Community discussions

MUM Europe 2020

Search found 82 matches

by makkan
Mon Jan 26, 2015 10:30 am
Forum: Virtualization
Topic: MIPS-BE to Tile GX
Replies: 4
Views: 2322

Re: MIPS-BE to Tile GX

E.g can I boot up a Tile GX-version of OpenWRT, copy and replace some folders in the exported image and then import it in the Tile GX?
I don't think there is any support for this, no. But I might be wrong... left this trace pretty quickly after this thread.
by makkan
Thu Oct 30, 2014 10:22 am
Forum: Virtualization
Topic: MIPS-BE to Tile GX
Replies: 4
Views: 2322

Re: MIPS-BE to Tile GX

Thank you Janisk!
by makkan
Wed Oct 29, 2014 4:35 pm
Forum: Virtualization
Topic: MIPS-BE to Tile GX
Replies: 4
Views: 2322

Re: MIPS-BE to Tile GX

Hi again,

Saw that there might not even be any build for Tile GX routers, so I might be screwed on that part already :-)
by makkan
Wed Oct 29, 2014 4:28 pm
Forum: Virtualization
Topic: MIPS-BE to Tile GX
Replies: 4
Views: 2322

MIPS-BE to Tile GX

Hi, I have a MIPS-BE-router where I have a virtual OpenWRT-machine. I have successfully exported the virtual machine and it works nicely to import it on other MIPS-BE-routers. However - I would like to convert it so that it will work with the Tile GX-platform as well. Would that be possible? E.g can...
by makkan
Fri Sep 05, 2014 12:00 pm
Forum: General
Topic: Telnet Output
Replies: 1
Views: 498

Telnet Output

Hi, I am trying to use some telnet-softwares to perform different tasks, like enabling/disabling VPN, making backups with /export etc. However - the telnet output in raw text is always looking like this: [m[36m/ip[m [m[36mpool is it possible to add switches to the login to real clear text output? If...
by makkan
Mon Jan 20, 2014 7:41 pm
Forum: General
Topic: Webfig Design Maker, Interface security
Replies: 1
Views: 535

Webfig Design Maker, Interface security

Hi, I'm having a minor issue - or rather - an idea. I want to create an account for one of our customers where he / she can login to webfig and enable or disable one specific Interface. However - if I enter IP -> Addresses (or Interfaces for that matter), then I can change the "Enable" checkbox and ...
by makkan
Fri Jan 17, 2014 12:54 pm
Forum: General
Topic: FreeRadius session-time-left
Replies: 6
Views: 1992

Re: FreeRadius session-time-left

you must enable this option in "system configuration" Method of disconnection: Automatic (NAS) luck Hi, I have that checked already since otherwise the users would not be disconnected until next logon. However - mine says "Disconnect: Remote" and that is working fine. Only the limits are not workin...
by makkan
Thu Jan 31, 2013 12:59 pm
Forum: General
Topic: IPSEC tunnel issues - SAs need flushing from time to time
Replies: 23
Views: 5586

Re: IPSEC tunnel issues - SAs need flushing from time to tim

I have issue with RB1100AH(5.22, unique) and Cisco ASA 5510, but I can't give access. As a workaround I use the script every minute: :local IPWatchServer 10.0.1.2 :local OutInterface ether1-lan :if ([/ping interface=$OutInterface $IPWatchServer count=4]<3) do={ /ip ipsec installed-sa flush sa-type=...
by makkan
Wed Jan 16, 2013 1:01 pm
Forum: General
Topic: IPSEC tunnel issues - SAs need flushing from time to time
Replies: 23
Views: 5586

Re: IPSEC tunnel issues - SAs need flushing from time to tim

Do you have level=unique set in ipsec policy? This is required for tunnel to work properly with cisco.
I have never tried that actually - but I am running it now on one of my MT/Cisco solutions. Will turn off flushing SA tonight and see if it works until tomorrow morning.

