Community discussions

Search found 116 matches

by Stril
Mon Aug 19, 2019 12:46 am
Forum: RouterBOARD hardware
Topic: Mikrotik Switch - 48 Port
Replies: 11
Views: 4956

Re: Mikrotik Switch - 48 Port

Hi!

Any news about that?
A 48 Port Switch would be a big step forward for universal usage of mikrotik switches...

Stril
by Stril
Wed Jun 26, 2019 10:53 am
Forum: Wireless Networking
Topic: LHG 60G experience
Replies: 547
Views: 63732

Re: LHG 60G experience

Hi! Did you find any possiblity to get valid RSSI-values? I see fluctuation over the first 5 minutes. After that, RSSI is unchanged for weeks - no matter, if there is heavy rain. On thunderstorms, sometimes the RSSI dropped and did not get back to the "real" value without dropping the link manually ...
by Stril
Wed Jun 26, 2019 10:51 am
Forum: Wireless Networking
Topic: LHG 60G experience
Replies: 547
Views: 63732

Re: LHG 60G experience

Hi! Did you find any possiblity to get valid RSSI-values? I see fluctuation over the first 5 minutes. After that, RSSI is unchanged for weeks - no matter, if there is heavy rain. On thunderstorms, sometimes the RSSI dropped and did not get back to the "real" value without dropping the link manually ...
by Stril
Mon May 06, 2019 9:55 am
Forum: Wireless Networking
Topic: LHG 60G experience
Replies: 547
Views: 63732

Re: LHG 60G experience

Hi! I have a strange problem: - 2x LHG 60G link, 395m - RSSI stable at -50 to -52 dB, Signal-Quality 80-95 Next to the LHG on one side, there is a large (3x3x3m), rotating advertisement-cube When the rotation of the cube is off, the link is 100% stable. When I start the rotation, the MCS drops down ...
by Stril
Mon May 06, 2019 9:23 am
Forum: Wireless Networking
Topic: LHG 60G experience
Replies: 547
Views: 63732

Re: LHG 60G experience

Hi!

Did anybody of you have long-term-experience with any "weather-cover"?
Which ones did work fine for you?

Thank you for your thoughts
by Stril
Fri Mar 22, 2019 9:22 am
Forum: Wireless Networking
Topic: LHG 60G experience
Replies: 547
Views: 63732

Re: LHG 60G experience

Can you give me a hint on how to transfer ALL vlans through a LHG-Link? Do I have to configure the VLANs, or is it enough to leave "VLAN Filtering" disabled on the bridge?
Yes. Do a plain bridge and do no tagging then all packets go through.
Thank you!
This is working perfectly.
by Stril
Thu Mar 21, 2019 2:15 pm
Forum: Wireless Networking
Topic: LHG 60G experience
Replies: 547
Views: 63732

Re: LHG 60G experience

Hi!

Can you give me a hint on how to transfer ALL vlans through a LHG-Link? Do I have to configure the VLANs, or is it enough to leave "VLAN Filtering" disabled on the bridge?

Thank you for your help!
by Stril
Sun Mar 17, 2019 7:49 pm
Forum: Wireless Networking
Topic: LHG 60G experience
Replies: 547
Views: 63732

Re: LHG 60G experience

Prior to thinking, these products will be better than the LHGs, just read the UB-forums and search for FCS-errors and corrupted packets...

Just added an LHG to take over the traffic of an AirFiber...
by Stril
Mon Jan 28, 2019 11:41 am
Forum: General
Topic: ERRO: wrong username or password
Replies: 11
Views: 10681

Re: ERRO: wrong username or password

Hi!

Did you find a solution for this?
I just updated one device and now: wrong username or password

Device is on "empty" password!!

Telnet is working, but winbox is not...

Regards
Stril
by Stril
Fri Jan 18, 2019 9:08 am
Forum: Wireless Networking
Topic: LHG 60G experience
Replies: 547
Views: 63732

Re: LHG 60G experience

Hi! There are just too many variables and modifying the hardware makes it any harder... I have a 400m link. With lower frequencies, RSSI ist better than with high frequencies, BUT: MCS is unstable! 58GHz: RSSI=48, MCS is going up and down (on stable weather conditions) 64GHZ: RSSI=54, MCS stable on ...
by Stril
Thu Jan 17, 2019 3:33 pm
Forum: Wireless Networking
Topic: LHG 60G experience
Replies: 547
Views: 63732

Re: LHG 60G experience

Mikrotik has such a GREAT product with the LHG60G, but details are just too "cheap".

A "LHG-60G-PRO" with weather-proof, professional layout and better align-feature would open the doors to new customers for mikrotik. For short links, LHG-60G-PRO could be as good or better than UBNT AirFiber, etc.
by Stril
Thu Jan 17, 2019 9:09 am
Forum: Wireless Networking
Topic: LHG 60G experience
Replies: 547
Views: 63732

Re: LHG 60G experience

Update for ALU vs LHG dish:

The ALU dish has a strange behaviour: RSSI is good, Signal ist good, but MCS is unstable!

With LHG-dish, i see a stable MCS of 8 (PHY Rate: 2.3 Gbps). With the upgrade-kit, MCS goes up and down from 4 to 8.

Do you have any other idea, to make the LHG "snow-proof"?
by Stril
Wed Jan 16, 2019 5:09 pm
Forum: Wireless Networking
Topic: LHG 60G experience
Replies: 547
Views: 63732

Re: LHG 60G experience

Hi! I just installed the Alu-dish+ABS-cover (that DJVolt offers) on one side of my LHG-Link. RSSI seems to be a bit lower with Alu than with LHG-dish (+3dB) on my first test /interface w60g monitor 0 connected: yes frequency: 64800 remote-address: 24:18:1D:63:62:56 tx-mcs: 8 tx-phy-rate: 2.3Gbps sig...
by Stril
Wed Jan 16, 2019 12:22 am
Forum: Wireless Networking
Topic: LHG 60G experience
Replies: 547
Views: 63732

Re: LHG 60G experience

Aligning with BTest is a very bad idea for a short link in my opinion. Bad aligned means: Gigabit on good weather, lower bandwidth on heavy rain. Good alignment means: Always Gigabit --> You want gigabit on all conditions. What I do: - Align "by sight" both sites (should be easy for 200m) - Optimize...
by Stril
Tue Jan 15, 2019 1:17 am
Forum: Wireless Networking
Topic: LHG 60G experience
Replies: 547
Views: 63732

Re: LHG 60G experience

.... But RSSI is the only way to determine the signal margin for bad weather. Right?

