Community discussions

MUM Europe 2020

Search found 52 matches

by GeniuZ
Wed Aug 08, 2018 10:38 am
Forum: General
Topic: Counter of new connections
Replies: 1
Views: 261

Counter of new connections

Hello. I like to monitor number of new connections per day per IP address and if some limit will be reached, I want add IP address to address list. I don't know how to do counter of new connections, probably I need some script, but I can't find any example. Thank you for help.
by GeniuZ
Mon Apr 10, 2017 10:20 am
Forum: General
Topic: Balancing between queues lines in tree
Replies: 0
Views: 230

Balancing between queues lines in tree

Hello. I have question about balancing between defined queues lines in tree. I use PCQ. Please see image, why there is no "PCQ Queues" number (in red boxes). If I have defined 13 uploads / 13 downloads queues, I assume there will be number up to 13. How to balance between defined queues in tree? So ...
by GeniuZ
Fri Sep 30, 2016 12:30 pm
Forum: General
Topic: Traffic shaping
Replies: 2
Views: 625

Re: Traffic shaping

Hi all, when one line of PCQ tree is under fully load, and I'm connected over second line of PCQ tree, my internet connection is slower, delayed etc. so it's not perfect balanced. What parameter can I adjust to get fluent connection on my tree line although another PCQ line is under heavy load? Than...
by GeniuZ
Mon Sep 19, 2016 12:13 pm
Forum: General
Topic: Traffic shaping
Replies: 2
Views: 625

Re: Traffic shaping

Hello, I did some experiments and I did some test setup for two networks (one is public IP address and second is public subnet, I want balance subnet as unit, not per IP in subnet). What I need is - IP vs whole subnet is fifty fifty balanced if both will use bandwidth. 1) Please can you verify if my...
by GeniuZ
Fri Sep 16, 2016 2:51 pm
Forum: General
Topic: Traffic shaping
Replies: 2
Views: 625

Traffic shaping

Hello. I need help with dynamic bandwidth setting. I have three networks and I need dynamic balance 3Mbit traffic between, if there is no load on network, 3Mbit can be granted to one network, but if there is more active networks, minimal bandwidth (fifty fifty) will be granted, so no one network can...
by GeniuZ
Wed Sep 03, 2014 4:32 pm
Forum: General
Topic: after update router, OVPN can't access router
Replies: 5
Views: 1246

Re: after update router, OVPN can't access router

The problem was solved after update from version 6.13 to version 6.19.
by GeniuZ
Mon Sep 01, 2014 1:30 pm
Forum: General
Topic: QuickSet
Replies: 6
Views: 2118

Re: QuickSet

OK means apply the config that Quickset is showing you
Of course, but Quickset not showig about changing interfaces. I only suggest improvements, because changing interfaces is not expected when OK is pressed.
by GeniuZ
Mon Sep 01, 2014 12:30 pm
Forum: General
Topic: QuickSet
Replies: 6
Views: 2118

Re: QuickSet

I have RB1100 configured. I use it several years, at weekend I upgraded from version 6.13 to 6.19. (Maybe same problem occurs also after upgrade, but I'm not sure.) What I'm sure, when I use Quick Set, interfaces will changes.
by GeniuZ
Mon Sep 01, 2014 10:31 am
Forum: General
Topic: QuickSet
Replies: 6
Views: 2118

QuickSet

First time I used function "Quick Set". When I pressed OK, my interfaces for Internet and for Local network was changed. I not known about it. My router was stopped work and it takes time to find what was problem. My suggestion for Quick Set is: 1) not change defined interfaces when same address/net...
by GeniuZ
Thu May 29, 2014 4:09 pm
Forum: General
Topic: after update router, OVPN can't access router
Replies: 5
Views: 1246

Re: after update router, OVPN can't access router

Thank you for reply. Maybe it was not caused by update, I'm not sure. I tried create another OVPN lan, but still not able access router. I tried log on firewall and I see ping between two computers over VPN is as FORWARD, and ping between VPN computer and router is as INPUT/OUTPUT, can it be cause? ...
by GeniuZ
Thu May 29, 2014 11:59 am
Forum: General
Topic: after update router, OVPN can't access router
Replies: 5
Views: 1246

after update router, OVPN can't access router

Hello. I updated router OS from version 5.0 to latest 6.13. After this, I can't access another LANs and router/gateway, but I can access computer on same network. I'm not network expert, so it is possible I have something wrong configured, but before update was functional. Example: Router LAN1: 192....
by GeniuZ
Wed Oct 26, 2011 5:38 pm
Forum: Beginner Basics
Topic: PCQ problem with unstable connections and packet drops
Replies: 0
Views: 709

