Community discussions

MikroTik App

Search found 48 matches

by rajo
Fri Dec 15, 2023 5:42 pm
Forum: Announcements
Topic: v7.13.5 [stable] is released!
Replies: 909
Views: 257529

Re: v7.13 [stable] is released!

@rajo The issue on AWS likely relates to T3 instances. The Hypervisor is different from T2 (works). https://forum.mikrotik.com/viewtopic.php?p=1027349#p1027349 As I stated, I experienced the same issue on GCE, which has nothing to do with AWS. I provided the info to help with identifying the actual...
by rajo
Fri Dec 15, 2023 5:13 pm
Forum: Announcements
Topic: v7.13.5 [stable] is released!
Replies: 909
Views: 257529

Re: v7.13 [stable] is released!

It is probably just me, but upgrading from 7.12 to 7.13 on AWS broke the instance again and it does not boot any longer. I had the same issue upgrading to 7.12 and was forced to recreate the instance. Isn't there anything I can do to just get the upgrade on AWS working properly? --Michael This does...
by rajo
Fri Nov 10, 2023 8:22 pm
Forum: Announcements
Topic: v7.12.1 [stable] is released!
Replies: 252
Views: 92104

Re: v7.12 [stable] is released!

I updated a CHR on AWS from 7.11.2 to 7.12 and it is not starting anymore, is there a known issue? Even the serial console isn't showing anything, it looks like the whole instance is broken. I experienced this exact same issue when going from 7.7 to 7.10 with CHR on Google CE. I had to rebuild usin...
by rajo
Sat Aug 14, 2021 5:01 pm
Forum: General
Topic: Roaad Warrior L2TP/IPSEC VPN cannot access LAN
Replies: 53
Views: 8424

Re: Roaad Warrior L2TP/IPSEC VPN cannot access LAN

Out of curiosity, you describe this as a "Road Warrior" setup and you mention "local arp proxy works." By "local," are you referring to proxy ARP configured on the client side LAN or the VPN gateway/responder side? If you take the Windows 10 PC or Android tablet to a ne...
by rajo
Sat Aug 14, 2021 4:19 am
Forum: General
Topic: Roaad Warrior L2TP/IPSEC VPN cannot access LAN
Replies: 53
Views: 8424

Re: Roaad Warrior L2TP/IPSEC VPN cannot access LAN

As you can see from the screenshot, with the adapter changes made, your 192.168.2.0/24 network is properly installed. I suspect the reason it's still not working is because the IPSec client is being assigned an IP address in the same network as the LAN you're trying to reach. Because of that, the cl...
by rajo
Fri Aug 13, 2021 10:59 pm
Forum: General
Topic: Roaad Warrior L2TP/IPSEC VPN cannot access LAN
Replies: 53
Views: 8424

Re: Roaad Warrior L2TP/IPSEC VPN cannot access LAN

tried the settings again i cannot access remote LAN. I tried connecting with android, again i cannot see anything from the remote LAN network. It is like i am not connected at the VPN/remote LAN. What does your Windows route table [screenshot] look like after you connect? Also, does the connection ...
by rajo
Fri Aug 13, 2021 4:10 am
Forum: General
Topic: Roaad Warrior L2TP/IPSEC VPN cannot access LAN
Replies: 53
Views: 8424

Re: Roaad Warrior L2TP/IPSEC VPN cannot access LAN

Take a look at the Windows IPv4 route table screenshot you posted. It shows that your VPN connection is the preferred route to the Internet. Thus, once you've established a VPN connection, everything fails. You shouldn't even be able to ping anything on the Internet, once your VPN connection is esta...
by rajo
Thu Aug 12, 2021 7:42 pm
Forum: General
Topic: Roaad Warrior L2TP/IPSEC VPN cannot access LAN
Replies: 53
Views: 8424

Re: Roaad Warrior L2TP/IPSEC VPN cannot access LAN

To get split-include working with your Windows 10 clients, follow the instructions here: viewtopic.php?f=2&t=177314&p=872552#p872552
by rajo
Thu Aug 12, 2021 7:18 pm
Forum: General
Topic: ipsec ikev2 + Windows 10 klient Routes are not transmitted to the client
Replies: 2
Views: 2076

Re: ipsec ikev2 + Windows 10 klient Routes are not transmitted to the client

For split-include to work on Windows 10, modify your VPN connection properties as follows: 1. Select the VPN connection to modify, in the "Settings" applet and choose "Change adapter options" under "Related Settings" 2. In the "Network Connections" window, rig...
by rajo
Sun Jul 05, 2020 8:36 pm
Forum: Announcements
Topic: v6.47 [stable] is released!
Replies: 348
Views: 171976

Re: v6.47 [stable] is released!

