Community discussions

MikroTik App

Search found 200 matches

by Stril
Wed Feb 28, 2024 12:35 pm
Forum: General
Topic: ROS 7.13.5 - no more last handshake and traffic counters for wireguard
Replies: 0
Views: 240

ROS 7.13.5 - no more last handshake and traffic counters for wireguard

Hi! I am just setting up a new device with ROS 7.13.5 Although Wireguard is working fine, there are not detailed informations for the peer about: - Last Handshake - RX - TX The Wireguard interface is showing traffic, everything is working, but no peer-infos. Did you ever see that? Do you have any id...
by Stril
Mon Feb 26, 2024 8:43 am
Forum: Wireless Networking
Topic: 60G PtP - nRay vs. Cube 60ProAC
Replies: 1
Views: 304

60G PtP - nRay vs. Cube 60ProAC

Hi! I need a new PtP setup for about 600m distance, that ist reliable on bad rain conditions or some wet snow. In the past, I was using Wireless Wire Dish LHGG60 with success, but I do not like the open layout. Did you ever compare to Cube 60Pro ac and/or nRay? Cube 60Pro seems to have a smaller ant...
by Stril
Wed Dec 06, 2023 7:16 pm
Forum: General
Topic: Mikrotik as central DHCP - DHCP relay target
Replies: 1
Views: 1196

Mikrotik as central DHCP - DHCP relay target

Hi! I want to use a Mikrotik device as central DHCP server. My segmentation firewall (Fortigate) will act as DHCP relay for multiple VLANs and send the requests to the Mikrotik device. Now the problem: I am not able to define multiple networks on one interface: /ip dhcp-server add address-pool=pool1...
by Stril
Fri Aug 04, 2023 8:10 pm
Forum: General
Topic: Traffic does get redirected - not routed
Replies: 2
Views: 700

Re: Traffic does get redirected - not routed

Hi!

Thank you for your answer!

I did not find any hint on a needed reboot in the wiki/docs.
Now, everything looks great...
by Stril
Fri Aug 04, 2023 5:36 pm
Forum: General
Topic: Traffic does get redirected - not routed
Replies: 2
Views: 700

Traffic does get redirected - not routed

Hi! I am having a strange issue with a "non-optimal" setup: - Client has default gateway to Mikrotik-Router - Mikrotik Router has to send data to another router in the same Layer2-network with Internet uplink. ALL three devices are in the same network! What I see: - The first packet is sen...
by Stril
Tue Jul 18, 2023 12:31 pm
Forum: General
Topic: Reset Wireguard Peer Counters
Replies: 3
Views: 511

Re: Reset Wireguard Peer Counters

Does not work for me
by Stril
Mon Jul 17, 2023 12:59 pm
Forum: General
Topic: Reset Wireguard Peer Counters
Replies: 3
Views: 511

Reset Wireguard Peer Counters

Hi!

There are counters for sent/received KiB for every Wireguard peer, but:
How can I reset these counters?

I did not find any option.

Thank you and best wishes
Stril
by Stril
Fri May 05, 2023 4:53 pm
Forum: Wireless Networking
Topic: 802.3af/at-enabled access point
Replies: 3
Views: 996

Re: 802.3af/at-enabled access point

Hi!

That's nice. I found a different info in a webshop.
I am still wondering, why so few MT-devices are using 802.3af/at
by Stril
Fri May 05, 2023 4:32 pm
Forum: Wireless Networking
Topic: 802.3af/at-enabled access point
Replies: 3
Views: 996

802.3af/at-enabled access point

Hi!

How do you handle access-points in office-environments
In the past, a have been using "cap AC" which are able to be powered by 803.3af-PoE, but the new cap AX did loose that feature?

Is there any "new" device with standard-PoE?

Thank you for your thoughts
Stril
by Stril
Fri Mar 24, 2023 10:48 am
Forum: General
Topic: Optimize Switch Management
Replies: 0
Views: 260

Optimize Switch Management

Hi! - I am loving ROS, - I really like their new hardware CRS ...but I think, ROS is not really good for Switch management. Example: Switch with two uplinks and some VLANs. Cisco/Dell/Arista: vlan database 1,10,110-120 interface range te1/0/1-2 switchport mode trunk switchport trunk allowed vlan all...
by Stril
Tue Nov 15, 2022 1:34 pm
Forum: Wireless Networking
Topic: LastIP missing in WifiWave2
Replies: 0
Views: 360

LastIP missing in WifiWave2

Hi!

The legacy wifi-package is able to show the last IP of a connected wifi-device.
With WifiWave2-package, that feature seems to be missing.

Is there any possibility to add this to the view?

Thank you and best wishes
Stril
by Stril
Mon Nov 14, 2022 5:15 pm
Forum: General
Topic: Wireguard - Failed Attempts - Logging
Replies: 2
Views: 1958

Wireguard - Failed Attempts - Logging

Hi! Currently, Wireguard-Logging seems to be quite limited. I can only see config-changes but no: - Failed attempts - Successful attempts The only thing I found is getting debug data in /interface/wireguard/peers and filter on "last-handshake", but I do not find any possibility to see e.g....
by Stril
Thu Oct 20, 2022 10:01 pm
Forum: Wireless Networking
Topic: hAP ax² WiFi6 (802.11ax) Initial Tests, good news!
Replies: 53
Views: 10077

Re: hAP ax² WiFi6 (802.11ax) Initial Tests, good news!

I can confirm: single stream performance and above UBNT Wifi 6 LR

700-800 MBit/s are possible
by Stril
Mon Aug 15, 2022 3:29 pm
Forum: Wireless Networking
Topic: LHG60G - Rebootet because some critical program crashed
Replies: 0
Views: 504

LHG60G - Rebootet because some critical program crashed

Hi! I am using a pair of LHG 60G for years now, with Firmware 6.44.3. Now, I see, that within the last weeks, I had some "link-downs" and a reboot of one device with: Rooter rebootet because some critical program crashed As my link distance is below 400m, the link has been 100% stable for ...
by Stril
Tue Jul 26, 2022 8:41 am
Forum: Wireless Networking
Topic: CAPs still reassociating..
Replies: 10
Views: 4364

Re: CAPs still reassociating..

Hi! It's a warehouse with quite a strange wireless attenuation... So, there are about 23 APs (5Ghz only) in 3 levels. So, sometimes, the APs can see other APs from the level above or below. I did now reduce the number of APs a bit. Power is already very low (8dB), As I am also using most of the DFS ...
by Stril
Mon Jul 25, 2022 3:57 pm
Forum: Wireless Networking
Topic: CAPs still reassociating..
Replies: 10
Views: 4364

Re: CAPs still reassociating..

Hi!

I think, I found the issue: If the client sees too many APs with his SSID, it starts with "reassociating", althouth there is no interference (many, many, 5GHz channels).

After reducing the amount of APs, everything seems to be working fine.
by Stril
Mon Jul 25, 2022 2:44 pm
Forum: Wireless Networking
Topic: CAPs still reassociating..
Replies: 10
Views: 4364

Re: CAPs still reassociating..

Hi!

Same issue, here...

Did you ever solve this?

Thank you and best wishes
by Stril
Thu Dec 02, 2021 5:48 pm
Forum: Wireless Networking
Topic: WIFI 6 Roadmap
Replies: 199
Views: 143770

Re: WIFI 6 Roadmap

Is this really the case with the WiFi-standards?
Shouldn't a Wave2-AP provide a better performance although, the clients are not able to use Wave2?
Shouldn't a Wifi6-AP provide a better performance although, the clients are not able to use Wifi6?
by Stril
Thu Dec 02, 2021 2:34 pm
Forum: Wireless Networking
Topic: WIFI 6 Roadmap
Replies: 199
Views: 143770

Re: WIFI 6 Roadmap

Hoping for 6E is nice, but I would be happy, if there would be at least WiFi6!
by Stril
Wed Dec 01, 2021 9:15 pm
Forum: Wireless Networking
Topic: WIFI 6 Roadmap
Replies: 199
Views: 143770

Re: WIFI 6 Roadmap

@mikrotik
PLEASE give us any future prospects!!

I do not want to see mikrotik getting thrown out of the installations!
by Stril
Tue Nov 30, 2021 5:49 pm
Forum: Wireless Networking
Topic: cAP vs cAP XL
Replies: 31
Views: 15316

Re: cAP vs cAP XL

I will do my own comparison this weekend and post the results.
@carl0s
Did you find time to do some testing?
by Stril
Mon Nov 29, 2021 9:26 am
Forum: Wireless Networking
Topic: cAP vs cAP XL
Replies: 31
Views: 15316

Re: cAP vs cAP XL

Hi!

What kind of issues did you have? Only low bandwidth, or disconnects, etc.?
by Stril
Fri Nov 26, 2021 6:04 pm
Forum: Wireless Networking
Topic: cAP vs cAP XL
Replies: 31
Views: 15316

Re: cAP vs cAP XL

I will do my own comparison this weekend and post the results.
That would be great!!
by Stril
Fri Nov 26, 2021 9:35 am
Forum: Wireless Networking
Topic: cAP vs cAP XL
Replies: 31
Views: 15316

Re: cAP vs cAP XL

Expectations. The TP LINK EAP 245 is the same cost as a CAPAC and works far better. I need about 140 devices, so management is critical. I need a working CLI, etc. Somebody on YouTube made a comparison and found much weaker coverage with the XL I am not sure, if he tried to test both APs with the s...
by Stril
Thu Nov 25, 2021 4:22 pm
Forum: Wireless Networking
Topic: cAP vs cAP XL
Replies: 31
Views: 15316

cAP vs cAP XL

Hi!

Did anybody here make a comparison of the new cAP XP vs the "old" cAP AC?
How well did it work?

I need to setup wifi in a new fully automated warehouse with a lot of interference.
Would you stick with cAP AC?

Thank you for your thoughts
Stril
by Stril
Wed Oct 13, 2021 9:03 pm
Forum: General
Topic: Output Chain - set source-IP
Replies: 1
Views: 860

Output Chain - set source-IP

Hi! I want to change source-ip for flood-ping, but I just do not find any possibility My thoughts: SRC-NAT: /ip firewall mangle add action=mark-packet chain=output dst-address=8.8.8.8 new-packet-mark=test \ passthrough=no /ip firewall nat add action=src-nat chain=srcnat log=yes packet-mark=test to-a...
by Stril
Fri Sep 17, 2021 3:26 pm
Forum: General
Topic: Scheduler stops executing script
Replies: 22
Views: 3437

Re: Scheduler stops executing script

Thank you! I will try both for the next weeks and report back, if there are any problems.

