Community discussions

MUM Europe 2020

Search found 61 matches

by Smith
Sun Nov 29, 2009 7:24 pm
Forum: General
Topic: router hacked?
Replies: 3
Views: 783

Re: router hacked?

If you are using CF card or ordinary hard disk you can mount it to any other linux and check log files.
by Smith
Sun Nov 29, 2009 7:09 pm
Forum: General
Topic: Logging to Disk Issue / Feature Request?
Replies: 8
Views: 1249

Re: Logging to Disk Issue / Feature Request?

I am not sure what are you trying to accomplish. If you are only trying to split logs from many mikrotik routers to different log files, on a syslog server, you can do this: for redhat based systems (fedora, centos...) put inside rsyslog.conf: :programname,isequal,"YOUR MIKROTIK PREFIX" /var/log/mik...
by Smith
Mon Nov 09, 2009 10:50 am
Forum: General
Topic: please i want help
Replies: 1
Views: 419

Re: please i want help

AP isolation in mikrotik is named "Default forward". You will find it in Interface setup. You can set it as default and override it per user in access list.
by Smith
Thu Nov 05, 2009 4:50 pm
Forum: General
Topic: PPP (pass-all wildcard)
Replies: 6
Views: 912

Re: PPP (pass-all wildcard)

Exactly, both sides use known password to encrypt data and exchange keys. If they succeed, then password is correct...
by Smith
Tue Nov 03, 2009 6:37 pm
Forum: General
Topic: PPP (pass-all wildcard)
Replies: 6
Views: 912

Re: PPP (pass-all wildcard)

Even then, radius is unable to send access accept for encrypted connections. Only PAP will go. And, because windows is setup to try PAP only if nothing else is available, majority of connections will not pass. It can be done if Mikrotik is setup for PAP only. And, even then, there will be windows co...
by Smith
Mon Nov 02, 2009 9:05 am
Forum: General
Topic: per session bandwidth limit
Replies: 7
Views: 2452

Re: per session bandwidth limit

I am not sure what are you asking. If you want users to have traffic shaping assigned on connect you can setup radius for that, or setup simple queue and static ip addresses...
by Smith
Sun Nov 01, 2009 4:38 pm
Forum: General
Topic: Radius attributes extension
Replies: 3
Views: 1130

Re: Radius attributes extension

I wasn't talking about traffic shaping, just traffic counting. For example, we can have 1 rule/filter that counts local traffic and 1 one rule/counter that counts the rest of the traffic. When user disconnects we can send those counters inside Stop Packet. Or we can have counters for port 80 and cou...
by Smith
Sat Oct 31, 2009 10:35 pm
Forum: General
Topic: Virus Drop
Replies: 3
Views: 754

Re: Virus Drop

99% of the time virus is trying to send spam, solution is to block outgoing port 25. Also, it is a good practice to block packets destined to port 25 outside your network. Most of the time that traffic belongs to viruses. Even if not, human users can easily use smtp-auth to send emails, and smtp-aut...
by Smith
Sat Oct 31, 2009 10:31 pm
Forum: General
Topic: List of attributes for USER
Replies: 18
Views: 2624

Re: List of attributes for USER

Good, i am glad you got it working :) Good luck with your service :)

br
by Smith
Sat Oct 31, 2009 8:57 pm
Forum: General
Topic: Weird ping time issue
Replies: 2
Views: 464

Re: Weird ping time issue

Your uplink is full and ping suffers. Did you even bother to check uplink interface traffic during high ping intervals?
by Smith
Fri Oct 30, 2009 7:51 pm
Forum: General
Topic: Radius attributes extension
Replies: 3
Views: 1130

Radius attributes extension

I don't know if it's possible but... By now, only possible solution for billing users differently based on where they go and what kind of traffic they make was to use traffic-flow. But, is it possible to use Framed-Filter and radius attributes extension to accomplish the sam thing? For example, when...
by Smith
Fri Oct 30, 2009 9:42 am
Forum: General
Topic: List of attributes for USER
Replies: 18
Views: 2624

Re: List of attributes for USER

In every section (authorize,instantiate,accounting) daily counter is at the end? It looks like you have daily counter before chap, pap etc. modules?
by Smith
Thu Oct 29, 2009 11:28 pm
Forum: General
Topic: List of attributes for USER
Replies: 18
Views: 2624

