Community discussions

MikroTik App

Search found 79 matches

by alice
Tue Mar 22, 2016 3:14 pm
Forum: RouterBOARD hardware
Topic: Passive PoE rack injector for hAP ac ?
Replies: 2
Views: 1239

Passive PoE rack injector for hAP ac ?

Hi, I am trying to find a PoE rack injector for hAP - which is not that easy. While you can find easily an injector with 120W/12 ports, hAP ac takes 17 W, thus 12port would have to provide 200W. When I ask for 200W, I can't find a passive injector... only 802.3. Any tips for any scale? Thanks in adv...
by alice
Thu Feb 25, 2016 10:46 am
Forum: RouterBOARD hardware
Topic: "hAP AC" with 802.3af/at PoE? Enterprise calling...
Replies: 20
Views: 9822

Re: "hAP AC" with 802.3af/at PoE? Enterprise calling...

I just heard about wAP ac announced at MUM Europe 2016 Ljubljana! Now that's what I call fast response! :lol: I told you :D I just hope you guys eventually replaced that 10/100 Mb Ethernet with 1G. I am not getting that philosophy of "light ac" devices with wireless >1Gb and wire of 1/10
by alice
Thu Feb 25, 2016 10:27 am
Forum: RouterBOARD hardware
Topic: "hAP AC" with 802.3af/at PoE? Enterprise calling...
Replies: 20
Views: 9822

Re: "hAP AC" with 802.3af/at PoE? Enterprise calling...

I just heard about wAP ac announced at MUM Europe 2016 Ljubljana!

Now that's what I call fast response! :lol:
by alice
Wed Feb 24, 2016 8:40 pm
Forum: General
Topic: Slooow PEAP on CM2
Replies: 0
Views: 1110

Slooow PEAP on CM2

Hi, when I authenticate a standalone AP against RADIUS server, it runs smoothly with such a config: /interface wireless security-profiles set [ find default=yes ] group-ciphers="" group-key-update=30m supplicant-identity= somenamehere unicast-ciphers="" add authentication-types=w...
by alice
Sat Feb 13, 2016 5:28 pm
Forum: Wireless Networking
Topic: is cm2 implementation on x86 and mipsbe the same code?
Replies: 0
Views: 758

is cm2 implementation on x86 and mipsbe the same code?

Hi, I am stuck and desperate. While I had CAPsMAN2 on mipsbe hardware up and running within 30 minutes, I couldn't on x86 VMware ESXi 5.5, 6 in such a fatal way that it made me think whether the code is the same? I've been dealing with this problem for more than a week and I dare to say I've exclude...
by alice
Fri Feb 12, 2016 9:54 am
Forum: RouterBOARD hardware
Topic: "hAP AC" with 802.3af/at PoE? Enterprise calling...
Replies: 20
Views: 9822

"hAP AC" with 802.3af/at PoE? Enterprise calling...

Hi, are there any plans for releasing dualband AP's for big interior installations with 802.3af/at power? I want to powercycle remotely and get rid of bunch of cables in server room... and not threaten people who unplug AP in order to try out their notebooks (even if they deserve a punshiment). Yes,...
by alice
Sun Feb 07, 2016 10:31 am
Forum: Beginner Basics
Topic: Securing APs For Real
Replies: 16
Views: 3259

Re: Securing APs For Real

Me stupid, never work over hours again, thank you! I kept importing the key all the time to some admin backup user... :lol: Thank you for valuable input!
by alice
Sat Feb 06, 2016 5:59 pm
Forum: Beginner Basics
Topic: Securing APs For Real
Replies: 16
Views: 3259

Re: Securing APs For Real

Hmm - never thought about that particular option... That's pretty harsh in that it's going to break the license of the device itself so you can't just put RoS back onto it afterwards. I am afraid I wasn't clear enough - by the "live OpenWRT" I mean that booting OpenWRT over network only t...
by alice
Sat Feb 06, 2016 10:43 am
Forum: Beginner Basics
Topic: Securing APs For Real
Replies: 16
Views: 3259

Re: Securing APs For Real

AFAIK, you could do all of the above AND use SSH keys for router access on top, so that even if someone figures out the password, they can't connect unless they also get ahold of your SSH private keys.
Could you please elaborate this idea? How can I achieve this goal?
by alice
Sat Feb 06, 2016 10:40 am
Forum: Beginner Basics
Topic: Securing APs For Real
Replies: 16
Views: 3259

