Community discussions

MikroTik App

Search found 87 matches

by dtoffo
Fri Feb 08, 2019 4:13 pm
Forum: General
Topic: :tool profile file output
Replies: 0
Views: 682

:tool profile file output

Hi I'd like to have some staistics on cpu utilization of my routerboard. My customer asks me to evidence how much ovpn uses when adding vpns, to correctly estimate the scaling of that solution I exported results of the profile tool in a file with the command :tool profile duration=60s file-name=test...
by dtoffo
Tue Apr 10, 2018 1:36 pm
Forum: Announcements
Topic: Winbox 3.13 released!
Replies: 60
Views: 28867

Re: Winbox 3.13 released!

If you click on saved router entry in list, focus still jumps to Password field, so mouse scrolling doesn't work :(
+1 for older focusing scheme: from 3.12 it's unusable
by dtoffo
Sun Mar 04, 2018 10:40 am
Forum: General
Topic: Feature Request: OpenVPN [ovpn] udp tunnels
Replies: 250
Views: 106649

Re: Feature Request: OpenVPN [ovpn] udp tunnels

It's a long standing request, and shouldn't be a lot of work. This is a 12 year old request. What is going on?? Had to switch all of my VPN clients to other routers simply because of this. Mikrotik OpenVPN was 600+ms ping time and LOTS of packet loss. PPTP or IPsec was 90ms. But, OpenVPN is the onl...
by dtoffo
Tue Apr 18, 2017 9:58 am
Forum: General
Topic: ETA v8
Replies: 21
Views: 5213

Re: ETA v8

does the number really matter?
Right, the number doesn't matter...
the date could matter....

Davide
by dtoffo
Wed Apr 12, 2017 8:06 am
Forum: General
Topic: Cluster server for pppoe
Replies: 7
Views: 1336

Re: Cluster server for pppoe

Look in profile to know what is using cpu.
Have you seen Janis' presentation at eu mum 2017? Analyzes at least 2 common errors in configurations like yours: using masquerade or poor configuration of ospf areas

D
by dtoffo
Thu Mar 23, 2017 4:11 pm
Forum: Wireless Networking
Topic: CAPsMAN and Hotspot setup
Replies: 2
Views: 1610

Re: CAPsMAN and Hotspot setup

CAPsMAN and Hotspot are different things, consider each alone:
- configure a bridge interface, let's say "BRI-GUESTS"
- configure capsman with datapath to forward all to "BRI-GUESTS"
- configure hotspot on "BRI-GUESTS"

That's all!

D.
by dtoffo
Wed Oct 01, 2014 7:07 pm
Forum: General
Topic: Simple Queue Parent
Replies: 3
Views: 1842

Re: Simple Queue Parent

Always use your LAN subnet as the target, specify the uplink interface as a Destination. You can then use the default download and upload PCQs, and just modify those. This is assuming you use v6. Yes, you are right. I do this. But maybe you can resolve my big question: I have to multiply my queues ...
by dtoffo
Thu Sep 18, 2014 1:20 am
Forum: Wireless Networking
Topic: CAPs Manager
Replies: 165
Views: 61195

Re: CAPs Manager

I saw a post about CAPsMAN registering its own wireless interfaces as radios using a layer3 connection, but I can't manage to do that. I see in "remote cap" a cap with address ::fff:192.168.50.50 (the ipv4 address on the interface I am using, with a ipv6 prefix). when it comes to status Datacheck it...
by dtoffo
Thu Jul 31, 2014 8:32 am
Forum: General
Topic: Winbox 3 beta
Replies: 243
Views: 128093

Re: Winbox 3

Winbox 3 beta has some ugly bugs: really is not ready for use. I expected the main changes only il launcher, considering that plugins are downloaded from the device. Why new features break consolidated ones? VRRP: winbox says an interface is backup, in console or winbox2 I can see it is master admin...
by dtoffo
Tue Jul 29, 2014 8:07 am
Forum: General
Topic: Winbox 3 beta
Replies: 243
Views: 128093

Re: Winbox 3

A suggestion: can you add the facility to save "view" settings, like a template of columns ? for example: i add every time src-address-list and dst-address-list as I use them pretty always. I would like to customize this and other colums list and save a template to use instead of finding every time ...
by dtoffo
Mon Apr 28, 2014 3:38 pm
Forum: General
Topic: ip helper-address
Replies: 2
Views: 6824

Re: ip helper-address

never tried, but I think that using a bridge with "use ip firewall" should give you the possibility to redirect and forward the packets..., have you already tried?