Thanks!
by makkan
Wed Jan 16, 2013 12:33 pm
Forum: General
Topic: IPSEC tunnel issues - SAs need flushing from time to time
Replies: 23
Views: 5586

Re: IPSEC tunnel issues - SAs need flushing from time to tim

If anyone can give access to both Mikrotik and Cisco and describe the way to repeat the problem then it might help to fix the problem. The problem is that the problem is not manually repeatable. It happens randomly and I believe it could be like glucz says - there are phantom SA. I also know that C...
by makkan
Wed Jan 16, 2013 12:26 pm
Forum: General
Topic: IPSEC tunnel issues - SAs need flushing from time to time
Replies: 23
Views: 5586

Re: IPSEC tunnel issues - SAs need flushing from time to tim

Hi, Sorry for my bad language, it didn't work before 5.12 either, I started using VPN from version 5.12, it have never worked flawless. I suggest that you contact support@mikrotik.com. One would believe that VPN should work fine between two Mikrotiks as they are using the same RFC. Cisco does not fo...
by makkan
Tue Jan 15, 2013 10:12 pm
Forum: General
Topic: IPSEC tunnel issues - SAs need flushing from time to time
Replies: 23
Views: 5586

Re: IPSEC tunnel issues - SAs need flushing from time to tim

Hi, I can confirm that this is also an issue when running mikrotik/Cisco. I have scheduled a flush every 60min and so far it seems to work ok, not perfect but ok. It have been like this since version 5.12 and mikrotik support ignores the existence of the error with saying that it works fine and that...
by makkan
Fri Sep 14, 2012 12:35 am
Forum: General
Topic: FreeRadius session-time-left
Replies: 6
Views: 1992

Re: FreeRadius session-time-left

Thanks for all your help!
I haven't engaged time enough for all the details of the radius server so I didn't know about these fields.
I will investigate why its not sending this as it is the most likely reason.

Thanks again!
by makkan
Thu Sep 13, 2012 7:29 pm
Forum: General
Topic: FreeRadius session-time-left
Replies: 6
Views: 1992

Re: FreeRadius session-time-left

I don't know right now, how can I tell?
I'm using Radius Manager.
by makkan
Thu Sep 13, 2012 7:01 pm
Forum: General
Topic: FreeRadius session-time-left
Replies: 6
Views: 1992

FreeRadius session-time-left

Hi! I am having some problems with the "session-time-left"-variable, I can't make it work when using my FreeRadius central server. I have opened port 1700 UDP to the NAS, activated "interim updates" and things like that, the FreeRadius server is set to remotely disconnect users etc when limit reache...
by makkan
Fri May 25, 2012 12:58 pm
Forum: General
Topic: Reset router with new config
Replies: 3
Views: 622

Re: Reset router with new config

I'm sorry, I missed one bit in my description, please read the edit-post.
by makkan
Fri May 25, 2012 12:28 pm
Forum: General
Topic: Reset router with new config
Replies: 3
Views: 622

Reset router with new config

Hi! Normally when I have released a new configuration for our routers (they are all identical) I usually run the following command: /system reset-configuration no-default=yes run-after-reset=myconfig.rsc But the router just resets configuration, it doesn't load the new one. Do you have an idea of wh...
by makkan
Thu Apr 26, 2012 11:55 pm
Forum: General
Topic: 3G Modem - Signal Strength?
Replies: 8
Views: 3784

Re: 3G Modem - Signal Strength?

I'm just running version 5.8, might be some new feature. Mine just says smth like "Cannot aquire port while being used by ppp-client".
by makkan
Thu Apr 26, 2012 9:36 pm
Forum: General
Topic: 3G Modem - Signal Strength?
Replies: 8
Views: 3784

Re: 3G Modem - Signal Strength?

I can get it using this command on my MT:

/interface ppp-client info <3G modem interface>
Are you sure that you can do it while the PPP-client is using the modem?

What version of ROS are you using?
by makkan
Thu Apr 26, 2012 6:52 pm
Forum: General
Topic: 3G Modem - Signal Strength?
Replies: 8
Views: 3784

3G Modem - Signal Strength?

