Community discussions

Search found 33 matches

by siuslawbb
Fri Jul 01, 2016 5:26 pm
Forum: General
Topic: Locking down a router
Replies: 0
Views: 369

Locking down a router

Trying to get a customer access to their router without compromising our abilities. I've created a customer group that is missing the policy and sensitive policies. According to the documentation, removing policy and sensitive should prevent user management and access to the password. However, a use...
by siuslawbb
Mon Nov 30, 2015 4:20 pm
Forum: Virtualization
Topic: Cloud Hosted Router
Replies: 583
Views: 189818

Re: Cloud Hosted Router

Thanks for the feedback Janis. What tool do you use to prepare the image locally first and export into an AMI format?
by siuslawbb
Sat Nov 28, 2015 4:37 am
Forum: Virtualization
Topic: Cloud Hosted Router
Replies: 583
Views: 189818

Re: Cloud Hosted Router

Trying to manually import this into EC2 with their CLI tools, since it appears that's the only way to do it at this point. I've tried the import with both the raw .img and the vmdk. Getting this error for the raw .img version: Client.Unsupported: No bootable partition found. (Service: AmazonEC2; Sta...
by siuslawbb
Fri Nov 27, 2015 9:09 pm
Forum: Virtualization
Topic: Cloud Hosted Router
Replies: 583
Views: 189818

Re: Cloud Hosted Router

you can use this on EC2. It is just not jet available as an AMI provided by us. We will check what is going on on Windows 8.1 and Windows 10 and normal Hyper-V interface. Importing the raw file into EC2 with their cli tools? http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ImportVMImportImage.html
by siuslawbb
Mon Nov 23, 2015 6:06 am
Forum: Virtualization
Topic: Cloud Hosted Router
Replies: 583
Views: 189818

Re: Cloud Hosted Router

Any more thoughts on when this will be ready for EC2?
by siuslawbb
Mon Sep 21, 2015 5:53 pm
Forum: General
Topic: Telnet to 161 for snmp causes router to lock up
Replies: 3
Views: 572

Re: Telnet to 161 for snmp causes router to lock up

confirmed in 6.32.2 as well
by siuslawbb
Fri Sep 18, 2015 6:52 am
Forum: General
Topic: Telnet to 161 for snmp causes router to lock up
Replies: 3
Views: 572

Re: Telnet to 161 for snmp causes router to lock up

Well swapped out to a 450 tonight and we are still seeing the same problem... Also seeing this same message in the error log. http://forum.mikrotik.com/viewtopic.php?t=92952 When we trying to telnet to the device from our monitoring server, we lose connectivity for about 90 seconds. It also appears ...
by siuslawbb
Thu Sep 17, 2015 10:55 pm
Forum: General
Topic: Telnet to 161 for snmp causes router to lock up
Replies: 3
Views: 572

Telnet to 161 for snmp causes router to lock up

One of our deployed MT's, a 951-2n, lost connectivity with our monitoring platform. We went to test snmp connectivity from the server and when trying to telnet to 161 from the server to the MT, the MT would lose all connectivity for about 90 seconds, completely locking up and serving no traffic. Run...
by siuslawbb
Tue Dec 30, 2014 12:26 am
Forum: General
Topic: logging level to capture spanning tree events
Replies: 0
Views: 494

logging level to capture spanning tree events

Couldn't find anything online that directly states what logging topic is needed to capture spanning tree events. Anyone know that off the top of your head? Is it capture in the interface topic or another? STP doesn't have its own like ntp or ssh for example.
by siuslawbb
Thu Oct 16, 2014 8:36 pm
Forum: General
Topic: NAT packets through ipsec tunnel
Replies: 10
Views: 4853

Re: NAT packets through ipsec tunnel

mjgraham, in your ipsec policy, the set src address to that nat'd ip on the other side of the tunnel. The dst addy will be the subnet at the other location. The sa src addy is your public and the sa dst addy is the public on the other firewall. In ip firewall nat have a policy like this: chain=srcna...
by siuslawbb
Sat Jul 26, 2014 7:12 pm
Forum: Wireless Networking
Topic: Mikrotik and Verizon LTE
Replies: 5
Views: 3279

Re: Mikrotik and Verizon LTE

Still need help with this?

