Community discussions

MikroTik App

Search found 286 matches

by killersoft
Wed Nov 06, 2024 4:29 am
Forum: General
Topic: SHA-2 Support for SNMP v3?
Replies: 1
Views: 553

Re: SHA-2 Support for SNMP v3?

Best put in a support ticket for that type of request.

That said, just did SNMP in librenms and sha2 is not yet supported on that platform ! So somewhat cutting edge !
by killersoft
Tue Oct 01, 2024 12:03 am
Forum: General
Topic: Our mikrotik hacked
Replies: 23
Views: 1651

Re: Our mikrotik hacked

I'v had issues in the past with netinstall. Usually the device, or more specifically the ethernet port of the laptop/pc causing the netinstall trouble. Funnily enough, i'v used usb dongles on the same machine that had a fixed etherport tht didnt work, but the usb dongle allowed the netinstall proces...
by killersoft
Sun Sep 22, 2024 3:32 am
Forum: General
Topic: My new hAP ax lite LTE6 looses its lte after a few days
Replies: 27
Views: 1949

Re: My new hAP ax lite LTE6 looses its lte after a few days

So I have just purchased a hAP ax lite LTE6..
I'll be testing it over the next week while I am away !
by killersoft
Wed Sep 18, 2024 2:58 pm
Forum: General
Topic: Wi‑Fi 7 / 802.11be
Replies: 96
Views: 30788

Re: Wi‑Fi 7 / 802.11be

I wonder if RoS v8, or a Kernel update( e.g v6.4+ ) will help assist with Wi-Fi 7.
E.g : https://www.phoronix.com/search/WiFi+7
by killersoft
Sun Sep 15, 2024 12:32 pm
Forum: General
Topic: Wi‑Fi 7 / 802.11be
Replies: 96
Views: 30788

Re: Wi‑Fi 7 / 802.11be

Maybe its time MT splits their product lines, and does a 'budget' version of their gear( which I understand reasons for ), and a PRO line of gear ( happy to pay more to have all the bells and whistles.)
by killersoft
Sun Sep 15, 2024 12:24 pm
Forum: General
Topic: My new hAP ax lite LTE6 looses its lte after a few days
Replies: 27
Views: 1949

Re: My new hAP ax lite LTE6 looses its lte after a few days

Let us know how you go after you update the firmware of the mikrotik and the lte card
by killersoft
Sun Sep 15, 2024 5:10 am
Forum: General
Topic: AmneziaWG in RouterOS?
Replies: 42
Views: 21795

Re: AmneziaWG in RouterOS?

Last I checked, there's plenty of vpn or equivalent sneaky ways to get a MT to bypass a state based vpn block, that doesnt require some 'magic' plugin for MT that "would work", but other existing mechanisms already onboard dont...
by killersoft
Sun Sep 15, 2024 3:24 am
Forum: General
Topic: Wi‑Fi 7 / 802.11be
Replies: 96
Views: 30788

Re: Wi‑Fi 7 / 802.11be

I agree that there should be a bit of a road-map from Mikrotik, at least in terms of "a product that will.... and has a form factor of ....", because honestly they need to start concentrating on larger customers who as stated by avacha do have large budgets and do lifecycle planning. I als...
by killersoft
Sun Sep 15, 2024 1:52 am
Forum: General
Topic: My new hAP ax lite LTE6 looses its lte after a few days
Replies: 27
Views: 1949

Re: My new hAP ax lite LTE6 looses its lte after a few days

A couple of things. Is BOTH the routerOS version Current as well as the HapAX hardware board Firmware(System->RouterBoard { }, if not ->upgrade+reboot). Then after a reboot and the LTE comes back, have you checked the firmware upgrade for the LTE card itself ? ( Ps you could add in a watchdog servic...
by killersoft
Sat Sep 14, 2024 1:38 pm
Forum: General
Topic: MACSEC Multipoint -WORKING...
Replies: 0
Views: 667

MACSEC Multipoint -WORKING...

Not sure if this is common knowledge. But just tested MACSEC to see if I could get it to work using 3 mikrotik's and a generic switch to connect them. I was under the impression that it was just point to point, but no it point to muti-point plus !! I set up a CCR1036, a RB750 and a RB750r2 via a gen...
by killersoft
Mon Sep 09, 2024 12:46 am
Forum: Wireless Networking
Topic: 7.15.3 wifi-qcom-ac cap's slaves interfaces problem. [SOLVED]
Replies: 4
Views: 2060

Re: 7.15.3 wifi-qcom-ac cap's slaves interfaces problem. [SOLVED]

100% Pain in the A$$, this issue. MT really needs to get onto fixing this. I have a mix of ~20ac + 20ax units running under capsman(wireless + wifi ) Being able to bring all my units under 1(wifi) controller-window is what I want. Its so close to working, even the ap's when I try this, i see in the ...
by killersoft
Thu Sep 05, 2024 12:03 pm
Forum: Beginner Basics
Topic: Add alternate route
Replies: 6
Views: 1042

Re: Add intermediate route

I think you have the concept of WAN incorrect according to your drawings. Technically you have just interfaces, one of which is a private ip range 10.x.x.x( not routable on the internet ), and your 20 & 30 ranges technically routable on the internet Anyhow, you need a 3rd set of IP's on each int...
by killersoft
Thu Sep 05, 2024 12:22 am
Forum: General
Topic: Mikrotik CRS326-24G-2S+RM High CPU Usage
Replies: 7
Views: 961

Re: Mikrotik CRS326-24G-2S+RM High CPU Usage

CRS series are at the core a network switch. Yes they have some ability to do layer 3 in cpu, and some minor hardware offload, but you should 100% expect cpu to 100% cap out unexpectedly. . The CRS series is not what you should be using for routing. Try at minimum a RB5009 via the 10gbpt port as a r...
by killersoft
Sun Sep 01, 2024 11:44 am
Forum: Announcements
Topic: 📣 WinBox 4 is here 📣
Replies: 1589
Views: 394163

Re: 📣 WinBox 4 is here 📣

Please put TAB's back not dropdowns
by killersoft
Mon Aug 26, 2024 1:24 am
Forum: General
Topic: IDS/IPS - SOHO - pfSense, OPNsense, or other with/without RouterOS?
Replies: 4
Views: 1093

Re: IDS/IPS - SOHO - pfSense, OPNsense, or other with/without RouterOS?

I am going down this path at the moment. I have a front end wan mikrotik rb5009, connected to a netgate pfsense hardware appliance for internet services for desk pc's which are also in an active directory environment. That said at this point will be either going down a proxy gateway approach or trap...
by killersoft
Sun Aug 25, 2024 3:45 pm
Forum: General
Topic: CRS310-8G+2S+ is choking my internet bandwidth
Replies: 5
Views: 811

Re: CRS310-8G+2S+ is choking my internet bandwidth

Yep, makes sense. The crs series is primarily a switch not a router(yes they route, but not fast and its not what they are aimed at as a product). Use a ccr series or maybe a rb5009.
by killersoft
Wed Aug 07, 2024 1:34 am
Forum: General
Topic: hap ax3 random wireless disconnects
Replies: 142
Views: 17413

Re: hap ax3 random wireless disconnects

There is a linux kernel driver issue with intel ax201/ax210 cards..
https://bugzilla.kernel.org/show_bug.cgi?id=203709
by killersoft
Tue Jul 30, 2024 7:09 am
Forum: General
Topic: Does the RB5009 machine have hardware NAT acceleration capability?
Replies: 5
Views: 991

Re: Does the RB5009 machine have hardware NAT acceleration capability?

Looks like the 88E6393X switch chip used in the 5009 can do basic L3 hardware routing, but I cannot find doco on chip NAT functions.



https://www.marvell.com/content/dam/mar ... -brief.pdf
.
.
by killersoft
Mon Jul 22, 2024 11:31 pm
Forum: General
Topic: Please add basic portScan tool ( port scanner scan )
Replies: 92
Views: 56088

Re: Please add basic portScan tool ( port scanner scan )

Got to admit, not really a fan of this request.
I get the sentiment, but just chuck in a linux container if your really that desperate.
by killersoft
Fri Jul 19, 2024 5:14 am
Forum: General
Topic: [Assistance] - VLAN configuration on CRS1xx
Replies: 10
Views: 813

Re: [Assistance] - VLAN configuration on CRS1xx

https://help.mikrotik.com/docs/display/ROS/Basic+VLAN+switching With mikrotik you have generally 2 choices with vlan switching. Do it all on the devices switch chip (wirespeed ) OR Do in in CPU( the processor ) usually much slower. Doing it in switch chip is always choice 1 where you can. CRS 1 + 2...
by killersoft
Sun Jul 14, 2024 7:39 am
Forum: General
Topic: Wi‑Fi 7 / 802.11be
Replies: 96
Views: 30788

Re: Wi‑Fi 7 / 802.11be

Well a bit of time has passed since I put up this thread.... Wi-Fi 8 ..802.11bn The goal of 802.11bn is to reach 100 Gbps speeds. This is faster than copper Ethernet which tops out at 40 Gbps. This will require retrofitting ceiling mounted access points with single mode fiber. https://en.wikipedia....
by killersoft
Mon Jul 01, 2024 10:49 am
Forum: RouterBOARD hardware
Topic: CAP ax Ethernet port speed changing, dropping off network
Replies: 3
Views: 1274

Re: CAP ax Ethernet port speed changing, dropping off network

Well I'll assume your using at least 24 or at worst 26AWG cat5/6 for such a long run. Cap ax's are power hungry beasts. Powering Details Number of DC inputs 2 (DC jack, PoE-IN) DC jack input Voltage 18-57 V Max power consumption 40 W (most likely CPU load related ) Max power consumption without atta...
by killersoft
Fri Jun 28, 2024 12:50 pm
Forum: RouterBOARD hardware
Topic: CRS520-4XS-16XQ-RM
Replies: 2
Views: 1836

Re: CRS520-4XS-16XQ-RM

Yes, it looks nice, and will indeed fill in a gap in the market and be good for many "basic" switching applications.. That said, for me : Big talk of future upgrades; sorry, tell me what I am getting now, not what may or may not come.. Will stick with Cisco, as you know what your getting w...
by killersoft
Fri Jun 21, 2024 2:56 pm
Forum: RouterOS beta
Topic: 802.1AE MACsec Progress or Examples ?
Replies: 46
Views: 22424

Re: 802.1AE MACsec Progress or Examples ?

Let just hope they will be releasing next gen equipment that supports macsec hardware offload... https://www.marvell.com/content/dam/marvell/en/public-collateral/phys-transceivers/marvell-phys-transceivers-alaska-c-88x7121p-product-brief-2020-02.pdf or https://www.marvell.com/content/dam/marvell/en/...
by killersoft
Tue Jun 11, 2024 11:34 pm
Forum: Wireless Networking
Topic: WIFI 6 DOES NOT WORK
Replies: 8
Views: 1642

Re: WIFI 6 DOES NOT WORK

I know this might be weird attempt at a fix, but try:
WiFi Security -> FT(TAB) --> FT Enabled = YES
by killersoft
Tue Jun 11, 2024 11:32 pm
Forum: General
Topic: QA of software releases
Replies: 26
Views: 2858

Re: QA of software releases

Its funny, I work with a large Cisco environment( and have a lot of MT gear too :) ). But Cisco's software is also buggy as, let alone full of CVE's( funny when you compare against MT ! ). I'v experienced expensive and 'compatible' cisco sfps' that wont work in there hardware with various os release...
by killersoft
Tue Jun 11, 2024 11:49 am
Forum: General
Topic: QA of software releases
Replies: 26
Views: 2858

Re: QA of software releases

Like most versions, there are beta's.
In the case of 7.15betas were out around 2 months.
Feedback was a plenty in the forums, let alone private submitted bugs to support.
Not bad for a free release !
by killersoft
Thu Jun 06, 2024 11:25 pm
Forum: Announcements
Topic: v7.16beta [testing] is released!
Replies: 288
Views: 121358

Re: v7.16beta [testing] is released!

Was hoping 7.16 to fix roaming issues, but no luck, all worked perfect until 7.15 and new drivers. My devices keep roaming from 5ghz to 2ghz and thats very next to router under full signal, and often multiple devices roam same time(Samsung s23, LG OLED TV, ASUS tablet). I already reduced 2ghz to 10...
by killersoft
Wed Jun 05, 2024 11:33 pm
Forum: General
Topic: radsec issues after 7.15 upgrade
Replies: 11
Views: 3488

Re: radsec issues after 7.15 upgrade

Thats not good.

I'm writing a custom radius server program at the moment, and using MT as my test tool.
Lets hope that gets sorted
by killersoft
Sun Jun 02, 2024 11:35 pm
Forum: Announcements
Topic: v7.15.3 [stable] is released!
Replies: 649
Views: 264354

Re: v7.15 [stable] is released!

WORKS ON RASPBERRY PI 5 WITH PROXMOX V8.1.7(arm).
Now to make it run native(ish via adding in inject uefi boot platform ) on a pi-5....
.
MIKROTIK_PI_PROXMOX.jpg
by killersoft
Tue May 28, 2024 2:53 am
Forum: General
Topic: MT.. are you up to something....
Replies: 1
Views: 532

MT.. are you up to something....

Having been a MT user for the past 10 years. I note a usually pretty active pattern of software patches/releases on a ~2 to 4 week cycles. Why does it feel like they have got to about 7.14.x / 7.15rc.. But have stalled on significant releases over the past 2-3 months.. Is there a new hardware produc...
by killersoft
Thu Feb 15, 2024 1:33 am
Forum: Wireless Networking
Topic: Dual-CAPsMAN (7.13+) issues
Replies: 16
Views: 1684

Re: Dual-CAPsMAN (7.13+) issues

Yes, that is correct.
I have just one VLAN ( a management vlan I like to call it !), that both capsmans(WiFi & Wireless) on the same physical controller unit work on.

