Community discussions

Search found 1037 matches

  • 1
  • 2
  • 3
  • 4
  • 5
  • 21
by andriys
Tue Oct 23, 2018 12:25 pm
Forum: Announcements
Topic: v6.43.4 [stable] is released!
Replies: 64
Views: 11304

Re: v6.43.4 [stable] is released!

When I set comment for PPTP client, it reconnect ! New feature ? It has always been like that. Changing comment on any interface brings that interface down and then back up. PS. The next time you post to a release topic please make sure you are reporting a problems that is specific to (was introduc...
by andriys
Tue Oct 23, 2018 10:31 am
Forum: Announcements
Topic: v6.42.9 [long-term] is released!
Replies: 119
Views: 16954

Re: v6.42.9 [long-term] is released!

Any chance of 6.42.10 with the IP Traffic Flow NAT fixes ?
Can you provide more details (or a link) of what's broken, please?
by andriys
Thu Oct 18, 2018 4:25 pm
Forum: Announcements
Topic: v6.43.4 [stable] is released!
Replies: 64
Views: 11304

Re: v6.43.4 [stable] is released!

This IPsec bug still not fixed https://forum.mikrotik.com/viewtopic.php?f=2&t=136445 What is the purpose of writing this in all version-specific topics? This is clearly not a regression since the previous version, so please stop. Have you written to support, by the way? In case you have, did they a...
by andriys
Thu Oct 18, 2018 9:35 am
Forum: Announcements
Topic: v6.43.1 [stable] and v6.43.2 [stable] are released!
Replies: 186
Views: 25313

Re: v6.43.1 [stable] and v6.43.2 [stable] are released!

Ah, nice suggestion but, all my laptops are Pro type and I have real serial ports on them :-) The key here is that TTL serial and RS232 are somewhat different beasts- they differ at least in the voltage levels (while on the protocol level they must be compatible). You can easily damage TTL serial p...
by andriys
Tue Oct 16, 2018 11:00 am
Forum: Announcements
Topic: v6.44beta [testing] is released!
Replies: 164
Views: 27913

Re: v6.44beta [testing] is released!

I really hope that the new iPhone Xs/XsMax 5GHz AC problem is resolved before the 6.44 production release. https://forum.mikrotik.com/viewtopic.php?f=7&t=139608&sid=c812125039cd5699bb02c1cae5c96b71 Reading through the topic you've linked to makes me think it is an iPhone's problem, not Mikrotik's o...
by andriys
Sat Oct 06, 2018 1:41 pm
Forum: Announcements
Topic: v6.43.1 [stable] and v6.43.2 [stable] are released!
Replies: 186
Views: 25313

Re: v6.43.1 [stable] and v6.43.2 [stable] are released!

After upgrading to 6.43.2 from 6.42.7 you can no longer have multiple IPsec peers to the same destination IP but with different source addresses. This regression is said to be fixed in 6.44beta14. Please check the change log in the post here . And I'd expect this kind fix to be merged to 6.42.x lat...
by andriys
Thu Oct 04, 2018 1:00 pm
Forum: Announcements
Topic: v6.42.9 [long-term] is released!
Replies: 119
Views: 16954

Re: v6.42.9 [long-term] is released!

... that the plaintext password file was not replaced/deleted ... Sure it was not. Do you read the release notes? What's new in 6.43 (2018-Sep-06 12:44): ... *) user - all passwords are now hashed and encrypted, plaintext passwords are kept for downgrade (will be removed in later upgrades) ;
by andriys
Thu Sep 27, 2018 12:14 pm
Forum: Announcements
Topic: v6.43.1 [stable] and v6.43.2 [stable] are released!
Replies: 186
Views: 25313

Re: v6.43.1 [stable] and v6.43.2 [stable] is released!

The ROS is changing the actual MTU if I change the method, ... , but If a Mikrotik document doesnt write other (please link it for me if exists), It should work, but it doesnt. The IPIP wiki page says the default is 1500. Nothing is said about MTU being automatically/dynamically adjusted, so I assu...
by andriys
Wed Sep 26, 2018 7:46 pm
Forum: Announcements
Topic: v6.43.1 [stable] and v6.43.2 [stable] are released!
Replies: 186
Views: 25313

Re: v6.43.1 [stable] and v6.43.2 [stable] is released!

