Community discussions

MUM Europe 2020

Search found 44 matches

by GeekPatrolMiller
Sun May 22, 2016 9:53 pm
Forum: Scripting
Topic: Scheduled Script Oddity Times are off
Replies: 4
Views: 808

Re: Scheduled Script Oddity Times are off

Also to add, I have looked in both WinBox and Webmin at the scheduled tasks and there only appears to be two tasks scheduled, the one I have shown and one other which runs hourly. The hourly task works fine. I cannot find anything which is causing the 9:57AM reboot of the router but I can assure you...
by GeekPatrolMiller
Sun May 22, 2016 9:49 pm
Forum: Scripting
Topic: Scheduled Script Oddity Times are off
Replies: 4
Views: 808

Re: Scheduled Script Oddity Times are off

Thank you both for responding. I considered explaining why I am doing this but decided that it would detract from the goal. But since you asked, I will explain. This is certainly not a standard course of action... The router will run for about three days and then appear to lock up. The device is non...
by GeekPatrolMiller
Sun May 22, 2016 5:18 pm
Forum: Scripting
Topic: Scheduled Script Oddity Times are off
Replies: 4
Views: 808

Scheduled Script Oddity Times are off

I have a few scripts but none act the way this one does. The desire is to reboot the router device once every day at 3AM. Seems simple but it has caused some undesirable oddities that I am unable to figure out. Here is the script: /system scheduler add interval=1d name="Reboot Router Daily" on-event...
by GeekPatrolMiller
Fri Oct 11, 2013 5:25 pm
Forum: General
Topic: Dual Network Routing question
Replies: 1
Views: 439

Re: Dual Network Routing question

I am interested in hiring some additional assistance in resolving this issue. Contact me with your proposed rate if you are interested. gmiller[AT]geekpatrol.com
by GeekPatrolMiller
Fri Oct 11, 2013 12:11 am
Forum: General
Topic: Dual Network Routing question
Replies: 1
Views: 439

Dual Network Routing question

I have a RB493 / ROSv5.25 connecting one LAN to two other LANs as shown here /ip address print # ADDRESS NETWORK INTERFACE 0 192.168.10.1/24 192.168.10.0 Local 1 D 192.168.7.64/24 192.168.7.0 WAN1 2 D 192.168.1.65/24 192.168.1.0 WAN2 The desire is to have only specific traffic pass through one netwo...
by GeekPatrolMiller
Sun Aug 25, 2013 3:22 am
Forum: Beginner Basics
Topic: Route Web Traffic out Wan2 and all other out Wan1
Replies: 2
Views: 2329

Re: Route Web Traffic out Wan2 and all other out Wan1

Thank you so much for that input... Your suggestion was 100% spot on. I will go on to say that I made the change you pointed out and the problem actually got worse. Before the change, the router was trying to send the traffic out WAN2 but it then failed back to WAN1, even though the route said it wa...
by GeekPatrolMiller
Fri Aug 23, 2013 4:17 pm
Forum: Beginner Basics
Topic: Route Web Traffic out Wan2 and all other out Wan1
Replies: 2
Views: 2329

Route Web Traffic out Wan2 and all other out Wan1

The goal is basically the same as the post at http://forum.mikrotik.com/posting.php?mode=reply&f=13&t=69327 , to have web traffic route through WAN2 and all other traffic route through WAN1 /ip route add disabled=no distance=1 dst-address=0.0.0.0/0 gateway=WAN2 routing-mark=web_traffic scope=30 targ...
by GeekPatrolMiller
Sat Jun 29, 2013 12:42 am
Forum: General
Topic: RB 1200 stops responding
Replies: 5
Views: 938

Re: RB 1200 stops responding

If these temperatures are actual, I am guessing they are an outside installation? You may need to bail on that unit for an RB that has fans to help remove the heat or build an enclosure to do the same. Once they get busy, the temp can only increase and the CPU may be seizing due to over temp or they...
by GeekPatrolMiller
Fri Jun 28, 2013 10:50 pm
Forum: General
Topic: Help how to configure multiple public IP address on Mikrotik
Replies: 10
Views: 27920

