Community discussions

Search found 53 matches

  • 1
  • 2
by russman
Mon Apr 29, 2019 7:33 pm
Forum: Announcements
Topic: v6.44.3 [stable] is released!
Replies: 123
Views: 30123

Re: v6.44.3 [stable] is released!

I just updated some test devices to 6.44.3 from 6.44.1. SSH port forwarding was working fine before the upgrade, but did not work after. It looks like the default setting for "/ip ssh forwarding-enabled" has been changed from "both" to "remote". To fix this: /ip ssh set forwarding-enabled=both Whil...
by russman
Mon Oct 22, 2018 5:24 pm
Forum: General
Topic: NTP for smips
Replies: 22
Views: 3830

Re: NTP for smips

Since SMIPS devices are designed for home usage and does have limited storage size we do not provide NTP package for such devices. SMIPS stand for small MIPS (MIPS device with limited feature set). Could someone share an example where this would be actually necessary (to run NTP server on SMIPS dev...
by russman
Sat Sep 01, 2018 4:27 pm
Forum: RouterOS v6 RC and v7 BETA
Topic: Got fq_codel yet?
Replies: 36
Views: 10600

Re: Got fq_codel yet?

thanks for the suggestion, we are looking into it for v7. currently you can use SFQ, whh is also very good Come on man, throw us a bone. Ubiquiti has it in their firewalls, I'm trying hard to not use theirs but you're not making it easy. SFQ is better than some even older more abusive options but i...
by russman
Mon Aug 27, 2018 9:07 pm
Forum: Wireless Networking
Topic: Can I do CLIENT mode WPA2 Enterprise (802.1x) PEAP?
Replies: 18
Views: 12220

Re: Can I do CLIENT mode WPA2 Enterprise (802.1x) PEAP?

Update: Digging through the logs it looks like Mikrotik is providing the "Supplicant Identity" on the general tab of the Security Profile as the EAP authentication username. So I decided to put the userman into that field and it works. Its using the Supplicant Identity as the username and the EAP MS...
by russman
Mon Aug 27, 2018 7:24 pm
Forum: Wireless Networking
Topic: Can I do CLIENT mode WPA2 Enterprise (802.1x) PEAP?
Replies: 18
Views: 12220

Re: Can I do CLIENT mode WPA2 Enterprise (802.1x) PEAP?

From my mikrotik test unit I can connect to my SSIDs protected with WPA2 PSK no problem. I can connect from my laptop to my PEAP protected SSID with no problems, however, I can't connection from my mikrotik. I've went through all my settings on the NPS server and AP and tried a number of other setti...
by russman
Thu Jul 26, 2018 9:54 pm
Forum: Wireless Networking
Topic: LHG 60G experience
Replies: 542
Views: 58091

Re: LHG 60G experience

Something weird I noticed: It stopped raining since around 30 mins and suddenly the LHG60 link dropped to MCS 1 even with a good RSSI (-55 dBm): frequency: 64800 mcs: 1 phy-rate: 385.0Mbps signal: 20 rssi: -55 tx-sector: 41 tx-sector-info: left 1 degrees, up 0.6 degrees rx-sector: 96 distance: 1166...
by russman
Wed Jun 06, 2018 7:57 pm
Forum: Wireless Networking
Topic: 60Ghz 6.42.3 Bug Report
Replies: 1
Views: 350

60Ghz 6.42.3 Bug Report

When you export file on the master/ap, the export doesn't contain the SSID but it does contain the reset including the frequency and password, when you export file on the slave/stations it contains the SSID. You can manually enter the SSID into the exported file for the AP and load that without erro...
by russman
Tue Apr 17, 2018 6:11 pm
Forum: The Dude
Topic: How do I add MIBs to the dude
Replies: 14
Views: 12418

Re: How do I add MIBs to the dude

I just brought up a fresh dude CHR server on 6.42 and I'm having the same problem. Using WinSCP it says the file system is read only, can't do it in winbox ether. The directory we add them to is /dude/files/default/mibs correct? Update: I see you leave out default in the last post now. So its upload...
by russman
Mon Apr 16, 2018 6:03 am
Forum: Forwarding Protocols
Topic: IS-IS
Replies: 44
Views: 13215