It seems that bridge gets it's MAC automatically from the first port connected to it - dynamically changing this whenever the config change is made....
This is actually a documented behavior...
by andriys
Wed Sep 26, 2018 12:48 pm
Forum: Announcements
Topic: v6.43.1 [stable] and v6.43.2 [stable] are released!
Replies: 186
Views: 25313

Re: v6.43.1 [stable] and v6.43.2 [stable] is released!

If I change the keying method from SHA1 to SHA256, the IPIPv6 reconnect and after thet the new TCP connections are broken, but ping works. What next now? Check if the MTU settings on your tunnel interfaces are correct. In case you rely on RouterOS to calculate it automatically try setting it to the...
by andriys
Tue Sep 25, 2018 10:10 am
Forum: Announcements
Topic: v6.43.1 [stable] and v6.43.2 [stable] are released!
Replies: 186
Views: 25313

Re: v6.43.1 [stable] and v6.43.2 [stable] is released!

Rather then doing MSS clamping you'd better fix your firewall to allow PMTUD to function properly across your tunnel...
by andriys
Mon Sep 24, 2018 7:57 pm
Forum: Announcements
Topic: v6.43.1 [stable] and v6.43.2 [stable] are released!
Replies: 186
Views: 25313

Re: v6.43.1 [stable] and v6.43.2 [stable] is released!

Can you provide link to the documentation
Look at the very bottom of this wiki page (in the "Winbox" section).
by andriys
Mon Sep 24, 2018 7:24 pm
Forum: Announcements
Topic: v6.43.1 [stable] and v6.43.2 [stable] are released!
Replies: 186
Views: 25313

Re: v6.43.1 [stable] and v6.43.2 [stable] is released!

Current TX Power = 0dBm
Current TX power readings are not supported for 802.11ac-capable wireless cards. That's a known (and documented!) limitation that has always been there.
by andriys
Fri Sep 21, 2018 11:15 am
Forum: Announcements
Topic: v6.43.1 [stable] and v6.43.2 [stable] are released!
Replies: 186
Views: 25313

Re: v6.43.1 [stable] and v6.43.2 [stable] is released!

ssbaksa, what is in /tool profile?
by andriys
Thu Sep 20, 2018 9:42 pm
Forum: Announcements
Topic: v6.43.1 [stable] and v6.43.2 [stable] are released!
Replies: 186
Views: 25313

Re: v6.43.1 [stable] and v6.43.2 [stable] is released!

bugfix-only/long-term named 'stable' instead?
I have a theory that they may want to support 6.40.x line (the last release branch before the bridge overhaul) for an extended period of time, hence the "long-term". This does not justify, however, renaming "current" to "stable".
by andriys
Thu Sep 20, 2018 5:43 pm
Forum: Announcements
Topic: v6.43.1 [stable] and v6.43.2 [stable] are released!
Replies: 186
Views: 25313

Re: v6.43.1 [stable] and v6.43.2 [stable] is released!

Perhaps "current" really was the correct name.
Indeed!
by andriys
Thu Sep 20, 2018 12:58 pm
Forum: Announcements
Topic: Winbox vulnerability: please upgrade
Replies: 275
Views: 37633

Re: Winbox vulnerability: please upgrade

No it does not, unless you scheduled automatic restarts. It's getting a bit off-topic, but still. The default behavior of Windows 10 is to always install updates automatically as soon as they become available, and then force automatic reboot somewhen outside of a (somewhat) configurable "activity p...
by andriys
Thu Sep 20, 2018 11:16 am
Forum: Announcements
Topic: Winbox vulnerability: please upgrade
Replies: 275
Views: 37633

Re: Winbox vulnerability: please upgrade

Even your "beloved" Microsoft does not force reboots.
In Windows 10 it does, actually.
by andriys
Tue Sep 18, 2018 6:35 pm
Forum: Announcements
Topic: v6.43.1 [stable] and v6.43.2 [stable] are released!
Replies: 186
Views: 25313

Re: v6.43.1 [stable] is released!

Where is bugreport page or bugtracker?
Write an email to support@mikrotik.com
by andriys
Tue Sep 18, 2018 10:39 am
Forum: Announcements
Topic: v6.44beta [testing] is released!
Replies: 164
Views: 27913

Re: v6.44beta [testing] is released!

