Community discussions

Search found 140 matches

by YazzY
Tue Feb 05, 2013 3:00 pm
Forum: General
Topic: v6 rc8 released
Replies: 26
Views: 6288

Re: v6 rc8 released

All the RC downloads are gone from the download website.
by YazzY
Thu Dec 20, 2012 1:20 pm
Forum: General
Topic: v6rc3 released
Replies: 92
Views: 27884

Re: v6rc3 released

If you want, I will turn on test versions in your account. Here is the file: http://www.mikrotik.com/download/share/ ... 6.0rc6.npk
Yes please.
by YazzY
Tue Dec 18, 2012 9:46 pm
Forum: General
Topic: v6rc3 released
Replies: 92
Views: 27884

Re: v6rc3 released

Connect it, when you have problems with traffic, make supout.rif file. Make sure you run RouterOS v5.22 or better - v6rc6 Where do I get RC6? The newest available on the download site is RC5. In your account https://www.mikrotik.com/client/ Development version I can't see that in my account. Maybe ...
by YazzY
Tue Dec 18, 2012 9:44 pm
Forum: General
Topic: v6rc3 released
Replies: 92
Views: 27884

Re: v6rc3 released

Connect it, when you have problems with traffic, make supout.rif file. Make sure you run RouterOS v5.22 or better - v6rc6 Where do I get RC6? The newest available on the download site is RC5. It's a pre-release test version. Which build do you need? x86, mips-be? I'd need mipsbe. What has been impr...
by YazzY
Tue Dec 18, 2012 11:55 am
Forum: General
Topic: v6rc3 released
Replies: 92
Views: 27884

Re: v6rc3 released

Connect it, when you have problems with traffic, make supout.rif file. Make sure you run RouterOS v5.22 or better - v6rc6
Where do I get RC6? The newest available on the download site is RC5.
by YazzY
Mon Dec 17, 2012 9:31 pm
Forum: General
Topic: v6rc3 released
Replies: 92
Views: 27884

Re: v6rc3 released

All customers who had this problem, got it fixed by upgrading the Android version. I have no currently known open issues like this. That doesn't mean there are no issues. That can as well mean people are fed up with the issue not being addressed. As I said, phones work fine with other brands but no...
by YazzY
Mon Dec 17, 2012 11:01 am
Forum: General
Topic: v6rc3 released
Replies: 92
Views: 27884

Re: v6rc3 released

All customers who had this problem, got it fixed by upgrading the Android version. I have no currently known open issues like this. That doesn't mean there are no issues. That can as well mean people are fed up with the issue not being addressed. As I said, phones work fine with other brands but no...
by YazzY
Mon Dec 17, 2012 1:17 am
Forum: General
Topic: v6rc3 released
Replies: 92
Views: 27884

Re: v6rc3 released

It's another known issue with RouterOS. Try to set Preamble mode to long in the Advanced mode of your WLAN card. Hi YazzY My colleague tried this and it did not help unfortunately. So perhaps this only works on MacBooks or specific iOS devices. But his iPhone and iPad did not see any increase in ra...
by YazzY
Mon Dec 17, 2012 1:15 am
Forum: General
Topic: v6rc3 released
Replies: 92
Views: 27884

Re: v6rc3 released

Offtopic, but I disagree. There is a known Android issue where the phone disconnects, and will not re-connect until you reboot the router or the phone. Happens to me also on a Belkin router I have at a relatives house. The problem here is the phone is connected all the time but the TCP/IP traffic f...
by YazzY
Thu Dec 13, 2012 12:48 pm
Forum: General
Topic: Still problems with RouterOS and Broadcom devices.
Replies: 2
Views: 1454

Still problems with RouterOS and Broadcom devices.

We have RB751G acting as office access points. The problem is users get disconnected from them all the time. The connection stays up but the TC/IP traffic is cut off. You can't even ping the AP you're connected to. I have tested and experienced this behaviour on my Macbook Pro with a Broadcom BCM43x...
by YazzY
Thu Nov 22, 2012 9:34 pm
Forum: General
Topic: v6rc3 released
Replies: 92
Views: 27884

Re: v6rc3 released

I don't know if he has found out what was the problem with this. But my guess was that the ROS and Apple devices was not communicating some feature correctly. Actually I updated our office APs to RC3 and my MacBook Pro was often just randomly disconnected and I had to disable and enable the WLAN de...
by YazzY
Thu Nov 22, 2012 9:29 pm
Forum: General
Topic: v6rc3 released
Replies: 92
Views: 27884

Re: v6rc3 released

I also use a RB751U and an android phone. By the way, the bug that we fixed only affected some LG phones. It is possible that you type of phone has yet another bug. The one I see problems with on RouterOS is an Huawei U8800 (IDEOS X5). The spec of the device do no list what particular chip it's usi...
by YazzY
Thu Nov 22, 2012 1:15 pm
Forum: General
Topic: v6rc3 released
Replies: 92
Views: 27884

Re: v6rc3 released

Sounds like an combination of hardware and software combined then. Have you seen this on any other unit beside the 751? No. We only have 751's. If it would have been a global ROS problem I guess I would have seen it as well. Not if you don't have phones/tablets with the same WLAN chipsets. So it mu...
by YazzY
Wed Nov 21, 2012 11:49 pm
Forum: General
Topic: v6rc3 released
Replies: 92
Views: 27884

Re: v6rc3 released

Perhaps this is hardware related (Mikrotik or Phone/Tab) I doubt that it is ROS in it's whole. You must be new to mikrotik ;) The phone could not connect to the router at all before, when used with encryption. Now it can. Mikrotik has partially fixed it but still no cigar. The same phone works grea...
by YazzY
Wed Nov 21, 2012 11:28 pm
Forum: General
Topic: v6rc3 released
Replies: 92
Views: 27884

Re: v6rc3 released

Since the fix, my Android phone also works great. Maybe your phone ? I thought it was the phone the first time too when it couldn't connect at all. It turned out it was RouterOS. I'd buy your argument but I have tested the phone with a D-Link DIR-615 and it works flawlessly. Both the D-link and Rou...
by YazzY
Mon Nov 19, 2012 11:33 am
Forum: General
Topic: v6rc3 released
Replies: 92
Views: 27884

Re: v6rc3 released

The fix for Android based devices mentioned in this thread http://forum.mikrotik.com/viewtopic.php?f=7&t=65270 is still far from optimal.
Android can now connect to the access point but the connection is very flaky with frequent hiccups, timeouts and disconnects.
by YazzY
Sun Nov 18, 2012 8:06 pm
Forum: Wireless Networking
Topic: RB751U-2HnD (AR5008) + LG Optimus Elite WPA2-PSK
Replies: 14
Views: 5939

Re: RB751U-2HnD (AR5008) + LG Optimus Elite WPA2-PSK

I thought it was the phone.
I can now confirm, my phone can finally connect to the access point running RouterOS 6.0rc3 on RB751G-2HnD.
But the connection is very unstable and times out frequently.
by YazzY
Tue Sep 04, 2012 9:14 am
Forum: Wireless Networking
Topic: Random lockups on 5.20 and Broadcom clients.
Replies: 1
Views: 833

Random lockups on 5.20 and Broadcom clients.

