Community discussions

Search found 36 matches

by negge
Thu Oct 20, 2016 11:19 am
Forum: General
Topic: PPTP iOS10
Replies: 59
Views: 18047

Re: PPTP iOS10

The VPN setup stopped working again about 36 hours after the last reboot. However, I found the problem, and it's absolutely ridiculous. Some device on our guest wireless network had created a UPnP NAT forwarding rule for UDP port 4500. This meant that NAT-T failed miserably and phase 1 could never b...
by negge
Wed Oct 19, 2016 9:14 am
Forum: General
Topic: PPTP iOS10
Replies: 59
Views: 18047

Re: PPTP iOS10

I tried two things now and rebooted the router, we'll see if it makes any difference: 1) disabled AES-256 CBC in the proposal. Most clients seem to chose this over AES-128. 2) limited the policy to match UDP port 1701 only instead of all ports on all protocols. Existing examples on how to set up L2T...
by negge
Tue Oct 18, 2016 9:22 pm
Forum: General
Topic: PPTP iOS10
Replies: 59
Views: 18047

Re: PPTP iOS10

We've had loads of similar issues with our CCR1009 at the office. We have both PPTP and L2TP/IPsec available as VPN options for people who want to connect as road warriors. PPTP has always worked, but L2TP/IPsec only works for about a day after a router reboot, then it stops all of a sudden with "ph...
by negge
Sat Apr 09, 2016 6:23 pm
Forum: RouterBOARD hardware
Topic: RB3011 Interface Link Problems
Replies: 16
Views: 5253

Re: RB3011 Interface Link Problems

The latest release mentions something about link down messages and RB3011, perhaps this has finally been fixed? I can't confirm at the moment since I don't have physical access to the device that was exhibiting the issue.
by negge
Sun Mar 13, 2016 6:01 pm
Forum: RouterBOARD hardware
Topic: RB3011 Interface Link Problems
Replies: 16
Views: 5253

Re: RB3011 Interface Link Problems

@Steveocee yes, in my case they're all bridged in software (no master port).
by negge
Wed Mar 02, 2016 11:32 am
Forum: General
Topic: Port flapping (ether6 link down/up) on RB3011UiAS-RM
Replies: 24
Views: 6878

Re: Port flapping (ether6 link down/up) on RB3011UiAS-RM

I can confirm that this only affects the second switch (ports 6-10). Is there any way to fix this? I've looked through the release notes for the newer RouterOS versions that have been released but haven't seen this issue mentioned anywhere. There is also no newer Routerboot version available
by negge
Thu Feb 18, 2016 4:31 pm
Forum: General
Topic: Port flapping (ether6 link down/up) on RB3011UiAS-RM
Replies: 24
Views: 6878

Re: Port flapping (ether6 link down/up) on RB3011UiAS-RM

Seems I'm not alone, someone else seems to have the exact same issue: http://forum.mikrotik.com/viewtopic.php ... 34#p522134
by negge
Thu Feb 18, 2016 4:30 pm
Forum: RouterBOARD hardware
Topic: RB3011 Interface Link Problems
Replies: 16
Views: 5253

Re: RB3011 Interface Link Problems

I've had the exact same issue. So far I've tried ports 6 and 7, both have the same issue. I guess I should try the ports on switch1 next.
by negge
Wed Feb 10, 2016 2:31 pm
Forum: General
Topic: Port flapping (ether6 link down/up) on RB3011UiAS-RM
Replies: 24
Views: 6878

Re: Port flapping (ether6 link down/up) on RB3011UiAS-RM

Interesting, I'll let you know how it goes once I get the guy on site to actually move the cables arond a little bit.
by negge
Tue Feb 09, 2016 4:19 pm
Forum: General
Topic: Port flapping (ether6 link down/up) on RB3011UiAS-RM
Replies: 24
Views: 6878

Re: Port flapping (ether6 link down/up) on RB3011UiAS-RM

Thanks for your reply! The router only has two ports connected, ether1 goes to WAN and ether6 goes to a switch. Both are on different switch groups so I didn't bother setting up any master/slave relationship between ports. I haven't tried another port yet, I guess I could ask the tenants to move the...
by negge
Mon Feb 08, 2016 11:21 am
Forum: General
Topic: Port flapping (ether6 link down/up) on RB3011UiAS-RM
Replies: 24
Views: 6878

Port flapping (ether6 link down/up) on RB3011UiAS-RM

Hi, I recently convinced a friend to purchase an RB3011UiAS-RM for his office since he needed something reliable and powerful enough. The router has been installed and in use for about a week now and everything's been solid, but recently the switch which is connected to ether6 on the router has star...
by negge
Tue Sep 02, 2014 11:16 am
Forum: General
Topic: Winbox 3 beta
Replies: 243
Views: 106188