d.
by dtoffo
Fri Apr 18, 2014 9:12 am
Forum: General
Topic: v6.12 released
Replies: 237
Views: 64455

Re: v6.12 released

What about CAPsMAN (wireless-fp package): is it still beta or production-stable?
What's new in CAPsMAN 6.12?
Anyone from Mikrotik support can give just a word about CAPsMAN ?

d.
by dtoffo
Fri Apr 18, 2014 9:09 am
Forum: General
Topic: v6.12 released
Replies: 237
Views: 64455

Re: v6.12 released

OpenVPN server doesn't work! The same TLS failed error in log as it was in 6.11. Downgrade to 6.10
for me a 6.9 with ovpn server functioning, upgraded to 6.10 or 6.11 had TLS error, upgraded to 6.12 (with no configuration changes) works ok

d.
by dtoffo
Tue Apr 15, 2014 5:23 pm
Forum: General
Topic: v6.12 released
Replies: 237
Views: 64455

Re: v6.12 released

What about CAPsMAN (wireless-fp package): is it still beta or production-stable?
by dtoffo
Wed Feb 19, 2014 11:39 pm
Forum: General
Topic: RB2011 + SFP as swich with dhcp snooping
Replies: 6
Views: 3116

Re: RB2011 + SFP as swich with dhcp snooping

first of all, for petrik: I am not talking about "switch" feature, i normally don't use it so I can't give suggestions. I am talking about a bridge of ports I think that the first thing to do is isolation of hosts. This can be done denying forwarding on access points and making a bridge rule that al...
by dtoffo
Thu Sep 26, 2013 6:08 pm
Forum: General
Topic: N lans and N wans (ADSL)
Replies: 3
Views: 1256

Re: N lans and N wans (ADSL)

problem 1 and 2 for both of them, you need to force your firewall to resolve addresses in the main table, because VPN links are addedd only in main routing table. so I would add: # for pptp clients: I used the best match of a network address for the pool you used... in rules you will use networks, n...
by dtoffo
Tue Sep 17, 2013 5:16 pm
Forum: General
Topic: N lans and N wans (ADSL)
Replies: 3
Views: 1256

Re: N lans and N wans (ADSL)

add address=10.10.N.254/24 network=192.168.1.0 broadcast=192.168.1.255 interface=WAN1 makes no sense ... :D ... I assume it was network=10.10.N.0 broadcast=10.10.N.255 anyway: for problem 1 if you mean that the client has to see the right networks, use pptp profiles to add dial-in users to specific...
by dtoffo
Thu Sep 12, 2013 10:34 am
Forum: The User Manager
Topic: usermanager with paypal problem
Replies: 8
Views: 3606

Re: usermanager with paypal problem

I see you are user manager experts... I already use it, but now I'm trying to setup the signup for users to create their own account. I think I read all the documents but I never managed to view the signup page. I think I meet all tre requirements: I don't want paypal neither otherpayment method, ju...
by dtoffo
Wed Jul 17, 2013 2:50 pm
Forum: General
Topic: Web Proxy authentication
Replies: 10
Views: 12768

Re: Web Proxy authentication

If useful, I think you can do somethig similar to authentication enabling hotspot on the interface and putting the whole subnet in walled garden. If someone tries to go out he/she will need to authenticate.
by dtoffo
Mon Mar 11, 2013 1:06 pm
Forum: General
Topic: A Mikrotik implementation of Hamachi-like VPN network
Replies: 9
Views: 3217

Re: A Mikrotik implementation of Hamachi-like VPN network

Complexity of life ? Do you want to study the full pppoe protocol instead of using the one-click pppoe client option offered on Mikrotik ? :) ... no, I like one-click, but when something will not function, or you understand some aspects of the protocol or you will not know how to fix. The great wit...
by dtoffo
Fri Mar 01, 2013 12:15 am
Forum: General
Topic: A Mikrotik implementation of Hamachi-like VPN network
Replies: 9
Views: 3217

Re: A Mikrotik implementation of Hamachi-like VPN network

I don't know hamachi nor Leafnetworks, but seem to be just a simplified vpn If you have routeros based equipment on different sites they already know many VPN protocols, not so difficult to configure. Anything involves a road-warrior client must deal with local configuration and maybe problems in th...
by dtoffo
Fri Mar 01, 2013 12:01 am
Forum: General
Topic: Userman - User limit 4h per day
Replies: 2
Views: 740

Re: Userman - User limit 4h per day

What you describe seem exactly the trial user... why not use it?
by dtoffo
Thu Feb 28, 2013 11:59 pm
Forum: General
Topic: eoip tru nat
Replies: 2
Views: 884

Re: eoip tru nat

From your post is difficult to understand what you want to achieve, give us an example, please.
by dtoffo
Wed Feb 27, 2013 10:27 am
Forum: General
Topic: WinBox and port knocking
Replies: 3
Views: 1615

Re: WinBox and port knocking

Ah, you were looking for a client tool... I misundestood your question.

