Community discussions

Search found 51 matches

by ABeepMike
Wed Aug 26, 2015 11:35 pm
Forum: General
Topic: MT IPSEC VPN to SonicWall , Sonicwall Screenshots needed.
Replies: 0
Views: 299

MT IPSEC VPN to SonicWall , Sonicwall Screenshots needed.

Hi, I have done many MT to MT and MT to Linksys VPN tunnels successfully, and have no problem with all the MT programming of such tunnels. I have found no definitive thread or knowledge base addressing the setup of a VPN in either Main mode or Aggressive mode to a Sonicwall ASA product. While there ...
by ABeepMike
Thu Aug 15, 2013 9:03 pm
Forum: General
Topic: IPSec Tunnel - Cant ping remote network from one side
Replies: 3
Views: 3301

Re: IPSec Tunnel - Cant ping remote network from one side

Try gregsowell.com


You need a src nat rule, as part of the vpn setup.
Flags: X - disabled, I - invalid, D - dynamic 
 0   chain=srcnat action=accept src-address=192.168.1.0/24 
     dst-address=192.168.15.0/24 

Vice versa on other side.
by ABeepMike
Thu Aug 15, 2013 7:39 pm
Forum: General
Topic: Double NAT over VPN Browsing Problem
Replies: 1
Views: 661

Double NAT over VPN Browsing Problem

I have 493 behind a NAT'D Public...one to one NAT'd. Exterior of head end router is 1.1.1.1 ....NAT'd to 10.10.1.15...... the 493's Eth1 is 10.10.1.15 interior network 192.168.28.0/24 one VPN constructed over 10.10.1.15 to a hub (2.2.2.2) with 192.168.0.0./16 bridge Tunnels construct and pass ping t...
by ABeepMike
Mon Apr 15, 2013 3:26 am
Forum: General
Topic: 2 PPOE sesions on Eth1
Replies: 2
Views: 540

Re: 2 PPOE sesions on Eth1

THank you, I did not think of that. I will put a call into them... Hopefully I can, but if not....... With same port...ETH1 , can I start both PPOE sessions , assigning one address to another port , hence , a different MAC? ......yikes. I think this may be the killer to it...... Probably A dumb swit...
by ABeepMike
Sat Apr 13, 2013 4:51 pm
Forum: General
Topic: 2 PPOE sesions on Eth1
Replies: 2
Views: 540

2 PPOE sesions on Eth1

Hi, I have successfully made a PPOE connection on an RB493, and did the router setup and it functions fine. I have a question before I proceed with the next progression. Can I do 2 PPOE sign-ons (two accounts from same provider, who says both are available on the lan cable provided to me from their ...
by ABeepMike
Sat Apr 13, 2013 4:09 pm
Forum: General
Topic: Backup filename looks weird
Replies: 4
Views: 1666

Re: Backup filename looks weird

I have a spare rb2011 I will try it on thanks.
by ABeepMike
Sat Apr 13, 2013 3:36 pm
Forum: General
Topic: Backup filename looks weird
Replies: 4
Views: 1666

Re: Backup filename looks weird

I do not want to upgrade without knowing if this will fix problem.... All of my RB2011s (10 of them) do this. After I upgraded them in put them in service. I will downgrade before I upgrade....I believe I made a mistake going to the 6.x beta....all for the pretty icons and colors...when 5.22 suited ...
by ABeepMike
Sat Apr 13, 2013 3:07 pm
Forum: General
Topic: Backup filename looks weird
Replies: 4
Views: 1666

Backup filename looks weird

I upgraded a lot of my RB2011 to 6.08rc and now when i click backup in Winbox it make a file with a weird name instead of the System Id name.... is this normal or a bug? like this If the name of the Router is Anything Router.....back it up and the file looks similar to this... w_0_w__13042013-0658.b...
by ABeepMike
Fri Dec 28, 2012 6:40 pm
Forum: General
Topic: Help With IP Passthru
Replies: 0
Views: 342

Help With IP Passthru

Hi, I do not have a diagram of what I want , so I will TRY to describe it.... Eth1 Static Address 69.x.x.200/24 Gateway 69.x.x.1 I want to pass ALL Traffic to 2 other routers with the same address...of 69.x.x.200/24 , BUT , I want to use WInbox to get into MT Eth1 to shut off and turn on Eth2 or Eth...
by ABeepMike
Thu Dec 13, 2012 12:05 am
Forum: Scripting
Topic: one script runs, one doesn't IPSEC Policy GET
Replies: 3
Views: 1047

Re: one script runs, one doesn't IPSEC Policy GET

A little suggestion here, and I went looking for an example .....


