Community discussions

MUM Europe 2020

Search found 28 matches

by squintr
Fri Jun 15, 2007 5:18 am
Forum: General
Topic: Question about DNS forward/reverse zones and dynamic updates
Replies: 1
Views: 945

Question about DNS forward/reverse zones and dynamic updates

I just moved to a new company recently and in my old job we ran all Mikrotik routers and used them for our DHCP instead of Windows server. We used active directory integrated DNS. It's my understanding that Windows client computers will by default, update the DNS server (Forward / A record) when the...
by squintr
Thu May 03, 2007 3:35 pm
Forum: General
Topic: Hotspot & MTU
Replies: 2
Views: 889

Well if we set the MTU on the Interface to 1500 and try to send a packet sized say... 1600 it will drop the packet rather than fragment it. If I disable the hotspot then do the same test the packet will go through. It will take minutes or longer to load some websites versus seconds or less with the ...
by squintr
Wed May 02, 2007 12:41 am
Forum: General
Topic: Hotspot & MTU
Replies: 2
Views: 889

Hotspot & MTU

When our hotspot is enabled we cannot send a packet bigger than the MTU setting on the hotspot interface. This is causing some network applications to be very slow. Has anyone else had this problem?
by squintr
Sat Mar 24, 2007 5:00 pm
Forum: General
Topic: Hotspot AAA Microsoft IAS RADIUS - By Rodney Yeo
Replies: 20
Views: 14783

Actually I figured it out..

On the IAS server I was putting the IP address of the Hotspot gateway forgetting that it was masquerading itself so I changed it to the LAN Gateway and it worked.
by squintr
Thu Mar 22, 2007 5:37 pm
Forum: General
Topic: Hotspot AAA Microsoft IAS RADIUS - By Rodney Yeo
Replies: 20
Views: 14783

These instructions/screenshots seem to apply to Windows 2000. Our Windows 2003 Server is displaying different screens (eg. missing the "realms" tab). Is the setup for Server 2003 much different? I can't seem to get it working -- works from my desktop (on the same subnet as the RADIUS server) but doe...
by squintr
Thu Mar 22, 2007 1:15 am
Forum: General
Topic: RADIUS and Windows IAS?
Replies: 3
Views: 1117

RADIUS and Windows IAS?

Does anyone know of any guides to get Mikrotik RADIUS and Microsoft IAS working together for PPTP connections? I found one helpful post that gave steps for setting up a hotspot but I'm looking for PPTP help. http://forum.mikrotik.com/viewtopic.php?t=12180&highlight=mschap&sid=1169593719275f1...
by squintr
Fri Mar 16, 2007 6:10 pm
Forum: General
Topic: Forwarding FTP Ports (DST-NAT) Passive mode
Replies: 2
Views: 1903

Anyone?
by squintr
Wed Mar 14, 2007 6:04 am
Forum: General
Topic: Forwarding FTP Ports (DST-NAT) Passive mode
Replies: 2
Views: 1903

Forwarding FTP Ports (DST-NAT) Passive mode

I've been forwarding FTP to an internal FTP server for years and it's worked fine. I forward external ports 20-21 to internal ports 20-21. The FTP client log displays the external IP (assuming the IP is x.x.x.x) 227 Entering Passive Mode (x,x,x,x,22,72). We have a blackberry user that needs to conne...
by squintr
Wed Mar 14, 2007 4:39 am
Forum: General
Topic: Blocking Youtube
Replies: 28
Views: 5850

Make it easier for yourself and don't block each individual IP address -- block the subnet

eg. to block youtube put the block on 208.65.153.0/24 or 208.65.0.0/16 or 208.0.0.0/8 (although I don't recommend blocking with /8 as you will be blocking a lot of IP addresses)
by squintr
Thu Mar 08, 2007 8:02 pm
Forum: General
Topic: Problem with VLAN & PPTP VPN
Replies: 7
Views: 4025

Actually I think the issue with ours was that our ARP on the VLAN & NIC Interface was set to enabled instead of 'proxy-ARP'. After this change it worked.
by squintr
Sat Feb 24, 2007 5:09 pm
Forum: General
Topic: Problem with VLAN & PPTP VPN
Replies: 7
Views: 4025

Problem with VLAN & PPTP VPN

I have been using the same config for a few years now but upgrading to the newest Mikrotik versions as they come out... and I think this may be contributing to my problem. For the first time yesterday we setup a VLAN on an interface (as well as some queues) and since that time any user who VPN's int...
by squintr
Tue Jan 23, 2007 9:09 am
Forum: General
Topic: What is dst-limit=0,5,dst-address/1m40s ?
Replies: 0
Views: 565

What is dst-limit=0,5,dst-address/1m40s ?