The best you can do is to make a script in your preferred language to knock an then invoke winbox (on the command line you can put address, user and password), or create a more complex gui yourself.
by dtoffo
Fri Feb 22, 2013 1:44 pm
Forum: General
Topic: pcc
Replies: 5
Views: 1900

Re: pcc

all my interface are from the same provider and have the same real IP. so I guess there's no problem in my case , right?
I can't understand what you mean: the SAME address on all the interfaces? is it a bridge? or what?
by dtoffo
Wed Feb 20, 2013 11:29 pm
Forum: General
Topic: AAA with Mikrotik - local user database and Windows 2008 AD
Replies: 7
Views: 3531

Re: AAA with Mikrotik - local user database and Windows 2008

Just an idea: I'm not an expert on freeradius and don't use it, but someone said me he uses freeradius for managing an hotspot and freeradius authenticates users asking Active Directory: maybe Freeradius can forward just authentication requests and handle authorization and accounting with its magic ...
by dtoffo
Wed Feb 20, 2013 11:16 pm
Forum: General
Topic: RB2011 + SFP as swich with dhcp snooping
Replies: 6
Views: 3116

Re: RB2011 + SFP as swich with dhcp snooping

So, if I understand, you are afraid that someone, connecting on the ports you use as a switch, receives a dhcp address from someone that is on another switch port, right? if this is your target, I suggest to bridge all ports ("bridge1", in the example) and add a bridge filter to drop dhcp request go...
by dtoffo
Wed Feb 20, 2013 1:34 am
Forum: General
Topic: AAA with Mikrotik - local user database and Windows 2008 AD
Replies: 7
Views: 3531

Re: AAA with Mikrotik - local user database and Windows 2008

I suggest using microsoft radius-like services (was IAS on 2003, I don't remember the name on 2008) and respond with mikrotik specific attibutes based on user AD group membership http://wiki.mikrotik.com/wiki/Manual:RADIUS_Client#MikroTik_Specific_RADIUS_Attribute_Numeric_Values ... I never tried, b...
by dtoffo
Wed Feb 20, 2013 1:21 am
Forum: RouterBOARD hardware
Topic: HELP ON SETTING UP natting on more than one interface
Replies: 1
Views: 727

Re: HELP ON SETTING UP natting on more than one interface

My Problem is how do i setup the natting so that all of them will i mean connected computers will browse both hotspot users and lan connected computers. Masquerade packet outgoing interfaces toward internet, all the rest don't need to be natted. Use routing distance to define which gateway to use b...
by dtoffo
Wed Feb 20, 2013 1:10 am
Forum: General
Topic: Problem with Load Balance PCC and routing
Replies: 9
Views: 4056

Re: Problem with Load Balance PCC and routing

I suggest using distance in routes: for DNS put three rules specific for your dns server with increasing distance, the third on your gaming interface gateway. To void load balancing traffig going through the gaming interface, you can do the same the routing tables LINE1_conn e LINe2_conn: add an ent...
by dtoffo
Wed Feb 20, 2013 12:51 am
Forum: General
Topic: RB2011 + SFP as swich with dhcp snooping
Replies: 6
Views: 3116

Re: RB2011 + SFP as swich with dhcp snooping

cannot find DHCP snooping function. You can use filters to block ip and mac addresses you want to. Dhcp snooping is nothing else. Problem: how to disable clients DHCP server? can't understand your question. ... or better: I don't understand what you want to do: who gives out addresses and who ha to...
by dtoffo
Wed Feb 20, 2013 12:43 am
Forum: Beginner Basics
Topic: problem of configuration profiles
Replies: 2
Views: 905

Re: problem of configuration profiles

2 suggestions:
- If you authenticate with cookies, verify the cookie duration
- Put a session timeout value

I use the shortest profile duration for both
by dtoffo
Wed Feb 20, 2013 12:22 am
Forum: The User Manager
Topic: Hotspot One Time Login Only
Replies: 8
Views: 12521