All the clients both legacy + new ax devices use that vlan to connect back on for caps management.
by killersoft
Wed Feb 14, 2024 10:20 pm
Forum: Wireless Networking
Topic: Dual-CAPsMAN (7.13+) issues
Replies: 16
Views: 1684

Re: Dual-CAPsMAN (7.13+) issues

I am running DUAL capsman at the moment to support dozens of legacy devices || AC || and new AX devices. So far no issues on 7.13.4 as a controller. There are some things to navigate/additions on the new wifi side of capsman world, but have now got over that hurdle. I have 1 controller a CRS317, I u...
by killersoft
Tue Dec 05, 2023 10:49 pm
Forum: Wireless Networking
Topic: 802.11r for hAP ac2?
Replies: 75
Views: 16023

Re: 802.11r for hAP ac2?

tested WPA3 on a cAP AC on 7.13rc2 and it works :)
by killersoft
Tue Nov 28, 2023 8:14 am
Forum: General
Topic: IPv6 Routing a /54 -> /56 -> /64 issue..
Replies: 1
Views: 1223

IPv6 Routing a /54 -> /56 -> /64 issue..

Hi. I have a scenario where I have a few business units who look after their own gear, and do their own thing.. [ISP]-----v4(/28)--+-v6/(/54)---(VLAN200)--[CORE ROUTER-rb5009 v7.12.1]===(VLAN205)===>VLAN SWITCH===> Other routers(MT RB5009's v7.12.1) (/56) That said, I gatekeep the core router where ...
by killersoft
Wed Nov 01, 2023 10:53 pm
Forum: Announcements
Topic: v7.12rc is released!
Replies: 224
Views: 111092

Re: v7.12rc is released!

While we're at it. It would be nice to be able to disable Winbox Graphics Licence and Help for the RouterOS login screen. And also the note You have connected to a router. Administrative access only. If this device is not in your possession, please contact your local network administrator. Plus may...
by killersoft
Thu Oct 26, 2023 4:29 pm
Forum: General
Topic: How to upgrade to 2.5GbE + RB4011iGS+RM suitable?
Replies: 2
Views: 1039

Re: How to upgrade to 2.5GbE + RB4011iGS+RM suitable?

The rb5009 has a 10gbit sfp+ slot.
Just buy a S+RJ10 sfp which is 100M/1G/2.5G/5G module.

One you have processed your internet via the router
Drop if off to a crs switch eg
CRS310-8G+2S+IN
by killersoft
Thu Oct 19, 2023 1:14 pm
Forum: Announcements
Topic: v7.12rc is released!
Replies: 224
Views: 111092

Re: v7.12rc is released!

If we were to wind back a bit regarding tagging/vlan and go back to documented basics Follow me here : https://wiki.mikrotik.com/wiki/Manual:Basic_VLAN_switching https://wiki.mikrotik.com/images/thumb/c/c7/Basic_vlan_switching.png/700px-Basic_vlan_switching.png What is the VLAN config DIFFERENCE, be...
by killersoft
Wed Oct 18, 2023 5:16 am
Forum: Announcements
Topic: v7.12rc is released!
Replies: 224
Views: 111092

Re: v7.12rc is released!

HERE IS A VIDEO SHOWING THE ISSUE https://www.youtube.com/watch?v=PLI-1Qm1Lp4 I'm not sure why the vlan appears twice in the list in your video, but the interface appearing under "tagged" should not be a problem and is correct. If it was untagged then your packets would likely have two ta...
by killersoft
Wed Oct 18, 2023 4:36 am
Forum: RouterBOARD hardware
Topic: Question to RB5009 owners
Replies: 5
Views: 4538

Re: Question to RB5009 owners

Depends on how you have the ports configured. If you have stuff "switching", like vlans etc then you should get full wirespeed. Else if you need to process traffic then the bottleneck is that 10Gb full duplex link to the cpu plus any load on the cpu itself.. https://i.mt.lv/cdn/product_fil...
by killersoft
Tue Oct 17, 2023 1:39 pm
Forum: Announcements
Topic: v7.12rc is released!
Replies: 224
Views: 111092

Re: v7.12rc is released!

I think it's time you uploaded your configs mate. HERE IS A VIDEO SHOWING THE ISSUE https://www.youtube.com/watch?v=PLI-1Qm1Lp4 HERE IS THE CONTROLLER /interface wifiwave2 channel add band=5ghz-ac disabled=no frequency=5200 name=5GHZ_CHANNEL40_20_AC width=20mhz add band=2ghz-n disabled=no frequency...
by killersoft
Mon Oct 16, 2023 2:03 pm
Forum: Announcements
Topic: v7.12rc is released!
Replies: 224
Views: 111092

Re: v7.12rc is released!

I run a CAMPUS mikrotik wifi network ~60 Radio's worth using legacy CAPsMAN. I can tell you it dynamically add's wireless access points & slave-ap's interfaces properly using VLAN's that are dynamically added to the bridge ( Yes I need to make sure that the required VLANs are on the bridge of t...
by killersoft
Sun Oct 15, 2023 2:06 pm
Forum: Announcements
Topic: v7.12rc is released!
Replies: 224
Views: 111092

Re: v7.12rc is released!

Why do you have a VLAN interface under the Bridge? In my setup they all report as tagged into the Bridge which is what I want. Then the bridge has a trunk port to the switches to manage the VLAN so it finds it's way back to the firewall/router to be processed. I can be wrong here but if they where ...
by killersoft
Sun Oct 15, 2023 11:16 am
Forum: Announcements
Topic: v7.12rc is released!
Replies: 224
Views: 111092

Re: v7.12rc is released!

Just trialed 7.12rc to try and get WAVE2-Capsman-Controller ( on a RB5009 ) to properly set VLAN datapath on a cap unit ( in my case a cAP ax ) set as a cap with the manager set to capsman. I run a campus of older MT wireless and use a separate controller which is its ONLY task(not routing traffic v...
by killersoft
Thu Sep 07, 2023 1:34 am
Forum: Announcements
Topic: v7.12beta [testing] is released!
Replies: 263
Views: 135943

Re: v7.12beta [testing] is released!

Why in IPv6 DHCP server POOL option do I get a double static-only entry's listed:
ipv6 dhcp server pool issue.png
by killersoft
Tue Sep 05, 2023 12:24 am
Forum: Wireless Networking
Topic: WiFi for large RV park?
Replies: 12
Views: 4040

Re: WiFi for large RV park?

I running capsman, with about 106 radio's at the moment( mix of 2.4 + 5.8 GHz, multi-channel ), in my campus environment and about to add AX gear too( yes it sux I have to add a new controller just for those too ). No problem with high density either( I'm comfortably doing ~7+ users per 10m2 of floo...
by killersoft
Thu Aug 31, 2023 12:42 pm
Forum: Announcements
Topic: v7.12beta [testing] is released!
Replies: 263
Views: 135943

Re: v7.12beta [testing] is released!

I need to transport carrier grade ethernet(9000 byte frames) layer-2 traffic that is encrypted at layer2(macsec 802.11AE) as a backhaul using mikrotik's NV2 or NStream modes etc, not classic Wi-Fi mode(which everyone defaults to in these conversations) in a point to point bridge mode only... Current...
by killersoft
Thu Aug 31, 2023 1:31 am
Forum: Announcements
Topic: v7.12beta [testing] is released!
Replies: 263
Views: 135943

Re: v7.12beta [testing] is released!

*) wifiwave2 - enable changing interface MTU and L2MTU;
Now if you can only adjust the wireless MTU to 9000+ Bytes for bridging l2 networks for jumbo frame support(e.g MEF 3 carrier grade connections ) in ptp wireless setups :)
by killersoft
Wed Aug 30, 2023 1:24 am
Forum: Wireless Networking
Topic: WiFi for large RV park?
Replies: 12
Views: 4040

Re: WiFi for large RV park?

Yes, take into account that most client devices ( phones etc ) have "crap" internal antennas( pretty deaf on the RX ) and low TX power. Understanding that, will help you choose a better setup, eg. more smaller units mixed around the area( same ssid/passwords , but different channels ) to h...
by killersoft
Fri Aug 25, 2023 12:01 pm
Forum: Wireless Networking
Topic: JUMBO Frame support for P2P Bridge Request
Replies: 5
Views: 2480

Re: JUMBO Frame support for P2P Bridge Request

Think I found something I will explore further :
Cambium Jumbo frame.png
by killersoft
Fri Aug 25, 2023 11:29 am
Forum: Wireless Networking
Topic: JUMBO Frame support for P2P Bridge Request
Replies: 5
Views: 2480

Re: JUMBO Frame support for P2P Bridge Request

I have a requirement to extend a layter-2 metro fiber Ethernet service from a carrier provider over a few km's over some water. The traffic is macsec encrypted to a site. Its pretty simple stuff. So the wireless gear just needs to support 9000 Bytes-Jumbo frame(Ideally 9200 Bytes ). Mikrotik stops a...
by killersoft
Fri Aug 25, 2023 10:07 am
Forum: Wireless Networking
Topic: JUMBO Frame support for P2P Bridge Request
Replies: 5
Views: 2480

JUMBO Frame support for P2P Bridge Request

Grateful if mikrotik could look into supporting Layer-2 Jumbo frame support( 9000+ Bytes L2 MTU ) into its Wireless backhaul products. I have a requirement to pass metro ethernet over a few KM's point to point with a L2 MTU of 9000, but wireless side gear currently (NetMetal ac² with 30dBi dishes) i...
by killersoft
Fri Jul 28, 2023 4:28 am
Forum: Wireless Networking
Topic: SIM CARD HOLDER 3D PRINTED FOR MIKROTIK [SOLVED]
Replies: 3
Views: 3782

SIM CARD HOLDER 3D PRINTED FOR MIKROTIK [SOLVED]

So today I had to pull apart a LHGGM to get a sim card out. Was not happy.!1 So I made a new 3D printable model for a sim card cradle that allows you to pull it out without tape( etc ).. I have attached the .STL file if you want to 3d print one yourself ( I used a creality S1 PRO on super-quality .1...
by killersoft
Fri Jul 28, 2023 4:24 am
Forum: General
Topic: SIM card position for LHG LTE kit
Replies: 11
Views: 11630

Re: SIM card position for LHG LTE kit

So today I had to pull apart a LHGGM to get a sim card out. Was not happy.!1 So I made a new 3D printable model for a sim card cradle that allows you to pull it out without tape( etc ).. I have attached the .STL file if you want to 3d print one yourself ( I used a creality S1 PRO on super-quality .1...
by killersoft
Thu Jul 06, 2023 4:28 pm
Forum: Announcements
Topic: v7.11beta [testing] is released!
Replies: 373
Views: 115556

Re: v7.11beta [testing] is released!

LoRa device EUI cannot be set !
by killersoft
Thu May 04, 2023 4:15 am
Forum: Announcements
Topic: v7.9 [stable] is released!
Replies: 242
Views: 60639

Re: v7.9 [stable] is released!

Why? Genuinely curious as to why anyone would use WebFig over Winbox if they have the option to use Winbox. Winbox needs to be installed, WebFig is available using pre-installed browser. So why even bother with Winbox ? Winbox is fantastic in "Windows world", apple / linux... wine I guess...
by killersoft
Fri Feb 17, 2023 3:14 pm
Forum: General
Topic: storm-rate and ingress/egress rate limits Traffic-Storm-Control
Replies: 9
Views: 4199

Re: storm-rate and ingress/egress rate limits Traffic-Storm-Control

PPPoE is a CPU based process last I checked.Not sure how the cpu load would look, but isnt a CRS3x a better switch than 'route/network' device.. Would a RB5009 or CCRxxxx series be better to do what you want in PPPoE and QoS.. Anyhow try CPU and use packet/connection marking in mangle and then use Q...
by killersoft
Sat Nov 26, 2022 4:41 am
Forum: RouterOS beta
Topic: 802.1AE MACsec Progress or Examples ?
Replies: 46
Views: 22424

Re: 802.1AE MACsec Progress or Examples ?

Hi golf0r. Use 'export' rather than 'print to show configs. e.g /export file=MyFile.rsc and from the winbox / files you will see the MyFile.rsc which you can drag onto the windows desktop and open with a text editor or use /export file=[filename] hide-sensitive command to not add in things pike pass...
by killersoft
Sat Nov 26, 2022 2:57 am
Forum: Wireless Networking
Topic: House wifi6 network with Mikrotik AX or Audience
Replies: 29
Views: 8409

Re: House wifi6 network with Mikrotik AX or Audience

I'd be waiting for cAP XL ac, but an AX version( who knows when ). That said the cAP XL ac has about 3dB better RX ( on my personal tests just looking at noise floor in a RF quiet environment ), and its got 3db+ more tx power by default over a classic cAP ac too( adjustable of course for country rul...
by killersoft
Sun Nov 20, 2022 9:18 am
Forum: General
Topic: Packets traversing the Firewall via wrong interface [SOLVED]
Replies: 9
Views: 2063

Re: Packets traversing the Firewall via wrong interface [SOLVED]

I've been there in my very early days millions of years ago!! with that vlan / interface port per bridge thing, and its WRONG, very wrong..( Yes it works, but at a big cost(readability + CPU load ) Via the bridge menu you should ONLY be, and do ALL of that inside there...!!! Then do your FIREWALLING...
by killersoft
Sun Nov 20, 2022 6:25 am
Forum: Beginner Basics
Topic: Can't login by IP to LHG LTE18
Replies: 3
Views: 1174

Re: Can't login by IP to LHG LTE18

Sorry I missed something, why does a bridge need a 100 IP DHCP range? Because that's exactly where your suppose to apply the DHCP server if you add a bridge to a physical interface port( because the physical becomes a slave interface), furthermore if you add a vlan to a bridge or physical interface...
by killersoft
Sat Nov 19, 2022 4:14 am
Forum: General
Topic: changing the License key from level 4 to 5 + enable hotspot [SOLVED]
Replies: 4
Views: 1572

Re: changing the License key from level 4 to 5 + enable hotspot [SOLVED]

+1 on Rextended's comments.