Re: Securing APs For Real

One thing - unless they've changed, local access "lost password" procedures for Mikrotik only give you the ability to wipe the configuration - you can't get in with some "console-only" method that lets you recover a lost password. Unfortunately, there is a well-known hack , rece...
by alice
Fri Feb 05, 2016 5:17 pm
Forum: Beginner Basics
Topic: Securing APs For Real
Replies: 16
Views: 3259

Re: Securing APs For Real

:arrow: First things first: Thank you for your input ! Use AAA authentication for login on the APs. This one is nice but AFAIK that doesn't supersede the need for setting some locally stored /password ...which can be read with mtpass . And then reading other passwords like preshared key for RADIUS s...
by alice
Thu Feb 04, 2016 3:05 pm
Forum: Beginner Basics
Topic: Securing APs For Real
Replies: 16
Views: 3259

Securing APs For Real

I am about to install some AP's to dormitory network which means easy physical access of highly skilled tech guys on steroids to AP's. That's why I must count on that sooner or later they will try to attack the AP's and the whole network. One vulnerability of Routerboard/Routeros is easy access to h...
by alice
Fri Jan 29, 2016 7:55 pm
Forum: Wireless Networking
Topic: cm2 bridge, external DHCP works but then communication stops...
Replies: 1
Views: 777

cm2 bridge, external DHCP works but then communication stops...

Hi there, ROS 6.34, freshly installing CAPsMAN CM2: The goal is to let a station connect thru CAP in manager forwarding mode and then thru a bridge (no routing involved in CAPsMAN apparatus) to the rest of the infrastructure/the Internet. The infrastructure provides all the DHCP, NAT, ... The infras...
by alice
Tue Nov 03, 2015 12:27 pm
Forum: General
Topic: eduroam: VLAN assignment based on RADIUS 802.1x reply
Replies: 40
Views: 22683

Re: eduroam: VLAN assignment based on RADIUS 802.1x reply

While embracing Apple technologies, SSDP in particular, the need of easy per-user separation of VLANs became more important, by an order of magnitude. Seriously. It is now the game changer for indoor installations.

So.... ?
by alice
Wed Sep 23, 2015 1:20 pm
Forum: Wireless Networking
Topic: 802.11ac implementation not suitable for more than one computer yet?
Replies: 1
Views: 990

802.11ac implementation not suitable for more than one computer yet?

The setup: SXT SA5 ac (an ac L4 device), with 6.32-6.33rc10, full supout , basic configuration below Apple MacBook Pro 2015 (the latest Mac OS X, nice to have rich friends) HP ProBook 450 G2 (Win8) Both notebooks 1 meter from the AP, direct visibility, upright position of both AP and devices. When I...
by alice
Thu Sep 17, 2015 8:37 am
Forum: Wireless Networking
Topic: Recommended Design for Wireless Network in a large institution?
Replies: 8
Views: 2755

Re: Recommended Design for Wireless Network in a large institution?

Hi, thanks for your answer and thank MikroTik for 802.3... finally! But still,

- where is 802.11ac ? It is 2015. wAP has still 100Mb connector and operates 2,4G only
- my question also wanted to touch CAPsMAN scaling. How powerful hardware do I need for CAPsMAN to run 50 AP's per building?
by alice
Tue Sep 15, 2015 9:54 am
Forum: Wireless Networking
Topic: Recommended Design for Wireless Network in a large institution?
Replies: 8
Views: 2755

Re: Recommended Design for Wireless Network in a large institution?

Oh sorry, did I write that all buildings are already connected with a fibre?

What I am asking about is a recommended design of that indoor coverage in each building.

Imagine an IDF room full of passive PoE's, overloaded CAPsMAN etc. ... that's what I am pointing at.
by alice
Thu Sep 03, 2015 9:25 pm
Forum: Wireless Networking
Topic: Recommended Design for Wireless Network in a large institution?
Replies: 8
Views: 2755

Re: Recommended Design for Wireless Network in a large institution?

You must be joking, right? I've been already running >200 AP for my indoor (eduroam on PEAP authentication) needs and it was pretty stable until ~6.2x. That's why I've come up with topics like CAPsMAN Weeping and more specifically VLAN assignment based on RADIUS 802.1x reply after some meditation on...
by alice
Wed Sep 02, 2015 4:01 pm
Forum: Wireless Networking
Topic: Recommended Design for Wireless Network in a large institution?
Replies: 8
Views: 2755

Re: Recommended Design for Wireless Network in a large institution?