I cannot install the link while there is heavy rain and snow.

Did anybody else see smaller RSSIs with Alu dishes?
by Stril
Wed Jan 09, 2019 1:11 am
Forum: Wireless Networking
Topic: LHG 60G experience
Replies: 547
Views: 63732

Re: LHG 60G experience

Hi!

Why do you use the feeder, now?
Your first setup was: LHG with alu dish AND cover. What's the advantage of the feeder?
by Stril
Sat Dec 08, 2018 7:03 pm
Forum: Wireless Networking
Topic: wAP 60G experience
Replies: 289
Views: 40366

Re: wAP 60G experience

Some photo of project that is still modified :) Looks great! It would be perfect to have a fair real life comparison of your devices like: xxx meters, rainy day, perfect aligned systems, rssi and phys rate with: - LHG60G - LHG60G with alu dish - LHG60G with alu dish and abs cover - Custom 60G on WA...
by Stril
Mon Dec 03, 2018 9:23 am
Forum: Wireless Networking
Topic: LHG 60G experience
Replies: 547
Views: 63732

Re: LHG 60G experience

Hi!

Do you see ANY updates on RSSI, when the link is running?
I had much fluctuation within the first 5 minutes, but then, I do not see ANY change - no matter if it's dry or wet.
by Stril
Wed Nov 28, 2018 6:42 pm
Forum: Announcements
Topic: v6.44beta [testing] is released!
Replies: 365
Views: 83903

Re: v6.44beta [testing] is released!


*) winbox - show "W60G" wireless tab on wAP 60G AP;
Hi!

That problem still exists with 6.44beta40
w60g monitoring is still only valid on CLI. GUI shows empty values.
by Stril
Tue Nov 27, 2018 9:11 pm
Forum: Wireless Networking
Topic: LHG 60G experience
Replies: 547
Views: 63732

Re: LHG 60G experience

Hi!

Can you tell me, what kind of grounding you are using with the LHG60?

Option 1:
Use shielded patch-cable and a surge-protector like the UBNT ETH-SP-G2 to ground the patch-cord.

Option 2:
Add second cable to the antenna with grounding-cable

Option 3:
Option 1+2

Thank you for your hint!
by Stril
Tue Nov 27, 2018 9:57 am
Forum: Wireless Networking
Topic: LHG 60G experience
Replies: 547
Views: 63732

Re: LHG 60G experience

Hi! Aligning is a real pain compared to other 60G-devices... I was using two Bridgewave-Links which could be aligned with a multimeter - easy process. The LHG 60G are crazy: - Without alignment-mode: It takes 5 minutes! until the signal gets stabilized! RSSI dances up and down within the first 300s....
by Stril
Sun Nov 25, 2018 1:07 am
Forum: Announcements
Topic: v6.44beta [testing] is released!
Replies: 365
Views: 83903

Re: v6.44beta [testing] is released!

using a w60G and beta28 im not getting any information on the interface page eg Frequency 64800 Remote MAC Signal MCS PHY Rate RSSI TX Sector TX Sector Info RX Sector Distance All blank, and the quickset page is showing 0 for signal and MCS Kingsley I can confirm this on LHG60
by Stril
Sat Nov 24, 2018 8:30 pm
Forum: Wireless Networking
Topic: LHG 60G experience
Replies: 547
Views: 63732

Re: LHG 60G experience

Another record! Master side: connected: yes frequency: 66000 remote-address: 04:D6:AA:XX:XX:XX tx-mcs: 4 tx-phy-rate: 1155.0Mbps signal: 50 rssi: -62 tx-sector: 58 tx-sector-info: left 0.6 degrees, up 1.4 degrees distance: 4332.52m tx-packet-error-rate: 0% Slave side: connected: yes frequency: 6600...
by Stril
Sat Nov 24, 2018 4:39 pm
Forum: Wireless Networking
Topic: LHG 60G experience
Replies: 547
Views: 63732

Re: LHG 60G experience

Hi! But do you have any idea, why the phys-rate is not stable although RSSI is good? It is best at 64800 MHz, but not perfect stable at 2.3 Gbps. At lower frequencies, RSSI is still at -50, but phys-rate drops sometimes to 386 Mbps Do you run Data over the link when you see this? I tried it with an...
by Stril
Sat Nov 24, 2018 11:01 am
Forum: Wireless Networking
Topic: LHG 60G experience
Replies: 547
Views: 63732

Re: LHG 60G experience

Hi!

But do you have any idea, why the phys-rate is not stable although RSSI is good?

It is best at 64800 MHz, but not perfect stable at 2.3 Gbps.
At lower frequencies, RSSI is still at -50, but phys-rate drops sometimes to 386 Mbps
by Stril
Sat Nov 24, 2018 9:07 am
Forum: Wireless Networking
Topic: LHG 60G experience
Replies: 547
Views: 63732

Re: LHG 60G experience

With the dish (LHG60G)? Should probably be around -30/-35. At 400m, it should be around -45 and at 1km, -55 (with channel 4). With channel 1, it's probably going to drop to -55 for 400m and -65 for 1km. I found that post and thought, -50db is not good for 400m... If -50db is o.k.: Do you have any i...
by Stril
Fri Nov 23, 2018 6:05 pm
Forum: Wireless Networking
Topic: LHG 60G experience
Replies: 547
Views: 63732

Re: LHG 60G experience

Try to use this http://www.cdr.pl/p6418,uchwyt-precyzyjny-wireless-wire-dish-rblhgg-60adkit.html to align with better rssi Hi! I am already using this kit on both sides, but its really strange: I can see a wide window, where RSSI is about -50db! I just cannot get more than -40 to -50 - no matter if...
by Stril
Fri Nov 23, 2018 4:27 pm
Forum: Wireless Networking
Topic: LHG 60G experience
Replies: 547
Views: 63732

Re: LHG 60G experience

Hi! Today, I tried to install my first LHG 60G - with not so much success... 399m, perfect LOS. No rain. RSSI is only -48 NO MATTER, if it is really centered or no, NO matter which frequency. I could not get more than -48. BUT: rx-phy-rate is changing all the time from 2.3 Gbps to lower values to "c...
by Stril
Fri Nov 09, 2018 11:50 am
Forum: Wireless Networking
Topic: LHG 60G experience
Replies: 547
Views: 63732

Re: LHG 60G experience

Maybe with the precision kit the alignment tool works well

http://www.cdr.pl/p6418,uchwyt-precyzyj ... adkit.html
Hi!