Hi guys,

Is there any way to see the signal strength of my 2g/3g connection while ppp is running?

I'm currently on the other side of the globe and the router is having some performance issues but I can't see any signal strength without shutting down the PPP-client.

Marcus
by makkan
Tue Apr 24, 2012 6:10 pm
Forum: Beginner Basics
Topic: newbie default route question
Replies: 5
Views: 10743

Re: newbie default route question

I believe you have some issues with your firewall in that case. For some reason your routers does not forward traffic to the next interface (that is towards next router).
by makkan
Mon Apr 16, 2012 6:05 pm
Forum: General
Topic: Hotspot Status page
Replies: 1
Views: 533

Re: Hotspot Status page

Hi, I am having a lot of customers with MT Hotspots, some use local radius and some are using our central radius server (radius manager). They have 5 hours available per day to use the Internet. Those who use our central radius server cannot see how much time they have spent in total, they can only...
by makkan
Mon Apr 16, 2012 5:21 pm
Forum: Beginner Basics
Topic: newbie default route question
Replies: 5
Views: 10743

Re: newbie default route question

/ip route add dst-address=0.0.0.0/0 gateway=10.1.0.1 distance=1 that should do the trick. Also make sure to check the firewall on router A if you have entered any rules. Edit: Can you ping and telnet from RouterB to RouterA (that is, do you have full access)? You would have thought that this would ...
by makkan
Fri Apr 13, 2012 5:56 pm
Forum: Beginner Basics
Topic: DHCP logging
Replies: 1
Views: 660

Re: DHCP logging

If you go to system -> Logging, there you can add logging support and tell the router to send it to remote logserver.
by makkan
Fri Apr 13, 2012 5:48 pm
Forum: Scripting
Topic: Script on RB411U to check credit on 3G connection
Replies: 9
Views: 7876

Re: Script on RB411U to check credit on 3G connection

http://wiki.mikrotik.com/wiki/Manual:Tools/Sms

http://wiki.mikrotik.com/wiki/Send_Backup_email

There you have two very useful wiki-pages, however I don't have any 3G enabled router available so I can't make any tests for you :(
by makkan
Fri Apr 13, 2012 5:25 pm
Forum: Beginner Basics
Topic: I need help, text when unable to ping devices
Replies: 2
Views: 593

Re: I need help, text when unable to ping devices

You can use /tool netwatch to monitor an IP address and if it becomes unavailable you can run a certain script, then when it's back online you can run another script. Create a script, smth like "GW_DOWN" and make a script that sends sms to you, should be fairly simple. If you need to send to multipl...
by makkan
Fri Apr 13, 2012 5:13 pm
Forum: Scripting
Topic: Script on RB411U to check credit on 3G connection
Replies: 9
Views: 7876

Re: Script on RB411U to check credit on 3G connection

Hi, This script has some file read/write operations in it. Maybe you can come up with something from that :) http://wiki.mikrotik.com/wiki/Dynamic_DNS_Update_Script_for_DNSoMatic.com_behind_NAT There's also a mail client in the Mikrotik so you could do something like 1. Read sms response value 2. Pu...
by makkan
Fri Apr 13, 2012 4:59 pm
Forum: Beginner Basics
Topic: newbie default route question
Replies: 5
Views: 10743

Re: newbie default route question

/ip route add dst-address=0.0.0.0/0 gateway=10.1.0.1 distance=1

that should do the trick. Also make sure to check the firewall on router A if you have entered any rules.

Edit: Can you ping and telnet from RouterB to RouterA (that is, do you have full access)?
by makkan
Fri Apr 13, 2012 11:26 am
Forum: General
Topic: hay i can't download backup not permitted 9
Replies: 5
Views: 9179

Re: hay i can't download backup not permitted 9

Then maybe he has only granted you read access to the filesystem?

If you type /users print, is there any other users in there?