Thank you for your advice and sorry for my first reaction...
by Stril
Fri Sep 17, 2021 3:20 pm
Forum: General
Topic: Scheduler stops executing script
Replies: 22
Views: 3437

Re: Scheduler stops executing script

Hi! THANK YOU! That's a great help. I changed the script with your input. I have no idea, why it did, what it had to do despite of the wrong parts... Is there any possibility to to catch a freeze? Currently, I am sending the list every hour and as I set timeouts to the "HONEYPOT"-list of l...
by Stril
Fri Sep 17, 2021 2:05 pm
Forum: General
Topic: Scheduler stops executing script
Replies: 22
Views: 3437

Re: Scheduler stops executing script

@Stril I asked you to post the script here for further analysis, but your assumption that the executed script is perfect and does not block the scheduler, makes me make this decision: You are right, this was not correct - Sorry for that! I was thinking, that if all the scheduler jobs stop working s...
by Stril
Fri Sep 17, 2021 2:01 pm
Forum: General
Topic: Scheduler stops executing script
Replies: 22
Views: 3437

Re: Scheduler stops executing script

Hi! I just added the log-warning. Here the main script: :log info message=("Start Sending Report"); :local ipList value=""; :foreach tmpAddress in=[/ip firewall address-list find where list=HONEYPOT] do={ :set $attackip value=([/ip firewall address-list get $tmpAddress value-name...
by Stril
Fri Sep 17, 2021 11:38 am
Forum: General
Topic: Scheduler stops executing script
Replies: 22
Views: 3437

Re: Scheduler stops executing script

Hi!

Scripts are running fine! 100%.
The only problem is, that the scheduler does not try to run them after some thousand successful runs.

This is also visible at "next-run" in scheduler, which is in the past in that case.
by Stril
Fri Sep 17, 2021 10:57 am
Forum: General
Topic: Scheduler stops executing script
Replies: 22
Views: 3437

Re: Scheduler stops executing script

Hi!

There are multiple scripts on the router and all of them are running fine for some weeks and then, they stop simultaniously.
by Stril
Fri Sep 17, 2021 10:07 am
Forum: General
Topic: Scheduler stops executing script
Replies: 22
Views: 3437

Re: Scheduler stops executing script

...am I the only one, seeing that problem?
by Stril
Fri Sep 10, 2021 5:50 pm
Forum: General
Topic: BTest blocked - any alternative
Replies: 5
Views: 843

Re: BTest blocked - any alternative

Hi!

Sorry, but I do not really understand your setup:

1. Server:
I can use a server and NAT its BTest-Server to another port

2. Client:
The Client would need to connect to a different port, but there is no port-parameter for BTest, or would you manipulate the port by NAT?
by Stril
Fri Sep 10, 2021 5:26 pm
Forum: General
Topic: BTest blocked - any alternative
Replies: 5
Views: 843

Re: BTest blocked - any alternative

But I am not able to choose the destination-port for the btest client.
by Stril
Fri Sep 10, 2021 8:52 am
Forum: RouterOS beta
Topic: IPERF3 server on RouterOS ARM
Replies: 8
Views: 13189

Re: IPERF3 server on RouterOS ARM

Hi!

Thats great! Is there any possibility to use the docker-container as iperf3-client? My main usage for iperf would be checking LTE-connections (NAT by provider).

Thank you and best wishes
Stril
by Stril
Fri Sep 10, 2021 8:50 am
Forum: General
Topic: BTest blocked - any alternative
Replies: 5
Views: 843

BTest blocked - any alternative

Hi!

BTest is blocked by one of my providers (LTE).
Is there any possibility to change the port, BTest is using?

Thank you for your help
Stril
by Stril
Thu Sep 09, 2021 9:48 am
Forum: RouterOS beta
Topic: Chateau on 7.1rc3 - LTE scan does not show results
Replies: 0
Views: 1103

Chateau on 7.1rc3 - LTE scan does not show results

Hi! I have a problem on all of my Chateaus: If I try to scan for the available lte networks, I do not get any results. /interface/lte/scan 0 duration=60 --> No results, although the interface is connected. Do you have any idea on how to get the available networks? Thank you and best wishes Stril
by Stril
Mon Aug 23, 2021 5:37 pm
Forum: General
Topic: Scheduler stops executing script
Replies: 22
Views: 3437

Scheduler stops executing script

Hi! I have a quite strange problem. I am using a simple scheduler script on a CCR1009: /system scheduler add interval=27m name=pull_blacklists on-event=\ "/system script run get_blocklists" policy=\ ftp,reboot,read,write,policy,test,password,sniff start-date=jun/20/2020 start-time=00:05:15...
by Stril
Wed Jul 21, 2021 4:44 pm
Forum: Wireless Networking
Topic: nRAY vs LHG 60G
Replies: 29
Views: 6451

Re: nRAY vs LHG 60G

This sounds like a small desaster, if LHG with 3rd-party cover isbetter than nray...
by Stril
Tue Jul 20, 2021 8:44 am
Forum: Wireless Networking
Topic: nRAY vs LHG 60G
Replies: 29
Views: 6451

Re: nRAY vs LHG 60G

Hi!

Are there any news? Did you see any problems with nray compared to LHG60G?

Thank you for your thoughts!
Stril
by Stril
Wed Jun 16, 2021 9:35 am
Forum: Wireless Networking
Topic: Range hap ac3 vs others - Coverage and antenna count
Replies: 5
Views: 3362

Range hap ac3 vs others - Coverage and antenna count

Hi! hap ac3 is advertized as: "We have included external high gain wireless antennas with outstanding coverage." Did you see any advantage over e.g. wap ac? I am quite unsure about the device. - Do external antennas give any benefit in coverage e.g. in office or warehouse environments? - H...
by Stril
Mon Jun 14, 2021 11:00 am
Forum: Wireless Networking
Topic: WIFI 6 Roadmap
Replies: 199
Views: 143770

Re: WIFI 6 Roadmap

Hi!

Any news about that?
by Stril
Wed Jun 02, 2021 9:18 am
Forum: General
Topic: Any wall-/ceiling-mount for Audience - STL?
Replies: 0
Views: 654

Any wall-/ceiling-mount for Audience - STL?

Hi!

I would use Audience-devices for some professional setups, but as a desk-device, it's hard to install - mostly impossible.

Did anybody of you create a wall- and/or ceiling-mount-piece to do a "fix" installation? Perhaps printable with a 3D-printer?


Thank you and best wishes
Stril
by Stril
Wed Nov 11, 2020 10:42 am
Forum: General
Topic: WAP AC - new version - without triple chain
Replies: 32
Views: 5041

Re: WAP AC - new version - without triple chain

I really love mikrotik, but their wifi-range and wifi-effort makes me think about leaving away...
by Stril
Tue Nov 10, 2020 11:31 pm
Forum: General
Topic: WAP AC - new version - without triple chain
Replies: 32
Views: 5041

WAP AC - new version - without triple chain

Hi!

I just saw the new version of the WAP AC and I am quite confused.
Does it really contain just 2x2 wifi and not triple chain as the "old version"?

That would be a step back...

Stril
by Stril
Sat Oct 17, 2020 12:47 am
Forum: Wireless Networking
Topic: Best way to setup "wireless-uplink" for access points without wired connection
Replies: 1
Views: 1674

Best way to setup "wireless-uplink" for access points without wired connection

Hi! I need to have some access points, that do not have a wireless uplink to bring wifi signal so some "low-density"-corners. What do you think, is the best way to configure this? My access points send out 4 SSIDs as virtual APs. Should I do WDS on everyone, or configure the "non-wire...
by Stril
Fri Oct 16, 2020 12:58 pm
Forum: Wireless Networking
Topic: Mikrotik wifi roaming expirience
Replies: 24
Views: 15746

Re: Mikrotik wifi roaming expirience

Hi!

I just found the main-issue:
viewtopic.php?f=7&t=167606&e=1&view=unread#unread

--> STP needs to be disabled
by Stril
Thu Oct 15, 2020 9:22 pm
Forum: Wireless Networking
Topic: Tip: Faster Roaming without STP
Replies: 15
Views: 5687

Re: Tip: Faster Roaming without STP

Hi!

Why should DHCP speed up roaming? Can you please explain?
by Stril
Thu Oct 15, 2020 2:07 pm
Forum: General
Topic: Export config without MAC - automation
Replies: 1
Views: 1119

Export config without MAC - automation

Hi! I want to do some automation to send a master-config to several devices. Is there any possibility to avoid mac addresses for virtual access points /interface wireless /export compact set [ find default-name=wlan1 ] band=2ghz-g/n country=germany disabled=no mode=ap-bridge name=ssid1 security-prof...
by Stril
Thu Oct 15, 2020 11:52 am
Forum: Wireless Networking
Topic: Tip: Faster Roaming without STP
Replies: 15
Views: 5687

Re: Tip: Faster Roaming without STP

Hi!

It's just about the STP on the AP-bridge.
by Stril
Thu Oct 15, 2020 9:18 am
Forum: General
Topic: Central Logging - Graylog
Replies: 12
Views: 8587

Re: Central Logging - Graylog

@wisphak1
Did you go with RAW-input, or did you find any option for BSD-input on graylog?
by Stril
Wed Oct 14, 2020 7:59 pm
Forum: Wireless Networking
Topic: Tip: Faster Roaming without STP
Replies: 15
Views: 5687

Tip: Faster Roaming without STP

Hi!

I just found a solution to allow MUCH faster roaming between MT-access-points:

Just disable (R)STP on the bridge!

Such an easy thing, but that helps a lot. I never thought about this, but as a wifi-interface is down before the first clients connects, this seems to have impact.

Stril
by Stril
Fri Oct 09, 2020 10:23 am
Forum: Wireless Networking
Topic: Mikrotik wifi roaming expirience
Replies: 24
Views: 15746

Re: Mikrotik wifi roaming expirience

Hi!

Yes, I tried this, but without success.
I already checked, if "forced disconnects" would help, but as I had enough overlap, clients did roam, before the "kick" would have happened.
by Stril
Fri Oct 09, 2020 9:39 am
Forum: Wireless Networking
Topic: Mikrotik wifi roaming expirience
Replies: 24
Views: 15746

Mikrotik wifi roaming expirience

Hi! I am a long-time MT-user - administrating about 150 MT-devices, but I hope, you can give me some input, about roaming. Wifi roaming should be mostly a client-process, but I am just not able to get a good roaming-expirience with mikrotik-wifi-devices. Test-setup: - 2 access-points - perfect wifi ...
by Stril
Tue Oct 06, 2020 2:14 pm
Forum: Wireless Networking
Topic: CAPsMAN - Local-Forwarding - how to choose bridge
Replies: 11
Views: 2622

Re: CAPsMAN - Local-Forwarding - how to choose bridge

Hi!