Nobody experienced in sizing, scalability? :?
by alice
Tue Sep 01, 2015 1:51 am
Forum: Wireless Networking
Topic: Recommended Design for Wireless Network in a large institution?
Replies: 8
Views: 2755

Recommended Design for Wireless Network in a large institution?

Hi, let's suppose I work in an institution with 25 buildings in different parts of a town, each building covered with ~50-70 AP's and the number is gonna grow with 802.11ac @ 5 GHz. What would be a recommended architecture now? Currently there are not so many concurrent users with high network traff...
by alice
Mon Aug 24, 2015 2:25 pm
Forum: RouterBOARD hardware
Topic: The Dualband AP?
Replies: 8
Views: 2180

hAP AC PoE: 802.3 or passive?

Still no answer from MikroTik regarding its PoE part...

Should I order a regular HP switch with built-in 802.3 or some noname gizmotronic passive PoE adaptor?
I've had to start the procurement already!
by alice
Mon Aug 24, 2015 12:44 am
Forum: RouterBOARD hardware
Topic: The Dualband AP?
Replies: 8
Views: 2180

Re: The Dualband AP?

Some 802.3af/at switches (seen HP ProCurve at least) can be configured for passive PoE.
Ummm... I couldn't make it working with HP A5120 (Comware inside) which is what I have to operate. :cry:

Any advice would be very appreciated!
by alice
Mon Aug 24, 2015 12:39 am
Forum: General
Topic: eduroam: VLAN assignment based on RADIUS 802.1x reply
Replies: 40
Views: 22683

Re: eduroam: VLAN assignment based on RADIUS 802.1x reply

Did you manage to set up authentication with a RADIUS server? I'm trying it, the user is verified, but obtains an IP address. Thanks for reply. I didn't even dare to try to assign an IP address from RADIUS server. I am going to assign it from a DHCP server once a user is properly authenticated - ev...
by alice
Tue Aug 18, 2015 5:15 am
Forum: RouterBOARD hardware
Topic: The Dualband AP?
Replies: 8
Views: 2180

The Dualband AP?

Hi, are there any news regarding the gigabit hAP ac ?
Is there any chance to buy it in 2015?
Will there be 802.3af/at PoE? - When installing say 50 AP's in a building, how am I supposed to power them otherwise? Server room with 50 PoE adapters in wall plugs - that's a nightmare.
by alice
Wed Jul 08, 2015 7:23 am
Forum: General
Topic: How to see Ethernet Port Uptime?
Replies: 19
Views: 16630

Re: How to see Ethernet Port Uptime?

/interface print detail

look for

last-link-up-time


(see also last-link-down-time)
by alice
Mon Jun 08, 2015 1:30 pm
Forum: Wireless Networking
Topic: Collapsing AP's (and Mikrotik support not reacting)
Replies: 6
Views: 1580

Re: Collapsing AP's (and Mikrotik support not reacting)

Have you tried running that board outside the plastic case, routing all pigtails so that they are as far from other card's as possible? While there was some improvement, I can't really say that it fixed the problem. Have you tried using wireless-fp driver instead of wireless? Wireless-fp means to a...
by alice
Mon Jun 08, 2015 12:00 pm
Forum: Wireless Networking
Topic: Collapsing AP's (and Mikrotik support not reacting)
Replies: 6
Views: 1580

Collapsing AP's (and Mikrotik support not reacting)

Hi, this message is kinda directed to support as I believe it is a heavy problem, but maybe I am not the only one who can reproduce this problem and I suspect it isn't actually only a hardware thing. Instead of many words let me direct you to an a presentation of the problem (with pictures). I'd lik...
by alice
Tue Jun 02, 2015 6:11 pm
Forum: General
Topic: eduroam: VLAN assignment based on RADIUS 802.1x reply
Replies: 40
Views: 22683

Re: eduroam: VLAN assignment based on RADIUS 802.1x reply

...did it make it there?
I can see it did not.
by alice
Tue Feb 03, 2015 4:39 pm
Forum: RouterBOARD hardware
Topic: A beautiful box for 912UAG-2HPn + R11e-5HnD not overheating?
Replies: 2
Views: 1520

A beautiful box for 912UAG-2HPn + R11e-5HnD not overheating?