Re: Hotspot One Time Login Only

I am working on a similar configuration for a customer. My idea is to have cookies for 12h and sessions for the same time, without idle or keepalive timeouts. This means that normally an user doesn't need to autetichate for the whole day (it's for an office, so 8 am to 8 pm is enough), but in case s...
by dtoffo
Tue Feb 19, 2013 11:53 pm
Forum: General
Topic: Load balancing with mikrotik Web proxy
Replies: 6
Views: 14047

Re: Load balancing with mikrotik Web proxy

I suggest starting from http://wiki.mikrotik.com/wiki/Load_Balancing ... and for my little experience i think ecmp is the simpler way to have load balancing. Web proxy is on a complete different level than load balancing, you must look at the two thing separtely: each load balancing can go with web ...
by dtoffo
Mon Feb 18, 2013 4:14 pm
Forum: General
Topic: pcc
Replies: 5
Views: 1900

Re: pcc

I didn't use pcc but only ecmp. In that configuration you have to mark connections in postrouting and than mark packets accordingly in prerouting ang output. Now: thinking at the logic of pcc maybe marking packets outgoing can be sufficient for request and answer, because returning packet is already...
by dtoffo
Sat Feb 16, 2013 1:39 am
Forum: General
Topic: VRRP and DHCP and VPN
Replies: 2
Views: 1347

Re: VRRP and DHCP and VPN

sadly, the reply with "I have that address" to any arp request is what you are telling the router to do with arp=proxy-arp. There is no manner to limit router o respond to specific ip address requests, anyway for windows client it should be problematic only with their secondary ip address (I don't k...
by dtoffo
Sat Feb 16, 2013 1:31 am
Forum: General
Topic: Prioritising under varying bandwidth
Replies: 2
Views: 749

Re: Prioritising under varying bandwidth

you have to play with limit-at and max-limit: when every queue reached its limit-at, the remaining bandwith is distributed following priority and max-limit max-limit can be higher than real bandwith, as routeros flushes queues proportionally: I suggest putting it at the teoric bandwith you should ha...
by dtoffo
Sat Feb 16, 2013 1:19 am
Forum: General
Topic: pcc
Replies: 5
Views: 1900

Re: pcc

sure you can, but will not be enough.

start at
http://wiki.mikrotik.com/wiki/Load_Balancing
and select the better way for you, in my experience I found equal cost multipath simpler than pcc (...as long as it fits you needs)
by dtoffo
Sat Feb 16, 2013 1:02 am
Forum: The User Manager
Topic: Limitation user for days!!!
Replies: 2
Views: 1998

Re: Limitation user for days!!!

maybe there is a simpler way in usermanager, but I'm not an expert.
Anyway I think you can put their ip in an address list and use firewall to block them
by dtoffo
Sat Feb 16, 2013 12:57 am
Forum: General
Topic: ShoreTel PBX
Replies: 2
Views: 668

Re: ShoreTel PBX

I don't know neither use Shoretel pbx, but if it uses sip (as 99% of ip pbx) I think there should be no problem.
If it uses custom ports for sip add them to ip firewall service-port
by dtoffo
Sat Feb 16, 2013 12:52 am
Forum: The User Manager
Topic: Hotspot One Time Login Only
Replies: 8
Views: 12521

Re: Hotspot One Time Login Only

did you try to add "cookie" in login-by and http-cookie-lifetime=1d in hotspot profile?
by dtoffo
Sat Feb 16, 2013 12:45 am
Forum: General
Topic: Load balancing with mikrotik Web proxy
Replies: 6
Views: 14047

Re: Load balancing with mikrotik Web proxy

probably you mean pcc, not ppc...
which classifier are you using?

and why not just equal cost multipath ?
by dtoffo
Sat Feb 16, 2013 12:36 am
Forum: General
Topic: Which model to select?
Replies: 2
Views: 617

Re: Which model to select?

For central site I'll suggest 1100AHx2: 50$ difference is not so much if you have 70 remote locations.
will be pratical not in used... on remote locations will be 1-2 phones..
I don't understand well... you mean there will be little traffic? Sure I'ts true, but don't forget to prioritize it.
by dtoffo
Mon Feb 11, 2013 12:58 am
Forum: General
Topic: Mesh network with NOT only MikroTik devices.
Replies: 2
Views: 1775

Re: Mesh network with NOT only MikroTik devices.