Maybe you should ask him for a full access version, that might be easier.
by makkan
Fri Apr 13, 2012 11:26 am
Forum: General
Topic: hay i can't download backup not permitted 9
Replies: 5
Views: 9179

Re: hay i can't download backup not permitted 9

Then maybe he has only granted you read access to the filesystem?

If you type /users print, is there any other users in there?

Maybe you should ask him for a full access version, that might be easier.
by makkan
Thu Apr 12, 2012 1:38 pm
Forum: General
Topic: Hotspot Status page
Replies: 1
Views: 533

Hotspot Status page

Hi, I am having a lot of customers with MT Hotspots, some use local radius and some are using our central radius server (radius manager). They have 5 hours available per day to use the Internet. Those who use our central radius server cannot see how much time they have spent in total, they can only ...
by makkan
Tue Apr 10, 2012 4:22 pm
Forum: General
Topic: Port 80 forwarding and port blocking
Replies: 2
Views: 899

Re: Port 80 forwarding and port blocking

Hi,

I believe you have to make a rule which allows traffic to the public IP rather than to the local IP of the webserver.
by makkan
Fri Mar 23, 2012 5:47 pm
Forum: General
Topic: Cisco lan-to-lan IPSEC tunnel
Replies: 29
Views: 14320

Re: Cisco lan-to-lan IPSEC tunnel

Hi!

I actually haven't tried version 5.2 so it might be solved in that version. will test this immediately! :)

Marcus
by makkan
Thu Mar 22, 2012 7:28 pm
Forum: General
Topic: Script for resetting the PPPoE connection when down
Replies: 5
Views: 2803

Re: Script for resetting the PPPoE connection when down

Hehe unfortunately I suck at scripting too but maybe this can take you somewhere?

http://wiki.mikrotik.com/wiki/Manual:Scripting
http://wiki.mikrotik.com/wiki/Scripts
by makkan
Thu Mar 22, 2012 7:19 pm
Forum: General
Topic: Script for resetting the PPPoE connection when down
Replies: 5
Views: 2803

Re: Script for resetting the PPPoE connection when down

Then make a script which adds a static route for 8.8.8.8 (or any other IP), if failed - restart pppoe 1, then make a static route for 8.8.8.8 via pppoe2 and test, if failed - restart pppoe2 ... pppoeN.
Remove static route for 8.8.8.8

Put script in system -> Scheduler
by makkan
Thu Mar 22, 2012 7:14 pm
Forum: General
Topic: hay i can't download backup not permitted 9
Replies: 5
Views: 9179

Re: hay i can't download backup not permitted 9

Try to grab it by using ftp to the router. No clue why you can't do it via Winbox. Are you really logged on as admin?
by makkan
Thu Mar 22, 2012 6:40 pm
Forum: General
Topic: Script for resetting the PPPoE connection when down
Replies: 5
Views: 2803

Re: Script for resetting the PPPoE connection when down

Go to tools -> Netwatch, set router to 8.8.8.8. Go to tab "DOWN" and type the string to reset the PPPOE (/pppoe client reset, or whatever)

Enjoy
by makkan
Thu Mar 22, 2012 5:35 pm
Forum: General
Topic: Port Foward inside Network
Replies: 3
Views: 822

Re: Port Foward inside Network

typically - you don't do that. But if you really must do it then I suppose you should be able to do a src-nat translation on incomming packets for your inside network port from public IP -> internal IP.
by makkan
Thu Mar 22, 2012 5:30 pm
Forum: General
Topic: Multi DHCP clients on same WAN port
Replies: 16
Views: 5527

Re: Multi DHCP clients on same WAN port

Can't you use virtual interfaces or make interfaces switched and assign IP-addresses to them? Don't know if the latter is applicable to ROS though, just some ideas.
by makkan
Thu Mar 22, 2012 12:11 pm
Forum: General
Topic: Cisco lan-to-lan IPSEC tunnel
Replies: 29
Views: 14320

Re: Cisco lan-to-lan IPSEC tunnel

Hi again,

Our only solution is that we must setup a Mikrotik VPN concentrator along with our network. There simply is no other solution.