Hi, I have tried a generic plastic box for this set to construct an interior visible dualband AP. Surprisingly when the System>Health temperature reached 40°C, the 5 GHz stopped operating, just disconnected and the MB started to restart. A regular thermometer inside the box showed some 30 °C with ou...
by alice
Thu Jan 08, 2015 8:05 am
Forum: RouterBOARD hardware
Topic: RouterBOARD naming
Replies: 61
Views: 125682

Re: RouterBOARD naming

Isn't there any letter to distinguish between passive PoE and 802.3af, at ?

If I get it right, i, P refer to Mikrotik proprietary "controller" mechanism...?
by alice
Tue Dec 16, 2014 1:50 pm
Forum: General
Topic: eduroam: VLAN assignment based on RADIUS 802.1x reply
Replies: 40
Views: 22683

Re: eduroam: VLAN assignment based on RADIUS 802.1x reply

I am kinda "stoned" after long term painful health condition with lots of analgetics, but: I've noticed in my purple hazed sleepy world this CAPsMAN v2 thing recently and recalled the promise to try to get it there : We will try to implement the EAP response from RADIUS for vlan assigning ...
by alice
Thu Dec 04, 2014 1:51 pm
Forum: Beginner Basics
Topic: Moving RouterOS on vmware
Replies: 3
Views: 1387

Moving RouterOS on vmware

Hi,

Q1: If I install ROS x86 on vmware and license it, can I move safely this installation to another vmware machine?

Q2: (provided that A1 was "Yes") Can I move this installation between an ESXi instance and non-ESXi instance?


Thank you in advance.
by alice
Mon Oct 27, 2014 11:21 am
Forum: Wireless Networking
Topic: 802.1x on wired
Replies: 6
Views: 7916

Re: 802.1x on wired

Still no intention to do it?

While many admins may be afraid of using Mikrotik in the core of their networks, I think this could boost the sales of the equipment as cheap edge switches.
by alice
Wed Oct 15, 2014 7:56 pm
Forum: Wireless Networking
Topic: CAPsMAN Load Balancing?
Replies: 15
Views: 15418

CAPsMAN Load Balancing?

Hi, how exactly does Load Balancing work? When I connected just one CAP to a CAPsMAN and added a Load Balancing Group to the provisioning rules, I got <mac>@<interface> rejected, not allowed due to load balancing Not nice. It works OK when there is NO Load Balancing Group... huh? Thank you in advance
by alice
Mon Sep 22, 2014 5:51 pm
Forum: General
Topic: Central Deployment using Infrastructure-as-a-Code?
Replies: 11
Views: 8749

Re: Central Deployment using Infrastructure-as-a-Code?

I'll stay for now with clusterssh.
by alice
Mon Sep 22, 2014 5:49 pm
Forum: Beginner Basics
Topic: I can't turn off the console colours
Replies: 4
Views: 1733

Re: I can't turn off the console colours

Thanks for all the tips, but I just settled with parallelSSH and now I feel very well with clusterssh. I can't handle all my Mikrotiks seriously this way at once, but doing that interactively on more than one box is still a relief. 4.02_03 (a package in Lubuntu 14.04) works like charm with RouterOS ...
by alice
Mon Sep 01, 2014 1:18 pm
Forum: General
Topic: CAPsMAN Weeping
Replies: 11
Views: 5599

Re: CAPsMAN Weeping

Not next RouterOS version.
Couldn't you guys do just an incremental patch? I need it urgently (for "technically political" reasons).
the new CAPsMAN is simply not ready.
And in a standalone version?
by alice
Wed Aug 27, 2014 8:45 pm
Forum: General
Topic: CAPsMAN Weeping
Replies: 11
Views: 5599

Re: CAPsMAN Weeping

Not next RouterOS version.
Couldn't you guys do just an incremental patch? I need it urgently (for "technically political" reasons).
by alice
Wed Aug 27, 2014 3:38 pm
Forum: General
Topic: CAPsMAN Weeping
Replies: 11
Views: 5599

