Community discussions

Search found 519 matches

  • 1
  • 2
  • 3
  • 4
  • 5
  • 11
by AlainCasault
Thu Apr 11, 2019 2:59 pm
Forum: General
Topic: CPU Utilization reaches 100%
Replies: 3
Views: 281

Re: CPU Utilization reaches 100%

So I'm guessing you're doing a lot of queuing :D As ROS is software with no specialized ASICs, the more features one configures, the more hits the CPU takes. Check MUM presentations to see if there are suggestions about optimizing queues. There are presentations that talk about the load layer 7 filt...
by AlainCasault
Wed Apr 10, 2019 8:47 pm
Forum: General
Topic: CPU Utilization reaches 100%
Replies: 3
Views: 281

Re: CPU Utilization reaches 100%

Hello,

Your issue is something special because, indeed, the stats are good.

Have you tried to use Tools->Profil? That'll give you a hint.
by AlainCasault
Wed Apr 10, 2019 5:02 pm
Forum: General
Topic: Telnet function not working anymore since several versions
Replies: 5
Views: 241

Re: Telnet function not working anymore since several versions

Hello,

Thinks to check...

Has telnet been disabled in IP->SERVICES?
Has the user been modified to refuse telnet access?

Cheers
by AlainCasault
Wed Apr 10, 2019 4:10 pm
Forum: Beginner Basics
Topic: Any ideas how to block andriod/ios app in mikrotik router???
Replies: 1
Views: 122

Re: Any ideas how to block andriod/ios app in mikrotik router???

You don't use the firewall to block an app, you block communications based on protocol and port number, as you know. But!!!! Maybe you could sniff the communications and see if the app has a signature (look that up on MikroTik's website. Later 7 signatures). You might get more success there but if n...
by AlainCasault
Wed Apr 10, 2019 4:04 pm
Forum: General
Topic: RB4011 Fail to netinstall
Replies: 2
Views: 174

Re: RB4011 Fail to netinstall

Or maybe personal firewall. I've seen this before. And always disable unused interfaces on the laptop. That also has been an issue.

Sent from my cell phone. Sorry for the errors.

by AlainCasault
Wed Apr 10, 2019 3:56 pm
Forum: Beginner Basics
Topic: alternative to scheduler
Replies: 5
Views: 231

Re: alternative to scheduler

Actually, you could use netmonitor.... I think that's what it's called.

Once you reach a threshold, either in our out, the script is run.

Sent from my cell phone. Sorry for the errors.

by AlainCasault
Fri Apr 05, 2019 9:17 pm
Forum: General
Topic: RB4011iGS not in Winbox Neighbors tab
Replies: 1
Views: 121

Re: RB4011iGS not in Winbox Neighbors tab

Hello

Check your ip-neighbour-settings

Then interface list

Maybe the port you're connected to doesn't send mndp anymore.

Sent from my cell phone. Sorry for the errors.

by AlainCasault
Fri Apr 05, 2019 9:15 pm
Forum: General
Topic: Infected Routerboard sending SPAM
Replies: 7
Views: 513

Re: Infected Routerboard sending SPAM

Hello,

Netinstall and start from scratch.


Sent from my cell phone. Sorry for the errors.

by AlainCasault
Fri Apr 05, 2019 9:13 pm
Forum: General
Topic: Debugging NTP issue with packet sniffer [SOLVED]
Replies: 4
Views: 247

Re: Debugging NTP issue with packet sniffer [SOLVED]

Hello If you want to see ntp traffic, add a firewall rule with: Chain=input Protocol=UDP Dst.port=123 Action=log Make sure it's on top and you'll see everything for ntp. Add the proper in interface to see only internal requests. I'm not in front of a router, but check to see if your ntp server has m...
by AlainCasault
Fri Apr 05, 2019 8:15 pm
Forum: Wireless Networking
Topic: How to list devices around mk?
Replies: 5
Views: 287

Re: How to list devices around mk?

Whichever tool you use, I suggest NOT using your AP as it'll drop current clients. Your kids won't like you ;)

Use a spare router.

Ahs yes, snooper is good IMHO and gives a loooot of information.