Re: Help how to configure multiple public IP address on Mikr

PPPoA is new to me but a quick search got this info:
http://robert.penz.name/484/howto-use-a ... onnection/

It looks like it might be worth a try. Beyond that, I do not know.
by GeekPatrolMiller
Fri Jun 28, 2013 8:56 pm
Forum: General
Topic: Help how to configure multiple public IP address on Mikrotik
Replies: 10
Views: 27920

Re: Help how to configure multiple public IP address on Mikr

You can also keep the public IP on your gateway router and NAT only the ports they need. Otherwise, One-to-One NAT is the way to go...
by GeekPatrolMiller
Fri Jun 28, 2013 7:53 pm
Forum: Beginner Basics
Topic: Balancing ADSL
Replies: 1
Views: 527

Re: Balancing ADSL

Use a mangle rule to packet mark every other packet. Use NAT rule to designate the path to take outbound. There are more than a few walk throughs on this that are quite detailed.
by GeekPatrolMiller
Fri Jun 28, 2013 7:24 pm
Forum: General
Topic: Help how to configure multiple public IP address on Mikrotik
Replies: 10
Views: 27920

Re: Help how to configure multiple public IP address on Mikr

The short answer is One-to-One NAT. There are many walk throughs on how to set this up. Configure the internal clients to work properly using the MT and a masquerade route first. Then go back and add your One-to-One NAT configurations and each client will appear to have a public address on the publi...
by GeekPatrolMiller
Fri Jun 28, 2013 7:17 pm
Forum: General
Topic: RB 1200 stops responding
Replies: 5
Views: 938

Re: RB 1200 stops responding

Since the device spec operating temperature range is -20 to +65C (which I think is ambient temp, not core temp) and your core is reporting +60C (I assume this is the reading after you reboot, and is not known to be incredibly accurate either) you probably already know the solution. On the health mon...
by GeekPatrolMiller
Fri Jun 28, 2013 6:56 pm
Forum: General
Topic: VOIP over VPN Issues
Replies: 1
Views: 1157

Re: VOIP over VPN Issues

It is much easier to use IAX connections between the Asterisk boxes because all Control and Audio are sent over the same port/connection. Do you have MT on both sides of the VPN or are you using VPN Client on the Remote PBX to connect to the RB750? If yes, I have never done that but I have setup mul...
by GeekPatrolMiller
Fri Jun 28, 2013 6:46 pm
Forum: General
Topic: Is it possible to filter DNS queries based on their content?
Replies: 2
Views: 808

Re: Is it possible to filter DNS queries based on their cont

First thoughts are that you could use Layer7 Filtering but the down side is that the CPU performance drain on the router might be greater than that of the DNS Flood. Second thought is based on slowing the traffic through a Mangle/NAT filter where you could limit the number of requests per minute fro...
by GeekPatrolMiller
Fri Jun 28, 2013 6:23 pm
Forum: Beginner Basics
Topic: Email issues
Replies: 3
Views: 2553

Re: Email issues

We use a fully qualified script statement to send emails like this. We use a hosted Exchange server that requires TLS but you only need this if the mail server requires it. The other thing that most people do not understand is that the router can only send email to a mail server that can either rela...
by GeekPatrolMiller
Fri Jun 28, 2013 3:41 pm
Forum: General
Topic: Need some Routing Help Please
Replies: 13
Views: 1928

Re: Need some Routing Help Please

Sorry for my delay but we did resolve the issues we were having. I had not actually tried OSPF in the past but we sat down a watch a number of videos and walk through whitepapers and felt comfortable enough to unleash it on the network. Initially between two routers and then we added additional rout...
by GeekPatrolMiller
Thu Jun 20, 2013 1:08 am
Forum: General
Topic: Need some Routing Help Please
Replies: 13
Views: 1928

