Community discussions

Search found 150 matches

by Pada
Mon Jan 28, 2019 11:10 pm
Forum: General
Topic: Feature requests
Replies: 1159
Views: 204718

Re: Feature requests

I would love the following Winbox (and WebFix) features to be added: Setting default options for Tools > Torch, because I always have to first deselect "Src. Address6" & "Dst. Address6" and then select "Port" & "Protocol" Setting to prevent drag & drop of Firewall rules to prevent accidental changes...
by Pada
Thu Jan 14, 2016 9:28 pm
Forum: Announcements
Topic: v6.33.5 [current] is released!
Replies: 120
Views: 33768

Re: v6.33.5 [current] is released!

I tried the automatic updating from 6.33.3 to 6.33.5 and also got the missing wireless package message. I then uninstalled it and restarted, which then resulted in a incomplete upgrade to 6.33.5, where the ppp package wasn't installed and now even after I manually reinstalled 6.32.3 I lost all my pp...
by Pada
Fri Jan 08, 2016 2:31 am
Forum: Scripting
Topic: ppp on-up/on-down variables
Replies: 5
Views: 5385

ppp on-up/on-down variables

Hi, I've struggled for quite a bit to get the variables working that is exposed by the ppp on-up and on-down scripts, because variable names includes dashes: local-address, remote-address, caller-id, called-id interface variable isn't the interface's name So after a while I have managed to reconstru...
by Pada
Wed Oct 08, 2014 11:47 pm
Forum: General
Topic: Firewall Mangle rule order will change unexpectedly
Replies: 9
Views: 2971

Re: Firewall Mangle rule order will change unexpectedly

I see that my routers have 2 Change MSS rules that apply to all PPP interfaces in 6.19, so I'd guess that this problem is solved for me.

@Sinbad:
Do you have a reason why you cannot simply add those 2 Change MSS rules manually and place them first with ROS 6.19?
by Pada
Sun Jan 27, 2013 10:58 pm
Forum: General
Topic: Configuring OpenVPN
Replies: 44
Views: 69185

Re: Configuring OpenVPN

Have a look at OpenVPN's Easy RSA stuff: http://openvpn.net/index.php/open-sourc ... ement.html

Alternatively you can create certificates with OpenSSL command line application.
by Pada
Tue Dec 11, 2012 9:38 pm
Forum: Beginner Basics
Topic: WAN services not available to local users, please help!
Replies: 11
Views: 31008

Re: WAN services not available to local users, please help!

Hi tarslana, I would suggest that you use an Address List to contain all the local subnets of yours, because the mangle rule was supposed to only mark Internet connections. The "hairpin" connection-mark that I used should've been renamed to "internet-connection" or something in that line. So add you...
by Pada
Sat Aug 11, 2012 10:41 am
Forum: General
Topic: Reserving bandwidth with queue trees?
Replies: 2
Views: 1131

Re: Reserving bandwidth with queue trees?

Thanks greencomputing. I knew exactly how to do that (as seen in my first diagram on the right).

It is perhaps the best compromise at this moment, seeing that it does give a higher priority to the game packets. I'll give it a shot, in combination with shaping the outgoing packets too.
by Pada
Fri Aug 10, 2012 8:12 pm
Forum: General
Topic: Reserving bandwidth with queue trees?
Replies: 2
Views: 1131

Reserving bandwidth with queue trees?

Hi, I'd like to know if it is possible to reserve bandwidth with queue trees when a certain queue is active? Like what I'd like to achieve is to allow my HTTP downloads to go at full speed (of 2Mbps) when I'm not playing any games, but it has to be limited to just like 100kbps as soon as game packet...
by Pada
Fri Sep 23, 2011 1:16 am
Forum: General
Topic: Configuring OpenVPN
Replies: 44
Views: 69185

Re: Configuring OpenVPN

risipetillo: you're my saviour!

I had to reboot my RouterOS v5.2 x86 before the MikroTik OpenVPN server worked with my RHEL v6 OpenVPN client.
by Pada
Tue May 17, 2011 1:19 am
Forum: General
Topic: MT 5.2 bridged vlan's dhcp trouble
Replies: 16
Views: 4154

Re: MT 5.2 bridged vlan's dhcp trouble

@Feklar: Thanks. I will most definitely give the Horizon parameter a go some time, when I'm back at my parent's home again :) @reverged: Thanks as well. I had the RB750G, but I swapped it with my friend's RB750 because I had no gigabit devices in my home and I didn't know that the non-gigabit one la...
by Pada
Mon May 16, 2011 10:01 pm
Forum: General
Topic: MT 5.2 bridged vlan's dhcp trouble
Replies: 16
Views: 4154

Re: MT 5.2 bridged vlan's dhcp trouble

Thanks Feklar. In my case (see the image in my previous post), I have 2 tagged VLAN's for the AP's clients and an untagged VLAN on Ether2 for managing the D-Link - all on the same physical port. I would like to have the vlan1 & vlan2 bridged with the Ether3 interface. Do you perhaps have an example ...
by Pada
Sun May 15, 2011 10:38 pm
Forum: General
Topic: PPTP Server with Multiple WAN
Replies: 2
Views: 952

Re: PPTP Server with Multiple WAN

Thanks.

I have tried the setup like in http://wiki.mikrotik.com/wiki/Manual:PCC , but I think my traffic shaping rules (which uses connection & packet marking) messes it up.

I'll try it again some time this week without my shaping rules.
by Pada
Sun May 15, 2011 8:06 am
Forum: General
Topic: MT 5.2 bridged vlan's dhcp trouble
Replies: 16
Views: 4154

Re: MT 5.2 bridged vlan's dhcp trouble

@reverged: Thanks for your response. And 'no' w.r.t. DD-WRT firmware. I've installed the German D-Link (v2.50de) firmware on it, which fixed the stability issues and allows for Multi-SSID. See page 37 & 38 of ftp://ftp.dlink.de/dwl/dwl-2100ap/documentation/DWL2100AP_man_Handbuch.pdf I have actually ...
by Pada
Sun May 15, 2011 2:14 am
Forum: General
Topic: QoS vs Bandwidth PCQ
Replies: 7
Views: 4569

Re: QoS vs Bandwidth PCQ

Hi, I implemented this system QoS and I work great with the tree queue and the PCQ to control the speed of the clients, but to enable web.proxy speed ceases to function, each user is consuming the entire channel, someone has solved this problem? I think you'll have to get a second router if you wan...
by Pada
Sat May 14, 2011 9:06 pm
Forum: General
Topic: PPTP Server with Multiple WAN
Replies: 2
Views: 952

PPTP Server with Multiple WAN

Hi, I'm curious to know if it is possible to route traffic back on the interface that it came from? In my case it would be PPTP clients connecting both to my shaped and unshaped WAN IP addresses. My problem is that I already have static routes, a transparent proxy and route marking on my Intel x86 b...
by Pada
Sat May 14, 2011 8:30 pm
Forum: General
Topic: load balancing multiple adsl trough a switch
Replies: 3
Views: 724

Re: load balancing multiple adsl trough a switch

+1 to what fewi & Nitrious said.

You either have to use unique VLAN's (like fewi said) / unique Ethernet ports (like Nitrious said) for the modems
OR
you can dial a PPPoE connection on each modem and then perform NAT on the ADSL modems.
by Pada
Sat May 14, 2011 8:18 pm
Forum: General
Topic: Firewall Mangle rule order will change unexpectedly
Replies: 9
Views: 2971

Re: Firewall Mangle rule order will change unexpectedly

Those mangle rules that change position are automatically created ones for PPP interfaces. Mine always stays at the bottom of my firewall table. I'm using an Intel x86 machine with ROS v5.2, and PPPoE & PPTP clients. I haven't tried moving those dynamic/automatically created 'change MSS' rules to th...
by Pada
Sat May 14, 2011 8:13 pm
Forum: General
Topic: MT 5.2 bridged vlan's dhcp trouble
Replies: 16
Views: 4154

Re: MT 5.2 bridged vlan's dhcp trouble

I also wanted to do something like this at my parent's home with their MikroTik RB750 with ROS v5.2, but as soon as I bridged 2 (or more) VLAN's (used by the WiFi AP's clients) then their network stops. The problem wasn't just with DHCP but that the network completely stopped functioning for those d...
by Pada
Sat May 14, 2011 7:43 pm
Forum: General
Topic: Traffic Load Balancing 3 adsl windows live close each time
Replies: 1
Views: 853

Re: Traffic Load Balancing 3 adsl windows live close each t

Hey, Could you perhaps upload to a different image service or ask the MikroTik owner to register their domain at imageshack? You should have a look at the Policy Based routing examples. eg. http://blog.butchevans.com/2008/09/mikrotik-policy-routing-implementation-example/ Did you add 3 routing table...
by Pada
Sat Oct 23, 2010 5:42 am
Forum: General
Topic: [5.0RC1] Firewall Mangle Passthrough bug?
Replies: 3
Views: 2230

Re: [5.0RC1] Firewall Mangle Passthrough bug?