My precision kit just arrived, but CAUTION: it's not a kit! It's only for one side of the link!!
by Stril
Fri Nov 09, 2018 11:23 am
Forum: Wireless Networking
Topic: LHG 60G experience
Replies: 547
Views: 63732

Re: LHG 60G experience

https://www.aliexpress.com/item/10000m-532-nm-Green-Laser-Sight-Lasers-Pointer-Powerful-device-Adjustable-Focus-Lazer-with-laser-303/32921666322.html?spm=2114.search0104.3.26.496e440aBzECTb&ws_ab_test=searchweb0_0,searchweb201602_2_10065_10068_319_317_10696_5728811_10084_453_454_10083_10618_10307_1...
by Stril
Wed Nov 07, 2018 6:36 pm
Forum: General
Topic: Bandwidth test can't connect outside local subnet
Replies: 4
Views: 1074

Re: Bandwidth test can't connect outside local subnet

Hi!

I cannot help you, but I have the same problem...
Did you find a solution?
by Stril
Fri Nov 02, 2018 4:20 pm
Forum: General
Topic: Winbox-Traffic - 200kbit/s
Replies: 14
Views: 962

Re: Winbox-Traffic - 200kbit/s

Hi!

It would be great to be able to configure the refresh rate to lower that bandwidth consumption...
by Stril
Fri Nov 02, 2018 4:09 pm
Forum: General
Topic: Winbox-Traffic - 200kbit/s
Replies: 14
Views: 962

Re: Winbox-Traffic - 200kbit/s

Hi!

Thats strange... I am connecting to the IP of the CRS.
I just checked my Firewall-connection-list....

If I just connect to the CRS, it consumes only a few kbps (14,4)
If I only open the interface-list, it goes up to 260 kbps

--> The problem seems to be the Interface List.

Can you confirm this?
by Stril
Fri Nov 02, 2018 12:50 pm
Forum: General
Topic: Winbox-Traffic - 200kbit/s
Replies: 14
Views: 962

Re: Winbox-Traffic - 200kbit/s

Hi!

Absolutely.
I checked it twice
by Stril
Fri Nov 02, 2018 12:09 pm
Forum: General
Topic: Winbox-Traffic - 200kbit/s
Replies: 14
Views: 962

Re: Winbox-Traffic - 200kbit/s

Hi!

I see constantly 200 kbps with NO open windows.

...tested with CRS 326.


Stril
by Stril
Fri Nov 02, 2018 10:48 am
Forum: General
Topic: Winbox-Traffic - 200kbit/s
Replies: 14
Views: 962

Re: Winbox-Traffic - 200kbit/s

Hi!

Yes, but with only one window, I already see 200 kbps...
by Stril
Fri Nov 02, 2018 10:02 am
Forum: General
Topic: Winbox-Traffic - 200kbit/s
Replies: 14
Views: 962

Winbox-Traffic - 200kbit/s

Hi!

Winbox takes a lot of traffic, if it is simply connected to a router (about 200kbit/s).
Is there any possibility to limit this?

Today, I just had the problem, that two engineers have been connected on a low-bandwidth-link and that caused problems...

Thank you for your hints
Stril
by Stril
Mon Oct 22, 2018 11:42 am
Forum: General
Topic: ZTE LTE-Interface - DHCP
Replies: 0
Views: 284

ZTE LTE-Interface - DHCP

Hi!

I am using many Huawei LTE-interfaces, but I currently have a problem with a new ZTE LTE-interface card:

I am trying to active DHCP-Client, but the interface lte1 is "greyed out". Can you give me a hint on how to activate this?

Thank you
Regards
Stril
by Stril
Mon Oct 15, 2018 12:00 pm
Forum: Wireless Networking
Topic: LHG 60G experience
Replies: 547
Views: 63732

Re: LHG 60G experience

Hi!

66GHz sounds great, but if I'm right, LHG60 uses 2000 MHz Channel bandwidth.
In this case, 65GHz would be perfect...
by Stril
Wed Sep 12, 2018 5:24 pm
Forum: General
Topic: Log FCS-Errors - Which Source/Destination
Replies: 0
Views: 263

Log FCS-Errors - Which Source/Destination

Hi! I have some problems with FCS-Errors and the combination of UBNT-airfiber and Mikrotik-devices. UBNT says, its only management-traffic, but I do not trust in that. My Question: Is there any possibility to log every "fcs-error-packet" on a link with source and destination to find out, which packe...
by Stril
Wed Sep 12, 2018 5:07 pm
Forum: General
Topic: fcs error on link - CCR1009-8G-1S-1S+
Replies: 3
Views: 469

Re: fcs error on link - CCR1009-8G-1S-1S+

Hi!

Then, you will have probably a problem with the cabeling.

FCS-Errors are Layer-2-Checksum-Problems.
by Stril
Wed Sep 12, 2018 4:01 pm
Forum: General
Topic: fcs error on link - CCR1009-8G-1S-1S+
Replies: 3
Views: 469

Re: fcs error on link - CCR1009-8G-1S-1S+

Hi!

Which device is installed on that port? UBNT AirFiber?
by Stril
Wed Sep 05, 2018 9:26 pm
Forum: General
Topic: RouterOS v6.x with Ubiquiti AirFiber 24 v2.0 - RX Error FCS
Replies: 76
Views: 29076

Re: RouterOS v6.x with Ubiquiti AirFiber 24 v2.0 - RX Error FCS

Hi! Did you find a solution for that problem? Today, I installed an AirFiber 24HD-link. The MT-device behind the link is a CCR1016 with software version 6.40.3 that shows: fcs error on link I tried to use FlowControl without success. The warning-message occures once a minute (in average). Edit: I ju...
by Stril
Wed Aug 29, 2018 4:50 pm
Forum: Scripting
Topic: Exit script if...
Replies: 4
Views: 1232

Exit script if...