Re: CAPsMAN Weeping

* We will try to implement the EAP response from RADIUS for vlan assigning in next revision of CAPsMAN All I can see in "What's new in 6.19 (2014-Aug-26 14:05):" regarding wireless is "improvements for nv2 and 802.11ac". Without irony: are revisions of CAPsMAN intended to correl...
by alice
Wed Aug 13, 2014 10:02 pm
Forum: General
Topic: CAPsMAN Weeping
Replies: 11
Views: 5599

Re: CAPsMAN Weeping

* Currently no roaming standard added. Honestly - if you implemented Cisco's proprietary CCX, if would be a real asset. Otherwise, the IEEE standards are not that widely implemented by manufacturers on stations yet (even after <10 years) so that is not so much painful. But that can change pretty fa...
by alice
Mon Aug 11, 2014 7:19 pm
Forum: Beginner Basics
Topic: I can't turn off the console colours
Replies: 4
Views: 1733

Re: I can't turn off the console colours

Thanks but that is an overkill for me to start studying a new way to control Mk.
by alice
Mon Aug 11, 2014 6:20 pm
Forum: Beginner Basics
Topic: I can't turn off the console colours
Replies: 4
Views: 1733

I can't turn off the console colours

Hi, according the manual I should be able to turn off the colours by loggin in as admin+c@.... but when I tried at 6.x to record the commands (using autoexpect), it just didn't work, my prompt looked like expect -exact "\r\r\r^[\[9999B\[admin@DD-RB433\] > ^[7^[\[r^[8" ...and e that should ...
by alice
Sun Aug 10, 2014 4:23 pm
Forum: General
Topic: CAPsMAN Weeping
Replies: 11
Views: 5599

CAPsMAN Weeping

I expected CAPsMAN to become a fully-fledged "WLAN Controller". So far - in version 6.18 - I've been missing way too many features and it really makes me sad. No roaming. There is no support for 802.11e, r, k or CCX. Or am I wrong? Other controllers take care of optimization and coordinati...
by alice
Wed Aug 06, 2014 11:09 pm
Forum: General
Topic: eduroam: VLAN assignment based on RADIUS 802.1x reply
Replies: 40
Views: 22683

Re: eduroam: VLAN assignment based on RADIUS 802.1x reply

btw: eduroam is now implemented at ~6,000 campuses (see the map) and still counting. I can imagine that this EAP scenario can be useful in just about any institutional network where it is important to separate "access levels" of various employees. I believe that MAC based authentication on...
by alice
Wed Aug 06, 2014 12:34 pm
Forum: General
Topic: eduroam: VLAN assignment based on RADIUS 802.1x reply
Replies: 40
Views: 22683

Re: eduroam: VLAN assignment based on RADIUS 802.1x reply

eduroam users must to log in at institutional WiFi with a login name in form loginname@realm with PEAP. After successful verification of their identity thru a planet-wide RADIUS hierarchy - if they study at this university (i.e. they have the proper realm), they are assigned a vlan with full access...
by alice
Wed Aug 06, 2014 10:37 am
Forum: General
Topic: eduroam: VLAN assignment based on RADIUS 802.1x reply
Replies: 40
Views: 22683

Re: eduroam: VLAN assignment based on RADIUS 802.1x reply

When do we expect that to work?
+1
by alice
Tue Aug 05, 2014 3:37 pm
Forum: General
Topic: eduroam: VLAN assignment based on RADIUS 802.1x reply
Replies: 40
Views: 22683

Re: eduroam: VLAN assignment based on RADIUS 802.1x reply

Any chance for quick implementation or some kind of workaround (some packet mangling)? This is strategic for our long-term strategy.
by alice
Mon Aug 04, 2014 3:45 pm
Forum: General
Topic: eduroam: VLAN assignment based on RADIUS 802.1x reply
Replies: 40
Views: 22683

Re: eduroam: VLAN assignment based on RADIUS 802.1x reply

Capsman doesn't support 802.1x Excuse me, I haven't tried it yet (still playing with the L3 provisioning), but wouldn't eduroam setting be done with CAPsMAN by setting security.authentication-types=wpa2-eap and security.eap-methods=passthrough ? Could you please explain the problem with eduroam more?
by alice
Fri Aug 01, 2014 9:59 am
Forum: General
Topic: eduroam: VLAN assignment based on RADIUS 802.1x reply
Replies: 40
Views: 22683