Thank you.....this worked...

:global test1 [/ip ipsec policy get [find comment="tunnel20"] sa-dst-address]
KARMA Added for you!!!!
by ABeepMike
Wed Dec 12, 2012 11:51 pm
Forum: Scripting
Topic: one script runs, one doesn't IPSEC Policy GET
Replies: 3
Views: 1047

Re: one script runs, one doesn't IPSEC Policy GET

Thanks for the tip.... I wish I knew how to implement it.... So instead of "get" i use "find " to set the variable.....find the sa-src-address in the policy numbered 20? How do I find the sa-src-address in ipsec policy #20...... what else is it called besides the sa-src-address in ipsec policy # 20?...
by ABeepMike
Wed Dec 12, 2012 9:53 pm
Forum: Scripting
Topic: one script runs, one doesn't IPSEC Policy GET
Replies: 3
Views: 1047

one script runs, one doesn't IPSEC Policy GET

Title says it all: If I run this script....the variable populates in Environment # dec/12/2012 13:39:12 by RouterOS 5.14 # software id = BP5N-2J88 # /system script add name=test policy=\ ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive,api \ source=":global test1 [/ip ipsec policy g...
by ABeepMike
Wed Dec 12, 2012 2:02 pm
Forum: General
Topic: Webfig skins (tutorial)
Replies: 100
Views: 93333

Re: Webfig skins (tutorial)

hi, I am running 5.16 on RB750GL boxes for some simple tasks. I tried to disable ALL buttons in WebFig for the Read Only Group. I left Tools: Netwatch and Logout Works great except, from Logon...it shows IP Address' screen after logon...no matter what I do.. One click of the Tools Netwatch button , ...
by ABeepMike
Sat Dec 01, 2012 6:02 pm
Forum: Scripting
Topic: Script text runs on Terminal , but not from "run script"
Replies: 2
Views: 1509

Script text runs on Terminal , but not from "run script"

I am trying to run a script that checks a global variable then does a command... The variable is set by another script that runs OK. And the variable is visible in the Env window ... If I copy and paste the text to the command line it runs.....and updates the log. Hit the run script button and it do...
by ABeepMike
Wed Nov 28, 2012 2:31 pm
Forum: Scripting
Topic: external editor syntax highlighting
Replies: 39
Views: 42659

Re: external editor syntax highlighting

I would really like to try this tool, but, I download Notepad++ and try to install the user defined .xml file here , but there is NO entry in the View Menu for User-defined dialouge.... THere are many many entries in that menu...just not THAT one....I am using ver 6.22 Am I missing something here.....
by ABeepMike
Wed Nov 28, 2012 6:04 am
Forum: Scripting
Topic: Dyndns tunnel if-then-else edit needed.
Replies: 3
Views: 1321

Re: Dyndns tunnel if-then-else edit needed.

THank You, I used your example and was able to figure out what I wanted for the possibility of remote IP change and far end of tunnel , without changing policy or peer when NOT needed. :global RemoteSite0 [:resolve remotesite0.dyndns.org] :global remoteip0 [ /ip ipsec policy get 0 sa-dst-address] #s...
by ABeepMike
Wed Nov 28, 2012 2:46 am
Forum: Scripting
Topic: Dyndns tunnel if-then-else edit needed.
Replies: 3
Views: 1321

Re: Dyndns tunnel if-then-else edit needed.

WOW!

THank you ....I will try it...looks like Exactly what I want !! And it helps me understand how to do the next set of arguments for other scripts I may need.

Thanks again, I will post the results..

I really appreciate it, my education in all things MT continues.


KARMA added for you!!!
by ABeepMike
Mon Nov 26, 2012 2:16 pm
Forum: Scripting
Topic: Dyndns tunnel if-then-else edit needed.
Replies: 3
Views: 1321

Dyndns tunnel if-then-else edit needed.