Your better off spinning up a CHR RoS on a virtual machine and getting a CHR license to manage the hotspot users, than using an under-spec'ed(CPU/mem) device for even 50+ simultaneous users !
by killersoft
Sat Nov 19, 2022 2:26 am
Forum: General
Topic: hAP AC2 RouterOS7.6 Advanced IPScanner
Replies: 3
Views: 522

Re: hAP AC2 RouterOS7.6 Advanced IPScanner

Hi.
Well, that's not good, as it would be classed as a Denial of Service issue in cyber world.

It may be best that you send this to : security@mikrotik.com

Let us know if they get back to you on it. !

https://mikrotik.com/supportsec
by killersoft
Sat Nov 19, 2022 2:20 am
Forum: General
Topic: Wi‑Fi 7 / 802.11be
Replies: 96
Views: 30788

Re: Wi‑Fi 7 / 802.11be

Noting the expected 2024 timeframe for most manufacturers to have product(s) ready. It would be now where the R&D teams should be getting there sample/test boards ready for a ~1year turn-around to market. Of all the new bells and whistles coming with WiF7, I'm most optimistic about MU-MIMO becau...
by killersoft
Wed Nov 16, 2022 8:50 am
Forum: General
Topic: Wi‑Fi 7 / 802.11be
Replies: 96
Views: 30788

Wi‑Fi 7 / 802.11be

Just a nice to have... With WiFi 6 / ax having barely been introduced into Mikrotik harware lineup as of this general message. I read Wi-Fi 7 is not far off. Further reading I see Mikrotik's favorite supplier Qualcomm is now producing chips with Wi-Fi 7 onboard. ( IPQ9574 / PQ9554 / etc etc) Would i...
by killersoft
Mon Nov 07, 2022 4:48 am
Forum: RouterOS beta
Topic: no supported channel - after upgrade
Replies: 32
Views: 15372

Re: no supported channel - after upgrade

Have you tried the official mikrotik support channel.
https://mikrotik.com/support
or via email : support@mikrotik.com
by killersoft
Wed Oct 19, 2022 2:37 am
Forum: RouterOS beta
Topic: 802.1AE MACsec Progress or Examples ?
Replies: 46
Views: 22424

Re: 802.1AE MACsec Progress or Examples ?

I think ( and probably wrong !! will need to test ). Based on some playing of other things a few nights ago If you adjust the MTU of the ETH ( or adjust down the bridge ) by ~ +/- 64bytes, and take and try again, the error may go, as I dont think MTU gets corrected when you add it to bridges/vlans a...
by killersoft
Fri Oct 14, 2022 12:10 am
Forum: RouterOS beta
Topic: 802.1AE MACsec Progress or Examples ?
Replies: 46
Views: 22424

Re: 802.1AE MACsec Progress or Examples ?

Thanks Network5 Thats quite handy information. Especially on CPU load. I wonder if one/two of the cores was dedicated to that task thus the ~50%'ish cpu-load !! ? Not bad I guess for a unit that's only got a CPU and no dedicated switch chip. At least there is head room for other activities on the ro...
by killersoft
Wed Oct 12, 2022 4:48 am
Forum: SwOS
Topic: SWOS and CRS-310-1G-5S-4S-1N - Newbie!
Replies: 7
Views: 6450

Re: SWOS and CRS-310-1G-5S-4S-1N - Newbie!

The CRS310 is a L2 switch with Layer3 routing capability. You have the right product, but I'm not sure if you understand how to program the interface ports to do it via Router OS. There are plenty of guides e.g :https://wiki.mikrotik.com/wiki/Manual:CRS_Router#CRS3xx_series_switches In the simplest ...
by killersoft
Sat Oct 01, 2022 2:15 am
Forum: RouterOS beta
Topic: 802.1AE MACsec Progress or Examples ?
Replies: 46
Views: 22424

Re: 802.1AE MACsec Progress or Examples ?

Happy to report MACSEC on v7.6 beta 10 on CHR is now working and passing IP....
Excellent work...

Just make sure you use the same CAK / CKN on both ends and happy times ahead..
Now for VLAN's over MACSEC.... hmmm
by killersoft
Sat Oct 01, 2022 2:13 am
Forum: Announcements
Topic: v7.6beta [testing] is released!
Replies: 226
Views: 66870

Re: v7.6beta [testing] is released!

Happy to report MACSEC on v7.6 beta 10 on CHR is now working and passing IP....
Excellent work...

Now for VLAN's over MACSEC ...
by killersoft
Sat Aug 20, 2022 3:17 pm
Forum: Forwarding Protocols
Topic: Slow handover between vlans
Replies: 15
Views: 2721

Re: Slow handover between vlans

Hi. Just FYI, when you do a export use : export hide-sensitive so that passwords etc are not shown.. Looking over your config further shows me that you are doing a LOT of CPU intensive work. As for switch chip native & vlan traffic, it looks like all your processing needs are CPU based not switc...
by killersoft
Fri Aug 19, 2022 1:07 pm
Forum: Forwarding Protocols
Topic: Slow handover between vlans
Replies: 15
Views: 2721

Re: Slow handover between vlans

yes, the picture shows everything
Well based on the winbox shot.. Yep CPU limiting issue !
by killersoft
Fri Aug 19, 2022 2:57 am
Forum: Forwarding Protocols
Topic: Slow handover between vlans
Replies: 15
Views: 2721

Re: Slow handover between vlans

Without console config files( export ), its hard to see how you have configured devices correctly. Especially the hex S which is not designed for massive loads. That said, if your are offloading to the SWITCH CHIP of each device and NOT the CPU as you have by the looks of your winbox screen shot, yo...
by killersoft
Sat Jul 23, 2022 9:15 am
Forum: Virtualization
Topic: chr = lowest security
Replies: 7
Views: 5172

Re: chr = lowest security

A brand new cisco router out of the box has no password either.
by killersoft
Sat Jul 23, 2022 3:31 am
Forum: Announcements
Topic: MikroTik Devices Controller
Replies: 374
Views: 259883

Re: MikroTik Devices Controller

In regards to the 'Cloud' solution.
Not everything I have in now >100 devices touches the public internet.
I would prefer a solution I can spin up on a Virtual Machine in a closed environment.

I understand that other people could benefit from a cloud controller, but not in my current use case.
by killersoft
Wed Jul 06, 2022 6:03 am
Forum: RouterOS beta
Topic: 802.1AE MACsec Progress or Examples ?
Replies: 46
Views: 22424

Re: 802.1AE MACsec Progress or Examples ?

Noted, will take a look soon.

If you need wirespeed macsec, I suggest getting yourselves a couple of second hand Cisco 3850's with an appropriate NIM module each.( config e.g https://community.cisco.com/t5/network- ... -p/3368918 )
by killersoft
Wed Jun 01, 2022 5:48 am
Forum: Announcements
Topic: v7.3rc [testing] is released!
Replies: 452
Views: 111475

Re: v7.3rc [testing] is released!

Where are we at with MACSEC ????
by killersoft
Wed Jun 01, 2022 5:45 am
Forum: Announcements
Topic: MikroTik Devices Controller
Replies: 374
Views: 259883

Re: MikroTik Devices Controller

Its a great idea. I manage approximately 97 mikrotik devices from my desk. Of which I have about 12 different models of MT hardware incl a couple of VM's Dude only gets me so far with f/w updates with the hardware side. Ideally I want a platform that : 1. Keeps an eye on configs across all devices a...
by killersoft
Sat Apr 16, 2022 3:50 pm
Forum: RouterBOARD hardware
Topic: CRS sfp woe's
Replies: 4
Views: 1167

Re: CRS sfp woe's

Yep, seems pretty normal for generic sfp's to randomly work between MT chassis. I have about 50 MT devices in my care all using fiber trunks. Generally speaking I use either genuine mikrotik SFP's, or Cisco Genuine( which seem to work fine ) in my MT gear. I also keep an eye on : https://wiki.mikrot...
by killersoft
Wed Apr 13, 2022 9:30 am
Forum: RouterBOARD hardware
Topic: Dying Gasp Syslog message.
Replies: 2
Views: 1712

Dying Gasp Syslog message.

Hi Mikrotik Next time your dev'ing up some hardware, can you look at the possibility of adding in a 'feature' as seen in some Cisco gear known as Dying Gasp. It would be nice for the last function of a router/switch who has remote syslog to receive a message with. I'm done, all power has been lost I...
by killersoft
Sun Apr 10, 2022 6:06 am
Forum: RouterOS beta
Topic: 802.1AE MACsec Progress or Examples ?
Replies: 46
Views: 22424

Re: 802.1AE MACsec Progress or Examples ?

I have not seen Mikrotik do anything in this area.!!! The MACSEC option has been there in the console since the very first v7 RC public release back in 2019. Its 2022 and NOTHING, yet > interface/macsec is there hidden in place sight of the console terminal... bump... I've Tried to configure it on l...
by killersoft
Tue Apr 05, 2022 3:22 pm
Forum: Beginner Basics
Topic: CAP AC Apple M1 doesn't like Wi-Fi - works on all android phones and also on ipad
Replies: 4
Views: 746

Re: CAP AC Apple M1 doesn't like Wi-Fi - works on all android phones and also on ipad

Wireless Tables -> Access list is your friend... Kick low signal clients( from the perspective of the AP ) using it. E.g /interface wireless access-list add allow-signal-out-of-range=30s interface=wlan1 signal-range= -86..120 add allow-signal-out-of-range=1s authentication=no forwarding=no interface...
by killersoft
Thu Mar 10, 2022 2:50 am
Forum: RouterBOARD hardware
Topic: Defective WAP R
Replies: 4
Views: 1549

Re: Defective WAP R

Log into it 1st up via WIFI ( The default state from opening the box is the unit has WiFi AP enabled )
Then remove the default config, via MAC/WINBOX.
by killersoft
Wed Mar 02, 2022 5:04 am
Forum: RouterBOARD hardware
Topic: CRS312 speed drop after some time
Replies: 1
Views: 676

Re: CRS312 speed drop after some time

I have nearly every CRS3xx box in my network, but CRS312 is not one of them(yet!), but have not come across such issue. Could you list your config. And double check your error counters on your connected ports/sfp's to see if drops match against heat load( may be a sfp issue if you use them ? ) Other...
by killersoft
Tue Mar 01, 2022 1:44 am
Forum: General
Topic: CRS326-24S+2Q+RM divides all speed by 3
Replies: 13
Views: 1839

Re: CRS326-24S+2Q+RM divides all speed by 3

These units are not really different conceptually to a Layer-3 switch from Cisco e.g Catalyst 3560G( one sitting on my desk atm ! ). I have 1xCRS326-24S+2Q+RM in my network, but its primary role is wire-speed switching, and the only offloaded cpu task I hand to it is the management vlan network. Pro...
by killersoft
Mon Feb 28, 2022 12:28 am
Forum: Beginner Basics
Topic: Has anyone set up the port forwarding for GTA Online and can help me?
Replies: 3
Views: 2324

Re: Has anyone set up the port forwarding for GTA Online and can help me?

Hi. I'd recommend you doing some basic online network courses 1st up to get basic network understanding. You don't do port-forwarding unless your running a local server people connect to. Don't confuse connecting to an external server's Port requirements to having your own server, they network flow ...
by killersoft
Sat Feb 26, 2022 2:01 am
Forum: Announcements
Topic: Newsletter 104
Replies: 54
Views: 27467

Re: Newsletter 104

Can you fix your front web page newsletter date. Its set to 2021 !
Cheers
by killersoft
Sat Feb 05, 2022 8:08 am
Forum: RouterBOARD hardware
Topic: Which RouterBoards/routers have USB3-compatible mPCIe slots? (If any)
Replies: 6
Views: 3157

Re: Which RouterBoards/routers have USB3-compatible mPCIe slots? (If any)

MT Boards with chips like IPQ40xx chipsets are USB3 compatible, just need to check they have a minipcie interface and away you go.. e.g : https://www.qualcomm.com/products/ipq4019 MT boards like : AP ac(RBwAPGR-5HacD2HnD) are what your looking for :) Remember to look at the chipset datasheets to see...
by killersoft
Fri Feb 04, 2022 2:11 am
Forum: SwOS
Topic: Accidentally unchecked all "Allow From Ports", now locked out
Replies: 1
Views: 4307

Re: Accidentally unchecked all "Allow From Ports", now locked out

No console port by the looks ( Should have gone the CRS ! ), and thats a classic lock out
I suspect a factory reset is your only way forward
by killersoft
Fri Feb 04, 2022 2:07 am
Forum: RouterBOARD hardware
Topic: Product Request: 48 port SFP switch
Replies: 8
Views: 6439

Re: Product Request: 48 port SFP switch

For sure.
I'v run out of ports (>24 ports in use ) on a couple of areas with sfp / sfp+.
Would love a 36/48 port sfp+.

Maybe even if it was modular and dual hot swapable power supplies.

If it native 802.11AE/ Macsec working for trunks I'd love that too !
by killersoft
Tue Dec 28, 2021 6:33 am
Forum: RouterBOARD hardware
Topic: Which MT router has a hardware bandwidth shaper?
Replies: 17
Views: 6521

Re: Which MT router has a hardware bandwidth shaper?