Re: IS-IS

+1 for IS-IS
by russman
Wed Apr 11, 2018 5:32 pm
Forum: RouterBOARD hardware
Topic: LHG 60G
Replies: 63
Views: 13370

Re: LHG 60G

I'm interested in getting my hands the LHGG-60ad for sure. I'm a little quizzed by the marketing for these products in regards to range. Obviously it needs LOS and stability is dependable on the region its installed in.
by russman
Thu Feb 08, 2018 4:32 pm
Forum: Announcements
Topic: v6.41.1 [current]
Replies: 106
Views: 14895

Re: v6.41.1 [current]

@strods It didn't generate a support file automatically. It didn't crash the router, this is all regarding link negotiation via 10/100/1000M RJ45 SFP modules. Before the aforementioned update, the non-mikrotik modules would link up if the port was manually set to 1Gbps but wouldn't let anything conn...
by russman
Wed Feb 07, 2018 9:08 pm
Forum: Announcements
Topic: v6.41.1 [current]
Replies: 106
Views: 14895

Re: v6.41.1 [current]

I'm running 6.41.1 on a CCR-1016-12S-1S+RM router that I'm testing SFP compatibility/behavior in. The non-mikrotik modules worked on gigabit only when manually set to 1Gbps (no auto negotiation) they would not work on 100Mbps when manually set even though the modules support it (UBNT and Fiberstore ...
by russman
Wed Sep 06, 2017 7:44 pm
Forum: RouterOS v7
Topic: RouterOS v7.0 beta1 - when?
Replies: 565
Views: 137898

Re: RouterOS v7.0 beta1 - when?

Yes, it was on MUM. On US MUM in 2014 :)

https://mum.mikrotik.com//presentations/US14/ccrros.pdf
In the pdf you referenced from 2014, it talks about, v6.8 I haven't seen anything beyond 6.41 in RC or beta yet in 2017. Where are these being released at?
by russman
Thu Mar 02, 2017 4:52 am
Forum: General
Topic: DHCP ARP issue
Replies: 5
Views: 1574

Re: DHCP ARP issue

Stall ARP entry issues are still plaguing Mikrotik ROS 6.X 4 years later...
by russman
Thu Feb 16, 2017 6:12 am
Forum: General
Topic: WCCP Support
Replies: 2
Views: 1057

Re: WCCP Support

+1 Bump on needing WCCP support
by russman
Fri Jan 06, 2017 12:20 am
Forum: General
Topic: Strange PPPoE issue - Interface disabled on its own
Replies: 1
Views: 418

Strange PPPoE issue - Interface disabled on its own

I've only seen this issue happen twice now since we started using Mikrotik 8 years ago. Both times happened recently with different clients, one on Hex board and one on ARM both running 6.37.1. Everything will be running smoothly and out of the blue the PPPoE interface will become disabled, nothing ...
by russman
Tue Sep 20, 2016 4:25 am
Forum: The User Manager
Topic: forgot admin password
Replies: 16
Views: 38614

Re:

yes, wrong Wow that's rough. I used to be able to do that with Cisco from serial console. I have a business customer that we installed their firewall, their network, their internet, etc and corporate forced all locations to use some use some IT company from the other side of the country (near headq...
by russman
Fri Jun 17, 2016 4:47 am
Forum: RouterOS v6 RC and v7 BETA
Topic: Watchdog feature request
Replies: 6
Views: 1068

Re: Watchdog feature request

Interesting, I never noticed that under tools, not sure how long its even been there.  Thank you.
by russman
Thu Jun 16, 2016 5:53 am
Forum: RouterOS v6 RC and v7 BETA
Topic: Watchdog feature request
Replies: 6
Views: 1068

Watchdog feature request

It would be great if watchdog had the ability to execute/trigger a script.  Currently it can be done with more complex scripts that mimic watchdog plus do other things but it would be nice simply empower this feature a bit more than sending an email.
by russman
Wed May 25, 2016 6:37 pm
Forum: Forwarding Protocols
Topic: URL Binding / Redirection from single public IP
Replies: 1
Views: 716

URL Binding / Redirection from single public IP

I'm interested in Binding URLs to different servers inside our network from one public IP. Typically this is done on the web server with a single IP and URLs are binded in the server config. Can this be done from the edge firewall with traffic inspection via mangle or something?
by russman
Wed Apr 06, 2016 6:45 am
Forum: RouterOS v6 RC and v7 BETA
Topic: PPPoE rate limiting bug
Replies: 3
Views: 1445

