Community discussions

MikroTik App

Search found 255 matches

by killersoft
Thu Feb 15, 2024 1:33 am
Forum: Wireless Networking
Topic: Dual-CAPsMAN (7.13+) issues
Replies: 16
Views: 959

Re: Dual-CAPsMAN (7.13+) issues

Yes, that is correct.
I have just one VLAN ( a management vlan I like to call it !), that both capsmans(WiFi & Wireless) on the same physical controller unit work on.

All the clients both legacy + new ax devices use that vlan to connect back on for caps management.
by killersoft
Wed Feb 14, 2024 10:20 pm
Forum: Wireless Networking
Topic: Dual-CAPsMAN (7.13+) issues
Replies: 16
Views: 959

Re: Dual-CAPsMAN (7.13+) issues

I am running DUAL capsman at the moment to support dozens of legacy devices || AC || and new AX devices. So far no issues on 7.13.4 as a controller. There are some things to navigate/additions on the new wifi side of capsman world, but have now got over that hurdle. I have 1 controller a CRS317, I u...
by killersoft
Tue Dec 05, 2023 10:49 pm
Forum: Wireless Networking
Topic: 802.11r for hAP ac2?
Replies: 75
Views: 13979

Re: 802.11r for hAP ac2?

tested WPA3 on a cAP AC on 7.13rc2 and it works :)
by killersoft
Tue Nov 28, 2023 8:14 am
Forum: General
Topic: IPv6 Routing a /54 -> /56 -> /64 issue..
Replies: 1
Views: 954

IPv6 Routing a /54 -> /56 -> /64 issue..

Hi. I have a scenario where I have a few business units who look after their own gear, and do their own thing.. [ISP]-----v4(/28)--+-v6/(/54)---(VLAN200)--[CORE ROUTER-rb5009 v7.12.1]===(VLAN205)===>VLAN SWITCH===> Other routers(MT RB5009's v7.12.1) (/56) That said, I gatekeep the core router where ...
by killersoft
Wed Nov 01, 2023 10:53 pm
Forum: Announcements
Topic: v7.12rc is released!
Replies: 225
Views: 91036

Re: v7.12rc is released!

While we're at it. It would be nice to be able to disable Winbox Graphics Licence and Help for the RouterOS login screen. And also the note You have connected to a router. Administrative access only. If this device is not in your possession, please contact your local network administrator. Plus may...
by killersoft
Thu Oct 26, 2023 4:29 pm
Forum: General
Topic: How to upgrade to 2.5GbE + RB4011iGS+RM suitable?
Replies: 2
Views: 747

Re: How to upgrade to 2.5GbE + RB4011iGS+RM suitable?

The rb5009 has a 10gbit sfp+ slot.
Just buy a S+RJ10 sfp which is 100M/1G/2.5G/5G module.

One you have processed your internet via the router
Drop if off to a crs switch eg
CRS310-8G+2S+IN
by killersoft
Thu Oct 19, 2023 1:14 pm
Forum: Announcements
Topic: v7.12rc is released!
Replies: 225
Views: 91036

Re: v7.12rc is released!

If we were to wind back a bit regarding tagging/vlan and go back to documented basics Follow me here : https://wiki.mikrotik.com/wiki/Manual:Basic_VLAN_switching https://wiki.mikrotik.com/images/thumb/c/c7/Basic_vlan_switching.png/700px-Basic_vlan_switching.png What is the VLAN config DIFFERENCE, be...
by killersoft
Wed Oct 18, 2023 5:16 am
Forum: Announcements
Topic: v7.12rc is released!
Replies: 225
Views: 91036

Re: v7.12rc is released!

HERE IS A VIDEO SHOWING THE ISSUE https://www.youtube.com/watch?v=PLI-1Qm1Lp4 I'm not sure why the vlan appears twice in the list in your video, but the interface appearing under "tagged" should not be a problem and is correct. If it was untagged then your packets would likely have two ta...
by killersoft
Wed Oct 18, 2023 4:36 am
Forum: RouterBOARD hardware
Topic: Question to RB5009 owners
Replies: 5
Views: 3736

Re: Question to RB5009 owners

Depends on how you have the ports configured. If you have stuff "switching", like vlans etc then you should get full wirespeed. Else if you need to process traffic then the bottleneck is that 10Gb full duplex link to the cpu plus any load on the cpu itself.. https://i.mt.lv/cdn/product_fil...
by killersoft
Tue Oct 17, 2023 1:39 pm
Forum: Announcements
Topic: v7.12rc is released!
Replies: 225
Views: 91036

Re: v7.12rc is released!

I think it's time you uploaded your configs mate. HERE IS A VIDEO SHOWING THE ISSUE https://www.youtube.com/watch?v=PLI-1Qm1Lp4 HERE IS THE CONTROLLER /interface wifiwave2 channel add band=5ghz-ac disabled=no frequency=5200 name=5GHZ_CHANNEL40_20_AC width=20mhz add band=2ghz-n disabled=no frequency...
by killersoft
Mon Oct 16, 2023 2:03 pm
Forum: Announcements
Topic: v7.12rc is released!
Replies: 225
Views: 91036

Re: v7.12rc is released!

I run a CAMPUS mikrotik wifi network ~60 Radio's worth using legacy CAPsMAN. I can tell you it dynamically add's wireless access points & slave-ap's interfaces properly using VLAN's that are dynamically added to the bridge ( Yes I need to make sure that the required VLANs are on the bridge of t...
by killersoft
Sun Oct 15, 2023 2:06 pm
Forum: Announcements
Topic: v7.12rc is released!
Replies: 225
Views: 91036

Re: v7.12rc is released!

Why do you have a VLAN interface under the Bridge? In my setup they all report as tagged into the Bridge which is what I want. Then the bridge has a trunk port to the switches to manage the VLAN so it finds it's way back to the firewall/router to be processed. I can be wrong here but if they where ...
by killersoft
Sun Oct 15, 2023 11:16 am
Forum: Announcements
Topic: v7.12rc is released!
Replies: 225
Views: 91036

Re: v7.12rc is released!

Just trialed 7.12rc to try and get WAVE2-Capsman-Controller ( on a RB5009 ) to properly set VLAN datapath on a cap unit ( in my case a cAP ax ) set as a cap with the manager set to capsman. I run a campus of older MT wireless and use a separate controller which is its ONLY task(not routing traffic v...
by killersoft
Thu Sep 07, 2023 1:34 am
Forum: Announcements
Topic: v7.12beta [testing] is released!
Replies: 263
Views: 123377

Re: v7.12beta [testing] is released!

Why in IPv6 DHCP server POOL option do I get a double static-only entry's listed:
ipv6 dhcp server pool issue.png
by killersoft
Tue Sep 05, 2023 12:24 am
Forum: Wireless Networking
Topic: WiFi for large RV park?
Replies: 12
Views: 3577

Re: WiFi for large RV park?

I running capsman, with about 106 radio's at the moment( mix of 2.4 + 5.8 GHz, multi-channel ), in my campus environment and about to add AX gear too( yes it sux I have to add a new controller just for those too ). No problem with high density either( I'm comfortably doing ~7+ users per 10m2 of floo...
by killersoft
Thu Aug 31, 2023 12:42 pm
Forum: Announcements
Topic: v7.12beta [testing] is released!
Replies: 263
Views: 123377

Re: v7.12beta [testing] is released!

I need to transport carrier grade ethernet(9000 byte frames) layer-2 traffic that is encrypted at layer2(macsec 802.11AE) as a backhaul using mikrotik's NV2 or NStream modes etc, not classic Wi-Fi mode(which everyone defaults to in these conversations) in a point to point bridge mode only... Current...
by killersoft
Thu Aug 31, 2023 1:31 am
Forum: Announcements
Topic: v7.12beta [testing] is released!
Replies: 263
Views: 123377

Re: v7.12beta [testing] is released!

*) wifiwave2 - enable changing interface MTU and L2MTU;
Now if you can only adjust the wireless MTU to 9000+ Bytes for bridging l2 networks for jumbo frame support(e.g MEF 3 carrier grade connections ) in ptp wireless setups :)
by killersoft
Wed Aug 30, 2023 1:24 am
Forum: Wireless Networking
Topic: WiFi for large RV park?
Replies: 12
Views: 3577

Re: WiFi for large RV park?

Yes, take into account that most client devices ( phones etc ) have "crap" internal antennas( pretty deaf on the RX ) and low TX power. Understanding that, will help you choose a better setup, eg. more smaller units mixed around the area( same ssid/passwords , but different channels ) to h...
by killersoft
Fri Aug 25, 2023 12:01 pm
Forum: Wireless Networking
Topic: JUMBO Frame support for P2P Bridge Request
Replies: 5
Views: 2042

Re: JUMBO Frame support for P2P Bridge Request

Think I found something I will explore further :
Cambium Jumbo frame.png
by killersoft
Fri Aug 25, 2023 11:29 am
Forum: Wireless Networking
Topic: JUMBO Frame support for P2P Bridge Request
Replies: 5
Views: 2042

Re: JUMBO Frame support for P2P Bridge Request

I have a requirement to extend a layter-2 metro fiber Ethernet service from a carrier provider over a few km's over some water. The traffic is macsec encrypted to a site. Its pretty simple stuff. So the wireless gear just needs to support 9000 Bytes-Jumbo frame(Ideally 9200 Bytes ). Mikrotik stops a...
by killersoft
Fri Aug 25, 2023 10:07 am
Forum: Wireless Networking
Topic: JUMBO Frame support for P2P Bridge Request
Replies: 5
Views: 2042

JUMBO Frame support for P2P Bridge Request

Grateful if mikrotik could look into supporting Layer-2 Jumbo frame support( 9000+ Bytes L2 MTU ) into its Wireless backhaul products. I have a requirement to pass metro ethernet over a few KM's point to point with a L2 MTU of 9000, but wireless side gear currently (NetMetal ac² with 30dBi dishes) i...
by killersoft
Fri Jul 28, 2023 4:28 am
Forum: Wireless Networking
Topic: SIM CARD HOLDER 3D PRINTED FOR MIKROTIK [SOLVED]
Replies: 3
Views: 2656

SIM CARD HOLDER 3D PRINTED FOR MIKROTIK [SOLVED]

So today I had to pull apart a LHGGM to get a sim card out. Was not happy.!1 So I made a new 3D printable model for a sim card cradle that allows you to pull it out without tape( etc ).. I have attached the .STL file if you want to 3d print one yourself ( I used a creality S1 PRO on super-quality .1...
by killersoft
Fri Jul 28, 2023 4:24 am
Forum: General
Topic: SIM card position for LHG LTE kit
Replies: 11
Views: 10133

Re: SIM card position for LHG LTE kit

So today I had to pull apart a LHGGM to get a sim card out. Was not happy.!1 So I made a new 3D printable model for a sim card cradle that allows you to pull it out without tape( etc ).. I have attached the .STL file if you want to 3d print one yourself ( I used a creality S1 PRO on super-quality .1...
by killersoft
Thu Jul 06, 2023 4:28 pm
Forum: Announcements
Topic: v7.11beta [testing] is released!
Replies: 373
Views: 105625

Re: v7.11beta [testing] is released!

LoRa device EUI cannot be set !
by killersoft
Thu May 04, 2023 4:15 am
Forum: Announcements
Topic: v7.9 [stable] is released!
Replies: 242
Views: 54447

Re: v7.9 [stable] is released!

Why? Genuinely curious as to why anyone would use WebFig over Winbox if they have the option to use Winbox. Winbox needs to be installed, WebFig is available using pre-installed browser. So why even bother with Winbox ? Winbox is fantastic in "Windows world", apple / linux... wine I guess...
by killersoft
Fri Feb 17, 2023 3:14 pm
Forum: General
Topic: storm-rate and ingress/egress rate limits Traffic-Storm-Control
Replies: 9
Views: 2656

Re: storm-rate and ingress/egress rate limits Traffic-Storm-Control

PPPoE is a CPU based process last I checked.Not sure how the cpu load would look, but isnt a CRS3x a better switch than 'route/network' device.. Would a RB5009 or CCRxxxx series be better to do what you want in PPPoE and QoS.. Anyhow try CPU and use packet/connection marking in mangle and then use Q...
by killersoft
Sat Nov 26, 2022 4:41 am
Forum: RouterOS beta
Topic: 802.1AE MACsec Progress or Examples ?
Replies: 40
Views: 18475

Re: 802.1AE MACsec Progress or Examples ?

Hi golf0r. Use 'export' rather than 'print to show configs. e.g /export file=MyFile.rsc and from the winbox / files you will see the MyFile.rsc which you can drag onto the windows desktop and open with a text editor or use /export file=[filename] hide-sensitive command to not add in things pike pass...
by killersoft
Sat Nov 26, 2022 2:57 am
Forum: Wireless Networking
Topic: House wifi6 network with Mikrotik AX or Audience
Replies: 29
Views: 6741

Re: House wifi6 network with Mikrotik AX or Audience

I'd be waiting for cAP XL ac, but an AX version( who knows when ). That said the cAP XL ac has about 3dB better RX ( on my personal tests just looking at noise floor in a RF quiet environment ), and its got 3db+ more tx power by default over a classic cAP ac too( adjustable of course for country rul...
by killersoft
Sun Nov 20, 2022 9:18 am
Forum: General
Topic: Packets traversing the Firewall via wrong interface [SOLVED]
Replies: 9
Views: 1583

Re: Packets traversing the Firewall via wrong interface [SOLVED]

I've been there in my very early days millions of years ago!! with that vlan / interface port per bridge thing, and its WRONG, very wrong..( Yes it works, but at a big cost(readability + CPU load ) Via the bridge menu you should ONLY be, and do ALL of that inside there...!!! Then do your FIREWALLING...
by killersoft
Sun Nov 20, 2022 6:25 am
Forum: Beginner Basics
Topic: Can't login by IP to LHG LTE18
Replies: 3
Views: 995

Re: Can't login by IP to LHG LTE18

Sorry I missed something, why does a bridge need a 100 IP DHCP range? Because that's exactly where your suppose to apply the DHCP server if you add a bridge to a physical interface port( because the physical becomes a slave interface), furthermore if you add a vlan to a bridge or physical interface...
by killersoft
Sat Nov 19, 2022 4:14 am
Forum: General
Topic: changing the License key from level 4 to 5 + enable hotspot [SOLVED]
Replies: 4
Views: 1125

Re: changing the License key from level 4 to 5 + enable hotspot [SOLVED]

+1 on Rextended's comments.