Mikrotik - please make an official statement that your routers are not compatible with Cisco VPN's.

Marcus
by makkan
Tue Feb 07, 2012 10:09 am
Forum: General
Topic: Cisco lan-to-lan IPSEC tunnel
Replies: 29
Views: 14320

Re: Cisco lan-to-lan IPSEC tunnel

have you try to set "level=use" instead of "level=require" or "level=unique" in a ipsec policy?
Yep - that did no difference for me.
by makkan
Wed Feb 01, 2012 7:41 pm
Forum: General
Topic: Cisco lan-to-lan IPSEC tunnel
Replies: 29
Views: 14320

Re: Cisco lan-to-lan IPSEC tunnel

Thanks for sharing Dan!

I actually saw the same thing just some hours ago. Tunnel were running fine for 20min with constant Ping via tunnel but as soon as i terminated the ping it went down.

Seems like a workable solution is to keep a constant icmp ping going.
by makkan
Wed Feb 01, 2012 5:21 pm
Forum: General
Topic: Cisco lan-to-lan IPSEC tunnel
Replies: 29
Views: 14320

Re: Cisco lan-to-lan IPSEC tunnel

I'm not 100% sure about which RFC - but thats what I have been told by some highly decorated Mikrotik technicians ;-) it is strange that Cisco doesn't follow the RFC, which was created by themselves. maybe, there can be another explanation? If "cisco - mikrotik" IPsec is a real problem, why there i...
by makkan
Wed Feb 01, 2012 5:04 pm
Forum: General
Topic: Mikrotik to Cisco VPN
Replies: 3
Views: 1065

Re: Mikrotik to Cisco VPN

Hi Sergejs,

Sorry to bring this really old post alive - but using DPD does not work. My Cisco <-> Mikrotik VPNs are still going down 3-100 times per day. All I can do is to flush all SA and then they might come back online. Sometimes I have to kill the connections completely, very frustrating.
by makkan
Mon Jan 16, 2012 12:28 pm
Forum: General
Topic: Cisco lan-to-lan IPSEC tunnel
Replies: 29
Views: 14320

Re: Cisco lan-to-lan IPSEC tunnel

Hi,

Yes - IPSec between two Mikrotiks should work without any issues but I've never tried it.

I'm not 100% sure about which RFC - but thats what I have been told by some highly decorated Mikrotik technicians ;-)
by makkan
Fri Jan 13, 2012 5:46 pm
Forum: General
Topic: Cisco lan-to-lan IPSEC tunnel
Replies: 29
Views: 14320

Re: Cisco lan-to-lan IPSEC tunnel

Hi, To be concise - there is no good solution for this. Cisco does not follow the RFC for IPSEC and Mikrotik does. Therefore the Mikrotik will want to create a new SA everytime that the VPN lifetime is reached. The Cisco doesn't care about that and keeps using the old one - hence new tunnel cannot b...
by makkan
Wed Nov 23, 2011 8:25 pm
Forum: General
Topic: Cisco lan-to-lan IPSEC tunnel
Replies: 29
Views: 14320

Re: Cisco lan-to-lan IPSEC tunnel

Yesterday I checked the box "Generate Policy" and after that it was almost up for 24 hours!

Unfortunately the vpn died at 17:18 today and got back online at 17:30 when my scheduled flush ran.
Nothing in the logs as far as I can see, attached.
by makkan
Tue Nov 22, 2011 3:25 pm
Forum: General
Topic: Cisco lan-to-lan IPSEC tunnel
Replies: 29
Views: 14320

Cisco lan-to-lan IPSEC tunnel

Hi! I am having some issues with my VPN-tunnel and I have been searching the forum without finding anything usable. The tunnel works perfectly but 2-3, maybe 4-5 times a day sometimes, the tunnel is disconnected and it's not re-established until i have ran "/ip ipsec installed-sa flush sa-type=all"....
by makkan
Fri Apr 01, 2011 1:33 am
Forum: RouterBOARD hardware
Topic: Invalid microSD on RB450G
Replies: 9
Views: 4182

