Community discussions

MikroTik App

Search found 24 matches

by CPromper
Wed Dec 13, 2017 1:02 pm
Forum: General
Topic: IPSEC Tunnel with aes-256cbc stops working
Replies: 0
Views: 250

IPSEC Tunnel with aes-256cbc stops working

Hello everybody, following strange behavior with IPSEC VPN (site-to-site) between two Mikrotk routers (or one Mikrotik router and another not-Mikrotik router on a customer site): When I set Proposal - Auth. Algorithm md5 and Encr. Algorithm aes-256cbc the tunnel works for an unspecified time. (Other...
by CPromper
Thu Dec 01, 2016 4:00 pm
Forum: Wireless Networking
Topic: Wireless Client consumes complete bandwidth
Replies: 4
Views: 804

Re: Wireless Client consumes complete bandwidth

Okay Chris,

I will give the latter one a try.....

Thank you and best regards

Carsten
by CPromper
Thu Dec 01, 2016 2:54 pm
Forum: Wireless Networking
Topic: Wireless Client consumes complete bandwidth
Replies: 4
Views: 804

Re: Wireless Client consumes complete bandwidth

Hi Chris, sorry, that I forgot this important informations. Yes you got it... Ethernet and wifi is bridged and it's all in the same subnet. That's a good suggestion. Thank you.... But what, if I want to limit all wireless clients to a specific wireless speed, so that the Raspberry Pi will always get...
by CPromper
Thu Dec 01, 2016 1:49 pm
Forum: Wireless Networking
Topic: Wireless Client consumes complete bandwidth
Replies: 4
Views: 804

Wireless Client consumes complete bandwidth

Hello Mikrotik enthusiasts, I have following problem: Routerboard RB2011UiAS-2HnD is Wifi accesspoint and router. One Raspberry Pi streams internet radio via wifi. When my Macbook starts a backup to the Timecapsule via wifi, it consumes the complete wifi bandwidth and the internet radio stream lags ...
by CPromper
Fri Mar 18, 2016 11:33 am
Forum: General
Topic: firewall filter on ipsec, how to identify the IPSec intrfce
Replies: 53
Views: 28651

Re: firewall filter on ipsec, how to identify the IPSec intrfce

Hello to all, maybe I have a solution for this (checked with ROS v6.34.3). Example: MT1: 172.29.0.0/24 MT2: 192.168.0.0/24 In forward chain: chain=forward src-address=172.29.0.0/24 dst-address=192.168.0.0/24 in-interface=WAN out-interface=LAN When you add ipsec-policy=in,ipsec to your forward chain,...
by CPromper
Fri Sep 26, 2014 1:48 pm
Forum: General
Topic: Specify IPSEC Interface instead of WAN Interface
Replies: 0
Views: 706

Specify IPSEC Interface instead of WAN Interface

Following setup: (LAN1: 172.12.0.0/24) MT-ROS-1 <=> Internet <=> MT-ROS-2 (LAN2: 10.11.0.0/16) I have an IPSEC VPN connection between this networks. Everything is working. On the right site (MT-ROS-2) I have following firewall rule in the first line: (I have more, but this one is for interest) /ip f...
by CPromper
Wed Apr 16, 2014 1:06 pm
Forum: General
Topic: OVPN:require client certificate not working anymore [SOLVED]
Replies: 11
Views: 3683

Re: OVPN: require client certificate not working anymore

Hi folks, today I upgraded to version 6.12 and openvpn didn't work. The flags of the CA and the router certificate after updating was only a big "T" After I deleted the certificates (CA and signed certificate for router) and imported them again everythings works as expected. <== (I didn't do this st...
by CPromper
Mon Mar 24, 2014 6:09 pm
Forum: General
Topic: OVPN:require client certificate not working anymore [SOLVED]
Replies: 11
Views: 3683

Re: OVPN: require client certificate not working anymore

Hello mrz, yes, I only have one CA installed, and the client certificate is signed by this CA. Downgraded to 6.10 and it works again. I have seen that there was an issue with the client certificate option (that I did not have) because the changelog of 6.11 says: *) ovpn - fixed require-client-certif...
by CPromper
Fri Mar 21, 2014 2:51 pm
Forum: General
Topic: OVPN:require client certificate not working anymore [SOLVED]
Replies: 11
Views: 3683

OVPN:require client certificate not working anymore [SOLVED]

Hello,

I've updated from v6.10 to v6.11 and the OVPN option "require client certificate" doesn't work anymore!