Re: Need some Routing Help Please

Sorry I forgot to add... The 172.16.255.2 is the PPTP address of the 10.14.255.1 router where I am originating the icmp traffic in the testing.
by GeekPatrolMiller
Thu Jun 20, 2013 1:05 am
Forum: General
Topic: Need some Routing Help Please
Replies: 13
Views: 1928

Re: Need some Routing Help Please

Actually all of the PPTP connections at the NOC use the same local address of 172.16.0.1 /ppp secret add caller-id="" comment="TX, Dallas" disabled=no limit-bytes-in=0 limit-bytes-out=0 local-address=172.16.0.1 name=PPTP002TX001 profile=default-encryption remote-address=\ 172.16.43.1 routes="10.43.1...
by GeekPatrolMiller
Wed Jun 19, 2013 11:16 pm
Forum: General
Topic: Need some Routing Help Please
Replies: 13
Views: 1928

Re: Need some Routing Help Please

Sorry, 10.14.255.0/24 with PPTP of 172.16.255.1 can be considered Remote Office C and is configured exactly like the other two. I am using it for testing because it is on my test bench and not in production.
by GeekPatrolMiller
Wed Jun 19, 2013 8:21 pm
Forum: General
Topic: Need some Routing Help Please
Replies: 13
Views: 1928

Re: Need some Routing Help Please

No that is how it is shown... Just for curiosity sake, I added an out interface to Ether1 but it did not change anything. Currently I am just pinging from the 10.14.255.1 to 10.14.1.2 Using "/ip firewall connection print" I can see the ICMP traffic passing through the NOC 9 icmp 172.16.255.2 10.14.1...
by GeekPatrolMiller
Wed Jun 19, 2013 7:52 pm
Forum: General
Topic: Need some Routing Help Please
Replies: 13
Views: 1928

Re: Need some Routing Help Please

Opps sorry, I did not figure there was anything at NOC to affect the flow. NOC /ip firewall nat add action=dst-nat chain=dstnat comment=WebServer disabled=no dst-address=12.X.Y.Z \ dst-port=22,80,10000 in-interface=ether1 protocol=tcp to-addresses=10.0.0.200 add action=add-src-to-address-list addres...
by GeekPatrolMiller
Wed Jun 19, 2013 6:38 pm
Forum: General
Topic: Need some Routing Help Please
Replies: 13
Views: 1928

Re: Need some Routing Help Please

Remote Office A: /ip firewall nat add action=masquerade chain=srcnat comment="default configuration" disabled=no \ out-interface=ether1-gateway Remote Office B /ip firewall nat add action=dst-nat chain=dstnat comment="VoIP Administration" disabled=no dst-addr 12.X.Y.Z dst-port=22,80,443,3306,9001,69...
by GeekPatrolMiller
Wed Jun 19, 2013 3:50 pm
Forum: General
Topic: HTTP conditional dnat if Host: value in http-header matches
Replies: 2
Views: 2050

Re: HTTP conditional dnat if Host: value in http-header matc

I am not good with RegExp stuff but... Do you have another webserver the user gets pointed to if they do not specify the host header info or are you using this as a line of defense from ip scanning? You could oversimplify the Regexp to some\.example\.com so long as you did not have other uses for th...
by GeekPatrolMiller
Wed Jun 19, 2013 3:24 pm
Forum: General
Topic: Upgrade to 6.1 bricked my RB750
Replies: 7
Views: 2439

Re: Upgrade to 6.1 bricked my RB750

You must hold the reset button in and keep it depressed while plugging in the power. Keep holding for 30 sec. and then release. If this does not work, try using the NetInstall to reapply the firmware. If that does not work, you have a bad device.
by GeekPatrolMiller
Wed Jun 19, 2013 3:02 pm
Forum: Beginner Basics
Topic: Port forwarding rules don't work after hardware reboot.
Replies: 5
Views: 1096

Re: Port forwarding rules don't work after hardware reboot.

One big thing I would suggest is to get your Masquerade rule at the bottom of your rules list, or at least after your SIP rules.
by GeekPatrolMiller
Wed Jun 19, 2013 2:50 pm
Forum: Beginner Basics
Topic: Port forwarding rules don't work after hardware reboot.
Replies: 5
Views: 1096

Re: Port forwarding rules don't work after hardware reboot.