Re: List of attributes for USER

You need to limit user monthly? Or you are selling internet time and user has no time limit to spend it?
Maybe you don't need this, it depends on what you exactly want to accomplish...
by Smith
Thu Oct 29, 2009 8:23 pm
Forum: General
Topic: List of attributes for USER
Replies: 18
Views: 2624

Re: List of attributes for USER

Huh, you got it wrong again, but at least your question was precise this time :) counter daily { filename = ${raddbdir}/db.daily key = User-Name count-attribute = Acct-Session-Time reset = daily counter-name = Daily-Session-Time check-name = Max-Daily-Session allowed-servicetype = Framed-User cache-...
by Smith
Thu Oct 29, 2009 10:20 am
Forum: General
Topic: List of attributes for USER
Replies: 18
Views: 2624

Re: List of attributes for USER

This is why i hate this kind of conversation. Maybe you didn't mean to sound like you sounded to me. But, i felt like i was occused of being rude and telling you "go away". Maybe you didn't mean that, maybe you did. I don't know. You should have been more precise in what you want. I am sorry if this...
by Smith
Wed Oct 28, 2009 4:20 pm
Forum: General
Topic: PPP Bridge
Replies: 11
Views: 1933

Re: PPP Bridge

Don't bridge P2P links, bridge only interfaces you have users connected on. If you need to bridge two interfaces on different location use eoip tunnel for example, and then put that tunnel to bridge, together with user interface.
by Smith
Wed Oct 28, 2009 4:10 pm
Forum: General
Topic: Tracking down nat'd traffic through single Public IP
Replies: 5
Views: 727

Re: Tracking down nat'd traffic through single Public IP

Just be careful. It takes lot of disk space and lot of CPU to track all users. Don't be surprised if you spend few GBs per day for data... And you need very fast CPU and lot of memory and dedicated server for calculating.
by Smith
Wed Oct 28, 2009 3:57 pm
Forum: General
Topic: List of attributes for USER
Replies: 18
Views: 2624

Re: List of attributes for USER

What are you talking about? If you've read my post carefuly you would see that i told you what exact feature to search for in radius setup. But, i guess it is lot easier to feal sorry for your self and try to gain some simpaty that way? Or do you expect me to search for it? Ok, here it is: # counter...
by Smith
Sun Oct 25, 2009 11:40 am
Forum: General
Topic: Custom firewall rules with DHCP and radius
Replies: 2
Views: 632

Re: Custom firewall rules with DHCP and radius

Try to set arp to reply-only and for dhp check "add arp for leases only".
I think that this way if user sets static ip manualy he will not be able to pass through because mikrotik doesn't have his mac address in arp table.
by Smith
Sat Oct 24, 2009 6:09 pm
Forum: General
Topic: PPP Bridge
Replies: 11
Views: 1933

Re: PPP Bridge

http://wiki.mikrotik.com/wiki/User_Manager/PPP_Example#PPP_server_configuration "Set IP address of the PPPoE server, IP address might not be assigned to the interface of PPPoE server. Moreover static IP address or DHCP should not be used on the same interfaces as the PPPoE server for security reason...
by Smith
Sat Oct 24, 2009 6:05 pm
Forum: General
Topic: Interim-Update and FreeRadius
Replies: 3
Views: 2686

Re: Interim-Update and FreeRadius

Nothing.
by Smith
Sat Oct 24, 2009 6:00 pm
Forum: General
Topic: virtual-ethernet
Replies: 7
Views: 1954

Re: virtual-ethernet

Not realy, i was trying to do that. I've used nonexistent mac address and all users on that bridge disconnected without being able to connect again :(
by Smith
Sat Oct 24, 2009 1:10 am
Forum: General
Topic: virtual-ethernet
Replies: 7
Views: 1954

Re: virtual-ethernet

I know that, but i need to have two pppoe servers on those two virtual ethernet interfaces. Every virtual ethernet interface is bridged with different AP's. I need that so that i can always have same MAC address of each pppoe server. If i put those pppoe servers on bridge interfaces i can't be 100% ...
by Smith
Sat Oct 24, 2009 12:31 am
Forum: General
Topic: Interim-Update and FreeRadius
Replies: 3
Views: 2686

