Community discussions

Search found 23276 matches

by normis
Mon Oct 15, 2018 12:12 pm
Forum: Virtualization
Topic: CHR license on router with no internet
Replies: 9
Views: 339

Re: CHR license on router with no internet

Yes, it will keep working with full functionality, but will not allow upgrades. At least for now. Further restrictions could be added in time.
by normis
Fri Oct 12, 2018 2:43 pm
Forum: Beginner Basics
Topic: no "home AP" mode in SXT Lite 2
Replies: 16
Views: 448

Re: no "home AP" mode in SXT Lite 2

the swim and walk analogy doesn't apply, since in this case AP is something more capable than CPE what you have.

You bought a car and ask why it doesn't fly.
While an airplane can ride on wheels.
by normis
Fri Oct 12, 2018 1:16 pm
Forum: General
Topic: Whats the difference between long term and stable?
Replies: 2
Views: 158

Re: Whats the difference between long term and stable?

yes, long-term means it is tested for a longer time, thus, more stable.
by normis
Fri Oct 12, 2018 1:07 pm
Forum: General
Topic: Ltap Mini LTE Kit GPS Not Working [SOLVED]
Replies: 1
Views: 98

Re: Ltap Mini LTE Kit GPS Not Working [SOLVED]

Is the GPS antenna indoors on the table, like in the photo? it must be outside for the first fix.
by normis
Fri Oct 12, 2018 10:54 am
Forum: Forwarding Protocols
Topic: RB4011 vs. CCR1009 BGP
Replies: 39
Views: 1624

Re: RB4011 vs. CCR1009 BGP

Yes, we are aware of this peculiarity and we are working also on new routers that have higher power per core, not just many cores.
by normis
Fri Oct 12, 2018 9:48 am
Forum: Forwarding Protocols
Topic: RB4011 vs. CCR1009 BGP
Replies: 39
Views: 1624

Re: RB4011 vs. CCR1009 BGP

Those without facebook. Actually Andrew has written it correctly. Here is what he says there: My new response to people saying Mikrotik BGP being single threaded is causing them performance issues: A few points: 1) Control Plane ≠ Forwarding Plane While the processing of routing updates happens in a...
by normis
Fri Oct 12, 2018 9:11 am
Forum: General
Topic: Jailbreak for RouterOS 6.43.2 released [SOLVED]
Replies: 14
Views: 907

Re: Jailbreak for RouterOS 6.43.2 released [SOLVED]

There is a big difference between Jailbreak and Vulnerability. Jailbreak is not explicitly forbidden by MikroTik. It is simply another method to get into the linux sub system to run your own custom tools on the device. Like explained above, it requires phyical access, username and password. This can...
by normis
Thu Oct 11, 2018 5:13 pm
Forum: General
Topic: Firmware not upgrading
Replies: 14
Views: 408

Re: Firmware not upgrading

Means you haven't upgraded it, or rebooted it, it crashed before it did anything.
by normis
Thu Oct 11, 2018 5:03 pm
Forum: General
Topic: Firmware not upgrading
Replies: 14
Views: 408

Re: Firmware not upgrading

Somehow it sounds like it is already compromised. Tell us the exact error messages you saw, and post the entire log, when you made the reboot.
by normis
Thu Oct 11, 2018 4:22 pm
Forum: Announcements
Topic: URGENT security reminder
Replies: 26
Views: 3845

Re: URGENT security reminder

If the attacker scans your ports, he will find the new port number too. Upgrade anyway!
by normis
Thu Oct 11, 2018 3:48 pm
Forum: General
Topic: iPhone XS and Mikrotik hAP ac
Replies: 26
Views: 1265

Re: iPhone XS and Mikrotik hAP ac

So what is the problem that remains in 12.0.1 ?
Enabele wireless debug logs and make supout.rif files when you see the issue, email the files to mikrotik support. Maybe there is also something to improve in RouterOS side.
by normis
Thu Oct 11, 2018 1:18 pm
Forum: Beginner Basics
Topic: Can't connect to Mikrotik from outside
Replies: 9
Views: 450