Your better off spinning up a CHR RoS on a virtual machine and getting a CHR license to manage the hotspot users, than using an under-spec'ed(CPU/mem) device for even 50+ simultaneous users !
by killersoft
Sat Nov 19, 2022 2:26 am
Forum: General
Topic: hAP AC2 RouterOS7.6 Advanced IPScanner
Replies: 3
Views: 460

Re: hAP AC2 RouterOS7.6 Advanced IPScanner

Hi.
Well, that's not good, as it would be classed as a Denial of Service issue in cyber world.

It may be best that you send this to : security@mikrotik.com

Let us know if they get back to you on it. !

https://mikrotik.com/supportsec
by killersoft
Sat Nov 19, 2022 2:20 am
Forum: General
Topic: Wi‑Fi 7 / 802.11be
Replies: 30
Views: 10656

Re: Wi‑Fi 7 / 802.11be

Noting the expected 2024 timeframe for most manufacturers to have product(s) ready. It would be now where the R&D teams should be getting there sample/test boards ready for a ~1year turn-around to market. Of all the new bells and whistles coming with WiF7, I'm most optimistic about MU-MIMO becau...
by killersoft
Wed Nov 16, 2022 8:50 am
Forum: General
Topic: Wi‑Fi 7 / 802.11be
Replies: 30
Views: 10656

Wi‑Fi 7 / 802.11be

Just a nice to have... With WiFi 6 / ax having barely been introduced into Mikrotik harware lineup as of this general message. I read Wi-Fi 7 is not far off. Further reading I see Mikrotik's favorite supplier Qualcomm is now producing chips with Wi-Fi 7 onboard. ( IPQ9574 / PQ9554 / etc etc) Would i...
by killersoft
Mon Nov 07, 2022 4:48 am
Forum: RouterOS beta
Topic: no supported channel - after upgrade
Replies: 31
Views: 12131

Re: no supported channel - after upgrade

Have you tried the official mikrotik support channel.
https://mikrotik.com/support
or via email : support@mikrotik.com
by killersoft
Wed Oct 19, 2022 2:37 am
Forum: RouterOS beta
Topic: 802.1AE MACsec Progress or Examples ?
Replies: 40
Views: 18475

Re: 802.1AE MACsec Progress or Examples ?

I think ( and probably wrong !! will need to test ). Based on some playing of other things a few nights ago If you adjust the MTU of the ETH ( or adjust down the bridge ) by ~ +/- 64bytes, and take and try again, the error may go, as I dont think MTU gets corrected when you add it to bridges/vlans a...
by killersoft
Fri Oct 14, 2022 12:10 am
Forum: RouterOS beta
Topic: 802.1AE MACsec Progress or Examples ?
Replies: 40
Views: 18475

Re: 802.1AE MACsec Progress or Examples ?

Thanks Network5 Thats quite handy information. Especially on CPU load. I wonder if one/two of the cores was dedicated to that task thus the ~50%'ish cpu-load !! ? Not bad I guess for a unit that's only got a CPU and no dedicated switch chip. At least there is head room for other activities on the ro...
by killersoft
Wed Oct 12, 2022 4:48 am
Forum: SwOS
Topic: SWOS and CRS-310-1G-5S-4S-1N - Newbie!
Replies: 7
Views: 4848

Re: SWOS and CRS-310-1G-5S-4S-1N - Newbie!

The CRS310 is a L2 switch with Layer3 routing capability. You have the right product, but I'm not sure if you understand how to program the interface ports to do it via Router OS. There are plenty of guides e.g :https://wiki.mikrotik.com/wiki/Manual:CRS_Router#CRS3xx_series_switches In the simplest ...
by killersoft
Sat Oct 01, 2022 2:15 am
Forum: RouterOS beta
Topic: 802.1AE MACsec Progress or Examples ?
Replies: 40
Views: 18475

Re: 802.1AE MACsec Progress or Examples ?

Happy to report MACSEC on v7.6 beta 10 on CHR is now working and passing IP....
Excellent work...

Just make sure you use the same CAK / CKN on both ends and happy times ahead..
Now for VLAN's over MACSEC.... hmmm
by killersoft
Sat Oct 01, 2022 2:13 am
Forum: Announcements
Topic: v7.6beta [testing] is released!
Replies: 226
Views: 61560

Re: v7.6beta [testing] is released!

Happy to report MACSEC on v7.6 beta 10 on CHR is now working and passing IP....
Excellent work...

Now for VLAN's over MACSEC ...
by killersoft
Sat Aug 20, 2022 3:17 pm
Forum: Forwarding Protocols
Topic: Slow handover between vlans
Replies: 15
Views: 2269

Re: Slow handover between vlans

Hi. Just FYI, when you do a export use : export hide-sensitive so that passwords etc are not shown.. Looking over your config further shows me that you are doing a LOT of CPU intensive work. As for switch chip native & vlan traffic, it looks like all your processing needs are CPU based not switc...
by killersoft
Fri Aug 19, 2022 1:07 pm
Forum: Forwarding Protocols
Topic: Slow handover between vlans
Replies: 15
Views: 2269

Re: Slow handover between vlans

yes, the picture shows everything
Well based on the winbox shot.. Yep CPU limiting issue !
by killersoft
Fri Aug 19, 2022 2:57 am
Forum: Forwarding Protocols
Topic: Slow handover between vlans
Replies: 15
Views: 2269

Re: Slow handover between vlans

Without console config files( export ), its hard to see how you have configured devices correctly. Especially the hex S which is not designed for massive loads. That said, if your are offloading to the SWITCH CHIP of each device and NOT the CPU as you have by the looks of your winbox screen shot, yo...
by killersoft
Sat Jul 23, 2022 9:15 am
Forum: Virtualization
Topic: chr = lowest security
Replies: 7
Views: 4381

Re: chr = lowest security

A brand new cisco router out of the box has no password either.
by killersoft
Sat Jul 23, 2022 3:31 am
Forum: Announcements
Topic: MikroTik Devices Controller
Replies: 332
Views: 234299

Re: MikroTik Devices Controller

In regards to the 'Cloud' solution.
Not everything I have in now >100 devices touches the public internet.
I would prefer a solution I can spin up on a Virtual Machine in a closed environment.

I understand that other people could benefit from a cloud controller, but not in my current use case.
by killersoft
Wed Jul 06, 2022 6:03 am
Forum: RouterOS beta
Topic: 802.1AE MACsec Progress or Examples ?
Replies: 40
Views: 18475

Re: 802.1AE MACsec Progress or Examples ?

Noted, will take a look soon.

If you need wirespeed macsec, I suggest getting yourselves a couple of second hand Cisco 3850's with an appropriate NIM module each.( config e.g https://community.cisco.com/t5/network- ... -p/3368918 )
by killersoft
Wed Jun 01, 2022 5:48 am
Forum: Announcements
Topic: v7.3rc [testing] is released!
Replies: 452
Views: 102386

Re: v7.3rc [testing] is released!

Where are we at with MACSEC ????
by killersoft
Wed Jun 01, 2022 5:45 am
Forum: Announcements
Topic: MikroTik Devices Controller
Replies: 332
Views: 234299

Re: MikroTik Devices Controller

Its a great idea. I manage approximately 97 mikrotik devices from my desk. Of which I have about 12 different models of MT hardware incl a couple of VM's Dude only gets me so far with f/w updates with the hardware side. Ideally I want a platform that : 1. Keeps an eye on configs across all devices a...
by killersoft
Sat Apr 16, 2022 3:50 pm
Forum: RouterBOARD hardware
Topic: CRS sfp woe's
Replies: 4
Views: 969

Re: CRS sfp woe's

Yep, seems pretty normal for generic sfp's to randomly work between MT chassis. I have about 50 MT devices in my care all using fiber trunks. Generally speaking I use either genuine mikrotik SFP's, or Cisco Genuine( which seem to work fine ) in my MT gear. I also keep an eye on : https://wiki.mikrot...
by killersoft
Wed Apr 13, 2022 9:30 am
Forum: RouterBOARD hardware
Topic: Dying Gasp Syslog message.
Replies: 2
Views: 1205

Dying Gasp Syslog message.

Hi Mikrotik Next time your dev'ing up some hardware, can you look at the possibility of adding in a 'feature' as seen in some Cisco gear known as Dying Gasp. It would be nice for the last function of a router/switch who has remote syslog to receive a message with. I'm done, all power has been lost I...
by killersoft
Sun Apr 10, 2022 6:06 am
Forum: RouterOS beta
Topic: 802.1AE MACsec Progress or Examples ?
Replies: 40
Views: 18475

Re: 802.1AE MACsec Progress or Examples ?

I have not seen Mikrotik do anything in this area.!!! The MACSEC option has been there in the console since the very first v7 RC public release back in 2019. Its 2022 and NOTHING, yet > interface/macsec is there hidden in place sight of the console terminal... bump... I've Tried to configure it on l...
by killersoft
Tue Apr 05, 2022 3:22 pm
Forum: Beginner Basics
Topic: CAP AC Apple M1 doesn't like Wi-Fi - works on all android phones and also on ipad
Replies: 4
Views: 670

Re: CAP AC Apple M1 doesn't like Wi-Fi - works on all android phones and also on ipad

Wireless Tables -> Access list is your friend... Kick low signal clients( from the perspective of the AP ) using it. E.g /interface wireless access-list add allow-signal-out-of-range=30s interface=wlan1 signal-range= -86..120 add allow-signal-out-of-range=1s authentication=no forwarding=no interface...
by killersoft
Thu Mar 10, 2022 2:50 am
Forum: RouterBOARD hardware
Topic: Defective WAP R
Replies: 4
Views: 1181

Re: Defective WAP R

Log into it 1st up via WIFI ( The default state from opening the box is the unit has WiFi AP enabled )
Then remove the default config, via MAC/WINBOX.
by killersoft
Wed Mar 02, 2022 5:04 am
Forum: RouterBOARD hardware
Topic: CRS312 speed drop after some time
Replies: 1
Views: 578

Re: CRS312 speed drop after some time

I have nearly every CRS3xx box in my network, but CRS312 is not one of them(yet!), but have not come across such issue. Could you list your config. And double check your error counters on your connected ports/sfp's to see if drops match against heat load( may be a sfp issue if you use them ? ) Other...
by killersoft
Tue Mar 01, 2022 1:44 am
Forum: General
Topic: CRS326-24S+2Q+RM divides all speed by 3
Replies: 13
Views: 1447

Re: CRS326-24S+2Q+RM divides all speed by 3

These units are not really different conceptually to a Layer-3 switch from Cisco e.g Catalyst 3560G( one sitting on my desk atm ! ). I have 1xCRS326-24S+2Q+RM in my network, but its primary role is wire-speed switching, and the only offloaded cpu task I hand to it is the management vlan network. Pro...
by killersoft
Mon Feb 28, 2022 12:28 am
Forum: Beginner Basics
Topic: Has anyone set up the port forwarding for GTA Online and can help me?
Replies: 3
Views: 1694

Re: Has anyone set up the port forwarding for GTA Online and can help me?

Hi. I'd recommend you doing some basic online network courses 1st up to get basic network understanding. You don't do port-forwarding unless your running a local server people connect to. Don't confuse connecting to an external server's Port requirements to having your own server, they network flow ...
by killersoft
Sat Feb 26, 2022 2:01 am
Forum: Announcements
Topic: Newsletter 104
Replies: 54
Views: 25873

Re: Newsletter 104

Can you fix your front web page newsletter date. Its set to 2021 !
Cheers
by killersoft
Sat Feb 05, 2022 8:08 am
Forum: RouterBOARD hardware
Topic: Which RouterBoards/routers have USB3-compatible mPCIe slots? (If any)
Replies: 6
Views: 2946

Re: Which RouterBoards/routers have USB3-compatible mPCIe slots? (If any)

MT Boards with chips like IPQ40xx chipsets are USB3 compatible, just need to check they have a minipcie interface and away you go.. e.g : https://www.qualcomm.com/products/ipq4019 MT boards like : AP ac(RBwAPGR-5HacD2HnD) are what your looking for :) Remember to look at the chipset datasheets to see...
by killersoft
Fri Feb 04, 2022 2:11 am
Forum: SwOS
Topic: Accidentally unchecked all "Allow From Ports", now locked out
Replies: 1
Views: 3399

Re: Accidentally unchecked all "Allow From Ports", now locked out

No console port by the looks ( Should have gone the CRS ! ), and thats a classic lock out
I suspect a factory reset is your only way forward
by killersoft
Fri Feb 04, 2022 2:07 am
Forum: RouterBOARD hardware
Topic: Product Request: 48 port SFP switch
Replies: 8
Views: 6127

Re: Product Request: 48 port SFP switch

For sure.
I'v run out of ports (>24 ports in use ) on a couple of areas with sfp / sfp+.
Would love a 36/48 port sfp+.