I tried exactly this:

CAPsMAN provisioned two vAPs on one physical CAP.
- SSID1 - Datapath local-forwarding
- SSID2 - Datapath local-forwarding - use-tag=10

But now, the tag does not seem to be used. The vAP on the CAP does still show: no tag, vlan-id 1

Did I miss anything?
by Stril
Tue Oct 06, 2020 9:12 am
Forum: General
Topic: Central Logging - Graylog
Replies: 12
Views: 8587

Re: Central Logging - Graylog

Hi!

It would be great, if you could keep me updated.
by Stril
Tue Oct 06, 2020 9:09 am
Forum: Wireless Networking
Topic: CAPsMAN - Local-Forwarding - how to choose bridge
Replies: 11
Views: 2622

Re: CAPsMAN - Local-Forwarding - how to choose bridge

Hi!

I do not have any technical reason to do so.
The only advantage of multiple bridges is better visibility for me, as I do not really like the way, mikrotik shows up vlan interfaces.
by Stril
Mon Oct 05, 2020 5:08 pm
Forum: Wireless Networking
Topic: CAPsMAN - Local-Forwarding - how to choose bridge
Replies: 11
Views: 2622

Re: CAPsMAN - Local-Forwarding - how to choose bridge

Hi!

Thank you!
So, if I add a new virtualAP via CAPsMAN with local-forwarding, I would have to

- add VLAN to AP
- add VLAN to AP-uplink tagged
- add vAP via CAPsMAN with vlan-tag=xx and local-forwarding


Right?

Thank you for your help!
by Stril
Mon Oct 05, 2020 2:22 pm
Forum: General
Topic: Best way to configure multi-SSID-AP with VLAN-breakout
Replies: 14
Views: 4615

Re: Best way to configure multi-SSID-AP with VLAN-breakout

Hi!

@anav
Thank you! This is a great post!

The "default AP-rsc" seems to be working like my "single-bridge-setup".
by Stril
Mon Oct 05, 2020 12:43 pm
Forum: General
Topic: Best way to configure multi-SSID-AP with VLAN-breakout
Replies: 14
Views: 4615

Best way to configure multi-SSID-AP with VLAN-breakout

Hi! I am just configuring some access points, with 2 SSIDs that have to break out to different VLANs on ether1. I found multiple possibilities and hope, you can help me to use the "easiest" one fot the futur: Background: SSID1 to vlan 10 SSID2 to vlan 20 Management on default VLAN 1 (untag...
by Stril
Sun Oct 04, 2020 9:54 pm
Forum: Wireless Networking
Topic: CAPsMAN - Local-Forwarding - how to choose bridge
Replies: 11
Views: 2622

CAPsMAN - Local-Forwarding - how to choose bridge

Hi! I am just trying to do my first CAPsMAN-setup.Everything is clear, except the local-forwarding. Can you give me a hint on how to steer, which local bridge is used at the CAP, if I choose "local-forwarding"? If the AP would not be managed, I would be able to configure: - SSID1 - bridged...
by Stril
Sat Sep 19, 2020 9:47 am
Forum: Wireless Networking
Topic: Are you using MT for Wifi-Deployments with many APs
Replies: 2
Views: 932

Re: Are you using MT for Wifi-Deployments with many APs

Hi!

Thank you for your answer. Are you happy now with your "single-AP-deployment"?
How do you manage it?

Best wishes
Stril
by Stril
Fri Sep 18, 2020 2:28 pm
Forum: Wireless Networking
Topic: Are you using MT for Wifi-Deployments with many APs
Replies: 2
Views: 932

Are you using MT for Wifi-Deployments with many APs

Hi! I really like mikrotik devices, but I have never used them for larger scale wifi-deployments (> 20 APs). For those setups, I have used Aruba or UBNT. What are your thoughts for deployments with 20-100 Indoos-APs in offices and warehouses? As it should be possible to use (or not) CapsMan: Are you...
by Stril
Mon Jun 29, 2020 9:36 am
Forum: General
Topic: Proscend 180-T VDSL2 SFP Modem - Sync Speed and state
Replies: 2
Views: 2927

Re: Proscend 180-T VDSL2 SFP Modem - Sync Speed and state

Hi!

Thank you, but there seem to be no debug-infos.
Did you ever find a solution for this?

Best wishes
by Stril
Fri Jun 26, 2020 5:46 pm
Forum: General
Topic: Proscend 180-T VDSL2 SFP Modem - Sync Speed and state
Replies: 2
Views: 2927

Proscend 180-T VDSL2 SFP Modem - Sync Speed and state

Hi! I am using a Proscend 180-T VDSL2 SFP Modem in a HEXS. The module is working as VDSL-modem and I can establish a PPPOE-session through it. But: I do not get any debug-data like: - DSL-Sync state - DSL-Sync speed Do you have any idea on how to get additional debug infos with this module? Thank yo...
by Stril
Thu Jun 25, 2020 10:52 am
Forum: General
Topic: Central Logging - Graylog
Replies: 12
Views: 8587

Central Logging - Graylog

Hi! I want to let my MT devices send their logs to a central destination. I am already using Graylog, so I did set up a syslog input on Graylog and configured it as destination for the MT-devices. But: - If I use "BSD syslog" on my MT routers, I do not see the messages. - If I do not use &...
by Stril
Sat Jun 20, 2020 11:55 am
Forum: General
Topic: Performance-Impact of large address-lists
Replies: 1
Views: 1443

Performance-Impact of large address-lists

Hi! I want to use large block-lists with >1000 objects in firewall policies. Can you tell me something about the performance impact? Which device do I need, for a bridging firewall with 1 GB/s throughput and some firewall-rules that do filter on that lists? RB1100X4? CCR1009? CCR2004? Thank you for ...
by Stril
Thu Jun 18, 2020 5:30 pm
Forum: General
Topic: Adding dynamic firewall rules to mikrotik - Suricata - Axiom Shield
Replies: 9
Views: 2721

Re: Adding dynamic firewall rules to mikrotik - Suricata - Axiom Shield

Hi!

Let's take the IP: 2.59.200.1 (from Spamhaus DROP).

Can you ping the IP?
by Stril
Thu Jun 18, 2020 4:02 pm
Forum: General
Topic: Adding dynamic firewall rules to mikrotik - Suricata - Axiom Shield
Replies: 9
Views: 2721

Re: Adding dynamic firewall rules to mikrotik - Suricata - Axiom Shield

But did you see, if the content is really "managed"?
by Stril
Thu Jun 18, 2020 3:14 pm
Forum: General
Topic: Adding dynamic firewall rules to mikrotik - Suricata - Axiom Shield
Replies: 9
Views: 2721

Re: Adding dynamic firewall rules to mikrotik - Suricata - Axiom Shield

If I wasnt using axiom shield ( i can write it off for tax purposes) I would be using this service.
But what is your expirience with Axiom? It seems like the Axiom website did not get any updates for two years? Are you getting updates frequently?
by Stril
Thu Jun 18, 2020 12:21 pm
Forum: General
Topic: Adding dynamic firewall rules to mikrotik - Suricata - Axiom Shield
Replies: 9
Views: 2721

Re: Adding dynamic firewall rules to mikrotik - Suricata - Axiom Shield

Hi!

I am not really interested in L7 capabilities. What I am looking for is:
- a good set of blacklists, that are maintained
- some DDOS-rules
- a good IDS-link (seperate IDS-system with API-link)
by Stril
Thu Jun 18, 2020 10:08 am
Forum: General
Topic: Adding dynamic firewall rules to mikrotik - Suricata - Axiom Shield
Replies: 9
Views: 2721

Adding dynamic firewall rules to mikrotik - Suricata - Axiom Shield

Hi! I am looking for some additional security to block attacks directly at the perimeter. What I found, is: - Suricata-integration with ETPro-rules Looks great, but it's hard to decide and manage which rules should be blocked, because there is no "severity" level at the rules. - Axiom Cybe...
by Stril
Mon Feb 24, 2020 4:26 pm
Forum: General
Topic: CRS - Trunk-Port with all VLANs including those, which are not configured
Replies: 2
Views: 1667

Re: CRS - Trunk-Port with all VLANs including those, which are not configured

Hi!

Yes, it's about the CRS3xx models.

Thank you for your hints. That's not, what I hoped, but maybe scriptable. It would be great to have an option to set a port to mode "contains all VLANs".
by Stril
Thu Feb 20, 2020 1:06 pm
Forum: General
Topic: CRS - Trunk-Port with all VLANs including those, which are not configured
Replies: 2
Views: 1667

CRS - Trunk-Port with all VLANs including those, which are not configured

Hi! I want to replace some switches with CRS-switches. Is there any possibility to setup "trunk-ports" wich always hold all VLANs and - where every new vlan is instantly available tagged - where every unknown vlan is forwarded to, that enters another trunk-port? Dell switches e.g. handle V...
by Stril
Thu Feb 20, 2020 12:39 pm
Forum: SwOS
Topic: Support for MC-LAG/Port bonding across chassis?
Replies: 3
Views: 6826

Re: Support for MC-LAG/Port bonding across chassis?

Hi!

Do you have any news about MC-LAG?

Stril
by Stril
Tue Jan 07, 2020 1:10 pm
Forum: General
Topic: L2TP-IPSEC Fortigate-Mikrotik
Replies: 0
Views: 1817

L2TP-IPSEC Fortigate-Mikrotik

Hi! Was anybody here able to setup a working L2TP-IPSEC between a Mikrotik device as L2TP-client and a Fortigate as L2TP-server? What I did was (first without IPSEC): config vpn l2tp set eip 10.91.91.59 set sip 10.91.91.50 set status enable set usrgrp "L2TP_group" end --> Usergroup L2TP_gr...
by Stril
Fri Jan 03, 2020 3:28 pm
Forum: General
Topic: Route Metric IPSEC
Replies: 1
Views: 971

Route Metric IPSEC

Hi!

Is there any possibility to set the route metric for IPSEC-tunnels?