Using bits of script from this thread and Greg Sowell's tutorial and examples, I have a Tik with a DynDNS WAN and IPsec tunnels with DynDNs entries for both SA-Src and SA-Dst in each tunnel pointed back at the TIK In the Tik scripts here,,,there is an IF , Then, Else portion for the Tik's WAN ....if...
by ABeepMike
Mon Nov 26, 2012 2:09 pm
Forum: Scripting
Topic: VPN IPsec 3G &DynDNS
Replies: 3
Views: 2573

Re: VPN IPsec 3G &DynDNS

turn on logging for ipsec and log it to disk capture. Then look at the entries....you may see the problem there. You should try to set up the tunnel first without dyndns...use the addresses currently assigned ,temporarily in the policies and peers to see if the resolve-change address script is causi...
by ABeepMike
Fri Nov 23, 2012 2:37 am
Forum: Scripting
Topic: VPN IPsec 3G &DynDNS
Replies: 3
Views: 2573

Re: VPN IPsec 3G &DynDNS

couple of questions Do you see the entries in the environment tab after resolve of the local and remote sites??? Do you see the Installed SAs of the tunnel? I have a similar set of scripts doing the same thing working properly. For multiple tunnels. THat nat bypass rule is a little different than wh...
by ABeepMike
Thu Nov 22, 2012 4:20 am
Forum: Scripting
Topic: dynDNS Update Script
Replies: 158
Views: 108841

Re: dynDNS Update Script

Using bits of script from this thread and Greg Sowell's tutorial and examples, I have a Tik with a DynDNS WAN and IPsec tunnels with DynDNs entries for both SA-Src and SA-Dst in each tunnel pointed back at the TIK In the Tik scripts here,,,there is an IF , Then, Else portion for the Tik's WAN ....if...
by ABeepMike
Fri Nov 09, 2012 11:42 pm
Forum: General
Topic: Public WWW Webfig access OK...No Winbox Connect.
Replies: 3
Views: 865

Re: Public WWW Webfig access OK...No Winbox Connect.

Could you post /export compact.

Not sure what that means or how to do it.
by ABeepMike
Fri Nov 09, 2012 11:05 pm
Forum: General
Topic: Public WWW Webfig access OK...No Winbox Connect.
Replies: 3
Views: 865

Public WWW Webfig access OK...No Winbox Connect.

Hi, I have a public address 493AH running 5.11 that I can access from the Web and get the default Webfig page.... I can use Winbox on it's Lan address on Ether2. Logs right in. But using Winbox to access thru the public interface , I get connection refused. Use a browser, pointed to the same address...
by ABeepMike
Tue Oct 30, 2012 12:53 am
Forum: Scripting
Topic: dynDNS Update Script
Replies: 158
Views: 108841

Re: dynDNS Update Script

Hi, I am using Greg Sowell's DYNDns scripts for the vpn tunnels I am constructing. http://gregsowell.com/?p=1523 and http://wiki.mikrotik.com/wiki/Dynamic_DNS_Update_Script_for_DNSoMatic.com_behind_NAT the "behind nat" script works for me on 5.14 , but it has caveats: uses DNSOMATIC :( I would like ...
by ABeepMike
Thu Oct 25, 2012 2:19 am
Forum: General
Topic: Hub and Spoke IPSEC Configuration
Replies: 7
Views: 3954

Re: Hub and Spoke IPSEC Configuration

Well,

after clicking around on some of these links.....


Branch to Head VPN

Branch Lan to Head Lan SRC Network 24bit Nmask DST Network 16bit Nmask

Vice versa on the Head to Branch VPN side

Head Lan SRC 16bit nmask DST 24 bit nmask


Easy as 1 2 3
by ABeepMike
Wed Oct 24, 2012 8:33 pm
Forum: General
Topic: Hub and Spoke IPSEC Configuration
Replies: 7
Views: 3954

Re: Hub and Spoke IPSEC Configuration

I have the very same diagram for a hub-spoke configuration as above. A head-office router with VPN tunnels to each "spoke" on different subnets. I would like the different subnets to pass traffic to each other through the head office router. I have VPN successfully passing traffic on each leg both w...
by ABeepMike
Thu Jun 17, 2010 6:31 pm
Forum: Beginner Basics
Topic: IPSEC Tunnel Traffic route missing?
Replies: 1
Views: 1584

IPSEC Tunnel Traffic route missing?