Hi!

I am looking for a solution to abort a script if a variable is empty.
:if ([:len $net1] = 0) do={
exit
}
...rest of the script should not be executed if $net1 empty
This does not work. Can you give me a hint on how to solve this?

Thank you
Stril
by Stril
Wed Aug 29, 2018 12:31 pm
Forum: General
Topic: PCQ - Queue - where to set limit
Replies: 1
Views: 347

PCQ - Queue - where to set limit

Hi! I am trying to setup PCQ-queues, but I am not sure, where to set the bandwidth. Goal: 10M bandwidth 10 Users Every User should get min 1M, but maximum 2M (if possible) I can set bandwidth in the Queue-Tree AND in the Queue-Type menu. Can you give me a hint on how to configure this? - Queue Type:...
by Stril
Wed Aug 15, 2018 7:57 pm
Forum: General
Topic: Stacking and MC-LAG for MT-Switches
Replies: 0
Views: 457

Stacking and MC-LAG for MT-Switches

Hi!

Are there any plans to add the following features to the CRS-switches?

- stacking
- MC-LAG

Thank you and best wishes
Stril
by Stril
Mon Aug 13, 2018 3:22 pm
Forum: General
Topic: Centralized Management
Replies: 4
Views: 2893

Re: Centralized Management

Hi! Unimus is/will hopefully be a great tool, but I think, it needs some enhancements. Just some feedback for the moment: - Centralized Upgrade: Great, but it would be very helpful to see the current ROS-version of every device in the device-list - Backups Backups do not contain passwords/keys. Ther...
by Stril
Wed Aug 01, 2018 6:49 pm
Forum: General
Topic: Centralized Management
Replies: 4
Views: 2893

Centralized Management

Hi! As mikrotik does not really have a centralized management solution: How did you solve this? Did you write any script-set that can send config changes to multiple devices? Whats your way? The only thing, I found, was TikManager, but there is nearly NO information about what it can do. Best wishes...
by Stril
Wed Aug 01, 2018 4:50 pm
Forum: General
Topic: Winbox - Info Popup
Replies: 3
Views: 753

Re: Winbox - Info Popup

Hi!

Did you find any possibility to configure a popup?

That would be great.
by Stril
Wed Jul 25, 2018 6:47 pm
Forum: General
Topic: User with the right to ping (nothing else)
Replies: 2
Views: 343

Re: User with the right to ping (nothing else)

Hi!

I want to let the user connect via SSH to execute a remote-ping, but ping AND flood-ping seem to depend on "read"-right.

Is there any workaround?
by Stril
Wed Jul 25, 2018 1:40 pm
Forum: General
Topic: User with the right to ping (nothing else)
Replies: 2
Views: 343

User with the right to ping (nothing else)

Hi! I want to create a user for my monitoring-system, that is able to do remote pings. --> Created user with only the right to login via telnet and "test" Now, the user can login, but gets: ping 8.8.8.8 SEQ HOST SIZE TTL TIME STATUS not enough permissions (9) I had to add "read", but I do not want t...
by Stril
Wed Jul 25, 2018 11:34 am
Forum: General
Topic: Calling all Mikrotik Switch experts
Replies: 7
Views: 718

Re: Calling all Mikrotik Switch experts

PoE or no PoE...
by Stril
Wed Jul 25, 2018 9:22 am
Forum: General
Topic: CRS 326 - Port Isolation
Replies: 0
Views: 318

CRS 326 - Port Isolation

Hi! I want to configure port-isolation on a CRS 326. The wiki describes to use: /interface ethernet switch port-isolation ...but this is not available on a CRS326 Can you tell me, how I can achieve this? The only possibility I found was to use: - Use IP-Firewall for bridge - Set Firewall rules - NO ...
by Stril
Mon Jul 16, 2018 8:44 pm
Forum: Beginner Basics
Topic: Firewall wildcard object - IP ends with .101
Replies: 3
Views: 542

Re: Firewall wildcard object - IP ends with .101

Hi!

Thank you for your answer - although the facts are sad.
This would make it much easier to write rules.
by Stril
Mon Jul 16, 2018 6:28 pm
Forum: Beginner Basics
Topic: Firewall wildcard object - IP ends with .101
Replies: 3
Views: 542

Firewall wildcard object - IP ends with .101

Hi!

I need to define some global firewall rules and I try to simplify the ruleset.

Is it possible to define something like:

IP ends with .101
Or: 0.0.0.101 SubnetMask: 0.0.0.255

Thank you for your help!

Regards,
Stril
by Stril
Wed Jul 11, 2018 10:00 am
Forum: RouterBOARD hardware
Topic: MUM Europe 2018 - New hardware incoming
Replies: 52
Views: 17753

Re: MUM Europe 2018 - New hardware incoming

Hi! I hope mikrotik will think about the new models one more time - they have a very strange port-set... For me, it's important to have an uplink that is "one-speedstep" above the rest of the ports. CRS332 should have: 32x SFP+ 2-4x QSFP+ This would be a nice device... CRS354 is good, but QSFP+ is o...
by Stril
Mon Jun 04, 2018 5:23 pm
Forum: General
Topic: CRS 326 - Port down after reboot
Replies: 0
Views: 217

CRS 326 - Port down after reboot

Hi! I have some problems with my CRS 326. Some ports stay down after reboot, although there is a device connected. Disable, reenable also solves the problem until the next restart. Did you ever see that problem? - ROS Versions tested: 6.41.1 and 6.42.3 (same behaviour) - Two different devices tested...
by Stril
Thu May 17, 2018 11:14 am
Forum: General
Topic: Is it so hard to use dynamic IP VPNs with mikrotik
Replies: 23
Views: 1356

Re: Is it so hard to use dynamic IP VPNs with mikrotik

Hi!

Sorry, was not in the forum, was at MUM:

https://www.youtube.com/watch?v=QlkIbx0Jpoo
..at 04:00 min on the slideshare
by Stril
Thu May 17, 2018 9:01 am
Forum: General
Topic: Is it so hard to use dynamic IP VPNs with mikrotik
Replies: 23
Views: 1356

Re: Is it so hard to use dynamic IP VPNs with mikrotik

Hi!