Hi guys. I have problems with office users connecting to 751G-2HnD acting as access point. Some of them get randomly disconnected and have to reconnect manually to use it again. So far it was reported from users using Macs and Dells (although it is stable on my Macbook Pro) I think both have Broadco...
by YazzY
Tue Sep 04, 2012 8:40 am
Forum: Wireless Networking
Topic: RB751U-2HnD (AR5008) + LG Optimus Elite WPA2-PSK
Replies: 14
Views: 5939

Re: RB751U-2HnD (AR5008) + LG Optimus Elite WPA2-PSK

I've seen this too on Huawei U8800. There is a bug in (Android older than 2.3?) which makes it impossible to connect to encrypted networks. Create an unencrypted (open) virtual access point and it will connect.
by YazzY
Thu Aug 30, 2012 9:19 pm
Forum: General
Topic: Can't get tx-rate and rx-rate info over SNMP from WLAN
Replies: 0
Views: 1294

Can't get tx-rate and rx-rate info over SNMP from WLAN

Hi. I cannot get any values from the tx-rate and rx-rate OIDs over SNMP of the wireless interface. It always returns 0. /interface wireless print oid 0 tx-rate=.1.3.6.1.4.1.14988.1.1.1.3.1.2.6 rx-rate=.1.3.6.1.4.1.14988.1.1.1.3.1.3.6 ssid=.1.3.6.1.4.1.14988.1.1.1.3.1.4.6 bssid=.1.3.6.1.4.1.14988.1.1...
by YazzY
Tue May 03, 2011 9:40 pm
Forum: General
Topic: Problems with BGP and set-bgp-prepend on x86
Replies: 6
Views: 2941

Re: Problems with BGP and set-bgp-prepend on x86

I think the problem are the local-pref 100 are the standar value... local-pref are not leaving the local AS Thanks leoktv. Defining set-bgp-local-pref and set-bgp-weight fixed it. 0 ;;; IPv4 BGP Link chain=as65004out prefix=11.22.33.0/27 bgp-as-path=31283 address-family=ip invert-match=no action=ac...
by YazzY
Thu Apr 28, 2011 1:28 pm
Forum: General
Topic: Problems with BGP and set-bgp-prepend on x86
Replies: 6
Views: 2941

Re: Problems with BGP and set-bgp-prepend on x86

Did the 5.2 release fix this?
by YazzY
Thu Apr 14, 2011 9:21 am
Forum: General
Topic: Problems with BGP and set-bgp-prepend on x86
Replies: 6
Views: 2941

Re: Problems with BGP and set-bgp-prepend on x86

Anything new on this issue?
by YazzY
Thu Apr 07, 2011 4:13 pm
Forum: General
Topic: Problems with BGP and set-bgp-prepend on x86
Replies: 6
Views: 2941

Re: Problems with BGP and set-bgp-prepend on x86

I changed the filter rules a bit and set prepend to the first rules as well. Unfortunately this did not fix the problem. Why does this work with 5.0rc10 and not on newer versions of RouterOS ? Primary router: 0 chain=as65004out prefix=111.222.333.0/27 bgp-as-path=31283 address-family=ip invert-match...
by YazzY
Wed Apr 06, 2011 11:55 pm
Forum: General
Topic: Problems with BGP and set-bgp-prepend on x86
Replies: 6
Views: 2941

Problems with BGP and set-bgp-prepend on x86

Hi. I have discovered that I cannot upgrade from 5.0rc10 to 5.0rc11 or 5.0 without breaking my BGP setup. I have two uplinks, each connected to a different BGP router of my ISP. I also have (the same) /27 network routed to both my BGP peers so it works in a fail over mode. I had to set up BGP weight...
by YazzY
Thu Nov 25, 2010 11:53 am
Forum: General
Topic: RouterOS v5.0 RC4
Replies: 72
Views: 15257

Re: RouterOS v5.0 RC4

Me thinks the changes made in RADIUS somehow FUBAR'd it.
Same here, Radius authentication of PPTP users stopped working. It works with RC2 and RC3.
please provide us more infromation - just checked RouterOS v5.0rc4 PPTP server is working fine with RADIUS server.
Did you check with MSCHAPv2 ?
by YazzY
Wed Nov 24, 2010 1:41 am
Forum: General
Topic: RouterOS v5.0 RC4
Replies: 72
Views: 15257

Re: RouterOS v5.0 RC4

Me thinks the changes made in RADIUS somehow FUBAR'd it.
Same here, Radius authentication of PPTP users stopped working. It works with RC2 and RC3.
by YazzY
Thu Nov 18, 2010 8:05 am
Forum: General
Topic: FreeRadius and Port-Limit=1 not working
Replies: 7
Views: 3524

Re: FreeRadius and Port-Limit=1 not working

Simultaneous-Use works fine. But it is a check attribute, so if the RADIUS server still has an open session, it would use checkrad to verify if the NAS still has the session on its books. I was using it with checkrad and it worked fine, but I stopped using it now that SSTP timeouts seem to be worki...
by YazzY
Wed Nov 17, 2010 11:55 pm
Forum: General
Topic: FreeRadius and Port-Limit=1 not working
Replies: 7
Views: 3524

Re: FreeRadius and Port-Limit=1 not working

Simultaneous-Use works fine. But it is a check attribute, so if the RADIUS server still has an open session, it would use checkrad to verify if the NAS still has the session on its books. I was using it with checkrad and it worked fine, but I stopped using it now that SSTP timeouts seem to be worki...
by YazzY
Wed Nov 17, 2010 11:18 pm
Forum: General
Topic: FreeRadius and Port-Limit=1 not working
Replies: 7
Views: 3524