PCQ problem with unstable connections and packet drops

Hello all. Wifi company does PCQ setting for our MikroTik router. But with the setting connections are unstable (interrupted downloads, webpages are not loaded completly, etc.) and there are lot of dropped packets in queue statistic (I think this is reason for interrupted connections?). Please can a...
by GeniuZ
Sun May 22, 2011 1:02 pm
Forum: General
Topic: Access router over mac address over another mikrotik
Replies: 4
Views: 920

Re: Access router over mac address over another mikrotik

And can I do any NAT so devices looks like in one domain?
by GeniuZ
Fri May 20, 2011 8:58 am
Forum: General
Topic: Access router over mac address over another mikrotik
Replies: 4
Views: 920

Access router over mac address over another mikrotik

Hello, how can I forward mac address packets from one lan to another? me ---------- ether1-mikrotikA-ether2 ------------ mikrotikB I want access mikrotik B over mac address, is it possible? Actively immediate timeout is returned when I try it: could not connect to "MAC ADDRESS" (port 20561) - timeou...
by GeniuZ
Fri Jan 14, 2011 2:01 pm
Forum: Beginner Basics
Topic: Switch and balancing
Replies: 0
Views: 283

Switch and balancing

Hello. I have ISP on port13 and setting route 0.0.0.0 to gateway ie. 1.1.1.1 I have my local subnet 192.168.1.0/24 on port1 NATed to public IP 1.1.1.2. Now, I have second gateway ie 2.2.2.2 accessible on port13 too. I want use port12 as switch to port13 (I want do accessible gateway 2.2.2.2 for what...
by GeniuZ
Mon Dec 27, 2010 3:54 pm
Forum: General
Topic: 5.0rc5 unreachable gateway
Replies: 2
Views: 766

Re: 5.0rc5 unreachable gateway

And gateway is reachable? Here is my ip address configuration. /ip address add address=xx.xx.xx.51/28 broadcast=xx.xx.xx.63 interface=ether13 network=xx.xx.xx.48 add address=192.168.8.1/24 broadcast=192.168.8.255 interface=ether8 network=192.168.8.0 add address=192.168.3.1/24 broadcast=192.168.3.255...
by GeniuZ
Sat Dec 25, 2010 9:33 pm
Forum: General
Topic: 5.0rc5 unreachable gateway
Replies: 2
Views: 766

5.0rc5 unreachable gateway

Hello. I upgraded from two RB750s to one RB1100. I installed latest stable 4.16 but I have problems with freezes. So I installed 5RC5, all is now functional. I have 13 public IP addresses, so they are assigned to one port connected to ISP gateway (concretely port 13). Network is x.x.x.48/28 and x.x....
by GeniuZ
Sat Sep 18, 2010 8:27 pm
Forum: Beginner Basics
Topic: Dynamic records in NAT
Replies: 6
Views: 691

Re: Dynamic records in NAT

Ok, I'm not aware I do enable it, but I do too much test settings so it's possible... Thank you.
by GeniuZ
Sat Sep 18, 2010 8:06 pm
Forum: Beginner Basics
Topic: Dynamic records in NAT
Replies: 6
Views: 691

Re: Dynamic records in NAT

Thank you for explanation Fewi!
It's interesting feature, but it's crazy that it's enabled in default configuration :)
by GeniuZ
Sat Sep 18, 2010 7:43 pm
Forum: Beginner Basics
Topic: Dynamic records in NAT
Replies: 6
Views: 691

Re: Dynamic records in NAT

Please see picture, I don't understand, why white background lines appears.
More "dst address" is .51 but "to address" is not 192.168.1.x.
And these lines are still there so long as I delete its.
by GeniuZ
Sat Sep 18, 2010 12:10 pm
Forum: Beginner Basics
Topic: Dynamic records in NAT
Replies: 6
Views: 691

Dynamic records in NAT

Hello. In "ip firewall nat" table appears dynamic dstnats from LAN1 public IP address to anothers LANs IP address. This lines remains in table but I can't see its in "print" command. How these lines grows up and why remains there? /ip firewall nat add action=src-nat chain=srcnat comment="NAT1" disab...
by GeniuZ
Tue Sep 14, 2010 9:30 pm
Forum: Beginner Basics
Topic: OpenVPN can't ping gateway
Replies: 2
Views: 1958