I found several hints in the forum, that xauth should not be used with site-to-site-VPNs. The examples are always just for RoadWarriors.
How did you handle this? I do not want to use dynamic IPs for the "client-branch-offices" inside the L2TP.
by Stril
Thu May 17, 2018 12:10 am
Forum: General
Topic: Is it so hard to use dynamic IP VPNs with mikrotik
Replies: 23
Views: 1356

Re: Is it so hard to use dynamic IP VPNs with mikrotik

Hi!

But with L2TP and IPSEC, I would have to use the same PSK for all the peers, right?

Using only one tunnel at a time actively is absolutely ok for me. Balancing is not important - only failover...
by Stril
Wed May 16, 2018 6:53 pm
Forum: General
Topic: Is it so hard to use dynamic IP VPNs with mikrotik
Replies: 23
Views: 1356

Re: Is it so hard to use dynamic IP VPNs with mikrotik

Hi! What do you think about: 2x L2tP-Tunnels - Tunnel 1: via "current Internet-Connection of branch-office) to HQ-ISP1 - Tunnel 2: via "current Internet-Connection of branch-office) to HQ-ISP2 2x EoIP-Tunnel WITH IPSec inside the L2TP-Tunnels - Tunnel 1 on L2TP-1 - Tunnel 2 on L2TP-2 --> L2TP is not...
by Stril
Wed May 16, 2018 4:22 pm
Forum: General
Topic: Is it so hard to use dynamic IP VPNs with mikrotik
Replies: 23
Views: 1356

Re: Is it so hard to use dynamic IP VPNs with mikrotik

Hi!

@pe1chi:
Your setup sounds good, but how do you handle the problem, that all the L2TP-tunnel will share one PSK?
by Stril
Wed May 16, 2018 3:23 pm
Forum: General
Topic: Is it so hard to use dynamic IP VPNs with mikrotik
Replies: 23
Views: 1356

Re: Is it so hard to use dynamic IP VPNs with mikrotik

Hi! @sindy: I think, the biggest problem is, the aggressive-mode is not fully supported. There seems to be no possiblity to check the peer-id (i did not find one). Thats why I cannot seperate the traffic). @mrz: I will give it a try. is mode-config only possible with an IP-pool, or are static IPs su...
by Stril
Wed May 16, 2018 1:06 pm
Forum: General
Topic: Is it so hard to use dynamic IP VPNs with mikrotik
Replies: 23
Views: 1356

Re: Is it so hard to use dynamic IP VPNs with mikrotik

Hi! Thank you for your answers! @sindy: Yes, I saw this answer. 4 Tunnels would be possible.I will give it a try. Just to be sure: - HQ: Define two IPSec Peers. Peer 1: Local IP is WANHQ1-IP Peer 2: Local IP is WANHQ2-IP Remote-IP is always 0.0.0.0 --> But how are the SAs set, if I do not know the r...
by Stril
Wed May 16, 2018 9:05 am
Forum: General
Topic: Is it so hard to use dynamic IP VPNs with mikrotik
Replies: 23
Views: 1356

Is it so hard to use dynamic IP VPNs with mikrotik

Hi! I really love using mikrotik devices for most of the networking jobs in my projects, but there is one thing, that avoided using mikrotik many, many times: It is SO hard to use VPNs with dynamic IPs or MultiWAN! One example: Branch offices have: DSL-internet + LTE backup (dynamic and provider-NAT...
by Stril
Mon May 14, 2018 10:31 am
Forum: General
Topic: L2TP Server - IPSEC-PSKs
Replies: 9
Views: 642

Re: L2TP Server - IPSEC-PSKs

Hi!

Thats not very nice...

- I want to avoid TCP-VPNs --> no SSTP
- I need to use Multi-WAN on both sides of my VPNs with dynamic IPs on one of the sides. --> IPSEC is VERY bad to configure

Do you have any other idea on how to do this "nicer"?


Stril
by Stril
Sat May 12, 2018 10:44 pm
Forum: General
Topic: L2TP Server - IPSEC-PSKs
Replies: 9
Views: 642

Re: L2TP Server - IPSEC-PSKs

Hi!

The only possibility, I found, was SSTP which is running fine, but I am not sure, if this is a good idea...
by Stril
Sat May 12, 2018 9:57 pm
Forum: General
Topic: L2TP Server - IPSEC-PSKs
Replies: 9
Views: 642

Re: L2TP Server - IPSEC-PSKs

Hi!

Then, it is useless for me. If ever one client gets compromised, I have to change all the accounts...

Is there any alternative, you see?
by Stril
Sat May 12, 2018 9:30 pm
Forum: General
Topic: L2TP Server - IPSEC-PSKs
Replies: 9
Views: 642

Re: L2TP Server - IPSEC-PSKs

Hi!

But how can I define the IPSEC manually, as the IPs are dynamic? The "automatically created" IPSEC-policy from L2TP is created with the current IP of the peer...

How is this done manually?
by Stril
Sat May 12, 2018 9:04 pm
Forum: General
Topic: L2TP Server - IPSEC-PSKs
Replies: 9
Views: 642

L2TP Server - IPSEC-PSKs

Hi! I am trying to setup an L2TP-Server _with_ IPSec-Encryption for multiple clients with dynamic IPs. The first client was easy, but now, there is one thing, I do not understand: /interface l2tp-server server set default-profile=default enabled=yes ipsec-secret=XXXXX use-ipsec=required I can only s...
by Stril
Sat Apr 14, 2018 10:52 am
Forum: General
Topic: Firewall Builder support for MikroTik
Replies: 5
Views: 2179

Re: Firewall Builder support for MikroTik

Hi!

If anybody would be interested in coding a fwbuilder-plugin/extension:

I would pay for such a developement!

Regards,
Stril
by Stril
Tue Feb 06, 2018 9:58 am
Forum: General
Topic: Which device for 10GbE Bandwidth-Test
Replies: 9
Views: 1744

Re: Which device for 10GbE Bandwidth-Test

Hi!

I just want to build a bandwidth-tester to verify that other devices can handle 10 GbE. The MT-devices do not have any other job.

The goal is to have to compact devices, that I can transport to two different racks to have a benchmark about the bandwidth between them.