What do you do to resolve the issue currently? The rule still show up in your config after the reboot but just does not work? Is that what you are saying or doe the rule get removed from the config due to the reboot?
by GeekPatrolMiller
Wed Jun 19, 2013 5:29 am
Forum: Beginner Basics
Topic: Port forwarding rules don't work after hardware reboot.
Replies: 5
Views: 1096

Re: Port forwarding rules don't work after hardware reboot.

You might first port your NAT configuration here so we can see what you are trying to do and maybe suggest changes.
by GeekPatrolMiller
Wed Jun 19, 2013 5:03 am
Forum: General
Topic: Need some Routing Help Please
Replies: 13
Views: 1928

Need some Routing Help Please

I have a central NOC and several remote offices. All running RB493G. The core network addresses are in the 10.0.0.0/8 network with the second and third octet changing based on physical location. The last octet is reserved for local devices. The NOC router also runs PPTP Server to allow the remote of...
by GeekPatrolMiller
Thu Feb 07, 2013 4:27 am
Forum: Beginner Basics
Topic: Basic configuration Mistake
Replies: 2
Views: 638

Re: Basic configuration Mistake

I did figure this out... I was doing a source nat masquerade from the LAN to the WAN but neglected to specify the Out Interface on the NAT Rule. Duh... :shock: Original NAT Rule that was broken: add action=masquerade chain=srcnat disabled=no Fixed Version of same NAT Rule: add action=masquerade chai...
by GeekPatrolMiller
Tue Jan 29, 2013 2:57 pm
Forum: Beginner Basics
Topic: Basic configuration Mistake
Replies: 2
Views: 638

Basic configuration Mistake

I have configured a 493G and is working great for several months but I just noticed an oddity that I need help resolving. I have a basic NAT'ed configuration where ETH1 has a Public IP and ETH2 has a Private IP of 10.4.3.1 and my firewall has one NAT rule to masquerade. Simple... The issue I am havi...
by GeekPatrolMiller
Fri Nov 04, 2011 7:02 am
Forum: Beginner Basics
Topic: PPPoE on RB750GL
Replies: 5
Views: 1958

Re: PPPoE on RB750GL

You only need the Masquerade on the PPPoE interface...
Check your default routes. I bet if you remove the current 0.0.0.0/0 and recreate it, you will be good.
by GeekPatrolMiller
Fri Nov 04, 2011 5:59 am
Forum: General
Topic: PPTP-EOIP Bridge Question
Replies: 3
Views: 870

Re: PPTP-EOIP Bridge Question

I actually have two offices, one existing and one being set up. Both have a single PC and a VoIP Phone behind a RB750GL and connecting to a RB493G at a network center. The existing office is set up using PPTP and everything is just routed and it works great. The question is why do I want to use EoIP...
by GeekPatrolMiller
Wed Nov 02, 2011 3:54 pm
Forum: General
Topic: PPTP-EOIP Bridge Question
Replies: 3
Views: 870

PPTP-EOIP Bridge Question

I have created a branch office bridge that works great using PPTP and EOIP. I would like all traffic at the branch office that is not a destination in the 192.168.0.0/16 network be routed through the local internet connection. The goal is to allow the localized workstations to communicate with the r...
by GeekPatrolMiller
Sun May 29, 2011 4:05 am
Forum: General
Topic: Source IP is wrong
Replies: 6
Views: 986

Re: Source IP is wrong

It is very odd... I had another router recently do exactly the same thing. The config is even simpler on that device except that there are several 1to1 NAT networks. It also gave the LAN interface address for each network initially and I poked it and poked it till it began working but I swear that I...
by GeekPatrolMiller
Sun May 29, 2011 3:44 am
Forum: General
Topic: Source IP is wrong
Replies: 6
Views: 986