Thank you Chupaka. I didn't know about this "feature".

I can't wait for RC2 :)
by Pada
Fri Oct 22, 2010 6:24 pm
Forum: General
Topic: brandnew router not responsive adter hostname change
Replies: 2
Views: 640

Re: brandnew router not responsive adter hostname change

You should be able to connect directly to the router using WinBox on both IP and MAC levels - both of which don't require a hostname.
by Pada
Fri Oct 22, 2010 7:28 am
Forum: General
Topic: MK v5 rc1 - bug torch
Replies: 33
Views: 6903

Re: MK v5 rc1 - bug torch

I also have the same issue as InoX and I would love to get my hands on the fix :)

One thing that bothers me too is that the ports & protocols aren't listed by default any more like they used to in v3 & v4.
by Pada
Fri Oct 22, 2010 2:21 am
Forum: General
Topic: Traffic Forwarding between 2 public IPs for VPN server.
Replies: 1
Views: 626

Re: Traffic Forwarding between 2 public IPs for VPN server.

The problem is that the default route back from the client won't be through the new ISP #2 like you said. The only solution that I know of is that you let your client connect to the public IP given by ISP #2 and then you forward that PPTP connection to your VPN Server. I hope for your sake that you'...
by Pada
Thu Oct 21, 2010 9:40 pm
Forum: General
Topic: [5.0RC1] Firewall Mangle Passthrough bug?
Replies: 3
Views: 2230

[5.0RC1] Firewall Mangle Passthrough bug?

I have already posted this in the General Support section, but I haven't received any replies yet since I probably posted it in the wrong section: http://forum.mikrotik.com/viewtopic.php?f=2&t=45996 My problem is that after the rule matched in the Firewall : Mangle table and I've set passthrough=no,...
by Pada
Thu Oct 21, 2010 12:44 am
Forum: General
Topic: Passthrough not working in custom chain - v5.0rc1?
Replies: 0
Views: 731

Passthrough not working in custom chain - v5.0rc1?

Hi, I'm not sure if I'm doing something wrong / misunderstanding how the passthrough option works in the firewall / if it's a bug? I'm using a RB750 with ROS 5.0rc1. Here's a WinBox screen shot showing that even though the packets were marked and passthrough=no, it continued to check the next rules:...
by Pada
Fri Jul 09, 2010 1:05 am
Forum: General
Topic: How to store config and then restore it?
Replies: 4
Views: 726

Re: How to store config and then restore it?

The system backup is chipset dependant, unlike export which saves a readable copy that you can modify to work on basically any chipset. Like I've tried to make a backup of my friend's RB750G configurations and put it on my RB750, but it didn't work due to the chipset mismatch. Using export did the t...
by Pada
Sat Jul 03, 2010 11:36 am
Forum: General
Topic: Load balancing
Replies: 8
Views: 1291

Re: Load balancing

The image quality of your network diagram is terrible. I would try and do policy based load balancing, where you let certain subnets (eg. the top half) use ADSL #1 and the remaining subnets use ADSL #2. If the links were CAT5e/6 cables between the 2 places where the ADSL routers are, then you can tr...
by Pada
Sat Jul 03, 2010 11:24 am
Forum: General
Topic: Script problem
Replies: 2
Views: 508

Re: Script problem

If you're asking in the Scripting section you might get better responses :)

http://forum.mikrotik.com/viewforum.php?f=9
by Pada
Sat Jul 03, 2010 11:22 am
Forum: General
Topic: HTB thing...
Replies: 17
Views: 2030

Re: HTB thing...

Its simple: version 2 is ancient and version 4.10 is the latest stable release, with 5 beta 3 being the latest beta at this moment.

You might even get help for version 3.30, but highly unlikely that you'll get help for version 2.
by Pada
Fri Jul 02, 2010 4:13 pm
Forum: General
Topic: HTB thing...
Replies: 17
Views: 2030

Re: HTB thing...

He meant public IP addresses -> as in IP address that aren't in the private IP address ranges (eg. 10.*.*.*, 172.*.*.*, 192.168.*.*, etc)
by Pada
Fri Jul 02, 2010 3:17 pm
Forum: General
Topic: Bandwidth reservation for gaming
Replies: 11
Views: 20161

Re: Bandwidth reservation for gaming

Thanks. I'll give that I try, but I'm still a bit skeptical about that solution, since the game uses only 25kbps but requires like 128kbps of the line to be available.
by Pada
Fri Jul 02, 2010 11:57 am
Forum: General
Topic: ROS answers to wrong ping?!
Replies: 1
Views: 456

Re: ROS answers to wrong ping?!

Do a trace route (tracert command-line utility in Windows) to that host and see how the traffic is flowing/hopping through the routers. It's possible that you're masquerading LAN network ranges too, instead of routing to them. Could you perhaps post your configuration (and remember to hide the sensi...
by Pada
Fri Jul 02, 2010 11:51 am
Forum: General
Topic: Need to setup a 450g as a VPN server
Replies: 4
Views: 1806

Re: Need to setup a 450g as a VPN server

AFAIK you just have to run like a PPTP VPN server on the MikroTik and then connect to it from your laptop. You'll also have to create a new Secret (username, password, local & remote addresses) for you to be able to log in and get an IP address from the VPN server. Unfortunately you'll have to add s...
by Pada
Thu Jul 01, 2010 10:02 am
Forum: General
Topic: DST-NAT Problem
Replies: 9
Views: 6829

Re: DST-NAT Problem

Toady, just bear in mind that when you setup that port forward (dst-nat rule) that you won't be able to test it from within your network, since you haven't done any NAT Loopback (aka hairpin NAT). You would have to test it from the Internet! Usually we specify an 'in-interface' or 'dst-address' in t...
by Pada
Thu Jul 01, 2010 9:55 am
Forum: General
Topic: connect local lan to wlan with mikrotik
Replies: 1
Views: 633

Re: connect local lan to wlan with mikrotik

Well, if its a direct link to your friend and not via some WUG, then you don't need like VPN like I have to do to use my friend's ADSL. I would ensure that your friend's local (LAN) IP address range differs from yours, but the AP's may be on the same subnet though. eg. his can be like 10.0.0.0/24 (1...
by Pada
Wed Jun 30, 2010 12:32 pm
Forum: Beginner Basics
Topic: How tp set up a backup internet connection
Replies: 14
Views: 13157

Re: How tp set up a backup internet connection

Alternatively you could try to use DNS servers that would work on both Internet connections.
by Pada
Wed Jun 30, 2010 12:11 pm
Forum: Beginner Basics
Topic: How tp set up a backup internet connection
Replies: 14
Views: 13157

Re: How tp set up a backup internet connection

I'll host the DNS server on the MikroTik too and then let DHCP assign your router's IP address for the clients to use as their DNS server. Then in your DNS settings, you can setup a primary and secondary DNS server. I don't have any experience with DNS failover, so someone else should perhaps give r...
by Pada
Wed Jun 30, 2010 11:37 am
Forum: Beginner Basics
Topic: How tp set up a backup internet connection
Replies: 14
Views: 13157

Re: How tp set up a backup internet connection

You probably have to enable NAT (Masquerading) on the ether2 interface, otherwise only your router would have Internet access on the failover connection. For a start, see if you can ping network hosts like www.take2.co.za via your ether2, using the ping tool on the router. If that works, then disabl...
by Pada
Wed Jun 30, 2010 11:07 am
Forum: Beginner Basics
Topic: WDS question
Replies: 18
Views: 2356

Re: WDS question

zeljene, could you perhaps give a simple network diagram of how your routers/access points would be connected to each other? If all the AP's are sharing a common WAN connection, then please include that in the diagram too. Like if you have a mesh, where all the MT routers are able to connect to each...
by Pada
Wed Jun 30, 2010 10:51 am
Forum: Beginner Basics
Topic: how to learn mikrotik ?
Replies: 5
Views: 2678

Re: how to learn mikrotik ?