Re: Invalid microSD on RB450G

Just mark the card and hit format in winbox
by makkan
Fri Apr 01, 2011 1:27 am
Forum: The User Manager
Topic: User Manager Problems
Replies: 4
Views: 1223

Re: User Manager Problems

1st configure a radius server on mikrotik, then add it under /tools user-manager router. After this create a customer under /tools user-manager customer Then browse to the user-manager web interface and add users. The reason to why admin works is because it's not a radiilus account, it's a local hot...
by makkan
Tue Mar 22, 2011 6:30 pm
Forum: The User Manager
Topic: Mikrotik radius client behind nat
Replies: 8
Views: 3940

Re: Mikrotik radius client behind nat

I think you should start a new thread, but anyway, first describe your network and then try to express your problem further.
by makkan
Sat Mar 19, 2011 2:27 am
Forum: Beginner Basics
Topic: Disabled Radius Server
Replies: 1
Views: 452

Re: Disabled Radius Server

Are you sure that the IP isn't changing during this disconnect? E.g that you receive a new IP from a DHCP-server. In that case it seems reasonable that the radius server might be unavailable until the ARP-cache at the radius server has timed out
by makkan
Sat Mar 19, 2011 2:07 am
Forum: The User Manager
Topic: Mikrotik radius client behind nat
Replies: 8
Views: 3940

Re: Mikrotik radius client behind nat

By using my imagination and some awesome tricks, this was finally solved. NAS is now running fully functional behind NATed router.
by makkan
Sat Mar 19, 2011 2:02 am
Forum: Beginner Basics
Topic: Proxy on 450G slowing down WAN
Replies: 19
Views: 4636

Re: Proxy on 450G slowing down WAN

CobblinGoblin What happends if you do what I said in my previous post? Test 2: Place this NAT rule after the proxy NAT rule: chain=input, src address=local-net (e.g. 192.168.1.0/24), action=accept I have seen this rule + the one in my previous post to really slow down the INet. The one in my previou...
by makkan
Fri Mar 11, 2011 12:07 am
Forum: General
Topic: Moving config
Replies: 3
Views: 855

Re: Moving config

Thats a really long time until v6 :)
by makkan
Tue Mar 08, 2011 1:20 am
Forum: Beginner Basics
Topic: Proxy on 450G slowing down WAN
Replies: 19
Views: 4636

Re: Proxy on 450G slowing down WAN

Hi!

Can you Do this:
1. Run proxy at port 8080
2. Redirect tcp port 80 to8080 on your local interface.
3. Add this input filter rule in firewall:
In interface=local net interface, action=accept
4. Make speed test

It's just a funny bug that I found on some router os, can't remember which though.
by makkan
Fri Feb 18, 2011 1:05 am
Forum: General
Topic: Moving config
Replies: 3
Views: 855

Moving config

Hi, One thing that I am really missing is the possibility to move configs "out of the box". Meaning that I would want to save the config and then move it to another router without removing content or caring about the config structure. if I want to create multiple routers with the same config I first...
by makkan
Sat Nov 20, 2010 1:56 am
Forum: Wireless Networking
Topic: Redundant PoE Power
Replies: 17
Views: 3848

Re: Redundant PoE Power

By the way, if it is a 450G I know that it has a second power supply on the mainboard inside of the device so you can go all nuts and have 3 powersupplies!
by makkan
Sat Nov 20, 2010 12:59 am
Forum: RouterBOARD hardware
Topic: How to repair rb450 after storm
Replies: 1
Views: 1027

Re: How to repair rb450 after storm

Normal working temperature for Mikrotik could be up to 70-75C
by makkan
Sat Nov 20, 2010 12:56 am
Forum: The User Manager
Topic: UM user database - how any users on RB450G or RB800...
Replies: 1
Views: 1171

Re: UM user database - how any users on RB450G or RB800...