Sent from my cell phone. Sorry for the errors.

by AlainCasault
Fri Apr 05, 2019 7:55 pm
Forum: General
Topic: Mangle rules, can we have content wildcards
Replies: 1
Views: 144

Re: Mangle rules, can we have content wildcards

Hello, I'd say no. I do that to block those very same sites and as you can tell, there are no common strings between youtube and googlevideo :D Go with 2 rules. Be careful though; wanting to block the YouTube app, I wound up blocking other sites. Still not sure how or why !!??!?! Sent from my cell p...
by AlainCasault
Fri Apr 05, 2019 7:45 pm
Forum: General
Topic: how to close all UDP ports on mikrotik?
Replies: 3
Views: 299

Re: how to close all UDP ports on mikrotik?

To piggy back on rich1's comment, do it for only THAT host

Shouldn't be hard to find the guilty party. If you don't know who's doing it, add a forward rule that only logs UDP outbound.

Cheers


Sent from my cell phone. Sorry for the errors.

by AlainCasault
Fri Apr 05, 2019 7:42 pm
Forum: General
Topic: Block DropBox with firewall
Replies: 2
Views: 231

Re: Block DropBox with firewall

Try the tls-host field in a mangle rule. It works for me blocking other sites like Netflix.

And you can use the same marking in simple queues to rate limit.

Cheers,

Sent from my cell phone. Sorry for the errors.

by AlainCasault
Fri Apr 05, 2019 7:35 pm
Forum: Beginner Basics
Topic: Can someone help identify this router..
Replies: 8
Views: 543

Re: Can someone help identify this router..

At any rate, once you find out the model, go on routerboard.com, search for end of life models and the specs should be there.

Sent from my cell phone. Sorry for the errors.

by AlainCasault
Fri Apr 05, 2019 7:33 pm
Forum: Beginner Basics
Topic: Can someone help identify this router..
Replies: 8
Views: 543

Re: Can someone help identify this router..

Hello

Don't you have physical access?

The sticker under should have all the details.

Regards,


Sent from my cell phone. Sorry for the errors.

by AlainCasault
Fri Apr 05, 2019 3:15 pm
Forum: Wireless Networking
Topic: Band and AP steering
Replies: 1
Views: 171

Re: Band and AP steering

I haven't seen if it's possible but would looooove to make that work.

I have devices that regularly select a weaker AP then the users complain of slow Internet access (your network sucks...) :D



Sent from my cell phone. Sorry for the errors.

by AlainCasault
Fri Apr 05, 2019 2:54 pm
Forum: General
Topic: microtik L2TP server and microtik Client
Replies: 1
Views: 128

Re: microtik L2TP server and microtik Client

Hello SUD Please see this regarding licence questions: https://wiki.mikrotik.com/wiki/Manual:License As for only 5 tunnels working, there shouldn't be any issues with having more. It would be good if you posted your config and any error message you may have on your logs. Cheers, Sent from my cell ph...
by AlainCasault
Mon Apr 01, 2019 4:00 pm
Forum: Wireless Networking
Topic: 34km link low CCQ
Replies: 13
Views: 853

Re: 34km link low CCQ

Use that mikrotik protocol thing
NV2 ;)

Sent from my cell phone. Sorry for the errors.

by AlainCasault
Fri Mar 29, 2019 6:56 pm
Forum: Wireless Networking
Topic: 34km link low CCQ
Replies: 13
Views: 853

Re: 34km link low CCQ

Did not see much channel usage for this frequency in the snooper, freq usage or scan. What option is Greenfield. I am currently researching it.
It's an expression meaning that you don't mix modes (a/n/ac) but rather stick with just one (ac).


Sent from my cell phone. Sorry for the errors.

by AlainCasault
Thu Mar 28, 2019 11:25 pm
Forum: Wireless Networking
Topic: 34km link low CCQ
Replies: 13
Views: 853

Re: 34km link low CCQ

Have you tried the built-in tools to analyze the RF (scan, shopper)?

Have you also tried seeing it up as Greenfield, not a/n/AC?

Otherwise, signal levels are good... Snr good...



Sent from my cell phone. Sorry for the errors.

by AlainCasault
Wed Mar 27, 2019 2:04 pm
Forum: Beginner Basics
Topic: winbox on linux with firewall active
Replies: 3
Views: 162

Re: winbox on linux with firewall active

Actually, the way I'm reading this, his MAC-WINBOX is being blocked.

You should allow udp src.port 5678 so that the return traffic is allowed.

You should then see your routers.

Regards,


Sent from my cell phone. Sorry for the errors.

by AlainCasault
Tue Mar 26, 2019 3:06 pm
Forum: Beginner Basics
Topic: Connecting two routers in two buildings with cable
Replies: 8
Views: 510

Re: Connecting two routers in two buildings with cable

I'd go with OSPF and let everything sort itself our ;)

Take a look at https://alaincasault.com/ca/posts/, the post named. "Redundant WAN links".