I have built IPSEC tunnels between an MT RB493AH and 15 LinkSys RV016 routers. I used Greg S. method and got it working somewhat. SA's pop up, Remote peers show up, ping from a PC on the MT to any of the interior IP's or Linksys interior gateway's is successful. Cannot ping from the MT Ping tool to ...
by ABeepMike
Thu Jun 17, 2010 2:08 am
Forum: Beginner Basics
Topic: IPSEC Tunnel and Ping Tool
Replies: 1
Views: 627

IPSEC Tunnel and Ping Tool

I have IPSEC tunnels built using Greg S. method. I can ping from interior to interior with computers on the Lan ports, no problem. But, I cannot ping the LAN Gateway's 192.168.1.1 or even a PC on the LAN ports from the MT Ping tool. They all timeout, why? The tunnels are up, SA,s loaded, traffic is ...
by ABeepMike
Tue May 18, 2010 3:51 am
Forum: Beginner Basics
Topic: LinkSys SOHO VPN - Mikrotik 493 VPN tunnel help, w/pics
Replies: 4
Views: 1970

Re: LinkSys SOHO VPN - Mikrotik 493 VPN tunnel help, w/pics

Thanks , I will give it a go and post results and logs.
by ABeepMike
Mon May 17, 2010 11:54 pm
Forum: Beginner Basics
Topic: LinkSys SOHO VPN - Mikrotik 493 VPN tunnel help, w/pics
Replies: 4
Views: 1970

LinkSys SOHO VPN - Mikrotik 493 VPN tunnel help, w/pics

I need to learn to setup vpn tunnels to my Linksys RV016's with Mikrotiks , with the end game being the removal of the LinkSys' . Here are two screenshots of the VPN setup in a LinkSys RV016. The local being the Linksys and the Mikrotik being the remote. http://www.diga-talk.com/pictures/linksys%20v...
by ABeepMike
Sun May 16, 2010 11:41 pm
Forum: Beginner Basics
Topic: RB493 simple Wan-lan setup needed.
Replies: 10
Views: 8636

Re: RB493 simple Wan-lan setup needed.

Tinka and Feklar, thank you for the help. I thought I was going mad, having successfully setup 100+ tunnels between 15 sites on the internet with SOHO equipment, I STILL did not completely understand the routing until learning to setup this RB493. Tink that script taught me a lot, Feklar, that code ...
by ABeepMike
Fri May 14, 2010 10:19 pm
Forum: Beginner Basics
Topic: RB493 simple Wan-lan setup needed.
Replies: 10
Views: 8636

Re: RB493 simple Wan-lan setup needed.

OK, I will check it out. I have had success setting up a dhcp server on a single port, but not all the ports. I have had success getting the public ip on eth1 working , so you can hit from the outside. but making it ALL work together is just beyond me. I understand basic IP , but setting up a bridge...
by ABeepMike
Fri May 14, 2010 8:29 pm
Forum: Beginner Basics
Topic: RB493 simple Wan-lan setup needed.
Replies: 10
Views: 8636

Re: RB493 simple Wan-lan setup needed.

I will PayPal someone here for a RB493 backup file that will do what this link describes, as every time I try it I cannot get it to work. ETH1 68.xxx.xxx.xxx/24 68.xxx.xxx.1 gateway, 68.xxx.xxx.0 network This much I can get to work. Access from the web. I need ETH2 - 9 to DHCP address's 192.168.1.2-...
by ABeepMike
Thu May 13, 2010 11:33 pm
Forum: Beginner Basics
Topic: RB493 simple Wan-lan setup needed.
Replies: 10
Views: 8636

Re: RB493 simple Wan-lan setup needed.

Is it possible to make this like a linksys router bought from a store? Wan on port 1 LAN DHCP on all other ports gateway'd to a single public address? I can buy a router off the shelf that will doi this without much setup, i cannot get this to handout DHCP or get connectivity to the web. I can make ...
by ABeepMike
Thu May 13, 2010 9:36 pm
Forum: Beginner Basics
Topic: RB493 simple Wan-lan setup needed.
Replies: 10
Views: 8636

RB493 simple Wan-lan setup needed.