If you're going to be using MikroTik routers in your job, then it would definitely be worth it to do the basic training course with a certified MikroTik trainer. I've done the basic training a few months ago, and with me was another guy who wanted to run his own Wireless ISP. He printed out basicall...
by Pada
Wed Jun 30, 2010 10:46 am
Forum: Beginner Basics
Topic: How tp set up a backup internet connection
Replies: 14
Views: 13157

Re: How tp set up a backup internet connection

What I've done was to add default routes for both my PPPoE and failsafe Internet connections, with the PPPoE one's distance set to 1 and the failsafe one's distance set to 2. I've also enabled the option on the PPPoE interface to ping the gateway to check if the Internet connection is active. Unfort...
by Pada
Wed Jun 30, 2010 10:30 am
Forum: Beginner Basics
Topic: how to limit bandwidth at phyical interface not at IP ?
Replies: 3
Views: 24079

Re: how to limit bandwidth at phyical interface not at IP ?

Use a simple queue, select your ether1 as the interface and set the max-limits. eg. /queue simple name="Limit ether1" dst-address=0.0.0.0/0 interface=ether1 parent=none direction=both priority=8 queue=default-small/default-small limit-at=256k/256k max-limit=256k/256k burst-limit=0/0 burst-threshold=...
by Pada
Wed Jun 30, 2010 2:37 am
Forum: The User Manager
Topic: HTTPS Scripts
Replies: 3
Views: 1081

Re: HTTPS Scripts

If you have a large user base that and you've left your radius session/error logging on default settings, then you would run into problems within a month where the sessions/failed authentications would max out your free space! I've actually had that with my friend's RB750G (running ROS v4.5) that us...
by Pada
Wed Jun 30, 2010 2:25 am
Forum: General
Topic: PPPoE - MSS Correction BUG in 3.30
Replies: 6
Views: 1383

Re: PPPoE - MSS Correction BUG in 3.30

I'm not 100% if its due to the same "bug"... I had to change my PPTP Client interface's max MTU (from the default of 1460 to like 1400) that was connecting to a server via a PPPoE connection in ROS v3.30. I can't remember that I've had to do that when the router was running ROS v4.5. I had the chang...
by Pada
Wed Jun 30, 2010 1:51 am
Forum: General
Topic: Loop Back?
Replies: 15
Views: 3139

Re: Loop Back?

eish fewi, you're too fast. I was just about to post here that I've updated an old thread about NAT loopback :D

Today is actually the first time that I've seen/heard about "hairpin NAT". Previously I've seen people calling it: "NAT loopback" / "Reverse NAT" / "PAT"
by Pada
Wed Jun 30, 2010 1:34 am
Forum: Beginner Basics
Topic: WAN services not available to local users, please help!
Replies: 11
Views: 31008

Re: WAN services not available to local users, please help!

I've had this kind of issue with other routers too, which cased lots of issues with hosting Warcraft III games on our local PvPGN server. Eventually I've written a patch for the PvPGN server where the people hosting the game can set their LAN IP address so that no masquerading have to be done when p...
by Pada
Wed Jun 30, 2010 12:02 am
Forum: General
Topic: Bandwidth reservation for gaming
Replies: 11
Views: 20161

Re: Bandwidth reservation for gaming

yes. I know that I didn't have any active queue for 'game' traffic since I wanted to switch between the 2 copies of queue trees. I also know that it's a bad idea to enable/disable queues automatically, but I have no idea how to reserve bandwidth for gaming ONLY when someone is playing already. It wo...
by Pada
Mon Jun 28, 2010 11:10 am
Forum: General
Topic: Bandwidth reservation for gaming
Replies: 11
Views: 20161

Re: Bandwidth reservation for gaming

Bump.

Any ideas for achieving something like I've posted in my previous post?
If it would be possible to script something like that, should I perhaps try the Scripting section of the forum?
by Pada
Mon Jun 28, 2010 11:07 am
Forum: General
Topic: How to best configure 2 WANs same IP's for different traffic
Replies: 4
Views: 660

Re: How to best configure 2 WANs same IP's for different tra

My please and thanks for the karma points :) Here are another 2 examples that might be of interest (with the first one being pretty much the same as the first example): http://wiki.mikrotik.com/wiki/Manual:Load_balancing_multiple_same_subnet_links http://wiki.mikrotik.com/wiki/Per-Traffic_Load_Balan...
by Pada
Mon Jun 28, 2010 10:46 am
Forum: General
Topic: How to best configure 2 WANs same IP's for different traffic
Replies: 4
Views: 660

Re: How to best configure 2 WANs same IP's for different tra

It's definitely possible to do this and there are actually numerous posts/wiki pages on how to achieve this. They call it 'policy routing'. Here's a nice example with pretty much the kind of setup you want: http://blog.butchevans.com/2008/09/mikrotik-policy-routing-implementation-example/ Only the o...
by Pada
Mon Jun 28, 2010 2:45 am
Forum: General
Topic: Awesome trick to shrink VirtualBox image of ROS
Replies: 0
Views: 808

Awesome trick to shrink VirtualBox image of ROS

I had a ROS 3.30 VirtualBox image image that I've upgraded to 4.10, but the size of the .vdi file was like 550MB where ROS only occupied ~250MB. Simply running 'VBoxManage modifyvd <your image.vdi> compact' didn't shrink the image, however the following that I found did: 1. I can confirm that the 'd...
by Pada
Thu Jun 24, 2010 7:28 pm
Forum: General
Topic: limit queue certain hours
Replies: 3
Views: 502

Re: limit queue certain hours

Simple queues have time constraints that you can set. You'll have to setup 2 simple queues then, similar to what Chupaka said, except that you don't have to add anything to the scheduler.
by Pada
Thu Jun 24, 2010 7:22 pm
Forum: General
Topic: policing incoming traffic, not shaping
Replies: 1
Views: 1164

Re: policing incoming traffic, not shaping

Well, you can setup a simple queue on that interface with a queue length of 1, so that it would basically drop all the excess packets once the rate is exceeding the limit.
by Pada
Thu Jun 24, 2010 2:54 am
Forum: General
Topic: Routing public IPs from 2 Gateways
Replies: 5
Views: 965

Re: Routing public IPs from 2 Gateways

I'm confused here... This is how I see it: You have a LAN (eg. 10.0.0.0/24) and 2 WAN interfaces (eg. 178.0.0.254/24 (for eth1_WAN_A) and 217.117.0.254/24 (for eth2_WAN_B) with their gateways being 178.0.0.1 (GW A) and 217.117.0.1 (GW B) respectively). MultipleGateways.png Here is how I would do the...
by Pada
Wed Jun 23, 2010 10:15 pm
Forum: General
Topic: Routing public IPs from 2 Gateways
Replies: 5
Views: 965

Re: Routing public IPs from 2 Gateways

use the ip > route > rules 1. add dst-addr=178.x.x.x/24 lookup main , add dst-addr=217.117.x.x/24 lookup main 2. add src-addr=178.x.x.x lookup GW1, add src-addr=217.117.x.x lookup GW2 Shouldn't that ^ be other way round, like: 1. add src-addr=178.x.x.x/24 lookup main , add src-addr=217.117.x.x/24 l...
by Pada
Tue Jun 22, 2010 10:04 pm
Forum: Beginner Basics
Topic: Local Internet Script
Replies: 6
Views: 799

Re: Local Internet Script

OK, if you're not willing to read all of the instructions that I've posted on myBroadband, then you'll have to settle for 600+ routes in your routing table, by creating and running a script like follow: Download the list of IP addresses from http://developers.locality.co.za/routes.txt insert the IP ...
by Pada
Tue Jun 22, 2010 4:19 pm
Forum: General
Topic: PPTP VPN problem with RB750
Replies: 18
Views: 13470

Re: PPTP VPN problem with RB750

That rule should be placed at the bottom of the list, as long as you have rules above it accepting all the traffic that you want to allow. Otherwise, remove that rule!
by Pada
Tue Jun 22, 2010 12:11 pm
Forum: General
Topic: PPTP VPN problem with RB750
Replies: 18
Views: 13470

Re: PPTP VPN problem with RB750

If you can't telnet to port 1723 then the PPTP connection won't work either.