Maybe even if it was modular and dual hot swapable power supplies.

If it native 802.11AE/ Macsec working for trunks I'd love that too !
by killersoft
Tue Dec 28, 2021 6:33 am
Forum: RouterBOARD hardware
Topic: Which MT router has a hardware bandwidth shaper?
Replies: 17
Views: 6191

Re: Which MT router has a hardware bandwidth shaper?

Old time hardware favorite bandwidth shaper.
shaper.png
by killersoft
Wed Dec 22, 2021 11:59 am
Forum: RouterBOARD hardware
Topic: wsAP ac
Replies: 5
Views: 5212

Re: wsAP ac

Then why not a wAP ac
https://mikrotik.com/product/wap_ac
That's got 2x 1gbit interfaces and later gen ipq-4018 cpu and wifi-5 ac1200.

And its ceiling or wall mountable
by killersoft
Wed Dec 22, 2021 4:21 am
Forum: RouterBOARD hardware
Topic: Bricked HAP AC3 - any way to install ROS from USB?
Replies: 5
Views: 4561

Re: Bricked HAP AC3 - any way to install ROS from USB?

Netinstall can suck, and can be the actual PC's/Laptop network interface causing trouble in getting netinstall to work.
I'v found (sadly) sometimes I have been forced to use a usb to ethernet adaptorto get netinstall to work, after trying a dozen times on a specific pc or laptop.
by killersoft
Wed Dec 22, 2021 4:18 am
Forum: RouterBOARD hardware
Topic: wsAP ac
Replies: 5
Views: 5212

Re: wsAP ac

Why not use a cAP XL ac

From my bench testing of these, its about 3 dB higher RX( based on noise level testing against a cAP ac) , and they have also bumped the TX power by +3dB too.
Should be no problem for +100Mbps throughput @ 5GHz at reasonable line of sight distances.
by killersoft
Wed Dec 22, 2021 4:04 am
Forum: RouterBOARD hardware
Topic: Support for LTE Band 66 (1700 MHz)
Replies: 5
Views: 5458

Re: Support for LTE Band 66 (1700 MHz)

Indeed band 66 is not part of the physical hardware you have installed in your LHG LTE6 and cannot be 'software fixed' Your best bet if you want to use that band is to remove the LTE card inside your LHG and replace it out with a suitable card that supports band 66. Something like a Quectel EP06-A w...
by killersoft
Wed Dec 22, 2021 3:43 am
Forum: RouterBOARD hardware
Topic: LoRa module not working in RBLtAP-2HnD&R11e-LTE&LR8 [SOLVED]
Replies: 4
Views: 5680

Re: LoRa module not working in RBLtAP-2HnD&R11e-LTE&LR8 [SOLVED]

You need to add the LoRa package from the Mikrotik ->Downloads->"Extra Packages", extract out the LoRa package and drag it into winbox, the same as you would to upgrade the router with the main software update. So I would update to the latest long-term or stable(depending on your risk asse...
by killersoft
Tue Dec 14, 2021 6:15 am
Forum: RouterBOARD hardware
Topic: Quectel EP06-E and wAP R ac (RBwAPGR-5HacD2HnD)
Replies: 42
Views: 80514

Re: Quectel EP06-E and wAP R ac (RBwAPGR-5HacD2HnD)

If anyone needs the EP06-E firmware upgrade(EP06ELAR03A08M4G.zip) and is not getting a response from Quectel support. I have a copy of it after much pain in getting it from Quectel. The upgrade process was a relative painless operation of the firmware upgrade using the Quectel v4.19 flash tool and h...
by killersoft
Fri Dec 03, 2021 7:43 am
Forum: Announcements
Topic: v7.1 is released!
Replies: 785
Views: 224753

Re: v7.1 [testing] is released!

7.1 Installed(updated) ok on x86(test) and on RBcAPGi-5acD2nD.

MACSec/802.11AE still not working....
by killersoft
Sun Nov 28, 2021 11:14 am
Forum: RouterOS beta
Topic: 802.1AE MACsec Progress or Examples ?
Replies: 40
Views: 18475

Re: 802.1AE MACsec Progress or Examples ?

Please Mikrotik, can you add some comments on where MACSEC is currently at.. Now trying with 7.1rc7 using x86... All I see is ether-type traffic 888e on the interface I configured it on between 2x VM's. I can add an IP against the 'macsec1' interface using the command line( not winbox ) too,. mikrot...
by killersoft
Sun Oct 17, 2021 5:42 am
Forum: RouterBOARD hardware
Topic: USB license dongles for x86(virtulization)
Replies: 0
Views: 1739

USB license dongles for x86(virtulization)

Hi, I was wondering if Mikrotik would introduce physical USB license dongles. Use case I have is in an x86 virtualization scenario, where NO internet connections is unavailable(eg CHR). Notably the deletion/modification or moving an x86 VM would require a newly generated x86 license code. Passing th...
by killersoft
Fri Oct 15, 2021 7:17 am
Forum: RouterBOARD hardware
Topic: RB4011 speed limit at 1GB
Replies: 15
Views: 10381

Re: RB4011 speed limit at 1GB

Can you show us the CPU usage of both A. Your LAPTOP/PC and B. Your Router.

Speed Test dies when cpu on a PC/Laptop hits 100% !
by killersoft
Sun Jul 04, 2021 6:22 am
Forum: Announcements
Topic: Newsletter June 2021 (#100)
Replies: 54
Views: 34779

Re: Newsletter June 2021 (#100)

Why would mikrotik, make a niche product for that band plan by FCC. Niche? 6 GHz is used for 802.11ax world wide (https://en.wikipedia.org/wiki/IEEE_802.11ax-2021). Within Q3/Q4 2021, vendors start selling their enterprise access points. Consumer routers with triple radios (2.4GHz, 5 GHz, 6GHZ) and...
by killersoft
Sat Jul 03, 2021 2:38 pm
Forum: Announcements
Topic: Newsletter June 2021 (#100)
Replies: 54
Views: 34779

Re: Newsletter June 2021 (#100)

Wifi 6 when? I am starting to wonder if Wi-Fi 6 or Wi-Fi 6e is even on the road map. Over a year ago , the FCC opened up the 6 GHz band (5.925–7.125 GHz) and made it available for unlicensed use. More than a year later and total lack of any official Mikrotik information, I can only assume there are...
by killersoft
Thu May 20, 2021 6:21 am
Forum: RouterOS beta
Topic: v7.1beta6 [development] is released!
Replies: 377
Views: 242068

Re: v7.1beta6 [development] is released!

Has 802.11AE / MACSEC been fixed yet ?
by killersoft
Sun Feb 28, 2021 8:29 am
Forum: RouterOS beta
Topic: 802.1AE MACsec Progress or Examples ?
Replies: 40
Views: 18475

Re: 802.1AE MACsec Progress or Examples ?

Bump..
Any news on this front Mikrotik I have tried with 7.1beta4 and still cannot get MACSEC up???
by killersoft
Thu Jan 07, 2021 4:29 am
Forum: Wireless Networking
Topic: LTE CAT6 modem disconnecting every 2-3 minutes
Replies: 44
Views: 24391

Re: LTE CAT6 modem disconnecting every 2-3 minutes

I heard 2 things to try. 1. is to bulk up your sim card with some tape at the back of it to ensure its pushing up against the pins, as apparently some sim's are thinner than the specification 2. There is a beta v027(as of Jan2021) that mikrotik can send you. They will also ask you to put the current...
by killersoft
Wed Jan 06, 2021 12:45 am
Forum: Beginner Basics
Topic: LtAP LTE6 regularly disconnects from LTE network
Replies: 12
Views: 5567

Re: LtAP LTE6 regularly disconnects from LTE network

I did not think about the SIM card, as an issue, but yes that could cause random issues. That said, if it was working well before you upgraded, it might not be sim card issue.
by killersoft
Wed Jan 06, 2021 12:09 am
Forum: General
Topic: Mikrotik Radius Connection
Replies: 6
Views: 1662

Re: Mikrotik Radius Connection

Well your radius service needs to be made routable to your mikrotik-router, or put pfsense on your local LAN segment.
by killersoft
Mon Jan 04, 2021 12:49 am
Forum: Beginner Basics
Topic: LtAP LTE6 regularly disconnects from LTE network
Replies: 12
Views: 5567

Re: LtAP LTE6 regularly disconnects from LTE network

Well, yes, you can overdrive a RF front end pretty easily. I'm a ham radio operator too, and have experienced that for myself on RF equipment. You can also simulate that with an Access point and a client sitting on top of one-another, notable throughput can drop a bit, as opposed to being ~1meter aw...
by killersoft
Mon Jan 04, 2021 12:28 am
Forum: General
Topic: Mikrotik Radius Connection
Replies: 6
Views: 1662

Re: Mikrotik Radius Connection

To use your pfsense/ freeradius as a login for mikrotik. Use winbox : RADIUS -> check the login button & add in the IP address of your pfsense box & add in your pfsense/freeradius login password. On System->UserList, click the AAA, and check the "use Radius" Thats it. RADIUS HOW TO...
by killersoft
Sun Jan 03, 2021 2:20 pm
Forum: Beginner Basics
Topic: Phone number as hotspot login
Replies: 2
Views: 3191

Re: Phone number as hotspot login

Just add the phone number to mikrotiks userman as both username/password. And set the account for a 30min timeout. Or use radius, same deal username/password as the phone number. You could add a virtual AP and just have your mate login to the VAP with a WPA2 with just a phone number as the WPA2 pass...
by killersoft
Sun Jan 03, 2021 1:35 pm
Forum: Beginner Basics
Topic: LtAP LTE6 regularly disconnects from LTE network
Replies: 12
Views: 5567

Re: LtAP LTE6 regularly disconnects from LTE network

Hi, Yes, you should not have issues with that antenna, or those signal levels.( maybe you have too much signal LOL(wrap some aluminum around the external antennas to drop it back ! ) I note your probably doing Carrier Aggregation on B1 + B20. I wonder if you force the modem to only do band 1 OR 20, ...
by killersoft
Sun Jan 03, 2021 8:50 am
Forum: General
Topic: Two tunnels between two routers? EoIP + IPIP
Replies: 5
Views: 1900

Re: Two tunnels between two routers? EoIP + IPIP

EoIP is basically a Layer2 link.
You can add your VLANs or other tunnels inside your EoIP interface..( not sure why you would tunnel in a tunnel as your MTU on you inner tunnel is going to small, plus your CPU load will be high running it like that )
by killersoft
Sun Jan 03, 2021 7:59 am
Forum: Forwarding Protocols
Topic: idea: EoIP for high latency/lossy connections => Forward Error Correction
Replies: 9
Views: 6422

Re: idea: EoIP for high latency/lossy connections => Forward Error Correction

FEC is common on networks such as satellite comm's. That said, it will be CPU intensive, especially over EoIP. Noting that TCP knows when frames have not been received and windowing of the frame. I would image that using a smaller TCP window size is the better option. As for UDP( Voip / Gaming packe...
by killersoft
Sun Jan 03, 2021 5:58 am
Forum: Beginner Basics
Topic: LtAP LTE6 regularly disconnects from LTE network
Replies: 12
Views: 5567

Re: LtAP LTE6 regularly disconnects from LTE network

Hi, have you installed the external antenna's for the unit, also what is your signal strength indicators RSRP/RSRQ/SINR etc ? Also what if your providers frequency's/band's V.S what LTE/4G towers(and there associated frequencies/band) are nearby. https://www.youtube.com/watch?v=ysiSoglchg0 I install...
by killersoft
Sun Jan 03, 2021 2:46 am
Forum: Beginner Basics
Topic: howto create a trunk between mikrotik & mikrotik
Replies: 2
Views: 2582

Re: howto create a trunk between mikrotik & mikrotik

The answer is YES for your trunk.( and yes its compatible too with Cisco trunks too(and other vendors), not just MT->MT ) There are at least 2 ways of achiving it and depending on your mikrotik's hardware(e.g Rb vs CRS) there are a couple of different ways to configure it to do the same thing( One b...
by killersoft
Sun Jan 03, 2021 2:31 am
Forum: Beginner Basics
Topic: Enable 5Ghz band for wifi
Replies: 6
Views: 5230

Re: Enable 5Ghz band for wifi

Your rb951g-2hnd does not have a 5GHz WiFi chip/radio in it.
by killersoft
Fri Oct 09, 2020 1:23 am
Forum: RouterBOARD hardware
Topic: When will we see 802.11ax ??
Replies: 0
Views: 1360

When will we see 802.11ax ??

When are we likely to hear about 802.11ax products. ?? E.G "cAP ax" :)
Running a significant Mikrotik Wi-Fi network here(50+ AP's(yes with AC)), and now seeing plenty of people with .11AX phones, laptops now onsite..
Just bolt a IPQ8074 into one of your boards MT :)
by killersoft
Sat Sep 12, 2020 7:04 am
Forum: RouterOS beta
Topic: IDS / IPS Package
Replies: 4
Views: 17778

Re: IDS / IPS Package

Actually mikrotik does DPI (https://wiki.mikrotik.com/wiki/Manual:IP/Firewall/L7). And no, it cannot break SSL etc, nor do I care whats inside normal day to day end user traffic as long as the end machine its not breaking my or SNIFFING around my NETWORK, and if it IS, then I want to detect those LA...
by killersoft
Sat Sep 12, 2020 4:20 am
Forum: RouterOS beta
Topic: IDS / IPS Package
Replies: 4
Views: 17778

IDS / IPS Package

Hi. Would it be plausible to 'integrate' an IDS / IPS " package " into RouterOS 7 ? I know it would be both CPU & storage-wise expensive. That said, I propose it as a package, and aimed at x86 / CHR (virtualized) & up-scaled Mikrotik Hardware. I know you can of course stream IP tra...
by killersoft
Thu Sep 03, 2020 5:46 am
Forum: Announcements
Topic: WinBox v3.27 released!
Replies: 100
Views: 59182

Re: WinBox v3.27 released!