Re: FreeRadius and Port-Limit=1 not working

YazzY,
I'm just curious: Could you enable radius logging and see if you see Port-Limit in the logging?
No, I cannot see Port-Limit in the logs.
by YazzY
Tue Nov 16, 2010 1:36 pm
Forum: General
Topic: FreeRadius and Port-Limit=1 not working
Replies: 7
Views: 3524

FreeRadius and Port-Limit=1 not working

Hi. The Port-Limit=1 attribute is not honored by the radius client on 5beta6 and newer. It works for locally defined PPP secrets only. Tested with PPTP and OpenVPN clients. Any ideas why this is not working correctly? Is this an known issue? This is an example of how the users groups are defined in ...
by YazzY
Tue Aug 31, 2010 1:50 am
Forum: General
Topic: feature request: dynamic DHCP
Replies: 2
Views: 1013

Re: feature request: dynamic DHCP

Oh cool, I wrote that Howto. I'm glad people actually find it useful :)
by YazzY
Thu Jul 15, 2010 12:35 pm
Forum: General
Topic: SSH and FTP dies after a while
Replies: 9
Views: 1879

Re: SSH and FTP dies after a while

OK, we will check. Yazzy, please also send us a supout.rif file when the SSH/FTP is not working.
Ok, I sent supout.rif for two routers. Both experiencing the same problem.
by YazzY
Wed Jul 14, 2010 11:10 am
Forum: General
Topic: SSH and FTP dies after a while
Replies: 9
Views: 1879

Re: SSH and FTP dies after a while

re-enabled how?

make supout.rif file when they are "not working" please.
Re-enable as in disable and enable the service again (works with just i.e /ip service enable ssh ).
by YazzY
Tue Jul 13, 2010 8:17 pm
Forum: General
Topic: SSH and FTP dies after a while
Replies: 9
Views: 1879

SSH and FTP dies after a while

Hi.

On beta4 on x86 I've issues with both FTP and SSH daemons dying after a while. They need to be re-enabled to work again.
by YazzY
Sat Jan 14, 2006 2:30 am
Forum: General
Topic: pppoe problem
Replies: 5
Views: 1447

First of all, try not to sound like a 5 years old when writing english and type in entire words if you want to be taken seriously. Second of all you allways need to provide us with your configuration when seeking for help. What you said is so generic trying to help you would be a waste of time. A wi...
by YazzY
Sat Jan 14, 2006 2:20 am
Forum: General
Topic: EoIP Problem
Replies: 11
Views: 2679

That's exactly what I told you to do in my first answer.
I am glad you solved it, good luck.
by YazzY
Fri Jan 13, 2006 6:34 pm
Forum: General
Topic: P2P detecion
Replies: 19
Views: 3679

Just as a side note, you'd lose me as customer the moment you tyrannize me saying what I can and cannot use.
Have a nice weekend :)
by YazzY
Fri Jan 13, 2006 1:21 pm
Forum: General
Topic: Configuring RouterOS
Replies: 4
Views: 1475

Put a script on your box that will find ethernet devices and add an IP to one of them at boot.
Then ship the equipement off to your customers and let them configure it over IP.
by YazzY
Fri Jan 13, 2006 1:14 pm
Forum: General
Topic: EoIP Problem
Replies: 11
Views: 2679

Allways on the same hardware or did you try to switch your nics etc and see how it acts?
by YazzY
Fri Jan 13, 2006 1:05 pm
Forum: General
Topic: Configuring RouterOS
Replies: 4
Views: 1475

Use expect to automaticaly login via ssh/telnet and send custom commands to your router. The commands can be stored in any way you want as long as your application is able to fetch/read them. Here is an example of how I coded something like that creating a simple CLI in shell and dialog. http://yazz...
by YazzY
Fri Jan 13, 2006 12:56 pm
Forum: General
Topic: EoIP Problem
Replies: 11
Views: 2679

What RouterOS version(s) are you using on the peers?
by YazzY
Fri Jan 13, 2006 12:55 pm
Forum: General
Topic: cant ping from MT
Replies: 3
Views: 1119

Seems like ICMP is being blocked somewhere.
Check your firewalling rules.
by YazzY
Fri Jan 13, 2006 12:54 pm
Forum: General
Topic: OSPF over IPIP
Replies: 1
Views: 1414

OSPF over IPIP

Hi guys. I've an IPIP tunnel between two locations and tried to set up OSPF between the nodes so I don't need to worry about static routing rules at one of the peers. Unfortunatelly this does not seem to work even though OSPF handshakes are clearly sent between both the peers. Do I need a layer 2 li...
by YazzY
Fri Jan 13, 2006 12:49 pm
Forum: General
Topic: EoIP Problem
Replies: 11
Views: 2679

Yeah, it's a simple tap interface that Mikrotik renamed to make it easier to understand the purpose of it. The same goes to IPIP which is a tun iface.
EoIP allways worked for me.
Did you check your input chains ?
by YazzY
Fri Dec 23, 2005 11:03 am
Forum: Wireless Networking
Topic: Access Control and accounting with Radius
Replies: 9
Views: 2307

Create one IP pool for paying users, one for non-paying and one for blocked ones. Create three groups, each with different pool attribute. You can even set up different speed rate for each of the groups (non paying users get 32kbit traffic rate) Let them all authenticate and get IPs. Set up firewall...
by YazzY
Fri Dec 23, 2005 10:45 am
Forum: Scripting
Topic: check connected users how to
Replies: 2
Views: 1365

The second option is to have your script ssh to your box, run a command, put it to a variable and work on it the way you want (grep, awk, sed etc).
Then you could insert the data to your database or store it as a flat text file.
by YazzY
Fri Dec 23, 2005 10:41 am
Forum: Scripting
Topic: how to put text scripts for firewall rule [Blok list]??
Replies: 13
Views: 5630

That's what loops are made for. Put your rules in a list and let a command go throug it. Then create a script, upload it to your box and run it. If you add new rules to your script, don't forget to flush your old rules before rerunning the ruleset. Btw, how do you keep track of all the prohibited si...
by YazzY
Thu Dec 22, 2005 5:28 pm
Forum: Scripting
Topic: Soekris Engineering's board
Replies: 1
Views: 1306

