Awesome. Thank you for the fast reply!

Hi, I'm in the process of setting up a RADIUS server for authenticating our VPN users. My question is if it is possible to keep using the "local" credentials under "/ppp secrets" on the MikroTik while using RADIUS at the same time? Or does RADIUS take over when I enable this maki...

So essentially if I don't have the server in the same bridge as the LAN and keep them on different subnets I will be able to use the public IP of the server from the LAN? Correct, but same/different bridge is not actually relevant, only different subnets are necessary. You can have multiple subnets...

So essentially if I don't have the server in the same bridge as the LAN and keep them on different subnets I will be able to use the public IP of the server from the LAN? So in my mind it would be something like this: RB3011 (no bridging): eth1 -> ISP (IP for LAN) eth2 -> ISP (IP for DMZ) eth3 -> DM...

@sindy Some questions. Assumption: OP does not want OPEN PORTS on the router - ie ports accessible to the outside world. - A very reasonable consideration. Solutions: 1. Standard Solution: Simply use the LANIP of the server from subnets behind the router server on subnet A users in subnet A simply ...

Hello, Right now I have a RB3011 router and a CRS326 switch at home. Since I don't want to open up ports from the internet into my LAN I'm going to configure a DMZ and put my server here where it will be "isolated" from the rest of the LAN. Right now if I try to access my external IP from ...

You'll have to set up VLANs on both devices properly. Setting vlan-id and use-tag on wAP is not enough. I suggest you to go through this tutorial , it'll help you to see what has to be done in ROS. Hopefully you already undersrand basic concepts of VLANs ... Wow thanks, I missed that post. It look ...

Hi, I have a RB3011 and a wAP AC at home. I have created a virtual AP where I'm going to have all my IoT devices connect to, naming the SSID IoT . I want to separate this traffic from everything else so I can restrict it to access internet and the rest of my network so I thought that I could use VLA...

Hi, I'm messing around a bit with IDS/IPS software such as Snort. I've installed the Calea package on my main router and I've manged to get a packet sniffer stream to my server. My question is how I make my MikroTik only stream packages going to/from a specific port from the internet? Let's say I ha...

Great thanks. How do I do this? Is it something with ingress and egress I have to look at? When looking at the wiki there seem to be different ways of doing it on different models and I'm just getting confused by it. Lets say I want VLAN id 2000 to be able to go in and out of sfp-sftpplus1 interface...

I'm not running them in daisy chain. As I noted in my first post I have the switches connected to the routers SFP ports like this drawing: drawing.png What's the difference/benefits of running SwitchOS? I'm running RouterOS on all three devices. The CRS125 is running v6.38.1, CRS326 v6.41.3 and CCR1...

I'm kind of new to VLAN and how this works and I have a couple of questions. I have one router CCR1009-8G-1S-1S+ and one CRS125-25G switch and also a CRS326-24G-2S+ switch. The two switches are connected to the routers SFP ports and if I don't use VLANS I can ping from CRS125 to CRS326 and vise vers...

... Also found this good comment by thirdstreetzero on reddit: It breaks all kinds of fundamental standards and norms, not to mention statistics, security, things like fasttrack, etc. It makes transitions away from your current configuration more difficult. It's impossible for future people to inte...

@janisk can you please check if you can open port 53 over TCP for the nameserver of *.sn.mynetname.net? (ns1.kissthenet.net and ns2.kissthenet.net)
These nameservers also doesn't seem to support EDNS.

This seems really weird. If I use nslookup on my Windows 10 machine like this, I get an answer: C:\>nslookup xxxxxxxxxx.sn.mynetname.net ns1.kissthenet.net Server: UnKnown Address: 159.148.147.201 Name: xxxxxxxxxx.sn.mynetname.net Address: 111.222.333.444 However if I look it up like this I get: C:\...

Do I get a new domain name with the new Cloud service or if it still the xxxxxxxxx.sn.mynetname.net domains that are being used?

Hi, I recently enabled DNSSEC validation on our DNS server internally and just as I enabled it I can't resolve any Cloud IP addresses anymore and it is Only this domain I have problem with. When I do a nslookup for xxxxxxxxx.sn.mynetname.net I just get a Server failed as a response. When I disable D...

Hi,

Are there any plans for any 10GBase-T switches with 24 ports and more in the future?

Thanks,
-Patric

Hi, Is there an easy way to create a VLAN on every interface instead of specifying every single interface? I need to create a couple of VLANs and some of them need to be available on all interfaces. Do I manually have to add ever interface to every VLAN in this case or is there a setting that will a...

I also tried the option "Add default route" and that wont work either, the routing table says it's unreachable but I can ping the IP and everything.. I've tried to use the VPN directly on my computer and run all traffic through it and it worked without any problems at all, it's just in the...

So I tried to add netflix.com's IP in the routing table and route it through the VPN but I can't get it to work. When I do that I can't access the site at all and when I try to ping it I get a timeout. I run this command just to try and see what would happen: /ip route add dst-address=69.53.236.17 g...

Hi,

I'm wondering if it's possible to route some specified traffic through a VPN.

I'm having a VPN account in the US and only want to route traffic that's going to netflix.com and it's subdomains.
Is this possible? If so, how do I configure it?

Hi, I have a RB493G and for the moment I need some help here. The thing is that I have my computer with a 3G dongle that I couldn't get to work with my MikroTik so I'm using it on my computer directly and enabled ip_forwarding (running Ubuntu 11.04). When I connect my laptop directly to my "3G ...

I got my RB493G board last week and now when I was playing around with it and was going to experiment with a 3G modem connected to the USB, I don't have a micro-SIM or what form factor this board supports!? Anyway I was playing around with it and noticed that the board didn't recognize it so I searc...