Update: Make sure that you put the firewall rule that Grzegorz posted high up (if not first) in your Firewall filter rules.
by Pada
Tue Jun 22, 2010 10:48 am
Forum: General
Topic: PPTP VPN problem with RB750
Replies: 18
Views: 13470

Re: PPTP VPN problem with RB750

Yes I know that you did receive a different error.

Make sure to enable encryption. With my Windows 7 I can use the PPTP VPN without compression, bot NOT without encryption.

Have you tried connecting from a Windows Vista/7 machine yet?
by Pada
Tue Jun 22, 2010 2:02 am
Forum: General
Topic: Simple Question
Replies: 2
Views: 492

Re: Simple Question

The MikroTik limits work in kbps (kilobits per second), which is the same unit that they're using to specify your Internet bandwidth by. Due to protocol/OSI layer overheads, you will never get a download/upload rate as specified for your Internet connection. eg. if you have like a 384kbps ADSL conne...
by Pada
Tue Jun 22, 2010 1:45 am
Forum: General
Topic: PPTP VPN problem with RB750
Replies: 18
Views: 13470

Re: PPTP VPN problem with RB750

The windows client would give you an Error 628 if you've disabled encryption in the PPTP profile. You can see in the Logs that the PPTP client authenticated and then immediately terminated. Error 628: The port is disconnected or The connection was terminated by the remote computer before it could be...
by Pada
Mon Jun 21, 2010 9:31 pm
Forum: General
Topic: Routing public IPs from 2 Gateways
Replies: 5
Views: 965

Re: Routing public IPs from 2 Gateways

Routing 178.x.x.0/24 network through gateway 178.x.x.1 and 217.117.x.0/24 through gateway 217.117.x.1 is very easy -> add 2 static routes: /ip route add dst-address=178.x.x.0/24 gateway=178.x.x.1 distance=1 /ip route add dst-address=217.117.x.0/24 gateway=217.117.x.1 distance=1 OR when you configure...
by Pada
Mon Jun 21, 2010 6:08 pm
Forum: Beginner Basics
Topic: Local Internet Script
Replies: 6
Views: 799

Re: Local Internet Script

If you're from South Africa, then I can help you out since I'm from SA myself :) Unfortunately MikroTik v4 doesn't have LUA for reading large files, which makes scripting on the MikroTik alone impossible to add the routes for South Africa since the file is larger than 4kB! Here's my first attempt on...
by Pada
Mon Jun 21, 2010 1:57 am
Forum: Beginner Basics
Topic: Forward public IP to another public IP
Replies: 6
Views: 4669

Re: Forward public IP to another public IP

As an alternative you could also try hosting a PPTP VPN server so that you can use the MT's Internet connection from anywhere.

Those IP addresses that you gave fall in the private IP range. Could you perhaps tell us what you're trying to achieve if its not too personal.
by Pada
Mon Jun 21, 2010 1:50 am
Forum: Beginner Basics
Topic: Routerboard 750 Routing
Replies: 6
Views: 2080

Re: Routerboard 750 Routing

Fhillip, could you perhaps give us more information on how your networks are connected to each other. A network diagram is preferred. Usually a "network" refers to more than just 1 IP address, instead its an IP address range like 172.30.8.0 - 172.30.8.255 (written in CIDR notation it would be: 172.3...
by Pada
Mon Jun 21, 2010 1:33 am
Forum: Beginner Basics
Topic: weird wlan/lan setup
Replies: 3
Views: 620

Re: weird wlan/lan setup

For the routing to work correctly, both sides have to add routes:
You have to add routes (which would be the default gateway) that use their gateway,
and they have to add routes that use your gateway.

If they haven't added static routes for your network, then you could enable NAT (masquerading).
by Pada
Mon Jun 21, 2010 1:20 am
Forum: Beginner Basics
Topic: Login one time every 15 days...?
Replies: 1
Views: 393

Re: Login one time every 15 days...?

I'm not sure if this is what you're looking for:

You can use HTTP-cookie authentication and set the `http-cookie-lifetime` to `15d` (see http://wiki.mikrotik.com/wiki/Manual:IP/Hotspot).
by Pada
Mon Jun 21, 2010 1:02 am
Forum: Beginner Basics
Topic: Wireless repeater - how to prevent a loop creation
Replies: 3
Views: 839

Re: Wireless repeater - how to prevent a loop creation

You can try enabling STP (Spanning Tree Protocol) on the bridge interface and see if that solves your problem. I'm not so clued up in this area either. I think what you actually want to do is to prevent the Pseudoclient from having access to the MikroTik AP Bridge, by blocking the Pseudoclient's MAC...
by Pada
Mon Jun 21, 2010 12:52 am
Forum: Beginner Basics
Topic: Local Internet Script
Replies: 6
Views: 799

Re: Local Internet Script

Zero, you really need to provide more information with regards to "local ip's". "Local IP adddresses" can either refer to local as in your Country's IP address range or local as in your home/private network. Dynamic DNS is used to link a DNS (hostname, eg. yourpc.dyndns.org) with your changing publi...
by Pada
Mon Jun 21, 2010 12:42 am
Forum: General
Topic: dst-nat not working quite as I'd expect it
Replies: 10
Views: 1161

Re: dst-nat not working quite as I'd expect it

Do you already run a Transparent Proxy?

The problem with the 10.0.0.0/8 would be that would include the router's own IP address too (10.0.0.1), which is probably why it redirects all the users.
by Pada
Mon Jun 21, 2010 12:12 am
Forum: General
Topic: pppoe Most strange senario
Replies: 2
Views: 559

Re: pppoe Most strange senario

Could you perhaps draw us a network diagram?

From what you've said in your post it seems to me like you have 2 routers (each with their own PPPoE server) listening on the same sector?
by Pada
Sun Jun 20, 2010 11:52 pm
Forum: General
Topic: Queue
Replies: 5
Views: 729

Re: Queue

If the traffic is indeed passing through your router from that IP address, then that simple queue should limit its throughput. What you could do to check if the traffic is passing through your router is to add the following 2 filter rules: /ip firewall filter add chain=forward src-address=192.168.0....
by Pada
Sun Jun 20, 2010 10:44 pm
Forum: General
Topic: Strange traffic to block
Replies: 2
Views: 1093

Re: Strange traffic to block

The traffic seemed to me like someone is using a HTTP proxy on the Internet (93.152.160.66:8080). Pinging that IP address won't tell you much. Rather do a Traceroute. Is your WAN interface a wireless connection? I've had this kind of thing with a friend of mine who had his Genius router in bridge mo...
by Pada
Sun Jun 20, 2010 10:28 pm
Forum: General
Topic: Can ROS Recieve DHCP Routes?
Replies: 3
Views: 829

Re: Can ROS Recieve DHCP Routes?

I've never seen any other devices receiving routes from a DHCP server, except for the default gateway of course.

If you want to push routes from a central server, see something like BGP.
by Pada
Sun Jun 20, 2010 10:20 pm
Forum: General
Topic: no hits..
Replies: 4
Views: 540

Re: no hits..

3.30 or 3.0? Theres a massive difference.
by Pada
Sat Jun 19, 2010 11:38 am
Forum: General
Topic: HTB thing...
Replies: 17
Views: 2030

Re: HTB thing...

You can replace those 250 mangle entries and 500 queue tree items with 2 (1 for marking the connection and another for marking the packet) mangle entries and 2 (1 for upstream and 1 for downstream) PCQ items in your queue tree. Either search the wiki for PCQ or have a look at the following QoS prese...
by Pada
Sat Jun 19, 2010 11:28 am
Forum: General
Topic: no hits..
Replies: 4
Views: 540

Re: no hits..

For that amount of traffic I would rather use a dedicated server running Squid proxy.