Re: PPPoE rate limiting bug

I was aware that not all packets in a connection can be fasttracked, but I didn't realize that such functions could be lost in the attempt to fasttrack other traffic passing through the router. I'll update the firmware, disable fasttrack related rules, reboot, and run the tests again.
by russman
Fri Apr 01, 2016 11:23 pm
Forum: RouterOS v6 RC and v7 BETA
Topic: PPPoE rate limiting bug
Replies: 3
Views: 1445

PPPoE rate limiting bug

Issue: PPPoE rate limiting isn’t working correctly in 6.34.4 and even more so in 6.35RC45 Description: This is a simple site with the router setup only to route between the backhaul segment and the sector segment for that tower with PPPoE server running on the sector network segment. We were testin...
by russman
Wed Nov 18, 2015 7:37 pm
Forum: Virtualization
Topic: Cloud Hosted Router
Replies: 583
Views: 185214

Re: Cloud Hosted Router

So I previously purchased a x86 lvl 6 license and run it in VMware. Can I convert this to a CHR license and decommission this one?
by russman
Sat Aug 01, 2015 12:20 am
Forum: RouterOS v7
Topic: Feature Request: Suricata
Replies: 20
Views: 6847

Re: Feature Request: Suricata

Mikrotik, Due to the continued lack of IDS, IPS or DPI being fully integrated into the router, our company is now looking to transition our customers to the Ubiquiti EdgeOS Routers new DPI offering. I hate to leave this platform but we can't ignore the consumer demand for this feature in enterprise ...
by russman
Sat Jun 13, 2015 5:13 am
Forum: RouterOS v7
Topic: Feature Request: Suricata
Replies: 20
Views: 6847

Re: Feature Request: Suricata

(I bet a SonicWall's performance sucks if too many of its features are turned on at the same time - I have a personal loathing for those boxes, as they always seem to be administered by people who haven't got a clue about networking, their configurations make a mathematician's blackboard look simpl...
by russman
Sat Jun 13, 2015 5:05 am
Forum: Wireless Networking
Topic: 6.29.1 - 802.1x Authentication Timeout
Replies: 2
Views: 1175

Re: 6.29.1 - 802.1x Authentication Timeout

I'm having the same issue with my CCRs after upgrading to 6.29.1 and reverting back to 6.28 fixed every router having the problem. Odd thing is that the issue wasn't happening on all the routers I upgraded but was very pronounced on 3 of them.
by russman
Tue May 12, 2015 5:45 pm
Forum: RouterOS v7
Topic: Feature Request: Suricata
Replies: 20
Views: 6847

Re: Feature Request: Suricata

Mikrotik is a router, not a firewall. That's funny, then whats that whole "Firewall" section for then and why does the factory pre-configuration on most of the desktop models come configured as a firewall. It may be a grey area to some to call a router with ACLs a firewall but I'm pretty sure a rou...
by russman
Mon May 04, 2015 7:42 pm
Forum: RouterOS v6 RC and v7 BETA
Topic: Feature request:Vmware support - vmwaretools package
Replies: 17
Views: 10496

Re: Feature request:Vmware support - vmwaretools package

+1 for VMware tools as well. I purchased a license to stand alone run Usermanager and its performance isn't as good as it could be.
by russman
Thu Apr 30, 2015 6:22 pm
Forum: RouterOS v7
Topic: Feature Request: Suricata
Replies: 20
Views: 6847

Re: Feature Request: Suricata

Two more requests from corporate customers this week alone, they are being forced to replace their firewalls with units that have IDS/IPS integrated. This should almost be top priority IMHO.
by russman
Fri Mar 06, 2015 4:34 pm
Forum: RouterOS v7
Topic: Feature Request: Suricata
Replies: 20
Views: 6847

Re: Feature Request: Suricata

+1 Suricata in ROS 7. Many of my corporate customers are starting to get mandates that all their branch offices have to have firewalls with IDS/IPS built in. I've had to stop deploying MikroTik and have been forced to replace Mikrotik routers because of it. I believe if this isn't implemented Mikrot...
by russman
Wed Jan 21, 2015 12:45 am
Forum: General
Topic: Need help identifying a DoS issue
Replies: 1
Views: 477