Re: eduroam: VLAN assignment based on RADIUS 802.1x reply

Mikrotik can't do eduroam at the moment. Use ubiquiti or openwrt. Maybe this is some misunderstanding, but I'd like to stress for a random reader of this topic that a standalone Mikrotik can do eduroam. I've been running ~100 units. While I haven't tried it with CAPsMAN yet, I have a good reason to...
by alice
Thu Jul 31, 2014 5:46 pm
Forum: General
Topic: eduroam: VLAN assignment based on RADIUS 802.1x reply
Replies: 40
Views: 22683

Re: eduroam: VLAN assignment based on RADIUS 802.1x reply

Check out the access list within CAPsMAN.
That's my point - I'm not exactly sure what I can do with the access list... and maybe if I did some overcomplicated packet mangling... no, I don't have a clue yet.
thx for a reaction anyway.
by alice
Thu Jul 31, 2014 4:37 pm
Forum: General
Topic: eduroam: VLAN assignment based on RADIUS 802.1x reply
Replies: 40
Views: 22683

Re: eduroam: VLAN assignment based on RADIUS 802.1x reply

Let me refresh my question:

Can CAPsMAN help me in assigning different VLANs to individual clients using the same SSID and AAA'ed by a RADIUS server?
vlan-mode and vlan-id look promising, but the description is very brief and maybe I hope too much.
by alice
Wed Jul 30, 2014 11:33 am
Forum: General
Topic: How to raise "upgradeable to"?
Replies: 26
Views: 7651

Re: How to raise "upgradeable to"?

Try going to System -> License
Press Update license key, the board will reboot. Try to upgrade after that.
Did work! Awesome!
Thank you all
by alice
Wed Jul 30, 2014 11:08 am
Forum: General
Topic: How to raise "upgradeable to"?
Replies: 26
Views: 7651

Re: How to raise "upgradeable to"?

PS: same with 3.30->5.26 and 3.30->6.17
by alice
Wed Jul 30, 2014 11:02 am
Forum: General
Topic: How to raise "upgradeable to"?
Replies: 26
Views: 7651

Re: How to raise "upgradeable to"?

Hi, first of all: BIG THANK YOU for your decision! ...but when I tried this with RouterBoard 333 currently on 3.30 : Rebooting... Stopping services... verified ntp-4.17-ppc.npk ERROR: license does not support new version of ntp-4.17 verified multicast-4.17-ppc.npk ERROR: license does not support new...
by alice
Mon Jul 21, 2014 12:49 pm
Forum: General
Topic: How to raise "upgradeable to"?
Replies: 26
Views: 7651

Re: How to raise "upgradeable to"?

well... this would be my response... http://alicevixie.blogspot.cz/2014/07/t ... wi-fi.html
by alice
Sun Jul 06, 2014 11:46 am
Forum: General
Topic: How to raise "upgradeable to"?
Replies: 26
Views: 7651

Re: How to raise "upgradeable to"?

Still, that's not an answer good enough for me. What would I do one day with a campus network consisting of 400 AP's when somebody broke PEAP-AES? I need to have the plan for this. The plan with, say HP, would be - for the lifetime of the equipment which is 10 years on average, I will just receive y...
by alice
Mon Jun 23, 2014 10:42 am
Forum: General
Topic: How to raise "upgradeable to"?
Replies: 26
Views: 7651

Re: How to raise "upgradeable to"?

Hi, I have ~100 AP's in my network, mostly RB433. However this was a question regarding sustainability of such a network. I can't easily imagine physical replacement of all AP's after the license expiration. As the network serves directly end users with their BYOD equipment, I have to be ready to do...
by alice
Mon Jun 16, 2014 6:25 pm
Forum: General
Topic: How to raise "upgradeable to"?
Replies: 26
Views: 7651

How to raise "upgradeable to"?

Hi,

I bought a board with L4 license upgradable to v6. What license do I have to buy in order to get to v7? L5 which costs $95 ? And then... ?

