vpn client. It works perfectly for days until for an unknown reason the connection drops, the route...
It looks like im in through their console system. What ip address subnet and gateway details did you put into your ether1 interface to make it accessible over the internet?
Oh! Thank you very much for your update. It saved me so much time! Ive asked already and im waiting for their responce. After that mikrotik works perfect yeah?
I get a similar message from ICMP. Can you give me an explanation of this message? 0 xxx.yyy.zzz.sss 84 64 53ms redirect host 0 xxx.yyy.zzz.sss 84 64 115ms redirect host 0 xxx.yyy.zzz.eee 56 255 125ms TTL exceeded 1 xxx.yyy.zzz.sss 84 64 0ms redirect host 1 xxx.yyy.zzz.eee 56 255 4ms TTL exceeded 2 ...
Yes you are right. I stated it in a wrong way. I meant that in our network there are multiple vlans which divide clients by region (area), regardless that the former engineer didnt keep them in tact. Obviously these vlans have various ip ranges assigned to them, so on layer 3 firewall policies may a...
I agree partially. But my problem is the lack of documentation which leads to such problems. I cant find a way to overcome all these issues so far. I got problems like this and i cannot solve them
There is no documentation at all. Not even the private ip ranges that are used. This makes it difficult in order to make a full customers list with ip and etc. The first thing i am planning to do is to change all the clients into pppoe clients on the bras server. And when its done i want to implemen...
I see what you mean. The bras router in the network does nothing but around 20-30 pppoe connections. The managed switch as far as i know does a lot of vlans. I cant go deeper on the switch because i dont have the login details. Noone has it. The sfp1 from the core router has a lot of different real ...
I was struggling the past few weeks on how to make a core router to be as much efficient as it can. Lets take it from the beginning. I work for a company which provides wireless internet in more than 500 clients. All the clients are connected via 5ghz equipment (ubnt products) to 5ghz APs. The APs a...
I am looking for a wireless ISP user management software solution which can handle the bank payments, the cash payments, the various speed and traffic limits of our wireless connected clients. I got in touch with DMA and Powercode but they both dont seem to understand the nature of my business. My w...
Well its better for you to change job, because you will find yourself in serious trouble, when one of your clients realise that his communication is being routed through china...loool!!!
I have a mikrotik router which works perfectly. Last few days i am trying to reroute my traffic through a vpn client gateway instead of my dsl modem. The PPTP connection is established, and in winbox when i traceroute, i follow the vpn path, but my devices follow the dsl modem. What seems to be the ...
Hello guys, it seems i have a problem here which i cant completely understand and fix it.. I used the sniffer perfectly until today...Today i renabled my transparent web proxy which redirects all the port 80 traffic to port 8989. As soon as i did that the sniffer stopped working. I checked the accou...
1. configure sniffer to stream to device running wireshark: /tool sniffer set streaming-enabled=yes streaming-server=ip.of.wireshark.box /tool sniffer start I know this thread is a few years old but i came across earlier with it. I followed these 2 commands and as soon as i clicked on Start button ...
Hello guys, I want to connect to a vpn server through my mikrotik and some of the IPs on my LAN i want them to use the VPN client as gateway. i established the VPN connection in mikrotik, i can see the ip address under ip->addresses. I did a masquerade for a certain network (192.168.4.0/24) on the p...
Hello guys, ill go straight to the point. I have a mikrotik router and a DSL. Behind mikrotik router is my whole LAN. Mikrotik has 2 LAN cards (its a PC with 8GB flash card) dsl modem : 192.168.1.1/24 ether1-dsl : 192.168.1.2/24 ether2-lan : 192.168.2.1/24 dhcp server on ether2 192.168.2.10-192.168....
Thats what i thought from the first time but yes if he set his devices ip manually then he can have access. So im looking for a "proper" and permanent solution. Liodakis thank you for your reply. My mikrotik PC has 1 LAN port (the built-in one) at the moment so im not quite sure how i can ...
MT (192.168.1.3) is connected through lan cable into the one port of DSL (192.168.1.1) modem. The wifi AP (192.168.1.2) is connected to the DSL modem as well through Lan cable. The user is connected to the AP wirelessly. MT is the only DHCP server of the network and most of the devices are connected...
Hello friends, My network is 1 PC as router (DHCP Server etc), 1 DSL modem (gateway), and another wifi AP. I want to block one MAC address from accessing the internet and the network generally. So i added a firewall rule : General : Chain : Forward Advanced : Src MAC address : The address of the des...
