Community discussions

Search found 1513 matches

  • 1
  • 2
  • 3
  • 4
  • 5
  • 31
by jandafields
Tue Oct 17, 2017 12:28 am
Forum: Announcements
Topic: RouterOS (v6.39.3, v6.40.4, v6.41rc) NOT affected by WPA2 vulnerabilities
Replies: 58
Views: 95651

Re: RouterOS NOT affected by WPA2 vulnerabilities

Hi when I read about the vulnerability this morning I immediatly checked the forum and was very happy to read this announcement. I updated all my access points and was quite relieved this should not concern me anymore. Now that there is more information and as it was already quoted: From the link :...
by jandafields
Sat Oct 15, 2016 4:25 pm
Forum: RouterOS v7
Topic: Feature request for v7.x
Replies: 250
Views: 54116

Re: Feature request for v7.x

Who really suffers by devices being regularly stolen? I have not ever heard of it. Maybe not stolen, but reused by a competitor... giving the competitor an advantage because they don't have to provide one. Anyway, the point is that this "Secure Routerboot" feature should be advertised as a configur...
by jandafields
Fri Oct 14, 2016 8:50 pm
Forum: RouterOS v7
Topic: Feature request for v7.x
Replies: 250
Views: 54116

Re: Feature request for v7.x

A few hours does not equal "impossible".

Some people spend a few hours setting up the router anyway.
by jandafields
Fri Oct 14, 2016 4:38 pm
Forum: RouterOS v7
Topic: Feature request for v7.x
Replies: 250
Views: 54116

Re: Feature request for v7.x

No, Secure Routerboot does not protect the hardware at all. It only protects the configuration. Currently true, but we will implement a specific second interval for the reset, so that it will be impossible to reset, unless you know that it is triggered between the 85th and 90th second :) So, you ha...
by jandafields
Tue Oct 11, 2016 3:53 am
Forum: RouterOS v7
Topic: Feature request for v7.x
Replies: 250
Views: 54116

Re: Feature request for v7.x

Please add some type of device / tracking protection. That when thief will steal it, it will have some code with ability to track, even after hard reset or with remote code activation, to work in the way as apple icloud lock - unusable without code. Secure Routerboot is already available - maybe th...
by jandafields
Fri Sep 23, 2016 11:29 pm
Forum: General
Topic: Queue Tree - Limit-At vs. Max-Limit
Replies: 0
Views: 1710

Queue Tree - Limit-At vs. Max-Limit

If I have a Queue Tree with type PCQ, the limit-at inside the Queue Tree seems to have no affect. Max-Limit is the max that can go through the queue, that is easy to understand. Limit-at is defined as the guaranteed limit, but can go as high as the max-limit. If I put limit-at=100k and max-limit=200...
by jandafields
Wed Sep 21, 2016 1:14 am
Forum: General
Topic: NSA and routeros
Replies: 27
Views: 5596

Re: NSA and routeros

I know this is an old thread but I just came across this while searching for security information. https://www.youtube.com/watch?v=vbdyG0l_b3M&feature=youtu.be&t=2209 So there does appears to be a backdoor in Mikrotik. Unfortunately no details were given other than a confirmation. It says: That guy...
by jandafields
Sun Apr 24, 2016 8:40 pm
Forum: General
Topic: Wireless connection droppping on RB951-2n
Replies: 24
Views: 6480

Re: Wireless connection droppping on RB951-2n

Did anyone manged to get this resolved? I am still having issues with this AP. I am browsing the internet and then suddenly connection drops. I am using WPA2 AES encryption only. You are replying to a 4 year old topic! Anyway, I sent the rb951-2n back (4 years ago) and got a different model, no mor...
by jandafields
Wed Feb 17, 2016 3:57 am
Forum: General
Topic: SSH - Active User List keeps logged out users v6.33.3
Replies: 0
Views: 322

SSH - Active User List keeps logged out users v6.33.3

I have a program that uses ssh to automatically login to the router on a schedule, checks some things, and then logs out.... repeat... That user has a huge amount of entries in the "active user list" and growing... some are almost 24 hours old. /user active print How can I clear this list? Or how ca...
by jandafields
Fri Nov 20, 2015 8:01 am
Forum: General
Topic: Routing Precedence Priority with Routing-Mark and Distance
Replies: 1
Views: 499