Just tried to use 3.27 on a RB2011(current long term). I cannot add data to the firewall -> NAT, each line goes blank when I highlight it..
I need to revert to an older version now.
by killersoft
Sat Aug 22, 2020 4:11 am
Forum: RouterOS beta
Topic: v7.1beta2 [development] is released!
Replies: 385
Views: 153549

Re: v7.1beta2 [development] is released!

I still cannot get MACSEC running between devices("Gets to negotiating only"). Any suggestions ? /interface macsec add cak=4cb39ed149d0e0dbea5fad4b91e5456f ckn=f98446584e49ad9e2cd99b2aff00adb73e0b4109eb916b8d5bbe208dda274abb \ disabled=no interface=ether5 name=macsec1 profile=default [admi...
by killersoft
Fri Aug 07, 2020 6:47 am
Forum: RouterBOARD hardware
Topic: next-gen wireless
Replies: 1
Views: 1295

Re: next-gen wireless

Nice to have next-gen products!!
.AX & WPA3 support.
Maybe 3x3 mimo plus..
Potentially other limited band support of wifi( 60ghz , 24Ghz ?)
by killersoft
Fri Aug 07, 2020 6:45 am
Forum: RouterBOARD hardware
Topic: Which Mikrotik 4G/LTE products support 2 external antennas?
Replies: 2
Views: 1181

Re: Which Mikrotik 4G/LTE products support 2 external antennas?

Take a look at LtAP-mini or LtAP ,with your choice of MT-LTE card, you just need 2x~5 to10cm u.fl -> SMA patch leads & a drill. Job done, then you can put your external antenna. Else there are plenty of other offerings like a routerboard and again install your LTE card onto and do your own custo...
by killersoft
Fri Aug 07, 2020 4:20 am
Forum: RouterBOARD hardware
Topic: Groove lightning protection
Replies: 2
Views: 1175

Re: Groove lightning protection

Having managed a few massive satellite ground stations in my time, 2 things usually happen. 1 is the lightning rods on the top of the satellite dish which is directly cabled to ground safely takes the hit. Lightning arresters installed after waveguide->LNA/LNBs->Coax go open circuit(blow the fuse), ...
by killersoft
Tue Aug 04, 2020 4:39 pm
Forum: SwOS
Topic: feature request - https for webui
Replies: 31
Views: 13803

Re: feature request - https for webui

Why not SSH to the unit (better than web based config)?
You could go back to RouterOS(The switch menu is there, if you need pure wire-speed config ) and use Winbox or SSH for secure logging in.
RouterOS supports HTTPS too.
https://wiki.mikrotik.com/wiki/Manual:W ... ling_HTTPS
by killersoft
Tue Aug 04, 2020 4:26 pm
Forum: RouterBOARD hardware
Topic: CCR Recommendation
Replies: 4
Views: 2025

Re: CCR Recommendation

Why CCR (Whats your bandwidth your forwarding/inputting )? Most RB's will do fine.
Try a RB4011, good bang for buck, or just run a x86 VM of RouterOS.
by killersoft
Tue Aug 04, 2020 12:58 pm
Forum: General
Topic: RBLtAP-2HnD&R11e-LTE configuration issue
Replies: 5
Views: 2101

Re: RBLtAP-2HnD&R11e-LTE configuration issue

I think in your case, you will need a second LTE/4G card to achieve what you want to do with sim1 being for LAN and sim2 being for wifi services. Pretty stright forward MT route config. That said, I think you will then need to do some homework on antennas for a dual card setup. Not sure if it helps ...
by killersoft
Tue Aug 04, 2020 12:45 pm
Forum: General
Topic: RBLtAP-2HnD&R11e-LTE configuration issue
Replies: 5
Views: 2101

Re: RBLtAP-2HnD&R11e-LTE configuration issue

Arr my mistake
2 ltap questions with similar usernames !!
by killersoft
Tue Aug 04, 2020 12:24 pm
Forum: General
Topic: RBLtAP-2HnD&R11e-LTE configuration issue
Replies: 5
Views: 2101

Re: RBLtAP-2HnD&R11e-LTE configuration issue

Please see my response to your earlier post.
viewtopic.php?f=13&t=164306
by killersoft
Tue Aug 04, 2020 12:15 pm
Forum: Beginner Basics
Topic: Bad performance with LTaP LTE6
Replies: 19
Views: 5200

Re: Bad performance with LTaP LTE6

EC25-xx(whatever) has a USB2 minipcie interface and will work in the LtAP with out hardware issue as LtAP's chipet is USB2/MiniPCIe cpu based board. EP06-xx IS USB 3.0 interfaced card on the hardware interface and will require you to tape/glue or cut pins on the card to get it to work in USB 2 mode(...
by killersoft
Sun Aug 02, 2020 8:14 am
Forum: RouterBOARD hardware
Topic: Quectel EP06-E and wAP R ac (RBwAPGR-5HacD2HnD)
Replies: 42
Views: 80514

Re: Quectel EP06-E and wAP R ac (RBwAPGR-5HacD2HnD)

How did it show you that it was using CA? I'm not seeing that. But maybe it's different with a Mikrotik modem. RBwAPGR-5HacD2HnD WITH A R11e-LTE6 card (Card firmware version R11e-LTE6_V025).. See how winbox shows Primary Band & CA Band.. Sometimes its different bands like B3/B7 or vise versa !!...
by killersoft
Sat Aug 01, 2020 9:12 am
Forum: RouterOS beta
Topic: 802.1AE MACsec Progress or Examples ?
Replies: 40
Views: 18475

802.1AE MACsec Progress or Examples ?

Hi, just wondering if there is any formal documentation for Mikrotik's 802.1AE (AKA MACsec) in RoS v7. Given its been in RoS v7 at least since its early beta release I was hoping to see some doco on it by now. As of yet I have not got it working between devices( Get as far as it 'negotiating', and c...
by killersoft
Tue Jul 28, 2020 3:49 pm
Forum: RouterBOARD hardware
Topic: SXT LTE antenna mod for B28 - it's working! [SOLVED]
Replies: 6
Views: 3861

Re: SXT LTE antenna mod for B28 - it's working! [SOLVED]

Interesting installation on a SXT.
Band 28 is hard to get right given the physically large antenna required to have a good efficiency(Q rating) for a given antenna.
I'm sending some gear up to rural NSW tomorrow for a B28 job, the other guy is a ham radio operator and is making his own B28 antenna.
by killersoft
Sun Jul 26, 2020 10:39 am
Forum: RouterBOARD hardware
Topic: Quectel EP06-E and wAP R ac (RBwAPGR-5HacD2HnD)
Replies: 42
Views: 80514

Re: Quectel EP06-E and wAP R ac (RBwAPGR-5HacD2HnD)

I answered my own question. This is definitely a whole lot easier with RouterOS 7 beta. It's just plug and play. So that's what I'm using. WinBox doesn't seem to have any indication that the modem is using carrier aggregation, but based on the output of AT+QCAINFO ("Query Carrier Aggregation P...
by killersoft
Sun Jul 26, 2020 9:58 am
Forum: RouterBOARD hardware
Topic: Fixed AP's with external sensors
Replies: 1
Views: 1230

Fixed AP's with external sensors

Hi, just throwing this one out there since we know MT's are flexible in their architecture & designs. I was staring at my cAP AC mounted in the ceiling of my house, and was thinking wouldn't it be great if the unit had plug-inable sensors like : "Smoke detector", "Particulate dete...
by killersoft
Fri Jul 17, 2020 9:40 am
Forum: Beginner Basics
Topic: Mikrotik and Esxi 6.7 NIC teaming (802.3ad) ISSUE
Replies: 4
Views: 5936

Re: Mikrotik and Esxi 6.7 NIC teaming (802.3ad) ISSUE

Thanks for the advice on that. Just about to buy Vmware essentials plus kit v7.0.. The problem is neither the physical switch nor the routerOS license level. It's in ESX. Link aggregation is only supported on distributed switches. These are only available from vSphere enterprise license level upward...
by killersoft
Thu Jul 16, 2020 12:51 pm
Forum: Beginner Basics
Topic: Mikrotik and Esxi 6.7 NIC teaming (802.3ad) ISSUE
Replies: 4
Views: 5936

Re: Mikrotik and Esxi 6.7 NIC teaming (802.3ad) ISSUE

I'm looking to do the same thing very soon, so a tested config( & esxi notes appreciated )
by killersoft
Fri Jul 10, 2020 11:59 am
Forum: Beginner Basics
Topic: Winbox can not see Mikrotik wsAP AC Lite connected to router
Replies: 5
Views: 2239

Re: Winbox can not see Mikrotik wsAP AC Lite connected to router

Depends on your config about whats wrong with why you cannot see other devices If you don't want to use capsman then just create a bridge, add all your LAN side ports & WLAN ports onto the bridge interface. Give your bridge an private IP address of your liking ( 192.168.1.1/24 ) Add your normal ...
by killersoft
Fri Jul 10, 2020 11:01 am
Forum: Announcements
Topic: v6.47.1 [stable] is released!
Replies: 146
Views: 95115

Re: v6.47.1 [stable] is released!

Impossible to update in Hap Lite.
smips.JPG
hAP update seems ok to me.
Image
by killersoft
Thu Jul 09, 2020 6:59 am
Forum: General
Topic: Multiple Road Warrior L2TP/IPsec clients behind NAT - solved
Replies: 98
Views: 83363

Re: Multiple Road Warrior L2TP/IPsec clients behind NAT - solved

Client can connect to far end(srv side) internet if IPSEC is disabled If IPSEC = enabled ( client box cant get past client-side MT ) & notably the srcnat rule doesn't get a hit from the client. No problems under 6.45.9 !! Can you post both Mikrotik configurations (see anonymisation hints in my ...
by killersoft
Wed Jul 08, 2020 5:22 am
Forum: General
Topic: Multiple Road Warrior L2TP/IPsec clients behind NAT - solved
Replies: 98
Views: 83363

Re: Multiple Road Warrior L2TP/IPsec clients behind NAT - solved

Can confirm in 6.47 there is an issue with l2tp/ipsec vpn, where the server + client device is also a mikrotik, and the client runs a NAT. The client side NAT rule doesnt even get a hit when IPSEC is enabled(both ends). If I turn it off(both ends) and just run l2tp, all is good and the src-nat rule ...
by killersoft
Sun Jul 05, 2020 5:12 pm
Forum: Announcements
Topic: Future of LTE products, user feedback requested
Replies: 208
Views: 101711

Re: Future of LTE products, user feedback requested

1. At least cat 6 2. Australia is currently using these LTE bands: 2100MHz (B1) 1800MHz (B3) 850MHz (B5) 2600MHz (B7) 900MHz (B8) 700MHz (B28) ** works well in long distance in Aus environment *** 2300MHz (B40) 3. 2G was discontinuted a couple of years ago in country. 3G will start being removed in ...
by killersoft
Sat Jun 06, 2020 4:53 am
Forum: RouterOS beta
Topic: v7.0beta8 [development] is released!
Replies: 178
Views: 92214

Re: v7.0beta7 [development] is released!

Please keep this topic related to the problems found in this RouterOS release. This topic is not made for feature requests. For that please create a new topic or contact support@mikrotik.com. Where is CAKE?!?!?!? Literally everyone expects it, yet there's nothing about it from mikrotik.. Kind of pa...
by killersoft
Sat Jun 06, 2020 4:23 am
Forum: RouterOS beta
Topic: v7.0beta8 [development] is released!
Replies: 178
Views: 92214

Re: v7.0beta8 [development] is released!