Re: Interim-Update and FreeRadius

You need to send DM (disconnect message).

http://wiki.freeradius.org/Disconnect_Messages
by Smith
Sat Oct 24, 2009 12:10 am
Forum: General
Topic: virtual-ethernet
Replies: 7
Views: 1954

Re: virtual-ethernet

No. I was hoping that i can have something like eth0:1, eth0:2 etc. that is very easy to do on standard linux... Is that possible?
by Smith
Fri Oct 23, 2009 11:49 pm
Forum: General
Topic: Which realm should appear in radacct?
Replies: 3
Views: 1100

Re: Which realm should appear in radacct?

I made a mistake with Service-Type. Service-Type is "Framed-User". Sorry for misleading... Anyway, here are some of the attributes. The other ones you were referring to are sent by Cisco equipment and maybe some thers but not by Mikrotik. Service-Type Framed-Protocol NAS-Port NAS-Port-Type User-Name...
by Smith
Fri Oct 23, 2009 10:39 pm
Forum: General
Topic: List of attributes for USER
Replies: 18
Views: 2624

Re: List of attributes for USER

You need to do that on radius side, mikrotik has nothing to do with that. Look at freeradius documentation, search for counter module.
by Smith
Fri Oct 23, 2009 10:37 pm
Forum: General
Topic: Interface Affection
Replies: 2
Views: 486

Re: Interface Affection

No, except MTU, i am not sure about that...
by Smith
Fri Oct 23, 2009 10:04 pm
Forum: General
Topic: Which realm should appear in radacct?
Replies: 3
Views: 1100

Re: Which realm should appear in radacct?

In your sql.conf (i am ssuming you are using freeradius) look for %{Realm} and replace that with %{Mikrotik-Realm}. The rest is not sent back by Mikrotik. Groupname is the name of group user belongs to (used in radgroupreply), so you can do some mysql changes in sql.conf to put that data in radacct ...
by Smith
Fri Oct 23, 2009 4:53 pm
Forum: General
Topic: Mikrotik PPPoE Server, RADIUS, Windows Xp issue
Replies: 11
Views: 2589

Re: Mikrotik PPPoE Server, RADIUS, Windows Xp issue

As far as i know you can use CHAP and MS-CHAP, but don't use MS-CHAP v2. I think that there are some issues in linux kernel regarding MPPE encryption and losing sync after few MB. It is not Mikrotik issue, it is linux MPPE issue from while ago.
by Smith
Fri Oct 23, 2009 4:44 pm
Forum: General
Topic: virtual-ethernet
Replies: 7
Views: 1954

virtual-ethernet

What am i missing? I am using ROS 3.30 x86 and Intel Dual Core based PC. I am trying to add virtual-ethernet to existing ether0 interface. When i try to do that in winbox i get "feature not implemented yet" If i try to do that in command line i can't because function doesn't even exist /interface vi...
by Smith
Sun Sep 07, 2008 11:27 pm
Forum: Beginner Basics
Topic: ovpn server with preshared key and group auth
Replies: 0
Views: 744

ovpn server with preshared key and group auth

Hello all, i was wondering if anyone has achieved vpn/preshared key/group auth, like cisco ASA can do. I can establish pptp server with preshared key but i can't establish anything similar to my subject, so that i am able to connect to my office with cisco vpn client.

Thank you
by Smith
Mon Mar 31, 2008 11:33 am
Forum: Wireless Networking
Topic: Low signal After one month
Replies: 10
Views: 1508

Re: Low signal After one month

This has been covered in the past, can't remember the thread title. The quick of it, static buildup on the omni is blowing the diversity chip. Run a ground up the omni to about 2-3 inches above the top. Can you provide some pictures because i lost 6 cards already, all with same symptoms: after mont...
by Smith
Tue Jan 22, 2008 6:38 pm
Forum: General
Topic: R52H best setup
Replies: 4
Views: 856

Re: R52H best setup

I am using r52h because it has good output power, next card in that price range is compex 200 mw, but it has almost twice lower output power...
by Smith
Mon Jan 21, 2008 10:28 pm
Forum: General
Topic: R52H best setup
Replies: 4
Views: 856