Routing Precedence Priority with Routing-Mark and Distance

I've found that a route with a routing-mark always takes priority over other routes, regardless of distance. For example, if a connection (with routing mark x) matches both of the following routes, it will always take route #2 because of the mark even though it has a much larger distance. Route #1 0...
by jandafields
Sun Mar 29, 2015 4:23 am
Forum: Beginner Basics
Topic: Failed to run RouterOS v6.27 in the FreeBSD/bhyve VM
Replies: 2
Views: 763

Re: Failed to run RouterOS v6.27 in the FreeBSD/bhyve VM

I would like to try RouterOS in a virtual environment. I've successfully installed RouterOS in the bhyve VM, but it doesn't start due to licensing issue. I've got these messages: Starting... Starting services... Demo license expired! Please reinstall the router. connect failed (errno=2) connect fai...
by jandafields
Sun Mar 29, 2015 4:16 am
Forum: Beginner Basics
Topic: Ping between subnets on RB2011
Replies: 2
Views: 603

Re: Ping between subnets on RB2011

Yes, by default all networks can access each other. Actually, if you want them NOT to access each other within the router, you have to specifically block them in the router firewall settings. Make sure your devices (laptops or whatever) have the proper gateway set and that their own firewalls are no...
by jandafields
Sun Mar 29, 2015 4:10 am
Forum: Wireless Networking
Topic: C2S VPN dropping over wireless but works over direct cable
Replies: 2
Views: 495

Re: C2S VPN dropping over wireless but works over direct cable

Hello, I have a issue with keeping VPN session over the Wirelless but is stable over cable. I'm connecting from my laptop using client-to-site VPN to corporate network (Juniper SSL VPN box). I'm able to authenticate and connect but after few minutes VPN crash and I have to disconnect and reconnect....
by jandafields
Sun Mar 29, 2015 4:06 am
Forum: SwOS
Topic: 260GSP all poe port 100Mbit ???!!!
Replies: 2
Views: 1891

Re: 260GSP all poe port 100Mbit ???!!!

Hi this day i buy 2 pcs rb260gsp. a lousy product. I plugged 2 rb911 and 2 rb912 (gbit product gbit cable. cable max lenght 5m) All port work 100Mbit ??? !!! 260gsp.PNG too bad product. (750UP nice built in routeros) I would not recommend to anyone. Lack roteros sucks. sell them, buy 750UP. I wish ...
by jandafields
Sun Mar 29, 2015 4:02 am
Forum: RouterOS v6 RC and v7 BETA
Topic: WinBox Terminal Copying Text?
Replies: 2
Views: 821

Re: WinBox Terminal Copying Text?

In the WinBox terminal window I'd like to copy text that wraps off screen. Normally you can start highlighting and then scroll/shift click to highlight a large amount of text. This does not function as expected in WinBox. Or is there another method I'm oblivious to? Thanks! A.J. If you can't make t...
by jandafields
Sun Mar 29, 2015 4:01 am
Forum: General
Topic: CCR1036-12G-4S
Replies: 2
Views: 515

Re: CCR1036-12G-4S

I have problem with CCR1036-12G-4S. It can't booting. I have try to connect with console interface. but it can't work.
Anybody in here have same this problem? Please help me to solving this problem.
Thank you very much.
Netinstall
http://wiki.mikrotik.com/wiki/Manual:Netinstall
by jandafields
Sun Mar 29, 2015 2:30 am
Forum: General
Topic: Facebook Wifi is possible?
Replies: 4
Views: 3541

Re: Facebook Wifi is possible?