Re: OpenVPN can't ping gateway

Not bridged VPN is functional, so I used it. Becouse version 4.10 is not functional completly, I think there can be any problem with bridged setting in version 4.11.
by GeniuZ
Tue Sep 14, 2010 12:11 am
Forum: Beginner Basics
Topic: L2TP insany
Replies: 5
Views: 1744

Re: L2TP insany

I solved this, I used OpenVPN... ;-)
by GeniuZ
Tue Sep 14, 2010 12:02 am
Forum: Beginner Basics
Topic: Guaranteed speed
Replies: 9
Views: 1054

Re: Guaranteed speed

I means computers on same subnet. So I don't have to add this rule. (I check it :) ) Does anybody knows any win sw for testing traffic?
by GeniuZ
Mon Sep 13, 2010 11:49 pm
Forum: Beginner Basics
Topic: Guaranteed speed
Replies: 9
Views: 1054

Re: Guaranteed speed

Fewi thank you for correct my mistakes, I will try do traffic tests with these settings.
I add to prerouting and postrouting rules opposite (dst<->src) same (LAN) subnet with exiclamation mark,
becouse I don't want limit local traffic in subnet, only internet traffic, is it right?
by GeniuZ
Mon Sep 13, 2010 11:24 pm
Forum: Beginner Basics
Topic: Guaranteed speed
Replies: 9
Views: 1054

Re: Guaranteed speed

Thank you for help. In queue there is upload/download in one setting, can I use it together? I have limit 5M guaranteed from my ISP, but sometimes limit is bigger. When I use 5M I probably not use some overlimit, can I add unlimited max-limit to one of subnets? I set passthrough to no, is it correct...
by GeniuZ
Mon Sep 13, 2010 10:37 pm
Forum: Beginner Basics
Topic: Guaranteed speed
Replies: 9
Views: 1054

Re: Guaranteed speed

Thank you kazanova. There is only first example, second and third is missing. I think I need second one: "Certain Bandwidth Equal Distribution between Users". In first example, rule is applied for all computers in one subnet. How can I apply it on different subnets. Can I apply it on nated public ad...
by GeniuZ
Mon Sep 13, 2010 5:00 pm
Forum: Beginner Basics
Topic: Guaranteed speed
Replies: 9
Views: 1054

Guaranteed speed

Hello. I have 5 LAN subnets, every subnet is NATed to public address. I want guarantee every subnet 1Mbit/s from 5Mbit/s speed (exactly 1/5 of max. speed), but when line is not fully used, I want give possibility using of full line to active subnets. So for example when two LANs are active, I want g...
by GeniuZ
Sun Sep 12, 2010 10:51 am
Forum: Beginner Basics
Topic: OpenVPN can't ping gateway
Replies: 2
Views: 1958

Re: OpenVPN can't ping gateway

I found port on bridge status is inactive, can this be problem why can't ping to bridge ip address? This port is created dynamically and client is connected. /interface bridge port print Flags: X - disabled, I - inactive, D - dynamic # INTERFACE BRIDGE PRIORITY PATH-COST HORIZON 0 ID <ovpn-jakub> ov...
by GeniuZ
Sun Sep 12, 2010 12:15 am
Forum: Beginner Basics
Topic: OpenVPN can't ping gateway
Replies: 2
Views: 1958

OpenVPN can't ping gateway

I configured bridged vpn as wiki says, but I can't ping anywhere only myself. Primary, I can't ping to bridge gateway (ip address on bridge interface), what can be wrong? Thank you for help. Some my first configuration experience with OpenVPN may be useful for someone else: Can't established connect...
by GeniuZ
Thu Sep 09, 2010 10:39 pm
Forum: Beginner Basics
Topic: L2TP insany
Replies: 5
Views: 1744

Re: L2TP insany

I found this on Microsoft site: If one of the following symptoms occurs, IPSec is not causing the problem: The Audit log shows successful main mode SA establish and successful quick mode SA establish. The network capture trace shows ESP traffic originating from the client or server. Ipsecmon.exe sho...
by GeniuZ
Thu Sep 09, 2010 10:22 pm
Forum: Beginner Basics
Topic: L2TP insany
Replies: 5
Views: 1744