Old time hardware favorite bandwidth shaper.
shaper.png
by killersoft
Wed Dec 22, 2021 11:59 am
Forum: RouterBOARD hardware
Topic: wsAP ac
Replies: 5
Views: 5388

Re: wsAP ac

Then why not a wAP ac
https://mikrotik.com/product/wap_ac
That's got 2x 1gbit interfaces and later gen ipq-4018 cpu and wifi-5 ac1200.

And its ceiling or wall mountable
by killersoft
Wed Dec 22, 2021 4:21 am
Forum: RouterBOARD hardware
Topic: Bricked HAP AC3 - any way to install ROS from USB?
Replies: 5
Views: 4880

Re: Bricked HAP AC3 - any way to install ROS from USB?

Netinstall can suck, and can be the actual PC's/Laptop network interface causing trouble in getting netinstall to work.
I'v found (sadly) sometimes I have been forced to use a usb to ethernet adaptorto get netinstall to work, after trying a dozen times on a specific pc or laptop.
by killersoft
Wed Dec 22, 2021 4:18 am
Forum: RouterBOARD hardware
Topic: wsAP ac
Replies: 5
Views: 5388

Re: wsAP ac

Why not use a cAP XL ac

From my bench testing of these, its about 3 dB higher RX( based on noise level testing against a cAP ac) , and they have also bumped the TX power by +3dB too.
Should be no problem for +100Mbps throughput @ 5GHz at reasonable line of sight distances.
by killersoft
Wed Dec 22, 2021 4:04 am
Forum: RouterBOARD hardware
Topic: Support for LTE Band 66 (1700 MHz)
Replies: 5
Views: 5778

Re: Support for LTE Band 66 (1700 MHz)

Indeed band 66 is not part of the physical hardware you have installed in your LHG LTE6 and cannot be 'software fixed' Your best bet if you want to use that band is to remove the LTE card inside your LHG and replace it out with a suitable card that supports band 66. Something like a Quectel EP06-A w...
by killersoft
Wed Dec 22, 2021 3:43 am
Forum: RouterBOARD hardware
Topic: LoRa module not working in RBLtAP-2HnD&R11e-LTE&LR8 [SOLVED]
Replies: 4
Views: 6681

Re: LoRa module not working in RBLtAP-2HnD&R11e-LTE&LR8 [SOLVED]

You need to add the LoRa package from the Mikrotik ->Downloads->"Extra Packages", extract out the LoRa package and drag it into winbox, the same as you would to upgrade the router with the main software update. So I would update to the latest long-term or stable(depending on your risk asse...
by killersoft
Tue Dec 14, 2021 6:15 am
Forum: RouterBOARD hardware
Topic: Quectel EP06-E and wAP R ac (RBwAPGR-5HacD2HnD)
Replies: 42
Views: 82965

Re: Quectel EP06-E and wAP R ac (RBwAPGR-5HacD2HnD)

If anyone needs the EP06-E firmware upgrade(EP06ELAR03A08M4G.zip) and is not getting a response from Quectel support. I have a copy of it after much pain in getting it from Quectel. The upgrade process was a relative painless operation of the firmware upgrade using the Quectel v4.19 flash tool and h...
by killersoft
Fri Dec 03, 2021 7:43 am
Forum: Announcements
Topic: v7.1 is released!
Replies: 785
Views: 239940

Re: v7.1 [testing] is released!

7.1 Installed(updated) ok on x86(test) and on RBcAPGi-5acD2nD.

MACSec/802.11AE still not working....
by killersoft
Sun Nov 28, 2021 11:14 am
Forum: RouterOS beta
Topic: 802.1AE MACsec Progress or Examples ?
Replies: 46
Views: 22424

Re: 802.1AE MACsec Progress or Examples ?

Please Mikrotik, can you add some comments on where MACSEC is currently at.. Now trying with 7.1rc7 using x86... All I see is ether-type traffic 888e on the interface I configured it on between 2x VM's. I can add an IP against the 'macsec1' interface using the command line( not winbox ) too,. mikrot...
by killersoft
Sun Oct 17, 2021 5:42 am
Forum: RouterBOARD hardware
Topic: USB license dongles for x86(virtulization)
Replies: 0
Views: 1819

USB license dongles for x86(virtulization)

Hi, I was wondering if Mikrotik would introduce physical USB license dongles. Use case I have is in an x86 virtualization scenario, where NO internet connections is unavailable(eg CHR). Notably the deletion/modification or moving an x86 VM would require a newly generated x86 license code. Passing th...
by killersoft
Fri Oct 15, 2021 7:17 am
Forum: RouterBOARD hardware
Topic: RB4011 speed limit at 1GB
Replies: 15
Views: 11914

Re: RB4011 speed limit at 1GB

Can you show us the CPU usage of both A. Your LAPTOP/PC and B. Your Router.

Speed Test dies when cpu on a PC/Laptop hits 100% !
by killersoft
Sun Jul 04, 2021 6:22 am
Forum: Announcements
Topic: Newsletter June 2021 (#100)
Replies: 54
Views: 36886

Re: Newsletter June 2021 (#100)

Why would mikrotik, make a niche product for that band plan by FCC. Niche? 6 GHz is used for 802.11ax world wide (https://en.wikipedia.org/wiki/IEEE_802.11ax-2021). Within Q3/Q4 2021, vendors start selling their enterprise access points. Consumer routers with triple radios (2.4GHz, 5 GHz, 6GHZ) and...
by killersoft
Sat Jul 03, 2021 2:38 pm
Forum: Announcements
Topic: Newsletter June 2021 (#100)
Replies: 54
Views: 36886

Re: Newsletter June 2021 (#100)

Wifi 6 when? I am starting to wonder if Wi-Fi 6 or Wi-Fi 6e is even on the road map. Over a year ago , the FCC opened up the 6 GHz band (5.925–7.125 GHz) and made it available for unlicensed use. More than a year later and total lack of any official Mikrotik information, I can only assume there are...
by killersoft
Thu May 20, 2021 6:21 am
Forum: RouterOS beta
Topic: v7.1beta6 [development] is released!
Replies: 377
Views: 250513

Re: v7.1beta6 [development] is released!

Has 802.11AE / MACSEC been fixed yet ?
by killersoft
Sun Feb 28, 2021 8:29 am
Forum: RouterOS beta
Topic: 802.1AE MACsec Progress or Examples ?
Replies: 46
Views: 22424

Re: 802.1AE MACsec Progress or Examples ?

Bump..
Any news on this front Mikrotik I have tried with 7.1beta4 and still cannot get MACSEC up???
by killersoft
Thu Jan 07, 2021 4:29 am
Forum: Wireless Networking
Topic: LTE CAT6 modem disconnecting every 2-3 minutes
Replies: 44
Views: 26263

Re: LTE CAT6 modem disconnecting every 2-3 minutes

I heard 2 things to try. 1. is to bulk up your sim card with some tape at the back of it to ensure its pushing up against the pins, as apparently some sim's are thinner than the specification 2. There is a beta v027(as of Jan2021) that mikrotik can send you. They will also ask you to put the current...
by killersoft
Wed Jan 06, 2021 12:45 am
Forum: Beginner Basics
Topic: LtAP LTE6 regularly disconnects from LTE network
Replies: 12
Views: 6932

Re: LtAP LTE6 regularly disconnects from LTE network

I did not think about the SIM card, as an issue, but yes that could cause random issues. That said, if it was working well before you upgraded, it might not be sim card issue.
by killersoft
Wed Jan 06, 2021 12:09 am
Forum: General
Topic: Mikrotik Radius Connection
Replies: 6
Views: 2002

Re: Mikrotik Radius Connection

Well your radius service needs to be made routable to your mikrotik-router, or put pfsense on your local LAN segment.
by killersoft
Mon Jan 04, 2021 12:49 am
Forum: Beginner Basics
Topic: LtAP LTE6 regularly disconnects from LTE network
Replies: 12
Views: 6932

Re: LtAP LTE6 regularly disconnects from LTE network

Well, yes, you can overdrive a RF front end pretty easily. I'm a ham radio operator too, and have experienced that for myself on RF equipment. You can also simulate that with an Access point and a client sitting on top of one-another, notable throughput can drop a bit, as opposed to being ~1meter aw...
by killersoft
Mon Jan 04, 2021 12:28 am
Forum: General
Topic: Mikrotik Radius Connection
Replies: 6
Views: 2002

Re: Mikrotik Radius Connection

To use your pfsense/ freeradius as a login for mikrotik. Use winbox : RADIUS -> check the login button & add in the IP address of your pfsense box & add in your pfsense/freeradius login password. On System->UserList, click the AAA, and check the "use Radius" Thats it. RADIUS HOW TO...
by killersoft
Sun Jan 03, 2021 2:20 pm
Forum: Beginner Basics
Topic: Phone number as hotspot login
Replies: 2
Views: 3464

Re: Phone number as hotspot login

Just add the phone number to mikrotiks userman as both username/password. And set the account for a 30min timeout. Or use radius, same deal username/password as the phone number. You could add a virtual AP and just have your mate login to the VAP with a WPA2 with just a phone number as the WPA2 pass...
by killersoft
Sun Jan 03, 2021 1:35 pm
Forum: Beginner Basics
Topic: LtAP LTE6 regularly disconnects from LTE network
Replies: 12
Views: 6932

Re: LtAP LTE6 regularly disconnects from LTE network

Hi, Yes, you should not have issues with that antenna, or those signal levels.( maybe you have too much signal LOL(wrap some aluminum around the external antennas to drop it back ! ) I note your probably doing Carrier Aggregation on B1 + B20. I wonder if you force the modem to only do band 1 OR 20, ...
by killersoft
Sun Jan 03, 2021 8:50 am
Forum: General
Topic: Two tunnels between two routers? EoIP + IPIP
Replies: 5
Views: 2344

Re: Two tunnels between two routers? EoIP + IPIP

EoIP is basically a Layer2 link.
You can add your VLANs or other tunnels inside your EoIP interface..( not sure why you would tunnel in a tunnel as your MTU on you inner tunnel is going to small, plus your CPU load will be high running it like that )
by killersoft
Sun Jan 03, 2021 7:59 am
Forum: Forwarding Protocols
Topic: idea: EoIP for high latency/lossy connections => Forward Error Correction
Replies: 9
Views: 7503

Re: idea: EoIP for high latency/lossy connections => Forward Error Correction

FEC is common on networks such as satellite comm's. That said, it will be CPU intensive, especially over EoIP. Noting that TCP knows when frames have not been received and windowing of the frame. I would image that using a smaller TCP window size is the better option. As for UDP( Voip / Gaming packe...
by killersoft
Sun Jan 03, 2021 5:58 am
Forum: Beginner Basics
Topic: LtAP LTE6 regularly disconnects from LTE network
Replies: 12
Views: 6932

Re: LtAP LTE6 regularly disconnects from LTE network

Hi, have you installed the external antenna's for the unit, also what is your signal strength indicators RSRP/RSRQ/SINR etc ? Also what if your providers frequency's/band's V.S what LTE/4G towers(and there associated frequencies/band) are nearby. https://www.youtube.com/watch?v=ysiSoglchg0 I install...
by killersoft
Sun Jan 03, 2021 2:46 am
Forum: Beginner Basics
Topic: howto create a trunk between mikrotik & mikrotik
Replies: 2
Views: 3656

Re: howto create a trunk between mikrotik & mikrotik

The answer is YES for your trunk.( and yes its compatible too with Cisco trunks too(and other vendors), not just MT->MT ) There are at least 2 ways of achiving it and depending on your mikrotik's hardware(e.g Rb vs CRS) there are a couple of different ways to configure it to do the same thing( One b...
by killersoft
Sun Jan 03, 2021 2:31 am
Forum: Beginner Basics
Topic: Enable 5Ghz band for wifi
Replies: 6
Views: 6505

Re: Enable 5Ghz band for wifi

Your rb951g-2hnd does not have a 5GHz WiFi chip/radio in it.
by killersoft
Fri Oct 09, 2020 1:23 am
Forum: RouterBOARD hardware
Topic: When will we see 802.11ax ??
Replies: 0
Views: 1430

When will we see 802.11ax ??

When are we likely to hear about 802.11ax products. ?? E.G "cAP ax" :)
Running a significant Mikrotik Wi-Fi network here(50+ AP's(yes with AC)), and now seeing plenty of people with .11AX phones, laptops now onsite..
Just bolt a IPQ8074 into one of your boards MT :)
by killersoft
Sat Sep 12, 2020 7:04 am
Forum: RouterOS beta
Topic: IDS / IPS Package
Replies: 4
Views: 20389

Re: IDS / IPS Package

Actually mikrotik does DPI (https://wiki.mikrotik.com/wiki/Manual:IP/Firewall/L7). And no, it cannot break SSL etc, nor do I care whats inside normal day to day end user traffic as long as the end machine its not breaking my or SNIFFING around my NETWORK, and if it IS, then I want to detect those LA...
by killersoft
Sat Sep 12, 2020 4:20 am
Forum: RouterOS beta
Topic: IDS / IPS Package
Replies: 4
Views: 20389

IDS / IPS Package

Hi. Would it be plausible to 'integrate' an IDS / IPS " package " into RouterOS 7 ? I know it would be both CPU & storage-wise expensive. That said, I propose it as a package, and aimed at x86 / CHR (virtualized) & up-scaled Mikrotik Hardware. I know you can of course stream IP tra...
by killersoft
Thu Sep 03, 2020 5:46 am
Forum: Announcements
Topic: WinBox v3.27 released!
Replies: 100
Views: 64232

Re: WinBox v3.27 released!

Just tried to use 3.27 on a RB2011(current long term). I cannot add data to the firewall -> NAT, each line goes blank when I highlight it..
I need to revert to an older version now.
by killersoft
Sat Aug 22, 2020 4:11 am
Forum: RouterOS beta
Topic: v7.1beta2 [development] is released!
Replies: 385
Views: 160837

Re: v7.1beta2 [development] is released!

