Community discussions

Search found 526 matches

  • 1
  • 2
  • 3
  • 4
  • 5
  • 11
by lambert
Thu Jun 20, 2019 11:04 pm
Forum: Forwarding Protocols
Topic: OSPF 60GHz and 5GHz with two hex
Replies: 5
Views: 616

Re: OSPF 60GHz and 5GHz

Thank you. I tried but did not work. There are errors in interface names that I have corrected but are not working again. Did you bridge the radio devices? You are not giving any indication as to what did not work for you. agstek provided a config example that can be tested with ethernet replacing ...
by lambert
Sun May 05, 2019 10:11 am
Forum: General
Topic: Change default configuration
Replies: 3
Views: 276

Re: Change default configuration

Configure the router the way you want. Export and download the config. Then, put it in via netinstall.
by lambert
Sun May 05, 2019 10:07 am
Forum: General
Topic: CRS328-4C-20S-4S+ and FiberStore SFP-FE-BX SFPs
Replies: 0
Views: 157

CRS328-4C-20S-4S+ and FiberStore SFP-FE-BX SFPs

I have two CRS328-4C-20S-4S+ and the contractor supplied FiberStore SFP-FE-BX SFPs for hooking up a small neighborhood. There are RB960PGS routers on the other end. When we first hooked these up across the fiber, they auto-negotiated at 100M-full but passed no traffic. We set the SFP modules to 1Gbp...
by lambert
Wed May 01, 2019 11:49 pm
Forum: Forwarding Protocols
Topic: vpn
Replies: 4
Views: 509

Re: vpn

At the second site, configure your L2TP connection not to install a default route crossing the VPN.
by lambert
Wed May 01, 2019 11:41 pm
Forum: RouterBOARD hardware
Topic: i need to replace some devices RB 435G, 433AH and 433G , but with what device?
Replies: 2
Views: 407

Re: i need to replace some devices RB 435G, 433AH and 433G , but with what device?

That probably depends on what you are using those devices to do.
by lambert
Wed May 01, 2019 10:46 pm
Forum: General
Topic: CCR1072 vs Oem İ9-9900K
Replies: 13
Views: 1060

Re: CCR1072 vs Oem İ9-9900K

If doing BGP, before RouterOS 7, you want an X86 box. It doesn't have to be top of the line.

The x86 boxes will run circles around the CCR for single threaded tasks. The CCR will be fine for tasks that can be split across multiple cores.
by lambert
Mon Nov 19, 2018 7:01 pm
Forum: General
Topic: How do you use ssh agent forwarding on the routeros ssh client?
Replies: 9
Views: 750

Re: How do you use ssh agent forwarding on the routeros ssh client?

If you don't want to wait, VPNs, with as much crypto as SSH, are available now. I have run VPNs inside VPNs to get inside multiple layers of firewalls.
by lambert
Fri Nov 16, 2018 1:37 am
Forum: General
Topic: How do you use ssh agent forwarding on the routeros ssh client?
Replies: 9
Views: 750

Re: How do you use ssh agent forwarding on the routeros ssh client?

It is not an option. The options are: /ip ssh set Change properties of one or several items. always-allow-password-login -- allow password login when public key authorization is configured forwarding-enabled -- allows clients to connect to remote ports from server host-key-size -- RSA key size when ...
by lambert
Tue Nov 13, 2018 12:50 am
Forum: Beginner Basics
Topic: DHCP issue [SOLVED]
Replies: 9
Views: 775

Re: DHCP issue [SOLVED]

The two things which are most likely are:

1 ) Your WAN interface is bridged with your LAN.

2 ) Your ISP's WiFi has the same SSID/password configured and your devices are sometimes connecting to it directly.

With the config, we'll know.
by lambert
Tue Nov 13, 2018 12:35 am
Forum: General
Topic: Can't communication with Tristar 60 MPPT through 493ah
Replies: 10
Views: 1882

Re: Can't communication with Tristar 60 MPPT through 493ah

Thanks!