Re: Can't connect to Mikrotik from outside

You forgot to specify the IP address you allow connections from! Because right now, your device is open to the world (hackers)
by normis
Thu Oct 11, 2018 1:15 pm
Forum: General
Topic: [Feature Request] Winbox username is sent in plain text
Replies: 10
Views: 494

Re: [Feature Request] Winbox username is sent in plain text

Thanks Emils for quick response in both ticket reply and here. I really appreciate it. I will not pretend that I understand how that protocol works. I can only believe it really is secure against MITM. However, it feels like being against recommended way to secure the router: https://wiki.mikrotik....
by normis
Thu Oct 11, 2018 12:13 pm
Forum: General
Topic: Winbox Service Automatically Going Disable
Replies: 1
Views: 124

Re: Winbox Service Automatically Going Disable

Where do you see it disabled? Do you have firewall enabled? Does anyone else have access to your device?
by normis
Thu Oct 11, 2018 10:41 am
Forum: General
Topic: iPhone XS and Mikrotik hAP ac
Replies: 26
Views: 1265

Re: iPhone XS and Mikrotik hAP ac

Try latest iOS 12.0.1 where the wifi issues are supposed to be fixed.
by normis
Wed Oct 10, 2018 3:17 pm
Forum: Announcements
Topic: URGENT security reminder
Replies: 26
Views: 3845

Re: URGENT security reminder

Cassio, please read the blog entry that was linked in first post. It answers all your questions and more;
https://blog.mikrotik.com/security/winb ... ility.html
by normis
Wed Oct 10, 2018 11:42 am
Forum: General
Topic: Can default configuration be hacked?
Replies: 8
Views: 570

Re: Can default configuration be hacked?

Netflix not working is in no way some indication of a hacked router. There could be lots of reasons why.
by normis
Wed Oct 10, 2018 10:40 am
Forum: Beginner Basics
Topic: no "home AP" mode in SXT Lite 2
Replies: 16
Views: 448

Re: no "home AP" mode in SXT Lite 2

point to point implies single unit on each end of the link
multiple client units are called 'point to multipoint' or AP or something like that
by normis
Wed Oct 10, 2018 9:53 am
Forum: Announcements
Topic: URGENT security reminder
Replies: 26
Views: 3845

Re: URGENT security reminder

As for who does not have the user and password of the Routerboard Expecific, is there the possibility of access in root mode and exploit this vulnerability?
Your firewall should not allow people to access your router.
If you have updated RouterOS, nobody can exploit this vulnerability.
by normis
Wed Oct 10, 2018 9:26 am
Forum: Announcements
Topic: Security announcement blog
Replies: 110
Views: 14601

Re: Security announcement blog

Yes, it is exactly that. Denial of service from some type of IPv6 packet flood, where router runs out of resources. It was answered, that we accept this as a bug, but we would not call it a vulnerability, because there are many ways how to exhaust resources of any device.
by normis
Tue Oct 09, 2018 12:46 pm
Forum: General
Topic: MacOS Winbox features and limitations
Replies: 4
Views: 333

Re: MacOS Winbox features and limitations

Actually, I personally have switched to an easier solution:

1. install Wine from the WineHQ homepage
2. run winbox.exe file

It works and there are no limitations
by normis
Tue Oct 09, 2018 11:52 am
Forum: Announcements
Topic: Winbox vulnerability: please upgrade
Replies: 240
Views: 30198

Re: Winbox vulnerability: please upgrade

Maybe MikroTik or one of the expert scripting users could post a script that changes the firewall filter rules of a router to the new default firewall. The script that adds that is of course already available in the router but it does a lot of other things. Some users might not be prepared to reset...
by normis
Tue Oct 09, 2018 11:40 am
Forum: RouterBOARD hardware
Topic: Improove capacitor quality
Replies: 3
Views: 477