I have set up an IPSEC-tunnel Mikrotik to Fortigate (which is working), but I cannot set its priority compared to the "normal routes" and other IPSEC-tunnels.

Can you give me a hint?

Thank you and regards,
Stril
by Stril
Fri Jan 03, 2020 2:32 pm
Forum: Beginner Basics
Topic: Dst-NAT - System reachable on two IPs - PacketLoss
Replies: 1
Views: 1106

Re: Dst-NAT - System reachable on two IPs - PacketLoss

...one additional info:

I am running a constant ping, but I only see one packet in the NAT-table-
Connection-Tracking is set to "on"
There is no fasttrack active.
by Stril
Fri Jan 03, 2020 2:12 pm
Forum: Beginner Basics
Topic: Dst-NAT - System reachable on two IPs - PacketLoss
Replies: 1
Views: 1106

Dst-NAT - System reachable on two IPs - PacketLoss

Hi! I am totally confused in my setup and hope, you can give me a hint: RB1100AHx4 with v6.46.1 - Computer1 on eth1 with IP 10.10.10.100/24 - Computer2 on eth1 with IP 10.10.20.100/24 - Router has the IP .1 on both interfaces. What I need to achive is, that Computer 2 can reach a virtual IP 192.168....
by Stril
Thu Jan 02, 2020 8:59 am
Forum: General
Topic: Firewall - IPSEC - incoming-interface is WAN
Replies: 12
Views: 3255

Re: Firewall - IPSEC - incoming-interface is WAN

Hi!

I checked the default-config, but there are no firewall rules - only "/ip firewall nat remove [find comment~"defconf"]"
by Stril
Tue Dec 31, 2019 1:25 pm
Forum: General
Topic: Firewall - IPSEC - incoming-interface is WAN
Replies: 12
Views: 3255

Re: Firewall - IPSEC - incoming-interface is WAN

Hi!

Sorry, but I do not understand, how your hint interfers with my last post.
by Stril
Tue Dec 31, 2019 8:49 am
Forum: General
Topic: Firewall - IPSEC - incoming-interface is WAN
Replies: 12
Views: 3255

Re: Firewall - IPSEC - incoming-interface is WAN

Hi! Yes, that is 95% of what I meant. Thank you! In that case, I do not need to allow "spoofed addresses" on the WAN-interface, but: Isn't there still the danger, that one IPSEC-peer can spoof addresses of another one, or is this prevented by the Phase-2-definitions? Thank you for your hel...
by Stril
Mon Dec 30, 2019 6:18 pm
Forum: General
Topic: Firewall - IPSEC - incoming-interface is WAN
Replies: 12
Views: 3255

Firewall - IPSEC - incoming-interface is WAN

Hi! I want to setup an IPSEC WAN between a Mikrotik and a Fortigate device. The VPN is running, BUT: I am totally confused about the firewall rules. On the mikrotik-device, incoming packets through the VPN-tunnel are coming from interface ether-6 (WAN1). How can I configure the firewall without loos...
by Stril
Mon Aug 19, 2019 12:46 am
Forum: RouterBOARD hardware
Topic: Mikrotik Switch - 48 Port
Replies: 11
Views: 10685

Re: Mikrotik Switch - 48 Port

Hi!

Any news about that?
A 48 Port Switch would be a big step forward for universal usage of mikrotik switches...

Stril
by Stril
Wed Jun 26, 2019 10:53 am
Forum: Wireless Networking
Topic: LHG 60G experience
Replies: 608
Views: 192031

Re: LHG 60G experience

Hi! Did you find any possiblity to get valid RSSI-values? I see fluctuation over the first 5 minutes. After that, RSSI is unchanged for weeks - no matter, if there is heavy rain. On thunderstorms, sometimes the RSSI dropped and did not get back to the "real" value without dropping the link...
by Stril
Wed Jun 26, 2019 10:51 am
Forum: Wireless Networking
Topic: LHG 60G experience
Replies: 608
Views: 192031

Re: LHG 60G experience

Hi! Did you find any possiblity to get valid RSSI-values? I see fluctuation over the first 5 minutes. After that, RSSI is unchanged for weeks - no matter, if there is heavy rain. On thunderstorms, sometimes the RSSI dropped and did not get back to the "real" value without dropping the link...
by Stril
Mon May 06, 2019 9:55 am
Forum: Wireless Networking
Topic: LHG 60G experience
Replies: 608
Views: 192031

Re: LHG 60G experience

Hi! I have a strange problem: - 2x LHG 60G link, 395m - RSSI stable at -50 to -52 dB, Signal-Quality 80-95 Next to the LHG on one side, there is a large (3x3x3m), rotating advertisement-cube When the rotation of the cube is off, the link is 100% stable. When I start the rotation, the MCS drops down ...
by Stril
Mon May 06, 2019 9:23 am
Forum: Wireless Networking
Topic: LHG 60G experience
Replies: 608
Views: 192031

Re: LHG 60G experience

Hi!

Did anybody of you have long-term-experience with any "weather-cover"?
Which ones did work fine for you?

Thank you for your thoughts
by Stril
Fri Mar 22, 2019 9:22 am
Forum: Wireless Networking
Topic: LHG 60G experience
Replies: 608
Views: 192031

Re: LHG 60G experience

Can you give me a hint on how to transfer ALL vlans through a LHG-Link? Do I have to configure the VLANs, or is it enough to leave "VLAN Filtering" disabled on the bridge?
Yes. Do a plain bridge and do no tagging then all packets go through.
Thank you!
This is working perfectly.
by Stril
Thu Mar 21, 2019 2:15 pm
Forum: Wireless Networking
Topic: LHG 60G experience
Replies: 608
Views: 192031

Re: LHG 60G experience

Hi!

Can you give me a hint on how to transfer ALL vlans through a LHG-Link? Do I have to configure the VLANs, or is it enough to leave "VLAN Filtering" disabled on the bridge?

Thank you for your help!
by Stril
Sun Mar 17, 2019 7:49 pm
Forum: Wireless Networking
Topic: LHG 60G experience
Replies: 608
Views: 192031

Re: LHG 60G experience

Prior to thinking, these products will be better than the LHGs, just read the UB-forums and search for FCS-errors and corrupted packets...

Just added an LHG to take over the traffic of an AirFiber...
by Stril
Mon Jan 28, 2019 11:41 am
Forum: General
Topic: ERRO: wrong username or password
Replies: 11
Views: 29629

Re: ERRO: wrong username or password

Hi!

Did you find a solution for this?
I just updated one device and now: wrong username or password

Device is on "empty" password!!

Telnet is working, but winbox is not...

Regards
Stril
by Stril
Fri Jan 18, 2019 9:08 am
Forum: Wireless Networking
Topic: LHG 60G experience
Replies: 608
Views: 192031

Re: LHG 60G experience

Hi! There are just too many variables and modifying the hardware makes it any harder... I have a 400m link. With lower frequencies, RSSI ist better than with high frequencies, BUT: MCS is unstable! 58GHz: RSSI=48, MCS is going up and down (on stable weather conditions) 64GHZ: RSSI=54, MCS stable on ...
by Stril
Thu Jan 17, 2019 3:33 pm
Forum: Wireless Networking
Topic: LHG 60G experience
Replies: 608
Views: 192031

Re: LHG 60G experience

Mikrotik has such a GREAT product with the LHG60G, but details are just too "cheap". A "LHG-60G-PRO" with weather-proof, professional layout and better align-feature would open the doors to new customers for mikrotik. For short links, LHG-60G-PRO could be as good or better than U...
by Stril
Thu Jan 17, 2019 9:09 am
Forum: Wireless Networking
Topic: LHG 60G experience
Replies: 608
Views: 192031

Re: LHG 60G experience

Update for ALU vs LHG dish: The ALU dish has a strange behaviour: RSSI is good, Signal ist good, but MCS is unstable! With LHG-dish, i see a stable MCS of 8 (PHY Rate: 2.3 Gbps). With the upgrade-kit, MCS goes up and down from 4 to 8. Do you have any other idea, to make the LHG "snow-proof"?
by Stril
Wed Jan 16, 2019 5:09 pm
Forum: Wireless Networking
Topic: LHG 60G experience
Replies: 608
Views: 192031

Re: LHG 60G experience

Hi! I just installed the Alu-dish+ABS-cover (that DJVolt offers) on one side of my LHG-Link. RSSI seems to be a bit lower with Alu than with LHG-dish (+3dB) on my first test /interface w60g monitor 0 connected: yes frequency: 64800 remote-address: 24:18:1D:63:62:56 tx-mcs: 8 tx-phy-rate: 2.3Gbps sig...
by Stril
Wed Jan 16, 2019 12:22 am
Forum: Wireless Networking
Topic: LHG 60G experience
Replies: 608
Views: 192031

Re: LHG 60G experience

Aligning with BTest is a very bad idea for a short link in my opinion. Bad aligned means: Gigabit on good weather, lower bandwidth on heavy rain. Good alignment means: Always Gigabit --> You want gigabit on all conditions. What I do: - Align "by sight" both sites (should be easy for 200m) ...
by Stril
Tue Jan 15, 2019 1:17 am
Forum: Wireless Networking
Topic: LHG 60G experience
Replies: 608
Views: 192031

Re: LHG 60G experience

.... But RSSI is the only way to determine the signal margin for bad weather. Right?

I cannot install the link while there is heavy rain and snow.

Did anybody else see smaller RSSIs with Alu dishes?
by Stril
Wed Jan 09, 2019 1:11 am
Forum: Wireless Networking
Topic: LHG 60G experience
Replies: 608
Views: 192031

Re: LHG 60G experience

Hi!

Why do you use the feeder, now?
Your first setup was: LHG with alu dish AND cover. What's the advantage of the feeder?
by Stril
Sat Dec 08, 2018 7:03 pm
Forum: Wireless Networking
Topic: wAP 60G experience
Replies: 313
Views: 93132

Re: wAP 60G experience

Some photo of project that is still modified :) Looks great! It would be perfect to have a fair real life comparison of your devices like: xxx meters, rainy day, perfect aligned systems, rssi and phys rate with: - LHG60G - LHG60G with alu dish - LHG60G with alu dish and abs cover - Custom 60G on WA...
by Stril
Mon Dec 03, 2018 9:23 am
Forum: Wireless Networking
Topic: LHG 60G experience
Replies: 608
Views: 192031

Re: LHG 60G experience

Hi!