Re: Winbox 3

v3.0beta3 does not work at all on my pc. At least on boards with v6 installed - I click connect, it says Logging in, Downloading plugins and then nothing happens - no error message, no winbox window, it just closes. Tested to open a board with routeros v5 - works normally. I have the exact same pro...
by negge
Wed Jun 19, 2013 12:50 pm
Forum: Beginner Basics
Topic: Working QoS configuration
Replies: 44
Views: 66505

Re: Working QoS configuration

please share your new qos config..

thanks...
It's exactly the same as the one in the original post except the TCP ACK packets aren't marked during mangling.
by negge
Mon Jun 17, 2013 11:19 am
Forum: Beginner Basics
Topic: Working QoS configuration
Replies: 44
Views: 66505

Re: Working QoS configuration

Since I started this thread I have changed my configuration to a much simpler one. The main idea is still the same, I just stopped mangling the TCP ACK packets since it seems to be very hard to get that bit right. Simply prioritizing the ports you want seems to work way better, for example I can max...
by negge
Fri May 24, 2013 9:01 am
Forum: General
Topic: v6.0 released
Replies: 321
Views: 59528

Re: v6.0 released

I noticed that if the multicast package is installed but the routing package isn't, the Routing menu in Winbox does not have an icon. In fact I'm not sure that installing the routing package fixes it but I suspect it does. Otherwise everything is fine, glad to see that the queue lockup issue has bee...
by negge
Mon Jun 25, 2012 6:26 pm
Forum: General
Topic: Interface TX rate much higher than queue rate
Replies: 1
Views: 311

Interface TX rate much higher than queue rate

Hi everyone, I recently noticed that while I'm capping my outgoing bandwidth to 12600kbit/s, the interface graph displays a current rate of much more than that. To illustrate: http://i48.tinypic.com/35ho1dt.png Obviously one of the values (either the queue rate or the interface rate) is wrong, but w...
by negge
Tue Jun 12, 2012 12:40 am
Forum: General
Topic: Load balancing 3XWAN
Replies: 2
Views: 438

Re: Load balancing 3XWAN

by negge
Fri Aug 05, 2011 9:45 am
Forum: Beginner Basics
Topic: Working QoS configuration
Replies: 44
Views: 66505

Re: Working QoS configuration

so non_critical_queue value should be more or less the value of default queue?
Yes.
by negge
Tue Aug 02, 2011 3:43 pm
Forum: Beginner Basics
Topic: Working QoS configuration
Replies: 44
Views: 66505

Re: Working QoS configuration

Nowadays I just use the "default" type for all queues, however I experimented with bigger queue sizes before that's why the configs show a custom queue type. I've tried sizes ranging from a couple hundred packets to 10 000 without much change in behavior (except that the queue size goes up of course...
by negge
Fri Jan 07, 2011 3:10 pm
Forum: General
Topic: separate netwoks
Replies: 7
Views: 558

Re: separate netwoks

can you please say me in one mangle rule, how can i put more than 1 protocol, for example, both gre and ipsec and tcp?
You can't. You will need one rule per protocol. Just copy a previous rule then change the protocol type and you'll be fine.
by negge
Fri Jan 07, 2011 3:06 pm
Forum: General
Topic: Blocking certain websites for a specific mac address
Replies: 2
Views: 478

Re: Blocking certain websites for a specific mac address

If the IP address of the website is static you could probably block access to it with a simple filter rule (Src. MAC address and Dst. Address should do the trick).
by negge
Fri Jan 07, 2011 3:04 pm
Forum: General
Topic: Dropped ICMP packets from unknown interface
Replies: 1
Views: 1719

Dropped ICMP packets from unknown interface

Hi guys, My log is being cluttered with a lot of dropped ICMP packets that have the router's internal address both as source and destination. Here's an exempt from the log: Jan/07/2011 14:40:03 firewall,info "Drop incoming" input: in:(unknown) out:(none), proto ICMP (type 3, code 1), 10.110.5.1->10....
by negge
Sun Aug 29, 2010 3:09 pm
Forum: General
Topic: Ident doesn't work with RouterOS
Replies: 2
Views: 392

Ident doesn't work with RouterOS

Hi guys, I'm trying to figure out a way to run an ident daemon on a NATed server behind a RouterOS router. The thing is that all daemons out there work out of the box with a standard SOHO router, but not with RouterOS. The way I see it is that RouterOS changes the port of a packet when it NATs them,...
by negge
Thu Jun 24, 2010 1:48 pm
Forum: RouterBOARD hardware
Topic: What board for home user
Replies: 3
Views: 720