I think the MikroTik web proxy only reports a hit if the object was cached. Could you perhaps state what RB you're using and which version of ROS?
by Pada
Sat Jun 19, 2010 1:57 am
Forum: General
Topic: Simple Queue Limitation
Replies: 2
Views: 728

Re: Simple Queue Limitation

Have you tried specifying the specific VLAN interface in the Simple Queue and not the Ethernet interface?

Could you perhaps give us more information on how your setup looks?
by Pada
Sat Jun 19, 2010 1:41 am
Forum: General
Topic: Second gateway not working
Replies: 3
Views: 715

Re: Second gateway not working

From the configurations that you've posted everything seems OK. From what you've posted, you should be able to ping 22.22.22.1 or 11.11.11.1 from any LAN PC, unless you have a firewall blocking ICMP packets. Make sure that you don't have a master-port set on the eth2-isp2 interface. Either its that,...
by Pada
Fri Jun 18, 2010 11:48 pm
Forum: General
Topic: Bandwidth reservation for gaming
Replies: 11
Views: 20161

Re: Bandwidth reservation for gaming

Would it be possible to toggle between 2 Queue Trees, based on a kbps threshold of 'game' packets in/out? For example: If the 'game' packets reach 10kbps, then activate the Gaming Queue Tree and disable the NonGaming QT and if the 'game' packets drop to below 5kbps again, then switch back to the ori...
by Pada
Mon Jun 14, 2010 2:22 am
Forum: General
Topic: RB750/g becomes inaccessible after loading openwrt
Replies: 1
Views: 1506

Re: RB750/g becomes inaccessible after loading openwrt

The RB750/750G has only 32MB of RAM, so you're already pushing your luck when it comes to MetaRouter which requires 16MB RAM unless you run OpenWRT you might get away with less than 16MB. I think the RB750's CPU usage went up to 100% which looked like it denied access to everything. I'm not an exper...
by Pada
Mon Jun 14, 2010 1:43 am
Forum: General
Topic: Bandwidth reservation for gaming
Replies: 11
Views: 20161

Re: Bandwidth reservation for gaming

I've already set the the max-limit to -10% of the line's bandwidth. I need to limit the incoming traffic too, since HTTP downloads can easily be like 300kbps down and 10-20kbps up, which makes it almost impossible to limit HTTP traffic on just `global-out`. The Queue Tree setup is definitely not wor...
by Pada
Sun Jun 13, 2010 10:48 pm
Forum: General
Topic: Bandwidth reservation for gaming
Replies: 11
Views: 20161

Re: Bandwidth reservation for gaming

Thank you for the quick response Chupaka. I previously had all my Mangle rules just in the Forward chain, which was probably the cause why nothing showed in the Global-In QT. I've now changed my incoming Mangle rules to the Prerouting chain. Now I'm stuck with configuring the Queue Tree. When I set ...
by Pada
Sun Jun 13, 2010 8:43 pm
Forum: General
Topic: Bandwidth reservation for gaming
Replies: 11
Views: 20161

Bandwidth reservation for gaming

Hi, I would like to know how to automatically reserve some bandwidth for gaming purposes. Currently I can hard-limit (with use of queues and packet marking) all the non-gaming protocols/packets. I've done the basic MikroTik training and read through a couple of Queue/QoS documents. The best one I ca...
by Pada
Thu Apr 08, 2010 1:00 am
Forum: General
Topic: Dual WAN, Port based routing (sort of resolved)
Replies: 1
Views: 981

Re: Dual WAN, Port based routing

Seems like some form of authentication/validation on the server that doesn't like the policy based routing when using the Warcraft III client, since its working 100% with telnet to the same port. Instead of switching between the routing entries manually, I've now: 1) mapped 123.123.123.123:611 3 to ...
by Pada
Fri Apr 02, 2010 1:11 am
Forum: General
Topic: Dual WAN, Port based routing (sort of resolved)
Replies: 1
Views: 981

Dual WAN, Port based routing (sort of resolved)

Hi, I'm struggling to get my port based routing to work. I have a setup with 2 WAN interfaces (1x uncapped + 1x unshaped) and a few PPTP Clients. See diagram below: Dual-WAN-Port-Based-Routing.png I want to be able to use the uncapped for everything, except for my games (of which I know the destinat...
by Pada
Fri Feb 26, 2010 9:06 pm
Forum: General
Topic: Route youtube
Replies: 6
Views: 1559

Re: Route youtube

I would also like to know how to get the address blocks of YouTube, Facebook and the major upload/download services like Rapidshare. So far I've roughly created a list of these sites. Unfortunately these address blocks aren't that accurate, since I haven't taken the time to go through like all 200 D...
by Pada
Sat Feb 20, 2010 11:46 am
Forum: Scripting
Topic: Moving Simple Queue to Last Position
Replies: 9
Views: 1811

Re: Moving Simple Queue to Last Position

wow, thanks for that last one changeip. Really appreciate that script.
by Pada
Fri Feb 19, 2010 9:52 pm
Forum: Scripting
Topic: Moving Simple Queue to Last Position
Replies: 9
Views: 1811

Re: Moving Simple Queue to Last Position

Thank you everyone.

fewi, your script was the simplest and it worked straight away:
/queue simple
move [find name="PCQ-Limit VPN Total"] [find name!="PCQ-Limit VPN Total"]
by Pada
Fri Feb 19, 2010 10:01 am
Forum: Scripting
Topic: Moving Simple Queue to Last Position
Replies: 9
Views: 1811

Re: Moving Simple Queue to Last Position

Thank you very much. I'll test this tonight when I'm back from work.
by Pada
Thu Feb 18, 2010 9:19 pm
Forum: Scripting
Topic: Moving Simple Queue to Last Position
Replies: 9
Views: 1811

Moving Simple Queue to Last Position

Hi, I'm looking for a script, that can move 1 of my Simple Queues to the last position, that I can schedule to run at regular intervals (or more specifically: whenever a new PPTP VPN client connects). My current situation is that I'm using the User Manager, where I've set a rate limit to each client...
by Pada
Thu Feb 18, 2010 4:35 pm
Forum: General
Topic: Feature Request: OpenVPN [ovpn] udp tunnels
Replies: 250
Views: 89258

Re: Feature Request: OpenVPN [ovpn] udp tunnels

I was always using OpenVPN on my Linksys WRT54GL with DD-WRT firmware, which allowed me to open PPPoE client connections via the OpenVPN tunnel. Since I got a RB750, I've changed over to PPTP VPN, which doesn't allow me to open PPPoE connections over the VPN tunnel. I've used the TCP based OpenVPN c...
by Pada
Fri Feb 12, 2010 12:02 am
Forum: General
Topic: PPTP connection, can't ping anything mikrotik
Replies: 9
Views: 13321

Re: PPTP connection, can't ping anything mikrotik

Hi, I'm not sure if you've managed to solved this yet, but I'm sort of in the same situation now. I saw that I've made a syntax error in my previous post: add chain=prerouting action=mark-connection connection-mark =vpn passthrough=yes src-address=172.16.10.250-172.16.10.254 should've been add chain...
by Pada
Thu Feb 11, 2010 10:58 pm
Forum: General
Topic: Bug Fix / Feature: VPN shouldn't disconnect with comment set
Replies: 4
Views: 1680

Re: Bug Fix / Feature: VPN shouldn't disconnect with comment set

Thank you.

