Community discussions

Search found 22 matches

by a.devecerski
Thu Dec 21, 2017 1:53 pm
Forum: General
Topic: Remote sites, dynamic addresses - VPN to HQ LAN
Replies: 7
Views: 361

Re: Remote sites, dynamic addresses - VPN to HQ LAN

Following Poizzons advice, using mainly „OpenVPN for Dummies“ 1 / 2 and MTs "Open VPN“ wiki I was able to configure HQ router as a VPN server and first (test) GSM router. Reading and searching various steps as I progressed, I was somewhat surprised to see limitations in MT’s Open VPN implementation ...
by a.devecerski
Wed Dec 20, 2017 8:43 am
Forum: General
Topic: Remote sites, dynamic addresses - VPN to HQ LAN
Replies: 7
Views: 361

Re: Remote sites, dynamic addresses - VPN to HQ LAN

Non-TCP: Not sure. Initial web page (after successful user authentication) starts proprietary plugin, which I'm pretty sure uses UDP as well.
OK, I'll try with OpenVPN.

Thanks Poizzon
by a.devecerski
Wed Dec 20, 2017 2:36 am
Forum: General
Topic: Remote sites, dynamic addresses - VPN to HQ LAN
Replies: 7
Views: 361

Re: Remote sites, dynamic addresses - VPN to HQ LAN

Sure. GRE? IPSec? GRE over IPSec? etc, etc I've been reading about various scenarios here on the Forum and haven't been able to find one close enough to my case. Some require static (or public/static) addresses at both ends, some do not support non-TCP traffic,... WAN IP addresses: - HQ LAN yes -> s...
by a.devecerski
Tue Dec 19, 2017 11:07 pm
Forum: General
Topic: Remote sites, dynamic addresses - VPN to HQ LAN
Replies: 7
Views: 361

Re: Remote sites, dynamic addresses - VPN to HQ LAN

In the picture above, enable LAN users (located on 192.168.0.0/21 network) to see web interface on remote units (192.168.123.10, 192.168.124.10,...), using GSM routers to provide Internet connectivity for remote sites.
by a.devecerski
Tue Dec 19, 2017 12:08 pm
Forum: General
Topic: Remote sites, dynamic addresses - VPN to HQ LAN
Replies: 7
Views: 361

Remote sites, dynamic addresses - VPN to HQ LAN

Hello everyone, I would like to ask you for your help I need to connect company LAN to several remote sites, as I tried to show in the picture. Every remote site contains one industrial unit, controlled via its own web server/interface. To access it by default, PC user logs on locally using web brow...
by a.devecerski
Mon Jun 19, 2017 10:41 am
Forum: General
Topic: Is it possible to identify proper incoming VPN connection(s)?
Replies: 2
Views: 213

Re: Is it possible to identify proper incoming VPN connection(s)?

A common example is, do you ever suspect you'll have a user in North Korea that needs to VPN in? No, not in North Korea, but as I sip through these IP addresses every once in a while, none of the attempts come from there. Literally none. Most of them are from US/China locations and i have people th...
by a.devecerski
Mon Jun 12, 2017 1:47 pm
Forum: General
Topic: Is it possible to identify proper incoming VPN connection(s)?
Replies: 2
Views: 213

Is it possible to identify proper incoming VPN connection(s)?

Hello everyone Is it possible to identify incoming VPN connection(s)? What I mean by that is, I have AD integrated VPN server (Win 2003 RRAS Server) behind the router. Router just forwards everything VPN related (PPTP & L2TP ie TCP:1723, gre, UDPs 1701, 500 and 4500, ipsec-esp and ipsec-ah) to RRAS ...
by a.devecerski
Sat Jun 03, 2017 11:41 am
Forum: General
Topic: Weird WAN interface unresponsiveness issue
Replies: 3
Views: 251

Re: Weird WAN interface unresponsiveness issue

Pukkita

Found Tomas' presentation "Bandwidth-based load-balancing with failover. The easy way."
Including rules in Router Marking WAN -> Router section seems to have done the job.
Thanks for pointing me in the right direction

Regards
by a.devecerski
Fri Jun 02, 2017 10:19 pm
Forum: General
Topic: Weird WAN interface unresponsiveness issue
Replies: 3
Views: 251

Re: Weird WAN interface unresponsiveness issue

Thanks pukkita. I'm aware of that, but I'll re-check my setup and see what Thomas has to say about this,

Thanks
by a.devecerski
Fri Jun 02, 2017 1:35 pm
Forum: General
Topic: Weird WAN interface unresponsiveness issue
Replies: 3
Views: 251

Weird WAN interface unresponsiveness issue

Not sure in which forum this would belong, so General it is. Hello everyone My situation: Mikrotik CCR 1016-12G, ROS 6.39.1, two WAN interfaces. First WAN is “plain vanilla“, static public IP. Second one has static IP also, but since ISP insists on traffic tagging, WAN has VLAN interface as well. /i...
by a.devecerski
Fri May 12, 2017 11:48 pm
Forum: General
Topic: Logging Specific Firewall Rule to Email
Replies: 4
Views: 3766