Yeah but not for wireless. Their mini-PCI is more suitable for hardware crypto accelerators.
by YazzY
Thu Dec 22, 2005 5:15 pm
Forum: Scripting
Topic: Hotspot Challange: 2 hour per day limit?
Replies: 4
Views: 1908

This is easy if you use freeradius for authenrication with counter or sqlcounter modules.
by YazzY
Thu Dec 22, 2005 5:12 pm
Forum: Scripting
Topic: Question on NAT and routing mark
Replies: 1
Views: 1069

You'd need rules for incoming traffic if you wanted to NAT traffic to an IP behind your gateway. Otherwise translation of you LAN traffic is done inside of your router so the traffic coming from the LAN side appears as it was coming from the WAN side. All the established connections from your LAN cl...
by YazzY
Thu Dec 22, 2005 4:56 pm
Forum: Scripting
Topic: Add Simple Queues from MySQL Table
Replies: 2
Views: 1513

This can be easly done for DHCP users and/or PPP(oE) users using radius server with MySQL backend.
by YazzY
Fri May 13, 2005 2:32 pm
Forum: RouterBOARD hardware
Topic: Whats Does This Mean!
Replies: 7
Views: 2777

Send your software key and they can find out the rest for you.
The email address of support team is clearly stated at http://www.mikrotik.com/support.html
by YazzY
Fri May 13, 2005 12:19 pm
Forum: General
Topic: Remote Configuration with a Linux program
Replies: 8
Views: 2319

Don't use SSH tunneling, you were told at least twice it will not work with public SSH keys. Rather run your commands from a cronjob or each time you want to perform them from e.g website. You will be able to connect remotely to your routers listed in the servers.txt file (http://yazzy.yazzy.org/cod...
by YazzY
Thu May 12, 2005 12:27 pm
Forum: General
Topic: OSPF possible hardware issue.
Replies: 4
Views: 988

One of our customers have a similar problem. In his case his routes disappear after a while leaving OSPF in the init stage.
Please let us know if you managed to solve that issue.
by YazzY
Thu May 12, 2005 12:20 pm
Forum: General
Topic: Remote Configuration with a Linux program
Replies: 8
Views: 2319

You can execute commands on MT remotely with telnet or ssh.
All you actually need for that is expect.
I wrote a dialog based menu for that which should give you an idea how to do that:
http://yazzy.yazzy.org/coding/shell/rou ... uteros.txt
AFAIR you cannot use public ssh keys with RouterOS.
by YazzY
Wed May 11, 2005 1:40 am
Forum: General
Topic: OSPF possible hardware issue.
Replies: 4
Views: 988

Tried different Routerboard24 card ?
by YazzY
Tue May 10, 2005 11:52 pm
Forum: General
Topic: Inncorect radius docs
Replies: 0
Views: 586

Inncorect radius docs

http://www.mikrotik.com/docs/ros/2.8/guide/aaa says "Realm - If it is set in /radius menu, it is included in every RADIUS request as Mikrotik-Realm attribute." while the link in the same doc - http://www.mikrotik.com/Documentation/manual_2.8/dictionary.mikrotik says ATTRIBUTE Realm 9 string Mikrotik...
by YazzY
Fri Feb 18, 2005 3:41 am
Forum: General
Topic: Beta 13
Replies: 4
Views: 1530

I subiectively think the menus were better organized and visible without the "folding out" option in Winbox when one could just type in the values without pressing thousand arrow keys to get to the hidden menu you need.
by YazzY
Thu Feb 17, 2005 10:14 pm
Forum: General
Topic: Putting 2.9 onto a CF card
Replies: 3
Views: 1481

What option don't you see?
You've /system package downgrade on 2.9.x if I understood you correctly.
by YazzY
Thu Feb 17, 2005 10:06 pm
Forum: General
Topic: MNS Messenger --- Can not connect at all! (the rest works)
Replies: 4
Views: 1374

You're welcome. Glad to be of help.
Did I remember to mention I charge a beer per advice? :)
by YazzY
Thu Feb 17, 2005 10:02 pm
Forum: General
Topic: Beta 13
Replies: 4
Views: 1530

Heh, neigher did I.
So I upgraded my soekris box with 2.8.23 on.
It works fine so far.
I hate the new menus tho...
by YazzY
Thu Feb 17, 2005 2:28 am
Forum: General
Topic: MNS Messenger --- Can not connect at all! (the rest works)
Replies: 4
Views: 1374

Check the MRU and MTU values for your pppoe connections.
Also try to add a passthrough mangle rule for TCP with TCP Options set to syn.
Set TCP MSS to 1360.
by YazzY
Wed Feb 16, 2005 7:49 pm
Forum: General
Topic: Ascend-Data-Rate & Ascend-Xmit-Rate reversed?
Replies: 3
Views: 2061

You can stick to Ascend-Data-Rate all the way for both tx and rx. Then you need to add prio to your radius table I.E INSERT INTO radreply VALUES (199,'user','Ascend-Data-Rate','=','4096000',1); INSERT INTO radreply VALUES (200,'user','Ascend-Data-Rate','=',524288'',0); Your sql.conf for mysql and fr...
by YazzY
Wed Feb 16, 2005 5:44 am
Forum: General
Topic: Irc
Replies: 2
Views: 756

There is already #routeros on irc.freenode.net
by YazzY
Wed Feb 16, 2005 3:20 am
Forum: General
Topic: wds setup with mikrotik router
Replies: 2
Views: 882

You can do that.
Run separate networks on each of your wrt54gs and run hotspot for all your networks of the wrt54gs on your MT.
by YazzY
Wed Feb 16, 2005 1:15 am
Forum: General
Topic: where i can download mikrotik v2.3 ??
Replies: 2
Views: 688

You cannot download 2.3.x anymore
What do you need it for anyway?
by YazzY
Wed Feb 16, 2005 1:07 am
Forum: Scripting
Topic: Command through SSH
Replies: 6
Views: 2961

Drop perl, it's bad for you
Run the same thing with expect

#!/usr/bin/expect
#
spawn /usr/bin/ssh host -l user
expect -re "password: "
send "'yourpass\r"
#
expect -re "] > "
send "yourcommand\r"
sleep 2
#
expect -re "] > " exit
by YazzY
Wed Feb 16, 2005 1:03 am
Forum: Scripting
Topic: cat a file in script
Replies: 1
Views: 1816