Re: L2TP insany

Nobody have any idea? Any direction for next experiments? I checked Vista today and same situation.
by GeniuZ
Wed Sep 08, 2010 11:17 pm
Forum: Beginner Basics
Topic: L2TP insany
Replies: 5
Views: 1744

L2TP insany

Hello all, I'm not able create connection from Windows 7. I think there is any problem with Windows configuration? I assigned 3DES policy and prohibitipsec registry set to 1. 22:04:37 ipsec IPSEC: respond new phase 1 negotiation: x.x.x.61[500]<=>x.x.x.51[500] 22:04:37 ipsec IPSEC: begin Identity Pro...
by GeniuZ
Wed Sep 08, 2010 4:03 pm
Forum: General
Topic: modp2048 in ipsec
Replies: 2
Views: 1129

modp2048 in ipsec

Will be modp2048 in ipsec possible?
by GeniuZ
Tue Sep 07, 2010 3:55 pm
Forum: Beginner Basics
Topic: dstnat problem
Replies: 18
Views: 1947

Re: dstnat problem

Fewi you are right, this works without additional configuration. Thank you for help.
by GeniuZ
Mon Sep 06, 2010 11:26 pm
Forum: Beginner Basics
Topic: dstnat problem
Replies: 18
Views: 1947

Re: dstnat problem

Hm, I have one more probably problematic question. When I have two subnets 192.168.1.0/24 and 192.168.2.0/24 Every subnet has NATed public address 10.0.0.1 and 10.0.0.2 and dstnated port 80 to any LAN computer. With new rule, I'm able access 10.0.0.1 from 192.168.1.0/24 and access 10.0.0.2 from 192....
by GeniuZ
Mon Sep 06, 2010 11:15 pm
Forum: Beginner Basics
Topic: dstnat problem
Replies: 18
Views: 1947

Re: dstnat problem

Fewi you are King, thank you, it works! I don't exactly understand what you mean: "You will lose the ability to track inside users by IP on the web server. " In Apache log is gateway 192.168.1.1 record, but it is access of public address from NATed LAN, so I think this is ok becouse subnet is NATed ...
by GeniuZ
Mon Sep 06, 2010 10:48 pm
Forum: Beginner Basics
Topic: dstnat problem
Replies: 18
Views: 1947

Re: dstnat problem

> And just to verify, you are testing from outside the network and not from behind the router?

This is problem on real configuration. But I need access public IPs from internal site too.
Please how can I change config to this can work? Thank you.
by GeniuZ
Mon Sep 06, 2010 9:59 pm
Forum: Beginner Basics
Topic: dstnat problem
Replies: 18
Views: 1947

Re: dstnat problem

Guys it works, I have on Apache server firewall on .
So I must have any bad configuration in full configuration :-(
by GeniuZ
Mon Sep 06, 2010 9:49 pm
Forum: Beginner Basics
Topic: dstnat problem
Replies: 18
Views: 1947

Re: dstnat problem

These host can't talk normally, apache is on private site and ether1 is public site. Only port 80 can be opened from public site to Apache. Apache server ip is 192.168.2.44, mask 255.255.255.0, gateway 192.168.2.1. Thank you guys.
by GeniuZ
Mon Sep 06, 2010 9:35 pm
Forum: Beginner Basics
Topic: dstnat problem
Replies: 18
Views: 1947

Re: dstnat problem

I made a reset of Mikrotik, I deleted filters and addresses and set up this: add address=192.168.2.1/24 broadcast=192.168.2.255 interface=ether2 network=192.168.2.0 add address=10.0.0.51/28 broadcast=10.0.0.63 interface=ether1 network=10.0.0.48 add action=dst-nat chain=dstnat dst-address=10.0.0.51 d...
by GeniuZ
Mon Sep 06, 2010 5:32 pm
Forum: Beginner Basics
Topic: dstnat problem
Replies: 18
Views: 1947

dstnat problem

Hello all, I can't do functional dstnat and I don't know why. I do dstnat for public ip address, port 80, to access pc from LAN. ether1 - public ip - 100.0.0.50 ether2 - subnet 192.168.1.0/24, ip 192.168.1.1, nat to public ip pc with web in ether2 - 192.168.1.66 I need dst nat from 100.0.0.50:80 to ...
by GeniuZ
Sun Sep 05, 2010 1:51 pm
Forum: Beginner Basics
Topic: how to separate subnets?
Replies: 6
Views: 984

Re: how to separate subnets?