Do you see ANY updates on RSSI, when the link is running?
I had much fluctuation within the first 5 minutes, but then, I do not see ANY change - no matter if it's dry or wet.
by Stril
Wed Nov 28, 2018 6:42 pm
Forum: Announcements
Topic: v6.44beta [testing] is released!
Replies: 365
Views: 169154

Re: v6.44beta [testing] is released!


*) winbox - show "W60G" wireless tab on wAP 60G AP;
Hi!

That problem still exists with 6.44beta40
w60g monitoring is still only valid on CLI. GUI shows empty values.
by Stril
Tue Nov 27, 2018 9:11 pm
Forum: Wireless Networking
Topic: LHG 60G experience
Replies: 608
Views: 192031

Re: LHG 60G experience

Hi!

Can you tell me, what kind of grounding you are using with the LHG60?

Option 1:
Use shielded patch-cable and a surge-protector like the UBNT ETH-SP-G2 to ground the patch-cord.

Option 2:
Add second cable to the antenna with grounding-cable

Option 3:
Option 1+2

Thank you for your hint!
by Stril
Tue Nov 27, 2018 9:57 am
Forum: Wireless Networking
Topic: LHG 60G experience
Replies: 608
Views: 192031

Re: LHG 60G experience

Hi! Aligning is a real pain compared to other 60G-devices... I was using two Bridgewave-Links which could be aligned with a multimeter - easy process. The LHG 60G are crazy: - Without alignment-mode: It takes 5 minutes! until the signal gets stabilized! RSSI dances up and down within the first 300s....
by Stril
Sun Nov 25, 2018 1:07 am
Forum: Announcements
Topic: v6.44beta [testing] is released!
Replies: 365
Views: 169154

Re: v6.44beta [testing] is released!

using a w60G and beta28 im not getting any information on the interface page eg Frequency 64800 Remote MAC Signal MCS PHY Rate RSSI TX Sector TX Sector Info RX Sector Distance All blank, and the quickset page is showing 0 for signal and MCS Kingsley I can confirm this on LHG60
by Stril
Sat Nov 24, 2018 8:30 pm
Forum: Wireless Networking
Topic: LHG 60G experience
Replies: 608
Views: 192031

Re: LHG 60G experience

Another record! Master side: connected: yes frequency: 66000 remote-address: 04:D6:AA:XX:XX:XX tx-mcs: 4 tx-phy-rate: 1155.0Mbps signal: 50 rssi: -62 tx-sector: 58 tx-sector-info: left 0.6 degrees, up 1.4 degrees distance: 4332.52m tx-packet-error-rate: 0% Slave side: connected: yes frequency: 6600...
by Stril
Sat Nov 24, 2018 4:39 pm
Forum: Wireless Networking
Topic: LHG 60G experience
Replies: 608
Views: 192031

Re: LHG 60G experience

Hi! But do you have any idea, why the phys-rate is not stable although RSSI is good? It is best at 64800 MHz, but not perfect stable at 2.3 Gbps. At lower frequencies, RSSI is still at -50, but phys-rate drops sometimes to 386 Mbps Do you run Data over the link when you see this? I tried it with an...
by Stril
Sat Nov 24, 2018 11:01 am
Forum: Wireless Networking
Topic: LHG 60G experience
Replies: 608
Views: 192031

Re: LHG 60G experience

Hi!

But do you have any idea, why the phys-rate is not stable although RSSI is good?

It is best at 64800 MHz, but not perfect stable at 2.3 Gbps.
At lower frequencies, RSSI is still at -50, but phys-rate drops sometimes to 386 Mbps
by Stril
Sat Nov 24, 2018 9:07 am
Forum: Wireless Networking
Topic: LHG 60G experience
Replies: 608
Views: 192031

Re: LHG 60G experience

With the dish (LHG60G)? Should probably be around -30/-35. At 400m, it should be around -45 and at 1km, -55 (with channel 4). With channel 1, it's probably going to drop to -55 for 400m and -65 for 1km. I found that post and thought, -50db is not good for 400m... If -50db is o.k.: Do you have any i...
by Stril
Fri Nov 23, 2018 6:05 pm
Forum: Wireless Networking
Topic: LHG 60G experience
Replies: 608
Views: 192031

Re: LHG 60G experience

Try to use this http://www.cdr.pl/p6418,uchwyt-precyzyjny-wireless-wire-dish-rblhgg-60adkit.html to align with better rssi Hi! I am already using this kit on both sides, but its really strange: I can see a wide window, where RSSI is about -50db! I just cannot get more than -40 to -50 - no matter if...
by Stril
Fri Nov 23, 2018 4:27 pm
Forum: Wireless Networking
Topic: LHG 60G experience
Replies: 608
Views: 192031

Re: LHG 60G experience

Hi! Today, I tried to install my first LHG 60G - with not so much success... 399m, perfect LOS. No rain. RSSI is only -48 NO MATTER, if it is really centered or no, NO matter which frequency. I could not get more than -48. BUT: rx-phy-rate is changing all the time from 2.3 Gbps to lower values to &q...
by Stril
Fri Nov 09, 2018 11:50 am
Forum: Wireless Networking
Topic: LHG 60G experience
Replies: 608
Views: 192031

Re: LHG 60G experience

Maybe with the precision kit the alignment tool works well

http://www.cdr.pl/p6418,uchwyt-precyzyj ... adkit.html
Hi!

My precision kit just arrived, but CAUTION: it's not a kit! It's only for one side of the link!!
by Stril
Fri Nov 09, 2018 11:23 am
Forum: Wireless Networking
Topic: LHG 60G experience
Replies: 608
Views: 192031

Re: LHG 60G experience

https://www.aliexpress.com/item/10000m-532-nm-Green-Laser-Sight-Lasers-Pointer-Powerful-device-Adjustable-Focus-Lazer-with-laser-303/32921666322.html?spm=2114.search0104.3.26.496e440aBzECTb&ws_ab_test=searchweb0_0,searchweb201602_2_10065_10068_319_317_10696_5728811_10084_453_454_10083_10618_103...
by Stril
Wed Nov 07, 2018 6:36 pm
Forum: General
Topic: Bandwidth test can't connect outside local subnet
Replies: 14
Views: 6806

Re: Bandwidth test can't connect outside local subnet

Hi!

I cannot help you, but I have the same problem...
Did you find a solution?
by Stril
Fri Nov 02, 2018 4:20 pm
Forum: General
Topic: Winbox-Traffic - 200kbit/s
Replies: 14
Views: 2441

Re: Winbox-Traffic - 200kbit/s

Hi!

It would be great to be able to configure the refresh rate to lower that bandwidth consumption...
by Stril
Fri Nov 02, 2018 4:09 pm
Forum: General
Topic: Winbox-Traffic - 200kbit/s
Replies: 14
Views: 2441

Re: Winbox-Traffic - 200kbit/s

Hi! Thats strange... I am connecting to the IP of the CRS. I just checked my Firewall-connection-list.... If I just connect to the CRS, it consumes only a few kbps (14,4) If I only open the interface-list, it goes up to 260 kbps --> The problem seems to be the Interface List. Can you confirm this?
by Stril
Fri Nov 02, 2018 12:50 pm
Forum: General
Topic: Winbox-Traffic - 200kbit/s
Replies: 14
Views: 2441

Re: Winbox-Traffic - 200kbit/s

Hi!

Absolutely.
I checked it twice
by Stril
Fri Nov 02, 2018 12:09 pm
Forum: General
Topic: Winbox-Traffic - 200kbit/s
Replies: 14
Views: 2441

Re: Winbox-Traffic - 200kbit/s

Hi!

I see constantly 200 kbps with NO open windows.

...tested with CRS 326.


Stril
by Stril
Fri Nov 02, 2018 10:48 am
Forum: General
Topic: Winbox-Traffic - 200kbit/s
Replies: 14
Views: 2441

Re: Winbox-Traffic - 200kbit/s

Hi!

Yes, but with only one window, I already see 200 kbps...
by Stril
Fri Nov 02, 2018 10:02 am
Forum: General
Topic: Winbox-Traffic - 200kbit/s
Replies: 14
Views: 2441

Winbox-Traffic - 200kbit/s

Hi!

Winbox takes a lot of traffic, if it is simply connected to a router (about 200kbit/s).
Is there any possibility to limit this?

Today, I just had the problem, that two engineers have been connected on a low-bandwidth-link and that caused problems...

Thank you for your hints
Stril
by Stril
Mon Oct 22, 2018 11:42 am
Forum: General
Topic: ZTE LTE-Interface - DHCP
Replies: 0
Views: 703

ZTE LTE-Interface - DHCP

Hi!

I am using many Huawei LTE-interfaces, but I currently have a problem with a new ZTE LTE-interface card:

I am trying to active DHCP-Client, but the interface lte1 is "greyed out". Can you give me a hint on how to activate this?

Thank you
Regards
Stril
by Stril
Mon Oct 15, 2018 12:00 pm
Forum: Wireless Networking
Topic: LHG 60G experience
Replies: 608
Views: 192031

Re: LHG 60G experience

Hi!

66GHz sounds great, but if I'm right, LHG60 uses 2000 MHz Channel bandwidth.
In this case, 65GHz would be perfect...
by Stril
Wed Sep 12, 2018 5:24 pm
Forum: General
Topic: Log FCS-Errors - Which Source/Destination
Replies: 0
Views: 664

Log FCS-Errors - Which Source/Destination

Hi! I have some problems with FCS-Errors and the combination of UBNT-airfiber and Mikrotik-devices. UBNT says, its only management-traffic, but I do not trust in that. My Question: Is there any possibility to log every "fcs-error-packet" on a link with source and destination to find out, w...
by Stril
Wed Sep 12, 2018 5:07 pm
Forum: General
Topic: fcs error on link - CCR1009-8G-1S-1S+
Replies: 3
Views: 1432

Re: fcs error on link - CCR1009-8G-1S-1S+

Hi!

Then, you will have probably a problem with the cabeling.

FCS-Errors are Layer-2-Checksum-Problems.
by Stril
Wed Sep 12, 2018 4:01 pm
Forum: General
Topic: fcs error on link - CCR1009-8G-1S-1S+
Replies: 3
Views: 1432

Re: fcs error on link - CCR1009-8G-1S-1S+

Hi!