Facebook never shares your password with 3rd party apps, and apps don't enter the credentials themselves either, so a RADIUS-to-Facebook is theoretically impossible. Actually, there are a lot of non-facebook services that use facebook as a login. The router never needs to know the password, and nei...
by jandafields
Sun Mar 29, 2015 2:25 am
Forum: RouterOS v6 RC and v7 BETA
Topic: Feature request - Winbox import from csv
Replies: 8
Views: 2222

Re: Feature request - Winbox import from csv

If you make your list o' stuff be in the format of valid routeros commands, you can ssh into the box and copy/paste. Yes, you can already do that. You can copy and paste the commands in one large paste directly into the ssh terminal. Also, you can put all the commands into a text file and use the i...
by jandafields
Sun Mar 29, 2015 2:22 am
Forum: General
Topic: 3 subnets talk to each other in routerboar RB1100 ah
Replies: 6
Views: 726

Re: 3 subnets talk to each other in routerboar RB1100 ah

Dear BartoszP, would you please do a favor and complete the solution because I am a new student in mikrotik and I don't know how to write the script. Thanks for your help, You should really read the manual, the wiki, and just start playing around with it. You will learn how to do this on your own v...
by jandafields
Sun Mar 29, 2015 2:18 am
Forum: General
Topic: Protected RouterBOOT
Replies: 107
Views: 19658

Re: Protected RouterBOOT

Yes, the light flashes when the correct number of seconds has been reached. The "seconds" is really not a security measure at all, I don't know why they make it adjustable since the light flashes anyway.
by jandafields
Sat Mar 28, 2015 9:09 pm
Forum: Beginner Basics
Topic: NAT port forwarding
Replies: 4
Views: 873

Re: NAT port forwarding

Make sure you have proper masquerade set on the router, and the proper gateway set on the server. Go to the server, and make sure you can successfully do something like "ping google.com" I do have the masquerade on the router: /ip firewall nat add action=masquerade chain=srcnat comment="outbound ma...
by jandafields
Sat Mar 28, 2015 9:08 pm
Forum: General
Topic: Protected RouterBOOT
Replies: 107
Views: 19658

Re: Protected RouterBOOT

no i didnt install this package. so i have to drag and drop it in files and reboot to get it installed? and after i will find the option in settings?
Correct, this package is required for it to work. Install it just like you would any upgrade package.
by jandafields
Sat Mar 28, 2015 9:05 pm
Forum: The User Manager
Topic: PayPal - ssl connection error: handshake failed: unable to get local issuer certificate (6)
Replies: 23
Views: 3437

Re: PayPal - ssl connection error: handshake failed: unable to get local issuer certificate (6)

All of a sudden I get this error message when paypal is trying to report UM a successful payment
I use ROS6.27 on a RB2011
The problem just appeared without any setup changes
Any ideas?
Known issue.
http://forum.mikrotik.com/viewtopic.php?t=88770
by jandafields
Sat Mar 28, 2015 8:59 pm
Forum: RouterOS v6 RC and v7 BETA
Topic: Feature request - Winbox import from csv
Replies: 8
Views: 2222

Re: Feature request - Winbox import from csv

Please add import from the csv file.
What, exactly, are you wanting to import into winbox?
by jandafields
Sat Mar 28, 2015 8:58 pm
Forum: General
Topic: Facebook Wifi is possible?
Replies: 4
Views: 3541

Re: Facebook Wifi is possible?

You would have to somehow implement a facebook to radius solution. Unfortunately, that is outside the scope of the mikrotik forums.

Once that is done, simply point the mikrotik aaa to that radius server.
by jandafields
Sat Mar 28, 2015 8:54 pm
Forum: Beginner Basics
Topic: How to install protected_routerboot_v3_22_enable_6_27.dpk
Replies: 1
Views: 818

Re: How to install protected_routerboot_v3_22_enable_6_27.dpk

Just like you would install any upgrade package in the routerboard. Copy the file to the routerboard (drag in into winbox).

Then, reboot using the reboot command in winbox.
by jandafields
Sat Mar 28, 2015 8:49 pm
Forum: RouterOS v6 RC and v7 BETA
Topic: Mikrotik Timer Issues!! Unstable connections!
Replies: 2
Views: 652

Re: Mikrotik Timer Issues!! Unstable connections!