I still cannot get MACSEC running between devices("Gets to negotiating only"). Any suggestions ? /interface macsec add cak=4cb39ed149d0e0dbea5fad4b91e5456f ckn=f98446584e49ad9e2cd99b2aff00adb73e0b4109eb916b8d5bbe208dda274abb \ disabled=no interface=ether5 name=macsec1 profile=default [admi...
by killersoft
Fri Aug 07, 2020 6:47 am
Forum: RouterBOARD hardware
Topic: next-gen wireless
Replies: 1
Views: 1345

Re: next-gen wireless

Nice to have next-gen products!!
.AX & WPA3 support.
Maybe 3x3 mimo plus..
Potentially other limited band support of wifi( 60ghz , 24Ghz ?)
by killersoft
Fri Aug 07, 2020 6:45 am
Forum: RouterBOARD hardware
Topic: Which Mikrotik 4G/LTE products support 2 external antennas?
Replies: 2
Views: 1301

Re: Which Mikrotik 4G/LTE products support 2 external antennas?

Take a look at LtAP-mini or LtAP ,with your choice of MT-LTE card, you just need 2x~5 to10cm u.fl -> SMA patch leads & a drill. Job done, then you can put your external antenna. Else there are plenty of other offerings like a routerboard and again install your LTE card onto and do your own custo...
by killersoft
Fri Aug 07, 2020 4:20 am
Forum: RouterBOARD hardware
Topic: Groove lightning protection
Replies: 2
Views: 1252

Re: Groove lightning protection

Having managed a few massive satellite ground stations in my time, 2 things usually happen. 1 is the lightning rods on the top of the satellite dish which is directly cabled to ground safely takes the hit. Lightning arresters installed after waveguide->LNA/LNBs->Coax go open circuit(blow the fuse), ...
by killersoft
Tue Aug 04, 2020 4:39 pm
Forum: SwOS
Topic: feature request - https for webui
Replies: 31
Views: 15994

Re: feature request - https for webui

Why not SSH to the unit (better than web based config)?
You could go back to RouterOS(The switch menu is there, if you need pure wire-speed config ) and use Winbox or SSH for secure logging in.
RouterOS supports HTTPS too.
https://wiki.mikrotik.com/wiki/Manual:W ... ling_HTTPS
by killersoft
Tue Aug 04, 2020 4:26 pm
Forum: RouterBOARD hardware
Topic: CCR Recommendation
Replies: 4
Views: 2092

Re: CCR Recommendation

Why CCR (Whats your bandwidth your forwarding/inputting )? Most RB's will do fine.
Try a RB4011, good bang for buck, or just run a x86 VM of RouterOS.
by killersoft
Tue Aug 04, 2020 12:58 pm
Forum: General
Topic: RBLtAP-2HnD&R11e-LTE configuration issue
Replies: 5
Views: 2280

Re: RBLtAP-2HnD&R11e-LTE configuration issue

I think in your case, you will need a second LTE/4G card to achieve what you want to do with sim1 being for LAN and sim2 being for wifi services. Pretty stright forward MT route config. That said, I think you will then need to do some homework on antennas for a dual card setup. Not sure if it helps ...
by killersoft
Tue Aug 04, 2020 12:45 pm
Forum: General
Topic: RBLtAP-2HnD&R11e-LTE configuration issue
Replies: 5
Views: 2280

Re: RBLtAP-2HnD&R11e-LTE configuration issue

Arr my mistake
2 ltap questions with similar usernames !!
by killersoft
Tue Aug 04, 2020 12:24 pm
Forum: General
Topic: RBLtAP-2HnD&R11e-LTE configuration issue
Replies: 5
Views: 2280

Re: RBLtAP-2HnD&R11e-LTE configuration issue

Please see my response to your earlier post.
viewtopic.php?f=13&t=164306
by killersoft
Tue Aug 04, 2020 12:15 pm
Forum: Beginner Basics
Topic: Bad performance with LTaP LTE6
Replies: 19
Views: 5568

Re: Bad performance with LTaP LTE6

EC25-xx(whatever) has a USB2 minipcie interface and will work in the LtAP with out hardware issue as LtAP's chipet is USB2/MiniPCIe cpu based board. EP06-xx IS USB 3.0 interfaced card on the hardware interface and will require you to tape/glue or cut pins on the card to get it to work in USB 2 mode(...
by killersoft
Sun Aug 02, 2020 8:14 am
Forum: RouterBOARD hardware
Topic: Quectel EP06-E and wAP R ac (RBwAPGR-5HacD2HnD)
Replies: 42
Views: 82965

Re: Quectel EP06-E and wAP R ac (RBwAPGR-5HacD2HnD)

How did it show you that it was using CA? I'm not seeing that. But maybe it's different with a Mikrotik modem. RBwAPGR-5HacD2HnD WITH A R11e-LTE6 card (Card firmware version R11e-LTE6_V025).. See how winbox shows Primary Band & CA Band.. Sometimes its different bands like B3/B7 or vise versa !!...
by killersoft
Sat Aug 01, 2020 9:12 am
Forum: RouterOS beta
Topic: 802.1AE MACsec Progress or Examples ?
Replies: 46
Views: 22424

802.1AE MACsec Progress or Examples ?

Hi, just wondering if there is any formal documentation for Mikrotik's 802.1AE (AKA MACsec) in RoS v7. Given its been in RoS v7 at least since its early beta release I was hoping to see some doco on it by now. As of yet I have not got it working between devices( Get as far as it 'negotiating', and c...
by killersoft
Tue Jul 28, 2020 3:49 pm
Forum: RouterBOARD hardware
Topic: SXT LTE antenna mod for B28 - it's working! [SOLVED]
Replies: 6
Views: 5230

Re: SXT LTE antenna mod for B28 - it's working! [SOLVED]

Interesting installation on a SXT.
Band 28 is hard to get right given the physically large antenna required to have a good efficiency(Q rating) for a given antenna.
I'm sending some gear up to rural NSW tomorrow for a B28 job, the other guy is a ham radio operator and is making his own B28 antenna.
by killersoft
Sun Jul 26, 2020 10:39 am
Forum: RouterBOARD hardware
Topic: Quectel EP06-E and wAP R ac (RBwAPGR-5HacD2HnD)
Replies: 42
Views: 82965

Re: Quectel EP06-E and wAP R ac (RBwAPGR-5HacD2HnD)

I answered my own question. This is definitely a whole lot easier with RouterOS 7 beta. It's just plug and play. So that's what I'm using. WinBox doesn't seem to have any indication that the modem is using carrier aggregation, but based on the output of AT+QCAINFO ("Query Carrier Aggregation P...
by killersoft
Sun Jul 26, 2020 9:58 am
Forum: RouterBOARD hardware
Topic: Fixed AP's with external sensors
Replies: 1
Views: 1330

Fixed AP's with external sensors

Hi, just throwing this one out there since we know MT's are flexible in their architecture & designs. I was staring at my cAP AC mounted in the ceiling of my house, and was thinking wouldn't it be great if the unit had plug-inable sensors like : "Smoke detector", "Particulate dete...
by killersoft
Fri Jul 17, 2020 9:40 am
Forum: Beginner Basics
Topic: Mikrotik and Esxi 6.7 NIC teaming (802.3ad) ISSUE
Replies: 4
Views: 7064

Re: Mikrotik and Esxi 6.7 NIC teaming (802.3ad) ISSUE

Thanks for the advice on that. Just about to buy Vmware essentials plus kit v7.0.. The problem is neither the physical switch nor the routerOS license level. It's in ESX. Link aggregation is only supported on distributed switches. These are only available from vSphere enterprise license level upward...
by killersoft
Thu Jul 16, 2020 12:51 pm
Forum: Beginner Basics
Topic: Mikrotik and Esxi 6.7 NIC teaming (802.3ad) ISSUE
Replies: 4
Views: 7064

Re: Mikrotik and Esxi 6.7 NIC teaming (802.3ad) ISSUE

I'm looking to do the same thing very soon, so a tested config( & esxi notes appreciated )
by killersoft
Fri Jul 10, 2020 11:59 am
Forum: Beginner Basics
Topic: Winbox can not see Mikrotik wsAP AC Lite connected to router
Replies: 5
Views: 2491

Re: Winbox can not see Mikrotik wsAP AC Lite connected to router

Depends on your config about whats wrong with why you cannot see other devices If you don't want to use capsman then just create a bridge, add all your LAN side ports & WLAN ports onto the bridge interface. Give your bridge an private IP address of your liking ( 192.168.1.1/24 ) Add your normal ...
by killersoft
Fri Jul 10, 2020 11:01 am
Forum: Announcements
Topic: v6.47.1 [stable] is released!
Replies: 146
Views: 100153

Re: v6.47.1 [stable] is released!

Impossible to update in Hap Lite.
smips.JPG
hAP update seems ok to me.
Image
by killersoft
Thu Jul 09, 2020 6:59 am
Forum: General
Topic: Multiple Road Warrior L2TP/IPsec clients behind NAT - solved
Replies: 102
Views: 92291

Re: Multiple Road Warrior L2TP/IPsec clients behind NAT - solved

Client can connect to far end(srv side) internet if IPSEC is disabled If IPSEC = enabled ( client box cant get past client-side MT ) & notably the srcnat rule doesn't get a hit from the client. No problems under 6.45.9 !! Can you post both Mikrotik configurations (see anonymisation hints in my ...
by killersoft
Wed Jul 08, 2020 5:22 am
Forum: General
Topic: Multiple Road Warrior L2TP/IPsec clients behind NAT - solved
Replies: 102
Views: 92291

Re: Multiple Road Warrior L2TP/IPsec clients behind NAT - solved

Can confirm in 6.47 there is an issue with l2tp/ipsec vpn, where the server + client device is also a mikrotik, and the client runs a NAT. The client side NAT rule doesnt even get a hit when IPSEC is enabled(both ends). If I turn it off(both ends) and just run l2tp, all is good and the src-nat rule ...
by killersoft
Sun Jul 05, 2020 5:12 pm
Forum: Announcements
Topic: Future of LTE products, user feedback requested
Replies: 208
Views: 108121

Re: Future of LTE products, user feedback requested

1. At least cat 6 2. Australia is currently using these LTE bands: 2100MHz (B1) 1800MHz (B3) 850MHz (B5) 2600MHz (B7) 900MHz (B8) 700MHz (B28) ** works well in long distance in Aus environment *** 2300MHz (B40) 3. 2G was discontinuted a couple of years ago in country. 3G will start being removed in ...
by killersoft
Sat Jun 06, 2020 4:53 am
Forum: RouterOS beta
Topic: v7.0beta8 [development] is released!
Replies: 178
Views: 95004

Re: v7.0beta7 [development] is released!

Please keep this topic related to the problems found in this RouterOS release. This topic is not made for feature requests. For that please create a new topic or contact support@mikrotik.com. Where is CAKE?!?!?!? Literally everyone expects it, yet there's nothing about it from mikrotik.. Kind of pa...
by killersoft
Sat Jun 06, 2020 4:23 am
Forum: RouterOS beta
Topic: v7.0beta8 [development] is released!
Replies: 178
Views: 95004

Re: v7.0beta8 [development] is released!

LtAP mini VS v7.0beta 8 Well the wifi via a station & station bridge mode does not work. It connects briefly(10 seconds), then drops( no its not a signal, issue, 6.47 works a treat on the same unit)). I have a Quectel EC25 LTE board in it. That works no problem ! Doing a WiFi SCAN produces rando...
by killersoft
Tue Mar 17, 2020 11:01 pm
Forum: General
Topic: Can't use vlan 1 as management vlan
Replies: 10
Views: 7771

Re: Can't use vlan 1 as management vlan

As a rule dont try and do VLAN 1 as a management vlan or as a separate vlan, you will come unstuck with vendors and some Linux kernel versions. In Cisco world vlan 1 is the Native vlan e.g the default layer 2 traffic on an unconfigured switch . Googling 'vlan 1' or 'native vlan' has so many varied r...
by killersoft
Wed Mar 04, 2020 1:45 am
Forum: General
Topic: switch that supports more than four 40-Gig ports
Replies: 16
Views: 6464

Re: switch that supports more than four 40-Gig ports

Hi. Attached is a screen shot of what RouterOS shows for 2xQSFP's in a CRS326-24S+2Q+
CRS326-24S+2Q+.png
by killersoft
Wed Mar 04, 2020 1:36 am
Forum: General
Topic: switch that supports more than four 40-Gig ports
Replies: 16
Views: 6464

Re: switch that supports more than four 40-Gig ports

Need more than 4x 40Gb ports then check Cisco 9500 series out..
https://www.cisco.com/c/en/us/products ... index.html
by killersoft
Wed Mar 04, 2020 12:39 am
Forum: Beginner Basics
Topic: MGMT and WIRELESS WIRE DISH
Replies: 1
Views: 2595

Re: MGMT and WIRELESS WIRE DISH

There are a few ways to do a Management-VLAN for MT devices, and you could just add a VLAN against your trunk interface(not a great recommendation, but will get you out of a tough spot ). OR do it the better way for MT/RouterOS https://wiki.mikrotik.com/wiki/Manual:Basic_VLAN_switching The info belo...
by killersoft
Fri Nov 15, 2019 12:30 pm
Forum: RouterOS beta
Topic: MACSec beta3
Replies: 2
Views: 6303

MACSec beta3

Hi. I am testing out MACSec(beta 3) on a RB951G-2HnD & RB750G, but cannot seem to get the two mikrotik units past "negotiating". I'm using the same cak and ckn values between the units, and the ethernets are of course connected together. I'm using the same code(different interface name...
by killersoft
Thu Aug 22, 2019 9:12 am
Forum: General
Topic: Feature requests
Replies: 1792
Views: 674116

Re: Feature requests

Please add IEEE 802.1AE AKA MACSEC to Router & SwitchOS.
by killersoft
Thu Jul 25, 2019 11:36 am
Forum: RouterBOARD hardware
Topic: Quectel EP06-E and wAP R ac (RBwAPGR-5HacD2HnD)
Replies: 42
Views: 82965

Re: Quectel EP06 and wAP R ac (RBwAPGR-5HacD2HnD)

Thanks mkx for the eNB ID info. @RogerWilco Consider a EC25-AU as it is electrically more compatible(+RCM compliant) with most MT boards (usb 2) plus it also fully support all the AUS bands(like B28). See(about taping pins): https://wiki.mikrotik.com/wiki/Cellular_Quectel_modems_01 That said, I susp...
by killersoft
Wed Jul 24, 2019 12:41 pm
Forum: RouterBOARD hardware
Topic: Quectel EP06-E and wAP R ac (RBwAPGR-5HacD2HnD)
Replies: 42
Views: 82965

Re: Quectel EP06 and wAP R ac (RBwAPGR-5HacD2HnD)

This is quite subjective, also to note is that the EP06-E is running on the default antenna's on my w AP R ac unit. Also I am currently back in Victoria. I suspect that the B28 tower is at a different location to the other tower doing band 3&7!? So B3 / B7 /B28 .. BAND 3.png BAND 7.png BAND 28.p...
by killersoft
Mon Jul 22, 2019 6:45 am
Forum: General
Topic: v7 Linux Kernel version ?
Replies: 6
Views: 9536

v7 Linux Kernel version ?