@sindy they are having issues with plain L2TP without IPsec encryption. I can confirm there is an issue but I am still struggling to reproduce the issue in a controlled environment even with all the debug information and configurations provided to me. How about creating four builds -- each with one...
by rajo
Fri Jun 12, 2020 6:21 am
Forum: Announcements
Topic: v6.47 [stable] is released!
Replies: 348
Views: 171976

Re: v6.47 [stable] is released!

I'm also experiencing this issue and found that it happens when a client connects to an l2tp server that has multiple WAN IP's. This is not the case for me. Both my L2TP server and the clients, that cannot connect, have only one WAN IP. The L2TP server is on Google cloud and most of the L2TP client...
by rajo
Thu Jun 04, 2020 7:45 pm
Forum: Announcements
Topic: v6.47 [stable] is released!
Replies: 348
Views: 171976

Re: v6.47 [stable] is released!

Anyone else with a large number (over 130) of L2TP clients (only L2TP i.e. not L2TP/IPSec) notice that with 6.47, only a fraction (about 30 to 40) are able to connect to the router? I had to revert to 6.46.x to get my tunnels connected again.
by rajo
Wed Feb 20, 2019 6:48 am
Forum: General
Topic: Feature Request: Please enhance netwatch to be effective in WAN environments
Replies: 1
Views: 955

Feature Request: Please enhance netwatch to be effective in WAN environments

I would like to use netwatch for monitoring/recovering WANs, including 3G/LTE networks; however, the current implementation of netwatch lacks necessary flexibility and would needlessly trigger actions during intermittent or inconsequential outages. Could you please add the following enhancements: 1....
by rajo
Wed Oct 17, 2018 3:14 pm
Forum: RouterBOARD hardware
Topic: LtAP mini/kit with USB A host port?
Replies: 2
Views: 1200

Re: LtAP mini/kit with USB A host port?

But why? It already has place for two modems
Thinking about it more, a second Ethernet port would likely be more useful.
by rajo
Wed Oct 17, 2018 6:41 am
Forum: RouterBOARD hardware
Topic: LtAP mini/kit with USB A host port?
Replies: 2
Views: 1200

LtAP mini/kit with USB A host port?

What is the possibility of MikroTik making/releasing a device similar in form factor (or not much bigger) to LtAP mini LTE kit but with the addition of USB A host port (independent of the internal mPCI-e usb)? Bonus if it has dual Ethernet. I know I'm asking for a lot, but one can dream. :lol: Thanks
by rajo
Mon Sep 24, 2018 7:04 pm
Forum: RouterBOARD hardware
Topic: What type of USB adapter fits CA433U USB cutout?
Replies: 2
Views: 1390

Re: What type of USB adapter fits CA433U USB cutout?

It's intended to be used with microUSB, like in RB2011. See https://asp24.ru/obzory/obzor-mikrotik-routerboard-rb-2011uias-rm/ Wrong product. RBM33G does not have a microUSB port and my issue is with how to physically mount an accessible USB port from the RBM33G (which is much shorter than the CA43...
by rajo
Fri Sep 21, 2018 11:39 am
Forum: RouterBOARD hardware
Topic: What type of USB adapter fits CA433U USB cutout?
Replies: 2
Views: 1390

What type of USB adapter fits CA433U USB cutout?