For separate IP2 from LAN1 this filter is functional for me: /add action=accept chain=input src-address=192.168.1.0/24 dst-address=192.168.1.0/24 /add action=drop chain=input src-address=192.168.1.0/24 dst-address=192.168.0.0/16 This separate all access to 192.168.X.X addresses except 192.168.1.0/24...
by GeniuZ
Sun Sep 05, 2010 10:42 am
Forum: Beginner Basics
Topic: how to separate subnets?
Replies: 6
Views: 984

Re: how to separate subnets?

I have no special setting, I only added ip addresses to interfaces. /add address=192.168.1.1/24 broadcast=192.168.1.255 network=192.168.1.0 interface=ether1 /add address=192.168.2.1/24 broadcast=192.168.2.255 network=192.168.2.0 interface=ether2 I found over logging that access to LAN IP addresses w...
by GeniuZ
Sat Sep 04, 2010 7:42 pm
Forum: Beginner Basics
Topic: how to separate subnets?
Replies: 6
Views: 984

Re: how to separate subnets?

Hello, I have this situation: ether1 - LAN1 (IP1 in addresses) ether2 - LAN2 (IP2 in addresses) ether3 - PUB1, PUB2 (2x public IPs in addresses) NAT - LAN1 to PUB1, LAN2 to PUB2 I need separate traffic between LAN1 and LAN2 but not separate traffic between PUB1 and PUB2. How can I do it. I check thi...
by GeniuZ
Sat Sep 04, 2010 6:45 pm
Forum: General
Topic: VLAN trunk / tagged port problem
Replies: 5
Views: 2313

Re: VLAN trunk / tagged port problem

Thank you for reply. Untagged configuration is functional. But what I need is tagged configuration, becouse I have limited router ports now (RB1100 will be available too late, I'm still waiting on it), so I need combine more VLANs in switch and use one trunked connection for send it to the router. I...
by GeniuZ
Sat Sep 04, 2010 5:49 pm
Forum: General
Topic: VLAN trunk / tagged port problem
Replies: 5
Views: 2313

VLAN trunk / tagged port problem

Hello all. I have problem with VLAN connected to router over one trunked port on switch (hp v1910 originally 3com 2928-SFP). HP notebook is working properly when connected to tagged port. Dell notebook timeouts on some connections and is not able acces switch and router management console, but pings...
by GeniuZ
Sat Sep 04, 2010 1:41 am
Forum: General
Topic: Subnet of public addresses, NAT, VLAN
Replies: 8
Views: 1245

Re: Subnet of public addresses, NAT, VLAN

I agree, I'm doing setting now, it's very impressive work. After it will be done, I put script here and hope for someone check it / correct it, maybe this will be easy fast work checkt the code for any specialist. I hoped for some ideas what can help me with this now becouse this is hard work for ne...
by GeniuZ
Fri Sep 03, 2010 7:47 pm
Forum: General
Topic: Subnet of public addresses, NAT, VLAN
Replies: 8
Views: 1245

Re: Subnet of public addresses, NAT, VLAN

Fewi, thank you, I think I'm able do all settings with manual and google and with experiment-error method and I do it, I'm now on half way and I'm waiting for todays switch delivery for VLAN testing (I know what VLAN means only two days). When you do whatever first time and you are not professional ...
by GeniuZ
Fri Sep 03, 2010 6:09 pm
Forum: General
Topic: Subnet of public addresses, NAT, VLAN
Replies: 8
Views: 1245

Re: Subnet of public addresses, NAT, VLAN

Thank you fewi for care, I test this settings today.
Please can you help me with DNS too, I forgot it.
DNS is from another subnet, for example DNS IP will be 100.100.0.1
Need I set any rules for DNS?
And what about gateway, need I set any gateway?
by GeniuZ
Fri Sep 03, 2010 5:44 pm
Forum: General
Topic: Subnet of public addresses, NAT, VLAN
Replies: 8
Views: 1245

Re: Subnet of public addresses, NAT, VLAN

Fewi, thank you for explain the basic settings. What about VLAN implementation? I think some /interface vlan setting is missing...
by GeniuZ
Fri Sep 03, 2010 12:46 am
Forum: General
Topic: Subnet of public addresses, NAT, VLAN
Replies: 8
Views: 1245

Subnet of public addresses, NAT, VLAN

Hello all, I need help with MikroTik setting. I found lot of examples on Internet, but not little more complex one. I hope this example can help useful for more people. Please see attached illustration for quick access. If someone can be so willing and explains complete setting script for this examp...