MikroTik

NetVicious

Yes. I understand how it works. But IMHO if the system not:s getting power from a POE IN port it should show it too as it does with PSUs.

In that way we can check if all it's ok.

NetVicious

Hi! I did the test with a HeX and it works as eworm said. I only shows one voltage. Here's the test. 24V it's what it gets directly from the DC adapter, and 23.9V it's the voltage it gets from the POE IN port. [admin@MikroTik] > system health print voltage: 24V temperature: 42C [admin@MikroTik] > sy...

NetVicious

I don't bought yet the rb3011. I was only asking if RouterOS publishes both voltages or something we can check to discover if POE In or DC In power supply failed. I see someone was writing about RB100 with has 2 AC or DC In. Someone with a device powered at the same time with DC/AC in and POE In can...

NetVicious

Hi!

I read RB3011 can be powered at the same time within the DC port and the eth1 POE IN port.
I want to know if both voltages can be monitorized within a script to check if one of the power adapters died.

Regards,

NetVicious

I'm talking about embedding all in one application. I know I can use one external SFTP/SSH server, but If you want to release one application with all inside that external SSH server it's an extra. I don't know how why it's so difficult to add http/https upload when they have the http/https protocol...

NetVicious

Yes I know, but it will be easier to use TFTP-upload or HTTP(s)-upload because there are lots of free components outside. For SFTP it's a bit difficult and expensive to add it to one self-made application

NetVicious

Paste your config here.

NetVicious

After some test, I've discovered that the problem is that you can't get file contents greater than 4KBytes. Then I have other problem: I don't know how to use a file as palyload for /tool fetch http-method=put The file command it's which has the problem with files greater than 4KBytes. I tried it f...

NetVicious

http-data parameter of /tool fetch it's only used to set which string will be sent to the server when doing one upload. It doesn't work (at this moment with RouterOS 6.45.6) in the way you're trying to do writing the name of the file you want to upload on the http-data parameter. You should use the ...

NetVicious

Nice one. What about one MQS with one ethernet port for POE IN and another ethernet port for POE OUT. The new ethernet port will be only used to get power from the current wire, and also can be good for do not have the device down so much time while configuring it. It will be easier to disconect the...

NetVicious

Hi! I'm having problems creating a scenario like this image: https://i.postimg.cc/vZf8MDQt/unnamed0.png I was struggling me with one bridge for each VLAN (wrong), assigning the IP address to the bridges instead to the VLAN interfaces, .... But now I think I'm doing it correctly but it doesn' works. ...

NetVicious

Hi! I'm trying to install in some devices the last RouterOS update and I'm getting the "already up to date" message in some devices. As I see on the website, and in other devices I manage, the last one it's the 6.45.5 Obviously it should be a cache related question. That device has the web-proxy dis...

NetVicious

More than one year later and the bug it's there yet.

I'm tryting to get the result of the /export command and it seems it's affected by the same limitation of the API.

NetVicious

Currently the application doesn't has any measure you wrote. I will add for sure the option to use non-standard ports. The port knocking seems to be easy to add, but I should need a testing setup to test it. I know what's a DSA key pair, but I don't know now how it applies to one RouterOS API port c...

NetVicious

Hi dakota! Here I think it will be better if we write in English. If you want to talk with me in spanish I don't have any problem to do it on private. My application will work perfectly if you have TCP/IP connection with the RouterOS devices. They can be on an internal network, connected within VPNs...

NetVicious

Old, good RB450G. Just upgraded to 6.45.1 from something like 6.40 and now can't connect through any port. 4 ports switched and one with DHCP client. Winbox says nothing (even after updating it and clearing cache). The only solution seems to be a rs232 (not tried yet). Any thoughts on that? Try con...

NetVicious

Yes, because of script. I did not run the script on first day, it was yesterday, and till then nobody complained the issue. Yesterday evening when i got to know the issue from several clients one by one etc then I took the notice. because other than hAP lite router, no one else complained till now ...

NetVicious

As I posted before I had (as others) problems with GRE with this new version of RouterOS. In my case I'm using pptp VPN tunnels. I have a master router acting as pptp Server and some other devices acting as pptp client. 2 of that clients had problems trying to connect to the pptp server after the 6....