Just curious, what Linux version will/is ROS v7 be running under the hood ?
(Noting v6 is running v3.3.5)
by killersoft
Sun Jul 21, 2019 8:24 am
Forum: RouterBOARD hardware
Topic: Quectel EP06-E and wAP R ac (RBwAPGR-5HacD2HnD)
Replies: 42
Views: 82965

Re: Quectel EP06 and wAP R ac (RBwAPGR-5HacD2HnD)

Nice mate! Finding a modem that works with LTE and not PPP with B28 + Telstra is perfect. I don't suppose you could tell me where in Australia you got the card and what firmware is on it? What speeds you getting with the modem? Hi. I picked up the EP06-E from ebay : https://www.ebay.com.au/itm/1838...
by killersoft
Sat Jul 20, 2019 2:09 pm
Forum: RouterBOARD hardware
Topic: Quectel EP06-E and wAP R ac (RBwAPGR-5HacD2HnD)
Replies: 42
Views: 82965

Quectel EP06-E and wAP R ac (RBwAPGR-5HacD2HnD)

Well happy to report that a Quectel LTE EP06-E(RCM compliant) installed in a wAP ac(RBwAPGR-5HacD2HnD) tested using ROS 6.45.1 works without the need to cut or tape pins on the card. (I am testing with ALDI mobile(mdata.net.au APN, which uses Telstra Towers here in Australia ). I used this to get to...
by killersoft
Sun Jul 14, 2019 6:30 am
Forum: Beginner Basics
Topic: Which CAT4/CAT6 LTE modem has compatibility & reliability?
Replies: 4
Views: 2318

Re: Which CAT4/CAT6 LTE modem has compatibility & reliability?

I have an ec25-AU. It took me about 15 minutes of buggering around to get it to LTE mode from the default PPP mode ( In the end I actually put it in my latop, installed (windows drivers for it), Connected to the COM port, Putty'ed into the com port and put in the command(as seen on the MT wiki ). Pl...
by killersoft
Wed Jul 10, 2019 2:11 pm
Forum: General
Topic: Which CAT4/CAT6 LTE
Replies: 4
Views: 2508

Re: Which CAT4/CAT6 LTE

I am running a EC25-AU in a LtAP, its currently running outback Australia. Its with 2x 3dBi Antennas and is working a treat on 3G( getting ~-81dBm). 4G lte b28 700MHz also works well, but getting a better signal off 3G 850Mhz at the moment and due to my extreme tower edge location. My phones I have ...
by killersoft
Thu Jul 04, 2019 12:34 pm
Forum: General
Topic: Quectel EC25 Issue with WAP-R
Replies: 1
Views: 1588

Re: Quectel EC25 Issue with WAP-R

Hi. I have the same issue. I'm trying to look into it to see if it can be changed to some sort of bridge mode, rather than the NAT style address its giving out. !
by killersoft
Tue May 07, 2019 7:35 am
Forum: RouterBOARD hardware
Topic: RB4011iGS+RM RACK EARS
Replies: 1
Views: 1530

RB4011iGS+RM RACK EARS

Having recently obtained a couple of MT RB4011iGS+RM's for install in a rack. I have to say what a poor rack ear attachment design for this router. The router is a nice robust bit of kit, but the rack ear attachment is terrible. Just 1 small screw on either ear to hold this unit is place is just cra...
by killersoft
Thu Apr 18, 2019 3:29 am
Forum: Wireless Networking
Topic: Why wireless 'A'-mode when I hard set to N-mode [SOLVED]
Replies: 2
Views: 2322

Why wireless 'A'-mode when I hard set to N-mode [SOLVED]

Hi. I have a bit of a general MT wireless question. I have run MT gear for a long time(10 Years now!) and have seen this wireless link phenomenon notably in my long distance links(7KM's+), but never understood why this occurs. This is notable when I am passing little to no traffic. If I have hard se...
by killersoft
Sat Mar 30, 2019 2:49 am
Forum: General
Topic: UKNOF 43 CVE
Replies: 223
Views: 84962

Re: UKNOF 43 CVE

Maybe its time for MT to consider a parallel "community" like edition version of RouterOS. That open to view /compile "source code" and allows the community to quickly fix issues(CVE's !!!) and add networking functionality as community made plugin's for MT Hardware..
by killersoft
Sat Mar 30, 2019 2:05 am
Forum: General
Topic: UKNOF 43 CVE
Replies: 223
Views: 84962

Re: UKNOF 43 CVE

At some point enough, is enough. And yes, other vendors have other issues. Other vendors may also be more costly. But at least other vendors take responsibility for their products, have a clear guideline what a timely response to a ticket is and implement critical features, that customers and the i...
by killersoft
Sat Mar 30, 2019 1:44 am
Forum: General
Topic: UKNOF 43 CVE
Replies: 223
Views: 84962

Re: UKNOF 43 CVE

While many of you are notably upset about the extraordinary amount of time that has gone by on this issue. I note some of you are wanting to move to new product vendors. This is your prerogative to do so. That said, I will point out the BIG VENDORS such as CISCO are smashed by CVE's problems ALL the...
by killersoft
Sun Dec 02, 2018 9:30 am
Forum: RouterBOARD hardware
Topic: Vibration Sensor
Replies: 2
Views: 1614

Re: Vibration Sensor

True for that particular situation. But not all installs are secure buildings. 30dBi Antenna's such as the https://mikrotik.com/product/MTAD-5G-30D3-PA can become big wind sails and stress mounting gear that was not obvious when install occurs on a nice day. Also managing sites remotely e.g those th...
by killersoft
Sun Dec 02, 2018 1:47 am
Forum: RouterBOARD hardware
Topic: Vibration Sensor
Replies: 2
Views: 1614

Vibration Sensor

Hi. I was thinking about how useful a vibration sensor would be for a fair chunk of mikrotik outdoor products. Over my many years of wireless installs, wind is usually an enemy for wireless antenna/integrated WiFi products where the guy wires or structures that mount those systems is not quite up to...
by killersoft
Wed Jul 04, 2018 4:00 am
Forum: General
Topic: LAN side bridge forward filtering options?
Replies: 4
Views: 1743

Re: LAN side bridge forward filtering options?

Sorry, I don't agree with you R1CH for my typical mikrotik configurations across my campus network. If this was a typical cisco switch(ASIC switching) I would agree, or if I was using mikrotik switch chip directly. I can use Torch on the bridge and or each interface and see traffic 'Forwarding' or '...
by killersoft
Wed Jul 04, 2018 1:58 am
Forum: General
Topic: LAN side bridge forward filtering options?
Replies: 4
Views: 1743

Re: LAN side bridge forward filtering options?

Thanks dadaniel.
I'll take a look at AP isolation.
As I am not using the switch chip for my ether->vlan activities rather ether->bridge->vlan. Thats why I am looking at bridge firewall rules at this point.

Cheers
by killersoft
Mon Jul 02, 2018 4:07 am
Forum: General
Topic: LAN side bridge forward filtering options?
Replies: 4
Views: 1743

LAN side bridge forward filtering options?

Hi. I'm running a small campus with about 40 wifi/ether ports devices(Distribution network) for guests that run behind a MT hotspot/firewall. I run a pretty good firewall set on the main router/internet/hotspot box. I'm putting some thought on the internal LAN side of the network and asking the ques...
by killersoft
Tue Jun 19, 2018 4:25 am
Forum: Virtualization
Topic: CHR neighbour discovery problem
Replies: 13
Views: 13349

Re: CHR neighbour discovery problem

Hmm.
Just noticed that too. The CHR shows up in other MT devices, but winbox does not..
Weird..
by killersoft
Mon May 14, 2018 2:05 am
Forum: RouterBOARD hardware
Topic: 3x3 MIMO antennas >20dBi
Replies: 19
Views: 4841

Re: 3x3 MIMO antennas >20dBi

The crosstalk is cos(angle) related so at 90 degrees there is "theoretically zero" crosstalk (in practice those 20-30dB figures) but at any other angle there is substantial crosstalk. At 60 degrees about half of the signal is present. I suspect that is a correct assumption. If you were tr...
by killersoft
Sun May 13, 2018 3:50 pm
Forum: RouterBOARD hardware
Topic: 3x3 MIMO antennas >20dBi
Replies: 19
Views: 4841

Re: 3x3 MIMO antennas >20dBi

3x3 MIMO is for local use, where you have an access point in a room or outdoor area and antennas that can radiate in 3 different patterns. The different clients can each have different use of these patterns. With point-to-point, 3x3 makes no sense. There are no 3 different polarization that you can...
by killersoft
Sun May 13, 2018 7:42 am
Forum: RouterBOARD hardware
Topic: 3x3 MIMO antennas >20dBi
Replies: 19
Views: 4841

Re: 3x3 MIMO antennas >20dBi

Well. Buy it and try and come back here to tell how it works. I suspect that the throughput will be better with central chain off. But maybe it will be so good that three chain could work independently. We cannot judge before the tryout. Its tempting, but I already use a 28dBi + a 30dBi for my 7km ...
by killersoft
Sat May 12, 2018 8:08 am
Forum: RouterBOARD hardware
Topic: 3x3 MIMO antennas >20dBi
Replies: 19
Views: 4841

Re: 3x3 MIMO antennas >20dBi

I hear you, that said, the isolation issue @ 45 degrees must be enough otherwise you would not design such a radio device with 3 chains. The item below is a 17dBi, which they say is better than 26dBi. I think that's pretty good gap as most 2x2 big 30dBi parabolic's have approximately 30-35dBi cross ...
by killersoft
Fri May 11, 2018 5:36 am
Forum: RouterBOARD hardware
Topic: 3x3 MIMO antennas >20dBi
Replies: 19
Views: 4841

3x3 MIMO antennas >20dBi

Just wondering if someone can tell me why there are no 3x3 MIMO antennas on the market much greater than 20dBi ? I have a couple of RB921UAGS-5SHPacD-NM(triple chain capable) doing about 8KM's point to point, but limited to 2x2 due to antenna limitations(cant find a commercial 28 to 30dBi antenna wi...
by killersoft
Mon Dec 25, 2017 10:10 am
Forum: Announcements
Topic: v6.41 [current]
Replies: 304
Views: 147086

Re: v6.41 [current]

Thanks Cha0s. I suspect I have 50+ units to manually fix-up when I go to upgrade in regards to IP Neighbor Discovery
by killersoft
Mon Dec 25, 2017 1:39 am
Forum: Announcements
Topic: v6.41 [current]
Replies: 304
Views: 147086

Re: v6.41 [current]

IP Neighbor Please revert or Alter the NEW functionality of Neighbor discovery. I use specific Bridges/Interfaces ( A management VLAN segment) that see's all devices, but I also have Client Side Bridges/Vlans/Interfaces. I DO NOT want Clients to SEE Discovery Broadcasts. Thus I ask you to Revert to ...
by killersoft
Fri Sep 15, 2017 2:26 pm
Forum: General
Topic: remote netinstall
Replies: 1
Views: 2372

remote netinstall

Hi. Is there a method to manually initiate a mikrotik device to boot into netinstall mode upon reboot(I still have access to winbox) where I do not require holding down the reset button as the devices are either in other buildings(etc) ? I have found a repeatable bug with a bunch of MT devices(LTE/F...
by killersoft
Tue Apr 25, 2017 12:09 pm
Forum: General
Topic: Is DHCP on VLANs Broken in 6.38.5 ??
Replies: 6
Views: 1517

Re: Is DHCP on VLANs Broken in 6.38.5 ??