Stril
by Stril
Tue Feb 06, 2018 9:21 am
Forum: General
Topic: Which device for 10GbE Bandwidth-Test
Replies: 9
Views: 1744

Re: Which device for 10GbE Bandwidth-Test

Hi! I just read the following info in the MT-wiki: Warning: Bandwidth Test uses only single CPU core and will reach its limits when core will be 100% loaded. --> I think,k I will have the same problem with all devices, except the CHR with one VERY fast CPU-core. I could only get 250 Mbps in my first...
by Stril
Mon Feb 05, 2018 5:13 pm
Forum: General
Topic: Which device for 10GbE Bandwidth-Test
Replies: 9
Views: 1744

Re: Which device for 10GbE Bandwidth-Test

Hi!

I just want to have a "real-world-test", if the fiber can run on 10 GbE without errors.

Is this possible with CCR 1016?

One CCR1016 does send, the other one receive and vice versa?
by Stril
Mon Feb 05, 2018 4:07 pm
Forum: General
Topic: Which device for 10GbE Bandwidth-Test
Replies: 9
Views: 1744

Which device for 10GbE Bandwidth-Test

Hi!

I want to connect 2 Mikrotik-devices to test the bandwidth between them with their integrated bandwidth-tester.

Can you give me a hint, which of the devices have enough power to saturate a 10GbE-Link with the tester?

Is a CCR1009 powerful enough?

Thank you for your help!

Stril
by Stril
Mon Feb 05, 2018 10:44 am
Forum: General
Topic: Add Custom-Script to LCD
Replies: 0
Views: 319

Add Custom-Script to LCD

Hi! I want to use 2 mikrotik-devices as network-tester. The goal is to test, if a "clear" 10 GbE-connection can be established over a fiber. It would be great, if I would not need a test-notebook and if everything would be shown on the LCD: - Interface-bandwidth (already available) - Error rate - In...
by Stril
Mon Jan 29, 2018 9:42 am
Forum: General
Topic: running config and startup config in v4.0
Replies: 5
Views: 4038

Re: running config and startup config in v4.0

Hi! I just want to reactivate that old thread. Are there any news about this? I really miss that feature. Safe-Mode is not an option because people often forget to enable it. The "cisco-like" "copy running-config startup-config" is great because there is the option to get back to a working config wi...
by Stril
Mon Jan 29, 2018 9:31 am
Forum: General
Topic: RSTP - Disable on one port
Replies: 5
Views: 1144

Re: RSTP - Disable on one port

Hi!

Its just not clear, what edge-port does...
There are four options:

- yes
- no
- yes discovery
- no discovery

But what does that exactly mean?

Thank you
Stril
by Stril
Sat Jan 27, 2018 11:32 pm
Forum: General
Topic: RSTP - Disable on one port
Replies: 5
Views: 1144

RSTP - Disable on one port

Hi! I need to use RSTP on Mikrotik-bridges, BUT: Is there any possibility to disable RSTP on one of the bridge ports? I just found "edge port", but in that case, the bridge listens for BPDUs, but I want to avoid that, because I do not want that somebody outside connects and makes itself the root-bri...
by Stril
Fri Sep 22, 2017 8:39 am
Forum: Wireless Networking
Topic: BIG BUG- Unicast key exchange timeout
Replies: 120
Views: 93098

Re: BIG BUG- Unicast key exchange timeout

Hi!

I had that problem, too, yesterday.

The reason was a short WPA2-key. Changing it to a longer key solved the problem for me.

Regards,
Stril
by Stril
Tue Aug 22, 2017 10:20 am
Forum: Beginner Basics
Topic: Master-Slave vs Same Bridge
Replies: 7
Views: 1985

Re: Master-Slave vs Same Bridge

Hi!

That feature sounds interesting!
How is this offloading made? Is it like "fastpath", that it can only affect "non-filtered" sessions, or is it like ACLs in an enterprise-grade Switch?

Regards,
Stril
by Stril
Sat Aug 19, 2017 12:16 am
Forum: Beginner Basics
Topic: Master-Slave vs Same Bridge
Replies: 7
Views: 1985

Re: Master-Slave vs Same Bridge

Hi!
Short answer:

MasterSlave means: use switch chip --> few features, high performance

Bridge means: use router CPU --> many features, low performance

For a dump switch, use master slave.
If you want to filter, use a bridge.
by Stril
Tue Aug 08, 2017 9:17 am
Forum: General
Topic: A/P bonding - ARP-Ping
Replies: 0
Views: 336

A/P bonding - ARP-Ping

Hi! I want to use active-passive-bonds to connect CCRs to two switches for redundancy. What I do not understand is, how ARP-ping is working: - eth1(active) and eth2(passive) are bonded to bond1 - arp-ping to IP 10.10.10.10 is activated Does the router send pings on both interfaces, or only on the ac...
by Stril
Tue Aug 08, 2017 12:09 am
Forum: General
Topic: CCR 1016 - max bridging performance
Replies: 3
Views: 675

Re: CCR 1016 - max bridging performance

Hi!

I do not want to bridge all ports - only two ports.

Are you sure, CRS can filter STP in switch mode without passing the packets to the CPU?
by Stril
Fri Aug 04, 2017 2:16 pm
Forum: General
Topic: CCR 1016 - max bridging performance
Replies: 3
Views: 675

CCR 1016 - max bridging performance

Hi! I need two new devices. The goal is to bridge full gigabit with only very few filters (block Spanning Tree packets). Can you give me a hint on choosing the right device? As there is a version of CCR 1016 with redundant power supply and SFP-Ports, this would be my prefered choice. Do you think, t...
by Stril
Fri Jul 28, 2017 9:38 am
Forum: General
Topic: Understanding RSTP Port Priority
Replies: 1
Views: 1133

Understanding RSTP Port Priority

Hi! Mikrotik offers a config paramter "priority" for every port of a bridge. Could you help me to understand this? I never saw such a paramter. I do only know bridge-priority which is used to determine which one is the root-bridge and I know path costs to determine which paths are "alternate"-paths....
by Stril
Wed Jul 05, 2017 4:48 pm
Forum: Beginner Basics
Topic: IPTables bash script
Replies: 6
Views: 2168

Re: IPTables bash script

Hi! The real advantage is to be able to easily maintain rulesets with objects for many firewalls. My example: I have 50 branch-offices and I have to setup an additional Active Directory Domain Controller. In FWBuilder, I just need to add the DC to the group of "Domain Controllers" and the full set o...
by Stril
Wed Jul 05, 2017 9:47 am
Forum: Beginner Basics
Topic: IPTables bash script
Replies: 6
Views: 2168

Re: IPTables bash script

Hi!