NetVicious

@andriys. Sorry but I don't saw the official strods post answering a lot of posts of this threads with the info about GRE. I said temporary fix because I have some RB450G with 6.45.1 running perfectly against a RB850Gx2 with 6.45.1 without any new firewall rule about GRE . That's why I though it's a...

NetVicious

As I read before on this thread It seems 6.45.1 has some problem with GRE. When you do make the effort of reading the topic first and seeing others with the same problem, why don't you go that tiny step further and read the replies that they got (also from MikroTik) about the cause of this "problem...

NetVicious

Hi! As I read before on this thread It seems 6.45.1 has some problem with GRE. I have some Mikrotik RB450G (call they A, B, C, .....) connected to one RB850Gxx2 (call him as master). "Master" has one PPTP Server binding for each other (A, B, C). After upgrading all the devices to 6.45.1, A and C can...

NetVicious

My little tool it's near the public release.
I added threads to do the actions in less time.
Check the video on the first post to see what it can do.

NetVicious

I see. I'm trying to create a converter of the "export commands" to the "API commands". I don't like to leave so much ports opened on my devices.
Thanks for the info. If I cannot translate all the commands to the API style I will use the ssh mode.

NetVicious

Hi!
It's there a way to run commands exported directly from a Mikrotik without modifying the way we need to send the parameters within the API?

I want to add one option to my application to send raw commands as we paste they on the Terminal.

Regards,

NetVicious

Read the previous message of your post

NetVicious

Hi! The application it's ready for the first betatesters. Please send me one email to "my nick + gmail" I will send you one link to the application. At this moment the application can check each device added, getting info about: serial number model RouterOs version Firmware version If the date+time ...

NetVicious

Hi! First of all I need to send thanks to Chupaka for it's Delphi API library. Here I'm introducing my MtkManager, a tool which will help us to upgrade RouterOS and firmware in several RouterOS devices with a few clicks. I don't know if there it's published a similar tool. I know there it's the Dude...

NetVicious

Connection error: No SSL/TLS support compiled
Probably you need libeay32.dll and ssleay32.dll

Perfect. That worked for the API Test application.

I will try another time to use openssl on my code, thanks.

NetVicious

Did you try API Test program? It works for me with SSL. If you're refering to the APITest-1.3.exe executable, when I run it and I check the TLS checkbox I got this error when trying to connect: --------------------------- RouterOS API Demo --------------------------- Connection error: No SSL/TLS su...

NetVicious

Hi! The Chupaka library works perfectly on non-SSL protocol, but I want to use it using the API-SSL port. I tried several synapse library versions, criptlib or openssl and I got one " Received TLS alert message: Handshake failure " error when trying to use ssl_cryptlib and a " Network Subsystem it's...

NetVicious

It was a typo sorry. Half = have

I changed it.

NetVicious

mmm, I'm thinking we need some power to fully tight they so they should have self-locking ring too.

NetVicious

The kit doesn't includes auto lock nuts, that was my question for getting it more secured.
You can see it on the point 3 of the mounting guide PDF
https://i.mt.lv/routerboard/files/Ilust ... 095554.pdf

The nuts are directly fitted on the mouting kit.

NetVicious

I understand your answer perfectly, but what about the nuts which link the dish and the mounting kit?

NetVicious

Hi!
I bought a pair of Wireless Wire Dish (aka LHGG-60ad) and I want to ask why they don't include auto lock nuts instead of the usual nuts.
Any problem to use this kind of nuts on exteriors?
Regards,

NetVicious

I know Dude has one option to mass upgrade RouterOS version, but this upgrade it's done uploading the npk files from the Dude Box to each RouterOS device. Why not add one option to use remotely the auto-upgrade option RouterOS has? This it's done in System/Packages/Check for Updates or in the Quick ...

NetVicious

Nice info! You tested it with lots of traffic in both network cards?