I have a Verizon Pantech UML295 working off the USB port of a 951G.
Yeah, any insight on this?
by siuslawbb
Mon Jul 21, 2014 7:46 pm
Forum: General
Topic: CCR 1016 Fans and Cooling
Replies: 1
Views: 1512

Re: CCR 1016 Fans and Cooling

Maybe a recent firmware version busted the auto fan select option? Tried setting the fan mode to manual and select either fan but neither of the fans are spinning up. fan-mode: auto use-fan: main active-fan: none cpu-overtemp-check: yes cpu-overtemp-threshold: 100C cpu-overtemp-startup-delay: 1m vol...
by siuslawbb
Mon Jul 21, 2014 6:54 am
Forum: General
Topic: CCR 1016 Fans and Cooling
Replies: 1
Views: 1512

CCR 1016 Fans and Cooling

Have a 1016 that has had a fan fail and ultimately causing the device to lock up which has happened twice now. The second fan has now failed and we're awaiting a replacement device. In the mean time, in system health, you have fan mode and use fan. We haven't touched ours and it is currently set to ...
by siuslawbb
Fri May 02, 2014 7:49 pm
Forum: General
Topic: IPv6 only network
Replies: 3
Views: 1179

IPv6 only network

We're getting ready to carve out a chunk of our residential network that will be delivered completely over IPv6. Unless I'm blind, I do not see any options for NAT64 (to let an IPv6 device reach an IPv4 device) or another workaround. We have IPv6 on our WAN already up and running, as well as interna...
by siuslawbb
Mon Mar 10, 2014 7:15 pm
Forum: Forwarding Protocols
Topic: OSPF over GRE tunnel and IPSEC VPN
Replies: 5
Views: 7574

Re: OSPF over GRE tunnel and IPSEC VPN

Razol, sorry nobody got back to you earlier! Try dropping your OSPF auth for now and wait until you get it up and running successfully. Also, ditch the broadcast type on OSPF and switch to P2P. A tiny bit more config to do, but you'll get more reliability. The networks in OSPF are also different bet...
by siuslawbb
Tue Feb 11, 2014 6:18 pm
Forum: General
Topic: PPPoE Problem
Replies: 3
Views: 1040

Re: PPPoE Problem

kangoo, is your pppoe backed by radius?
by siuslawbb
Fri Feb 07, 2014 9:43 pm
Forum: General
Topic: ccr lockup in 6.4
Replies: 1
Views: 561

ccr lockup in 6.4

Just saw our CCR max to 100% CPU for the first time.... Was delivering about half the traffic, denying SSH connections, and interface window in winbox was empty. log file was complaining about discarding a locally originated packet, but no changes had been made to ospf. Attempting a reboot took thre...
by siuslawbb
Wed Dec 18, 2013 9:40 am
Forum: General
Topic: NAT packets through ipsec tunnel
Replies: 10
Views: 4853

Re: NAT packets through ipsec tunnel

scriptcypher, looks like I just figured it out. Basically, nat'ing happens before the ipsec policy. So take your local LAN subnet and src-nat it out to the NAT IP provided by the Cisco you do not control. In the IPSec policy, rather than having your LAN subnet at the local src address, set it to the...
by siuslawbb
Wed Dec 18, 2013 4:58 am
Forum: General
Topic: NAT packets through ipsec tunnel
Replies: 10
Views: 4853

Re: NAT packets through ipsec tunnel

just stumbled on this post and I have the exact issue. Tunnel is up, SA's are installed but I need to NAT my LAN out the tunnel to a single IP. Masquerade would work if the IPSec tunnel had a local interface with the NAT IP assigned to it. Since we don't have an int when the ipsec tunnel is built, t...
by siuslawbb
Fri Nov 15, 2013 9:48 pm
Forum: General
Topic: RouterOS v6.6 released
Replies: 164
Views: 72993

Re: RouterOS v6.6 released

confirmed vlan bug for us as well. From what we can tell, mainly on bridge interfaces for us. major issue for us.
by siuslawbb
Wed Sep 25, 2013 2:10 am
Forum: General
Topic: rancid .cloginrc
Replies: 0
Views: 1456

rancid .cloginrc

working on rancid, trying to get it to login into a Mikrotik and download the config. I've got the server setup, followed every suggestion I could find online, and so far the only thing I can't track down is how to put info in the .cloginrc file that contains something similar to this example: #Fire...
by siuslawbb
Tue Sep 24, 2013 8:15 pm
Forum: Forwarding Protocols
Topic: BGP4-MIB
Replies: 17
Views: 7320