I have a RB493 that I want to setup like a store bought router. eth1 with my public IP 68.xx.xxx.xxx gateway 68.xx.xxx.1 Net 255.255.255.0 eth2 through 9 DHCP 192.168.17.100 - 192.168.17.200 to access the web through eth1 with the 68 addy. 192.168.17.1 gateway but where and how? Wan-Lan simple?? I c...
by ABeepMike
Thu Mar 04, 2010 2:12 am
Forum: Beginner Basics
Topic: Lost Newbie help w/RB493 basic Internet DHCP Router Setup
Replies: 25
Views: 4115

Re: Lost Newbie help w/RB493 basic Internet DHCP Router Setup

Had to take a break. I tried the reset button, it does not reset, still comes back with the name I gave it. After booting and loading I get: MiroTik 1 Login: No blinking cursor. No Response from any keyboard command. No echo. If I carefully type in the logon : admin and then the password I had set e...
by ABeepMike
Wed Mar 03, 2010 11:39 pm
Forum: Beginner Basics
Topic: Lost Newbie help w/RB493 basic Internet DHCP Router Setup
Replies: 25
Views: 4115

Re: Lost Newbie help w/RB493 basic Internet DHCP Router Setup

I dont know if it takes the password. nothing happens , no echo, no screen change, nothing.


Hard reset to defaults....is that something that can be done with the reset switch on the side or pulling a battery, or setting a jumper?
by ABeepMike
Wed Mar 03, 2010 11:26 pm
Forum: Beginner Basics
Topic: Lost Newbie help w/RB493 basic Internet DHCP Router Setup
Replies: 25
Views: 4115

Re: Lost Newbie help w/RB493 basic Internet DHCP Router Setup

i get MiroTik 1 Login:

MikroTik 1 is what i named it in previous attempts.

LOL. But I cannot get it to respond to anything I type. LOL.
by ABeepMike
Wed Mar 03, 2010 11:11 pm
Forum: Beginner Basics
Topic: Lost Newbie help w/RB493 basic Internet DHCP Router Setup
Replies: 25
Views: 4115

Re: Lost Newbie help w/RB493 basic Internet DHCP Router Setup

I had assigned another IP to ether 1 and then screwed it up so badly that I can no longer connect to it, it seems. I have a serial cable. But, when I connect to it, with HyperTerminal , I get the sign on , power up text, loading this and that, but I cannot seem to get it to respond to anything I typ...
by ABeepMike
Wed Mar 03, 2010 11:07 pm
Forum: Beginner Basics
Topic: Where to send MikroTik RB493 for basic router setup?
Replies: 1
Views: 517

Where to send MikroTik RB493 for basic router setup?

Is there service I can send a MikroTik RB493 standalone router to that will program like a store bought Linksys 8 port router, with nothing fancy, just the simplest 8 port router/switch with a single public IP address for 8ports of DHCP internet access? I.E. Can this Ferrari be programmed to be a Ch...
by ABeepMike
Wed Mar 03, 2010 11:01 pm
Forum: Beginner Basics
Topic: Lost Newbie help w/RB493 basic Internet DHCP Router Setup
Replies: 25
Views: 4115

Re: Lost Newbie help w/RB493 basic Internet DHCP Router Setup

I cannot connect to it anymore. I at first use the ... button, and get a mac address. I can no longer get the ... button to show anything. I was throwing other lines of code at it from the WIKI and must have completely locked it up. I would love to give you the prints from it. But, I have fried it. ...
by ABeepMike
Wed Mar 03, 2010 10:21 pm
Forum: Beginner Basics
Topic: Lost Newbie help w/RB493 basic Internet DHCP Router Setup
Replies: 25
Views: 4115

Re: Lost Newbie help w/RB493 basic Internet DHCP Router Setup

I cannot get past square 2. I quess what I want is for ETH2 - 9 to DHCP an address in the 192.168.50.100 - 150 range. So Far I have not been able to do this. No matter what I try , eth2-9 do not dish out addy's. I always end up with a 169.xxx.xxx.xx address. I have tried the lines of code you listed...
by ABeepMike
Wed Mar 03, 2010 9:44 pm
Forum: Beginner Basics
Topic: Lost Newbie help w/RB493 basic Internet DHCP Router Setup
Replies: 25
Views: 4115

Re: Lost Newbie help w/RB493 basic Internet DHCP Router Setup

I Tried th elast line of code you posted for me.