Write a shell script wich will login to your routeros and and execute the loop.
by YazzY
Wed Feb 16, 2005 12:56 am
Forum: Scripting
Topic: creating e-mail every 1st of month with amount of each user
Replies: 17
Views: 4764

You could remotely execute command removing all the interfaces of your connected users with a cronjob. Login with ssh/telnet -> remove ifaces and wait for calls from angry customers. I wrote a shell script for remote login and command execution. It works with both ssh and telnet. It's bit fancy sinc...
by YazzY
Wed Feb 16, 2005 12:44 am
Forum: Scripting
Topic: [CONTRIB] ssh perl script - automate batch commands *UPDATED
Replies: 41
Views: 24193

I dislike using perl when not necessary so I wrote the same thing in sh. It works with both ssh and telnet. It's bit more fancy since I also included dialog menus (I had some spare time). The whole thing can be easly changed to make it more suitable for running within a cronjob. Just read the connec...
by YazzY
Wed Feb 09, 2005 8:11 pm
Forum: General
Topic: QOS for Skype?
Replies: 2
Views: 1505

Yes, you can create mangle rules for any of those services and then set up queues for that. Check out what port(s) Skype uses to communicate with. Then you could set Skype's priority higher than anything else. This is how you do that for HTTP and "the rest" for a 1.5mbit link: /ip firewall mangle ad...
by YazzY
Wed Feb 09, 2005 8:00 pm
Forum: General
Topic: WinBox error: Missing RouterOS WinBox plugins error
Replies: 10
Views: 5146

Feels good to be quoted 3 times, even though when that's what it takes to make someone understand a thing :)
by YazzY
Wed Feb 09, 2005 9:57 am
Forum: General
Topic: RadioManager Beta, now available
Replies: 4
Views: 1250

I have a feeling all it does it getting values with SNMP displaying it in a rather unfortunate way...
Something I could also easly display on a website.
More suggestions and info will be sent to Stephen. It still needs tons of work :)
by YazzY
Wed Feb 09, 2005 9:46 am
Forum: Scripting
Topic: Command through SSH
Replies: 6
Views: 2961

Does it really metter if it's Debian or Solaris or IRIX or MacOS X?
All you need is correct perl path and the required modules.
It works on FreeBSD and Gentoo here.
Bet it'd work on Windows as well.
by YazzY
Tue Feb 01, 2005 2:58 am
Forum: Scripting
Topic: Command through SSH
Replies: 6
Views: 2961

Read this thread:
http://www.mikrotik.com/forum/viewtopic.php?t=1957
It's the one right below yours...
by YazzY
Tue Feb 01, 2005 2:56 am
Forum: General
Topic: VirtualAP
Replies: 2
Views: 974

All the atheros cards should work as far as i know.
by YazzY
Mon Jan 31, 2005 2:02 pm
Forum: General
Topic: contention ratio how to
Replies: 2
Views: 3028

Setting up simple queue per connection should do.
Set up the bandwith limit for each of the IPs.
This can be done autimatically from radius server as well.
It is pretty accurate and works fine.
by YazzY
Mon Jan 31, 2005 1:50 pm
Forum: General
Topic: WinBox error: Missing RouterOS WinBox plugins error
Replies: 10
Views: 5146

This message appears when you run your winbox on port different from 80 or is disabled.
Check /ip services print
See if everything is okay
by YazzY
Mon Jan 31, 2005 1:47 pm
Forum: General
Topic: Building a routed network
Replies: 6
Views: 2044

You've definatelly messed up your routing. First of all your PC and your Station are on totally different networks. Check the mask, they are not on the same nets. Then this: 192.168.0.193/24 192.168.0.192 192.168.0.223 Mask and broadcast dont match... I think you need to edit your message and check ...
by YazzY
Mon Jan 31, 2005 1:26 pm
Forum: General
Topic: ZyWall VPN
Replies: 3
Views: 2234

These boxes seem to support IPsec only.
by YazzY
Fri Jan 28, 2005 10:47 am
Forum: General
Topic: Open Hotspot
Replies: 3
Views: 1235

/ip firewall dst-nat add in-interface=X dst-address=11.22.33.44/32:80 protocol=tcp action=nat to-dst-address=12.23.34.45 to-dst-port=80

Where X is the HotSpot interface, 11.22.33.44 is it's IP and 12.23.34.45 would be the proxy box.
by YazzY
Fri Jan 28, 2005 10:44 am
Forum: General
Topic: Hotspot users - Idle Timeout ?
Replies: 2
Views: 816

SP2 on XP gives me some troubles as well.
Try puters with a decent OS or some routers instead and see if it works...
by YazzY
Fri Jan 28, 2005 10:40 am
Forum: General
Topic: Uncompressing Linux....Ok, booting the kernel
Replies: 4
Views: 1517

Propably SATA.
I dont think routeros supports SATA or SMP.
But it should recognise your dual cpu as only one.
by YazzY
Fri Jan 28, 2005 10:37 am
Forum: General
Topic: EoIP over unsecure tunnel - how?
Replies: 5
Views: 1672

You can bridge your wlan interfaces with ethernet interfaces on the same unit just fine.
EoIP is to bridge two distant networks over ethernet, not just two nics on the same box.
by YazzY
Fri Jan 28, 2005 10:30 am
Forum: Scripting
Topic: [CONTRIB] ssh perl script - automate batch commands *UPDATED
Replies: 41
Views: 24193

Great work!
This makes it possible to do anything on the board form a web based application.
Remember the script requires pearl module called Expect and to initially log in with ssh to the router for key exchange.