Hello guys, i have bought the RB750g and i want to install it into a network. My network has one dsl modem/router, 3 ubnt unifis, and 2 ubnt NanoStation M2 loco. My dsl router (thomson 585v7) is my dhcp server at the moment (10.0.0.0/24) for the whole network, but every time it reaches 25-30 IPs no ...
Make sure you have a default route, and NAT out the interface. It's kinda hard to be more specific without more specific information from you. At the very least you should post your interface configuration, IP addresses, routing table, and NAT rules. How can i check the default route and how to NAT...
Hello guys, a friend of mine has a dsl router connected to his mikrotik. His mikrotik network is 10.115.0.0/24. My mikrotik network is 10.124.39.0/24 and we are connected through OSPF routing protocol. He shares his internet connection through mikrotik NAT but everyone's IP is in his network. I trie...
You cannot. i see. is it possible then to setup an PPTP Server on my MT bridged with the PPTP Client i use to go online, and then setup a PPTP Client on his MT which will call my MT? |NETWORK||PPTP Server|----VPN-----|MY_Mikrotik||PPTP Client|-|PPTP Server 2|-------------|Friend's Mikrotik||PPTP Cl...
http://wiki.mikrotik.com/wiki/How_to_make_transparent_web_proxy ip firewall nat add in-interface=ether1 dst-port=80 protocol=tcp action=redirect to-ports=8080 chain=dstnat thank you for the quick reply i assume that in my case i have to change : action=redirect to-ports=62222 but as long as i want ...
Ok guys look. My home setup is a Mikrotik (10.124.39.65/24) wifi router (4,1v) which is on the rooftop. There is a PPTP client connection to another friend to share his internet connection. A wifi Access Point (TP-LINK) (10.124.38.67/24) is in my home to share the internet to my dad's pc! I have set...
Ok guys, here's a new question :) i have a friend in the wireless network who is connected to internet through my proxy server (10.124.39.65:62222). Now he bought a Linksys PAP2T to have a voip number. He doesnt have a routerboard so he bought a mikrotik rb750. How can i setup the proxy client insid...
My MT is connected into a wireless network. At the moment i have a VPN client installed on MT which connects me to another guy's MT with internet connection. Now i want to add a proxy client in MT and then separate my applications From proxy i want only to route my VOIP telephone (adapter), games, a...
Look at the OSPF routing table - what is the cost of the two routes? The undesirable route will still have a lower cost than the one you want. I should have been more explicit originally: look at the costs and increase the interface cost of the undesirable route by so much that the entire route's c...
Look at the OSPF routing table - what is the cost of the two routes? The undesirable route will still have a lower cost than the one you want. I should have been more explicit originally: look at the costs and increase the interface cost of the undesirable route by so much that the entire route's c...
The best thing to do would be to change the cost of the interface the undesirable link goes through. Make that cost very high. At that point the other link will be preferred, but you can still fall back to the worse link when the primary fails. Undesireable link's cost is higher than the other's bu...
Ok guys, here's the problem i have. I am a member of a metropolitan wireless network in greece and i have 2 backbone links. I want to reach a specific destination which can be reached in 2 ways. The problem is that the route 1 (cost 45) is somehow the "default" route but a link between me ...
finally we fixed the problem. i got in contact with the other guy who was working on that AP yesterday and he told me that he enabled the wireless logging. the links dont work because the first has some wireless card issues (on 2347mhz the signal is -45db and on 2357mhz the signal is falling to -55d...
this happened a couple of hours ago and i cannot find the source of that problem. I've got 2 wireless links in 2,4GHz and both of them arent working at the moment. i cannot check the otherside coz i have no access rights to these nodes! could someone plz let me know what causes this problem? and how...
oh thanks a lot. another question. is it possible to create 2 scripts, the first with the settings for the AP device and the other one for the wds station??? in order to make it simplier to install?
Hello guys can somebody help me? i'm new to mikrotik and i would like to bridge 2 RBs. can somebody tell me how to bridge these 2 wireless intrefaces?
thank you in advance.
Hello guys and nice to meet you. since this is my first post i would like to tell you that i use mikrotik pc as router in a wifi network in greece.a friend of mine has a vpn server and has given me an account to use his dsl line. since now i was calling his computer to connect to the internet for ju...