I've also noticed that when the connection resets, ROS thinks that its transmitting like 1Gbps+ (like an impulse), causing the Traffic sent & received to instantly increase with 4GB with both the Sent & Received!
by Pada
Thu Feb 11, 2010 1:40 am
Forum: General
Topic: Bug Fix / Feature: VPN shouldn't disconnect with comment set
Replies: 4
Views: 1680

Bug Fix / Feature: VPN shouldn't disconnect with comment set

Hi, I'm not sure whether I should file this as a bug or not? Both my PPTP VPN & PPPoE connections disconnect (and reconnect of course) when I set their comment (from both Winbox AND Terminal) with Router OS 4.5 on my RB750. Only the interface that I changed the comment of would reconnect. Thanks in ...
by Pada
Wed Feb 03, 2010 12:27 am
Forum: General
Topic: ROS4.5 clearing webproxy cache almost immediately
Replies: 7
Views: 1334

Re: ROS4.5 clearing webproxy cache almost immediately

No, I have tried numerous values for the max-cache-size, and it immediately resets it to 'none'. I'm guessing that it has to be some kind of setting that I'm using that is causing the web proxy not to cache?! I've downgraded the ROS4.5 in the VirtualMachine to 3.30 and its also clearing the cache/sh...
by Pada
Mon Feb 01, 2010 8:47 pm
Forum: General
Topic: ROS4.5 clearing webproxy cache almost immediately
Replies: 7
Views: 1334

Re: ROS4.5 clearing webproxy cache almost immediately

I'm not sure what I should be looking for here :( status: running uptime: 2m37s requests: 32 hits: 0 cache-used: 0KiB total-ram-used: 243KiB received-from-servers: 376KiB sent-to-clients: 376KiB hits-sent-to-clients: 0KiB Its still showing a a single entry with an empty URI under /ip proxy cache-con...
by Pada
Mon Feb 01, 2010 5:30 pm
Forum: General
Topic: ROS4.5 clearing webproxy cache almost immediately
Replies: 7
Views: 1334

Re: ROS4.5 clearing webproxy cache almost immediately

OK, I'll have a look at /ip proxy monitor when I'm back from work.
by Pada
Thu Jan 28, 2010 11:29 pm
Forum: General
Topic: ROS4.5 clearing webproxy cache almost immediately
Replies: 7
Views: 1334

Re: ROS4.5 clearing webproxy cache almost immediately

What is the disk space of your proxy router?
I have it configured to dynamically adjust up to 5GB.

Is it some kind of 32bit error that would restrict ROS from working with any size larger than 4GB?
by Pada
Mon Jan 25, 2010 12:58 am
Forum: General
Topic: USe 2 gateway
Replies: 6
Views: 833

Re: USe 2 gateway

I've asked a almost similar question here: http://forum.mikrotik.com/viewtopic.php?f=2&t=38415 In my case I'm just using the transparent proxy for the more expensive WAN connection. Ideally I would have to use a Squid proxy like Chupaka said. I thinking more and more that this option would be better...
by Pada
Mon Jan 25, 2010 12:31 am
Forum: General
Topic: Feature Request: OpenVPN [ovpn] udp tunnels
Replies: 250
Views: 89258

Re: Feature Request: OpenVPN [ovpn] udp tunnels

I would've loved it to be able to use a standard OpenVPN configuration file.

The drawbacks with the current OpenVPN server/client are:
* No UDP support
* Unable to host a server without a username/password combination
* Unable to push routes to clients
by Pada
Sun Jan 24, 2010 12:45 pm
Forum: General
Topic: RB750 OpenVPN thoroughput problem
Replies: 15
Views: 9089

Re: RB750 OpenVPN thoroughput problem

You could always try to change the listening port of the OpenVPN server and see if the shaping is less...
by Pada
Sun Jan 24, 2010 12:02 pm
Forum: The User Manager
Topic: user manager but not connected to the internet.
Replies: 3
Views: 961

Re: user manager but not connected to the internet.

here's an example on how to setup DHCP & Radius/User Manager: http://wiki.mikrotik.com/wiki/User_Manager/DHCP_Example You then simply add the user's MAC address to the User manager (like shown in the example) and give that user a unique IP address that you can filter/block using firewall rules. I'm ...
by Pada
Sun Jan 24, 2010 2:03 am
Forum: The User Manager
Topic: Tracking data usage according to route marking / interface
Replies: 0
Views: 612

Tracking data usage according to route marking / interface

Hi, Is it possible to filter the Download & Upload amount according to a certain routing marking or outgoing interface? The reason I want to be able to do this is: I have 2 outgoing PPPoE connections: 1 for international (expensive) and 1 for local destinations (cheap) and I want to bill the clients...
by Pada
Sat Jan 23, 2010 10:31 pm
Forum: General
Topic: ROS4.5 clearing webproxy cache almost immediately
Replies: 7
Views: 1334

ROS4.5 clearing webproxy cache almost immediately

Hi, I've installed RouterOS 4.5 in VirtualBox and I've redirected dst port 80 (TCP) to 8080 (my transparent web proxy). The proxy is working fine, but for some reason the cache is cleared almost immediately. When looking at the cache status, it would go to like 200kB (the size of the image that I do...
by Pada
Sat Jan 23, 2010 4:01 pm
Forum: General
Topic: Licence purchase
Replies: 3
Views: 610

Re: Licence purchase

hey duvi, I've gone and also purchased a level 4 license from them. It took about 15 minutes for the email to arrive in my gmail inbox. The license worked 100%. I just find it stupid that their web interface doesn't show you some kind of receipt containing your order number once the order is complete.
by Pada
Tue Jan 19, 2010 5:20 pm
Forum: General
Topic: Step by step Load balancing in v4.4 helpfull for many users.
Replies: 55
Views: 12796

Re: Step by step Load balancing in v4.4 helpfull for many users.

You could do policy based load balancing. Eg. splitting the 300 users into 3 groups of 100 - 1 group per WAN connection. See http://wiki.mikrotik.com/wiki/Load_Balancing_over_Multiple_Gateways This is not the ideal solution though. Here's an old forum thread where persistent load balancing using ECM...
by Pada
Tue Jan 19, 2010 4:49 pm
Forum: General
Topic: RB750 OpenVPN thoroughput problem
Replies: 15
Views: 9089

Re: RB750 OpenVPN thoroughput problem

Is your WAN connection stable? When you have heavy packet loss on the WAN connection, you would see a huge drop in OVPN's throughput! I had a similar issue when my WiFi link was unstable. I'm not sure if it could be something related to OpenVPN, since you can get a nice 3MB/s throughput when connect...
by Pada
Tue Jan 19, 2010 12:56 pm
Forum: General
Topic: RB750G changing over from 1Gbps to 100Mbps unexpectedly
Replies: 7
Views: 1203

Re: RB750G changing over from 1Gbps to 100Mbps unexpectedly

No, its connected to a PC with gigabit LAN.
The total cable length is probably 15m. On both ends I have Ethernet wall sockets, for neat cable routing.

So yes, it could simply be a matter of the cable quality not being good enough.
by Pada
Tue Jan 19, 2010 11:13 am
Forum: General
Topic: RB750G changing over from 1Gbps to 100Mbps unexpectedly
Replies: 7
Views: 1203

Re: RB750G changing over from 1Gbps to 100Mbps unexpectedly

thanks kirshteins. I'll try to do some more comprehensive tests tonight. Its a RB750G with ROS 4.4 and it was set to auto-negotiate. I've tried forcing it to 1Gbps, but then I weren't able to link at all. Unfortunately I'm not that clued up on the cables. Its a 8 strand UTP cable that I was using fo...
by Pada
Mon Jan 18, 2010 11:50 pm
Forum: General
Topic: RB750G changing over from 1Gbps to 100Mbps unexpectedly
Replies: 7
Views: 1203

RB750G changing over from 1Gbps to 100Mbps unexpectedly

Hi,

Could someone give ideas as to why my MikroTik RB750G would change its ethernet connection from 1Gbps to 100Mbps, causing all my network connections to drop instantly? I've now gone and forced it to 100Mbps :(
by Pada
Mon Jan 18, 2010 10:39 pm
Forum: General
Topic: PPTP connection, can't ping anything mikrotik
Replies: 9
Views: 13321

Re: PPTP connection, can't ping anything mikrotik

The NAT rule is fine, however I'm not so sure about the mangling. I'm using: /ip firewall mangle add chain=prerouting action=mark-connection connection-mark=vpn passthrough=yes src-address=172.16.10.250-172.16.10.254 add chain=prerouting action=mark-routing new-routing-mark=vpn passthrough=no connec...
by Pada
Mon Jan 18, 2010 10:02 pm
Forum: General
Topic: PPTP connection, can't ping anything mikrotik
Replies: 9
Views: 13321

Re: PPTP connection, can't ping anything mikrotik

My guess is that the packets are received by your MikroTik devices, but that they don't send the new packets back on the correct route. Ensure that the gateway address / routing table entries for the path to the VPN clients are correct. You could also enable a log filter for the forward chain to log...
by Pada
Mon Jan 18, 2010 9:56 am
Forum: General
Topic: Traffic Splitting with address lists and transparent proxy
Replies: 2
Views: 1989

Re: Traffic Splitting with address lists and transparent proxy

Thank you gmsmstr. I'll try to setup the transparent proxy to cache the more expensive Internet connection's contents then, by specifying the route-marking for the proxy redirect NAT entry. Another idea that I had was to host an additional RouterOS instance that is hosting the web proxy & PPTP serve...
by Pada
Mon Jan 18, 2010 1:46 am
Forum: General
Topic: Licence purchase
Replies: 3
Views: 610

Re: Licence purchase

I would also like to know if they are trustworthy...