Re: Logging Specific Firewall Rule to Email

Hi everyone I'm using router to give some of my users Remote Desktop access to their office computers and was wondering if it could be possible to get, let's say daily/weekly, notifications of all the RD sessions. Searching the Forum I've stumbled upon above post (thanks dssmiktik ), which works but...
by a.devecerski
Mon May 08, 2017 2:45 pm
Forum: Beginner Basics
Topic: VPN L2TPi/PSEC to Win 2012 R2 RRAS
Replies: 9
Views: 2132

Re: VPN L2TPi/PSEC to Win 2012 R2 RRAS

...I've added all of the mentioned firewall/NAT rules (including those for ipsec protocols), then tried first without registry thing, then with registry key added. Even tried varying key value, 2 or 1. Nothing... As pretty much always, careful (re)reading helps :shock: MSKB mentioned earlier says "...
by a.devecerski
Sun May 07, 2017 1:04 pm
Forum: Beginner Basics
Topic: VPN L2TPi/PSEC to Win 2012 R2 RRAS
Replies: 9
Views: 2132

Re: VPN L2TPi/PSEC to Win 2012 R2 RRAS

You need to double-check that you are running a protocol and security level supported by Win Server 2003. Ultimately I would encourage you to not have a direct VPN in to your server. Ideally a user would VPN into your router and then access the server via the local IP. This allows you to more easil...
by a.devecerski
Sat May 06, 2017 3:46 pm
Forum: Beginner Basics
Topic: VPN L2TPi/PSEC to Win 2012 R2 RRAS
Replies: 9
Views: 2132

Re: VPN L2TPi/PSEC to Win 2012 R2 RRAS

Hi people I'm trying to make more or less the same setup described above work, but without success so far. The only difference is my RRAS server is Windows 2003 machine. Like with benjaminb's start situation PPTP over NAT is functional, no problem. I've added all of the mentioned firewall/NAT rules ...
by a.devecerski
Fri Oct 03, 2014 12:50 pm
Forum: General
Topic: v6.20 released!
Replies: 146
Views: 54431

Re: v6.20 released!

Winbox v2.x still works?
by a.devecerski
Mon Aug 04, 2014 9:04 am
Forum: General
Topic: v6.18
Replies: 109
Views: 26727

Re: v6.18

What's new in 6.18 (2014-Aug-01 10:47): ... *) ipsec - fix addition of default policy template; ... Slight changes from behavior reported in v6.17 ( http://forum.mikrotik.com//viewtopic.php?f=2&t=87135&start=50#p437763 ), multiple "ipsec, error" instead of "ipsec, warning, critical". No changes in ...
by a.devecerski
Mon Jul 21, 2014 1:43 pm
Forum: General
Topic: v6.16/v6.17
Replies: 187
Views: 43297

Re: v6.16/v6.17

The same thing shed reported little earlier ( http://forum.mikrotik.com//viewtopic.php?f=2&t=87135&view=unread&sid=fbfe07aa1fd1c79bbb3363105ed16b92&sid=6bd44d494802c70364ba5ac63010d57d#p437480 ) occuring on different HW. Any ideas why? MT.jpg Please clarify, what is wrong in your image? Multiple "i...
by a.devecerski
Mon Jul 21, 2014 12:57 pm
Forum: General
Topic: v6.16/v6.17
Replies: 187
Views: 43297

Re: v6.16/v6.17

The same thing shed reported little earlier (http://forum.mikrotik.com//viewtopic.ph ... ff#p437480) occuring on different HW.

Any ideas why?
MT.jpg
by a.devecerski
Tue Apr 15, 2014 3:55 pm
Forum: Beginner Basics
Topic: freedns.afraid.org Script
Replies: 34
Views: 22851

Re: freedns.afraid.org Script

This one works for me According to http://freedns.afraid.org/signup/moreinfo/ "...For users that want to host their site off their home dial-up connection / cable modem / DSL or equivalent, a special fetchable URL to auto-update the network address in FreeDNS is available in the 'Dynamic DNS' sectio...
by a.devecerski
Mon Mar 31, 2014 2:49 pm
Forum: General
Topic: DHCP over bridge
Replies: 0
Views: 953

DHCP over bridge

Hi all My setup, in short: CCR1016-12G, ROS 6.11, ports occupied by two WANs, 1 LAN, 2 WLANs and link to SIP phone system - ether1, WAN 1 - ether2, WAN 2 - ether8, SIP (192.168.4.0/24) - ether9, WLAN2 - Free (192.168.3.0/24) - ether10, WLAN1 - Encrypted, locked (192.168.2.0/24) - ether11, LAN (192.1...
by a.devecerski
Thu Jun 02, 2011 5:04 pm
Forum: General
Topic: Webfig skins (tutorial)
Replies: 100
Views: 84117

Re: Webfig skins (tutorial)

Is there a way to delete unnecessary skin?

Cheers
by a.devecerski
Thu Feb 16, 2006 1:00 am
Forum: General
Topic: MS RRAS and RouterOS 2.9, PPP client address problem
Replies: 2
Views: 813

MS RRAS and RouterOS 2.9, PPP client address problem

Hello everyone My problem: cannot get IP address allocation from MSs' Win2K AS RRAS to PPP client, through the router, (in order to make logon scripts work over VPN). Error message is "TCP/IP CP reported error 738: The server did not assign an address." - PPP (default-encription) profile setup witho...