I think there is too.. I'm having a DHCP issues.
I had a power outage on my DYNADISH(doing local DHCP to eth->VLAN) and now with dhcp 'offering' but devices are not accepting..
It was all working before the power outage... Config has not changed..
by killersoft
Thu Apr 06, 2017 8:55 am
Forum: General
Topic: Problem with VLAN
Replies: 7
Views: 2278

Re: Problem with VLAN

Use current bugfix 6.37.5, or do a full cutover on your second-end routerboard to 6.38.5 This is probably the indirect cause : What's new in 6.38 (2016-Dec-30 11:33): Important note!!! RouterOS v6.38 contains STP/RSTP changes which makes bridges compatible with IEEE 802.1Q-2014 by sending and proces...
by killersoft
Thu Apr 06, 2017 6:26 am
Forum: General
Topic: Hotspot and dual stack (ipv4/ipv6)
Replies: 2
Views: 2202

Hotspot and dual stack (ipv4/ipv6)

Hi. I have been running a MT hotspot for work for a number of years(CLASSIC IPv4).. Our ISP has native IPv6 available..(I have tested it on the network, and noted the routeros hotspot service does not touch IPv6 packets, thus client machines can bypass the hotsport service e.g http://ipv6.google.com...
by killersoft
Wed Mar 08, 2017 1:53 am
Forum: General
Topic: CIA exploits against Mikrotik hardware
Replies: 97
Views: 62486

Re: CIA exploits against Mikrotik hardware

Thanks Normis.
Look forward to the detailed response..
Cheers
by killersoft
Thu Mar 02, 2017 12:43 am
Forum: General
Topic: Request : MACSec 802.1AE
Replies: 0
Views: 1468

Request : MACSec 802.1AE

Just a request for RouterOS to add MACSec 802.1AE
To its existing suite..
Regards
Greg
by killersoft
Thu Feb 16, 2017 10:39 am
Forum: General
Topic: Security concern cloud.mikrotik.com DNS request
Replies: 5
Views: 1713

Re: Security concern cloud.mikrotik.com DNS request

Thanks for the information.
by killersoft
Thu Feb 16, 2017 1:57 am
Forum: General
Topic: Security concern cloud.mikrotik.com DNS request
Replies: 5
Views: 1713

Security concern cloud.mikrotik.com DNS request

Hi all. I have a setup, where a MT wireless router is configured without issue on a NON-INTERNET connected network. However, I note from my SYSLOG server that the router reports to that it appears the router in question attempts to automatically DNS request(every 1/2 hr) cloud.mikrotik.com.. WHY is ...
by killersoft
Tue Feb 07, 2017 5:16 am
Forum: General
Topic: RB921UAGS-5SHPacT-NM Ch0,1,2 Q
Replies: 1
Views: 987

RB921UAGS-5SHPacT-NM Ch0,1,2 Q

Hi all
If I was to buy a RB921UAGS-5SHPacT-NM (Triple chain device), and only use CH0 & CH1 and disable CH2 (As the current antenna only supports vert/horizontal inputs).. Is there any big issues(Other than loss of available bandwidth of course) I should make myself aware of ??
by killersoft
Wed Jan 18, 2017 5:20 am
Forum: General
Topic: Dynadish weight
Replies: 0
Views: 794

Dynadish weight

Hi. Does anyone know what the weight of a Dynadish is ? (RBDynaDishG-5HacD).
I can find some references to shipping weight(unit plus box weight(which I know is probably .5-1 kg? of cardboard), but not the unit itself.
I am doing some mast loading calculations.
:D
by killersoft
Fri Jan 06, 2017 12:49 am
Forum: Announcements
Topic: v6.38 [current] is released!
Replies: 168
Views: 67087

Re: v6.38 [current] is released!

Installed 6.38 to a 50+ device mix of MT routers/crs devices(~50%) and AP's(~50%) from v6.37.1. Had 3x devices die from a 6.37.1 ->6.38 upgrade ( 1xRBwAP2nD & 2xRB912UAG-2HPnD), had to net-install to fix. *** Had ALL 5x RB2011UiAS 2x CRS125-24G-1S give a WARNING in the log about OVERCLOCKED RAM ...
by killersoft
Fri Nov 25, 2016 12:54 am
Forum: General
Topic: gateway mac 00:00:00:00:00:00 - hEX r3
Replies: 12
Views: 3537

Re: gateway mac 00:00:00:00:00:00 - hEX r3

Not sure, I see your running ap-bride / bridge, which seems right..
Perhaps run a tunnel protocol between end points ?
by killersoft
Tue Nov 01, 2016 3:55 am
Forum: Virtualization
Topic: Sucessful Amazon CHR RouterOS Test
Replies: 24
Views: 14231

Re: Sucessful Amazon CHR RouterOS Test

Hi, yes I kept it simple. Just pressed the check for updates in the package list(release candiate(cutting edge eh!!), and pressed upgrade). Took less than minute to come back to life on AWS.
Nice and smooth :).
Cheers
by killersoft
Tue Oct 25, 2016 12:47 pm
Forum: Virtualization
Topic: Sucessful Amazon CHR RouterOS Test
Replies: 24
Views: 14231

Sucessful Amazon CHR RouterOS Test

Hi all. Just did an Amazon Web services test of Mikrotiks RouterOS with the available amazon marketplace release of RouterOS v6.34.1. As it was just a test I did an upgrade to v6.38rc15 which went smooth.. I used the t2.micro ( Free tier ) for the test. It took me about 2 minutes from starting the w...
by killersoft
Tue Aug 09, 2016 1:27 pm
Forum: General
Topic: Feature request: OpenVPN compression LZO and UDP
Replies: 200
Views: 128687

Re: Feature request: OpenVPN compression LZO and UDP

+1 PLEASE MIKROTIK...
by killersoft
Fri Jul 22, 2016 1:01 am
Forum: Announcements
Topic: v6.37rc [release candidate] is released, only one wireless package!
Replies: 320
Views: 108178

Re: v6.37rc [release candidate] is released, only one wireless package!

Updated from 6.36 to 6.37rc4 on a RB951-2n..  Did the update over wireless, but of course it didn't not come back. I see I should have updated it over Ethernet. I had to manually enable 'Wireless' package and manually enable the wlan1 interface and re-program SSID/frequency etc.. So its like a fresh...
by killersoft
Wed Jul 20, 2016 4:12 am
Forum: Wireless Networking
Topic: Wi-Fi metal setup
Replies: 29
Views: 5983

Re: Wi-Fi metal setup

http://en.data-alliance.net/wp-content/uploads/2012/11/antennas-range-patterns.jpg http://www.zive.cz/GetThumbNail.aspx?id_file=507737282&width=480&height=391&q=100 The RF radiation pattern of an antenna is true for both Transmit and Receive operations. Given you want to cover an area b...
by killersoft
Wed Jul 20, 2016 4:03 am
Forum: Wireless Networking
Topic: Need solution for wireless devices.
Replies: 7
Views: 2049

Re: Need solution for wireless devices.

Hi If you use an antenna like this  http://i.mt.lv/routerboard/files/DPA-SLANT-R0-151029152145.pdf   then both polarizations are integrated into the one antenna. What you may find is if you enable 2 chains in your netmetal that possibly signal levels from one of the chains(polarization) will be bett...
by killersoft
Tue Jul 19, 2016 3:44 am
Forum: Wireless Networking
Topic: Wi-Fi metal setup
Replies: 29
Views: 5983

Re: Wi-Fi metal setup

Probably something like ( if you still have it mounted 10 meters up and a direct connect to your RB Metal 2.4GHz ). http://www.l-com.com/wireless-antenna-24-ghz-3-dbi-black-radome-enclosed-omni-antenna-type-n-female-bulkhead OR http://www.l-com.com/wireless-antenna-24-ghz-2-dbi-omnidirectional-anten...
by killersoft
Tue Jul 19, 2016 3:35 am
Forum: Wireless Networking
Topic: Need solution for wireless devices.
Replies: 7
Views: 2049

Re: Need solution for wireless devices.

Hi, (noted on 5GHz. You should still be able to use smaller bandwidths).. Can you change polarity of the antenna's e.g. vertical to horizontal polarization... Generally if you use horizontal you can get 20 to 25dBm isolation between polarization, depending on antenna design. This alleviates noise(wh...
by killersoft
Mon Jul 18, 2016 1:57 am
Forum: Wireless Networking
Topic: Wi-Fi metal setup
Replies: 29
Views: 5983

Re: Wi-Fi metal setup

If you mount the antenna at 10 meters, then you should use a 2 or 3dBi vertical, as the radiation pattern of the 8dBi is not good for area below the antenna. a 2 or 3 dBi vertical will be better for areas below the antenna at that height.
by killersoft
Mon Jul 18, 2016 1:36 am
Forum: Wireless Networking
Topic: Need solution for wireless devices.
Replies: 7
Views: 2049

Re: Need solution for wireless devices.

A couple of options are. 1) Use NV2 ( it is more robust in noisy environments ) 2) You could use narrower channel spacing. Instead of using 20MHz use 10 or 5 MHz( If using 2GHz area, set to using G or N mode or combination, but you will need to test in your area and your setup). This increases the e...
by killersoft
Thu Jul 07, 2016 7:07 am
Forum: General
Topic: LOG https:// addresses
Replies: 3
Views: 2692

Re: LOG https:// addresses

Thanks Sob, I take your point on the full URL being encrypted... That said : I note I can see in the initial handshake (Using Wireshark filter ->  ssl.handshake.type == 1) which is the initial client hello message that I can see the requested domain address from the client machine. This is at least ...
by killersoft
Thu Jul 07, 2016 4:50 am
Forum: General
Topic: LOG https:// addresses
Replies: 3
Views: 2692

LOG https:// addresses

Hi. Does anyone have a method to LOG https:// addresses people behind my NAT are connecting to ? I already know how to log http:// addresses(Via Webproxy), but that's only good for port 80 stuff. I am specifically looking for the whole address line of a web page request(not the encrypted content) e....
by killersoft
Mon Jun 13, 2016 3:26 am
Forum: RouterBOARD hardware
Topic: 9HPn Issues
Replies: 3
Views: 1457

Re: 9HPn Issues

900MHz band, that's a tough band to work in... Can you access the 'faulty' unit(s) from the other side of the wireless rather than locally from the 'faulty' ethernet ? How are you linking the Ethernet side to wifi  (e.g  Do you make a BRIDGE and port link the wifi interface and the ethernet interfac...
by killersoft
Wed Jun 08, 2016 3:40 am
Forum: RouterBOARD hardware
Topic: CRS112-8G-4S-IN
Replies: 1
Views: 1457

CRS112-8G-4S-IN

Grateful Mikrotik supplies rack ears for the CRS112-8G-4S-IN product.. I have a few of these and have no idea why they do not come with ears(and they are not available from your suppliers as an aftermarket item). I also have a few CRS212-1G-10S-1S+ IN units which do have ears(I'v stolen the ears off...
by killersoft
Sat Apr 16, 2016 5:18 am
Forum: General
Topic: v6.35 [current] is released!
Replies: 103
Views: 41036

Re: v6.35 [current] is released!

Massive update!
Its also been one of the longest number of release candidates I think I've ever seen(me since v4.17). Thought I was going to see an RC50 in there :)

Just upgraded a RB-951-2n to 6.35, so far so good for that unit..
by killersoft
Thu Mar 17, 2016 1:06 am
Forum: Announcements
Topic: Newsletter 71
Replies: 66
Views: 38130

Re: Newsletter 71

Hi I'm liking the LHG 5 from a cost perspective (gather it does well for ~3km-4km links based on TX pwr?).. Love to see a LHG 5HPacn version or using the same platform and kick it up a notch to the 24 GHz ISM band using the same antenna for higher gain(nice way to enter a new market area in 24GHz Wi...
by killersoft
Thu Dec 24, 2015 8:29 am
Forum: SwOS
Topic: swos is dead?
Replies: 9
Views: 6456

Re: swos is dead?

Hi It may pass vlan traffic at wirespeed OK, but 15mS ping response @ 1Gbps fiber link is a long time in the network world and looks bad on some of my monitoring equipment especially when peer IT people are looking over my install and laughing, telling me I should have put cisco gear in. In hindsigh...
by killersoft
Wed Dec 23, 2015 1:26 am
Forum: SwOS
Topic: swos is dead?
Replies: 9
Views: 6456

Re: swos is dead?

I just deployed 5 of these 260GSP units. There are some real issues. E.g ; NO subnet mask against the IP address such as 172.16.1.1 or 10.1.1.1 seems to default to a /24 address range. VLAN and the mikrotik discovery protocol on these units cannot be seen by other MT products on the same VLAN, but s...
by killersoft
Thu Dec 17, 2015 10:27 am
Forum: Wireless Networking
Topic: WPA2 EAP, RADIUS and Userman.. Help required
Replies: 2
Views: 1808

Re: WPA2 EAP, RADIUS and Userman.. Help required

Thanks nspitzer.

I note that I will need to use an external radius server, rather than using the MT 'userman' package to use encrypted protocols for WPA2-EAP.
Cheers
Greg
by killersoft
Sun Nov 29, 2015 2:04 am
Forum: General
Topic: Feature Request: EAP-TLS authentication with user manager
Replies: 7
Views: 4718

Re: Feature Request: EAP-TLS authentication with user manager

+1 For this.
I have a wireless MT network I'd love to convert over to Userman for WPA2 EAP
by killersoft
Sun Nov 29, 2015 12:26 am
Forum: Wireless Networking
Topic: power up several APs / realized WLAN projects
Replies: 1
Views: 1101

Re: power up several APs / realized WLAN projects

These are just a few items from the RouterBoard range that do PoE output. PowerBox (RB750P-PBr2); 1x PoE in -> 4xPoE Out hex PoE lite; 1x PoE in -> 4xPoE Out RB260GSP; 1x PoE in -> 4xPoE Out I have experience with PowerBox and the RB260GSP, they work great(Just need to remember to click the option o...
by killersoft
Sat Nov 28, 2015 10:25 am
Forum: Wireless Networking
Topic: WPA2 EAP, RADIUS and Userman.. Help required
Replies: 2
Views: 1808

WPA2 EAP, RADIUS and Userman.. Help required

Hi, I am doing some testing on what should be a basic wireless WPA2 EAP setup. But I am running into an issue with the RADIUS response of ; radius,debug,packet Reply-Message = "unknown authentication algorithm" which appears to stop me wirelessly login in with my laptop and or mobile phone...
by killersoft
Wed Oct 28, 2015 8:34 am
Forum: General
Topic: SFP in SFP+ slot
Replies: 3
Views: 3266

Re: SFP in SFP+ slot

Thanks for the info.
by killersoft
Tue Oct 27, 2015 1:29 pm
Forum: General
Topic: SFP in SFP+ slot
Replies: 3
Views: 3266

SFP in SFP+ slot

Hi, this has probably been asked before, but can I use say 2x CRS210-8G-2S+IN or CRS226-24G-2S+IN but use 1Gbps SFP's(S-85DLC05D) rather than 10Gbps sfp's.? I guess more generally can I use a standard SFP in a SFP+

Cheer
Greg
by killersoft
Sat Apr 18, 2015 3:47 pm
Forum: Announcements
Topic: RouterOS v6.27 released
Replies: 273
Views: 138769

Re: RouterOS v6.27 released

Just wondering if anyone else is suffering a failure of the "Reset Counters" in the Interface/Traffic TAB. By where as an example in the Tx/Rx Bytes( and in my instance this interface connections to my cable modem ) and in my case shows 32Gb TX and 31Gb Rx respectively. But when I click on...
by killersoft
Wed Apr 01, 2015 12:13 pm
Forum: General
Topic: Feature request for v7.x
Replies: 296
Views: 111233

Re: Feature request for v7.x

+1 for 6rd support .