Why are you using a timer to disconnect power every day? All those power cycles can't be good for the router and the modems.
by jandafields
Sat Mar 28, 2015 8:47 pm
Forum: General
Topic: NO Floppy discs anywhere
Replies: 3
Views: 588

Re: NO Floppy discs anywhere

Hey is it possible for the Mikrotik boys to create a USB system to replace the floppy to recover boards with no serial port. I mean you need a freaking time machine to buy a floppy disc these days Or at least update it to the last decade you know those spiny things called CDs Thanks Mikrotik doesn'...
by jandafields
Sat Mar 28, 2015 8:44 pm
Forum: Scripting
Topic: how to block android update in mikrorik
Replies: 3
Views: 5074

Re: how to block android update in mikrorik

Read this:
https://support.google.com/googleplay/a ... 1367?hl=en

Try blocking
TCP and UDP 5228
by jandafields
Sat Mar 28, 2015 8:39 pm
Forum: Beginner Basics
Topic: NAT port forwarding
Replies: 4
Views: 873

Re: NAT port forwarding

Make sure you have proper masquerade set on the router, and the proper gateway set on the server.

Go to the server, and make sure you can successfully do something like "ping google.com"
by jandafields
Sat Mar 28, 2015 8:36 pm
Forum: General
Topic: Looking for MikroTik Expert
Replies: 3
Views: 798

Re: Looking for MikroTik Expert

The best bet is to use queue tree. Then, u hv the opportunity to clearly separate the download from upload using specific chain in mangle. However, if u must use simple queue, mark upload at prerouting so that it can be penalized at Global-in and ur download can be forward and output (incase u r us...
by jandafields
Sat Mar 28, 2015 8:33 pm
Forum: General
Topic: Protected RouterBOOT
Replies: 107
Views: 19658

Re: Protected RouterBOOT

i already read the wiki. but i cant find it even in terminal. can u give me the command?
Did you follow the instructions in the wiki, INCLUDING downloading and installing the required package?

http://www.mikrotik.com/download/share/ ... e_6_27.dpk
by jandafields
Sat Mar 28, 2015 8:30 pm
Forum: General
Topic: 3 subnets talk to each other in routerboar RB1100 ah
Replies: 6
Views: 726

Re: 3 subnets talk to each other in routerboar RB1100 ah

The router will route between the 3 networks automatically as long as you have not specifically blocked it in the firewall.

Just make sure you have the router's IP set as the default gateway in your connected devices.
by jandafields
Sat Mar 28, 2015 8:14 pm
Forum: General
Topic: Protected RouterBOOT
Replies: 107
Views: 19658

Re: Protected RouterBOOT

where exactly is this option of protected-routerboot? i cant find it in my rb2011 and rb951 latest ros and firmware.
You have to do it from the command line:
http://wiki.mikrotik.com/wiki/Manual:Ro ... bootloader
by jandafields
Sat Mar 28, 2015 7:43 pm
Forum: General
Topic: Protected RouterBOOT
Replies: 107
Views: 19658

Re: Protected RouterBOOT

Like I said, I cant think of a single device that can be completely locked down. Most can be factory reset in some way, even if you have to solder something to the serial port on the board etc. Wrong. There ARE devices that are useless without a password. iPhones and iPads have a locking feature wh...
by jandafields
Sat Mar 28, 2015 7:39 pm
Forum: General
Topic: Protected RouterBOOT
Replies: 107
Views: 19658

Re: Protected RouterBOOT

Yes exactly. Protecting against reset is not possible, since then you would have devices that can only be discarded / thrown away, if somebody forgets the password. Not something anybody wants really. Actually, based on the other posts here, I think that people DO want a device that would have to b...
by jandafields
Fri Mar 27, 2015 8:03 pm
Forum: General
Topic: Protected RouterBOOT
Replies: 107
Views: 19658

Re: Protected RouterBOOT

Ah, ok. Thank you.
by jandafields
Fri Mar 27, 2015 7:05 pm
Forum: General
Topic: Protected RouterBOOT
Replies: 107
Views: 19658

Re: Protected RouterBOOT

I've been trying to figure out the actual purpose of protected-bootloader is, and I cannot yet figure it out. First, without the admin password, I don't know of anyway to steal someone's configuration file. Sure, you can netinstall and reset the unit, which will delete the config, but that won't get...
by jandafields
Sun Feb 15, 2015 6:34 am
Forum: General
Topic: SSH forwarding in firewall
Replies: 0
Views: 451