Regading the amount of users: http://wiki.mikrotik.com/wiki/Manual:License_levels

Regarding the size of CF disks I don't know. I have used micro-sd cards with 16GB without problems and I've had a friend who have used a 32GB micro-sd card without problems.
by makkan
Sat Nov 20, 2010 12:52 am
Forum: General
Topic: How to bypass voip blockage from ISP in Blocking Countries?
Replies: 1
Views: 471

Re: How to bypass voip blockage from ISP in Blocking Countri

You probably shouldn't encourage people to break the rules of their Internet contract in this forum.
by makkan
Sat Nov 20, 2010 12:50 am
Forum: General
Topic: Filter rule for traffic between local router applications
Replies: 11
Views: 1873

Re: Filter rule for traffic between local router application

/ip firewall filter add action=accept chain=input comment=\ "Allow Local Traffic Between Router Applications" disabled=no \ dst-address-type=local in-interface=ether2-local-master src-address-type=\ local action = what to do with the packets chain = can't really explain, but "input" is incomming pac...
by makkan
Sat Nov 20, 2010 12:39 am
Forum: RouterBOARD hardware
Topic: RB333 strange behavior!!
Replies: 3
Views: 835

Re: RB333 strange behavior!!

Use a null modem-cable to monitor the console during boot, then you will see what is wrong.
by makkan
Sat Nov 20, 2010 12:38 am
Forum: Beginner Basics
Topic: need firewall
Replies: 1
Views: 558

Re: need firewall

by makkan
Sat Nov 20, 2010 12:32 am
Forum: Wireless Networking
Topic: Redundant PoE Power
Replies: 17
Views: 3848

Re: Redundant PoE Power

Actually, if I'm not totally wrong, all UPS-devices are AC which is then "converted" to DC with a huge powerloss as a result :)
Edit: sorry for off topic!
by makkan
Sat Nov 20, 2010 12:30 am
Forum: General
Topic: problem enable web proxy
Replies: 1
Views: 514

Re: problem enable web proxy

Reboot the Mikrotik.
by makkan
Fri Nov 19, 2010 11:51 pm
Forum: The User Manager
Topic: Mikrotik radius client behind nat
Replies: 8
Views: 3940

Re: Mikrotik radius client behind nat

Well, Im not sure what I am doing wrong, but I have set online time per say to 30sec bit i can still browse for 2-3min or more. I were also Roos that the client will receive the time limit and disconnect the user. About the ip, the radius server receives 192.168.1.1 (MT local ip) and i also think th...
by makkan
Fri Nov 19, 2010 9:21 pm
Forum: The User Manager
Topic: Mikrotik radius client behind nat
Replies: 8
Views: 3940

Mikrotik radius client behind nat

Hi, I am facing a problem where I have a radius server and many mikrotik radius clients for hotspot. The problem is that these MT radius clients are behind a NAT translation so when they authenticate the radius server catches the local ip (nas-ip-address). Is there any way of solving this? For examp...
by makkan
Tue Oct 05, 2010 4:43 pm
Forum: The Dude
Topic: send remote commands
Replies: 4
Views: 3008

Re: send remote commands

Hi,

Thank you!
Sounds reasonable, but can e.g. the dude upload a file to multiple routers? :-)
by makkan
Tue Oct 05, 2010 4:28 pm
Forum: The Dude
Topic: send remote commands
Replies: 4
Views: 3008

send remote commands

Hi,

I am wondering if there is any way to send custom remote commands/scripts to the Mikrotik by using the dude (or smth else)?

For example, sometimes I would want to add a firewall rule to 5 of my Mikrotik routers and I would want to automate this. Is this possible?
by makkan
Thu Sep 23, 2010 12:45 am
Forum: The User Manager
Topic: How can I delete 90000 session in UM 4
Replies: 5
Views: 4263

Re: How can I delete 90000 session in UM 4

Make a script?