Re: R52H best setup

Yes, i use antenna, and yes, i use grounding...
by Smith
Mon Jan 21, 2008 12:36 pm
Forum: General
Topic: R52H best setup
Replies: 4
Views: 856

R52H best setup

I am having big problems with R52H. They failed on me on 3 out of 7 times. Description of my problem: setup: all left at default, including output power... It works great for two weeks up to one month and then drops down to half of its output strength. For example, scanning with ovislink 5460ap give...
by Smith
Wed Oct 10, 2007 9:47 pm
Forum: General
Topic: incoming-filter, not sure what to do
Replies: 4
Views: 3892

Re: incoming-filter, not sure what to do

Thank you, that worked :)
by Smith
Wed Oct 10, 2007 8:34 pm
Forum: General
Topic: incoming-filter, not sure what to do
Replies: 4
Views: 3892

Re: incoming-filter, not sure what to do

Yes, two dynamic rules are made upon connect, with jump to ppp.out, but nothing goes through those rules...
by Smith
Wed Oct 10, 2007 4:58 pm
Forum: General
Topic: incoming-filter, not sure what to do
Replies: 4
Views: 3892

incoming-filter, not sure what to do

I am not sure what would be exact firewall rules to have incoming-filter per profile. i've made new chain, named ppp.out, in it i am allowing only two IP's (just for testing). ppp rules are dynamicaly made upon connect and they have two jumps to ppp.out, but nothing is passing through them, and enti...
by Smith
Sun Apr 22, 2007 2:29 pm
Forum: General
Topic: Freeradius/mysql question
Replies: 2
Views: 767

this is realy not mikrotik question :)
google for mysql_auth for apache...
by Smith
Sat Apr 21, 2007 12:48 am
Forum: General
Topic: Routing mystery.
Replies: 17
Views: 2936

It is late here in my timezone (1am). But you can disable those ospf networks and then route everything staticaly, like you wanted. routing ospf export print you will get list of networks that were added to ospf redistribution then use remove command to remove those networks remove item id after tha...
by Smith
Sat Apr 21, 2007 12:30 am
Forum: General
Topic: Routing mystery.
Replies: 17
Views: 2936

routing ospf export
by Smith
Fri Apr 20, 2007 11:31 pm
Forum: General
Topic: Routing mystery.
Replies: 17
Views: 2936

i see some ospf routes but i can't find ospf setup anywhere? :not sure:
by Smith
Fri Apr 20, 2007 11:14 pm
Forum: General
Topic: Multiple Gateways Load Balancing
Replies: 5
Views: 1108

Re: Multiple Gateways Load Balancing

Hi. Im trying to setup a ballancing between two or more routers conneted to wan dsl lines. The problem is that by simply adding a second route dosent solves the problem but actually creating one. The problem is that when for example somebody browsing or streaming audio and some packets are sent thr...
by Smith
Fri Apr 20, 2007 11:10 pm
Forum: General
Topic: Uploadshaping with simple queues does not work
Replies: 6
Views: 1196

Hi Smith, the problem is that all wlan-accesspoints in our environment are configured as bridge, routing is done by cisco-routers. Bridge is not the only way to make it work. Try routing, shaping will work, trust me... does that mean that queues only work in routing-mode? I am not sure how shaping ...
by Smith
Thu Apr 19, 2007 11:18 pm
Forum: General
Topic: Uploadshaping with simple queues does not work
Replies: 6
Views: 1196

Re: Uploadshaping with simple queues does not work

It is configured as wlan-accesspoint. therefore eth1&wlan1 are configured as bridge.
Bridge is not the only way to make it work. Try routing, shaping will work, trust me...
by Smith
Thu Apr 19, 2007 9:30 am
Forum: General
Topic: Routing mystery.
Replies: 17
Views: 2936

Can you post "system export" here. You can omit any data that you don't want us to see, but keep the addresses and routing intact.
I need system export from both MT.
Thank you.
by Smith
Wed Apr 18, 2007 11:42 pm
Forum: General
Topic: Routing mystery.
Replies: 17
Views: 2936

1 chain=srcnat out-interface=wlan1 dst-address=10.0.0.0/8 action=masquerade

10.0.0.0/8 is including 10.3.2.1 too. You are NATing the router itself if i am right... Why do you use NAT?
by Smith
Wed Apr 18, 2007 11:06 pm
Forum: General
Topic: How to limit bandwidth to an IP?
Replies: 1
Views: 1062