MME is "B.A.T.M.A.N. like", but not compatible
HWMP+ is HWMP like, but not compatible

... this looking to documentation, never tried
by dtoffo
Mon Feb 11, 2013 12:56 am
Forum: Beginner Basics
Topic: Mesh using Mikrotik HWMP+ with Ubiquiti Radios
Replies: 1
Views: 2057

Re: Mesh using Mikrotik HWMP+ with Ubiquiti Radios

Ubiquity does not speak HWMP+ (as any other non-routeros access point... HWMP+ is not standard), so I think that kind of mesh will not be useful. Better a bridge with rstp, in your case, or buy mikrotik AP's and read
http://forum.mikrotik.com/viewtopic.php?f=7&t=63263
by dtoffo
Mon Feb 11, 2013 12:46 am
Forum: Wireless Networking
Topic: WareHouse wireless network based on Mikrotik Mesh
Replies: 36
Views: 36493

Re: WareHouse wireless network based on Mikrotik Mesh

I found this post very interesting and useful. I am trying to do a similar configuration. Just a question to experts: can I bridge a microtik mesh to a normal wired network that don't understand hwmp+? I'll have two mesh, one for barcode scanners and one for normal notebooks that need to have a fixe...
by dtoffo
Mon Feb 11, 2013 12:20 am
Forum: General
Topic: Can't work out simple VLAN setup
Replies: 3
Views: 894

Re: Can't work out simple VLAN setup

Is VLAN 1 tagged or untagged on the trunk? I void to use vlan 1 because many times it is the default in devices your packet shoud go through, so you are not sure if they will tag packet or not. I have many vlans passing between cisco and mikrotik, but never tried with vlan1. I suggest to create thr...
by dtoffo
Sat Feb 09, 2013 8:29 pm
Forum: General
Topic: IPSEC on VRRP... yes we can!
Replies: 3
Views: 7168

Re: IPSEC on VRRP... yes we can!

As someone think it will be interesting, here is my configuration. it's a quite long post, but configuration is complex. 2 hours just to try explaining .... I lost count for the hours I spent to make it function! ############################################### The plan ##############################...
by dtoffo
Fri Feb 01, 2013 5:28 pm
Forum: General
Topic: HWMP+ help please
Replies: 6
Views: 2742

Re: HWMP+ help please

Thanks for the respose, but I am a bit confused: WDS isn't only for wireless links? I'll have wired links (vlan or ethernet) between access points. I don't need ot propagate the wireless AP to AP, they all will have only roaming clients, and this is why I looked to hwmp that if I undestood can mix e...
by dtoffo
Fri Feb 01, 2013 1:17 am
Forum: General
Topic: IPSEC on VRRP... yes we can!
Replies: 3
Views: 7168

IPSEC on VRRP... yes we can!

With some caveats and non-standars I obtained a usable configuration of ipsec vpn on a vrrp address. The main site have a vrrp cluster of rb1100AH branch offices have: - a cisco asa 5510 with a secondary routed network behind it - a cisco asa 5510 - a linksys - a fortigate - a netgear, maybe, or som...
by dtoffo
Fri Feb 01, 2013 1:14 am
Forum: General
Topic: VRRP on-backup-script not running
Replies: 9
Views: 4806

Re: VRRP on-backup-script not running

IN my tests (not strictly on vrrp, but on a configuration of IPsec over vrrp) it seems that "on backup" is executed only when the interfaces becomes backup from a master state, and not from init state. At reboots or configuration changes no script is executed if the interface go from init state to b...
by dtoffo
Fri Feb 01, 2013 12:36 am
Forum: General
Topic: HWMP+ help please
Replies: 6
Views: 2742

Re: HWMP+ help please

syadnom, did you solve your doubts? or is there any other expert on similar solutions? (maybe a Mikrotik support... Uldis?) I am thinking about the same topology. My access points will be 751g-2hnd, all of them wired to a 1200 that will be the mesh portal. I don't know how many switches will be betw...
by dtoffo
Wed Jul 18, 2012 12:43 pm
Forum: Scripting
Topic: external editor syntax highlighting
Replies: 39
Views: 51459

Re: external editor syntax highlighting

Any update is always appreciated.