My isp only supports that at this point and I don't want a tunnel service like HE.
Regards
by killersoft
Tue May 27, 2014 6:16 am
Forum: General
Topic: Minimum SNR for Auto Rate Fall Back
Replies: 1
Views: 1250

Re: Minimum SNR for Auto Rate Fall Back

Attached is a copy of my research. Let me know if its not quite right.
by killersoft
Sun May 18, 2014 10:10 am
Forum: General
Topic: Minimum SNR for Auto Rate Fall Back
Replies: 1
Views: 1250

Minimum SNR for Auto Rate Fall Back

Does anyone have a list/table of minimum SNR for Auto Rate Fall Back for 802.11 b and n modes I'm doing a Uni paper at the moment on omni antenna gain and want to add some context to different 'gain' omni antenna's(2,3,5,9,15dBi) vs performance.(I'v already done some real world tests today around th...
by killersoft
Wed Apr 16, 2014 12:52 pm
Forum: General
Topic: v6.12 released
Replies: 236
Views: 84402

Re: v6.12 released

NTP Client seems to still have an issue(as of 6.11, v6.10 had no issues) on MT Metals 2SHPn's(WILL NOT SET System clock time).
My RB951G(v5.26) on the same subnet with the same NTP config has no issue with setting the system time.
Think it might be Supout.rif time... !
by killersoft
Sun Mar 23, 2014 11:09 pm
Forum: General
Topic: v6.11 released
Replies: 260
Views: 115540

Re: v6.11 released

NTP Client has stopped working on both of my RB Metal 2SHPn's after upgrading from 6.10 to 6.11.
It just displays the word 'reached' in Winbox, and that's all it does.
by killersoft
Thu Feb 06, 2014 1:49 pm
Forum: General
Topic: 6.9 released!
Replies: 222
Views: 106477

Re: 6.9 released!

v6.9 works on my Metal 2SHPn (8 Km link @ 802.11 mode ) no problem yet !!
by killersoft
Tue Nov 26, 2013 3:46 am
Forum: General
Topic: CCR SFP Ports
Replies: 3
Views: 2318

Re: CCR SFP Ports

Will there be a CloudCore router with ~24 SFP ports ever?
+1 Would love that.

Would also love to see 12 or 24 port SFP switches(Would love to replace out all our ether & media converters to be all in 1 fibre switch/routing device )
by killersoft
Fri Sep 06, 2013 7:01 am
Forum: General
Topic: Hotspot address/to address
Replies: 1
Views: 3011

Re: Hotspot address/to address

I worked it out. Had to set 'Address Pool' to none in the Hotspot user profile..
by killersoft
Fri Sep 06, 2013 2:55 am
Forum: General
Topic: Hotspot address/to address
Replies: 1
Views: 3011

Hotspot address/to address

Hi.
Just wondering how do I get the mikrotik hotspot -> Hosts IP 'Address' of client machines to be the same as the 'To Address' IP.
HOW DO I.JPG
by killersoft
Sun Jun 16, 2013 7:40 am
Forum: General
Topic: IPSEC LAN bridge.
Replies: 1
Views: 1757

IPSEC LAN bridge.

Hi, I'm looking for some info on bridging a LAN segment, which is normally easy, but I'd like to put in 2 Mikrotik routers, and IPSEC over the wifi segment to join 2 LAN segments. The WIFI part is not in my control and I'm effectively give an Ethernet cable at both sites saying that is the link to t...
by killersoft
Thu Jun 13, 2013 1:58 am
Forum: Wireless Networking
Topic: arp poison question
Replies: 4
Views: 2565

Re: arp poison question

As I said ARP poisining is in effect by default when hotspot is enabled(going by the book). A 3rd party cannot arp poison an already arp poisoned network(whats the point!), not to say they cannot cause denial of service!. Like any open to the public network, enable firewall's on pc's & routers(w...
by killersoft
Thu Jun 13, 2013 1:15 am
Forum: Wireless Networking
Topic: arp poison question
Replies: 4
Views: 2565

Re: arp poison question

Hotspot default setup, has ARP poising turned on in the first instance. You have to manually turn it off!!.
by killersoft
Thu Jun 13, 2013 1:12 am
Forum: Wireless Networking
Topic: Noise Floor
Replies: 7
Views: 16954

Re: Noise Floor

No worries. I edited the last table of info, I had the brackets in the wrong spot, which made the table header read wrong!.. The same principal's applies to ADSL over phone lines as well as digital satellite services.(Though Satellite tends to use the Term 'EbN0' for signal to noise value of a signa...
by killersoft
Wed Jun 12, 2013 1:15 am
Forum: Wireless Networking
Topic: Multiple APs on same subnet
Replies: 5
Views: 2847

Re: Multiple APs on same subnet

Will I need to use different frequencies for my AP's or can I keep the same channel ? Whats the effect on the end user devices ?
by killersoft
Wed Jun 12, 2013 1:08 am
Forum: Wireless Networking
Topic: Noise Floor
Replies: 7
Views: 16954

Re: Noise Floor

I hope the following helps you understand nose floor vs signal level(or strength). Just remember you are dealing with negative numbers and you will be all good... Quoted FROM : http://www.dd-wrt.com/wiki/index.php/Index:FAQ#How_do_I_read_signal_and_noise_ratings.3F ----------------------------------...
by killersoft
Tue Jun 11, 2013 10:51 am
Forum: Wireless Networking
Topic: Multiple APs on same subnet
Replies: 5
Views: 2847

Multiple APs on same subnet

Hi, I'd like some advice on setting up this scenario. I'd like to set up 4 AP's(Large area ~ 100meters between points in a square shape) using same SSID & Encryption password, and run off the same subnet . I'd like the end users to be able to use 1 SSID to sign in with, but for them not to notic...
by killersoft
Thu Mar 28, 2013 6:32 am
Forum: Forwarding Protocols
Topic: CISCO EIGRP info now available
Replies: 2
Views: 2455

Re: CISCO EIGRP info now available

And some further updates.... Last updated: March 2013 Q. Why is Cisco opening up Enhanced Interior Gateway Routing Protocol (EIGRP)? A. Cisco is opening up its EIGRP routing protocol as an open standard in order to help companies operate in a multi-vendor environment. Customers should be able to pic...
by killersoft
Thu Mar 28, 2013 5:43 am
Forum: Forwarding Protocols
Topic: CISCO EIGRP info now available
Replies: 2
Views: 2455

CISCO EIGRP info now available

Cisco have opened up EIGRP protocol.

http://www.ietf.org/staging/draft-savage-eigrp-00.txt

Now how long will it be if we see that added to the mikrotik forwarding protocols.

Cheers
by killersoft
Wed Aug 08, 2012 12:25 pm
Forum: Beginner Basics
Topic: VLANs work over trunk, but how do I tag switch ports?
Replies: 8
Views: 6690

Re: VLANs work over trunk, but how do I tag switch ports?

Hi, I'm not sure why you say I am wrong. The chip `CAN' add and change vlan headers. Just look at the atheros AR8327 datasheet. If anything the AR8327 can do more than 7240 chip. Solution Highlights • One GMII or two RGMII MAC interfaces • Single SERDES/SGMII Interface • 5 integrated 10/100/1000Base...
by killersoft
Sun Aug 05, 2012 4:42 pm
Forum: General
Topic: Legal power for 2.4 ghz channel
Replies: 1
Views: 913

Re: Legal power for 2.4 ghz channel

probably its 4 watts eirp = 36dbm which is a combo of dbm power out of your mikrotik + dbm gain of whatever antenna you are using.
by killersoft
Sun Aug 05, 2012 4:39 pm
Forum: General
Topic: plz plz help plz
Replies: 1
Views: 900

Re: plz plz help plz

use winbox torch to have a look at whats happening on your lan segment.. probably virus/malware or a dodgy user! then use firewall rules to block/disconnect them.
by killersoft
Sun Aug 05, 2012 4:35 pm
Forum: General
Topic: Hotspot and login
Replies: 1
Views: 1157

Re: Hotspot and login

You should be able to set max hotspot sessions to 1, and ensure hotspot Route poisoning is turned on to stop un-authed clients starting a mac/ip port scan. Turn on arp-poisoning by making sure the address pool to none ip range in hotspot->server. Arp poisoning can cause some issues with network prin...
by killersoft
Sun Aug 05, 2012 4:20 pm
Forum: General
Topic: lan ping time out
Replies: 8
Views: 3762

Re: lan ping time out

You should do a check that one of your lan pc's is not : route poisioning your lan
The effects you descibe, are similar to an experiance I have had with route poisioning the arp table.

My cause was the mikrotik hotspot was doing the R-Poising by default to stop un-authed devices traversing the lan.
by killersoft
Tue May 22, 2012 5:06 pm
Forum: General
Topic: Mikrotik Router DDoS attack
Replies: 32
Views: 12331

Re: Mikrotik Router DDoS attack

add action=drop chain=input disabled=no dst-port=\
0-1055,8291,8080,5000 in-interface="Internode PPPoE" \
protocol=tcp


Thats what I place on my wan-pppoe interface to deter nastie inbounds! Its not all i have in my rules(drop icmp etc)but makes it clear i'm not playing !!
by killersoft
Tue May 22, 2012 4:43 pm
Forum: The User Manager
Topic: concurrent users
Replies: 1
Views: 3195

Re: concurrent users

1. yes you can limit user logons to just 1 active machine(ip address). e.g trying to logon on another machine with currently running session will result in simultaneous user session reached error on the logon on the second machine.... 2. Dont use a 750gl with a level 4 licence as you will only be al...
by killersoft
Wed May 16, 2012 8:51 am
Forum: Beginner Basics
Topic: VLANs work over trunk, but how do I tag switch ports?
Replies: 8
Views: 6690

Re: VLANs work over trunk, but how do I tag switch ports?

Since the 750's(and most of the routerboards I'v seen) are logically divided so to speak into the switch side of the 750 and the CPU side(IP/routing/scriptable logic!/etc...). Some of the previous examples is using the CPU side of the unit to deal with VLAN's. You can also acheive what you are doing...
by killersoft
Tue May 08, 2012 11:35 am
Forum: General
Topic: fiber media converters in hotspot / arp-poisioning
Replies: 6
Views: 2459

Re: fiber media converters in hotspot / arp-poisioning

Thanks Feklar, I think I will do a test when I can and have a go at adding a separate subnet to the same interface for printers and use routing to get to the printer(s). I'll post back if it was a good or bad move !!

Cheers.
by killersoft
Tue May 08, 2012 2:46 am
Forum: General
Topic: fiber media converters in hotspot / arp-poisioning
Replies: 6
Views: 2459

Re: Media Converters in hotspot / arp-poisioning

+1 Karma to you both for responding... Arr, so it looked like placing 100Mbit media converters, only masked my issue(re-tested this morning).! Arp - poisioning... Now I understand what it is I'v been seeing on the network(other oddities).!! I didnt realize that hotspot introduced that( I guess as a ...
by killersoft
Mon May 07, 2012 3:19 pm
Forum: The User Manager
Topic: Move usermanager to SD card
Replies: 3
Views: 5497

Re: Move usermanager to SD card

I was able to `copy' Usermanager to the micro-sd1 card.
I then set the copied usermanager on the micro-sd1 to Active.

I then noted that I had to re-add users, but has been functioning since.
by killersoft
Mon May 07, 2012 2:31 pm
Forum: General
Topic: fiber media converters in hotspot / arp-poisioning
Replies: 6
Views: 2459

fiber media converters in hotspot / arp-poisioning

I want some input on what you believe happened in this scenario. Issues with printing came about after converting the mikrotik router into a hotspot system. I had trouble printing on printers 1 + 2, printing from pc's 1 + 2. Surfing the web via the hotspot on PC 1 & 2 had no problems. All printe...
by killersoft
Thu May 03, 2012 3:56 am
Forum: The User Manager
Topic: Move usermanager to SD card
Replies: 3
Views: 5497

Move usermanager to SD card

Hi, I have a 1100AHx2 (v5.14 ) that is being set up as a hotspot & running the internal user-man package. I have a 2Gb micro SD card in the unit. I have formatted it and it appears to be running. In the /store area the command I tried : set 1 disk=micro-sdl and it came back with `cannot change d...
by killersoft
Tue May 01, 2012 7:52 am
Forum: General
Topic: Port Mirroring
Replies: 6
Views: 55273

Re: Port Mirroring

Hi, I would like an answer on this too. I have the same requirement !!