I just want to reactivate that threat.

How do you config large firewall-rulesets?

I think, the concept of fwbuilder is great with its way to work with "objects".

Regards,
Stril
by Stril
Mon Jul 03, 2017 12:51 pm
Forum: General
Topic: Transparent Bridge over Layer 3
Replies: 0
Views: 301

Transparent Bridge over Layer 3

Hi! I have three buildings: B1 <-> B2 Link with 10G B1 <-> B3 Link with 1G wireless B2 <-> B3 Link with 400M wireless The goal is to bridge all the VLANs, I am using in B1+2 to B3 over the two wireless links Is this possible with EoIP WITHOUT setting up every VLAN, or how do I need to use one bridge...
by Stril
Wed Feb 08, 2017 11:11 am
Forum: RouterBOARD hardware
Topic: 1 Gbit/s connection, need router upgrade?
Replies: 21
Views: 4996

Re: 1 Gbit/s connection, need router upgrade?

Hi!

Did you ever benchmark IPSEC "single-stream-performance" on the CCR1009s?

Regards,
by Stril
Sun Feb 05, 2017 10:37 am
Forum: Beginner Basics
Topic: Usage Reports
Replies: 1
Views: 465

Re: Usage Reports

Hi!

You should take a look at Netflow.

Regards
by Stril
Wed Feb 01, 2017 4:53 pm
Forum: Wireless Networking
Topic: Dual-Radio Client Mode
Replies: 3
Views: 779

Re: Dual-Radio Client Mode

Hi!

Isnt anybody using MT-Devices as client in Dual-Radio-environments?

Regards,
by Stril
Tue Jan 31, 2017 4:19 pm
Forum: Wireless Networking
Topic: Dual-Radio Client Mode
Replies: 3
Views: 779

Dual-Radio Client Mode

Hi!

Is it possible to use mikrotik-devices as client devices in dual-radio-environments?

The MT system should connect to a 5GHz AP with fallback to 2.4GHz AP as a standard-client does. How can I set this up?

Thank you
Regards,
Stril
by Stril
Fri Jan 27, 2017 12:30 pm
Forum: Beginner Basics
Topic: Safe Mode Powercycle - Useless
Replies: 13
Views: 2184

Re: Safe Mode Powercycle - Useless

Hi!

I think, it would be best to have the standard-enterprise behaviour:

- Config-edits change "running-config"
- running-config must be commited to "boot-config"

If you want to have an "auto-reset" after 5 mins, you could schedule a reboot and cancel it, if everything goes right.

Regards,
by Stril
Fri Jan 27, 2017 12:08 pm
Forum: Beginner Basics
Topic: Safe Mode Powercycle - Useless
Replies: 13
Views: 2184

Re: Safe Mode Powercycle - Useless

Hi!

I saw this long time in some szenarios where I connected over WAN.
On local devices, the reconnect happens in less than 30s.

Regards
by Stril
Fri Jan 27, 2017 11:21 am
Forum: Beginner Basics
Topic: Safe Mode Powercycle - Useless
Replies: 13
Views: 2184

Safe Mode Powercycle - Useless

Hi! I am just trying to use and understand Safe Mode. The goal is to go back to a working config if i do something stupid. Test 1: - Activate Safe Mode in Winbox - Do something stupid (remove IP from interface) - Wait 10 Minutes --> Working config is back --> Great Test 2: - Activate Safe Mode in Wi...
by Stril
Tue Jan 24, 2017 7:12 pm
Forum: General
Topic: User with default Safe Mode
Replies: 16
Views: 8434

Re: User with default Safe Mode

Hi! Are there any plans to add that option? I think most "enterprise hardware" has the standard behaviour: - Changes in Config are volatile until you "safe to bootconfig" I really like that behaviour as a lockout can always made undone by letting someone power-cycle the device. Safe Mode is a good t...
by Stril
Tue Jan 24, 2017 6:54 pm
Forum: General
Topic: Feature request: Aggressive mode IPSEC with pre-shared key
Replies: 4
Views: 4532

Re: Feature request: Aggressive mode IPSEC with pre-shared key

Hi! That feature request is quite old, but still unsolved. Will there be any possibility to work with IPSEC on dynamic IPs without the need of any "DYNDNS-hacks" or a second L2TP-Layer? The need to use IPSEC in combination to L2TP leads to an additional layer of complexity. Other vendors allow to co...
by Stril
Tue Jan 24, 2017 11:40 am
Forum: General
Topic: Netflow on Bridge / Switch (CRS)
Replies: 1
Views: 396

Re: Netflow on Bridge / Switch (CRS)

Hi! Update: I was just able to produce a Netflow stream. The trick was not to use the switch-chip. The "internal" ports can be configured with "master-interface", but I removed the "uplink-port" and added both of them to a bridge. Now I see the uplink-traffic on netflow if "Bridge - Use IP Firewall"...
by Stril
Tue Jan 24, 2017 11:02 am
Forum: General
Topic: CCR as NetFlow Generator
Replies: 5
Views: 991

Re: CCR as NetFlow Generator

Hi!

Did you find any solution on how to see the whole traffic with netflow in your setup?

Regards,
by Stril
Tue Jan 24, 2017 9:43 am
Forum: General
Topic: Winbox - Info Popup
Replies: 3
Views: 753

Winbox - Info Popup

Hi! Is there any possibility to open a popup with an information on winbox-logon? I found /system note, but this information can only be seen on terminal-logon. It would be great to leave some information if another engineer is using winbox like "Caution - High-Availability-Setup - Manual Sync to Pa...
by Stril
Tue Jan 24, 2017 9:08 am
Forum: General
Topic: Netflow on Bridge / Switch (CRS)
Replies: 1
Views: 396

Netflow on Bridge / Switch (CRS)

Hi! I am trying to setup netflow-support on a CRS125. The post in the mikrotik wiki describes, that normally only trafic which is "passing the queues" is counted. Is there any possibility to see traffic passing a bridge? As the system does not need much performance, I could avoid using the switch ch...
by Stril
Tue Jan 17, 2017 8:53 am
Forum: General
Topic: IPSec VPN Set-up between Dual WAN & Single WAN for Fail-Over
Replies: 17
Views: 19089

Re: IPSec VPN Set-up between Dual WAN & Single WAN for Fail-Over

Hi!