Post it for us and put where you want: there's no copyright nor any other restriction.
just I think it will be good to update this thread for anyone searching it on mikrotik forum

thanks

d
by dtoffo
Tue Jun 19, 2012 7:39 pm
Forum: Beginner Basics
Topic: Dual WAN router, ping problem.
Replies: 3
Views: 4222

Re: Dual WAN router, ping problem.

to be sure to ping using a specific gateway, I usually create a routing table (say "routing1") with that gateway only and force ping to use it passing the parameter routing-table example: :ping address=8.8.8.8 routing-table=routing1 in winbox you can find the parameter in advanced from the netwatch-...
by dtoffo
Tue Jun 19, 2012 7:31 pm
Forum: Beginner Basics
Topic: how to use two dsl line with on 433 routerboard
Replies: 3
Views: 852

Re: how to use two dsl line with on 433 routerboard

Setup a gateway for ecmp http://wiki.mikrotik.com/wiki/Manual:IP/Route#Multipath_.28ECMP.29_routes and then prepare something for failover: http://wiki.mikrotik.com/wiki/ECMP_Failover_Script http://wiki.mikrotik.com/wiki/Improved_Netwatch_II For failover there is another solution in Mikrotik wiki, b...
by dtoffo
Tue Jun 19, 2012 7:26 pm
Forum: General
Topic: 4 Wan connections, 2 RB750 and 1 Lan
Replies: 5
Views: 2725

Re: 4 Wan connections, 2 RB750 and 1 Lan

for my (little) experience I'm sure you are talking about two things, that both I do on my customer's firewalls: 1. a VRRP cluster to guarantee that the hardware failure of one firewall will not block company activities http://wiki.mikrotik.com/wiki/Manual:Interface/VRRP Once you understood the logi...
by dtoffo
Mon Jun 18, 2012 12:12 pm
Forum: General
Topic: WEBFIG bugs on 5.15
Replies: 5
Views: 1393

Re: WEBFIG bugs on 5.15

The issue will be fixed at the next RouterOS version 5.17, we are sorry for the inconvenience.

I confirm it is ok in 5.17 :D

Thanks
by dtoffo
Mon May 21, 2012 6:19 pm
Forum: General
Topic: WEBFIG bugs on 5.15
Replies: 5
Views: 1393

Re: WEBFIG bugs on 5.15

thank you very much for the report.
I repeated the same problem on my wireless AP, problem was reported and it will be fixed in the next RouterOS version.
IN 5.16 IT'S THE SAME !!!!

... what a shame!
(... to make the rhyme ... )
:( :( :(

should I go for API ?
by dtoffo
Thu May 10, 2012 12:26 pm
Forum: General
Topic: WEBFIG bugs on 5.15
Replies: 5
Views: 1393

Re: WEBFIG bugs on 5.15

Thanks sergejs

I hope 5.16 will be available soon... my customer is a bit angry
by dtoffo
Thu May 10, 2012 11:51 am
Forum: General
Topic: WEBFIG bugs on 5.15
Replies: 5
Views: 1393

WEBFIG bugs on 5.15

A few days ago I spent some time testing skins on 5.15. I posted this on the "RouterOS 5.14 Webfig Two Terrible Bugs" but seems that noone looks at that, so I opened this new thread the good part is that the "design skin" button is gone in the user webfig interface BUT given that the user "cicci" is...
by dtoffo
Fri May 04, 2012 12:13 pm
Forum: General
Topic: RouterOS 5.14 Webfig Two Terrible Bugs
Replies: 9
Views: 3027

Re: RouterOS 5.14 Webfig Two Terrible Bugs

Today I can spend some time testing skins on 5.15. Ok for removing "design skin" BUT given that the user "cicci" in in a group with read,write and web policy linked to the "minimal-wlan" skin, I attach my configuration and my results. configuration screenshot: on wireless I enabled only "address lis...
by dtoffo
Tue Apr 17, 2012 7:18 pm
Forum: General
Topic: RouterOS 5.14 Webfig Two Terrible Bugs
Replies: 9
Views: 3027

Re: RouterOS 5.14 Webfig Two Terrible Bugs

It was not my first try.
I made some skins correctly in previous versions, I couldn't imagine such a nightmare with the latest one.
by dtoffo
Mon Apr 16, 2012 5:34 pm
Forum: General
Topic: RouterOS 5.14 Webfig Two Terrible Bugs
Replies: 9
Views: 3027

Re: RouterOS 5.14 Webfig Two Terrible Bugs

No one reading this thread and giving me any suggestion?
by dtoffo
Thu Apr 12, 2012 10:57 am
Forum: General
Topic: Feature Request: OpenVPN [ovpn] udp tunnels
Replies: 250
Views: 106649

Re: Feature Request: OpenVPN [ovpn] udp tunnels

So... Based on this thread. Does OpenVpn and Mikrotik work? And if so, is it only between Mikrotik and Mikrotik? If this is the case, does Mikrotik have a VMWare appliance I can run? Then I can have the MT to MT scenario with their version of openvpn Openvpn on mikrotik works with any openvpn clien...
by dtoffo
Fri Apr 06, 2012 12:28 pm
Forum: General
Topic: RouterOS 5.14 Webfig Two Terrible Bugs
Replies: 9
Views: 3027