Hi, There are three semicircular and one rectangular cutout on the rear-end of the CA433U case. I read that the rectangular cutout is for USB (which I need). What type of adapter/connector did MikroTik spec that cutout for? Where can I find one? Is there a specification name for that rectangular cut...
by rajo
Thu Apr 19, 2018 5:27 pm
Forum: Announcements
Topic: v6.42 [current]
Replies: 147
Views: 76670

Re: v6.42 [current]

@MikroTik: Could you please add robustness to your DHCP and PPPoE clients. They are unreliable and I have had to add scripts to restore connectivity after a drop. Right now, I've got a router with DHCP stuck in status "renewing..." and I have no default gateway. This should not happen. Mon...
by rajo
Thu Mar 22, 2018 8:08 pm
Forum: Announcements
Topic: v6.41.3 [current]
Replies: 139
Views: 57295

Re: v6.41.3 [current]

Not feeling that adventurous. Too bad Google uses the same IP blocks for everything; otherwise, I could have simply created a list for YouTube and used that.
by rajo
Thu Mar 22, 2018 6:44 pm
Forum: Announcements
Topic: v6.41.3 [current]
Replies: 139
Views: 57295

Re: v6.41.3 [current]

Oh OK. Thanks, Sob. So much for that.
by rajo
Thu Mar 22, 2018 6:31 pm
Forum: Announcements
Topic: v6.41.3 [current]
Replies: 139
Views: 57295

Re: v6.41.3 [current]

tls-host does not work with "mark-routing" mangle rules. We have two Internet connections and I want all YouTube traffic using the slower of the two Internet connections. Unfortunately, YouTube breaks, if I do this, because the tls-host feature is not working properly in this case. Here ar...
by rajo
Sat Dec 23, 2017 11:48 pm
Forum: Announcements
Topic: v6.41 [current]
Replies: 304
Views: 139519

Re: v6.41 [current]

rajo - Does the same issue appear if you set bridge mode back to "none"?
Yes. It flaps, if I set it back to "none." Power-cycling did not help.
by rajo
Fri Dec 22, 2017 6:25 pm
Forum: Announcements
Topic: v6.41 [current]
Replies: 304
Views: 139519

Re: v6.41 [current]

Ran into the following bug with upgrading an RB450 from 6.40.4 to 6.41: NOTE: It appears I must have had the old configuration of ether2 being master and ether3 to ether5 being slaves 1. I performed the upgrade via the console 2. When the router rebooted, ether1 was stable, but ether2 to ether5 were...
by rajo
Tue Sep 20, 2016 8:16 pm
Forum: Announcements
Topic: v6.37rc [release candidate] is released, only one wireless package!
Replies: 320
Views: 102506

Re: v6.37rc [release candidate] is released, only one wireless package!

It does make sense. The NTP package provides an NTP server and it works with fixed server addresses. Sure it would be nice if there was the possibility to use DNS names there, but you should understand that in that case the DNS names would be resolved only one time after router reboot. And there ma...
by rajo
Tue Sep 20, 2016 7:17 pm
Forum: Announcements
Topic: v6.37rc [release candidate] is released, only one wireless package!
Replies: 320
Views: 102506

Re: v6.37rc [release candidate] is released, only one wireless package!

if you don't need ntp server don't have any reason to use ntp package.
Thanks! That was the issue.

@MikroTik, please fix the inconsistency. It doesn't make sense to me that the server-dns-names option should not be available with the NTP package installed.
by rajo
Tue Sep 20, 2016 5:51 pm
Forum: Announcements
Topic: v6.37rc [release candidate] is released, only one wireless package!
Replies: 320
Views: 102506

Re: v6.37rc [release candidate] is released, only one wireless package!

It is supported for a while already or you are looking some other setting: /system ntp client set server-dns-names=NTP_SERVER_NAME I don't have server-dns-names as a configuration parameter. These are the options I have on MikroTik hardware: [admin@MikroTik] > system ntp client set enabled mode pri...
by rajo
Tue Sep 20, 2016 5:16 pm
Forum: Announcements
Topic: v6.37rc [release candidate] is released, only one wireless package!
Replies: 320
Views: 102506

Re: v6.37rc [release candidate] is released, only one wireless package!

Is there any reason why NTP client still does not support DNS? It would be great if I could finally get rid of my script for this.
by rajo
Tue Aug 30, 2016 6:13 pm
Forum: General
Topic: Why is 6.35.x not on the download page?
Replies: 1
Views: 1309

Why is 6.35.x not on the download page?

Is there something wrong with 6.35.x that's leading to its exclusion from the download page?
by rajo
Fri Jul 22, 2016 6:58 pm
Forum: Announcements
Topic: v6.36 [current] is released!
Replies: 183
Views: 72593

Re: v6.36 [current] is released!