NetVicious

I was looking a solution with two wireless cards too, and when I saw the price of the RBM33G I thought something was wrong. Obviously this it's the limitation the routerboard has, and that's why it's more cheaper than the other RB43X models

NetVicious

Thanks uldis, I searched on the quickstart guide for external antenna without reading the full document.

I discovered it myself and I was preparing this image

wap_lte_opened.jpg

Thx for the info. Regards,

NetVicious

Hi! I bought two units and all works flawlessly as usual, but I don't see where are the external antenna connectors of the LTE modem. I think I should open the case (not the screw protected bottom part) and change the internal wires to the internal antennas to my external antennas within a little pi...

NetVicious

Hi!

I read RB4xx don't supports FastTrack. But why Winbox it showing this option on the Firewall action ?

IMHO, Winbox should detect this and the fastrack option should not appear.

Regards,

NetVicious

Hi! IMHO the RouterOS should have a bruteforce protection system for it's services. If you want to protect a service which Mikrotik forwards+NAT you should use Mikrotirk filters or another solution on the destination box. That should include the Mikrotik services SSH, Winbox, VPNs (L2TP, PPTP, IPSec...

NetVicious

I see.

But only related to hotspot. VPN connections are not counted in our RB/450

Please tell me if external Radius server logins count as user manager database. And external logins within Facebook, Linkedin, Twitter APIs?

NetVicious

Looking these wikis [1] and [2] and this post I have the same question yet! [1] https://wiki.mikrotik.com/wiki/User_Manager/Active_users [2] https://wiki.mikrotik.com/wiki/User_Manager/Active_sessions What needs a session or what counts as active user? I understand if someone connects to winbox or t...

NetVicious

Thanks for the info.

Link for other people looking for the same: http://wiki.mikrotik.com/wiki/Manual:IP ... _Mode_Conf

NetVicious

I read on the forum using PPP VPN connection it's not possible to push routes to the client.

What about IPSec VPN or OpenVPN ? It's not possible either?

NetVicious

I know this topic it's largely posted on this forum from a lot of time (>6 years) :? It seems the position of Mikrotik it's to not develop nothing outside the RFCs (aka standards) I was solving this problem using scripts on local computers, or modifying the configuration of the OpenVPN client. One s...

NetVicious

Winbox 3.1 doesn't fix the Neighbors problem on the detection of RouterOs in the same network.

I'm connecting with a RB450G using the mac address but the neighbors tab doesn't shows nothing.

NetVicious

English translation of DmitryAVET link

http://www.microsofttranslator.com/bv.a ... k-RB850Gx2

NetVicious

Neighbors works fine. It does exactly the same as the three dots button. What do you have there? Are you using Winbox 3.0 (not beta)? Here it's not working. I don't know If I disabled something but running the old winbox 2 on a computer with a Routerboard as router of the network nothing it's shown...

NetVicious

Hi! Where's the option to detect the near Mirkotik devices using broadcast ? On the Winbox 2.0 there was a button with 3 dots at the left of the "connect" button. I thought this function was moved to the Neightbors tab on Winbox 3. When it was a beta I thought it won't work due to work in progress, ...

NetVicious

Hi! I'm looking for one antenna for the 2.1Ghz band of GRPS. I need one angled antenna with magnetic base like the image below but I need to put it angled because it will be used on the lateral of one big van. http://thumbs3.ebaystatic.com/d/l225/m/mQAza6WG-VFniWDbNNUdOhA.jpg I don't found any magne...

NetVicious

"1" in the end will indicate that it has a wireless slot or card. + each change in product code results in new government certification for us, to import that product, so i'm against changing any names, especially in cases when there are no physical differences between boards. That's a good reason,...

NetVicious

IMHO the new RB850Gx2 with hardware encryption should have been called RB851Gx2

Now If we want to buy the improved version of RB850Gx2 we need to ask our provider to know it's serial number

NetVicious

Ok, thanks for the info. I checked that and RouterOs tried to renew phase 2 SAs when the SAs had 24 minutes remaining of lifetime. 30 minutes remaining it's 75% so it seems to be ok. The problem it's the other router (Mcaffe firewall) has the soft rekeying at its 85% of SA timeout, so my rekey at ar...