Re: RouterOS 5.14 Webfig Two Terrible Bugs

Yesterday I was installing a 751U-2hnd in my customer's office. The internal networking I had the bad idea to say to my costumer "you want a simplified management interface? I'll customize it for you in minutes!" What a bad, bad , BAD! , BAD!! , BAD!!!! BAD!!! impression to the customer! I spent two...
by dtoffo
Mon Mar 26, 2012 7:07 pm
Forum: Scripting
Topic: external editor syntax highlighting
Replies: 39
Views: 51459

Re: external editor syntax highlighting

thanks ..

why not put your ros.xml on notepad++ wiki

SENZATEMPO
I didn't find where to put it... can you tell me where or put it there yourself?

d
by dtoffo
Mon Mar 19, 2012 2:50 pm
Forum: General
Topic: Request: Netflow-to-connection-tracking service for HA
Replies: 1
Views: 1133

Request: Netflow-to-connection-tracking service for HA

First of all: I hope there is no similar subject: I searched out the forums and didn't see anything. I have some vrrp clusters of routeros firewalls. They are working pretty fine, just a bit of disease (a few seconds) when there is vrrp failover. It's by design and I do not complain about this as a ...
by dtoffo
Tue Feb 28, 2012 3:28 pm
Forum: Scripting
Topic: external editor syntax highlighting
Replies: 39
Views: 51459

external editor syntax highlighting

I edit my configuration offline the routeros, so syntax highlighting would be a good help.
I use notepad++ and this morning made a "user defined lang" highlighting schema for .rsc files. I attach it (zipped).

Sure it's not perfect, but if anyone has better editor with routeros syntax, let me know!

d
by dtoffo
Tue Feb 28, 2012 3:15 pm
Forum: General
Topic: Feature Request: OpenVPN [ovpn] udp tunnels
Replies: 250
Views: 106649

Re: Feature Request: OpenVPN [ovpn] udp tunnels

eastern european developers can be vengeful bunch... They may have no idea how angry future ex-consumers can cripple a business. For me I think that ovpn yes or no is not the only parameter to select routeros or other products. I'm sure that if it was a simple implementation they would have done it...
by dtoffo
Tue Feb 21, 2012 7:04 pm
Forum: General
Topic: Feature Request: OpenVPN [ovpn] udp tunnels
Replies: 250
Views: 106649

Re: Feature Request: OpenVPN [ovpn] udp tunnels

Is it a joke or what? 1) UDP is suggested from openvpn creators and works better than tcp 2) apart from this ALL MY PARTNERS HAVE OPENVPN ON UDP and they will not change their setup because I HAVE A MIKROTIK. They laugh and says to me that debian or pfsense is free.... I'm also a long-time openvpn ...
by dtoffo
Tue Feb 21, 2012 6:25 pm
Forum: General
Topic: v5.13 released
Replies: 64
Views: 9598

Re: v5.13 released

I upgrade from 5.12 to 5.13 and my OpenVPN doesn't work: "tls handshake failed". my self sig cert is loaded and decrypted! downgraded to 5.12 and OpenVPN works again! ME TOO: openvpn seems completely broken in 5.13. downgrading an all goes ok... Is there a solution, workaround, or something to make...
by dtoffo
Tue Jan 24, 2012 5:49 pm
Forum: General
Topic: v5.12 released
Replies: 144
Views: 28399

Re: v5.12 released

yes, please test " export compact ". I think it's a VERY important improvement in configuration management and migration, as well as debugging THIS is what i was waiting for!!!!!!!!!!!! really a good job: it was a pain to standardize configurations (... and so many times i went crazy because of a f...
by dtoffo
Wed Sep 07, 2011 11:38 am
Forum: Beginner Basics
Topic: Anyone with good VLAN knowledge on MT, please help.
Replies: 4
Views: 1244

Re: Anyone with good VLAN knowledge on MT, please help.

