Might be being slow on a Sunday, but why is there a difference between the new MSS of 1360 and 1453 for the old MSS?
/ip firewall mangle add action=change-mss chain=forward new-mss=1360 protocol=tcp tcp-flags=syn tcp-mss=1453-65535
this sounds correct and usable, however wouldn't the implicit rule at the end of the chain just accept them anyhow?add chain=input/forward protocol=tcp fragment=yes action=accept
Hopefully they mean RFC4638 support.Hi Strods, can you explain this?6.33rc15 will be released today.
*) pppoe - added support for MTU > 1492 on PPPoE;
I always used PPPoE at 1500Byte.
Poster wants PPP bridged over Ethernet not Ethernet bridged over PPP.
add action=mark-connection chain=prerouting comment=VPN \ new-connection-mark=VPN port=1194 protocol=udp add action=mark-packet chain=prerouting new-packet-mark=VPN connection-mark=VPN \ passthrough=no
I have a Huawei E3131 that has an external connector. It needs some faffing about to get it into modem mode and didn't dial PPP until 6.15 but now works well.Hello:
Can anyone recommend me a USB 3G modem with connection for an external antenna for use with a router mikrotik RB951Ui-2HnD?
*) ppp - fixed ppp bridging (did not work since v6.6);
That's a pre-shared key for IPsec - L2TP is just a wrapper in this case.*) ipsec - new exchange mode (main-l2tp) for l2tp tunnel users to allow
FQDN as a peer ID with preshared key authorization in main mode;
Isn't it this - http://tools.ietf.org/search/rfc2661#section-5.1.1?Since this is not a standard (if it is, let us know which), it seems your ISP is pushing for a specific brand product. I would object to this.
I had this also (from 6.1 to 6.2). When I upgraded to 6.3 the rules remained in place.After upgrading from 6.0 to 6.2 all my INPUT firewall rules disappeared. Is this fixed in 6.3?
Bridge.Where do I set that?Does setting the port to edge=yes-discover help?
On the bridge or the ethernet ports.
[admin@router] > /interface ethernet export compact # aug/20/2012 10:21:53 by RouterOS 5.20 # software id = WEY9-YK6I # /interface ethernet set 0 comment=Modem set 1 comment=Internal set 2 master-port=ether2 set 3 arp=reply-only comment=Untrusted set 4 comment=External [admin@router] >
Just overtype the 2M with the value you want.I have a similar requirement, I need to limit traffic on one interface to 5M down. Are simple queues the right tool for this? In webfig the max target download speed seems to be 2M.
Doesn't appear to be a checkbox in Winbox for the email STARTTLS option though it is in the command line.What's new in 5.17 (2012-May-28 12:34):
*) tool email - added starttls option;
Can you clarify the answer - they obviously are matched as they match the log action and the second firewall entry that doesn't match on src-address-list - do you mean that they are not matched in the address-list?DHCP packets are not matched in firewall.