LtAP mini VS v7.0beta 8 Well the wifi via a station & station bridge mode does not work. It connects briefly(10 seconds), then drops( no its not a signal, issue, 6.47 works a treat on the same unit)). I have a Quectel EC25 LTE board in it. That works no problem ! Doing a WiFi SCAN produces rando...
by killersoft
Tue Mar 17, 2020 11:01 pm
Forum: General
Topic: Can't use vlan 1 as management vlan
Replies: 10
Views: 7006

Re: Can't use vlan 1 as management vlan

As a rule dont try and do VLAN 1 as a management vlan or as a separate vlan, you will come unstuck with vendors and some Linux kernel versions. In Cisco world vlan 1 is the Native vlan e.g the default layer 2 traffic on an unconfigured switch . Googling 'vlan 1' or 'native vlan' has so many varied r...
by killersoft
Wed Mar 04, 2020 1:45 am
Forum: General
Topic: switch that supports more than four 40-Gig ports
Replies: 16
Views: 5626

Re: switch that supports more than four 40-Gig ports

Hi. Attached is a screen shot of what RouterOS shows for 2xQSFP's in a CRS326-24S+2Q+
CRS326-24S+2Q+.png
by killersoft
Wed Mar 04, 2020 1:36 am
Forum: General
Topic: switch that supports more than four 40-Gig ports
Replies: 16
Views: 5626

Re: switch that supports more than four 40-Gig ports

Need more than 4x 40Gb ports then check Cisco 9500 series out..
https://www.cisco.com/c/en/us/products ... index.html
by killersoft
Wed Mar 04, 2020 12:39 am
Forum: Beginner Basics
Topic: MGMT and WIRELESS WIRE DISH
Replies: 1
Views: 2403

Re: MGMT and WIRELESS WIRE DISH

There are a few ways to do a Management-VLAN for MT devices, and you could just add a VLAN against your trunk interface(not a great recommendation, but will get you out of a tough spot ). OR do it the better way for MT/RouterOS https://wiki.mikrotik.com/wiki/Manual:Basic_VLAN_switching The info belo...
by killersoft
Fri Nov 15, 2019 12:30 pm
Forum: RouterOS beta
Topic: MACSec beta3
Replies: 2
Views: 5445

MACSec beta3

Hi. I am testing out MACSec(beta 3) on a RB951G-2HnD & RB750G, but cannot seem to get the two mikrotik units past "negotiating". I'm using the same cak and ckn values between the units, and the ethernets are of course connected together. I'm using the same code(different interface name...
by killersoft
Thu Aug 22, 2019 9:12 am
Forum: General
Topic: Feature requests
Replies: 1740
Views: 631684

Re: Feature requests

Please add IEEE 802.1AE AKA MACSEC to Router & SwitchOS.
by killersoft
Thu Jul 25, 2019 11:36 am
Forum: RouterBOARD hardware
Topic: Quectel EP06-E and wAP R ac (RBwAPGR-5HacD2HnD)
Replies: 42
Views: 80514

Re: Quectel EP06 and wAP R ac (RBwAPGR-5HacD2HnD)

Thanks mkx for the eNB ID info. @RogerWilco Consider a EC25-AU as it is electrically more compatible(+RCM compliant) with most MT boards (usb 2) plus it also fully support all the AUS bands(like B28). See(about taping pins): https://wiki.mikrotik.com/wiki/Cellular_Quectel_modems_01 That said, I susp...
by killersoft
Wed Jul 24, 2019 12:41 pm
Forum: RouterBOARD hardware
Topic: Quectel EP06-E and wAP R ac (RBwAPGR-5HacD2HnD)
Replies: 42
Views: 80514

Re: Quectel EP06 and wAP R ac (RBwAPGR-5HacD2HnD)

This is quite subjective, also to note is that the EP06-E is running on the default antenna's on my w AP R ac unit. Also I am currently back in Victoria. I suspect that the B28 tower is at a different location to the other tower doing band 3&7!? So B3 / B7 /B28 .. BAND 3.png BAND 7.png BAND 28.p...
by killersoft
Mon Jul 22, 2019 6:45 am
Forum: General
Topic: v7 Linux Kernel version ?
Replies: 6
Views: 8656

v7 Linux Kernel version ?

Just curious, what Linux version will/is ROS v7 be running under the hood ?
(Noting v6 is running v3.3.5)
by killersoft
Sun Jul 21, 2019 8:24 am
Forum: RouterBOARD hardware
Topic: Quectel EP06-E and wAP R ac (RBwAPGR-5HacD2HnD)
Replies: 42
Views: 80514

Re: Quectel EP06 and wAP R ac (RBwAPGR-5HacD2HnD)

Nice mate! Finding a modem that works with LTE and not PPP with B28 + Telstra is perfect. I don't suppose you could tell me where in Australia you got the card and what firmware is on it? What speeds you getting with the modem? Hi. I picked up the EP06-E from ebay : https://www.ebay.com.au/itm/1838...
by killersoft
Sat Jul 20, 2019 2:09 pm
Forum: RouterBOARD hardware
Topic: Quectel EP06-E and wAP R ac (RBwAPGR-5HacD2HnD)
Replies: 42
Views: 80514

Quectel EP06-E and wAP R ac (RBwAPGR-5HacD2HnD)

Well happy to report that a Quectel LTE EP06-E(RCM compliant) installed in a wAP ac(RBwAPGR-5HacD2HnD) tested using ROS 6.45.1 works without the need to cut or tape pins on the card. (I am testing with ALDI mobile(mdata.net.au APN, which uses Telstra Towers here in Australia ). I used this to get to...
by killersoft
Sun Jul 14, 2019 6:30 am
Forum: Beginner Basics
Topic: Which CAT4/CAT6 LTE modem has compatibility & reliability?
Replies: 4
Views: 2196

Re: Which CAT4/CAT6 LTE modem has compatibility & reliability?

I have an ec25-AU. It took me about 15 minutes of buggering around to get it to LTE mode from the default PPP mode ( In the end I actually put it in my latop, installed (windows drivers for it), Connected to the COM port, Putty'ed into the com port and put in the command(as seen on the MT wiki ). Pl...
by killersoft
Wed Jul 10, 2019 2:11 pm
Forum: General
Topic: Which CAT4/CAT6 LTE
Replies: 4
Views: 2341

Re: Which CAT4/CAT6 LTE

I am running a EC25-AU in a LtAP, its currently running outback Australia. Its with 2x 3dBi Antennas and is working a treat on 3G( getting ~-81dBm). 4G lte b28 700MHz also works well, but getting a better signal off 3G 850Mhz at the moment and due to my extreme tower edge location. My phones I have ...
by killersoft
Thu Jul 04, 2019 12:34 pm
Forum: General
Topic: Quectel EC25 Issue with WAP-R
Replies: 1
Views: 1435

Re: Quectel EC25 Issue with WAP-R

Hi. I have the same issue. I'm trying to look into it to see if it can be changed to some sort of bridge mode, rather than the NAT style address its giving out. !
by killersoft
Tue May 07, 2019 7:35 am
Forum: RouterBOARD hardware
Topic: RB4011iGS+RM RACK EARS
Replies: 1
Views: 1431

RB4011iGS+RM RACK EARS

Having recently obtained a couple of MT RB4011iGS+RM's for install in a rack. I have to say what a poor rack ear attachment design for this router. The router is a nice robust bit of kit, but the rack ear attachment is terrible. Just 1 small screw on either ear to hold this unit is place is just cra...
by killersoft
Thu Apr 18, 2019 3:29 am
Forum: Wireless Networking
Topic: Why wireless 'A'-mode when I hard set to N-mode [SOLVED]
Replies: 2
Views: 1993

Why wireless 'A'-mode when I hard set to N-mode [SOLVED]

Hi. I have a bit of a general MT wireless question. I have run MT gear for a long time(10 Years now!) and have seen this wireless link phenomenon notably in my long distance links(7KM's+), but never understood why this occurs. This is notable when I am passing little to no traffic. If I have hard se...
by killersoft
Sat Mar 30, 2019 2:49 am
Forum: General
Topic: UKNOF 43 CVE
Replies: 223
Views: 80949

Re: UKNOF 43 CVE

Maybe its time for MT to consider a parallel "community" like edition version of RouterOS. That open to view /compile "source code" and allows the community to quickly fix issues(CVE's !!!) and add networking functionality as community made plugin's for MT Hardware..
by killersoft
Sat Mar 30, 2019 2:05 am
Forum: General
Topic: UKNOF 43 CVE
Replies: 223
Views: 80949

Re: UKNOF 43 CVE

At some point enough, is enough. And yes, other vendors have other issues. Other vendors may also be more costly. But at least other vendors take responsibility for their products, have a clear guideline what a timely response to a ticket is and implement critical features, that customers and the i...
by killersoft
Sat Mar 30, 2019 1:44 am
Forum: General
Topic: UKNOF 43 CVE
Replies: 223
Views: 80949

Re: UKNOF 43 CVE

While many of you are notably upset about the extraordinary amount of time that has gone by on this issue. I note some of you are wanting to move to new product vendors. This is your prerogative to do so. That said, I will point out the BIG VENDORS such as CISCO are smashed by CVE's problems ALL the...
by killersoft
Sun Dec 02, 2018 9:30 am
Forum: RouterBOARD hardware
Topic: Vibration Sensor
Replies: 2
Views: 1473

Re: Vibration Sensor

True for that particular situation. But not all installs are secure buildings. 30dBi Antenna's such as the https://mikrotik.com/product/MTAD-5G-30D3-PA can become big wind sails and stress mounting gear that was not obvious when install occurs on a nice day. Also managing sites remotely e.g those th...
by killersoft
Sun Dec 02, 2018 1:47 am
Forum: RouterBOARD hardware
Topic: Vibration Sensor
Replies: 2
Views: 1473

Vibration Sensor

Hi. I was thinking about how useful a vibration sensor would be for a fair chunk of mikrotik outdoor products. Over my many years of wireless installs, wind is usually an enemy for wireless antenna/integrated WiFi products where the guy wires or structures that mount those systems is not quite up to...
by killersoft
Wed Jul 04, 2018 4:00 am
Forum: General
Topic: LAN side bridge forward filtering options?
Replies: 4
Views: 1648

Re: LAN side bridge forward filtering options?

Sorry, I don't agree with you R1CH for my typical mikrotik configurations across my campus network. If this was a typical cisco switch(ASIC switching) I would agree, or if I was using mikrotik switch chip directly. I can use Torch on the bridge and or each interface and see traffic 'Forwarding' or '...
by killersoft
Wed Jul 04, 2018 1:58 am
Forum: General
Topic: LAN side bridge forward filtering options?
Replies: 4
Views: 1648

Re: LAN side bridge forward filtering options?

Thanks dadaniel.
I'll take a look at AP isolation.
As I am not using the switch chip for my ether->vlan activities rather ether->bridge->vlan. Thats why I am looking at bridge firewall rules at this point.

Cheers
by killersoft
Mon Jul 02, 2018 4:07 am
Forum: General
Topic: LAN side bridge forward filtering options?
Replies: 4
Views: 1648

LAN side bridge forward filtering options?

Hi. I'm running a small campus with about 40 wifi/ether ports devices(Distribution network) for guests that run behind a MT hotspot/firewall. I run a pretty good firewall set on the main router/internet/hotspot box. I'm putting some thought on the internal LAN side of the network and asking the ques...
by killersoft
Tue Jun 19, 2018 4:25 am
Forum: Virtualization
Topic: CHR neighbour discovery problem
Replies: 13
Views: 12690

Re: CHR neighbour discovery problem

Hmm.
Just noticed that too. The CHR shows up in other MT devices, but winbox does not..
Weird..
by killersoft
Mon May 14, 2018 2:05 am
Forum: RouterBOARD hardware
Topic: 3x3 MIMO antennas >20dBi
Replies: 19
Views: 4639

Re: 3x3 MIMO antennas >20dBi

The crosstalk is cos(angle) related so at 90 degrees there is "theoretically zero" crosstalk (in practice those 20-30dB figures) but at any other angle there is substantial crosstalk. At 60 degrees about half of the signal is present. I suspect that is a correct assumption. If you were tr...
by killersoft
Sun May 13, 2018 3:50 pm
Forum: RouterBOARD hardware
Topic: 3x3 MIMO antennas >20dBi
Replies: 19
Views: 4639

Re: 3x3 MIMO antennas >20dBi

3x3 MIMO is for local use, where you have an access point in a room or outdoor area and antennas that can radiate in 3 different patterns. The different clients can each have different use of these patterns. With point-to-point, 3x3 makes no sense. There are no 3 different polarization that you can...
by killersoft
Sun May 13, 2018 7:42 am
Forum: RouterBOARD hardware
Topic: 3x3 MIMO antennas >20dBi
Replies: 19
Views: 4639

Re: 3x3 MIMO antennas >20dBi

Well. Buy it and try and come back here to tell how it works. I suspect that the throughput will be better with central chain off. But maybe it will be so good that three chain could work independently. We cannot judge before the tryout. Its tempting, but I already use a 28dBi + a 30dBi for my 7km ...
by killersoft
Sat May 12, 2018 8:08 am
Forum: RouterBOARD hardware
Topic: 3x3 MIMO antennas >20dBi
Replies: 19
Views: 4639

Re: 3x3 MIMO antennas >20dBi

I hear you, that said, the isolation issue @ 45 degrees must be enough otherwise you would not design such a radio device with 3 chains. The item below is a 17dBi, which they say is better than 26dBi. I think that's pretty good gap as most 2x2 big 30dBi parabolic's have approximately 30-35dBi cross ...
by killersoft
Fri May 11, 2018 5:36 am
Forum: RouterBOARD hardware
Topic: 3x3 MIMO antennas >20dBi
Replies: 19
Views: 4639

3x3 MIMO antennas >20dBi

Just wondering if someone can tell me why there are no 3x3 MIMO antennas on the market much greater than 20dBi ? I have a couple of RB921UAGS-5SHPacD-NM(triple chain capable) doing about 8KM's point to point, but limited to 2x2 due to antenna limitations(cant find a commercial 28 to 30dBi antenna wi...
by killersoft
Mon Dec 25, 2017 10:10 am
Forum: Announcements
Topic: v6.41 [current]
Replies: 304
Views: 139491

Re: v6.41 [current]

Thanks Cha0s. I suspect I have 50+ units to manually fix-up when I go to upgrade in regards to IP Neighbor Discovery
by killersoft
Mon Dec 25, 2017 1:39 am
Forum: Announcements
Topic: v6.41 [current]
Replies: 304
Views: 139491

Re: v6.41 [current]

IP Neighbor Please revert or Alter the NEW functionality of Neighbor discovery. I use specific Bridges/Interfaces ( A management VLAN segment) that see's all devices, but I also have Client Side Bridges/Vlans/Interfaces. I DO NOT want Clients to SEE Discovery Broadcasts. Thus I ask you to Revert to ...
by killersoft
Fri Sep 15, 2017 2:26 pm
Forum: General
Topic: remote netinstall
Replies: 1
Views: 2108

remote netinstall

Hi. Is there a method to manually initiate a mikrotik device to boot into netinstall mode upon reboot(I still have access to winbox) where I do not require holding down the reset button as the devices are either in other buildings(etc) ? I have found a repeatable bug with a bunch of MT devices(LTE/F...
by killersoft
Tue Apr 25, 2017 12:09 pm
Forum: General
Topic: Is DHCP on VLANs Broken in 6.38.5 ??
Replies: 6
Views: 1432

Re: Is DHCP on VLANs Broken in 6.38.5 ??