I got this back from the terminal:

[admin@MikroTik 1] > /ip firewall filter add chain=srcnat out-interface=ether1 a
ction=masq
syntax error (line 1 column 66)

any ideas?
by ABeepMike
Wed Mar 03, 2010 9:16 pm
Forum: Beginner Basics
Topic: Lost Newbie help w/RB493 basic Internet DHCP Router Setup
Replies: 25
Views: 4115

Re: Lost Newbie help w/RB493 basic Internet DHCP Router Setup

Thanks for the education.

Saved , and archived.


Now on to my router , I had no idea that you could click onthe mac addy, I WAS clicking on the address. Again, thank you.

Back at it, this newbie will learn .

Mike
by ABeepMike
Tue Mar 02, 2010 5:34 pm
Forum: Beginner Basics
Topic: Lost Newbie help w/RB493 basic Internet DHCP Router Setup
Replies: 25
Views: 4115

Re: Lost Newbie help w/RB493 basic Internet DHCP Router Setup

Also,

the rb493 I have is in a metal box with ETH2 -9 on the front and ETH1 and sereial on the side.
by ABeepMike
Tue Mar 02, 2010 5:27 pm
Forum: Beginner Basics
Topic: Lost Newbie help w/RB493 basic Internet DHCP Router Setup
Replies: 25
Views: 4115

Re: Lost Newbie help w/RB493 basic Internet DHCP Router Setup

I have really tried hard to make this work. Just a simple router, and cannot. I did something wrong, and now I cannot connect to the router with winbox anymore. I just dont understand the 88.888.888.1/0 commands. What does the / and 0 or 24 do to the IP address. I just dont get it. Is that the netma...
by ABeepMike
Tue Mar 02, 2010 4:33 pm
Forum: Beginner Basics
Topic: Lost Newbie help w/RB493 basic Internet DHCP Router Setup
Replies: 25
Views: 4115

Re: Lost Newbie help w/RB493 basic Internet DHCP Router Setup

Cool, I was able to paste the commands. However , I need to be a little more specific in what I want. I do not want to assign 192.168.50.xxx address's to 68.xxx.xxx.xxx adress on the exterior. I want to have ONE address on ETH1 be the internet gateway for the 192addys assigned on ETH2 - 9. The way t...
by ABeepMike
Tue Mar 02, 2010 12:57 am
Forum: Beginner Basics
Topic: Lost Newbie help w/RB493 basic Internet DHCP Router Setup
Replies: 25
Views: 4115

Re: Lost Newbie help w/RB493 basic Internet DHCP Router Setup

1st. I have never entered commands like that, and would not know where to enter them. I have connected to winbox on eth1 . 2nd. If i put those commands in , when I learn how, will ETH2 - 9 use ETH1's public address as it's internet gateway, and if so,where is that setup and in what screens? so 192.1...
by ABeepMike
Mon Mar 01, 2010 9:37 pm
Forum: Beginner Basics
Topic: Lost Newbie help w/RB493 basic Internet DHCP Router Setup
Replies: 25
Views: 4115

Lost Newbie help w/RB493 basic Internet DHCP Router Setup

I just can;t seem to grasp to setup this RB493 for ETH2 thru 9 as DHCP on interior 192.168.50.1 LAN setup. I want it set up like this : ETH2-9 DHCP 192.168.50.102-109 255.255.255.0 Gate 192.168.50.1 (eth1 port) ETH1 WAN Port IP xx.xxx.xxx.66 Gateway xx.xxx.xxx.1 net 255.255.255.0 DNS xx.xxx.xxx.13 S...
by ABeepMike
Tue Nov 10, 2009 10:46 pm
Forum: Beginner Basics
Topic: RB493 Ether1 Public setup Help Needed
Replies: 1
Views: 434

RB493 Ether1 Public setup Help Needed

I have a RB493 with port Ether2 to Ether9 bridged for use as a switch. And it works well. I want to use Ether1 as a public entry into the switch for admin only. I have a public address for it, but cannot seem to get it configured to go public. Can someone take me through the process of setting up th...