Re: BGP4-MIB

bumping, again. Pretty standard MIB for a router to support. running ccr's on 6.4.
by siuslawbb
Tue Aug 06, 2013 7:44 pm
Forum: General
Topic: SSTP: recvd too small packet
Replies: 33
Views: 11665

Re: SSTP: recvd too small packet

FYI, I have confirmed that this bug is back in Windows 8.1 and ROS 6.1. Adding SendExtraRecord with with a hexadecimal base value of 2, the problem is resolved.
by siuslawbb
Sun Jun 23, 2013 4:48 am
Forum: General
Topic: Loss of PPP config after reboot
Replies: 0
Views: 312

Loss of PPP config after reboot

Our edge firewall had lost power today. When the router came back up, all of the PPP config was gone. Running 5.23 on an RB1100. The change log in 5.23 actually states this issue was resolved. I'm curious if anyone else has actually seen this issue in the wild (I'm sure someone has) and if it truly ...
by siuslawbb
Tue Mar 12, 2013 7:39 pm
Forum: General
Topic: Webfig Enhancement
Replies: 6
Views: 1669

Re: Webfig Enhancement

yeah, that would be awesome. Both in Winbox and in Webfig, the comments are displayed on top of the interface. In Winbox there is an option (inline comments) that move the comments over and make them appear as another column, thus minimizing the vertical height and making it much, much more readable...
by siuslawbb
Mon Mar 04, 2013 6:58 am
Forum: General
Topic: Router processor loads on 100% because of management process
Replies: 12
Views: 4434

Re: Router processor loads on 100% because of management pro

For those interested, this is the response for MT support: Thank you very much for the clarification. Yes it is correct, The Dude might cause higher loads (it is known problem and fix will be included in the next Dude version), you can make workaround and increase "Mac Mapping Refresh Interval" at S...
by siuslawbb
Fri Feb 08, 2013 6:52 pm
Forum: General
Topic: RX Drops in RC's
Replies: 1
Views: 480

RX Drops in RC's

saw a few threads about RX drops in some of the release clients and wanted to start a thread to consolidate the conversation into one for some easier tracking. We upgraded a number of devices last night from 5.20 and 5.22 to v6-RC6 and are seeing RX drops on a number of them. Seeing rx drops on brid...
by siuslawbb
Fri Feb 01, 2013 6:55 pm
Forum: Beginner Basics
Topic: winbox in windows 8
Replies: 3
Views: 1160

Re: winbox in windows 8

works for me
by siuslawbb
Fri Feb 01, 2013 6:44 pm
Forum: General
Topic: master/slave eth or join bridge
Replies: 1
Views: 727

master/slave eth or join bridge

Can anyone explain the different between creating a bridge that has individual eth ports as members vs adding a bunch of slave ports to one master port? Performance differences, ability to have a "slave" vlan on a master port like you can in a bridge?
by siuslawbb
Fri Jul 13, 2012 8:41 pm
Forum: General
Topic: Logging Remote
Replies: 3
Views: 764

Re: Logging Remote

I actually have this exact same problem right now and was just coming to the forum to figure it out. It *appears* to be a bug when more than one item attempts to get logged. IE, in your case, the webproxy and !debug. Temporarily drop the !debug, leaving only webproxy, and I'll bet it'll log it. I st...
by siuslawbb
Fri Jun 03, 2011 6:38 pm
Forum: General
Topic: ssl import for SSTP
Replies: 7
Views: 3005

Re: ssl import for SSTP

Anyone had an issue like this before?
by siuslawbb
Thu May 19, 2011 10:13 pm
Forum: General
Topic: ssl import for SSTP
Replies: 7
Views: 3005

ssl import for SSTP

trying to get sstp up and running and we're running into some issues getting the SSL imported. Used certificate-request to generate CSR. Used PositiveSSL through Namecheap to get real SSL and used the "other" server option. Certificates gets imported just fine, but the private key isn't getting impo...