Re: What board for home user

As a home user I can recommend an RB433 with an external gigabit switch, unless you need gigabit for the WAN link(s) as well. The board has multiple expansion slots so you just need to get a wireless card and one or two antennas and you're good to go.
by negge
Thu Jun 24, 2010 1:37 pm
Forum: RouterBOARD hardware
Topic: How to find my RB 750g MAC address
Replies: 1
Views: 2924

Re: How to find my RB 750g MAC address

Of course WinBox can show you the MAC address.

Go to Interfaces, then double-click the interface you're interested in. The MAC address is listed under the General tab.
by negge
Sun Apr 11, 2010 3:34 pm
Forum: RouterBOARD hardware
Topic: New RB799UAHXDTPCMP
Replies: 3
Views: 627

Re: New RB799UAHXDTPCMP

I think you'll be waiting a long time for USB 7.0 support my friend.
by negge
Sun Apr 11, 2010 3:33 pm
Forum: RouterBOARD hardware
Topic: Which RouterBOARD would I need?
Replies: 6
Views: 848

Re: Which RouterBOARD would I need?

Bump
by negge
Tue Apr 06, 2010 10:15 pm
Forum: Beginner Basics
Topic: Working QoS configuration
Replies: 44
Views: 66505

Re: Working QoS configuration

I'm sorry I haven't put together the wiki article yet, I simply haven't had that much spare time lately. Don't give up the hope though, it will come sooner or later! :)
by negge
Tue Apr 06, 2010 10:13 pm
Forum: RouterBOARD hardware
Topic: Which RouterBOARD would I need?
Replies: 6
Views: 848

Which RouterBOARD would I need?

Hello everyone, I'm currently a happy owner of an RB433 router, which I use at home. I'm on a 110/5 Mbit cable Internet connection at the moment, which means my connection speed gets effectively limited by my router (the modem itself is a gigabit Cisco EPC3000 and the switch is a gigabit Linksys), p...
by negge
Fri Jan 15, 2010 12:52 pm
Forum: Beginner Basics
Topic: Working QoS configuration
Replies: 44
Views: 66505

Re: Working QoS configuration

I'll see if I can put together a decent wiki page in the next couple of weeks!
by negge
Fri Jan 15, 2010 7:30 am
Forum: Beginner Basics
Topic: Working QoS configuration
Replies: 44
Views: 66505

Re: Working QoS configuration

@Pilgrim: What I meant to say is you can't directly shape your incoming connections, but you can get the same effect by prioritizing certain ACK packets instead. That's basically what my configuration does. If all the ACK rules wouldn't be there, the QoS would only work on a server where no one rare...
by negge
Thu Jan 14, 2010 8:50 am
Forum: Beginner Basics
Topic: help for a beginner
Replies: 6
Views: 704

Re: help for a beginner

You can't ask a questions like that. All the things you mentioned are completely different things. You should read the wiki if you want to know what they are.
by negge
Thu Jan 14, 2010 8:42 am
Forum: Beginner Basics
Topic: Working QoS configuration
Replies: 44
Views: 66505

Re: Working QoS configuration

First of all, it's nice to see that it's working for other people too! It's been some time since I wrote this but the configuration has remained the same since then, so here it is: /ip firewall mangle add action=mark-packet chain=postrouting comment="Link-critical traffic (DHCP)" disabled=no dst-por...
by negge
Wed Aug 19, 2009 10:08 am
Forum: Beginner Basics
Topic: Working QoS configuration
Replies: 44
Views: 66505

Re: Working QoS configuration

You cannot apply QoS on the downlink because you have no way of controlling how much data is being sent to you. If you want to prioritize VPN just mark packets with IPsec traffic and give them higher priority in the queue.
by negge
Mon Jul 13, 2009 8:59 am
Forum: Beginner Basics
Topic: Cant forward a port or something
Replies: 3
Views: 567

Re: Cant forward a port or something

You don't need to use "to-ports=xxxx" unless you want to forward it to a different port.
by negge
Fri Jul 10, 2009 12:14 pm
Forum: Beginner Basics
Topic: Working QoS configuration
Replies: 44
Views: 66505

Working QoS configuration

Hi everybody, I've been struggling for some time to create a working QoS configuration, reading through countless manual pages, wikis, forum topics etc. I've noticed two things; in order to do something great with a Mikrotik router, you have to be a network guru. I thought I knew relatively much abo...