We'll check on that in the spring / early summer when we have access to the sites again.
by lambert
Thu Nov 08, 2018 9:54 pm
Forum: Beginner Basics
Topic: Issues after upgrading
Replies: 3
Views: 356

Re: Issues after upgrading

Having the DHCP server and LAN IP bound to the bridge rather than the old master port is a great idea. Also, if you haven't given the router a second reboot after the upgrade, you might want to try that. Occasionally it seems to take two reboots for the new config to take effect after and upgrade of...
by lambert
Thu Nov 08, 2018 9:34 pm
Forum: General
Topic: Can't communication with Tristar 60 MPPT through 493ah
Replies: 10
Views: 1882

Re: Can't communication with Tristar 60 MPPT through 493ah

We have issues with MPPT controllers falling offline when connected to Netonix switches. We can usually bounce the port on the Netonix and bring them back online for a while. We've begun to leave junk switches between the Netonix and the MPPTs. I don't think the ethernet chips in the MPPTs have been...
by lambert
Mon Sep 10, 2018 6:04 am
Forum: General
Topic: SNMP issue... [SOLVED]
Replies: 3
Views: 753

Re: SNMP issue... [SOLVED]

Hello.. Im graphing with mrtg some routers and some CPE, a couple of days ago, snmp stopped working on 3 routers, so i tought it was a routing issue since i was changing some stuff, but both devices, the mrtg server and the router are able to ssh, ping, etc.. just snmp does not work, even if i try ...
by lambert
Tue Jul 17, 2018 4:38 pm
Forum: RouterOS v6 RC and v7 BETA
Topic: Mikrotik Package not installing
Replies: 8
Views: 3865

Re: Mikrotik Package not installing

What does the log say immediately after reboot?
by lambert
Wed Jul 11, 2018 7:48 am
Forum: Scripting
Topic: Making a GUEST WiFI Schedule in Script
Replies: 3
Views: 416

Re: Making a scheduler...

I'm not sure what you're trying to do. Maybe it needs to be this complicated. I would create a separate schedule for each day which sets $GST=1 at the start each time period and another schedule setting $GST=0 at the end of the time period. If necessary, the schedule can flip the value of the variab...
by lambert
Sun Jul 08, 2018 9:12 pm
Forum: Wireless Networking
Topic: How to identify wireless network settings
Replies: 5
Views: 782

Re: How to identify wireless network settings

Number one rule: Start at the defaults.
Number two rule: Change the minimum necessary.

It works for a lot of things, not just RouterOS, not even just computers.

I am happy to hear that you got it working!
by lambert
Wed Jul 04, 2018 5:57 am
Forum: Wireless Networking
Topic: How to identify wireless network settings
Replies: 5
Views: 782

Re: How to identify wireless network settings

Ask the network admin what settings to use. or Look at the Windows laptop's wireless connection properties for that SSID. or Try trial and error, but scientifically. Just changing a lot of options leads to frustration. Start with a new wireless security profile, not one you've been playing with. Con...
by lambert
Mon May 28, 2018 3:57 pm
Forum: Forwarding Protocols
Topic: OSPF bug? with multiple IPs on interface sending hellos with wrong IP
Replies: 3
Views: 566

Re: OSPF bug? with multiple IPs on interface sending hellos with wrong IP

Thank you for taking the time to respond, mrz. However, that was my point. The router is not configured to run OSPF on 10.115.0.1/24. I apologize if that was not clear enough in my original post. The 10.115.0.1 IP is not covered by either of the two Routing OSPF Networks subnets. No subnet of 10.0.0...
by lambert
Fri May 25, 2018 10:47 pm
Forum: General
Topic: Anyone else getting flooded by this forum?
Replies: 11
Views: 974

Re: Anyone else getting flooded by this forum?

I have also noticed this change in behaviour. I'm not subscribed to popular topics, so I'm not exactly flooded with messages. It did surprise me when I got two or three notifications for the same topic before I had time to go look at the topic.
by lambert
Fri May 25, 2018 10:41 pm
Forum: Forwarding Protocols
Topic: OSPF bug? with multiple IPs on interface sending hellos with wrong IP
Replies: 3
Views: 566