Which device is installed on that port? UBNT AirFiber?
by Stril
Wed Sep 05, 2018 9:26 pm
Forum: General
Topic: RouterOS v6.x with Ubiquiti AirFiber 24 v2.0 - RX Error FCS
Replies: 77
Views: 41520

Re: RouterOS v6.x with Ubiquiti AirFiber 24 v2.0 - RX Error FCS

Hi! Did you find a solution for that problem? Today, I installed an AirFiber 24HD-link. The MT-device behind the link is a CCR1016 with software version 6.40.3 that shows: fcs error on link I tried to use FlowControl without success. The warning-message occures once a minute (in average). Edit: I ju...
by Stril
Wed Aug 29, 2018 4:50 pm
Forum: Scripting
Topic: Exit script if...
Replies: 4
Views: 6199

Exit script if...

Hi!

I am looking for a solution to abort a script if a variable is empty.
:if ([:len $net1] = 0) do={
exit
}
...rest of the script should not be executed if $net1 empty
This does not work. Can you give me a hint on how to solve this?

Thank you
Stril
by Stril
Wed Aug 29, 2018 12:31 pm
Forum: General
Topic: PCQ - Queue - where to set limit
Replies: 1
Views: 881

PCQ - Queue - where to set limit

Hi! I am trying to setup PCQ-queues, but I am not sure, where to set the bandwidth. Goal: 10M bandwidth 10 Users Every User should get min 1M, but maximum 2M (if possible) I can set bandwidth in the Queue-Tree AND in the Queue-Type menu. Can you give me a hint on how to configure this? - Queue Type:...
by Stril
Wed Aug 15, 2018 7:57 pm
Forum: General
Topic: Stacking and MC-LAG for MT-Switches
Replies: 0
Views: 943

Stacking and MC-LAG for MT-Switches

Hi!

Are there any plans to add the following features to the CRS-switches?

- stacking
- MC-LAG

Thank you and best wishes
Stril
by Stril
Mon Aug 13, 2018 3:22 pm
Forum: General
Topic: Centralized Management
Replies: 4
Views: 15528

Re: Centralized Management

Hi! Unimus is/will hopefully be a great tool, but I think, it needs some enhancements. Just some feedback for the moment: - Centralized Upgrade: Great, but it would be very helpful to see the current ROS-version of every device in the device-list - Backups Backups do not contain passwords/keys. Ther...
by Stril
Wed Aug 01, 2018 6:49 pm
Forum: General
Topic: Centralized Management
Replies: 4
Views: 15528

Centralized Management

Hi! As mikrotik does not really have a centralized management solution: How did you solve this? Did you write any script-set that can send config changes to multiple devices? Whats your way? The only thing, I found, was TikManager, but there is nearly NO information about what it can do. Best wishes...
by Stril
Wed Aug 01, 2018 4:50 pm
Forum: General
Topic: Winbox - Info Popup
Replies: 3
Views: 1397

Re: Winbox - Info Popup

Hi!

Did you find any possibility to configure a popup?

That would be great.
by Stril
Wed Jul 25, 2018 6:47 pm
Forum: General
Topic: User with the right to ping (nothing else)
Replies: 2
Views: 1051

Re: User with the right to ping (nothing else)

Hi!

I want to let the user connect via SSH to execute a remote-ping, but ping AND flood-ping seem to depend on "read"-right.

Is there any workaround?
by Stril
Wed Jul 25, 2018 1:40 pm
Forum: General
Topic: User with the right to ping (nothing else)
Replies: 2
Views: 1051

User with the right to ping (nothing else)

Hi! I want to create a user for my monitoring-system, that is able to do remote pings. --> Created user with only the right to login via telnet and "test" Now, the user can login, but gets: ping 8.8.8.8 SEQ HOST SIZE TTL TIME STATUS not enough permissions (9) I had to add "read",...
by Stril
Wed Jul 25, 2018 11:34 am
Forum: General
Topic: Calling all Mikrotik Switch experts
Replies: 7
Views: 1818

Re: Calling all Mikrotik Switch experts

PoE or no PoE...
by Stril
Wed Jul 25, 2018 9:22 am
Forum: General
Topic: CRS 326 - Port Isolation
Replies: 0
Views: 748

CRS 326 - Port Isolation

Hi! I want to configure port-isolation on a CRS 326. The wiki describes to use: /interface ethernet switch port-isolation ...but this is not available on a CRS326 Can you tell me, how I can achieve this? The only possibility I found was to use: - Use IP-Firewall for bridge - Set Firewall rules - NO ...
by Stril
Mon Jul 16, 2018 8:44 pm
Forum: Beginner Basics
Topic: Firewall wildcard object - IP ends with .101
Replies: 3
Views: 1478

Re: Firewall wildcard object - IP ends with .101

Hi!

Thank you for your answer - although the facts are sad.
This would make it much easier to write rules.
by Stril
Mon Jul 16, 2018 6:28 pm
Forum: Beginner Basics
Topic: Firewall wildcard object - IP ends with .101
Replies: 3
Views: 1478

Firewall wildcard object - IP ends with .101

Hi!

I need to define some global firewall rules and I try to simplify the ruleset.

Is it possible to define something like:

IP ends with .101
Or: 0.0.0.101 SubnetMask: 0.0.0.255

Thank you for your help!

Regards,
Stril
by Stril
Wed Jul 11, 2018 10:00 am
Forum: RouterBOARD hardware
Topic: MUM Europe 2018 - New hardware incoming
Replies: 52
Views: 28144

Re: MUM Europe 2018 - New hardware incoming

Hi! I hope mikrotik will think about the new models one more time - they have a very strange port-set... For me, it's important to have an uplink that is "one-speedstep" above the rest of the ports. CRS332 should have: 32x SFP+ 2-4x QSFP+ This would be a nice device... CRS354 is good, but ...
by Stril
Mon Jun 04, 2018 5:23 pm
Forum: General
Topic: CRS 326 - Port down after reboot
Replies: 0
Views: 585

CRS 326 - Port down after reboot

Hi! I have some problems with my CRS 326. Some ports stay down after reboot, although there is a device connected. Disable, reenable also solves the problem until the next restart. Did you ever see that problem? - ROS Versions tested: 6.41.1 and 6.42.3 (same behaviour) - Two different devices tested...
by Stril
Thu May 17, 2018 11:14 am
Forum: General
Topic: Is it so hard to use dynamic IP VPNs with mikrotik
Replies: 23
Views: 4156

Re: Is it so hard to use dynamic IP VPNs with mikrotik

Hi!

Sorry, was not in the forum, was at MUM:

https://www.youtube.com/watch?v=QlkIbx0Jpoo
..at 04:00 min on the slideshare
by Stril
Thu May 17, 2018 9:01 am
Forum: General
Topic: Is it so hard to use dynamic IP VPNs with mikrotik
Replies: 23
Views: 4156

Re: Is it so hard to use dynamic IP VPNs with mikrotik

Hi!

I found several hints in the forum, that xauth should not be used with site-to-site-VPNs. The examples are always just for RoadWarriors.
How did you handle this? I do not want to use dynamic IPs for the "client-branch-offices" inside the L2TP.
by Stril
Thu May 17, 2018 12:10 am
Forum: General
Topic: Is it so hard to use dynamic IP VPNs with mikrotik
Replies: 23
Views: 4156

Re: Is it so hard to use dynamic IP VPNs with mikrotik

Hi!

But with L2TP and IPSEC, I would have to use the same PSK for all the peers, right?

Using only one tunnel at a time actively is absolutely ok for me. Balancing is not important - only failover...
by Stril
Wed May 16, 2018 6:53 pm
Forum: General
Topic: Is it so hard to use dynamic IP VPNs with mikrotik
Replies: 23
Views: 4156

Re: Is it so hard to use dynamic IP VPNs with mikrotik

Hi! What do you think about: 2x L2tP-Tunnels - Tunnel 1: via "current Internet-Connection of branch-office) to HQ-ISP1 - Tunnel 2: via "current Internet-Connection of branch-office) to HQ-ISP2 2x EoIP-Tunnel WITH IPSec inside the L2TP-Tunnels - Tunnel 1 on L2TP-1 - Tunnel 2 on L2TP-2 --> L...
by Stril
Wed May 16, 2018 4:22 pm
Forum: General
Topic: Is it so hard to use dynamic IP VPNs with mikrotik
Replies: 23
Views: 4156

Re: Is it so hard to use dynamic IP VPNs with mikrotik

Hi!

@pe1chi:
Your setup sounds good, but how do you handle the problem, that all the L2TP-tunnel will share one PSK?
by Stril
Wed May 16, 2018 3:23 pm
Forum: General
Topic: Is it so hard to use dynamic IP VPNs with mikrotik
Replies: 23
Views: 4156

Re: Is it so hard to use dynamic IP VPNs with mikrotik

Hi! @sindy: I think, the biggest problem is, the aggressive-mode is not fully supported. There seems to be no possiblity to check the peer-id (i did not find one). Thats why I cannot seperate the traffic). @mrz: I will give it a try. is mode-config only possible with an IP-pool, or are static IPs su...
by Stril
Wed May 16, 2018 1:06 pm
Forum: General
Topic: Is it so hard to use dynamic IP VPNs with mikrotik
Replies: 23
Views: 4156

Re: Is it so hard to use dynamic IP VPNs with mikrotik

Hi! Thank you for your answers! @sindy: Yes, I saw this answer. 4 Tunnels would be possible.I will give it a try. Just to be sure: - HQ: Define two IPSec Peers. Peer 1: Local IP is WANHQ1-IP Peer 2: Local IP is WANHQ2-IP Remote-IP is always 0.0.0.0 --> But how are the SAs set, if I do not know the r...
by Stril
Wed May 16, 2018 9:05 am
Forum: General
Topic: Is it so hard to use dynamic IP VPNs with mikrotik
Replies: 23
Views: 4156

Is it so hard to use dynamic IP VPNs with mikrotik

Hi! I really love using mikrotik devices for most of the networking jobs in my projects, but there is one thing, that avoided using mikrotik many, many times: It is SO hard to use VPNs with dynamic IPs or MultiWAN! One example: Branch offices have: DSL-internet + LTE backup (dynamic and provider-NAT...
by Stril
Mon May 14, 2018 10:31 am
Forum: General
Topic: L2TP Server - IPSEC-PSKs
Replies: 9
Views: 1593

Re: L2TP Server - IPSEC-PSKs

Hi!

Thats not very nice...

- I want to avoid TCP-VPNs --> no SSTP
- I need to use Multi-WAN on both sides of my VPNs with dynamic IPs on one of the sides. --> IPSEC is VERY bad to configure

Do you have any other idea on how to do this "nicer"?