Re: Source IP is wrong

The TimeWarner circuit on ether2 is connected but not fully configured as I am waiting for the T1 next week in which the T1 will serve the phone system only and the TimeWarner circuit will serve all other Internet connectivity. The DSL is on ether1 which is an AT&T circuit but I have it labeled as C...
by GeekPatrolMiller
Sun May 29, 2011 3:23 am
Forum: General
Topic: Source IP is wrong
Replies: 6
Views: 986

Re: Source IP is wrong

Well, I cannot explain but it is now working properly. I have not changed anything AFAIK... Just poking around the configuration and running some bandwidth tests back to one of my other routers. My guess is it is stemming from the DSL pppoe connection that acquires its address by DHCP, which goes aw...
by GeekPatrolMiller
Sun May 29, 2011 2:49 am
Forum: General
Topic: Source IP is wrong
Replies: 6
Views: 986

Re: Source IP is wrong

Those are 100% of all the NAT rules. I do have some packet marking happening in the mangle section if that matters... /ip firewall mangle add action=mark-packet chain=forward comment="VoIP Traffic FROM Server" \ disabled=no new-packet-mark=VoIP passthrough=no src-address=10.0.0.10 add action=mark-pa...
by GeekPatrolMiller
Sun May 29, 2011 1:58 am
Forum: General
Topic: Source IP is wrong
Replies: 6
Views: 986

Source IP is wrong

I have a 433 with O/S 5.3 configured with a one-to-one nat as such (line 2-3): [Administrator@ProSecure-Corporate] /ip firewall nat> print Flags: X - disabled, I - invalid, D - dynamic 0 chain=dstnat action=add-src-to-address-list protocol=tcp dst-address=X.X.X.X src-address-list=!Trixbox Admin addr...
by GeekPatrolMiller
Fri Dec 24, 2010 2:06 am
Forum: Beginner Basics
Topic: Multi-Homed or Not - That is the question
Replies: 3
Views: 1187

Multi-Homed or Not - That is the question

I have tried several suggestions from the forum and wiki but admittedly I am just hacking at the problem... Small remote office makes RDP(3389) connections back to home office. Link has gotten a bit slow with addition of new users so we added bandwidth. Main focus is to give the RDP sessions priorit...
by GeekPatrolMiller
Fri Aug 27, 2010 5:33 pm
Forum: Wireless Networking
Topic: WDS Oddity
Replies: 1
Views: 548

WDS Oddity

I have two RB433 routers with two Ubiquiti X2 radios and one antenna each. The first unit I call the MASTER and the second I call SLAVE. The MASTER unit has eth1 bridged to the radio A and a WDS link names PRIVATE to the SLAVE. The MASTER also has eth3 bridged to radio B and a WDS link name PUBLIC t...
by GeekPatrolMiller
Sun May 03, 2009 3:04 pm
Forum: Beginner Basics
Topic: Basic Routing Question
Replies: 1
Views: 581

Basic Routing Question

I am sorry to ask such a basic question but I just cannot get my head around this problem yet... Current Configuration: T1 circuit from AT&T with Ethernet handoff. 3 IP addresses available, but using only one on WAN interface. NATing on LAN interface. Firewall rules are forwarding numerous port traf...
by GeekPatrolMiller
Mon Dec 08, 2008 3:47 am
Forum: Beginner Basics
Topic: Block All Traffic Except ...
Replies: 5
Views: 1382

Re: Block All Traffic Except ...

Can you suggest any good walk-through on this. I have been away from the office all day today and had been reading and exploring the web-proxy on a test router.

The articles I am finding are of a previous version of OS. I have 3.17 loaded on both my production and test boxes.

Thanks,
-greg
by GeekPatrolMiller
Sun Dec 07, 2008 4:05 pm
Forum: Beginner Basics
Topic: Block All Traffic Except ...
Replies: 5
Views: 1382

Block All Traffic Except ...

This router is being used to lock down a public computer and to only allow access to a small hand full of sites. I have this working through firewall rules and address list allowing but I have one site which seems to have a single front end IP address and a bunch of dynamic IP addresses it has its s...