Community discussions

Search found 73 matches

  • 1
  • 2
by nbeacham
Sat Jan 16, 2016 11:43 pm
Forum: General
Topic: No client hotspot connectivity after reload
Replies: 1
Views: 145

Re: No client hotspot connectivity after reload

We just found that removing all connections in ip->firewall->Connections that this resolved the issue for all clients...Any idea why this would be?
by nbeacham
Sat Jan 16, 2016 11:24 pm
Forum: General
Topic: No client hotspot connectivity after reload
Replies: 1
Views: 145

No client hotspot connectivity after reload

We are running into a problem where a Mikrotik will reload, once it comes back up some clients authenticated through the hotspot can no longer get online unless we remove their DHCP lease and have them reload the router. We are using Hotspot to authenticate and authorize LAN clients with MAC authent...
by nbeacham
Wed Dec 23, 2015 6:54 pm
Forum: General
Topic: Simple Queue with User Manager and DHCP
Replies: 0
Views: 1028

Simple Queue with User Manager and DHCP

Is there a way to create a simple queue when using DHCP Radius and User Manager? I've set up the profiles and was able to get DHCP Radius to work with User Manager, but no simple queue is created. Is there a way to go about this?
by nbeacham
Wed Dec 16, 2015 12:05 am
Forum: General
Topic: hotspot and open recursive DNS attacks
Replies: 1
Views: 217

hotspot and open recursive DNS attacks

We have several hotspot deployments and have ran into a problem where they are being used as an Open Resolver in DNS slow drip DDoS attacks. We have tried to mitigate it by dropping input packets destined for UDP and TCP port 53, however this seems to effect our clients. The reason this is impacting...
by nbeacham
Sat Oct 03, 2015 1:12 pm
Forum: General
Topic: Can't ping unless torching interface
Replies: 6
Views: 318

Re: Can't ping unless torching interface

It's such a minor problem that downgrading isn't necessary. It's a quirky problem thus the post, but not service impacting. Also, it's only on this CCR, we have several deployed that are experiencing no issues with the latest OS.
by nbeacham
Fri Oct 02, 2015 5:17 pm
Forum: General
Topic: Can't ping unless torching interface
Replies: 6
Views: 318

Re: Can't ping unless torching interface

We actually haven't tried a reboot since this issue popped up. This only started happening after we rebooted it a few nights back after our fiber went down and the Mikrotik didn't recover for some reason. I'm beginning to suspect the Mikrotik may be bad, we've updated the OS to the latest as well.
by nbeacham
Fri Oct 02, 2015 5:03 pm
Forum: General
Topic: Can't ping unless torching interface
Replies: 6
Views: 318

Re: Can't ping unless torching interface

I just tried to switch it to on and that didn't seem to do the trick. I'm still seeing the same symptoms.
by nbeacham
Thu Oct 01, 2015 12:29 am
Forum: General
Topic: Can't ping unless torching interface
Replies: 6
Views: 318

Can't ping unless torching interface

So we ran into a small issue today. We have a CCR that we've configured with the switch settings. One of our devices behind it stopped responding to pings and remote management but was still passing traffic. While troubleshooting I started to torch the interface and it started responding to pings. t...
by nbeacham
Fri Sep 18, 2015 4:26 pm
Forum: General
Topic: Can't ping past Vlan over GRE!
Replies: 4
Views: 738

Re: Can't ping past Vlan over GRE!

Have you tried using an EoIP connection instead of a GRE? :D While I've considered it, It's not the technology we want to implement in this case. I don't think it's the GRE causing the problem, I think it's a problem with my routing or firewall. I can ping the IP address of the VLAN 10 interface, b...
by nbeacham
Thu Sep 17, 2015 7:53 pm
Forum: General
Topic: Can't ping past Vlan over GRE!
Replies: 4
Views: 738

Re: Can't ping past Vlan over GRE!

I changed the Tunnel but that didn't seem to do it. I'll have a look around, it might be in my firewall rules. Here is one end src-address=207.x.x.29/32 src-port=any dst-address=68.x.x.226/32 dst-port=any protocol=gre action=encrypt level=require ipsec-protocols=esp tunnel=no sa-src-address=207.x.x....
by nbeacham
Thu Sep 17, 2015 5:34 pm
Forum: General
Topic: Can't ping past Vlan over GRE!
Replies: 4
Views: 738

Can't ping past Vlan over GRE!