SSH forwarding in firewall

This is regarding the option to port forward through SSH /ip ssh forwarding-enabled=yes I know that I can probably firewall based on ip addresses and ports, but is there a way to firewall based on username? For example, if bob (only bob) tries to portforward to port 85, it would be blocked? Thank you.
by jandafields
Mon Aug 04, 2014 3:55 pm
Forum: General
Topic: Not Possible to DST-NAT traffic originating from the router?
Replies: 2
Views: 527

Re: Not Possible to DST-NAT traffic originating from the rou

The dst-nat chain is used on incoming packets only. Since outgoing packets don't traverse it, that is the normal behavior. Maybe it is time to ask Mikrotik for a <ip|name>[:port] entry in the DNS server setup... Yes, it would be great if Mikrotik would add a PORT option to the servers field in the ...
by jandafields
Mon Aug 04, 2014 5:04 am
Forum: General
Topic: Not Possible to DST-NAT traffic originating from the router?
Replies: 2
Views: 527

Not Possible to DST-NAT traffic originating from the router?

I'm trying to dst-nat traffic from the router, like this: chain=dstnat action=dst-nat to-ports=54 protocol=udp dst-address=10.0.0.1 dst-port=53 Then, I put 10.0.0.1 into the DNS server field on the Mikrotik. However, when I do something to cause a DNS lookup (like ping google.com), it times out and ...
by jandafields
Sat Mar 01, 2014 6:31 pm
Forum: RouterOS v7
Topic: Feature request, adjust login page/webserver
Replies: 4
Views: 1475

Re: Feature request, adjust login page/webserver

I don't have that option, i'm just a consumer
Anyone can use it. Simply email support@mikrotik.com and they will add the option to your mikrotik.com account. no cost.
by jandafields
Thu Feb 27, 2014 3:26 am
Forum: RouterOS v6 RC and v7 BETA
Topic: use Microtik as print server as well
Replies: 42
Views: 21244

Re: use Microtik as print server as well

Network printers are so easy to find now, and very inexpensive... why would anyone still need a usb print server?

Also, you can get a very tiny usb print server for less than $20. Hardly takes any extra room.
by jandafields
Thu Feb 27, 2014 3:03 am
Forum: General
Topic: Support Status of v5
Replies: 4
Views: 842

Re: Support Status of v5

Are bugs still being fixed in version 5?
I'm pretty sure no, no longer working on v5 at all. I think all development is on v6 now.
by jandafields
Thu Feb 27, 2014 2:08 am
Forum: General
Topic: v6.10 released
Replies: 248
Views: 78440

Re: v6.10 released

any confirmations that 6.10 fixed all the sstp client issues with win 7 clients, that got broke in 6.8 and 6.9, how about pptp and winbox disconnects? looking for confirmation. i dropped a production network big time on 6.8, going to cool off for a while The problem is in encryption. Read my very v...
by jandafields
Wed Feb 26, 2014 6:59 pm
Forum: Beginner Basics
Topic: Mikrotik + AdBlock Plus
Replies: 20
Views: 20070

Re: Mikrotik + AdBlock Plus

There's a fancy dream of all web users to make it safer and faster. One of a relly good tools for that is AdBlockPlus Service. This service supplys regex filter rules of a harmfull content, as such https://easylist-downloads.adblockplus.org/malwaredomains_full.txt Is it possible to apply AdBlockPlu...
by jandafields
Wed Feb 26, 2014 6:56 pm
Forum: Virtualization
Topic: access to usb from metarouter
Replies: 12
Views: 8619

Re: access to usb from metarouter

Can I know why? I think it can be good way to make home DLNA server for streaming USB content, or home print server or connect webcam for streaming. That's really not the purpose of a router. Why not just get a small general purpose single-board-computer for this? Like, install OpenWRT directly on ...
by jandafields
Wed Feb 26, 2014 6:47 pm
Forum: General
Topic: v6.10 released
Replies: 248
Views: 78440

Re: v6.10 released

What's New in 6.11 rc1? No description available.

Look at my post, about 10 posts up from here. You will see the changelog.
  • 1
  • 2
  • 3
  • 4
  • 5
  • 31