I think there is too.. I'm having a DHCP issues.
I had a power outage on my DYNADISH(doing local DHCP to eth->VLAN) and now with dhcp 'offering' but devices are not accepting..
It was all working before the power outage... Config has not changed..
by killersoft
Thu Apr 06, 2017 8:55 am
Forum: General
Topic: Problem with VLAN
Replies: 7
Views: 2137

Re: Problem with VLAN

Use current bugfix 6.37.5, or do a full cutover on your second-end routerboard to 6.38.5 This is probably the indirect cause : What's new in 6.38 (2016-Dec-30 11:33): Important note!!! RouterOS v6.38 contains STP/RSTP changes which makes bridges compatible with IEEE 802.1Q-2014 by sending and proces...
by killersoft
Thu Apr 06, 2017 6:26 am
Forum: General
Topic: Hotspot and dual stack (ipv4/ipv6)
Replies: 2
Views: 2085

Hotspot and dual stack (ipv4/ipv6)

Hi. I have been running a MT hotspot for work for a number of years(CLASSIC IPv4).. Our ISP has native IPv6 available..(I have tested it on the network, and noted the routeros hotspot service does not touch IPv6 packets, thus client machines can bypass the hotsport service e.g http://ipv6.google.com...
by killersoft
Wed Mar 08, 2017 1:53 am
Forum: General
Topic: CIA exploits against Mikrotik hardware
Replies: 97
Views: 60930

Re: CIA exploits against Mikrotik hardware

Thanks Normis.
Look forward to the detailed response..
Cheers
by killersoft
Thu Mar 02, 2017 12:43 am
Forum: General
Topic: Request : MACSec 802.1AE
Replies: 0
Views: 1418

Request : MACSec 802.1AE

Just a request for RouterOS to add MACSec 802.1AE
To its existing suite..
Regards
Greg
by killersoft
Thu Feb 16, 2017 10:39 am
Forum: General
Topic: Security concern cloud.mikrotik.com DNS request
Replies: 5
Views: 1644

Re: Security concern cloud.mikrotik.com DNS request

Thanks for the information.
by killersoft
Thu Feb 16, 2017 1:57 am
Forum: General
Topic: Security concern cloud.mikrotik.com DNS request
Replies: 5
Views: 1644

Security concern cloud.mikrotik.com DNS request

Hi all. I have a setup, where a MT wireless router is configured without issue on a NON-INTERNET connected network. However, I note from my SYSLOG server that the router reports to that it appears the router in question attempts to automatically DNS request(every 1/2 hr) cloud.mikrotik.com.. WHY is ...
by killersoft
Tue Feb 07, 2017 5:16 am
Forum: General
Topic: RB921UAGS-5SHPacT-NM Ch0,1,2 Q
Replies: 1
Views: 950

RB921UAGS-5SHPacT-NM Ch0,1,2 Q

Hi all
If I was to buy a RB921UAGS-5SHPacT-NM (Triple chain device), and only use CH0 & CH1 and disable CH2 (As the current antenna only supports vert/horizontal inputs).. Is there any big issues(Other than loss of available bandwidth of course) I should make myself aware of ??
by killersoft
Wed Jan 18, 2017 5:20 am
Forum: General
Topic: Dynadish weight
Replies: 0
Views: 747

Dynadish weight

Hi. Does anyone know what the weight of a Dynadish is ? (RBDynaDishG-5HacD).
I can find some references to shipping weight(unit plus box weight(which I know is probably .5-1 kg? of cardboard), but not the unit itself.
I am doing some mast loading calculations.
:D
by killersoft
Fri Jan 06, 2017 12:49 am
Forum: Announcements
Topic: v6.38 [current] is released!
Replies: 168
Views: 63642

Re: v6.38 [current] is released!

Installed 6.38 to a 50+ device mix of MT routers/crs devices(~50%) and AP's(~50%) from v6.37.1. Had 3x devices die from a 6.37.1 ->6.38 upgrade ( 1xRBwAP2nD & 2xRB912UAG-2HPnD), had to net-install to fix. *** Had ALL 5x RB2011UiAS 2x CRS125-24G-1S give a WARNING in the log about OVERCLOCKED RAM ...
by killersoft
Fri Nov 25, 2016 12:54 am
Forum: General
Topic: gateway mac 00:00:00:00:00:00 - hEX r3
Replies: 12
Views: 3366

Re: gateway mac 00:00:00:00:00:00 - hEX r3

Not sure, I see your running ap-bride / bridge, which seems right..
Perhaps run a tunnel protocol between end points ?
by killersoft
Tue Nov 01, 2016 3:55 am
Forum: Virtualization
Topic: Sucessful Amazon CHR RouterOS Test
Replies: 24
Views: 13534

Re: Sucessful Amazon CHR RouterOS Test

Hi, yes I kept it simple. Just pressed the check for updates in the package list(release candiate(cutting edge eh!!), and pressed upgrade). Took less than minute to come back to life on AWS.
Nice and smooth :).
Cheers
by killersoft
Tue Oct 25, 2016 12:47 pm
Forum: Virtualization
Topic: Sucessful Amazon CHR RouterOS Test
Replies: 24
Views: 13534

Sucessful Amazon CHR RouterOS Test

Hi all. Just did an Amazon Web services test of Mikrotiks RouterOS with the available amazon marketplace release of RouterOS v6.34.1. As it was just a test I did an upgrade to v6.38rc15 which went smooth.. I used the t2.micro ( Free tier ) for the test. It took me about 2 minutes from starting the w...
by killersoft
Tue Aug 09, 2016 1:27 pm
Forum: General
Topic: Feature request: OpenVPN compression LZO and UDP
Replies: 200
Views: 125464

Re: Feature request: OpenVPN compression LZO and UDP

+1 PLEASE MIKROTIK...
by killersoft
Fri Jul 22, 2016 1:01 am
Forum: Announcements
Topic: v6.37rc [release candidate] is released, only one wireless package!
Replies: 320
Views: 102487

Re: v6.37rc [release candidate] is released, only one wireless package!

Updated from 6.36 to 6.37rc4 on a RB951-2n..  Did the update over wireless, but of course it didn't not come back. I see I should have updated it over Ethernet. I had to manually enable 'Wireless' package and manually enable the wlan1 interface and re-program SSID/frequency etc.. So its like a fresh...
by killersoft
Wed Jul 20, 2016 4:12 am
Forum: Wireless Networking
Topic: Wi-Fi metal setup
Replies: 29
Views: 5747

Re: Wi-Fi metal setup

http://en.data-alliance.net/wp-content/uploads/2012/11/antennas-range-patterns.jpg http://www.zive.cz/GetThumbNail.aspx?id_file=507737282&width=480&height=391&q=100 The RF radiation pattern of an antenna is true for both Transmit and Receive operations. Given you want to cover an area b...
by killersoft
Wed Jul 20, 2016 4:03 am
Forum: Wireless Networking
Topic: Need solution for wireless devices.
Replies: 7
Views: 1956

Re: Need solution for wireless devices.

Hi If you use an antenna like this  http://i.mt.lv/routerboard/files/DPA-SLANT-R0-151029152145.pdf   then both polarizations are integrated into the one antenna. What you may find is if you enable 2 chains in your netmetal that possibly signal levels from one of the chains(polarization) will be bett...
by killersoft
Tue Jul 19, 2016 3:44 am
Forum: Wireless Networking
Topic: Wi-Fi metal setup
Replies: 29
Views: 5747

Re: Wi-Fi metal setup

Probably something like ( if you still have it mounted 10 meters up and a direct connect to your RB Metal 2.4GHz ). http://www.l-com.com/wireless-antenna-24-ghz-3-dbi-black-radome-enclosed-omni-antenna-type-n-female-bulkhead OR http://www.l-com.com/wireless-antenna-24-ghz-2-dbi-omnidirectional-anten...
by killersoft
Tue Jul 19, 2016 3:35 am
Forum: Wireless Networking
Topic: Need solution for wireless devices.
Replies: 7
Views: 1956

Re: Need solution for wireless devices.

Hi, (noted on 5GHz. You should still be able to use smaller bandwidths).. Can you change polarity of the antenna's e.g. vertical to horizontal polarization... Generally if you use horizontal you can get 20 to 25dBm isolation between polarization, depending on antenna design. This alleviates noise(wh...
by killersoft
Mon Jul 18, 2016 1:57 am
Forum: Wireless Networking
Topic: Wi-Fi metal setup
Replies: 29
Views: 5747

Re: Wi-Fi metal setup

If you mount the antenna at 10 meters, then you should use a 2 or 3dBi vertical, as the radiation pattern of the 8dBi is not good for area below the antenna. a 2 or 3 dBi vertical will be better for areas below the antenna at that height.
by killersoft
Mon Jul 18, 2016 1:36 am
Forum: Wireless Networking
Topic: Need solution for wireless devices.
Replies: 7
Views: 1956

Re: Need solution for wireless devices.

A couple of options are. 1) Use NV2 ( it is more robust in noisy environments ) 2) You could use narrower channel spacing. Instead of using 20MHz use 10 or 5 MHz( If using 2GHz area, set to using G or N mode or combination, but you will need to test in your area and your setup). This increases the e...
by killersoft
Thu Jul 07, 2016 7:07 am
Forum: General
Topic: LOG https:// addresses
Replies: 3
Views: 2529

Re: LOG https:// addresses

Thanks Sob, I take your point on the full URL being encrypted... That said : I note I can see in the initial handshake (Using Wireshark filter ->  ssl.handshake.type == 1) which is the initial client hello message that I can see the requested domain address from the client machine. This is at least ...
by killersoft
Thu Jul 07, 2016 4:50 am
Forum: General
Topic: LOG https:// addresses
Replies: 3
Views: 2529

LOG https:// addresses

Hi. Does anyone have a method to LOG https:// addresses people behind my NAT are connecting to ? I already know how to log http:// addresses(Via Webproxy), but that's only good for port 80 stuff. I am specifically looking for the whole address line of a web page request(not the encrypted content) e....
by killersoft
Mon Jun 13, 2016 3:26 am
Forum: RouterBOARD hardware
Topic: 9HPn Issues
Replies: 3
Views: 1399

Re: 9HPn Issues

900MHz band, that's a tough band to work in... Can you access the 'faulty' unit(s) from the other side of the wireless rather than locally from the 'faulty' ethernet ? How are you linking the Ethernet side to wifi  (e.g  Do you make a BRIDGE and port link the wifi interface and the ethernet interfac...
by killersoft
Wed Jun 08, 2016 3:40 am
Forum: RouterBOARD hardware
Topic: CRS112-8G-4S-IN
Replies: 1
Views: 1409

CRS112-8G-4S-IN

Grateful Mikrotik supplies rack ears for the CRS112-8G-4S-IN product.. I have a few of these and have no idea why they do not come with ears(and they are not available from your suppliers as an aftermarket item). I also have a few CRS212-1G-10S-1S+ IN units which do have ears(I'v stolen the ears off...
by killersoft
Sat Apr 16, 2016 5:18 am
Forum: General
Topic: v6.35 [current] is released!
Replies: 103
Views: 39365

Re: v6.35 [current] is released!

Massive update!
Its also been one of the longest number of release candidates I think I've ever seen(me since v4.17). Thought I was going to see an RC50 in there :)

Just upgraded a RB-951-2n to 6.35, so far so good for that unit..
by killersoft
Thu Mar 17, 2016 1:06 am
Forum: Announcements
Topic: Newsletter 71
Replies: 66
Views: 36224

Re: Newsletter 71

Hi I'm liking the LHG 5 from a cost perspective (gather it does well for ~3km-4km links based on TX pwr?).. Love to see a LHG 5HPacn version or using the same platform and kick it up a notch to the 24 GHz ISM band using the same antenna for higher gain(nice way to enter a new market area in 24GHz Wi...
by killersoft
Thu Dec 24, 2015 8:29 am
Forum: SwOS
Topic: swos is dead?
Replies: 9
Views: 6278

Re: swos is dead?

Hi It may pass vlan traffic at wirespeed OK, but 15mS ping response @ 1Gbps fiber link is a long time in the network world and looks bad on some of my monitoring equipment especially when peer IT people are looking over my install and laughing, telling me I should have put cisco gear in. In hindsigh...
by killersoft
Wed Dec 23, 2015 1:26 am
Forum: SwOS
Topic: swos is dead?
Replies: 9
Views: 6278

Re: swos is dead?

I just deployed 5 of these 260GSP units. There are some real issues. E.g ; NO subnet mask against the IP address such as 172.16.1.1 or 10.1.1.1 seems to default to a /24 address range. VLAN and the mikrotik discovery protocol on these units cannot be seen by other MT products on the same VLAN, but s...
by killersoft
Thu Dec 17, 2015 10:27 am
Forum: Wireless Networking
Topic: WPA2 EAP, RADIUS and Userman.. Help required
Replies: 2
Views: 1730

Re: WPA2 EAP, RADIUS and Userman.. Help required

Thanks nspitzer.