I have a setup where I'm managing some devices behind a GRE IPSEC tunnel. I can ping the VLAN interface itself, but anything behind it I can't ping. I've pasted in my scrubbed config below. Any assistance would help. set [ find default-name=ether1 ] comment="Springs @ Estero" set [ find default-name...
by nbeacham
Tue Dec 16, 2014 11:43 pm
Forum: Scripting
Topic: Update remote database with new DHCP lease
Replies: 5
Views: 1397

Re: Update remote database with new DHCP lease

I ended up doing this via lease scripts. I'm getting the IP and the bound MAC ID and sending it to a remote server to store in a mongoDB collection. I then run that collection against my Subscriber collection to find the associated the MAC ID and reference the IP to that subscriber. Because I can ch...
by nbeacham
Thu Nov 20, 2014 8:34 pm
Forum: The User Manager
Topic: User Sign up and MAC authentication
Replies: 0
Views: 989

User Sign up and MAC authentication

I'll try to be brief with this. Currently, we have a customer 'walled-garden' in place where a user enters their account number and pin. It authenticates to a mongoDB to verity they are active and then utilizes the Mikrotik API to create the user on the Mikrotik and activate the host. We are looking...
by nbeacham
Thu Oct 30, 2014 3:23 pm
Forum: General
Topic: Admin password defaults itself
Replies: 2
Views: 661

Admin password defaults itself

We have a CCR1009-8G-1s-1s+ running version 6.15. Recently, the admin password has been defaulting on it's own leaving a blank password. Nothing in the logs indicates why this is occurring. I don't know what time frame it's happening in, but I know when I set the password back on the admin user and ...
by nbeacham
Wed Oct 29, 2014 9:53 pm
Forum: Scripting
Topic: Update remote database with new DHCP lease
Replies: 5
Views: 1397

Update remote database with new DHCP lease

I'm in a situation where I need to log in a database the time, date, IP address, and MAC address every time a DHCP lease is assigned on the Mikrotik. We have several deployed, and I don't have any backend system set up yet but I want to know if anyone is doing anything like this and how they are doi...
by nbeacham
Wed Oct 15, 2014 5:59 pm
Forum: General
Topic: RB2011UiAS SNMP issues.
Replies: 1
Views: 428

RB2011UiAS SNMP issues.

RB2011UiAS and SNMP don't seem to get along. I'm running both v6.14 and 6.19 on two seperate devices. Both seem to peg out the CPU when doing an SNMP walk on them, more specifically when it gets to the arp/ndp table portion. It will hang there for about 200 seconds before moving on. Anyone else seei...
by nbeacham
Fri Oct 10, 2014 12:38 am
Forum: General
Topic: Queue all users at 100Mbps down/up
Replies: 1
Views: 437

Queue all users at 100Mbps down/up

We are deploying a new property and offering 100Mbps download and upload to all users. We have the mikrotik serving DHCP from a /25 pool. Typically we use hotspot with MAC authentication for customer queuing, but because we are offering the 100Mbps to all customers, I'm trying to find the most effic...
by nbeacham
Thu Sep 11, 2014 9:10 pm
Forum: General
Topic: hotspot and allowed ports
Replies: 2
Views: 355

Re: hotspot and allowed ports

input - used to process packets entering the router through one of the interfaces with the destination IP address which is one of the router's addresses. Packets passing through the router are not processed against the rules of the input chain
by nbeacham
Thu Sep 11, 2014 8:39 pm
Forum: General
Topic: hotspot and allowed ports
Replies: 2
Views: 355

hotspot and allowed ports

I have a customer who wishes to be able to access their personal Mikrotik that is behind our hotspot via port 8291 and it doesn't appear to be working. They also wish to access port 4242 as that is what they have their SSH services set up as. I've tried the following filter rules and they don't appe...
by nbeacham
Wed Sep 10, 2014 2:24 pm
Forum: General
Topic: CCR Performance
Replies: 5
Views: 898

Re: CCR Performance

Are you going to be doing just BGP and routing, or are you going to use filters on the traffic as well? We have 3 in production doing multi gigabit routing, each with full BGP tables from at least 3 peers, and they aren't breaking a sweat. We don't have any queues or firewall filters though, so I c...
by nbeacham
Tue Sep 09, 2014 5:43 pm
Forum: General
Topic: CCR Performance
Replies: 5
Views: 898

CCR Performance

We are a small sized ISP looking to expand. Currently supporting +/- 3000 customers with the potential for more in the coming years. We are looking to replace our 7204 core router that currently handles BGP Peering and routing for our entire production and management network with something different...
by nbeacham
Tue Aug 12, 2014 2:25 pm
Forum: General
Topic: Binding Mac addresses to certain users on Hotspot
Replies: 3
Views: 439

Re: Binding Mac addresses to certain users on Hotspot

You can switch to MAC authentication and set their user name as the MAC address.
by nbeacham
Tue May 20, 2014 5:51 pm
Forum: General
Topic: Hardware questions
Replies: 1
Views: 257

Hardware questions

Is there a routerboard other then the CCR that has duel SFP ports? We are wanting to replace a Edgerouter with a Mikrotik to utilize the hotspot functionality, but require two SFP ports.
by nbeacham
Mon May 05, 2014 8:51 pm
Forum: General
Topic: Install routerOS on powercode BMU
Replies: 4
Views: 904

Re: Install routerOS on powercode BMU

certainly, just as soon as I re-install it. I forgot to apply a license to it after I installed it and essentially bricked it until I can re-flash it.
by nbeacham
Fri May 02, 2014 2:59 am
Forum: General
Topic: Open source management software
Replies: 3
Views: 919

Re: Open source management software

PRTG isn't free, nor do i think you can manage mikrotik with it.