I know, that this is a very old thread, but was anybody able to get this working?

In my szenario, the Branch Office has got two ISPs (with dynamic IPs), too. So there should be no point of failure if one of the ISPs should fail.

Thank you and best wishes

Stril
by Stril
Tue Feb 10, 2015 9:25 am
Forum: General
Topic: 802.1Q Vlan Tagging between RB433 and CRS
Replies: 2
Views: 557

Re: 802.1Q Vlan Tagging between RB433 and CRS

Hello! I could it get to work now: Config on CRS: /interface vlan add interface=ether1 l2mtu=1518 name=ether1-Vlan101 vlan-id=101 /ip address add address=192.168.1.168/24 interface=ether1-Vlan101 network=192.168.1.0 Config on RB433 /interface vlan add interface=ether1 l2mtu=1518 name=ether1-Vlan101 ...
by Stril
Mon Feb 09, 2015 10:19 pm
Forum: General
Topic: 802.1Q Vlan Tagging between RB433 and CRS
Replies: 2
Views: 557

802.1Q Vlan Tagging between RB433 and CRS

Hi! I am trying to setup a VLAN-Trunk between a RB433 and a CRS. Just one Vlan tagged (101) and one Vlan untagged (1) My first try was not to use the switch-chip of the CRS. On both sides, I added a VLAN-interface to ether1 (ether1-vlan101) and assigned an IP to it. The two systems cannot ping each ...
by Stril
Thu Feb 13, 2014 3:53 pm
Forum: Beginner Basics
Topic: IPTables bash script
Replies: 6
Views: 2168

Re: IPTables bash script

Hello! I know, that this thread is quite old, but i am searching for a similar solution. FWBuilder is great to maintain firewall-rules. Mikrotik offers great hardware. It would be perfect, if both solutions could be combined. FWBuilder is open-source, now. Would anybody be interested in developing a...
by Stril
Sat Feb 04, 2012 8:04 pm
Forum: General
Topic: SSTP and HTTPS
Replies: 8
Views: 4100

Re: SSTP and HTTPS

Hi!

That`s a problem by design. You can't assign a port to two applications on on IP.

Stril
by Stril
Sat Oct 01, 2011 1:25 pm
Forum: Wireless Networking
Topic: WDS causes outage in wired LAN
Replies: 0
Views: 398

WDS causes outage in wired LAN

Hi! I have got a massive problem when setting up a wds: I am using two RB433 as a transparent WDS-bridge to connect devices in another building. One of them has access to the "wired" Network and the other one is connected to some other devices by wire. WDS and the ethernet interface are assigned to ...
by Stril
Tue Sep 06, 2011 4:55 pm
Forum: General
Topic: RSTP - asynchronous interface state
Replies: 2
Views: 456

Re: RSTP - asynchronous interface state

Hi!

Of course, one of the routers does send "regular" packets over the wds link, as its state is forwarding.
If I create a Bridge-Firewall-Rule, I can see that e.g. UDP packets (broadcasts) are sent from ethernet into that link and produce traffic.

Stril
by Stril
Tue Sep 06, 2011 4:43 pm
Forum: Wireless Networking
Topic: Are there any large WLAN clouds made with mikrotik
Replies: 7
Views: 1536

Re: Are there any large WLAN clouds made with mikrotik

Hi!

I do not setup anythin on the PDA.
The PDA does just connect to the SSID of the WDS.

Stril
by Stril
Mon Sep 05, 2011 7:16 pm
Forum: General
Topic: RSTP - asynchronous interface state
Replies: 2
Views: 456

RSTP - asynchronous interface state

Hi! I have got a problem with RSTP on Mikrotik-devices: If a redundant path between two devices is blocked by RSTP, it is only blocked in one direction. Router 1 and Router 2 are connected via Cable and WDS. The WDS-Link has got higher path costs, so Router 1 does set it up as "disabled" or "alterna...
by Stril
Mon Sep 05, 2011 6:22 pm
Forum: Wireless Networking
Topic: Are there any large WLAN clouds made with mikrotik
Replies: 7
Views: 1536

Re: Are there any large WLAN clouds made with mikrotik

Hi! I have to use PDAs in a warehouse. The PDAs use VNC-Sessions to connect to a Server. It is important, that we do not losse connectivity, when we change the radio cell. At the moment, I have loose packets, when the client starts roaming. If I use WDS, there is no problem, but I think WDS with abo...
by Stril
Mon Sep 05, 2011 11:06 am
Forum: Wireless Networking
Topic: Are there any large WLAN clouds made with mikrotik
Replies: 7
Views: 1536

Are there any large WLAN clouds made with mikrotik

Hi!

I need to setup am large WLAN cloud of about 40 APs.
Clients need to be able to travel around the cells without connection loss.

Are there any setups out there with MT-Systems?

Can you give me a hint, if roaming will be a problem?

Thank you and best wishes,

Stril
by Stril
Fri Feb 18, 2011 8:51 am
Forum: Beginner Basics
Topic: Deploy WLAN in large buildings - WDS
Replies: 3
Views: 631

Re: Deploy WLAN in large buildings - WDS

Hi!

But if I use wires, how should I set this up?
Is it better to use WDS to be allowed to use one single frequency in the whole building, or to use different frequencies and "isolated" WLAN-cells?

Stril
by Stril
Thu Feb 17, 2011 10:42 am
Forum: Beginner Basics
Topic: Deploy WLAN in large buildings - WDS
Replies: 3
Views: 631

Deploy WLAN in large buildings - WDS

Hi! I have to setup a WLAN in a large building. I need about 8 radio-cells, where 5 cells can be accessed by CAT-7 cables. How would you set this up? Is it good idea, to configure all the nodes as WDS-Bridges with RSTP? Then, the client could (in theory) walk through the whole building without any f...
by Stril
Wed Dec 15, 2010 5:40 pm
Forum: Wireless Networking
Topic: new static and dynamic mesh wds-mode
Replies: 3
Views: 3356

Re: new static and dynamic mesh wds-mode

Hi!

I know, that the post is quite old, but I have got the same question...

What is the difference between wds-mesh and wds?

Best wishes,
Stril