Otherwise I'll buy from Scoop Distributions for R240 (ZAR, ex 14% VAT), which is roughly $36 USD. The RB750 is quite a bargain, since you get a Level4 license, and it doesn't even cost much more than the license itself!
by Pada
Sun Jan 17, 2010 6:42 pm
Forum: General
Topic: Traffic Splitting with address lists and transparent proxy
Replies: 2
Views: 1989

Traffic Splitting with address lists and transparent proxy

Hi, I'm struggling to get both my transparent proxy and traffic splitting (using prerouting mangle marking of connections, packets & routing) working at the same time. I'm using the same type of mangling as used in this wiki: http://wiki.mikrotik.com/wiki/How_to_apply_different_limits_for_Local/Over...
by Pada
Fri Jan 08, 2010 12:47 pm
Forum: Scripting
Topic: file get contents 4kB limit workarounds?
Replies: 4
Views: 1770

file get contents 4kB limit workarounds?

Hi all,

Is there a way to read the contents of a file bigger than 4kB, since the LUA would only be implemented in ROS v5?

I can write a script on the PC to split the file into 4095 byte files, but I would prefer to have a script that can read the large file without having to split it.
by Pada
Fri Jan 08, 2010 11:35 am
Forum: General
Topic: LoadBal over mixed ADSL type and MTU issues
Replies: 4
Views: 1061

Re: LoadBal over mixed ADSL type and MTU issues

I was just trying to find possible errors, since the one was maybe related to my problem. * EDIT: Ai, I can't believe I was so stupid to exclude the in-interface with the route marking mangle rule, causing the return packets to be marked too! Btw, your initial post has your config posted twice. Also...
by Pada
Fri Jan 08, 2010 12:44 am
Forum: General
Topic: LoadBal over mixed ADSL type and MTU issues
Replies: 4
Views: 1061

Re: LoadBal over mixed ADSL type and MTU issues

Hey Ekkas, I'm now trying to do Local vs International traffic splitting using route markings, but its causing quite a bit of trouble on the return path, since the LAN routes aren't in the Local/International routing tables. I've then added a routing policy for all the LAN destinations to explicitly...
by Pada
Wed Jan 06, 2010 3:38 pm
Forum: General
Topic: RB750 Port Based VLAN
Replies: 19
Views: 16199

Re: RB750 Port Based VLAN

my apologies migo, I skipped the master-port column since your interface names stated master/slave. Why don't you simply upgrade your firmware to ROS 4.4? Setup description: Ethernet interfaces: 1x wan port & 4x local ports VLAN interfaces: 4 vlan's with unique id's assigned to the wan port Bridge i...
by Pada
Wed Jan 06, 2010 3:20 am
Forum: General
Topic: MikroTik as OpenVPN client
Replies: 17
Views: 6257

Re: MikroTik as OpenVPN client

Ensure that the MikroTik's date & time is set correctly. Its best if you could use NTP to automatically obtain the date & time. Without the correct date, the certificates wouldn't be valid.
by Pada
Wed Jan 06, 2010 12:06 am
Forum: General
Topic: RB750 Port Based VLAN
Replies: 19
Views: 16199

Re: RB750 Port Based VLAN

migo, you have to remove/clear the SLAVE (Master Port) options from the Ether3-5 interfaces. I had a similar problem where my VLANs didn't work due to Ether3-5 being the slave of Ether2. Here's my thread where I wanted to have 2 VLAN's on 1 interface: 1 VLAN bridged with the WAN Ethernet interface &...
by Pada
Mon Dec 21, 2009 3:27 pm
Forum: General
Topic: Mikrotik VPN for LAN gaming
Replies: 6
Views: 2826

Re: Mikrotik VPN for LAN gaming

mark, the reason why they can't see the LAN games, is that their LAN games are broadcasting on the wrong interface. They have to change the order of the network interfaces such that the VPN interface is first. In Windows XP this is how you change the order: Open My Network Places>View Network Connec...
by Pada
Mon Dec 21, 2009 12:57 pm
Forum: General
Topic: Proxy src address preservation
Replies: 2
Views: 474

Re: Proxy src address preservation

I don't think its possible to preserve the user's IP address when using any kind of proxy or NAT configuration. Most webservers should be able to retrieve the originating IP address from the HTTP headers, like they do on this page: http://www.whatismyproxy.com/ You might be able to preserve the user...
by Pada
Mon Dec 21, 2009 5:08 am
Forum: General
Topic: Installing OS 4.3 on RB750 os3.29 ??? Problem !!!
Replies: 3
Views: 832

Re: Installing OS 4.3 on RB750 os3.29 ??? Problem !!!

I used WinBox to upgrade mine (RB750G) to 4.3. Version 4.4 is out already.

See this wiki page on how to upgrade ROS using WinBox: http://wiki.mikrotik.com/wiki/Upgrading_RouterOS
by Pada
Sun Dec 20, 2009 7:45 pm
Forum: General
Topic: Firewall and mangle flow questions
Replies: 23
Views: 6267

Re: Firewall and mangle flow questions

Chupaka, thanks again for your expert answers :) Now my understanding of the chains marking & pass-through is way better...
by Pada
Sun Dec 20, 2009 5:29 pm
Forum: General
Topic: Firewall and mangle flow questions
Replies: 23
Views: 6267

Re: Firewall and mangle flow questions

I would also like to know the answers to all the questions Ekkas asked... I've found this awesome MikroTik RouterOS Workshop QoS Best Practice PDF document. I would only guess that you can have only 1 type of each marking (1x packet, 1x connection & 1x route) per packet and that if you mark it again...
by Pada
Sun Dec 20, 2009 12:15 pm
Forum: General
Topic: Firewall rule
Replies: 18
Views: 3503

Re: Firewall rule

/ip firewall filter add chain=forward p2p=all-p2p src-address=client_ip action=accept add chain=forward p2p=all-p2p dst-address=client_ip action=accept add chain=forward p2p=all-p2p action=drop That code would simplify to: /ip firewall filter add chain=forward p2p=all-p2p src-address=!client_ip act...
by Pada
Sun Dec 20, 2009 12:08 pm
Forum: General
Topic: How to set on "scheduler"?
Replies: 3
Views: 543

Re: How to set on "scheduler"?

Run the following command in the Terminal:
/system scheduler print detail
It should list the next-run correctly there I guess.
by Pada
Sun Dec 20, 2009 12:19 am
Forum: General
Topic: PPPoE Relay over OVPN-Client connection
Replies: 0
Views: 478

PPPoE Relay over OVPN-Client connection

I've tried searching for a solution/feature to allow PPPoE Relaying through my OpenVPN Client interface, but I've had no luck so far. People mentioned that you have to create a bridge to allow the PPPoE connection to be "relayed", which is exactly what I've done on my friend's D-Link U2640 by creati...
by Pada
Fri Dec 18, 2009 12:59 am
Forum: General
Topic: Separating user groups on src MAC address
Replies: 3
Views: 670

Re: Separating user groups on src MAC address

Thanks, I have seen/used it, but I'm not sure what the best approach would be? Using VLANs seems like the obvious choice here? However I have no idea if its even possible to have different MAC addreses put on separate VLANs. If you know that its possible, then I'll figure how to do it myself :)
by Pada
Fri Dec 18, 2009 12:55 am
Forum: General
Topic: Routerboard and SNMP
Replies: 3
Views: 1099

Re: Routerboard and SNMP

Maybe you should update the Dude? I haven't used it yet, so I can't say why that would happen. I'll test it tomorrow, I'm simply too tired atm :(
by Pada
Thu Dec 17, 2009 10:13 am
Forum: General
Topic: General question about filtering web traffic
Replies: 5
Views: 856