Or is it just "buy another L4, yet another L4, ..." ?
by alice
Fri Mar 28, 2014 8:37 am
Forum: General
Topic: MUM Moscow 3/28 - stream not found
Replies: 6
Views: 1713

MUM Moscow 3/28 - stream not found

Hi,

the live stream at http://tiktube.com/?live=live says "stream not found: mum.stream"

:-(
by alice
Fri Mar 14, 2014 11:30 am
Forum: General
Topic: client flooding MAC addresses / spoofing IP
Replies: 0
Views: 1181

client flooding MAC addresses / spoofing IP

Hi, suppose the following scenario: 1) Mikrotik is used as access point in a public place for end users. There are no well-known MAC addresses for PtP connection. IP addresses to clients are assigned with an external DHCP server outside the Mikrotik. 2a) one of many notebooks runs arpspoof hoping to...
by alice
Mon Feb 24, 2014 1:05 pm
Forum: Wireless Networking
Topic: registered to other device in network
Replies: 5
Views: 5704

Re: registered to other device in network

How did the first Mikrotik know? Did Mikrotik start to implement some "handover intelligence" like UniFi or Aerohive (because there is no CAPWAP controller ...yet)?
by alice
Thu Feb 20, 2014 11:04 am
Forum: General
Topic: MUM Europe 2014 - Italy, Venice, February 20-21
Replies: 145
Views: 73508

Re: MUM Europe 2014 - Italy, Venice, February 20-21

No live streaming?
Live stream runs at http://www.tiktube.com/?live=live
by alice
Tue Feb 18, 2014 10:50 am
Forum: General
Topic: RB2011 + SFP as swich with dhcp snooping
Replies: 6
Views: 4015

Re: RB2011 + SFP as swich with dhcp snooping

I am also interested. Mikrotiks serve as bridging AP's. There is a central DHCP server for the whole network (assigning addresses is not a task for each AP). I need to block traffic from addresses that are not given by DHCP server. Not only it keeps address discipline, it also prevents all kinds of ...
by alice
Mon Feb 17, 2014 10:36 am
Forum: General
Topic: eduroam: VLAN assignment based on RADIUS 802.1x reply
Replies: 40
Views: 22683

Re: eduroam: VLAN assignment based on RADIUS 802.1x reply

:( SHTF situation.

If anyone here is fluent in MetaROUTER - do you think it might be the light at the end of the tunnel?
by alice
Fri Feb 14, 2014 4:58 pm
Forum: General
Topic: eduroam: VLAN assignment based on RADIUS 802.1x reply
Replies: 40
Views: 22683

eduroam: VLAN assignment based on RADIUS 802.1x reply

Hi, We've been running eduroam on Mikrotik - so far we've been using the same network for both users from our institution and for guests. Now, I'd like to assign the VLAN to the user based on their realm. Guests from other institutions get different VLAN from locals. I have found the trick for FreeR...
by alice
Sat Jan 11, 2014 10:38 am
Forum: General
Topic: Central Deployment using Infrastructure-as-a-Code?
Replies: 11
Views: 8749

Central Deployment using Infrastructure-as-a-Code?

Hi,

anyone has tried to integrate their RouterOS with tools like Chef, Puppet, Ansible, SaltStack ? I don't want to reinvent the wheel, I can't find a "prior art" though except obviously dead https://github.com/netmanagers/puppet-mikrotik .
by alice
Fri Nov 22, 2013 6:38 pm
Forum: Scripting
Topic: copy and paste: difference between ssh and winbox terminal
Replies: 2
Views: 2357

copy and paste: difference between ssh and winbox terminal

Hi, what is a difference between Winbox New Terminal and PuTTY SSH? I need to know because of automating my scripting, kinda like here , these tools fail for the same reason. RouterOS used for tests is 5.26. Let's have the following piece of code: :global rosver [ /system resource get version ] :if ...
by alice
Thu Nov 21, 2013 5:43 pm
Forum: Wireless Networking
Topic: 802.11w
Replies: 3
Views: 2825

802.11w

Hi,

now that this hijack protection mechanism is brought to us by Windows 8 and bugged/fixed by Cisco (Windows 8 clients can't associate to Cisco Unified Wireless), what is 802.11w status at Mikrotik?
by alice
Thu Nov 21, 2013 10:28 am
Forum: Wireless Networking
Topic: Wireless Controller
Replies: 15
Views: 5671

Re: Wireless Controller

I am looking forward for controller either, except that I am afraid that my current Mikrotik infrastructure*) won't be upgradable to the version I may need :-( I'm starting to take the "controller promise" for a little dirty business trick to a) attract people so they keep buying Mk b) whe...
by alice
Wed Nov 20, 2013 1:35 pm
Forum: Wireless Networking
Topic: UniFi or Mikrotik
Replies: 2
Views: 2346

UniFi or Mikrotik

Till the end of the month I have to make a decision on whether our university's WiFi will go on with Mikrotik or move to Ubiquiti UniFi. So far Ubiquiti's score + WLAN controller + compact device w/great radio - no firewall available for each AP (no traffic filtering can be done on AP itself) - no S...
by alice
Fri Aug 02, 2013 3:52 pm
Forum: Beginner Basics
Topic: Mailing list or other "push" information source?
Replies: 1
Views: 1452

Mailing list or other "push" information source?