OSPF bug? with multiple IPs on interface sending hellos with wrong IP

I had an issue with a 6.40.8 HAP ac lite talking to a Ubiquiti EdgeRouter Pro 1.8.5 via a Netonix switch. The mikrotik was seeing hellos from the ER-Pro. The ER-Pro was not seeing the hellos from the Mikrotik. OSPF logging wasn't helping on the Mikrotik. I enabled "debug ospf" on the ER-Pro. Nothing...
by lambert
Mon Apr 23, 2018 9:51 am
Forum: General
Topic: IPsec tunnel CentOS to MikroTik
Replies: 7
Views: 1268

Re: IPsec tunnel CentOS to MikroTik

Tried 6.42. Same results.
by lambert
Sat Apr 21, 2018 9:54 am
Forum: General
Topic: IPsec tunnel CentOS to MikroTik
Replies: 7
Views: 1268

Re: IPsec tunnel CentOS to MikroTik

My policy was set to encrypt/require/esp/tunnel. I have now changed that to encrypt/require/ah/no tunnel. The logs look very similar to me. I don't get it. /ip ipsec proposal set [ find default=yes ] enc-algorithms=aes-256-cbc,aes-128-cbc,3des add auth-algorithms=sha1,md5 enc-algorithms=aes-128-cbc,...
by lambert
Fri Apr 20, 2018 7:58 am
Forum: General
Topic: kid-control ideas
Replies: 9
Views: 1354

Re: kid-control ideas

For an end user wanting kid control, you may want to look into https://www.mcpnetworks.us/ . They seem to be transitioning to more ISP level business. They may still let you get setup on their program. It's a cloud portal for the end user which then programs the MikroTik router. You may be able to u...
by lambert
Fri Apr 20, 2018 2:31 am
Forum: General
Topic: IPsec tunnel CentOS to MikroTik
Replies: 7
Views: 1268

Re: IPsec tunnel CentOS to MikroTik

Here is the MikroTIk's debug log. I've manipulated everything I can think of on the 'Tik. It just doesn't change the result. I am obviously missing something. A clue by four to the head would be appreciated. 18:16:12 ipsec,debug proposal #1: 8 transform 18:16:12 ipsec,debug got the local address fro...
by lambert
Fri Apr 13, 2018 12:46 pm
Forum: General
Topic: IPsec tunnel CentOS to MikroTik
Replies: 7
Views: 1268

IPsec tunnel CentOS to MikroTik

I've been trying to get CentOS 7 to connect to RouterOS 6.40.7 for a couple of days now. Phase 1 works. Phase 2 never links up. If I intentionally change the DH Group or the lifetime, the centos box complains about them not matching. I don't see what is not matching up. Maybe it's an actual bug in C...
by lambert
Fri Apr 13, 2018 12:13 pm
Forum: General
Topic: Any plans to make cross-platform WinBox?
Replies: 33
Views: 2727

Re: Any plans to make cross-platform WinBox?

I find parts of this discussion funny since Webfig is practically a web version of Winbox as it is. You can even call up a windowed terminal in Webfig! Can you paste code snippets into WebFig's terminal? It doesn't work for me. I'm working in an all Mac shop, has been for decades. There is some con...
by lambert
Tue Apr 10, 2018 10:00 pm
Forum: Forwarding Protocols
Topic: What L2-VPN should be used?
Replies: 11
Views: 998

Re: What L2-VPN should be used?

Insufficient requirements listed. "Which VPN is best?" is likely to a religious question. Many people could be harmed in the overheated arguments about that. It's the same as "vi" vs "emacs". If you can fully explain what you are trying to accomplish (who should be able to communicate with who and w...
by lambert
Tue Mar 06, 2018 7:12 am
Forum: Beginner Basics
Topic: Add Static Queue AFTER dynamic Queues
Replies: 5
Views: 546

Re: Add Static Queue AFTER dynamic Queues

That's why my idea was
0  do nothing queue
.. dynamic queues
.. dynamic queues
N static queue you wanted from the beginning
by lambert
Mon Mar 05, 2018 7:34 pm
Forum: Beginner Basics
Topic: Add Static Queue AFTER dynamic Queues
Replies: 5
Views: 546

Re: Add Static Queue AFTER dynamic Queues

Without looking at it, conceptually you could create a static placeholder queue which does nothing at 0. Then your static everything else queue. Dynamic rules would be added after 0.