Stril
by Stril
Sat May 12, 2018 10:44 pm
Forum: General
Topic: L2TP Server - IPSEC-PSKs
Replies: 9
Views: 1593

Re: L2TP Server - IPSEC-PSKs

Hi!

The only possibility, I found, was SSTP which is running fine, but I am not sure, if this is a good idea...
by Stril
Sat May 12, 2018 9:57 pm
Forum: General
Topic: L2TP Server - IPSEC-PSKs
Replies: 9
Views: 1593

Re: L2TP Server - IPSEC-PSKs

Hi!

Then, it is useless for me. If ever one client gets compromised, I have to change all the accounts...

Is there any alternative, you see?
by Stril
Sat May 12, 2018 9:30 pm
Forum: General
Topic: L2TP Server - IPSEC-PSKs
Replies: 9
Views: 1593

Re: L2TP Server - IPSEC-PSKs

Hi!

But how can I define the IPSEC manually, as the IPs are dynamic? The "automatically created" IPSEC-policy from L2TP is created with the current IP of the peer...

How is this done manually?
by Stril
Sat May 12, 2018 9:04 pm
Forum: General
Topic: L2TP Server - IPSEC-PSKs
Replies: 9
Views: 1593

L2TP Server - IPSEC-PSKs

Hi! I am trying to setup an L2TP-Server _with_ IPSec-Encryption for multiple clients with dynamic IPs. The first client was easy, but now, there is one thing, I do not understand: /interface l2tp-server server set default-profile=default enabled=yes ipsec-secret=XXXXX use-ipsec=required I can only s...
by Stril
Sat Apr 14, 2018 10:52 am
Forum: General
Topic: Firewall Builder support for MikroTik
Replies: 5
Views: 3415

Re: Firewall Builder support for MikroTik

Hi!

If anybody would be interested in coding a fwbuilder-plugin/extension:

I would pay for such a developement!

Regards,
Stril
by Stril
Tue Feb 06, 2018 9:58 am
Forum: General
Topic: Which device for 10GbE Bandwidth-Test
Replies: 9
Views: 4149

Re: Which device for 10GbE Bandwidth-Test

Hi!

I just want to build a bandwidth-tester to verify that other devices can handle 10 GbE. The MT-devices do not have any other job.

The goal is to have to compact devices, that I can transport to two different racks to have a benchmark about the bandwidth between them.

Stril
by Stril
Tue Feb 06, 2018 9:21 am
Forum: General
Topic: Which device for 10GbE Bandwidth-Test
Replies: 9
Views: 4149

Re: Which device for 10GbE Bandwidth-Test

Hi! I just read the following info in the MT-wiki: Warning: Bandwidth Test uses only single CPU core and will reach its limits when core will be 100% loaded. --> I think,k I will have the same problem with all devices, except the CHR with one VERY fast CPU-core. I could only get 250 Mbps in my first...
by Stril
Mon Feb 05, 2018 5:13 pm
Forum: General
Topic: Which device for 10GbE Bandwidth-Test
Replies: 9
Views: 4149

Re: Which device for 10GbE Bandwidth-Test

Hi!

I just want to have a "real-world-test", if the fiber can run on 10 GbE without errors.

Is this possible with CCR 1016?

One CCR1016 does send, the other one receive and vice versa?
by Stril
Mon Feb 05, 2018 4:07 pm
Forum: General
Topic: Which device for 10GbE Bandwidth-Test
Replies: 9
Views: 4149

Which device for 10GbE Bandwidth-Test

Hi!

I want to connect 2 Mikrotik-devices to test the bandwidth between them with their integrated bandwidth-tester.

Can you give me a hint, which of the devices have enough power to saturate a 10GbE-Link with the tester?

Is a CCR1009 powerful enough?

Thank you for your help!

Stril
by Stril
Mon Feb 05, 2018 10:44 am
Forum: General
Topic: Add Custom-Script to LCD
Replies: 0
Views: 802

Add Custom-Script to LCD

Hi! I want to use 2 mikrotik-devices as network-tester. The goal is to test, if a "clear" 10 GbE-connection can be established over a fiber. It would be great, if I would not need a test-notebook and if everything would be shown on the LCD: - Interface-bandwidth (already available) - Error...
by Stril
Mon Jan 29, 2018 9:42 am
Forum: General
Topic: running config and startup config in v4.0
Replies: 5
Views: 5472

Re: running config and startup config in v4.0

Hi! I just want to reactivate that old thread. Are there any news about this? I really miss that feature. Safe-Mode is not an option because people often forget to enable it. The "cisco-like" "copy running-config startup-config" is great because there is the option to get back to...
by Stril
Mon Jan 29, 2018 9:31 am
Forum: General
Topic: RSTP - Disable on one port
Replies: 9
Views: 6083

Re: RSTP - Disable on one port

Hi!

Its just not clear, what edge-port does...
There are four options:

- yes
- no
- yes discovery
- no discovery

But what does that exactly mean?

Thank you
Stril
by Stril
Sat Jan 27, 2018 11:32 pm
Forum: General
Topic: RSTP - Disable on one port
Replies: 9
Views: 6083

RSTP - Disable on one port

Hi! I need to use RSTP on Mikrotik-bridges, BUT: Is there any possibility to disable RSTP on one of the bridge ports? I just found "edge port", but in that case, the bridge listens for BPDUs, but I want to avoid that, because I do not want that somebody outside connects and makes itself th...
by Stril
Fri Sep 22, 2017 8:39 am
Forum: Wireless Networking
Topic: BIG BUG- Unicast key exchange timeout
Replies: 130
Views: 129571

Re: BIG BUG- Unicast key exchange timeout

Hi!

I had that problem, too, yesterday.

The reason was a short WPA2-key. Changing it to a longer key solved the problem for me.

Regards,
Stril
by Stril
Tue Aug 22, 2017 10:20 am
Forum: Beginner Basics
Topic: Master-Slave vs Same Bridge
Replies: 7
Views: 3571

Re: Master-Slave vs Same Bridge

Hi!

That feature sounds interesting!
How is this offloading made? Is it like "fastpath", that it can only affect "non-filtered" sessions, or is it like ACLs in an enterprise-grade Switch?

Regards,
Stril
by Stril
Sat Aug 19, 2017 12:16 am
Forum: Beginner Basics
Topic: Master-Slave vs Same Bridge
Replies: 7
Views: 3571

Re: Master-Slave vs Same Bridge

Hi!
Short answer:

MasterSlave means: use switch chip --> few features, high performance

Bridge means: use router CPU --> many features, low performance

For a dump switch, use master slave.
If you want to filter, use a bridge.
by Stril
Tue Aug 08, 2017 9:17 am
Forum: General
Topic: A/P bonding - ARP-Ping
Replies: 0
Views: 685

A/P bonding - ARP-Ping

Hi! I want to use active-passive-bonds to connect CCRs to two switches for redundancy. What I do not understand is, how ARP-ping is working: - eth1(active) and eth2(passive) are bonded to bond1 - arp-ping to IP 10.10.10.10 is activated Does the router send pings on both interfaces, or only on the ac...
by Stril
Tue Aug 08, 2017 12:09 am
Forum: General
Topic: CCR 1016 - max bridging performance
Replies: 3
Views: 1668

Re: CCR 1016 - max bridging performance

Hi!

I do not want to bridge all ports - only two ports.

Are you sure, CRS can filter STP in switch mode without passing the packets to the CPU?
by Stril
Fri Aug 04, 2017 2:16 pm
Forum: General
Topic: CCR 1016 - max bridging performance
Replies: 3
Views: 1668

CCR 1016 - max bridging performance

Hi! I need two new devices. The goal is to bridge full gigabit with only very few filters (block Spanning Tree packets). Can you give me a hint on choosing the right device? As there is a version of CCR 1016 with redundant power supply and SFP-Ports, this would be my prefered choice. Do you think, t...
by Stril
Fri Jul 28, 2017 9:38 am
Forum: General
Topic: Understanding RSTP Port Priority
Replies: 1
Views: 2029

Understanding RSTP Port Priority

Hi! Mikrotik offers a config paramter "priority" for every port of a bridge. Could you help me to understand this? I never saw such a paramter. I do only know bridge-priority which is used to determine which one is the root-bridge and I know path costs to determine which paths are "al...
by Stril
Wed Jul 05, 2017 4:48 pm
Forum: Beginner Basics
Topic: IPTables bash script
Replies: 6
Views: 3393

Re: IPTables bash script

Hi! The real advantage is to be able to easily maintain rulesets with objects for many firewalls. My example: I have 50 branch-offices and I have to setup an additional Active Directory Domain Controller. In FWBuilder, I just need to add the DC to the group of "Domain Controllers" and the ...
by Stril
Wed Jul 05, 2017 9:47 am
Forum: Beginner Basics
Topic: IPTables bash script
Replies: 6
Views: 3393

Re: IPTables bash script

Hi!

I just want to reactivate that threat.

How do you config large firewall-rulesets?

I think, the concept of fwbuilder is great with its way to work with "objects".

Regards,
Stril
by Stril
Mon Jul 03, 2017 12:51 pm
Forum: General
Topic: Transparent Bridge over Layer 3
Replies: 0
Views: 655

Transparent Bridge over Layer 3

Hi! I have three buildings: B1 <-> B2 Link with 10G B1 <-> B3 Link with 1G wireless B2 <-> B3 Link with 400M wireless The goal is to bridge all the VLANs, I am using in B1+2 to B3 over the two wireless links Is this possible with EoIP WITHOUT setting up every VLAN, or how do I need to use one bridge...
by Stril
Wed Feb 08, 2017 11:11 am
Forum: RouterBOARD hardware
Topic: 1 Gbit/s connection, need router upgrade?
Replies: 21
Views: 10461

Re: 1 Gbit/s connection, need router upgrade?

Hi!

Did you ever benchmark IPSEC "single-stream-performance" on the CCR1009s?

Regards,
by Stril
Sun Feb 05, 2017 10:37 am
Forum: Beginner Basics
Topic: Usage Reports
Replies: 1
Views: 1019

Re: Usage Reports

Hi!

You should take a look at Netflow.

Regards
by Stril
Wed Feb 01, 2017 4:53 pm
Forum: Wireless Networking
Topic: Dual-Radio Client Mode
Replies: 3
Views: 1454

Re: Dual-Radio Client Mode

Hi!

Isnt anybody using MT-Devices as client in Dual-Radio-environments?

Regards,
by Stril
Tue Jan 31, 2017 4:19 pm
Forum: Wireless Networking
Topic: Dual-Radio Client Mode
Replies: 3
Views: 1454

Dual-Radio Client Mode

Hi!