!) cloud - added command "/system backup cloud" for backup storing on cloud (CLI only);

Two questions:
  • Can this cloud backup be encrypted?
  • Since Mikrotik cloud services are bound to the device's serial number, is there any way to retrieve a backup when the original device is lost?
by andriys
Tue Sep 18, 2018 10:31 am
Forum: Announcements
Topic: Newsletter #84
Replies: 47
Views: 9360

Re: Newsletter #84

I want to confirm if Mikrotik has enabled in the RouterOS to leverage the HW encryption / decryption for AES algorithm used in IPSec Acceleration also applied to OpenVPN Acceleration (aside the issue that only TCP is supported and is slower). What's the point in asking the same question again and a...
by andriys
Wed Sep 12, 2018 12:26 pm
Forum: Announcements
Topic: Newsletter #84
Replies: 47
Views: 9360

Re: Newsletter #84

I'll bet their market share in the WISP industry today is much smaller then it was 10 years ago.
There are lots of other markets other then WISP...
by andriys
Tue Sep 11, 2018 10:12 am
Forum: Announcements
Topic: Newsletter #84
Replies: 47
Views: 9360

Re: Newsletter #84

Hardware Acceleration for AES (OpenVPN protocol)?
As I understand, RouterOS only supports in-kernel HW crypto acceleration, which means it works for IPsec phase2 only. OpenVPN is currently out of luck no matter what board you have.
by andriys
Fri Aug 31, 2018 7:02 pm
Forum: Announcements
Topic: SwOS version 2.8 released!
Replies: 36
Views: 5984

Re: SwOS version 2.8 released!

I have been using these switches
What switches? Please specify exact model(s).
Some small switches (like the RB260 series) are known to have a rather weak CPU which can easily be maxed out when being constantly monitored via ICMP.
by andriys
Mon Jun 18, 2018 12:39 pm
Forum: Announcements
Topic: VPNfilter official statement
Replies: 191
Views: 59588

Re: VPNfilter official statement

What are you talking about?
v6.40.8 includes patches to fix known vulnerabilities including latest winbox port vulnerability.
We are talking about this: viewtopic.php?t=121039#p595087
by andriys
Mon Jun 18, 2018 10:08 am
Forum: Announcements
Topic: VPNfilter official statement
Replies: 191
Views: 59588

Re: VPNfilter official statement

No, it is not.
by andriys
Mon Jun 18, 2018 9:46 am
Forum: Announcements
Topic: VPNfilter official statement
Replies: 191
Views: 59588

Re: VPNfilter official statement

Even if you are right with this one it is still vulnerability which is known and is not applied in current/bugfix. Well, the fact that the previous versions of WinBox (even in secure mode) were susceptible to MITM attacks was well-known for years. Many users were concerned and raised questions here...
by andriys
Sun Jun 17, 2018 2:41 pm
Forum: Announcements
Topic: VPNfilter official statement
Replies: 191
Views: 59588

Re: VPNfilter official statement

But that was done because there were bugs that allowed the retrieval of the unencrypted passwords (and thus the quick retrieval of valid user/password combinations as shown) That's correct. And I must admit this change had to be implemented years ago without waiting for bugs like this one to pop up...
by andriys
Sun Jun 17, 2018 1:50 pm
Forum: Announcements
Topic: VPNfilter official statement
Replies: 191
Views: 59588

Re: VPNfilter official statement

in 6.43rc17, something was changed in winbox service (thats why every RC since then has to use Winbox 3.14) to prevent MITM attack. No. And the purpose of this change has been explained here on the forum somewhere, and it has nothing with preventing MITM attacks. RouterOS used to store local user c...
by andriys
Sun Jun 17, 2018 1:41 pm
Forum: Announcements
Topic: v6.40.8 [bugfix] is released!
Replies: 35
Views: 11999

Re: v6.40.8 [bugfix] is released!

I decided to buy another cloud core and it continues with the same problem says:
Have you tried writing to support@ ? Just curious.
by andriys
Fri Jun 15, 2018 2:31 pm
Forum: Announcements
Topic: v6.40.8 [bugfix] is released!
Replies: 35
Views: 11999

Re: v6.40.8 [bugfix] is released!