Maybe? Its just a wild guess without time to research.
by lambert
Mon Mar 05, 2018 7:20 pm
Forum: Wireless Networking
Topic: WISP - Network Designer Wanted
Replies: 6
Views: 682

Re: WISP - Network Designer Wanted

Maybe give us some way to contact you?
by lambert
Sun Mar 04, 2018 11:19 pm
Forum: Beginner Basics
Topic: "Internet bandwidth" VS "Youtube bandwidth"
Replies: 12
Views: 1269

Re: "Internet bandwidth" VS "Youtube bandwidth"

If the resellers' business model is the same as yours, their mikrotiks will need a similar configuration. As you use it you may find that your mangle and queue rules need some adjustment. Just keep in mind the source and destination of the traffic you are attempting to affect and you'll have a good ...
by lambert
Sun Mar 04, 2018 5:44 am
Forum: Beginner Basics
Topic: "Internet bandwidth" VS "Youtube bandwidth"
Replies: 12
Views: 1269

Re: "Internet bandwidth" VS "Youtube bandwidth"

Looks good at a glance. Is it working for you? The screenshots do not show full detail. If it is working, great! If you need help in the future, exports from the terminal will help others understand exactly what is configured. Just search and replace sensitive items with unique variable names. It's ...
by lambert
Sat Mar 03, 2018 4:35 pm
Forum: Beginner Basics
Topic: "Internet bandwidth" VS "Youtube bandwidth"
Replies: 12
Views: 1269

Re: "Internet bandwidth" VS "Youtube bandwidth"

#lambert. Q1: I did add all the youtube IPs in "/ip firewall address list" but do I have to add all those addresses in "/ip addresses"? No. Not as far as I understand your problem description. '/ip addresses ' is for IPs which are used for routing through or access to your router. That includes 180...
by lambert
Sat Mar 03, 2018 8:29 am
Forum: Beginner Basics
Topic: "Internet bandwidth" VS "Youtube bandwidth"
Replies: 12
Views: 1269

Re: "Internet bandwidth" VS "Youtube bandwidth"

Possible answers. I may have mis-interpreted the questions. Q1) /ip firewall address-list add name=youtube address=IP1, repeat for all youtube IPs? Q2) Same as for internet but with dst-address-list=youtube? Q3) Two sets of queues, one for bandwidth one for youtube? Q4) Same as 3 but with changes to...
by lambert
Fri Mar 02, 2018 4:05 am
Forum: RouterBOARD hardware
Topic: Mikrotik Switch - 48 Port
Replies: 9
Views: 3951

Re: Mikrotik Switch - 48 Port

Probably not. I was in one of those funny moods. You know? Like most days. :D
by lambert
Thu Mar 01, 2018 12:19 am
Forum: RouterBOARD hardware
Topic: RB1100AHx4 vs CCR1009 as PPPoE server
Replies: 6
Views: 1392

Re: RB1100AHx4 vs CCR1009 as PPPoE server

I do not know. The RB1000AHx4 is new enough that I doubt many people have tried similar configurations with them yet. You might want to get two of them for one of the places currently using a single CCR1009 and see what happens. If they work out, take the CCR1009 to one of the other places that need...
by lambert
Tue Feb 27, 2018 3:11 am
Forum: RouterBOARD hardware
Topic: RB1100AHx4 latency spikes
Replies: 18
Views: 1531

Re: RB1100AHx4 latency spikes

That's cool. It's still a single switch. Splitting is still a possible win.
by lambert
Mon Feb 26, 2018 11:55 pm
Forum: RouterBOARD hardware
Topic: RB1100AHx4 latency spikes
Replies: 18
Views: 1531

Re: RB1100AHx4 latency spikes

Move the big connection to port 13. See if latency remains and if they still line up. It's a pain, but 1 and 2 are on the same switch chip. Depending on what is in ports 3, 4, and 5, that 1Gbps connection to the CPU may be overloaded.
by lambert
Mon Feb 26, 2018 8:08 pm
Forum: RouterBOARD hardware
Topic: RB750Gr3 temperature
Replies: 4
Views: 899

Re: RB750Gr3 temperature

Same location? Not stacked? Same airflow opportunities?