I note that I will need to use an external radius server, rather than using the MT 'userman' package to use encrypted protocols for WPA2-EAP.
Cheers
Greg
by killersoft
Sun Nov 29, 2015 2:04 am
Forum: General
Topic: Feature Request: EAP-TLS authentication with user manager
Replies: 7
Views: 4552

Re: Feature Request: EAP-TLS authentication with user manager

+1 For this.
I have a wireless MT network I'd love to convert over to Userman for WPA2 EAP
by killersoft
Sun Nov 29, 2015 12:26 am
Forum: Wireless Networking
Topic: power up several APs / realized WLAN projects
Replies: 1
Views: 1045

Re: power up several APs / realized WLAN projects

These are just a few items from the RouterBoard range that do PoE output. PowerBox (RB750P-PBr2); 1x PoE in -> 4xPoE Out hex PoE lite; 1x PoE in -> 4xPoE Out RB260GSP; 1x PoE in -> 4xPoE Out I have experience with PowerBox and the RB260GSP, they work great(Just need to remember to click the option o...
by killersoft
Sat Nov 28, 2015 10:25 am
Forum: Wireless Networking
Topic: WPA2 EAP, RADIUS and Userman.. Help required
Replies: 2
Views: 1730

WPA2 EAP, RADIUS and Userman.. Help required

Hi, I am doing some testing on what should be a basic wireless WPA2 EAP setup. But I am running into an issue with the RADIUS response of ; radius,debug,packet Reply-Message = "unknown authentication algorithm" which appears to stop me wirelessly login in with my laptop and or mobile phone...
by killersoft
Wed Oct 28, 2015 8:34 am
Forum: General
Topic: SFP in SFP+ slot
Replies: 3
Views: 2978

Re: SFP in SFP+ slot

Thanks for the info.
by killersoft
Tue Oct 27, 2015 1:29 pm
Forum: General
Topic: SFP in SFP+ slot
Replies: 3
Views: 2978

SFP in SFP+ slot

Hi, this has probably been asked before, but can I use say 2x CRS210-8G-2S+IN or CRS226-24G-2S+IN but use 1Gbps SFP's(S-85DLC05D) rather than 10Gbps sfp's.? I guess more generally can I use a standard SFP in a SFP+

Cheer
Greg
by killersoft
Sat Apr 18, 2015 3:47 pm
Forum: Announcements
Topic: RouterOS v6.27 released
Replies: 273
Views: 134352

Re: RouterOS v6.27 released

Just wondering if anyone else is suffering a failure of the "Reset Counters" in the Interface/Traffic TAB. By where as an example in the Tx/Rx Bytes( and in my instance this interface connections to my cable modem ) and in my case shows 32Gb TX and 31Gb Rx respectively. But when I click on...
by killersoft
Wed Apr 01, 2015 12:13 pm
Forum: General
Topic: Feature request for v7.x
Replies: 296
Views: 106925

Re: Feature request for v7.x

+1 for 6rd support .

My isp only supports that at this point and I don't want a tunnel service like HE.
Regards
by killersoft
Tue May 27, 2014 6:16 am
Forum: General
Topic: Minimum SNR for Auto Rate Fall Back
Replies: 1
Views: 1185

Re: Minimum SNR for Auto Rate Fall Back

Attached is a copy of my research. Let me know if its not quite right.
by killersoft
Sun May 18, 2014 10:10 am
Forum: General
Topic: Minimum SNR for Auto Rate Fall Back
Replies: 1
Views: 1185

Minimum SNR for Auto Rate Fall Back

Does anyone have a list/table of minimum SNR for Auto Rate Fall Back for 802.11 b and n modes I'm doing a Uni paper at the moment on omni antenna gain and want to add some context to different 'gain' omni antenna's(2,3,5,9,15dBi) vs performance.(I'v already done some real world tests today around th...
by killersoft
Wed Apr 16, 2014 12:52 pm
Forum: General
Topic: v6.12 released
Replies: 236
Views: 81564

Re: v6.12 released

NTP Client seems to still have an issue(as of 6.11, v6.10 had no issues) on MT Metals 2SHPn's(WILL NOT SET System clock time).
My RB951G(v5.26) on the same subnet with the same NTP config has no issue with setting the system time.
Think it might be Supout.rif time... !
by killersoft
Sun Mar 23, 2014 11:09 pm
Forum: General
Topic: v6.11 released
Replies: 260
Views: 112353

Re: v6.11 released

NTP Client has stopped working on both of my RB Metal 2SHPn's after upgrading from 6.10 to 6.11.
It just displays the word 'reached' in Winbox, and that's all it does.
by killersoft
Thu Feb 06, 2014 1:49 pm
Forum: General
Topic: 6.9 released!
Replies: 222
Views: 103733

Re: 6.9 released!

v6.9 works on my Metal 2SHPn (8 Km link @ 802.11 mode ) no problem yet !!
by killersoft
Tue Nov 26, 2013 3:46 am
Forum: General
Topic: CCR SFP Ports
Replies: 3
Views: 2246

Re: CCR SFP Ports

Will there be a CloudCore router with ~24 SFP ports ever?
+1 Would love that.

Would also love to see 12 or 24 port SFP switches(Would love to replace out all our ether & media converters to be all in 1 fibre switch/routing device )
by killersoft
Fri Sep 06, 2013 7:01 am
Forum: General
Topic: Hotspot address/to address
Replies: 1
Views: 2822

Re: Hotspot address/to address

I worked it out. Had to set 'Address Pool' to none in the Hotspot user profile..
by killersoft
Fri Sep 06, 2013 2:55 am
Forum: General
Topic: Hotspot address/to address
Replies: 1
Views: 2822

Hotspot address/to address

Hi.
Just wondering how do I get the mikrotik hotspot -> Hosts IP 'Address' of client machines to be the same as the 'To Address' IP.
HOW DO I.JPG
by killersoft
Sun Jun 16, 2013 7:40 am
Forum: General
Topic: IPSEC LAN bridge.
Replies: 1
Views: 1653

IPSEC LAN bridge.

Hi, I'm looking for some info on bridging a LAN segment, which is normally easy, but I'd like to put in 2 Mikrotik routers, and IPSEC over the wifi segment to join 2 LAN segments. The WIFI part is not in my control and I'm effectively give an Ethernet cable at both sites saying that is the link to t...
by killersoft
Thu Jun 13, 2013 1:58 am
Forum: Wireless Networking
Topic: arp poison question
Replies: 4
Views: 2464

Re: arp poison question

As I said ARP poisining is in effect by default when hotspot is enabled(going by the book). A 3rd party cannot arp poison an already arp poisoned network(whats the point!), not to say they cannot cause denial of service!. Like any open to the public network, enable firewall's on pc's & routers(w...
by killersoft
Thu Jun 13, 2013 1:15 am
Forum: Wireless Networking
Topic: arp poison question
Replies: 4
Views: 2464

Re: arp poison question

Hotspot default setup, has ARP poising turned on in the first instance. You have to manually turn it off!!.
by killersoft
Thu Jun 13, 2013 1:12 am
Forum: Wireless Networking
Topic: Noise Floor
Replies: 7
Views: 15697

Re: Noise Floor

No worries. I edited the last table of info, I had the brackets in the wrong spot, which made the table header read wrong!.. The same principal's applies to ADSL over phone lines as well as digital satellite services.(Though Satellite tends to use the Term 'EbN0' for signal to noise value of a signa...
by killersoft
Wed Jun 12, 2013 1:15 am
Forum: Wireless Networking
Topic: Multiple APs on same subnet
Replies: 5
Views: 2756

Re: Multiple APs on same subnet

Will I need to use different frequencies for my AP's or can I keep the same channel ? Whats the effect on the end user devices ?
by killersoft
Wed Jun 12, 2013 1:08 am
Forum: Wireless Networking
Topic: Noise Floor
Replies: 7
Views: 15697

Re: Noise Floor

I hope the following helps you understand nose floor vs signal level(or strength). Just remember you are dealing with negative numbers and you will be all good... Quoted FROM : http://www.dd-wrt.com/wiki/index.php/Index:FAQ#How_do_I_read_signal_and_noise_ratings.3F ----------------------------------...
by killersoft
Tue Jun 11, 2013 10:51 am
Forum: Wireless Networking
Topic: Multiple APs on same subnet
Replies: 5
Views: 2756

Multiple APs on same subnet

Hi, I'd like some advice on setting up this scenario. I'd like to set up 4 AP's(Large area ~ 100meters between points in a square shape) using same SSID & Encryption password, and run off the same subnet . I'd like the end users to be able to use 1 SSID to sign in with, but for them not to notic...
by killersoft
Thu Mar 28, 2013 6:32 am
Forum: Forwarding Protocols
Topic: CISCO EIGRP info now available
Replies: 2
Views: 2355

Re: CISCO EIGRP info now available

And some further updates.... Last updated: March 2013 Q. Why is Cisco opening up Enhanced Interior Gateway Routing Protocol (EIGRP)? A. Cisco is opening up its EIGRP routing protocol as an open standard in order to help companies operate in a multi-vendor environment. Customers should be able to pic...
by killersoft
Thu Mar 28, 2013 5:43 am
Forum: Forwarding Protocols
Topic: CISCO EIGRP info now available
Replies: 2
Views: 2355

CISCO EIGRP info now available

Cisco have opened up EIGRP protocol.

http://www.ietf.org/staging/draft-savage-eigrp-00.txt

Now how long will it be if we see that added to the mikrotik forwarding protocols.

Cheers
by killersoft
Wed Aug 08, 2012 12:25 pm
Forum: Beginner Basics
Topic: VLANs work over trunk, but how do I tag switch ports?
Replies: 8
Views: 6503

Re: VLANs work over trunk, but how do I tag switch ports?

Hi, I'm not sure why you say I am wrong. The chip `CAN' add and change vlan headers. Just look at the atheros AR8327 datasheet. If anything the AR8327 can do more than 7240 chip. Solution Highlights • One GMII or two RGMII MAC interfaces • Single SERDES/SGMII Interface • 5 integrated 10/100/1000Base...
by killersoft
Sun Aug 05, 2012 4:42 pm
Forum: General
Topic: Legal power for 2.4 ghz channel
Replies: 1
Views: 864

Re: Legal power for 2.4 ghz channel

probably its 4 watts eirp = 36dbm which is a combo of dbm power out of your mikrotik + dbm gain of whatever antenna you are using.
by killersoft
Sun Aug 05, 2012 4:39 pm
Forum: General
Topic: plz plz help plz
Replies: 1
Views: 867

Re: plz plz help plz

use winbox torch to have a look at whats happening on your lan segment.. probably virus/malware or a dodgy user! then use firewall rules to block/disconnect them.
by killersoft
Sun Aug 05, 2012 4:35 pm
Forum: General
Topic: Hotspot and login
Replies: 1
Views: 1090

Re: Hotspot and login

You should be able to set max hotspot sessions to 1, and ensure hotspot Route poisoning is turned on to stop un-authed clients starting a mac/ip port scan. Turn on arp-poisoning by making sure the address pool to none ip range in hotspot->server. Arp poisoning can cause some issues with network prin...
by killersoft
Sun Aug 05, 2012 4:20 pm
Forum: General
Topic: lan ping time out
Replies: 8
Views: 3616

Re: lan ping time out

You should do a check that one of your lan pc's is not : route poisioning your lan
The effects you descibe, are similar to an experiance I have had with route poisioning the arp table.

My cause was the mikrotik hotspot was doing the R-Poising by default to stop un-authed devices traversing the lan.
by killersoft
Tue May 22, 2012 5:06 pm
Forum: General
Topic: Mikrotik Router DDoS attack
Replies: 32
Views: 11755

Re: Mikrotik Router DDoS attack

add action=drop chain=input disabled=no dst-port=\
0-1055,8291,8080,5000 in-interface="Internode PPPoE" \
protocol=tcp


Thats what I place on my wan-pppoe interface to deter nastie inbounds! Its not all i have in my rules(drop icmp etc)but makes it clear i'm not playing !!
by killersoft
Tue May 22, 2012 4:43 pm
Forum: The User Manager
Topic: concurrent users
Replies: 1
Views: 3107

Re: concurrent users

1. yes you can limit user logons to just 1 active machine(ip address). e.g trying to logon on another machine with currently running session will result in simultaneous user session reached error on the logon on the second machine.... 2. Dont use a 750gl with a level 4 licence as you will only be al...
by killersoft
Wed May 16, 2012 8:51 am
Forum: Beginner Basics
Topic: VLANs work over trunk, but how do I tag switch ports?
Replies: 8
Views: 6503

Re: VLANs work over trunk, but how do I tag switch ports?

Since the 750's(and most of the routerboards I'v seen) are logically divided so to speak into the switch side of the 750 and the CPU side(IP/routing/scriptable logic!/etc...). Some of the previous examples is using the CPU side of the unit to deal with VLAN's. You can also acheive what you are doing...
by killersoft
Tue May 08, 2012 11:35 am
Forum: General
Topic: fiber media converters in hotspot / arp-poisioning
Replies: 6
Views: 2284

Re: fiber media converters in hotspot / arp-poisioning

Thanks Feklar, I think I will do a test when I can and have a go at adding a separate subnet to the same interface for printers and use routing to get to the printer(s). I'll post back if it was a good or bad move !!

Cheers.
by killersoft
Tue May 08, 2012 2:46 am
Forum: General
Topic: fiber media converters in hotspot / arp-poisioning
Replies: 6
Views: 2284

Re: Media Converters in hotspot / arp-poisioning

+1 Karma to you both for responding... Arr, so it looked like placing 100Mbit media converters, only masked my issue(re-tested this morning).! Arp - poisioning... Now I understand what it is I'v been seeing on the network(other oddities).!! I didnt realize that hotspot introduced that( I guess as a ...
by killersoft
Mon May 07, 2012 3:19 pm
Forum: The User Manager
Topic: Move usermanager to SD card
Replies: 3
Views: 5314

Re: Move usermanager to SD card

I was able to `copy' Usermanager to the micro-sd1 card.
I then set the copied usermanager on the micro-sd1 to Active.