Why the router tries to connect to ip 224.0.0.22?
This is a multicast address that has something to do with IGMPv3. May be related to IGMP proxy or UPnP.
by andriys
Thu May 24, 2018 11:26 pm
Forum: Announcements
Topic: v6.43rc [release candidate] is released!
Replies: 558
Views: 86761

Re: v6.43rc [release candidate] is released!

Ive been doing RCs for 8+ years. For 7+ years the RCs were as stable as the stable version. You are exaggerating "a bit". Mikrotik started releasing public RCs since mid-2015 (since v6.32 or 6.31, but definitely not earlier), which means you could not have been using RCs for more then 3 years. And ...
by andriys
Fri May 11, 2018 3:38 pm
Forum: Announcements
Topic: v6.40.8 [bugfix] is released!
Replies: 35
Views: 11999

Re: v6.40.8 [bugfix] is released!

Do you respond to requests from the forum or bugfix create a new bug ?
This is a user forum. Mikrotik staff responds on forum occasionally, but in general all (potential) bugs should be reported to support@ via email.
by andriys
Sun Apr 22, 2018 7:38 pm
Forum: Announcements
Topic: v6.43rc [release candidate] is released!
Replies: 558
Views: 86761

Re: v6.43rc [release candidate] is released!

msatter , another solution to your task would be introducing a separate custom chain for your dynamic rules, then jumping to this custom chain at the point where you currently insert your dynamic rules. In the script you then simply add your dynamic rules to the top of your custom chain not worryin...
by andriys
Thu Apr 19, 2018 9:57 pm
Forum: Wireless Networking
Topic: 60GHz multipoint, share your experience
Replies: 30
Views: 8383

Re: 60GHz multipoint, share your experience

Let's see how many client we can hook up.
Please note that it is currently limited to only 8 clients at a time. See page 16 of the 60G presentation from the MUM in Berlin.
by andriys
Thu Apr 12, 2018 3:02 pm
Forum: General
Topic: hAP ac² LAN->WiFi 5GHz performance issue.
Replies: 23
Views: 3539

Re: hAP ac² LAN->WiFi 5GHz performance issue.

Any official answer? I'm a bit tired repeating this again and again, but... This is a user forum. Period. Mikrotik staff may occasionally answer some questions here, but they do not have to. If you need an "official answer" you should write you question to support@. I'm afraid that's the only "offi...
by andriys
Wed Apr 11, 2018 12:17 pm
Forum: Announcements
Topic: Winbox 3.13 released!
Replies: 61
Views: 14145

Re: Winbox 3.13 released!

As for scrolling with the mouse/trackpad within managed routers list - we can not reproduce such problem locally.
As Chupaka mentioned above
In Windows 10, the problem appears with disabled "Settings -> Devices -> Mouse -> Scroll inactive windows when I hover over them".
by andriys
Tue Apr 10, 2018 3:25 pm
Forum: Announcements
Topic: Winbox 3.13 released!
Replies: 61
Views: 14145

Re: Winbox 3.13 released!

I, personally, find focus jumping to the Password field very handy.
Also I've just checked, scrolling works for me just fine with both mouse scroll-wheel and two-finger scrolling on touchpad no matter what field has focus (Windows 10 pro).
by andriys
Sun Mar 25, 2018 3:04 pm
Forum: Announcements
Topic: MikroTik News February 2018 (Issue #80)
Replies: 65
Views: 12697

Re: MikroTik News February 2018 (Issue #80)

I suspect MT could put out a four-port weatherproof POE switch at nearly the same price point as UBNT. PowerBox Pro is essentially the RB960PGS (hEX PoE) board in an outdoor/weatherproof case. And the former is $20 more expensive ($99) than the latter ($79). Now it appears that a switch similar to ...
by andriys
Tue Jan 16, 2018 5:57 pm
Forum: Announcements
Topic: v6.42rc [release candidate] is released!
Replies: 538
Views: 74387

Re: v6.42rc [release candidate] is released!

Updated: "*) bridge - fixed hw-offload disabling for Mediatek and Realtek switches when STP/RSTP configured;" upload speed through router is still 500 Mbit/s slower when STP/RSTP is activated on the Bridge That's as expected since hw-offloaded STP/RSTP is not supported on Realtek, Mediatek and ICPl...
by andriys
Sun Jan 14, 2018 6:51 pm
Forum: Announcements
Topic: v6.42rc [release candidate] is released!
Replies: 538
Views: 74387

Re: v6.42rc [release candidate] is released!