Make a while-loop that use "get" to retrieve the id and then use it to remove the post. Shouldn't be any problem.
by makkan
Wed Sep 15, 2010 1:02 am
Forum: General
Topic: RDP
Replies: 9
Views: 1322

Re: RDP

Question is still relevant: can you ping hosts on the other segment?
by makkan
Wed Sep 15, 2010 12:59 am
Forum: Beginner Basics
Topic: WEB PROXY TIMING ISSUES
Replies: 3
Views: 597

Re: WEB PROXY TIMING ISSUES

In winbox, go to system-> scheduler.
Schedule a script like: ip proxy access ..... To block the sites. I actually dont know the command in My head and i cant google it right now.
by makkan
Tue Sep 14, 2010 12:33 am
Forum: General
Topic: Internet stop working
Replies: 1
Views: 478

Re: Internet stop working

It is not a bandwidth issue, I have been running 15-20 users/interface with a 64kbit internet-connection and it is running just fine. Also, a 450 routerboard can easily handle 1gbit/s in bandwidth without any problems.
by makkan
Tue Sep 14, 2010 12:30 am
Forum: Beginner Basics
Topic: WEB PROXY TIMING ISSUES
Replies: 3
Views: 597

Re: WEB PROXY TIMING ISSUES

Run some scheduled scripts, one at 08:00am to block the sites and one at 05:00pm to unblock them.
by makkan
Mon Aug 30, 2010 10:13 pm
Forum: General
Topic: RDP
Replies: 9
Views: 1322

Re: RDP

You should do this in your firewall: RDP is using port 3389 <anything else that you want to permit, ICMP for example> Segment B ---RDP--> Segment A - Permit Segment A ---RDP--> Segment B - Permit established ANY ------> ANY Deny Established means that it will permit traffic where SRC is sending resp...
by makkan
Fri Aug 13, 2010 10:05 am
Forum: General
Topic: Netinstall on wine without being root
Replies: 6
Views: 7802

Re: Netinstall on wine without being root

how should it work if it can't bind to necessary ports? how can a apache-webserver work if it can't bind itself to port 80? so get yourself comfortable with sudo (which is tricky sometimes) and resolve the permission problems with chmod (which is ugly but works), if you have no possibility to reall...
by makkan
Sun Aug 01, 2010 9:05 pm
Forum: The User Manager
Topic: Newbie User Manager questions
Replies: 1
Views: 864

Re: Newbie User Manager questions

Hi, I can only give you some ideas regarding the backup. Since the router os support scripting, you should be able to do backup. First of all, you can export the user database with the export command.l or choose to backup the whole um with router settings etc. This is done by this command: tool user...
by makkan
Sun Aug 01, 2010 8:52 pm
Forum: The User Manager
Topic: Centralized UM and HotSpot
Replies: 1
Views: 1463

Re: Centralized UM and HotSpot

There shouldn't be any problems with that design. Are you sure you have done the nat and firewall rules correctly? Radius is using udp port 1812 and 1813. Edit: Sorry, you don't need incoming nat since you are on the same network. My bad! I also want you to consider what mikrotik license you got (on...
by makkan
Tue Jul 27, 2010 12:47 am
Forum: The User Manager
Topic: RESET MIKROTIK ROUTERBOARD 433AH
Replies: 2
Views: 20039

Re: RESET MIKROTIK ROUTERBOARD 433AH

I think that you can also reset the board to factory settings by opening up the box and putting a screwdriver between to metal pads at the top right, just next to the screw and power up the device. (The pads look like two beans facing each other like this: () :P ) Hold the screwdriver there for a mi...
by makkan
Tue Jul 27, 2010 12:44 am
Forum: The User Manager
Topic: Speed Limit In USERMan
Replies: 7
Views: 3618

Re: Speed Limit In USERMan

You can at least limit it per user in user manager, in web interface you find it under each user->rates, and in console you set the user variables rate-limit="rx/tx" E.g to limit a user to 100kbit download speed: /tool user-manager user add name="test" password="test" rate-limit="100k" E.g to limit ...