Thanks a lot iredden
by YazzY
Thu Jan 27, 2005 3:56 am
Forum: General
Topic: ZyWall VPN
Replies: 3
Views: 2234

Here are some pointers but it's in Norwegian: http://www.zyxel.no/support_art.php?qid=25&mt=Firewall http://www.zyxel.no/support_art.php?qid=10 IPsec tunnels must be between two ends with static IPs. With PPTP your client can have dynamic IP and add a static route for the LAN network on the other en...
by YazzY
Thu Jan 27, 2005 3:11 am
Forum: Scripting
Topic: reboot script
Replies: 4
Views: 3255

What do you exactly want it to do?
by YazzY
Thu Jan 27, 2005 2:27 am
Forum: General
Topic: Saturating PPPoE Connection
Replies: 3
Views: 879

Set the MTU and MRU value to 1480.
Set the mangle rule to action=passthrough
by YazzY
Wed Jan 26, 2005 10:46 pm
Forum: General
Topic: Saturating PPPoE Connection
Replies: 3
Views: 879

What are his MTU values ?
What are the MTU and MRU values on your PPPoE server?
Do you have a mangle rule in your firewall settings?
by YazzY
Wed Jan 26, 2005 10:42 pm
Forum: General
Topic: EoIP over unsecure tunnel - how?
Replies: 5
Views: 1672

You can create EoIP tunnels over layer 3 as long as both sides can see eachother.
In other words, PPP is used for a VPN solution for EoIP, but you can as well run it over internet between two hosts which can "see" eachother.
by YazzY
Wed Jan 26, 2005 5:44 am
Forum: General
Topic: Unable to burn .IMG image to CD
Replies: 1
Views: 756

You cannot burn the CF .img image file as an ISO file.
You can "transfer" it to your CF.
Read http://www.m0n0.ch/wall/installation_generic.php
or
http://www.mikrotik.com/Documentation/how-to-write.html

ISO images are avaliable under CD image section: http://www.mikrotik.com/download.html#v2
by YazzY
Wed Jan 26, 2005 1:47 am
Forum: General
Topic: port forwarding
Replies: 2
Views: 737

by YazzY
Wed Jan 26, 2005 1:09 am
Forum: General
Topic: ip problem
Replies: 4
Views: 794

What happens when you do it? Do you get any error?
IS the IP set and you cannot ping it or you cannot set it at all?
What hardware do you use?
Paste in your command line.
by YazzY
Wed Jan 26, 2005 1:06 am
Forum: General
Topic: Feature/companion software request for traffic accounting
Replies: 7
Views: 2291

No I do not. We use freeradius as well but we do not need any billing system. All I do is I store my users in SQL with IP, bandwith, routing if needed with custom made PHP code. Freeradius is indeed very stable, it never let me down in 2 years of running on the server. I can remember a few people me...
by YazzY
Tue Jan 25, 2005 4:18 pm
Forum: General
Topic: Feature/companion software request for traffic accounting
Replies: 7
Views: 2291

Maybe ICRADIUS with:
PHPicradius: http://sourceforge.net/projects/phpicradius/
or
ManIC http://www.ls-l.net/radius/
Or FreeRadius with dialupadmin:
http://www.freeradius.org/dialupadmin.html

You can also use Active Directory on a Windows box for user management with IAS.
by YazzY
Tue Jan 25, 2005 3:49 pm
Forum: General
Topic: 500+ Concurrent Hotspot Users
Replies: 4
Views: 1321

I dont suppose everyone will be online at all time so say 250 users at a time. This is what I have too. About 200-250 users connected to my RouterOS NAS server radius authenticating with PPPoE. Works like a charm with no hickups on a Pentium 4: cpu: Intel(R) cpu-frequency: 2665 MHz driver="Intel PRO...
by YazzY
Tue Jan 25, 2005 1:25 pm
Forum: General
Topic: Feature/companion software request for traffic accounting
Replies: 7
Views: 2291

This can be already done with Radius..
You can also use SNMP to collect data over time and display it on the web storing it in SQL or flat text files.
by YazzY
Tue Jan 25, 2005 1:13 pm
Forum: General
Topic: Problem with Windows XP Service Pack 2 and PPPoE
Replies: 2
Views: 863

Problem with Windows XP Service Pack 2 and PPPoE

Hi guys. We use PPPoE for user authentication. Some of my customers who upgraded their WinXP desktops from SP1 to SP2 cannot login anymore. Sometimes it works fine until they reboot. Then they get a yellow triangle saying their box cannot obtain an IP. And then they cannot login with PPPoE. I tried ...
by YazzY
Mon Jan 24, 2005 8:05 am
Forum: General
Topic: Winbox adding users locally instead of into radius ?
Replies: 20
Views: 3889

First of all, allow 127.0.0.1 in clients.conf or the IP of your local interface and use it to connect to the radius server with radtest. radtest xxx xxx 202.0.155.17 1812 xxxxx 202.0.155.17 could work. Then check if you get an answer back from your radius server. Then login and logout with a ppp cli...
by YazzY
Mon Jan 24, 2005 7:08 am
Forum: General
Topic: Winbox adding users locally instead of into radius ?
Replies: 20
Views: 3889

Your sql.conf seems fine. Did you try to run your radius server in debugging mode and see what happens when you run radtest against it? Try to run that on your radius server: radtest user@example.tdl user_password 127.0.0.1 1812 radius_password 127.0.0.1 And fire up radius with -xxyzsf -l stdout fla...
by YazzY
Mon Jan 24, 2005 7:02 am
Forum: General
Topic: Masquerading and policy routing
Replies: 4
Views: 1180

This topic was already discussed on the forum. Try to to do some searching...
by YazzY
Mon Jan 24, 2005 6:55 am
Forum: General
Topic: Force traffic out a specific interface [SOLVED]
Replies: 4
Views: 3218

This is what I do on my firewall to redirect all the traffic out from 192.168.64.4 through 2.3.226.2 The rest of the traffic from 192.168.64.0/24 goes out 2.3.226.1 on the WAN interface: 0 ;;; NAT traffic out from LAN's IP of mx1.wrs.no to 2.3.226.2 for correct reverse DNS. src-address=192.168.64.4/...
by YazzY
Mon Jan 24, 2005 6:49 am
Forum: General
Topic: Winbox adding users locally instead of into radius ?
Replies: 20
Views: 3889

I assume you set up your freeradius server to authenticate your users from MySQL or PostgreSQL. Did you set up you sql.conf enabling accounting with INSERT and UPDATE queries and did you enable accounting in your radiusd.conf file? Also check if you do not block/firewall out port 1813/udp on your ra...
by YazzY
Sat Jan 22, 2005 10:24 pm
Forum: General
Topic: Blocking rogue DHCP servers
Replies: 4
Views: 1505