If I remove the option I can login again with OpenVPN client on iPhone.

But with this option set I can't login (in 6.10 it worked).

Can anyone confirm it?

Best regards

Carsten
by CPromper
Wed Mar 14, 2012 10:00 am
Forum: Beginner Basics
Topic: Webfig - customize Firewall headlines like Action, Chain etc
Replies: 2
Views: 919

Re: Webfig - customize Firewall headlines like Action, Chain

Hi,

I have an ALIX Board (x86) with RouterOS 5.17.

So the version couldn't be the problem.

Best regards
by CPromper
Fri Dec 09, 2011 9:14 am
Forum: General
Topic: Trigger event on port access (e.g. send wol packet)
Replies: 7
Views: 3171

Re: Trigger event on port access (e.g. send wol packet)

Thanks Chupaka and sadeghrafie, how can I check in the script if host is online and then exit the script directly without sending wol packet ?? After the host is waked up, the packet count will always increase, because I access my application on port 4040. (The Mikrotik sends wol packets though the ...
by CPromper
Sat Nov 19, 2011 12:07 pm
Forum: Beginner Basics
Topic: Webfig - customize Firewall headlines like Action, Chain etc
Replies: 2
Views: 919

Webfig - customize Firewall headlines like Action, Chain etc

Dear community, Version: Mikrotik ROS 5.14 How is it possible in WebFig to customize the headlines in the firewall view? E.g. normally you see: #, Action, Chain, Src-Address etc. on the firewall filter page. I only work with src-address-list and dst-address-list, not with src-address or dst-address....
by CPromper
Fri Nov 18, 2011 1:13 pm
Forum: General
Topic: Trigger event on port access (e.g. send wol packet)
Replies: 7
Views: 3171

Re: Trigger event on port access (e.g. send wol packet)

Hi sadeghrafie, I know how wol works. Thanks. Okay I will explain it another way. I connect to my network via VPN through Mikrotik router. This shouldn't trigger the wol. Only when I start an app on my iphone that connects to an LAN-IP (my server, it's offline at this moment) on port 4040 (LAN is co...
by CPromper
Fri Nov 18, 2011 12:29 pm
Forum: General
Topic: Trigger event on port access (e.g. send wol packet)
Replies: 7
Views: 3171

Trigger event on port access (e.g. send wol packet)

Hello everybody, is it possible, to trigger an event, e.g. wol packet, when accessing a port on a specific IP address through the Mikrotik router? Following situation: I have a server that is offline most the time. On this server there's a software installed (SubSonic Music Server Software) that lis...
by CPromper
Thu Apr 07, 2011 12:10 pm
Forum: General
Topic: Update from 4.11 to 4.17 no radiolan.npk in zip file
Replies: 0
Views: 514

Update from 4.11 to 4.17 no radiolan.npk in zip file

Hello,

I want to update my router from 4.11 to 4.17 and I have the radiolan package installed too.

But the radiolan package isn't in the 4.17 zip file (All packages, X86).

Don't I need it anymore ? What is this package for ?

best regards

Carsten
by CPromper
Wed Apr 06, 2011 4:30 pm
Forum: Beginner Basics
Topic: RouterOS v5
Replies: 5
Views: 1222

Re: RouterOS v5

Hi,

can I upgrade from 4.11 (or 4,17) to v5 without starting from scratch ?