Maybe to help you we should know:

/interface ethernet export
/interface vlan export
/ip address export
/ip route export
by dtoffo
Thu Sep 01, 2011 10:05 am
Forum: General
Topic: Telephony at mikrotik OS over 3.3
Replies: 10
Views: 1367

Re: Telephony at mikrotik OS over 3.3

why not a simple hardware with any asterisk and have your routeros up-to-date?
by dtoffo
Thu Sep 01, 2011 9:43 am
Forum: General
Topic: Small but useful argument to /system reset
Replies: 60
Views: 10211

Re: Small but useful argument to /system reset

I don't use backup - restore, but maybe fits your needs better than export and import.
Can any expert confirm?
by dtoffo
Wed Aug 31, 2011 5:30 pm
Forum: General
Topic: L2TP vpn connecting on multiple connections
Replies: 1
Views: 731

Re: L2TP vpn connecting on multiple connections

It seems me no sense: add action=mark-routing chain=prerouting comment= "if diginet connection mark coming from lan/local then mark routing" connection-mark=diginet_conn disabled=no in-interface=lan new-routing-mark=diginet_rt passthrough=yes you need to mark all the packets of marked connection, no...
by dtoffo
Wed Aug 31, 2011 5:19 pm
Forum: General
Topic: Dual WAN configuration issue with traffic flows.
Replies: 1
Views: 828

Re: Dual WAN configuration issue with traffic flows.

For my experience, the dual wan game is most of all in
/ip routing export
/ip firewall mangle export

... assuming that if sometimes all goes right, your addressing, nat and filter should be ok
by dtoffo
Wed Aug 31, 2011 5:05 pm
Forum: General
Topic: Small but useful argument to /system reset
Replies: 60
Views: 10211

Re: Small but useful argument to /system reset

Dear baldaszti, Maybe I missed something in the discussion (forgive me...) o I am asking something obvious, but why you have to reconfigure the whole router so soon? I really can't understand. I configure the ones I manage and make little changes from time to time, and at every change with a script ...
by dtoffo
Tue Jul 05, 2011 4:27 pm
Forum: General
Topic: RouterOS 5.5 Released
Replies: 47
Views: 13347

Re: RouterOS 5.5 Released

Strange issue after upgrade: After upgrading an RB450G from 4.16 to 5.5 I have a problem with ovpn-client: it seems to hang, so in winbox interface list and ppp interface are empty, and in firewall filter all interfaces matching appears <unknown>. I I use ssh print and export command just hang. This...
by dtoffo
Tue May 31, 2011 9:22 am
Forum: General
Topic: Web Proxy authentication
Replies: 10
Views: 12768

Re: Web Proxy authentication

Maybe I am becoming redundant or missing something to explain my problem... I ALREADY know how to use radius authentication and I used successfully Microsoft IAS to authenticate against a domain. I just want to request authentication (not important if by radius or locally) for web proxy users from m...
by dtoffo
Fri May 20, 2011 12:24 pm
Forum: General
Topic: My network requests go via 8 real IPs
Replies: 1
Views: 513

Re: My network requests go via 8 real IPs

It seems so simple that maybe I misunderstand your needs! Would you like to let some hosts to go with one ip, some other with another, and so on? You can mark packets in mangle and provide different snat in nat: you should just decide the algorithm to distinguish which external address to use - nth ...
by dtoffo
Fri May 20, 2011 10:25 am
Forum: General
Topic: Web Proxy authentication
Replies: 10
Views: 12768

Re: Web Proxy authentication

Thank you fewi ! the link you provided is very interesting and explicating how hotspot works. I think I previously looked at it but read only the fist part, about customizing pages, instead of the rule explication section.... I was absent-minded :shock: I dare asking again a little question, just fo...
by dtoffo
Wed May 18, 2011 6:54 pm
Forum: General
Topic: Web Proxy authentication
Replies: 10
Views: 12768

Re: Web Proxy authentication

Again fighting with hotspot: It seems great but something puzzles me: maybe I missed some documentation, but I can't understand: - Can dynamic rules be managed in some manner? for example: if I want them before or after something else or better: can I put them in a specific chain instead of forward,...
by dtoffo
Tue May 17, 2011 1:01 pm
Forum: General
Topic: Web Proxy authentication
Replies: 10
Views: 12768

Re: Web Proxy authentication

Thanks Joshiii for your reply, but I already knew that I can use radius with hotspot: my problem is the hotspot itself: it is too complex (as I tried to explain in my previous post) for the simple needing I have. I would be happy if I can just enable hotspot, have no dynamic rules in firewall and ju...
by dtoffo
Tue May 17, 2011 9:39 am
Forum: General
Topic: Web Proxy authentication
Replies: 10
Views: 12768

Web Proxy authentication

Hello. I am new to the forum and beginner on mikrotik routers (from august 2010...). I installed successfully some RB 450G and RB 1100, and have some virtual machines for tests. Now I am configuring an RB1100 for a customer who wants to authenticate users to decide who can go to internet and who can...