I'm looking for something built around the api where i can manage each device.
by nbeacham
Thu May 01, 2014 6:35 pm
Forum: Wireless Networking
Topic: mikrotik product similar to AirFiber
Replies: 18
Views: 2746

Re: mikrotik product similar to AirFiber

Again, I think you are confusing throughput with link capacity. The throughput is only what is currently passing through the AF. So what you are seeing may actually be what is passing through. To get a proper performance metric, you would have to run a traffic generator. As I have a production link,...
by nbeacham
Thu May 01, 2014 2:09 pm
Forum: Wireless Networking
Topic: mikrotik product similar to AirFiber
Replies: 18
Views: 2746

Re: mikrotik product similar to AirFiber

Note that the throughout is the current throughout across the af. It's doubtful that anyone is pushing near a gig at any one time unless it's a backbone connection.
Our one link is roughly 1km and only ever has about 20Mb going across it. But it has a capacity near 740Mb
by nbeacham
Wed Apr 30, 2014 2:44 pm
Forum: Wireless Networking
Topic: mikrotik product similar to AirFiber
Replies: 18
Views: 2746

Re: mikrotik product similar to AirFiber

Thank you blue
by nbeacham
Wed Apr 30, 2014 2:16 pm
Forum: Wireless Networking
Topic: mikrotik product similar to AirFiber
Replies: 18
Views: 2746

Re: mikrotik product similar to AirFiber

When I get to the office I'll post the current speed and distance. But if the answer is simply that there is no comparable antenna, than thank you. And we are using af24
by nbeacham
Wed Apr 30, 2014 12:31 pm
Forum: Wireless Networking
Topic: mikrotik product similar to AirFiber
Replies: 18
Views: 2746

Re: mikrotik product similar to AirFiber

Yes. However i don't see how that pertains to my question.
by nbeacham
Tue Apr 29, 2014 10:59 pm
Forum: Wireless Networking
Topic: mikrotik product similar to AirFiber
Replies: 18
Views: 2746

mikrotik product similar to AirFiber

Does Mikrotik/Routerboard manufacture an antenna that can get similar link speeds as AirFiber?
by nbeacham
Tue Apr 29, 2014 7:12 pm
Forum: General
Topic: Install routerOS on powercode BMU
Replies: 4
Views: 904

Re: Install routerOS on powercode BMU

Actually, we found that I can remove the compact flash card and netinstall to it.
by nbeacham
Mon Apr 28, 2014 7:08 pm
Forum: General
Topic: Open source management software
Replies: 3
Views: 919

Open source management software

Is there any other solution other than The Dude and MikroBill that allow me to manage all my Mikrotik's and implement billing in the future?
by nbeacham
Thu Apr 24, 2014 7:23 pm
Forum: Scripting
Topic: make user from host hotspot
Replies: 3
Views: 930

Re: make user from host hotspot

This worked wonderfully, thank you very much.

ros code

:foreach tmpHost in=[/ip hotspot host find where !authorized] do={
  :local hostMAC value=[/ip hotspot host get $tmpHost value-name=mac-address];
  /ip hotspot user add name=$hostMAC profile=5/5;
  /ip hotspot host remove $tmpHost;
}
by nbeacham
Thu Apr 24, 2014 6:49 pm
Forum: Scripting
Topic: make user from host hotspot
Replies: 3
Views: 930

make user from host hotspot

I'm trying to write a script that will create a hotspot user based on the unauthorized dynamic hosts in the hotspot. This is a one time script that we will use to quickly turn up a hotspot device and then we will apply proper queuing after the fact. Because we are using MAC authentication, I'm tryin...
by nbeacham
Thu Apr 24, 2014 5:07 pm
Forum: General
Topic: Install routerOS on powercode BMU
Replies: 4
Views: 904

Install routerOS on powercode BMU

How would one go about installing routerOS on a powercode NX216 BMU? We will have a few unused ones and would like to recycle them into routerOS devices.
by nbeacham
Sat Apr 19, 2014 2:53 pm
Forum: Wireless Networking
Topic: Apple products web page loading problems
Replies: 3
Views: 1051