*) tile - added "aes-ctr" hardware acceleration support;

Can someone explain to me?
https://wiki.mikrotik.com/wiki/Manual:I ... encryption
by andriys
Sun Jan 14, 2018 12:27 pm
Forum: Announcements
Topic: Securing your device is important
Replies: 29
Views: 5085

Re: Securing your device is important

Is mikrotik affected by Spectre and meltdown bugs? To my understanding, RouterOS x86 and CHR are definitely affected, but since you cannot run your own binaries there they cannot be exploited (unless there are other vulnerabilities that allow one to execute arbitrary code on a router). ARM devices ...
by andriys
Mon Jan 01, 2018 11:23 pm
Forum: Announcements
Topic: v6.41 [current]
Replies: 304
Views: 59185

Re: v6.41 [current]

Traffic capture on pe03 shows TCP SYN packet arriving with TCP options where MSS is set as 1312 bytes. Replies aren't visible on this router as they are MPLS switched to br01. Reviewing a packet capture on interface facing 'customer' on br01 or upstream interface on ccr1 shows pe03 sending back an ...
by andriys
Fri Dec 29, 2017 10:14 pm
Forum: RouterBOARD hardware
Topic: RB3011 port flopping - bad design
Replies: 45
Views: 6304

Re: RB3011 port flopping - bad design

Does anyone know any other devices (routerboards or not) using this specific switch chip? I wonder if we can independently reproduce Mikrotik's claims. I have listed other RouterBOARDs where the same switch chip is used several posts above. They seem to be: hAP ac, OmniTIK 5 ac (including OmniTIK 5...
by andriys
Fri Dec 29, 2017 7:53 pm
Forum: Announcements
Topic: v6.41 [current]
Replies: 304
Views: 59185

Re: v6.41 [current]

Hi, anyone any idea why the WebFig of 6.41 behaves different on two identical boards (RouterBOARD 952Ui-5ac2nD)?
Very likely a browser cache issue. Have you tried clearing the cache and/or using another browser.
by andriys
Thu Dec 28, 2017 1:55 pm
Forum: SwOS
Topic: Install SwOS on RouterOS [SOLVED]
Replies: 4
Views: 1591

Re: Install SwOS on RouterOS [SOLVED]

It is documented here: https://i.mt.lv/routerboard/files/CRS32 ... S-qgv3.pdf.
And printed version of this document should have been shipped along with your router (included in the box).
by andriys
Wed Dec 27, 2017 8:19 pm
Forum: Announcements
Topic: v6.41 [current]
Replies: 304
Views: 59185

Re: v6.41 [current]

Is this intended? Shouldn't hw-offload trigger for all of the eligible bridges and not just one at a given time?
It is likely a hardware limitation. It has never been possible to set more then one port as a master-port on any device with a "small" switch-chip on board.
by andriys
Tue Dec 26, 2017 10:48 pm
Forum: Wireless Networking
Topic: SXTsq 5 ac. WTF? It doesn't work.
Replies: 80
Views: 9970

Re: SXTsq 5 ac. WTF? It doesn't work.

pretty much useles untill You compare it to other mikrotik hardware results. And YES it reflects CPU efficiency utilization by ROS and that is what I wanted to know. It reflects CPU performance under a particular load- in this case bandwidth test application. Profile for other types of load may dif...
by andriys
Tue Dec 26, 2017 10:25 pm
Forum: RouterBOARD hardware
Topic: RB3011 port flopping - bad design
Replies: 45
Views: 6304

Re: RB3011 port flopping - bad design

I wonder if other RouterBOARD models with the same switch-chip model (QCA8337) suffer from the same problem. According to this wiki page the models in question are: hAP ac, OmniTIK 5 ac (including OmniTIK 5 ac PoE), the old hEX model (RB750Gr2), hEX PoE and PowerBox Pro.
by andriys
Tue Dec 26, 2017 9:56 pm
Forum: Wireless Networking
Topic: Band Steering implementation?
Replies: 43
Views: 5704

Re: Band Steering implementation?

coverage at that power level you suggest is very poor Do you remember that wireless is a bidirectional thing? I mean not only your clients should hear your access point, but you access point should hear you clients too. And so "at that power level" you actually get the best coverage possible for or...
  • 1
  • 2
  • 3
  • 4
  • 5
  • 21