NetVicious

Thanks mrz. And you could tell me which should be the standard behaviour or these SAs .... If the phase 2 SAs get its configured timeout the RouterOS should re-negotiate another new phase 2 SAs ? Or it don't needs to do that because it will negotiate new phase 2 sas with the phase 1 SA when the tunn...

NetVicious

Hi! Someone could tell me which type of SAs we see on IP / IPSec / Installed SAs ? As I know there are two different SAs on IPSec (IKE SAs for phase 1, and IPSec SA for phase 2). Looking to the timeouts, it seems the Installed SAs tag shows IP Sec Sas related to phase 2. And in the Remote Peers tabs...

NetVicious

Hi! I set one IPSec VPN tunnel within a RB450G and a Juniper. All seems to be configured correctly because when we start the tunnel all goes ok, we can connect to the server in the other part ... But when the phase 2 gets timeout-ed the tunnel seems to be broken. After that moment on the MK there it...

NetVicious

Hi! I got here looking for one configuration for RouterOS to set an external zone to the Routerboard DNS server. I read here something about dnsmasq or creating a new zone. This it's possible using RouterOS? I want to say to the RouterOs DNS if it gets a query asking for domain.com it should ask for...

NetVicious

Proposal it's the phase 2 of IPSec and it's lifetime means when it should renew the SAs used. Peer it's the phase 1 of IPSec and it's lifetime means when it should close the current connection and create a new one. On the IP / IpSec / Peers you could see the phase 1, and if you double-click one you ...

NetVicious

Hi! Time ago I post a little tutorial [1] for setting a IPSec VPN connection with RouterOS when the Mikrotik it's after a firewall. That tutorial uses the main exchange mode and needs to set in the ID field the external wan IP address of that office. The option to change the ID on main mode was remo...

NetVicious

I took the routerboard to an electronical technician which changed the electronical capacitor which was a bit blowed up (or inflated) Take an eye on these capacitors: http://www.pcstats.com/articleimages/200302/capblown_3.jpg If your RouterBoard has one in a similar status that should be the problem...

NetVicious

Looking for the same.

The archived RB1100AHx2 it's sure at 100% it has hardware encription for IPSec.

http://i.mt.lv/routerboard/files/RB1100.pdf

NetVicious

Normis, can you post a list of RouterBoards with hardware encryption ? A new line element on the Product specifications on the website routerboard.com should be added.

And a little wiki with one explanation about whats hardware encryption (IPSec only and so on) would be perfect.

NetVicious

Autoupdate says last version it's RC4!

The RC5 it's on website

NetVicious

Allow new line characters on the Memo component to see the whatsnew texts smooth

NetVicious

Hi! Sorry for revive this old thread, mitay you got any solution ? My RB450G it's a bit death. Blue led it's on and the upper led it's also on. No beep on boot. No activity on ethernet port leds, no link, Only a fast On and Off when I insert the power. None within hyperterminal COM port. The only th...

NetVicious

Winbox closes suddenly If I press a menu button after saving session.

RouterOS 6.24, Win XP SP3.

Name of the session doesn't has any strange character, only alphabetical characters.

NetVicious

Hi!

It's this vulnerability fixed at the 6.20 release ?

http://www.kb.cert.org/vuls/id/184540

If not, there it's any workaround or temp fix?

Regards,

NetVicious

Hi! thx for answer. I fixed it yesterday. It seems it was a problem with the IP the Cisco was receiving which was not the IP agreed and set on the Phase 2. I needed to do a real snat on the Mikrotik because I want other networks different than what we define on the MKT phase 2. Check my solution I p...

NetVicious

IPSec tunnel within a Mikrotik behind a Firewall and a Cisco ASA 5510 NETWORK MAP mkt_natted_to_cisco.png MIKROTIK CONFIG Note: Take attention to your encryption algorithms, lifetimes and other things, because this config should be exactly the same on the Cisco. IP / IPSec / Peer (aka IPSec Phase 1)...