Hi, I wanted to ask if Mikrotik company either has a mailing list or some other ways (Google+ or alike) for announcements related to new RouterOS releases, security patches etc. that I could "subscribe". Picking information from a forum is not a comfortable way for me, but it would be nice...
by alice
Sat Jul 27, 2013 11:00 am
Forum: General
Topic: PPtP vulnerability
Replies: 1
Views: 3123

PPtP vulnerability

When scanning RouterOS 5.25 again Qualys FreeScan Vulnerability Scan service, it reported PoPToP PPTP Negative read() Argument Remote Buffer Overflow Vulnerability CVE ID: CVE-2003-0213 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0213 Impact: Successful exploitation of this vulnerability ...
by alice
Fri Mar 15, 2013 4:29 pm
Forum: The Dude
Topic: Device specific Appearance
Replies: 9
Views: 6413

Re: Device specific Appearance

Let me rephrase this problem: I have 100 Mikrotik AP's and 100 Cisco AP's. Based on setting the proper Device Type (which I am willing to do manually) I'd love to reach automatically a proper label for displaying the number of associated clients (which means a different Appearance/Label for each dev...
by alice
Tue Mar 13, 2012 4:02 pm
Forum: Wireless Networking
Topic: How to debug "extensive data loss"?
Replies: 2
Views: 1390

Atheros vs. Broadcom - (was:How to debug "extensive data los

There is no problem with CCQ. But, what I think I have figured out: when notebooks recognize that there is an AP with Broadcom chipset, it suddenly switches to it even if Broadcom is much weaker (in a different floor of building). This results in user complaints of network instability. Any idea what...
by alice
Fri Feb 24, 2012 2:32 pm
Forum: Wireless Networking
Topic: How to debug "extensive data loss"?
Replies: 2
Views: 1390

How to debug "extensive data loss"?

Dear gurus, Mk RB433 + R52n (Atheros 11N), RouterOS 5.13. A few boxes with the same configuration around a campus broadcasting 3 VAPs. My users complain about arbitrary disconnections even when in areas with strong signal - even in the office with the radio! All I can find in log files (even with de...
by alice
Mon Sep 26, 2011 5:54 pm
Forum: Wireless Networking
Topic: (despite WFAQ#1) Apple iPad, NokiaE52 can't connect
Replies: 3
Views: 2151

Re: (despite WFAQ#1) Apple iPad, NokiaE52 can't connect

SOLUTION: Even though I do not want to use TKIP for security reasons, the connectivity WILL start working after I ENABLE TKIP too ("unicast-ciphers=tkip,aes-ccm group-ciphers=tkip,aes-ccm"). Only then WILL Nokia establish aes-ccm connection (that's what "/interface wireless registrati...
by alice
Fri Sep 23, 2011 11:36 am
Forum: Wireless Networking
Topic: (despite WFAQ#1) Apple iPad, NokiaE52 can't connect
Replies: 3
Views: 2151

Re: (despite WFAQ#1) Apple iPad, NokiaE52 can't connect

SOLUTION: Even though I do not want to use TKIP for security reasons, the connectivity will start working after I enable TKIP too ( unicast-ciphers=tkip,aes-ccm group-ciphers=tkip,aes-ccm ). Only then will equipment establish aes-ccm connection (as reported by /interface wireless registration-table ...
by alice
Mon Aug 15, 2011 5:04 pm
Forum: Wireless Networking
Topic: (despite WFAQ#1) Apple iPad, NokiaE52 can't connect
Replies: 3
Views: 2151

(despite WFAQ#1) Apple iPad, NokiaE52 can't connect

Hi, regardless of which preamble-mode I am using (I have tried long/short/both), I can't connect with Nokia E52, Apple iPad to my R52n. While the network is visible for the client, the equipment won't connect. Not even try. Turning on debug, wireless simply doesn't produce ANY record (while the same...