Re: Apple products web page loading problems

I've the same problem on 6.11
by nbeacham
Sat Apr 19, 2014 5:46 am
Forum: Wireless Networking
Topic: Apple devices & Mikrotik
Replies: 30
Views: 24374

Re: Apple devices & Mikrotik

I'm having this same problem with apple products and the hotspot. I have to create a bypass also. If you build a simple queue targeting the users ip, it at least throttles them. Would be nice to know a walk around. I use Mac authentication for my login.
by nbeacham
Sat Apr 19, 2014 12:47 am
Forum: General
Topic: CCR1036 performance questions
Replies: 2
Views: 517

Re: CCR1036 performance questions

No one has any performance statistics they are willing to share?
by nbeacham
Fri Apr 18, 2014 7:26 pm
Forum: General
Topic: CCR1036 performance questions
Replies: 2
Views: 517

CCR1036 performance questions

We are looking at options to replace our 7204VXR. The CCR1036 looks more than capable of doing what we need. We only have 1 uplink at 1 GB with one BGP peer. There are approximately 72 sub interfaces configured, this is our core router and all traffic comes through it. My question is, does anyone cu...
by nbeacham
Mon Apr 07, 2014 8:09 pm
Forum: General
Topic: Offload dns with hotspot.
Replies: 5
Views: 2389

Re: Offload dns with hotspot.

this method seems to have worked with both simple queues and PCQ queuing. I appreciate it.
by nbeacham
Sat Apr 05, 2014 8:35 pm
Forum: General
Topic: Offload dns with hotspot.
Replies: 5
Views: 2389

Re: Offload dns with hotspot.

Thank you, I'll give it a shot Monday
by nbeacham
Sat Apr 05, 2014 3:32 pm
Forum: General
Topic: Offload dns with hotspot.
Replies: 5
Views: 2389

Re: Offload dns with hotspot.

According to this mum it can be done. http://mum.mikrotik.com/presentations/US10/FelixWindt.pdf I'm sure it can be done with authorized users, but I've no idea how. It also says it's possible in the official documentation. We are utilizing mac authentication for our clients as it is. http://wiki.mik...
by nbeacham
Sat Apr 05, 2014 4:40 am
Forum: General
Topic: Offload dns with hotspot.
Replies: 5
Views: 2389

Offload dns with hotspot.

Essentially I want to offload the dns to another sever so that the router isn't handling dns requests. How can this be done? I've seen it mentioned a couple of times, but have seen no examples if how to do it.
by nbeacham
Thu Apr 03, 2014 10:29 pm
Forum: The User Manager
Topic: redirect unpaid hotspot users
Replies: 1
Views: 1210

redirect unpaid hotspot users

With out using user manager, I want to know if there is a way to redirect unpaid users to a page informing them they have been disconnected until they call in to make a payment. I've thought of making a specific profile that will add an incomming and outgoing packet mark and then redirect based on t...
by nbeacham
Wed Apr 02, 2014 11:56 pm
Forum: General
Topic: how to Pass VLAN from WAN to LAN
Replies: 20
Views: 2537

Re: how to Pass VLAN from WAN to LAN

That has been done. Thank you again for all of the assistance.
by nbeacham
Wed Apr 02, 2014 11:27 pm
Forum: General
Topic: how to Pass VLAN from WAN to LAN
Replies: 20
Views: 2537

Re: how to Pass VLAN from WAN to LAN

Okay, so I got it working. I moved ether1-vlan10 and ether1-vlan30 to the ether2-master-local interface. I then added ether1-gateway as a slave of ether2. Vlan table is as such add independent-learning=no ports=ether1-gateway,ether2-master-local,switch1-cpu switch=switch1 vlan-id=10 add independent-...
by nbeacham
Wed Apr 02, 2014 10:56 pm
Forum: General
Topic: how to Pass VLAN from WAN to LAN
Replies: 20
Views: 2537

Re: how to Pass VLAN from WAN to LAN

Thank you very much for the support.
by nbeacham
Wed Apr 02, 2014 10:52 pm
Forum: General
Topic: how to Pass VLAN from WAN to LAN
Replies: 20
Views: 2537

Re: how to Pass VLAN from WAN to LAN

I'm on my phone now, but I can give a mini answer. Basically you can either make all the ports part of the switch group and then use the switch chip to do it... Or you can add vlan10 to ether2 and use a bridge. Sent from my SCH-I545 using Tapatalk Okay, when I tried to bridge it last time I lost al...
by nbeacham
Wed Apr 02, 2014 10:50 pm
Forum: General
Topic: how to Pass VLAN from WAN to LAN
Replies: 20
Views: 2537

Re: how to Pass VLAN from WAN to LAN

Here is a basic pictures of what I mean.

Red = VLAN 10
Black = VLAN 30

The remaining three colors are Vlans 100, 200, and 300.
  • 1
  • 2