When the failure is in the ISP's infrastructure, the regular "check gateway" doesn't help much.

Cheers,


Sent from my cell phone. Sorry for the errors.

by AlainCasault
Tue Mar 19, 2019 12:40 am
Forum: Scripting
Topic: How to really make backups (by script) ?
Replies: 15
Views: 618

Re: How to really make backups (by script) ?

True!

Sent from my cell phone. Sorry for the errors.

by AlainCasault
Mon Mar 18, 2019 8:20 pm
Forum: Scripting
Topic: How to really make backups (by script) ?
Replies: 15
Views: 618

Re: How to really make backups (by script) ?

The binary backup will let you restore a perfect/complete copy of the config of the original router (A) on the new router(B). It will work. But DO reset the MACs, either manually or through a script as suggested. Obviously, it should NOT be done if the original router (A) is still running as you'll ...
by AlainCasault
Fri Mar 15, 2019 5:29 pm
Forum: Beginner Basics
Topic: Mikrotik as HUB (configuration)
Replies: 16
Views: 718

Re: Mikrotik as HUB (configuration)

Ok, got it. Still can't do hub in MikroTik. Do a switch as was suggested before using a bridge. From within the router, you can launch a packet sniffer (in tools menu) which is wireshark compatible (make sure to name the file .pcap). You'll have to play with it as I don't remember if the bridge will...
by AlainCasault
Thu Mar 14, 2019 9:14 pm
Forum: Beginner Basics
Topic: Mikrotik as HUB (configuration)
Replies: 16
Views: 718

Re: Mikrotik as HUB (configuration)

Because I have to simulate something like that in laboratories. Maybe as a bridge to do it, that it would be similar? I'm not sure you know what you require if you think that a hub and a switch are similar. Can you explain what you need to achieve? That could help us understand. Sent from my cell p...
by AlainCasault
Wed Mar 13, 2019 8:56 pm
Forum: Beginner Basics
Topic: Mikrotik as HUB (configuration)
Replies: 16
Views: 718

Re: Mikrotik as HUB (configuration)

More to the point: why do you want a hub?

Sent from my cell phone. Sorry for the errors.

by AlainCasault
Tue Mar 12, 2019 4:17 pm
Forum: Scripting
Topic: How to really make backups (by script) ?
Replies: 15
Views: 618

Re: How to really make backups (by script) ?

Hello, This topic has been documented MANY times. But, yes, you CAN restore a binary backup of one device to another of SAME model. But: * Make sure they're both running the same version of OS * Reset each interface's MAC address. Voilà! As far as running and storing backups, that too has been docum...
by AlainCasault
Tue Mar 12, 2019 3:49 pm
Forum: Beginner Basics
Topic: Connecting two routers in two buildings with cable
Replies: 8
Views: 510

Re: Connecting two routers in two buildings with cable

Hello, I'm assuming that the /16s are just to summarize local subnets and you don't have such a big network. Otherwise, break the subnet down to smaller ones (like /24). Also, I'd probably go with fiber regardless since your working with two buildings. Fiber will insulate you from grounding issues, ...
by AlainCasault
Mon Mar 11, 2019 7:59 pm
Forum: Beginner Basics
Topic: Help with new Vlan Setup
Replies: 8
Views: 312

Re: Help with new Vlan Setup

Also, try this.

I think this is what you're going for.

https://wiki.mikrotik.com/wiki/Manual:S ... p_Features

Cheers,
by AlainCasault
Mon Mar 11, 2019 7:30 pm
Forum: Beginner Basics
Topic: Help with new Vlan Setup
Replies: 8
Views: 312

Re: Help with new Vlan Setup

Hello, I know what you mean as I have a Unifi also. I basically took the IP address of my Telco devices' subnet and its associated DHCP server and moved them to the trunk bridge. The Unifi is connected to a trunk port, but because the IP was set to the trunk bridge, that subnet became untagged. Of c...
by AlainCasault
Fri Mar 08, 2019 9:33 pm
Forum: General
Topic: Viewing network traffic question
Replies: 7
Views: 381

Re: Viewing network traffic question

Hello Nazralte, 1st thing to do is make sure your catch-all rules log traffic reaching them. As you indicate not being so good w/ firewalls, I'll give you more information, hoping I'm not treating you like a child ;) Catch-all rules just drop and log whatever was not processed by the previous rules,...
by AlainCasault
Fri Mar 08, 2019 8:31 pm
Forum: Beginner Basics
Topic: Routing CCR 1036 and CRS 317
Replies: 2
Views: 144