NetVicious

My next step if I was on your position it's: - Ask this ebayer: http://www.ebay.co.uk/usr/sentory-global-trade?_trksid=p2047675.l2559 He has something similar what you're looking for, but I think it's not the exact fan you need. http://www.ebay.ca/itm/1x-D4020V12HB-RD-SYM-BANG-12V-DC-0-16A-Brushless...

NetVicious

I didn't read nothing about AVM FritzBox until I saw it on your post. So I cannot help you.

Try reading tutos of how to config Mikrotik against IPSEC Cisco.

http://gregsowell.com/?p=787

NetVicious

Hi! I'm trying to do one IPSec tunnel within one RB450G and a Cisco ASA 5510. I'm doing what this tuto [1] says but I'm stuck on the IPSec phase2 with a message saying: Received a valid R-U-THERE, ACK sent And it loops always with the same codes. No traffic it's going throught the tunnel because the...

NetVicious

Try asking the manufactured for a local provider near you:
http://www.activa.com.tw/contact?language=en

NetVicious

If you're masquerading, you need to create a NAT rule before all the other NAT rules with the source network and destination netwokt with Action: accept

This it's for disable masquerading

NetVicious

hansmeier61. Did you enabled the logging for ipsec ?

/system logging add topics=ipsec

NetVicious

Hi!

WinBox allow to set it, but it seems it doesn't works.

I have one IP Pool with 5 separate ip addresses.

I tried to add only one firewall filter instead of creating 5 filters, but it didn't worked.

NetVicious

Hi! Im using PPTP VPNs for trivial tasks. As I know on VPN we have one client and one Server. The client has one option to up the VPN tunnel when it detects traffic that should go throught the tunnel (Dial on Demand option). But what about if a computer on the router set as VPN Server wants to trans...

NetVicious

Check for the IPs/Pool you're assigning to the VPN users.

This error it's due to problems with the assigned IP to the VPN user.
- IP Pool Full
- No IP assigned
- no fixed ip/no pool assigned and DHCP off
- TCP/IP config on user bad configured
- Bad range of IPs being assigned to user

NetVicious

The price should be a bit lower. I think the LCD component should cost some money.

NetVicious

Hi! First of all a diagram to see easily what we're talking about. Office 1 ------- Mikrotik 1 ---- Internet ---- Mikrotik 2 ---- Office 2 192.168.1.x ---- 172.25.0.1 ------------------ 172.25.0.2 ---- 192.168.2.x I have two Mikrotiks connected between one L2TP VPN. On the PPTP Client I have marked ...

NetVicious

Thanks for the links. If the feature request it's not approved I will try to use some of the ideas of the links. Here are my comments for the previous links: The first one will involve to make the firewall packet inspector to check all the dns packets. And the second will make the router to check ea...

NetVicious

Mikrotik team has created a entry in his wiki for new features: http://wiki.mikrotik.com/wiki/MikroTik_RouterOS/Feature_Requests#Not_yet_implemented If you want to vote for some feature request you need to register on the wiki and edit the page adding your nick and time of the vote as other users di...

NetVicious

The problem with the scheduler it's you need to delete the scheduler item after the restart because if you don't do it the router will be rebooted each day.

One possible solution could be a flag for delete the scheduler item after a correct execution.

NetVicious

Now users have the Windows AD Server as DNS Servers. If the server goes down no one could browse the internet until the dns request timeout finishes (a lot of time) and it jumps to the next dns server (secondary AD server) If the RouterOs have one option to do zone transfer to his DNS cache the user...

NetVicious

For late night reboots for applying new uploaded RouterOS images.

NetVicious

normis: In the webpage of RB1100AHx2 says zero LAN ports. (copy&paste bug

NetVicious

The new RB1100AH model doesn't haves IPSec hardware acceleration.

Normis said the new model it's faster than the old RB1100AH model.

NetVicious

I think he is refering to use something like this (http://www.i4wifi.eu/8-port-pasiv-poe-i ... d2063.html) instead of 8 separated POE Injectors

NetVicious

Ok, we need to see if the price has increased too. If it loses one very good feature talking about secured VPNs but it gains a bit more speed I think it should get a bit lower price.

There is a planned release date for the AHx2 ?