Have you tried to make 2 queues? If you are doing NAT maybe you can try incoming traffic from 203.84.155.0 to put in one queue and outgoing traffic from your network to another queue and naming exact interface where that traffic will go through...
by Smith
Wed Apr 18, 2007 10:50 pm
Forum: General
Topic: both routers reboots often (ones dayly), no log entries.
Replies: 3
Views: 766

Check current and voltage. If those two are not OK board will reset when burdened. Or maybe you have some scripts that reboot your boards daily or on some other condition...
by Smith
Wed Apr 18, 2007 10:41 pm
Forum: General
Topic: Split UpStream & Downstream
Replies: 14
Views: 2186

I don't think it is possible without BGP. If you send a packet to some server and start TCP connection that server will send back his packets same way the requesting packets came. On the other hand. Let's say that i am staring connection with your server and am coming to your gateway 2 (your downstr...
by Smith
Wed Apr 18, 2007 8:25 pm
Forum: General
Topic: lost licence during update
Replies: 3
Views: 1265

I had a same problem. Didn't even try to talk to Mikrotik about getting a new license. Problem is not in your licence. During upgrade/format procedure system id changed. License is directly connected to system ID. Let's be real. There is no way to prove that it was an accident nor that anyone could ...
by Smith
Wed Apr 18, 2007 8:03 pm
Forum: General
Topic: OSPF - default static route not redistributed
Replies: 8
Views: 1717

I had problems with OSPF when i was using CM9 and enabled compression. Routes were not distributing at all. After disabling CM9 compression (and losing 1mbps of bandwidth :( ) everything works :(
by Smith
Wed Apr 18, 2007 3:27 pm
Forum: General
Topic: simple queue doesn't work when traffic inside same network
Replies: 3
Views: 1043

simple queue doesn't work when traffic inside same network

clients on wlan0 uplink on wlan1 wlan0: 172.16.1.1/24 wlan1: 172.16.2.1/24 users can access internet, routed over wlan1 shaping works for everything that is outside, routed over wlan1 shaping doesn't work when users download between each other. while watching simple queues traffic i can see no traff...
by Smith
Thu Apr 05, 2007 11:00 am
Forum: RouterBOARD hardware
Topic: CM9 compression enabled and OSPF
Replies: 0
Views: 993

CM9 compression enabled and OSPF

Using 2 CM9 for PTP link. OSPF active. When compression enabled there is no OSPF routes distribution. When compression disabled everything works like a charm, but i am loosing 1mbps of bandwidth without compression. Did anyone had similar problems?
by Smith
Thu Dec 28, 2006 10:26 am
Forum: Wireless Networking
Topic: wireless interface driver problems
Replies: 4
Views: 910

I have updated firmware and everything works superb now :) This problem cost me one license because for some reason License key changed after reinstall, but at least it s behind me now :)
by Smith
Tue Dec 26, 2006 3:23 pm
Forum: Wireless Networking
Topic: wireless interface driver problems
Replies: 4
Views: 910

update

After some googling i came up with this: A problem exists with WRAP boards which do not correctly detect the card on a cold boot. After a reboot the card works properly. WRAP boards with firmware 1.11 or newer cold boot properly and do not have this problem. Firmware version on my wrap board is 1.09...
by Smith
Tue Dec 26, 2006 2:11 pm
Forum: Wireless Networking
Topic: wireless interface driver problems
Replies: 4
Views: 910

wireless interface driver problems

Using Wrap .2C Geocode 1100 1. wireless card CM9 2. wireless card NMP-8602 PLUS (FCC) RouterOS 2.9.38 After first install both cards are visible in system. After power off/ power on (simulating power failure) one card is missing fom system (NMP). After "system reboot" card is visible again. After di...
by Smith
Mon Dec 19, 2005 3:05 pm
Forum: Wireless Networking
Topic: Atheros 5413
Replies: 16
Views: 6206

Thank you :)
by Smith
Mon Dec 19, 2005 2:46 pm
Forum: Wireless Networking
Topic: Atheros 5413
Replies: 16
Views: 6206

Atheros 5413

Does MT have atheros 5413 support?

10x in advance