I then noted that I had to re-add users, but has been functioning since.
by killersoft
Mon May 07, 2012 2:31 pm
Forum: General
Topic: fiber media converters in hotspot / arp-poisioning
Replies: 6
Views: 2284

fiber media converters in hotspot / arp-poisioning

I want some input on what you believe happened in this scenario. Issues with printing came about after converting the mikrotik router into a hotspot system. I had trouble printing on printers 1 + 2, printing from pc's 1 + 2. Surfing the web via the hotspot on PC 1 & 2 had no problems. All printe...
by killersoft
Thu May 03, 2012 3:56 am
Forum: The User Manager
Topic: Move usermanager to SD card
Replies: 3
Views: 5314

Move usermanager to SD card

Hi, I have a 1100AHx2 (v5.14 ) that is being set up as a hotspot & running the internal user-man package. I have a 2Gb micro SD card in the unit. I have formatted it and it appears to be running. In the /store area the command I tried : set 1 disk=micro-sdl and it came back with `cannot change d...
by killersoft
Tue May 01, 2012 7:52 am
Forum: General
Topic: Port Mirroring
Replies: 6
Views: 53346

Re: Port Mirroring

Hi, I would like an answer on this too. I have the same requirement !!
by killersoft
Sat Apr 28, 2012 1:20 am
Forum: General
Topic: RouterOS web proxy server
Replies: 2
Views: 1209

Re: RouterOS web proxy server

"it was squid in 2.9.x, 3.x uses mikrotik proxy :)"

Well that answers that !


Cheers
by killersoft
Thu Apr 26, 2012 1:23 pm
Forum: RouterBOARD hardware
Topic: SFP module
Replies: 101
Views: 75294

Re: SFP module

some other supported SFP's I'd like to see on the list
100FX
1000SX
in LC(of course!) or MT-RJ form factors!
by killersoft
Thu Apr 26, 2012 8:23 am
Forum: Beginner Basics
Topic: First time using Mikrotik needing some help please
Replies: 6
Views: 2181

Re: First time using Mikrotik needing some help please

Hi, if I were your position, I would get rid of the firewall server and use the mirkotik to do your front end firewalling and or connection! The mikrotik can do PPPoE connections if you have adsl modem for example in bridge mode. Or at worst get an IP from a modem, but be carefull about double NAT i...
by killersoft
Thu Apr 26, 2012 7:35 am
Forum: General
Topic: RouterOS web proxy server
Replies: 2
Views: 1209

RouterOS web proxy server

Hi,

I would like to know if the web proxy in routerOS is based on squid or some other linux or custom linux package.

We were having a discussion here at work and we could not find an answer !

Cheers.
by killersoft
Tue Apr 10, 2012 2:46 am
Forum: Beginner Basics
Topic: Hotspot design
Replies: 3
Views: 2044

Re: Hotspot design

With the closing of the users browser session and then to open up back to the mikrotik hotspot logon screen, can I utalize a cookies based approach, and by setting a no expiry time on the cookie, will that make the browser consider the cookie as a `session cookie' ( It my understanding that a no exp...
by killersoft
Mon Apr 09, 2012 4:16 pm
Forum: Beginner Basics
Topic: Hotspot design
Replies: 3
Views: 2044

Hotspot design

Hi, I am looking for some tips on setting up a hotspot for an office enviroment and would like your input for best practice for the following scenario. See attached picture below for expected network layout. No wireless clients( All wired for now!). PC's can be use internet by authorized users(of co...
by killersoft
Wed Mar 28, 2012 12:04 am
Forum: Forwarding Protocols
Topic: OSPF and winbox blue text
Replies: 3
Views: 4114

Re: OSPF and winbox blue text

Thanks for that simple answer.

I'll assume I can carry on without issue ?
or is there a better way for me to add entries other than using `defaults' for coding up ospf ?

Regards.
by killersoft
Tue Mar 27, 2012 3:58 pm
Forum: Forwarding Protocols
Topic: OSPF and winbox blue text
Replies: 3
Views: 4114

OSPF and winbox blue text

Hi, I am experimenting with OSPF on a network that has ospf running on it(oter people look after it) and I am linking in wirelessly to this network. I am running a 750G with 5.14 RoS. My main question is why and what is up with blue colored text in Winbox against some of my entries. ??? Below is my ...
by killersoft
Thu Mar 15, 2012 12:41 am
Forum: General
Topic: IPv6 expire time failed
Replies: 0
Views: 985

IPv6 expire time failed

Hi, Yesterday I got basic IPV6 running on my mikrotik 750G(v5.14) yesterday. Today I was going through my LOG file and came accross this : 08:30:39 dhcp,error updating pool6 expire time failed:std failure: unknown id (4) 09:00:39 dhcp,error updating pool6 expire time failed:std failure: unknown id (...
by killersoft
Tue Dec 20, 2011 10:20 am
Forum: Beginner Basics
Topic: bocking websites
Replies: 5
Views: 2004

Re: bocking websites

Well there are two ways, I can see to do this. 1. Enable Web Proxy Port 8080,and use NAT to push there connection throu the web proxy e.g /ip firewall nat add action=dst-nat chain=dstnat disabled=no dst-port=80 protocol=tcp src-address=\ X.X.X.X to-addresses=Y.Y.Y.Y to-ports=8080 and then where x.x....
by killersoft
Sat Dec 10, 2011 10:53 am
Forum: General
Topic: vlans
Replies: 3
Views: 1198

Re: vlans

Winbox -> SWITCH TAB. You can VLAN pre-tag / untag there. You may also use the terminal session(a few things appear to be missing in winbox). Make sure you take a look at RULE -> Action tab, and use `copy to cpu' | redirect to CPU or MIRROR as necessary, as this switch command `can' disconnect the i...
by killersoft
Wed Sep 28, 2011 9:17 am
Forum: General
Topic: filtering rules bypassed in transparent proxy mode
Replies: 4
Views: 2347

Re: filtering rules bypassed in transparent proxy mode

It occured to me that I'd need to double up on the filtering after my last post for input and forwarding.!
The site filtering looks pretty easy for webproxy, just have to bash the keyboard for a while :)
Will look into cleaner method of MAC filtering.

Cheers
by killersoft
Wed Sep 28, 2011 7:55 am
Forum: General
Topic: filtering rules bypassed in transparent proxy mode
Replies: 4
Views: 2347

Re: filtering rules bypassed in transparent proxy mode

Thanks fewi, :D


I changed the chain to input instead of forward and that fixed the locked down the MAC addresses issue. After that there attempted tx traffic went to 0 bps !!

I will now look into the layer-7 filtering for the proxy.
by killersoft
Wed Sep 28, 2011 6:26 am
Forum: General
Topic: filtering rules bypassed in transparent proxy mode
Replies: 4
Views: 2347

filtering rules bypassed in transparent proxy mode

Hi, I'v been doing some work on a large internet network system.(Mikrotik 750G v5.7). I had in place several simple firewall rules that was blocking some users MAC addresses, as well as some rules for blocking torrent sites(layer-7) This was all working well. I then added a transparent proxy rule fo...
by killersoft
Wed Sep 28, 2011 5:05 am
Forum: General
Topic: Feature Request : DNS Logging
Replies: 3
Views: 4341

Feature Request : DNS Logging

When a user requests a www page from DNS(mikrotik running as a dns server/proxy). That the user request can be sent to the log(so it can be sent off to a syslog server). Info in log should include the IP of the request, the resoveled/returned DNS name and a time/datestamp of the request. Would also ...
by killersoft
Sun Sep 18, 2011 6:46 am
Forum: General
Topic: Optical Fiber.
Replies: 6
Views: 3699

Re: Optical Fiber.

It would be great to see a 19" rack mounted version of something like the 1200 series with at least 2 fiber ports on it with small form-factor pluggable SFP/Mini-GBIC. 95% my work building is fiber optic( 90 % Multimode, 10% Singlemode) and it makes sense to me to see MikroTik to be bring a pro...
by killersoft
Sun Sep 18, 2011 4:29 am
Forum: General
Topic: Need vlan assistance
Replies: 3
Views: 1204

Re: Need vlan assistance

The 750's are logically divided so to speak into the switch side of the 750G and the CPU side(IP/routing/scriptable logic!/etc...). So you have 2 ways/methods of dealing with VLANS. If you are using the switch side of the 750G but want to add conectivity to the router/logic side, make sure you tick ...
by killersoft
Sun Sep 18, 2011 3:03 am
Forum: General
Topic: Firmware changelog
Replies: 3
Views: 1694

Re: Firmware changelog

Thanks fewi..
by killersoft
Sun Sep 18, 2011 2:46 am
Forum: General
Topic: Firmware changelog
Replies: 3
Views: 1694

Firmware changelog

Hi, just upgraded to v5.7 from 5.6 and saw on my 750G the ability to upgrade its firmware to 2.36.
Where can I find the changelog for this firmware upgrade. ?

Cheers
by killersoft
Sat Sep 10, 2011 7:39 am
Forum: General
Topic: Change Def_GWay for single device
Replies: 2
Views: 971

Re: Change Def_GWay for single device

Thanks fewi, that worked well..
by killersoft
Sat Sep 10, 2011 4:53 am
Forum: General
Topic: Change Def_GWay for single device
Replies: 2
Views: 971

Change Def_GWay for single device

Hi, hope someone can point me in the right direction. I have a network that has a normal default gateway 0.0.0.0/0 -> (10.10.65.1). But I would like 1 particular IP(10.10.66.85/32) off one of my other interfaces to use an alternate default gateway (10.0.0.2). I'll assume that I need to do some pre-r...
by killersoft
Thu Aug 25, 2011 2:53 pm
Forum: General
Topic: PPPoE and MTU/MRU/MSS Settings
Replies: 8
Views: 22865

Re: PPPoE and MTU/MRU/MSS Settings

<ADSL MODEM>====< RB750G>===<NETWORK SWITCH>====<USER COMPUTERS> Hi, I have recently bolted in a 750G(ROS v5.6) into my works local internet in order to keep a closer eye on users and there data usage. The ADSL modem runs PPPoE and I use IP to link the modem and 750G rather than using the 750G as a ...
by killersoft
Wed Aug 17, 2011 1:33 pm
Forum: General
Topic: DNS monitoring
Replies: 2
Views: 1347

Re: DNS monitoring

Thanks janisk, I'll look into that.
Cheers..
by killersoft
Wed Aug 17, 2011 7:34 am
Forum: General
Topic: DNS monitoring
Replies: 2
Views: 1347

DNS monitoring

|ADSL modem|------|RB750G_Masq & routed&dns server|-----|SWITCH|==USERS Hello. I have put a 750G router between my works adsl router and the end users to start monitoring usage(bandwidth p2p/non agreeable web sites etc..). I am wondering if there is a way to monitor and or log who's IP/Compu...
by killersoft
Mon Aug 01, 2011 3:38 am
Forum: General
Topic: Vlan's....am I doing it right?
Replies: 3
Views: 1258

Re: Vlan's....am I doing it right?

Hi, yes bridging is correct if you are using the router(cpu) side of the 750's. Its a lot of mucking around to get the config's just right. I know I'v been playing with the 750g's for the past couple of months with VLAN's. I'v recently got this type of vlan working kind of properly myself on a 750g<...
by killersoft
Mon Jul 04, 2011 5:40 am
Forum: General
Topic: ingress vlan tagging 750g
Replies: 3
Views: 1589

Re: ingress vlan tagging 750g

I hear what your saying there fewi, unfortunatly I dont have the hardware here at work. I understand that there is a limit to adding rules to the atheros chipset in the 750G. But I would think that VLAN tagging/untagging 2 or 3 ports of the 750G shouldnt be beyond this models capabilities, looking a...
by killersoft
Mon Jul 04, 2011 4:22 am
Forum: General
Topic: ingress vlan tagging 750g
Replies: 3
Views: 1589

ingress vlan tagging 750g

Hi, does anyone have an example how to VLAN tag incomming frames into a 750G eth port? I would also like to know how to remove any vlan tag on the egress of the same port? I'm assuming here its something to do with a `switch' command. Its so I can plug a pc directly into a eth port, Vlan tag it, put...
by killersoft
Mon Jun 27, 2011 2:43 am
Forum: Beginner Basics
Topic: VLAN trunk over EoIP
Replies: 2
Views: 2543

VLAN trunk over EoIP

Hi, I'm doing some work on a couple of 750G's(ROS v5.5) and would like to trunk vlan's over EoIP and would like someone to outline the basic steps to do this. Basically I'd like to use eth5 on both units as the trunk, and use eth1,eth2,eth3,eth4 , as vlan1,2,3,4, in so that what goes in one port com...
by killersoft
Wed Jun 08, 2011 4:09 pm
Forum: General
Topic: Web Proxy Server on Satellite and tcpwindow sizing
Replies: 0
Views: 981

Web Proxy Server on Satellite and tcpwindow sizing

Hi, I manage a multipoint meshed dedicated satellite network where average latency is 550mS from point to point. I currently have a squid proxy server at one site to share internet over. In recent times that server is playing up, and I have been considering replacing the whole server with something ...
by killersoft
Mon May 30, 2011 12:44 pm
Forum: General
Topic: RouterOS v5.4 released
Replies: 118
Views: 42617

Re: RouterOS v5.4 released

Some problems on RBs could be caused by not enough space on the flash. Please uninstall the unused packages. Checked and should not be a problem. Anyone else who lost the ntp-client setting in the winbpx menu with the ntp package (ntp-server) disabled? Yes my NTP client item is missing in winbox on...