NetVicious

Our future product, the AHx2 will have hardware acceleration

What? If my memory it's not wrong I remember the old RB1100AH had IPSec acceleration isn't it ?

NetVicious

Also, the AHx2 has the advantage, that it will have two cores

Good information. Any other difference between AH and AHx2 ?

NetVicious

we had a problem with part supplier, that's why we made a "new and improved" RB1100AH and RB1100AHx2, which will be coming this autumn. Hi! The "new" product will be named RB1100AH as the older? or the "new" it's the RB1100AHx2 ? Autum starts on 10 days. Do you have some information about the aprox...

NetVicious

Hi! I'm using in one of our RB450G Mikrotik routers one script for DynDNS taken from this forum (thx to the developer). It saves a temporary file to the memory for use it as it was a html cookie for the IP on dyndns. I see this router has more bad blocks on memory than others (bought at the same tim...

NetVicious

Thx for answer. I read something related. So I will have problems of space mounting 3 R52nM cards ??? What do you refer with the interferences ? Related to the antennas or related to the interferences of the cards because the connectors release signal inside the mikrotik case ? It's there some solut...

NetVicious

Hi! I'm looking for a project for join two installations separated only by 200meters, but we need the maximum throutput available. I'm thinking to place in each building one RB433AH with 3 R52nM, and 3 directional MIMO antenas. I read some posts about problems with space trying to put three miniPcis...

NetVicious

Yes, because by default the VPN connection has a checkmark marked called ""Use default gateway on remote network". It's uses the tunnel as the gateway and all the traffic goes to the tunnel. The other day I discovered CMAK from Microsoft [2] It seems to allow us to create an EXE with the VPN connect...

NetVicious

Hi! I know we cannot distibute routes to VPN clients in PPTP, L2TP protocols and other, so I'm trying to find one software that allows me to set on it the routes on my internal network, because I dont wan't my users use my central connection as gateway so I need to use routes. On Windows I could set...

NetVicious

Thx for the explanation roadracer96. But I want to work only with Mikrotiks. I'm talking of clients pulling static routes from the Mikrotik. When talking about site-to-site vpns I don't have any problem adding them manually to each router or using rip, ospf, .... My problem are clients connecting to...

NetVicious

Ok, thank for the info.

For the people who is reading this looking for the same as me:

OpenVPN allows to add static routes in the client configuration file using this command (you could add more than one if you need):

route 192.168.4.0 255.255.255.0

NetVicious

Ok, good answer.

Any roadmap for add it to openVPN (as example) ?

NetVicious

Hi! I read this on the forum: - We cannot distribute static routes to clients with PPTP on RouterOS. - OpenVPN supports static routes distribution but RouterOS doesn't have this option. - Ciscos could do it, but I don't read nothing if RouterOS could do it with IPSec VPNs. The question is: Is there ...

NetVicious

Here's Poynting's 23dBi 5GHz integrated enclosure. Only one clamp to the wall ? Take care when you get a lot of wind. The bracket is made from 5mm steel that's galvanised. The pole is 50mm with a 2mm wall thickness. Again galvanised. Now for the magic. The wall plugs are Fischer "UX". They are the ...

NetVicious

Here's Poynting's 23dBi 5GHz integrated enclosure.

Only one clamp to the wall ? Take care when you get a lot of wind.

NetVicious

You need the 5.0RC1 for vanilla GRE. Keep in mind it's a release candidate.

I have installed minutes ago the 5.0rc3 and I don't see nothing about the gre helper on the mikrotik in one RB450G.

I don't know if the RB450G doesn't gets the same plugins than other better motherboards.

NetVicious

I'm trying with IPSec now, but thx for the info.

NetVicious

Yes I want. I'm using one RB450G

NetVicious

Hi! I have a strange problem in one setup. Internet ----- DSL Router ------- Wifi AP with WDS --------- Mikrotik with WDS There is only one network 192.168.2.x Ping to Wifi AP - Ok Ping to DSL Router - Ok Ping to Internet - problems I could browse internet webpages without any problem. We got some p...

Search found 109 matches