If same location, swap positions. See if heat follows device or position.
by lambert
Mon Feb 26, 2018 7:51 pm
Forum: RouterBOARD hardware
Topic: Mikrotik Switch - 48 Port
Replies: 9
Views: 3951

Re: Mikrotik Switch - 48 Port

There is a 48 port switch. It just takes up 2 U. You have to order it as three pieces and do some self assembly. There are only two part numbers. 2 - https://mikrotik.com/product/crs328_24p_4s_rm 1 - https://mikrotik.com/product/SplusDA0001 Or are you really just asking for a 1u - 48 port switch? Yo...
by lambert
Mon Feb 26, 2018 7:38 pm
Forum: RouterBOARD hardware
Topic: RB1100AHx4 latency spikes
Replies: 18
Views: 1531

Re: RB1100AHx4 latency spikes

Which ports are you using for the connections? Are they both on the same switch chip? While I have no personal experience with the x4, the older RB1100AH and AHx2 units had recommendations for using multiple independent ports rather than the switched port groups. Perhaps the x4 also requires care in...
by lambert
Mon Feb 26, 2018 7:27 pm
Forum: General
Topic: default offering lease without success
Replies: 15
Views: 3904

Re: default offering lease without success

I think he mainly wants to get rid of this type of message: default offering lease 192.168.22.209 for CC:35:40:04:38:1B to BC:8C:CD:46:15:F4 without success The info,!dhcp would get rid of the lease renewal messages which he also wants to hide. There may be other info level messages he wants to keep...
by lambert
Mon Jan 15, 2018 1:02 am
Forum: Beginner Basics
Topic: Forwarding Traffic
Replies: 2
Views: 329

Re: Forwarding Traffic

I think the keyword you want is DMZ.

https://wiki.mikrotik.com/wiki/NAT_Tutorial
by lambert
Mon Jan 15, 2018 12:46 am
Forum: General
Topic: Need some advice...
Replies: 5
Views: 447

Re: Need some advice...

rb2011, 20Mbps encrypted traffic. as to number of tunnels, someone would have to try it and see. The CPU in the 2011s are not exactly super powerful.
by lambert
Mon Jan 15, 2018 12:27 am
Forum: General
Topic: Looking for a successor to the RB110AH
Replies: 4
Views: 379

Re: Looking for a successor to the RB110AH

BTW, all three have IPsec encryption offload. They may let you drop the additional pfSense box if you want. No reason you have to drop the pfSense box. I like pfSense.
by lambert
Mon Jan 15, 2018 12:24 am
Forum: General
Topic: Looking for a successor to the RB110AH
Replies: 4
Views: 379

Re: Looking for a successor to the RB110AH

Three good options. All will do 1Gbps throughput via copper interfaces, some have fiber. Upgraded version of what you already have, no USB. I do not see fans in the gallery images: https://mikrotik.com/product/rb1100ahx4 Fanless with up to 1Gbps fiber interface: https://mikrotik.com/product/CCR1009-...
by lambert
Mon Jan 15, 2018 12:03 am
Forum: The User Manager
Topic: need assistant
Replies: 2
Views: 450

Re: need assistant

/ip firewall nat add chain=src-nat src-address=192.168.10.1 out-interface=ether1 action=masquerade Please note, I did not fire up a login to a MikroTik to test the above syntax. That rule may need a fix or two. That rule intends to give exactly one private IP of 192.168.10.1 access to the Internet ...
by lambert
Sun Jan 14, 2018 2:12 am
Forum: General
Topic: default offering lease without success
Replies: 15
Views: 3904

Re: default offering lease without success

That appears to be a Samsung MAC address "BC:8C:CD:46:15:F4". Maybe you know which device on your network might have a samsung manufactured interface? Does 192.168.223.85 have a web interface? It sounds a bit like an AP or range extender which may be trying, unsuccessfully, to ARP "NAT" the original...
by lambert
Fri Nov 17, 2017 4:13 am
Forum: Wireless Networking
Topic: RB951G-2HnD - Apple devices not connecting
Replies: 12
Views: 3213

Re: RB951G-2HnD - Apple devices not connecting

Did you happen to turn on the EAP options in your security profile? I've seen Apple devices not connect when someone made that mistake. The Android and other devices still worked as long as PSK was also enabled. That may not apply to newer versions of Android and such.
  • 1
  • 2
  • 3
  • 4
  • 5
  • 11