And this is how DHCP requests get blocked to my RouterOS gateway from the Internet:

jan/22/2005 13:26:16 input->DROP, in:WAN, out:(local), src-mac 00:03:2f:23:97:11, 0.0.0.0:68->255.255.255.255:67, len 498
by YazzY
Sat Jan 22, 2005 6:25 pm
Forum: General
Topic: VLAN's and Wireless Bridging
Replies: 3
Views: 1072

You can create EoIP tunnels if you have MT boxes on both ends and connect VLAN switches to them. Each end of your EoIP tunnel will have it's own IP. Then you bridge them with your interfaces connected to the Cisco switches where you've set up VLAN trunks.
by YazzY
Sat Jan 22, 2005 6:23 pm
Forum: General
Topic: VLAN's and Wireless Bridging
Replies: 3
Views: 1072

You can create EoIP tunnels if you have MT boxes on both ends and connect VLAN switches to them. Each end of your EoIP tunnel will have it's own IP. Then you bridge them with your interfaces connected to the Cisco switches where you've set up VLAN trunks.
by YazzY
Sat Jan 22, 2005 2:49 am
Forum: General
Topic: Blocking rogue DHCP servers
Replies: 4
Views: 1505

Yes, you can try to block bootps - 67/udp requests to your client. As an example, this is a rule I have in ipf on FreeBSD to allow DHCP requests to my server on my atheros nic: # allow bootps in for dhcp: pass in log first quick on ath0 proto udp from 192.168.99.0/24 to 192.168.99.2 port = bootpc ke...
by YazzY
Fri Jan 21, 2005 11:36 pm
Forum: General
Topic: Blocking rogue DHCP servers
Replies: 4
Views: 1505

DHCP works on OSI level 2 so maybe you could try to set up some MAC firewalling rule on the interface of your box ..?
by YazzY
Fri Jan 21, 2005 7:33 pm
Forum: General
Topic: Price and sale
Replies: 15
Views: 4329

hmm, wonder how to delete my old posting...
by YazzY
Fri Jan 21, 2005 2:02 pm
Forum: General
Topic: default pppoe service name
Replies: 7
Views: 1241

EoIP tunnels give decreased performance.
As an example, i can push 1.5 mbit through a soekris board with EoIP and at least 10 times as much over plain ethernet interface.
You dont want too many tunnels on the same device.
But yeah, it's a solution.
by YazzY
Fri Jan 21, 2005 1:31 pm
Forum: General
Topic: Price and sale
Replies: 15
Views: 4329

It's not, we spend time debugging it for you.
And time is money.
by YazzY
Fri Jan 21, 2005 1:21 pm
Forum: General
Topic: Price and sale
Replies: 15
Views: 4329

Replicating of your PostgreSQL database is kinda a good idea but this would have to be unique databases for each of the users. See, you cannot encrypt the user data in sql since it then would not work with encrypted PPP logins. And a freeradius server can talk to one database only. This will make re...
by YazzY
Fri Jan 21, 2005 2:12 am
Forum: General
Topic: default pppoe service name
Replies: 7
Views: 1241

A quick "fix" would be to sell your users some cheap preconfigured routers. Like those: http://www.trendnet.com/products/TW100-S4W1CA.htm You can get them for only 27 bucks at newegg and they work great with PPPoE : http://www.newegg.com/app/ViewProductDesc.asp?description=33-156-001&depa=0 An inves...
by YazzY
Fri Jan 21, 2005 1:06 am
Forum: General
Topic: default pppoe service name
Replies: 7
Views: 1241

Route your network instead of bridging it and the problem would be gone.
And some routers need the default service name to be able to login.
The builtin XP PPPoE client does not need it to be obtained but I bet it snaps it somehow automatically.
by YazzY
Fri Jan 21, 2005 12:45 am
Forum: General
Topic: can't seem to figure this out...
Replies: 2
Views: 815

I think one of following ways should meet your needs: 1. You can remove IPs on the wireless interfaces and bridge them with your NICs (or bridge WDS with your NICs). Then you can assign IP's to the bridge instead. 2. Bridge WDS or WLAN interface with your NIC and set up firewalling rules on your bri...
by YazzY
Thu Jan 20, 2005 10:04 pm
Forum: General
Topic: hot to forbid Windows file sharing in wireless ???
Replies: 11
Views: 4974

Just disallow following in your forward chain: netbios-ns 137/tcp # NETBIOS Name Service netbios-ns 137/udp netbios-dgm 138/tcp # NETBIOS Datagram Service netbios-dgm 138/udp netbios-ssn 139/tcp # NETBIOS session service netbios-ssn 139/udp Another advice is to set up a syslog server and log all you...
by YazzY
Thu Jan 20, 2005 6:54 pm
Forum: General
Topic: hot to forbid Windows file sharing in wireless ???
Replies: 11
Views: 4974

Disallow netbios traffic on your APs firewalling it out.
by YazzY
Thu Jan 20, 2005 6:51 pm
Forum: General
Topic: Price and sale
Replies: 15
Views: 4329

Why not sell it as an ISO image for people to download and install on their own systems?
You could compile the PHP code and require registration key bound to i.e an IP.
The latency to Latvia can be too big for people in different parts of the world to accept.
by YazzY
Thu Jan 20, 2005 12:51 pm
Forum: General
Topic: Price and sale
Replies: 15
Views: 4329

Price and sale

How do you plan to sell your hotspot manager?
Will it be accessible only from you or can we buy it to install it on our own servers?
How much will it cost?
by YazzY
Thu Jan 20, 2005 12:40 pm
Forum: General
Topic: multiple PPPoE Outs
Replies: 2
Views: 810

The problem is propably at your ISP not allowing multiple PPP connections from the same user. Try to contact them and explain your situation.
Maybe they can route a /30 to you instead.
by YazzY
Thu Jan 20, 2005 4:29 am
Forum: General
Topic: Help with Firewall Chain
Replies: 10
Views: 2025

The easiest way is to log your firewall rules and see what gets blocked.
Then ajust your rules to open desired traffic.
Set up a syslog server so you can browse through your logs.
by YazzY
Fri Jan 14, 2005 1:37 am
Forum: General
Topic: Mail server in ver 2.9
Replies: 11
Views: 3076

Maybe SMTP-proxy or/and imap/pop3 proxy like the included squid would make more sense.
If any email services could be included, I'd rather see an SMTP hub/gateway aka backup MX redistributing emails to other MTA's.
But this again could be a totally different product.
by YazzY
Tue Dec 21, 2004 5:57 pm
Forum: General
Topic: Two or more failover and load balancing systems.
Replies: 1
Views: 1084

Two or more failover and load balancing systems.