I was running 2.9.29 and upgraded to 2.9.39 over the weekend. Monday morning I noticed that our DNS lookups were failing from external sources. After much frustration I had the idea to look at the terminal source and noticed this which I thought was strange: 22 ;;; External DNS chain=dstnat dst-addr...
by squintr
Tue May 09, 2006 6:47 am
Forum: General
Topic: Advanced NAT problem - SMTP
Replies: 4
Views: 1390

Thanks Rich that certainly did help (your mailertable suggestion)

:D
by squintr
Sat May 06, 2006 12:58 am
Forum: General
Topic: Advanced NAT problem - SMTP
Replies: 4
Views: 1390

Yes, that would work if I had local DNS setup so the IP that was resolved was a local one but when we're hosting 50 or so domains I don't want to create internal AND external DNS records for each domain. I had a friend who knows more about mikrotik end up helping me out -- not sure if it's the best ...
by squintr
Fri May 05, 2006 7:20 pm
Forum: General
Topic: Advanced NAT problem - SMTP
Replies: 4
Views: 1390

Advanced NAT problem - SMTP

I've got a mail server and a spam server both on our internal subnet. I'm trying to avoid making local DNS entries for each domain I add. Spam Server External IP 123.123.123.1 Spam Server Internal IP 192.168.0.2 Mail Server Internal IP 192.168.0.3 Gateway 192.168.0.1 Outside connects to our spam ser...
by squintr
Tue Mar 07, 2006 6:46 pm
Forum: General
Topic: New release changes?
Replies: 1
Views: 530

New release changes?

My license just ran out in Jan and I'm wondering if its worth upgrading -- is there anywhere that says what bugs have been fixed or new features released in new versions of the routerOS software?
by squintr
Fri Dec 30, 2005 3:07 am
Forum: General
Topic: How to get a report - amount of traffic used
Replies: 0
Views: 754

How to get a report - amount of traffic used

What I'd like to do is get an idea of how much traffic goes through certain interfaces in a given time interval. The graphing tool is nice and all but only shows me min and max bandwidth. I'm trying out the traffic counter v1.9 tool and it only seems to show me per IP address. Am I missing something??
by squintr
Mon Dec 26, 2005 7:19 am
Forum: General
Topic: VPN error 619
Replies: 11
Views: 4455

I'm having the same problem as Nuru but I'm using a Linksys WRT54G router with a modified firmware (http://www.sveasoft.com/). When I bypass my router it connects. I had no issues when I was using version 2.8. This started happening after upgrading to 2.9 I'm just reading through your posts and ther...
by squintr
Mon Dec 26, 2005 6:39 am
Forum: General
Topic: Dynamic VPN PPTP & IP Pools?
Replies: 10
Views: 4016

Well I've found the problem -- I bypassed my Linksys router and it's connecting fine. I've been using the same router the whole time -- nothing has changed here -- just the MK upgrade from 2.8 to 2.9. I'm updated the firmware on the router with still no success. I'm using a modified version of the L...
by squintr
Mon Dec 26, 2005 5:42 am
Forum: General
Topic: Dynamic VPN PPTP & IP Pools?
Replies: 10
Views: 4016

Dynamic VPN PPTP & IP Pools?

Hi There Up until this afternoon I was running Mikrotik ver. 2.8.28. I took the config file from it and put it on another box with 2.9.10 loaded (rather than risking my working router). Everything is working great except that I can't login to the mikrotik box from home through VPN anymore. When I tr...
by squintr
Mon Dec 19, 2005 6:26 pm
Forum: General
Topic: Avaya VOIP Phones & VPN
Replies: 7
Views: 2851

Figured it out!!

I had a src-nat rule to our remote office from our network - once I disabled that the phone works both ways.
by squintr
Fri Dec 16, 2005 10:27 pm
Forum: General
Topic: Avaya VOIP Phones & VPN
Replies: 7
Views: 2851

In addition to my original post.... Found this in the Avaya manual End-to-End Matching Standards: VoIP depends upon the support and selection of the same voice compression, header compression and QoS standards throughout all stages of the calls routing. The start and end points must be using the sam...
by squintr
Fri Dec 16, 2005 9:47 pm
Forum: General
Topic: Avaya VOIP Phones & VPN
Replies: 7
Views: 2851

Avaya VOIP Phones & VPN

Wondering if anyone can help me. Our head office is running an Avaya phone system and all mikrotik routers. We have a couple of remote locations with VPN tunnels between us. We gave them some IP Phones to use. When we call them or they call us I can only hear them speak and they can't hear us. Ping ...
by squintr
Tue Dec 06, 2005 8:28 pm
Forum: General
Topic: Can 1 user be shared on a hotspot?
Replies: 1
Views: 664

I think I answered my own question :oops:

In the 'profile' section I changed shared user from 1 to 200
by squintr
Tue Dec 06, 2005 7:59 pm
Forum: General
Topic: Can 1 user be shared on a hotspot?
Replies: 1
Views: 664

Can 1 user be shared on a hotspot?

I'd like to have a generic login for our users to use the hotspot. When one person logs in the second person gets "no more sessions are allowed for user X"

Do you know if theres any way to accomplish this? I have the level 4 license.
by squintr
Wed Nov 30, 2005 2:25 am
Forum: General
Topic: Issues with NAT
Replies: 25
Views: 9462

I'm still using an older version. Try taking out your port 90 on the to-src-address in your source nat (leave the default of all ports)

Here's what I have:

dst-address=192.168.0.20/32:80 protocol=tcp action=nat to-src-address=192.168.0.1
by squintr
Tue Nov 22, 2005 5:39 pm
Forum: General
Topic: Issues with NAT
Replies: 25
Views: 9462

Thank you so much, that worked like a charm!!
by squintr
Tue Nov 22, 2005 12:48 am
Forum: General
Topic: Issues with NAT
Replies: 25
Views: 9462

no, it is the other way around: the problem is not the source address of server's response, but destination. you should source-nat or masquerade all requests to the server from local netwrk hosts. I have already explained the reasoning, please reread the previous message. Hi Lastguru, It looks like...