Re: Routing CCR 1036 and CRS 317

Hello, For starters, your devices should have a static IP address, not get one from a server. Otherwise, how do you plan on doing proper management with dynamic IP addresses? Secondly, I suggest you post a diagram you what you wish to acheive and your devices current configuration. You're asking for...
by AlainCasault
Fri Mar 08, 2019 5:59 pm
Forum: General
Topic: Winbox disconnects after few seconds
Replies: 4
Views: 184

Re: Winbox disconnects after few seconds

Hy again!! If you can winbox but not webfig, check that the IP Service for TCP 80 is not disabled. Could be that simple. :| If you use "bridge" mode (and it's not a typo), then your problem could lay there. I'm not in front of a router right now, but you should be set as AP-bridge mode, and I THIIII...
by AlainCasault
Fri Mar 08, 2019 3:15 pm
Forum: General
Topic: Winbox disconnects after few seconds
Replies: 4
Views: 184

Re: Winbox disconnects after few seconds

Hello

Are you connecting using an IP address or a mac address?

If it's the MAC, yes you may loose connectivity often. Use a IP as soon as possible.

Regards

Sent from my cell phone. Sorry for the errors.

by AlainCasault
Fri Mar 08, 2019 3:10 pm
Forum: Wireless Networking
Topic: Configuring a Single SSID WLAN with Two wAP AC (RBwAPG-5HacT2HnD-US) and one hEX (RB750Gr3)
Replies: 6
Views: 355

Re: Configuring a Single SSID WLAN with Two wAP AC (RBwAPG-5HacT2HnD-US) and one hEX (RB750Gr3)

Thanks for both replies! One additional question, I've read that a WDS mode has to be enabled in the routers and that both routers must be bridged into a single Wireless interface. Is that right? Thanks again. Hello No need for wds. And keep the setup as simple as possible. The APs' Wi-Fi card shou...
by AlainCasault
Thu Feb 28, 2019 4:12 pm
Forum: Beginner Basics
Topic: Bandwidth separation for VoIP
Replies: 5
Views: 294

Re: Bandwidth separation for VoIP

Hello

Packet marking is the first step. You'll move on to queue trees where you'll use the packet marks.

Check the url I gave you for a real step by step.

Cheers

Sent from my cell phone. Sorry for the errors.

by AlainCasault
Wed Feb 27, 2019 4:40 pm
Forum: Beginner Basics
Topic: Bandwidth separation for VoIP
Replies: 5
Views: 294

Re: Bandwidth separation for VoIP

Hello, What I wrote was meant as a general guideline, so it's possible it may not apply to your setup. But the caracteristics part still applies. Unless you know how an application behaves (protocol, port, DST IP address, anything that can help to identify it), it's going to be hard to do bandwidth ...
by AlainCasault
Wed Feb 27, 2019 2:33 pm
Forum: Beginner Basics
Topic: Bandwidth separation for VoIP
Replies: 5
Views: 294

Re: Bandwidth separation for VoIP

Hello, The hard part is to categorize your traffic. That is to says that you need to know as many "traits" as possible. As an example, I have VoIP phones on three dedicated subnets (three sites) and my PBXs on another. That becomes easy to do QoS between all subnets. My PBXs connect to my SIP trunk ...
by AlainCasault
Wed Feb 27, 2019 2:07 pm
Forum: Wireless Networking
Topic: 20Mhz or 20Mhz/40Mhz above,below which correct fot access point ?
Replies: 2
Views: 274

Re: 20Mhz or 20Mhz/40Mhz above,below which correct fot access point ?

Hello, Since you don't mention it, I'll start of with 2,4GHz. The choice of 20 or 40 MHz depends on your neighbors. If there's a lot of 2,4GHz around you, stick with 20MHZ as the AP will revert from 40 to 20 if it detects interference. If you can go to 40MHz, then scan what's around you and select a...
by AlainCasault
Fri Feb 22, 2019 9:54 pm
Forum: Beginner Basics
Topic: How to connect from android app Mikrotik to RB2011?
Replies: 6
Views: 363

Re: How to connect from android app Mikrotik to RB2011?