Hi guys. I have a few hundred customers connecting to my backbone servers and authenticating with PPPoE. All the connections from the WLAN nodes create lots of traffic and I would like to load balance my servers. I would like one of them to take over after the first one reached 300 users. Is that po...
by YazzY
Fri Dec 03, 2004 6:51 pm
Forum: General
Topic: PPP connections counting down the 1.st min on 2.8.19
Replies: 1
Views: 766

Sorry, it does not count down from one min back to zero, the counting down seems to start at random times.
Pluss I also noticed the uptime show by RouterOS is inaccurate.
Meassuring one random user in 2 mins I noticed 10 seconds of inaccuracy, even though I meassured his uptime starting at 0:00 ...
by YazzY
Fri Dec 03, 2004 6:38 pm
Forum: General
Topic: Download&Upload from 2 ISp
Replies: 4
Views: 1737

This is not the same problem but very similar and should give you a kickstart. This is Evren Yurtesen's respons to a guy, taken from my email archive: Question: Bill Wheeler wrote: > Greetings! YazzY on #RouterOS gave me your name and told me to contact > you regarding a problem I'm having. I'll try...
by YazzY
Fri Dec 03, 2004 6:30 pm
Forum: General
Topic: Questions about Masquerading and NAT rules
Replies: 12
Views: 4115

I believe what you want is Source NAT.
You can source nat an IP or a range of them out to a specific IP on a given iface.
by YazzY
Fri Dec 03, 2004 6:27 pm
Forum: General
Topic: PPP connections counting down the 1.st min on 2.8.19
Replies: 1
Views: 766

PPP connections counting down the 1.st min on 2.8.19

Hi guys.

When my PPPoE server accepts connections from my users it counts down the uptime of those users from one min to 0 and then starts to count that correctly again. This is a weird bug which makes my web-based stats look inccorect.
Any of you experienced the same thing?
by YazzY
Fri Dec 03, 2004 6:23 pm
Forum: General
Topic: Radius with 2/more servers defined...
Replies: 12
Views: 2778

You can make your radius server read from two different databases as well or make your database answer to two different radius servers or add new radiu server to the list of RouterOS and if the first one fails, the second one will be then asked for the same user. Just like with local and remote (rad...
by YazzY
Tue Jun 08, 2004 10:30 am
Forum: General
Topic: default-forwarding
Replies: 3
Views: 2293

What if you have two APs, one client connected to one of them and the other client connected to the other AP, both APs are on the same network.
Will they still be able to communicate with eachother even with default forwarding turned off ?
by YazzY
Tue Jun 08, 2004 10:28 am
Forum: General
Topic: Router O/S wouldn't boot!!!
Replies: 3
Views: 2345

I can remember I had a similar problem with a box with a SCSI controller.
Then I replaced it with a pure IDE box and it worked fine.
RouterOS does not support SCSI devices and may freak out when you have one.
by YazzY
Tue Jun 08, 2004 10:25 am
Forum: General
Topic: customize error messages form MK
Replies: 3
Views: 2359

Try to mount your CF, maybe you can figure something out then.
If you install Squid on a *NIX box you will see it has custom reply files in many languages.
Remember your custom changes will go bye bye after the next RouterOS upgrade.
by YazzY
Tue Jun 08, 2004 10:19 am
Forum: General
Topic: default-forwarding
Replies: 3
Views: 2293

default-forwarding

From http://www.mikrotik.com/docs/ros/2.8/interface/wireless.simple default-forwarding (yes | no; default: yes) - to use forwarding by default or not What does that exactly mean ? Is it to enable/disable possibility for the clients to talk to one another or maybe it enables/disables only one to one ...
by YazzY
Sat May 29, 2004 1:02 am
Forum: General
Topic: dst-nat rule
Replies: 9
Views: 4581

Proxy

You could also do the same trick with a http proxy.
by YazzY
Sat May 29, 2004 12:59 am
Forum: General
Topic: Upgrade to 2.8 from 2.4 extended license
Replies: 2
Views: 2265

Step by step

Maybe you can try to upgrade to an earlier version, say 2.7.x and then to 2.8
I can provide you with the older version of the soft as I carefully store each of them.
by YazzY
Sat May 29, 2004 12:31 am
Forum: General
Topic: Bridge problems.
Replies: 4
Views: 2881

No love

It's kinda impossible. The AP is connected to another AP which is connected to a switch. The gateway box is also connected to the same switch. I've flushed my arp table on the gateway and I am bridging both the IP and ARP. Thanks gods for the arp-telnet which made it possible to login to the box any...
by YazzY
Sat May 29, 2004 12:19 am
Forum: General
Topic: nstreme
Replies: 33
Views: 26314

why bother?

As you said, WEP is not worth it. It's as easy to crack as they come and it just adds overhead to the packets.
It's like running ssh implementation with security holes. Would anyone sane do that intentionally?
There are far more secure and reliable ways to secure your network.
by YazzY
Fri May 28, 2004 5:26 pm
Forum: General
Topic: Bridge problems.
Replies: 4
Views: 2881

Bridge problems.

Hi. I have encountered a strange thing. I've set up eth1 and wlan1 in bridge, eth1 had an IP , say 192.168.1.10 Then I added IP to the bridge interface, 192.168.1.2 I could ping both just fine from my backbone gateway 192.168.1.1 and all the other RouterOS boxes. But when I removed the IP of the eth...
by YazzY
Fri May 28, 2004 3:47 pm
Forum: RouterBOARD hardware
Topic: Bios options.
Replies: 8
Views: 8446

Bios options.

system routerboard bios set pci-backoff=disabled/enabled.

What does this option do in details ?
I know it's suppose to make wlan nics play more nicely with the routerboards, but how exactly?
The CHANGELOG is as usually very spare on details.
by YazzY
Fri May 28, 2004 3:44 pm
Forum: General
Topic: Debugging function.
Replies: 4
Views: 3568

Debugging function.

I'd love to be able to set my RouterOS in debug mode, the same way we do on Ciscos and *NIX boxes.
Sometimes it's really impossible to know what happens if we dont have that option.