Is the configuration still okay after the upgrade ?

Can I download the packets from v5 (the packages that I use for v4 only) and put them into the file storage and simply reboot ?

Thanks for your help

Carsten
by CPromper
Wed Mar 09, 2011 3:38 pm
Forum: Beginner Basics
Topic: [Solved ]Can I remove additional USB stick from ROS ?
Replies: 1
Views: 515

[Solved ]Can I remove additional USB stick from ROS ?

Hello community, I have an ALIX board with ROS installed on a CF card. Then I played around with an additional USB stick plugged in and formatted. Can I remove this stick after shutting down the ROS ? Or must I disable the stick in ROS ? I can't find something ! I didn't configure the USB stick as w...
by CPromper
Wed Sep 29, 2010 6:02 pm
Forum: General
Topic: Solved: Problem: Forward port 443 to different servers
Replies: 8
Views: 2360

Re: Solved: Problem: Forward port 443 to different servers

Hi Chupaka,

I didn't say that I have blocked all ports. Of course I forward and nat the udp ports (the sequence) to the Linux server with the knock daemon.

Maybe I have misdescribed it.

I think, that's exactly what I need. I'll give it a try.

thanks

Carsten
by CPromper
Tue Sep 28, 2010 8:04 pm
Forum: General
Topic: Solved: Problem: Forward port 443 to different servers
Replies: 8
Views: 2360

Re: Solved: Problem: Forward port 443 to different servers

Hi Chupaka,

with special sequence I mean a combination of sending udp port knocks to the knock daemon of my Linux system.

Regards

Carsten
by CPromper
Tue Sep 28, 2010 2:14 pm
Forum: General
Topic: Solved: Problem: Forward port 443 to different servers
Replies: 8
Views: 2360

Re: Solved Problem: Forward port 443 to different servers

Hi Chupaka,

I have solved the problem with a linux server behind the firewall.

There's a knock daemon installed. When I knock with a special sequence it will connect to the Mikrotik router via ssh
and change the to-address of the NAT rule via script for the port 443.

But thanks anyway

Carsten
by CPromper
Tue Sep 28, 2010 12:32 pm
Forum: General
Topic: Solved: Problem: Forward port 443 to different servers
Replies: 8
Views: 2360

Re: Problem: Forward port 443 to different servers

Hi Chupaka, I have two servers listening on ssh port 443. I have only one external ip address (it's a privat line). I must use port 443 for ssh because then I can go through firewalls and proxies (other ports are normally not allowed). Sometimes I have to access server01 via putty and sometimes I ha...
by CPromper
Tue Sep 28, 2010 10:50 am
Forum: General
Topic: Solved: Problem: Forward port 443 to different servers
Replies: 8
Views: 2360

Solved: Problem: Forward port 443 to different servers

Hello Mikrotik community, following problem: I have one external ip address. I want to forward port 443 to server01 or server02. Both are listening to ssh on port 443. How can I access these servers from the outside ? Normally I can only define one static NAT rule to forward e.g. to server01. Is it ...
by CPromper
Mon May 10, 2010 1:50 pm
Forum: General
Topic: [Solved] PPTP-CLIENT dial-on-demand - no timeout?!?!
Replies: 2
Views: 5147

Re: PPTP-CLIENT dial-on-demand - no timeout?!?!

Hi Chupaka,

thanks, it works.

Kind regards

CP
by CPromper
Thu May 06, 2010 8:57 pm
Forum: General
Topic: [Solved] PPTP-CLIENT dial-on-demand - no timeout?!?!
Replies: 2
Views: 5147

[Solved] PPTP-CLIENT dial-on-demand - no timeout?!?!

Hello community, I have setup my MT to connect to my office via pptp. I'm using the pptp-client with dial-on-demand=yes. Everything works, when I go to an office IP it will bring the pptp interface up. But it never timed out or stops the connection. Is it possible that the connection goes down when ...