Re: Need help identifying a DoS issue

Found it. Its a bug in the AC v7.1-rc.25252 that is being addressed in the next patch.
by russman
Tue Jan 20, 2015 11:18 pm
Forum: General
Topic: Need help identifying a DoS issue
Replies: 1
Views: 477

Need help identifying a DoS issue

We have a random issue that may last 5sec or a few min and goes away on its own. I'd love to figure out where its coming from but for the time being I'd like to create a bridge filter to block/limit this traffic.
hog.png
by russman
Tue Dec 16, 2014 10:46 pm
Forum: RouterBOARD hardware
Topic: Quality control or design problem with CCR-1009?
Replies: 7
Views: 1911

Quality control or design problem with CCR-1009?

I've purchased many CCRs and we recently started purchasing the CCR-1009 series of router for business customers that desire dual power supplies in their rack mount hardware. Anyway, I've probably only purchased 8-10 of 1009 series, now this is a small test group but considering of the 8-10 I've pur...
by russman
Mon Oct 27, 2014 9:26 pm
Forum: General
Topic: (answered) New?! RBFTC11
Replies: 13
Views: 4115

Re: New?! RBFTC11

I'd love to see a version that offers POE output and an AC bus terminal. That would allow for remote radio hookups without the need for additional outdoor enclosures.
by russman
Tue Oct 14, 2014 4:00 pm
Forum: General
Topic: DDoS Mitigation - Bandwidth Depletion
Replies: 4
Views: 1152

Re: DDoS Mitigation - Bandwidth Depletion

Most of our residential customers are NATed, this appears to all be input chain traffic on the WAN interface hitting the NAT public address. As I said, when it occurs our LAN traffic drops to 5-10% of normal (RX and TX) and the WAN traffic reaches the fiber pipes maximum downstream.
by russman
Tue Oct 14, 2014 7:32 am
Forum: General
Topic: DDoS Mitigation - Bandwidth Depletion
Replies: 4
Views: 1152

DDoS Mitigation - Bandwidth Depletion

I've been searching around on the forums and haven't found what I'm looking for. It seems like most of the attacks reported are small amounts of bandwidth from 1000s of sources or a little bit of traffic that consumes CPU cycles. I'm seeing large chunks of bandwidth, much bigger than any plan we off...
by russman
Tue Oct 14, 2014 5:28 am
Forum: The User Manager
Topic: failed to commit transaction: disk I/O error
Replies: 10
Views: 5375

Re: failed to commit transaction: disk I/O error

I simply downgraded to 6.8 as mentioned above and the the issue went away. I haven't tried anything else because I haven't seen anything in the change log addressing this issue yet. Has anyone that had this issue try 6.20 yet?
by russman
Wed Aug 27, 2014 12:49 am
Forum: RouterBOARD hardware
Topic: Temperature Range SFP-Modules
Replies: 3
Views: 2369

Re: Temperature Range SFP-Modules

Mikrotik's with SFP ports and Mikrotik SFP modules have been on the market for some time now. What are you guys finding with these units in regards to temperature handling. Are they standing up to the temperatures some of our outdoor enclosures on the inside? I question such things even more with a ...
by russman
Sat Jun 14, 2014 5:50 am
Forum: The User Manager
Topic: failed to commit transaction: disk I/O error
Replies: 10
Views: 5375

Re: failed to commit transaction: disk I/O error

I see 6.15 has been released but I haven't seen anything in the changelog referencing this or any responses to this thread. Anyone have input to add?
by russman
Thu Apr 24, 2014 5:06 am
Forum: The User Manager
Topic: failed to commit transaction: disk I/O error
Replies: 10
Views: 5375

Re: failed to commit transaction: disk I/O error

Two cloud core units and 3 Router OS versions (6.11, 6.12, and now 6.8) the issue is resolved. It appears there is a bug in the later versions of Router OS. 115 hours have passed without any errors locking up userman. Please look into this userman DB issue Mikrotik, I'll be watching release notes.
by russman
Tue Apr 22, 2014 5:29 am
Forum: The User Manager
Topic: failed to commit transaction: disk I/O error
Replies: 10
Views: 5375