The interface list matcher needs some serious performance optimization. I converted my firewall filters, mangle and NAT rules to using interface lists and performance tanked up to 50 %. If I disable my simple queues, I'm able to regain the lost performance; however, that's not a solution.  I've now ...
by rajo
Wed Sep 16, 2015 2:54 pm
Forum: General
Topic: [Request] VRRP track interface or address
Replies: 2
Views: 1788

[Request] VRRP track interface or address

With Cisco HSRP, you can make fail-over track the state of another interface. For instance, you can make a LAN interface fail-over if an upstream interface is down. It would be great if MikroTik could add such capability to the VRRP configuration, so that VRRP fail-over can be forced if either anoth...
by rajo
Tue Sep 01, 2015 6:05 pm
Forum: Announcements
Topic: v6.32 released [version temporarily removed]
Replies: 116
Views: 47474

Re: v6.32 released

By the way, dragging and dropping multiple items (e.g. firewall, NAT, and mangle rules) in Winbox is broken since probably 6.30.

You can select multiple items, but when you drag and drop, only the item you clicked to drag gets moved.
by rajo
Tue Sep 01, 2015 5:58 pm
Forum: Announcements
Topic: v6.32 released [version temporarily removed]
Replies: 116
Views: 47474

Re: v6.32 released

There were numerous complaints about this in the v6.31 topic. I have not written to support, because I have only 1 affected device. It is not reachable (can't login to make supout) and I can not powercycle it. I am waiting for some power outage so I can log in and upload older or newer fixed router...
by rajo
Thu Aug 20, 2015 2:58 pm
Forum: Announcements
Topic: 6.31 released
Replies: 227
Views: 78004

Re: 6.31 released

rajo - Are you using MetaROUTER? No. I am not using MetaROUTER. I did create a supout; however, I am very reluctant to send it, because (if a third party got hold of it), it could allow access into our internal network, since the supout generation process does not randomize password and encryption ...
by rajo
Wed Aug 19, 2015 5:40 pm
Forum: Announcements
Topic: 6.31 released
Replies: 227
Views: 78004

Re: 6.31 released

Anyone with reboot issues, please try v6.32rc1 that we just released. Let us know if this helps.
I obviously replied too soon. Got a lockup reboot on an RB450G with v6.32rc1. This time it took about 50 minutes for it to happen. Going back to 6.30.2
by rajo
Tue Aug 18, 2015 3:09 pm
Forum: Announcements
Topic: 6.31 released
Replies: 227
Views: 78004

Re: 6.31 released

We have found out that there are two things which causes reboot on router with RouterOS 6.31. Routers with PoE-OUT are rebooting themselves and also routers which has MetaROUTER. Is there any other router rebooting itself with 6.31 which does not have PoE-OUT or MetaROUTER on it? I don't have eithe...
by rajo
Mon Dec 15, 2014 10:07 am
Forum: Announcements
Topic: 6.23 released!
Replies: 143
Views: 73084

Re: 6.23 released!

There's been a significant decrease in the performance of simple queues on the RB450G since RouterOS v6.20. The performance degradation has been on the orders of about 16 percent when compared to RouterOS v6.19. I notice that with v6.21, the following is in the changelog: *) fixed queues - could ha...
by rajo
Fri Dec 12, 2014 11:28 am
Forum: Announcements
Topic: 6.23 released!
Replies: 143
Views: 73084

Re: 6.23 released!

There's been a significant decrease in the performance of simple queues on the RB450G since RouterOS v6.20. The performance degradation has been on the orders of about 16 percent when compared to RouterOS v6.19. I notice that with v6.21, the following is in the changelog: *) fixed queues - could hav...
by rajo
Wed Aug 13, 2014 5:30 pm
Forum: General
Topic: [FIXED in 6.19rc7] Please fix dns-update tool regression...
Replies: 3
Views: 2158

Re: [FIXED in 6.19rc7] Please fix dns-update tool regression

This is now fixed in 6.19rc7.