Re: General question about filtering web traffic

Haha brilliant, I love the http://www.disney.com redirection. I never knew it was as simple as using another DNS server to block non-work content. For those of you that didn't know where to get started with the OpenDNS blocking, see this guide/support article: http://www.opendns.com/support/article/...
by Pada
Thu Dec 17, 2009 4:31 am
Forum: General
Topic: Routerboard and SNMP
Replies: 3
Views: 1099

Re: Routerboard and SNMP

I have a RB750G with ROS 4.3 and my SNMP is working just fine from both the WAN & Local interfaces. Ensure that SNMP is indeed enabled AND listening on 0.0.0.0/0 or at least the address of your WAN interface. To check if its enabled, type the following in the Terminal: /snmp print To check if its li...
by Pada
Thu Dec 17, 2009 4:03 am
Forum: General
Topic: load balancing
Replies: 5
Views: 840

Re: load balancing

edgar_abraham, with load balancing you could get 16Mbps from a single server using 4x 4Mbps connections, BUT you have to at least have 4 separate connections (segmented download) to the server to get 16Mbps with load balancing.
However, with line bonding, you could get 16Mbps with a single connection.
by Pada
Wed Dec 16, 2009 11:05 pm
Forum: General
Topic: Easy vlan question
Replies: 1
Views: 439

Re: Easy vlan question

I would configure one port as a master, and have the other 3 ports set as its slave - this would be faster than bridging all 4 ports. Then the last port I would configure on its own and add a switching rule to add the VLAN ID#3 tag to it. I'm not sure if you can bridge the port with the master port ...
by Pada
Wed Dec 16, 2009 1:33 am
Forum: General
Topic: Problems with DNS for www.google.com
Replies: 173
Views: 41159

Re: Problems with DNS for www.google.com

Some people in South Africa experienced the same - see a thread on one of our local forums: http://mybroadband.co.za/vb/showthread.php?t=207826
by Pada
Wed Dec 16, 2009 1:25 am
Forum: General
Topic: Multiple Public IPs
Replies: 3
Views: 682

Re: Multiple Public IPs

I'm guessing your situation would look like: Internet===<PPPoE 1>===[MikroTik]===LAN: Server 1 & Server 2 ===<PPPoE 2>=== And you want it in such a way that if someone access PPPoE 1's IP:80, it should forward to Server 1, and PPPoE 2:80 should forward to Server 2? For this setup, you would simply n...
by Pada
Wed Dec 16, 2009 12:21 am
Forum: General
Topic: Separating user groups on src MAC address
Replies: 3
Views: 670

Separating user groups on src MAC address

Hi all, I have 2 WAN connections, 1 RB750G and a few people connected on a single unmanaged switch. Is it possible to group certain people (according to their MAC address) to only have access to WAN A, and others to WAN B? I can already setup 2 separate DHCP Pools for the different groups of people,...
by Pada
Wed Dec 16, 2009 12:10 am
Forum: General
Topic: load balancing
Replies: 5
Views: 840

Re: load balancing

Here are 2 MikroTik Wiki pages about Load Balancing: http://wiki.mikrotik.com/wiki/Load_Balancing_over_Multiple_Gateways http://wiki.mikrotik.com/wiki/Improved_Load_Balancing_over_Multiple_Gateways (quite similar to the PCC link Caci99 gave) I hope that you know the difference between Line bonding a...
by Pada
Tue Dec 15, 2009 7:52 pm
Forum: General
Topic: [SOLVED] WAN bridging/NAT depending on VLAN ID
Replies: 4
Views: 9853

Re: WAN bridging/NAT depending on VLAN ID

Thanks Cupaka, but I didn't really understand what you meant by that :( I've eventually managed to get it working like I wanted: It was actually very very simple: Created VLAN1 & VLAN2 on the Ether4 (connected to the WiFi AP) Created a bridge-WAN (with DHCP client enabled): Ether1 & VLAN1 Created a ...
by Pada
Tue Dec 15, 2009 3:09 am
Forum: General
Topic: [SOLVED] WAN bridging/NAT depending on VLAN ID
Replies: 4
Views: 9853

Re: WAN bridging/NAT depending on VLAN ID

Chupaka, thank you for your attempt/interest. Here's a more accurate/current diagram of my network configuration - see attachment. Here's all the info that I think is relevant (otherwise it would be 80kB's other stuff): /interface bridge add admin-mac=00:00:00:00:00:00 ageing-time=5m arp=enabled aut...
by Pada
Mon Dec 14, 2009 10:58 pm
Forum: Scripting
Topic: Scheduler jobs not appearing in WinBox's Jobs list
Replies: 5
Views: 1516

Re: Scheduler jobs not appearing in WinBox's Jobs list

Ah thanks. I must say that I'm quite impressed with all the features of the RB750G: I thought I knew enough about TCP/IP routing, until I had to configure RouterOS... :D I quite enjoy it to have multiple IP addresses on the same Interface to easily manage all my Routers/Access Points that are on dif...
by Pada
Mon Dec 14, 2009 10:55 pm
Forum: General
Topic: [SOLVED] WAN bridging/NAT depending on VLAN ID
Replies: 4
Views: 9853

[SOLVED] WAN bridging/NAT depending on VLAN ID

Is it possible to NAT & bridge on the same Ethernet (WAN) interface by using different VLAN's? See the attached image for my network setup that I want. I currently have VLAN 1 bridged with my local Ethernet ports (in a NAT configuration) on my RB750G with RouterOS 4.3. How would I go about to let VL...
by Pada
Mon Dec 14, 2009 5:30 pm
Forum: General
Topic: [solved] ovpn-client connected, but destinations unreachable
Replies: 0
Views: 1516

[solved] ovpn-client connected, but destinations unreachable

I've struggled for a few hours to figure out why my OpenVPN client (using RB750G with RouterOS 4.3) didn't want to route correctly. It connected fine to the Windows OVPN server, applied the routing table entries pushed from the server, but the routing table entries remained "unreachable". Here's my ...
by Pada
Mon Dec 14, 2009 5:12 pm
Forum: Scripting
Topic: Scheduler jobs not appearing in WinBox's Jobs list
Replies: 5
Views: 1516

Re: Scheduler jobs not appearing in WinBox's Jobs list

I don't see the point in trying different examples, if the Jobs tab doesn't even have a button to add new Jobs :( Here's my simple scheduled job (which already ran as you can see) and my simple script: /system scheduler> print detail Flags: X - disabled 0 ;;; Test Script name="Test" start-date=dec/1...
by Pada
Mon Dec 14, 2009 4:29 pm
Forum: Scripting
Topic: Scheduler jobs not appearing in WinBox's Jobs list
Replies: 5
Views: 1516

Scheduler jobs not appearing in WinBox's Jobs list

I've noticed with WinBox (and RouterOS 4.3 on my RB750G) the Jobs tab in the System: Scripts Lists aren't showing any scheduled jobs and neither does it allow me to add new ones.
When using the terminal, the scheduling is working just fine.

Anyone else experiencing the same or know of a fix for this?
by Pada
Wed Dec 09, 2009 1:06 am
Forum: General
Topic: OpenVPN Server on RouterOS v4.3 with no user/password?
Replies: 4
Views: 894

Re: OpenVPN Server on RouterOS v4.3 with no user/password?

OK, thanks for your advice. Its much appreciated.
by Pada
Wed Dec 09, 2009 12:43 am
Forum: General
Topic: OpenVPN Server on RouterOS v4.3 with no user/password?
Replies: 4
Views: 894

Re: OpenVPN Server on RouterOS v4.3 with no user/password?

thanks for the lightening fast reply!

Do you perhaps have any idea if future releases would be able to host OpenVPN servers with a proper OpenVPN config that can push routes and go without user/password auth?
by Pada
Tue Dec 08, 2009 11:58 pm
Forum: General
Topic: OpenVPN Server on RouterOS v4.3 with no user/password?
Replies: 4
Views: 894

OpenVPN Server on RouterOS v4.3 with no user/password?

Hi, I it possible to run an OpenVPN server in RouterOS 4.3 with no username & password? I've searched the forums and came across the following post. I would appreciate it if someone can tell me if all of the points mentioned below are true: ... 1 ) username/password is always required 2 ) require-cl...