Re: failed to commit transaction: disk I/O error

I hear crickets chirping... I upgraded the new userman box to 6.12 and the same issue returned in less than an hour and happened 5 more times that morning before I decided to try downgrading router OS versions. I looked at the changlog and figured 6.8 would be a good starting point for further troub...
by russman
Sat Apr 19, 2014 11:45 pm
Forum: The User Manager
Topic: failed to commit transaction: disk I/O error
Replies: 10
Views: 5375

Re: failed to commit transaction: disk I/O error

http://i1309.photobucket.com/albums/s634/Russell_Manning/IOdisk_zpsa82d777c.png I'm getting the same issue with userman on cloudcore. It happened with one we've been running for awhile then it manifested itself again on a the brand new identical unit that I replaced it with 3 days later. It's far f...
by russman
Thu Nov 14, 2013 9:17 pm
Forum: RouterOS v6 RC and v7 BETA
Topic: Userman optimized for multi-core
Replies: 4
Views: 1534

Re: Userman optimized for multi-core

As you can see in the picture CCR1016-12G currently running ROS 6.3, however, I've seen this issue through many versions of ROS in 5.X and 6.X.
by russman
Wed Nov 13, 2013 9:57 pm
Forum: RouterOS v6 RC and v7 BETA
Topic: Userman optimized for multi-core
Replies: 4
Views: 1534

Re: Userman optimized for multi-core

Hmmm, still can't access userman web interface and it looks like a autosupout.rif was generated around the time this happened. In general userman is choking harder now than ever, possibly for aforementioned reasons and stepping up on hardware typically improved performance for awhile until customer ...
by russman
Wed Nov 13, 2013 9:23 pm
Forum: RouterOS v6 RC and v7 BETA
Topic: Userman optimized for multi-core
Replies: 4
Views: 1534

Re: Userman optimized for multi-core

I am looking in the profile info for that core and ~70% is ate up with "flash" and 30% for "User-Manager". Although it does need better multi-core support, I'd be interested to know the performance specs on the integrated 512MB NAND storage. I'm using a tiny fraction of the available 512MB currently...
by russman
Wed Nov 13, 2013 8:32 pm
Forum: RouterOS v6 RC and v7 BETA
Topic: Userman optimized for multi-core
Replies: 4
Views: 1534

Userman optimized for multi-core

I realize there are many radius options available besides Mikrotik's userman, and that dedicated Intel based machines can be setup to run Mikrotik with higher per core clock speeds. However, it would be nice if the could modify the code to simply utilize the massive multi-core processing horsepower ...
by russman
Sun Oct 20, 2013 6:06 am
Forum: Forwarding Protocols
Topic: NAT and SIP no audio (specifically 3CX VoIP system)
Replies: 2
Views: 6446

NAT and SIP no audio (specifically 3CX VoIP system)

So I’ve searched the forums and preformed many tests trying to get audio working with remote extensions with my 3CX VoIP phone system. I’ve tested NAT port forwarding behind masquerading, 1:1 NAT before masquerading, disabling SIP firewall helper service, disabling Mangle rules, and every combinatio...
by russman
Fri May 10, 2013 8:03 pm
Forum: RouterOS v6 RC and v7 BETA
Topic: Resetting Counters in the Interface List
Replies: 14
Views: 16583

Re: Resetting Counters in the Interface List

I'm running 5.22 on x86 and I it takes the /interface ethernet reset-counters ether1 command but it does nothing still.
by russman
Tue Jan 15, 2013 5:56 pm
Forum: General
Topic: DHCP client option 60
Replies: 20
Views: 16130

Re: DHCP client option 60

Yes, vendor code support is needed. I'm trying to setup custom mitel phone DHCP options but I can't. Microsoft DHCP Server supports it, never thought I'd have to turn to microsoft for more advanced network related features, that also adds complexity to what I'm trying to accomplish...
by russman
Tue Apr 17, 2012 5:48 pm
Forum: General
Topic: "Dynamic" DNS servers
Replies: 4
Views: 19762

Re: "Dynamic" DNS servers

I'm setting up a new Mikrotik router as well and the GUI for DNS is completely changed and lacking the "Settings" button for setting your upstream DNS servers. Not sure why this is but I guess I'll have to add them from terminal, wait, its taking the command but the config doesn't show the change is...
  • 1
  • 2