Is it possible to use mikrotik-devices as client devices in dual-radio-environments?

The MT system should connect to a 5GHz AP with fallback to 2.4GHz AP as a standard-client does. How can I set this up?

Thank you
Regards,
Stril
by Stril
Fri Jan 27, 2017 12:30 pm
Forum: Beginner Basics
Topic: Safe Mode Powercycle - Useless
Replies: 13
Views: 4919

Re: Safe Mode Powercycle - Useless

Hi! I think, it would be best to have the standard-enterprise behaviour: - Config-edits change "running-config" - running-config must be commited to "boot-config" If you want to have an "auto-reset" after 5 mins, you could schedule a reboot and cancel it, if everything ...
by Stril
Fri Jan 27, 2017 12:08 pm
Forum: Beginner Basics
Topic: Safe Mode Powercycle - Useless
Replies: 13
Views: 4919

Re: Safe Mode Powercycle - Useless

Hi!

I saw this long time in some szenarios where I connected over WAN.
On local devices, the reconnect happens in less than 30s.

Regards
by Stril
Fri Jan 27, 2017 11:21 am
Forum: Beginner Basics
Topic: Safe Mode Powercycle - Useless
Replies: 13
Views: 4919

Safe Mode Powercycle - Useless

Hi! I am just trying to use and understand Safe Mode. The goal is to go back to a working config if i do something stupid. Test 1: - Activate Safe Mode in Winbox - Do something stupid (remove IP from interface) - Wait 10 Minutes --> Working config is back --> Great Test 2: - Activate Safe Mode in Wi...
by Stril
Tue Jan 24, 2017 7:12 pm
Forum: General
Topic: User with default Safe Mode
Replies: 16
Views: 11242

Re: User with default Safe Mode

Hi! Are there any plans to add that option? I think most "enterprise hardware" has the standard behaviour: - Changes in Config are volatile until you "safe to bootconfig" I really like that behaviour as a lockout can always made undone by letting someone power-cycle the device. S...
by Stril
Tue Jan 24, 2017 6:54 pm
Forum: General
Topic: Feature request: Aggressive mode IPSEC with pre-shared key
Replies: 4
Views: 5667

Re: Feature request: Aggressive mode IPSEC with pre-shared key

Hi! That feature request is quite old, but still unsolved. Will there be any possibility to work with IPSEC on dynamic IPs without the need of any "DYNDNS-hacks" or a second L2TP-Layer? The need to use IPSEC in combination to L2TP leads to an additional layer of complexity. Other vendors a...
by Stril
Tue Jan 24, 2017 11:40 am
Forum: General
Topic: Netflow on Bridge / Switch (CRS)
Replies: 1
Views: 1023

Re: Netflow on Bridge / Switch (CRS)

Hi! Update: I was just able to produce a Netflow stream. The trick was not to use the switch-chip. The "internal" ports can be configured with "master-interface", but I removed the "uplink-port" and added both of them to a bridge. Now I see the uplink-traffic on netflow...
by Stril
Tue Jan 24, 2017 11:02 am
Forum: General
Topic: CCR as NetFlow Generator
Replies: 5
Views: 1826

Re: CCR as NetFlow Generator

Hi!

Did you find any solution on how to see the whole traffic with netflow in your setup?

Regards,
by Stril
Tue Jan 24, 2017 9:43 am
Forum: General
Topic: Winbox - Info Popup
Replies: 3
Views: 1397

Winbox - Info Popup

Hi! Is there any possibility to open a popup with an information on winbox-logon? I found /system note, but this information can only be seen on terminal-logon. It would be great to leave some information if another engineer is using winbox like "Caution - High-Availability-Setup - Manual Sync ...
by Stril
Tue Jan 24, 2017 9:08 am
Forum: General
Topic: Netflow on Bridge / Switch (CRS)
Replies: 1
Views: 1023

Netflow on Bridge / Switch (CRS)

Hi! I am trying to setup netflow-support on a CRS125. The post in the mikrotik wiki describes, that normally only trafic which is "passing the queues" is counted. Is there any possibility to see traffic passing a bridge? As the system does not need much performance, I could avoid using the...
by Stril
Tue Jan 17, 2017 8:53 am
Forum: General
Topic: IPSec VPN Set-up between Dual WAN & Single WAN for Fail-Over
Replies: 17
Views: 26083

Re: IPSec VPN Set-up between Dual WAN & Single WAN for Fail-Over

Hi!

I know, that this is a very old thread, but was anybody able to get this working?

In my szenario, the Branch Office has got two ISPs (with dynamic IPs), too. So there should be no point of failure if one of the ISPs should fail.

Thank you and best wishes

Stril
by Stril
Tue Feb 10, 2015 9:25 am
Forum: General
Topic: 802.1Q Vlan Tagging between RB433 and CRS
Replies: 2
Views: 1231

Re: 802.1Q Vlan Tagging between RB433 and CRS

Hello! I could it get to work now: Config on CRS: /interface vlan add interface=ether1 l2mtu=1518 name=ether1-Vlan101 vlan-id=101 /ip address add address=192.168.1.168/24 interface=ether1-Vlan101 network=192.168.1.0 Config on RB433 /interface vlan add interface=ether1 l2mtu=1518 name=ether1-Vlan101 ...
by Stril
Mon Feb 09, 2015 10:19 pm
Forum: General
Topic: 802.1Q Vlan Tagging between RB433 and CRS
Replies: 2
Views: 1231

802.1Q Vlan Tagging between RB433 and CRS

Hi! I am trying to setup a VLAN-Trunk between a RB433 and a CRS. Just one Vlan tagged (101) and one Vlan untagged (1) My first try was not to use the switch-chip of the CRS. On both sides, I added a VLAN-interface to ether1 (ether1-vlan101) and assigned an IP to it. The two systems cannot ping each ...
by Stril
Thu Feb 13, 2014 3:53 pm
Forum: Beginner Basics
Topic: IPTables bash script
Replies: 6
Views: 3393

Re: IPTables bash script

Hello! I know, that this thread is quite old, but i am searching for a similar solution. FWBuilder is great to maintain firewall-rules. Mikrotik offers great hardware. It would be perfect, if both solutions could be combined. FWBuilder is open-source, now. Would anybody be interested in developing a...
by Stril
Sat Feb 04, 2012 8:04 pm
Forum: General
Topic: SSTP and HTTPS
Replies: 8
Views: 6572

Re: SSTP and HTTPS

Hi!

That`s a problem by design. You can't assign a port to two applications on on IP.

Stril
by Stril
Sat Oct 01, 2011 1:25 pm
Forum: Wireless Networking
Topic: WDS causes outage in wired LAN
Replies: 0
Views: 729

WDS causes outage in wired LAN

Hi! I have got a massive problem when setting up a wds: I am using two RB433 as a transparent WDS-bridge to connect devices in another building. One of them has access to the "wired" Network and the other one is connected to some other devices by wire. WDS and the ethernet interface are as...
by Stril
Tue Sep 06, 2011 4:55 pm
Forum: General
Topic: RSTP - asynchronous interface state
Replies: 2
Views: 996

Re: RSTP - asynchronous interface state

Hi!

Of course, one of the routers does send "regular" packets over the wds link, as its state is forwarding.
If I create a Bridge-Firewall-Rule, I can see that e.g. UDP packets (broadcasts) are sent from ethernet into that link and produce traffic.

Stril
by Stril
Tue Sep 06, 2011 4:43 pm
Forum: Wireless Networking
Topic: Are there any large WLAN clouds made with mikrotik
Replies: 7
Views: 2458

Re: Are there any large WLAN clouds made with mikrotik

Hi!

I do not setup anythin on the PDA.
The PDA does just connect to the SSID of the WDS.

Stril
by Stril
Mon Sep 05, 2011 7:16 pm
Forum: General
Topic: RSTP - asynchronous interface state
Replies: 2
Views: 996

RSTP - asynchronous interface state

Hi! I have got a problem with RSTP on Mikrotik-devices: If a redundant path between two devices is blocked by RSTP, it is only blocked in one direction. Router 1 and Router 2 are connected via Cable and WDS. The WDS-Link has got higher path costs, so Router 1 does set it up as "disabled" o...
by Stril
Mon Sep 05, 2011 6:22 pm
Forum: Wireless Networking
Topic: Are there any large WLAN clouds made with mikrotik
Replies: 7
Views: 2458

Re: Are there any large WLAN clouds made with mikrotik

Hi! I have to use PDAs in a warehouse. The PDAs use VNC-Sessions to connect to a Server. It is important, that we do not losse connectivity, when we change the radio cell. At the moment, I have loose packets, when the client starts roaming. If I use WDS, there is no problem, but I think WDS with abo...
by Stril
Mon Sep 05, 2011 11:06 am
Forum: Wireless Networking
Topic: Are there any large WLAN clouds made with mikrotik
Replies: 7
Views: 2458

Are there any large WLAN clouds made with mikrotik

Hi!

I need to setup am large WLAN cloud of about 40 APs.
Clients need to be able to travel around the cells without connection loss.

Are there any setups out there with MT-Systems?

Can you give me a hint, if roaming will be a problem?

Thank you and best wishes,

Stril
by Stril
Fri Feb 18, 2011 8:51 am
Forum: Beginner Basics
Topic: Deploy WLAN in large buildings - WDS
Replies: 3
Views: 1136

Re: Deploy WLAN in large buildings - WDS

Hi!

But if I use wires, how should I set this up?
Is it better to use WDS to be allowed to use one single frequency in the whole building, or to use different frequencies and "isolated" WLAN-cells?

Stril
by Stril
Thu Feb 17, 2011 10:42 am
Forum: Beginner Basics
Topic: Deploy WLAN in large buildings - WDS
Replies: 3
Views: 1136

Deploy WLAN in large buildings - WDS

Hi! I have to setup a WLAN in a large building. I need about 8 radio-cells, where 5 cells can be accessed by CAT-7 cables. How would you set this up? Is it good idea, to configure all the nodes as WDS-Bridges with RSTP? Then, the client could (in theory) walk through the whole building without any f...
by Stril
Wed Dec 15, 2010 5:40 pm
Forum: Wireless Networking
Topic: new static and dynamic mesh wds-mode
Replies: 3
Views: 4488

Re: new static and dynamic mesh wds-mode

Hi!

I know, that the post is quite old, but I have got the same question...

What is the difference between wds-mesh and wds?

Best wishes,
Stril