Thanks, MikroTik.
by rajo
Wed Aug 13, 2014 2:58 pm
Forum: General
Topic: [FIXED in 6.19rc7] Please fix dns-update tool regression...
Replies: 3
Views: 2158

Re: Please fix dns-update tool regression in ROS 6.x

What version of BIND are you using and on what platform?
by rajo
Wed Aug 13, 2014 5:55 am
Forum: General
Topic: [FIXED in 6.19rc7] Please fix dns-update tool regression...
Replies: 3
Views: 2158

[FIXED in 6.19rc7] Please fix dns-update tool regression...

There is a regression in the dns-update tool in RouterOS 6.x. It is registering A records with the host name missing. You end up with an A record having only the IP address and no name.

This worked in 5.25 but is completely broken in 6.18.

Thanks
by rajo
Wed Feb 05, 2014 12:57 pm
Forum: General
Topic: Feature requests
Replies: 1740
Views: 631875

Re: Feature requests

Please add bidirectional PIM support It would be great if MikroTik would support bidirectional PIM, as we deploy for our 2-way radio over IP networks. As is, when sending multicast traffic back to the original sender (i.e. the receiver is also a sender) we get RouterOS complaining that it has no RP ...
by rajo
Fri Oct 18, 2013 6:42 am
Forum: General
Topic: 6.5 released!
Replies: 185
Views: 87479

Re: 6.5 released!

Is MikroTik going to fix the broken scripting handling of arrays, introduced with 6.2? I posted about the issue, but MikroTik completely completely ignored my post. In case is was simply missed, I repeat it here (with version number updates). I would greatly appreciate if MikroTik does not simply ig...
by rajo
Thu Oct 10, 2013 7:26 am
Forum: General
Topic: v6.4 released
Replies: 170
Views: 77594

Re: v6.4 released

@MikroTik: There was a bug that was reported about RouterOS not responding to L2TP connections using the same interface the original request came in on, where there are multiple Internet-bound interfaces. The primary issue being that RouterOS defaults to sending everything out the interface having a...
by rajo
Mon Oct 07, 2013 9:32 am
Forum: General
Topic: v6.4 released
Replies: 170
Views: 77594

Re: v6.4 released

@Mikrotik Please add back the ability to retrieve array keys. The capability is now completely missing in 6.4 and makes using arrays difficult, if they key names are unknown. This capability seems to have regressed starting with 6.2 (i.e. the ability to reference array elements using word keys. The ...
by rajo
Fri Oct 04, 2013 4:20 am
Forum: Scripting
Topic: Impossible to retrieve array key names with 6.4
Replies: 1
Views: 2619

Impossible to retrieve array key names with 6.4

I have a script that can monitor any UPS. I alert on only certain parameters; however, I report all parameters. With 5.x, I used a foreach loop to access known key/value pairs. With 6.4, I had to change that to something like this: :set OnLine ($upsstat -> "on-line") :set LineVoltage ($ups...
by rajo
Fri Nov 30, 2012 5:58 pm
Forum: General
Topic: Please support terminating EoIP and IPIP tunnels on VRRP Int
Replies: 2
Views: 2712

Re: Please support terminating EoIP and IPIP tunnels on VRRP

Why not make 2 ipip tunnels and run ospf over it? I'm running ipsec encrypted ipip tunnels with ospf for a long time without problems . I'm referring to terminating the tunnels on a VRRP interface as opposed to only the physical interface, irrespective of tunneling method used. I need this because ...
by rajo
Wed Nov 28, 2012 5:44 pm
Forum: General
Topic: Please support terminating EoIP and IPIP tunnels on VRRP Int
Replies: 2
Views: 2712

Please support terminating EoIP and IPIP tunnels on VRRP Int

Please add support for terminating EoIP and IPIP tunnels on a VRRP Interface. Currently, if I terminate a mix of EoIP and IPIP tunnels on a VRRP interface, only one of the EoIP tunnels will come up (after a long wait). The other tunnels will never come up. Only when I terminate the tunnels on the ph...
by rajo
Thu Nov 03, 2011 5:30 am
Forum: General
Topic: RouterOS v5.8 released
Replies: 182
Views: 102052

Re: RouterOS v5.8 released

Version 5.8 breaks IPIP tunnels (on RouterBOARD 450).

We have IPIP tunnels to Cisco routers. With all versions prior to 5.8, it works. With 5.8 it breaks -- cannot establish IPIP tunnels. Had to downgrade to 5.7 to get IPIP working again.