I don't recommend using the app from the WAN side, for many reasons (mainly security) other than its just in beta. However if you can open a VPN to home and then use the APP as though you were on the LAN, that may be a different story) Am I hearing an echo here? ;) Sent from my cell phone. Sorry fo...
by AlainCasault
Fri Feb 22, 2019 5:45 pm
Forum: General
Topic: Simple L2TP/IPSEC roadwarrior
Replies: 1
Views: 267

Re: Simple L2TP/IPSEC roadwarrior

Hello A gateway of 0.0.0.0? That can't be good. You're probably missing stuff in your ppp profile. Post your ppp setup. /ppp export. I have this basic setup and it works great. Is your tunnel coming up? I'm guessing yes if you're getting an address. Sent from my cell phone. Sorry for the errors.
by AlainCasault
Fri Feb 22, 2019 2:52 pm
Forum: Beginner Basics
Topic: How to connect from android app Mikrotik to RB2011?
Replies: 6
Views: 363

Re: How to connect from android app Mikrotik to RB2011?

Hello Pablo, I'm glad you solved your issue but did you realize you created a new one? It's not a good idea to open WinBox on your WAN port. It's a major security risk. You'd need better off doing at least port knocking first or, better yet, VPN to your router before managing it. Regards, Sent from ...
by AlainCasault
Wed Jan 30, 2019 8:14 pm
Forum: Beginner Basics
Topic: Text based backup!!!cannot load [SOLVED]
Replies: 12
Views: 598

Re: Text based backup!!!cannot load [SOLVED]

You're better off with export files. True, but with export files it also isn't easy, as I described above. It would be much easier when those minor changes were made... Of course we all understand that you cannot import an export from a 10-port router into a 5-port router without some manual action...
by AlainCasault
Wed Jan 30, 2019 5:36 pm
Forum: Beginner Basics
Topic: Text based backup!!!cannot load [SOLVED]
Replies: 12
Views: 598

Re: Text based backup!!!cannot load [SOLVED]

Doing a binary restore is "officially" meant for the same device, we all know this. It'll work ok on two devices of same model, as long as you reset the MAC address of all physical interfaces. Doing this on two routers of different models is asking for trouble and is NOT recommended. You're better o...
by AlainCasault
Tue Jan 29, 2019 6:09 pm
Forum: Beginner Basics
Topic: Text based backup!!!cannot load [SOLVED]
Replies: 12
Views: 598

Re: Text based backup!!!cannot load [SOLVED]

Hello, I'm assuming that you're rebooting AND loading the rev file at startup. I've found that if you add a 15 second delay at the top of the script file, it solves the case. Also: When transferring an export from one model to an other, it's good practice to edit the file (to remove unwanted configs...
by AlainCasault
Mon Jan 28, 2019 3:27 pm
Forum: Wireless Networking
Topic: Looking for a mikrotik router Model that supports DNAT
Replies: 8
Views: 496

Re: Looking for a mikrotik router Model that supports DNAT

Hello

All MikroTik devices support dnat.

Cheers

Sent from my cell phone. Sorry for the errors.

by AlainCasault
Fri Jan 25, 2019 4:50 pm
Forum: Beginner Basics
Topic: How to use a simultaneous RBMetalG-52SHPacn
Replies: 1
Views: 131

Re: How to use a simultaneous RBMetalG-52SHPacn

Hello

That model only has one radio with the frequency software selectable.

When in doubt, always refer to the specs. https://mikrotik.com/product/RBMetalG-52SHPacn

Cheers,
by AlainCasault
Fri Jan 25, 2019 4:21 pm
Forum: RouterOS v6 RC and v7 BETA
Topic: Feature request: Make Quickset to be separate package
Replies: 29
Views: 4977

Re: Feature request: Make Quickset to be separate package

The solution he posted involved changing the skin in the web interface. It does not work in winbox.
Click on "Design Skin" and remove the checkmark in front of Quick Set, then save it as default.
Ah! OK, thanks,

Would have loved a WinBox solution also. Oh well. :)
by AlainCasault
Fri Jan 25, 2019 3:29 pm
Forum: RouterOS v6 RC and v7 BETA
Topic: Feature request: Make Quickset to be separate package
Replies: 29
Views: 4977

Re: Feature request: Make Quickset to be separate package

How do you imagine that would work? The home user needs QuickSet by default, he will not download and install it before he knows how RouterOS works. And removing QuickSet is already possible: Screenshot 2016-02-22 09.59.45.png Hello Normis, Could you please repost how to remove Qucikset? I'm affrai...
  • 1
  • 2
  • 3
  • 4
  • 5
  • 11