Re: Improove capacitor quality

My suggestion is to specify which model you had failing like that. I think this issue is from a very long time ago, as last years we use different capacitors.
by normis
Tue Oct 09, 2018 11:33 am
Forum: Announcements
Topic: Winbox vulnerability: please upgrade
Replies: 240
Views: 30198

Re: Winbox vulnerability: please upgrade

pe1ch, do you think this script in a scheduler rule would be a good idea? the scheduler time could be determined by the user (or disabled): /system package update check-for-updates once :delay 1s; :if ( [get status] = "New version is available") do={ install } we could add this into our iOS/Android ...
by normis
Tue Oct 09, 2018 9:48 am
Forum: Announcements
Topic: URGENT security reminder
Replies: 26
Views: 3845

URGENT security reminder

As alredy reported multiple times, in April 2018 MikroTik fixed a vulnerability in the Winbox server component, which allowed an attacker to gain access to your RouterOS device, if the Winbox port was opened to untrusted networks. Most MikroTik devices include a default firewall that prevents this, ...
by normis
Mon Oct 08, 2018 11:29 am
Forum: Announcements
Topic: Security announcement blog
Replies: 110
Views: 14601

Re: Security announcement blog

That ticket talks about packet flood over IPv6, I think. I did not read the whole ticket, there are many emails. Ticket number is from the first mail.
by normis
Mon Oct 08, 2018 9:17 am
Forum: General
Topic: Mikrotik's long-term orientation/strategy
Replies: 1
Views: 345

Re: Mikrotik's long-term orientation/strategy

1) We generally announce all somewhat definite plans at our bigger MUM events around the world 2) MikroTik has always relied on distributors for all sales and any kind of contracts. MikroTik doesn't usually deal with customers directly. 3) Nothing definite to announce, but all kinds of things have b...
by normis
Fri Oct 05, 2018 11:41 am
Forum: Wireless Networking
Topic: 802.11af
Replies: 2
Views: 211

Re: 802.11af

No, we don't.
by normis
Thu Oct 04, 2018 9:59 am
Forum: General
Topic: Kid control
Replies: 6
Views: 246

Re: Kid control

Did it create any queues at the time the rules are active?

/queue simple print
by normis
Wed Oct 03, 2018 4:32 pm
Forum: RouterBOARD hardware
Topic: Cracked cover on RouterBOARD DISC Lite5
Replies: 42
Views: 3394

Re: Cracked cover on RouterBOARD DISC Lite5

2. We did a check on some installed CPE and we found randomly cracked cover on CPE's bought from April 2017 to some months ago. It's a tragedy. Please tell me the Serial Number. "Bought" and "manufactured" are different things. Sales did email Distributors about these things, I have seen these emai...
by normis
Tue Oct 02, 2018 1:03 pm
Forum: General
Topic: MikroTik hEX S high temperature
Replies: 6
Views: 233

Re: MikroTik hEX S high temperature

Yes, it is normal and will not harm the device.
by normis
Tue Oct 02, 2018 12:02 pm
Forum: Wireless Networking
Topic: hap ac achievable wifi speed?
Replies: 28
Views: 1022

Re: hap ac achievable wifi speed?

No special settings. Wlan1 in bridge with Ethernet
Image Pasted at 2018-10-2 12-01.png
by normis
Tue Oct 02, 2018 9:40 am
Forum: Wireless Networking
Topic: hap ac achievable wifi speed?
Replies: 28
Views: 1022

Re: hap ac achievable wifi speed?

We did reach nearly 700Mbit, but that was inside an anechoic chamber with no outside interference, and with specific iperf3 settings. With normal conditions you should expect 500-600Mbit on 3 chains.
by normis
Mon Oct 01, 2018 4:16 pm
Forum: General
Topic: Cloud Backup
Replies: 3
Views: 279

Re: Cloud Backup

More specifically, the backups are stored in MikroTik own datacenter, managed and accessed only by MikroTik, on MikroTik property.
by normis
Mon Oct 01, 2018 3:42 pm
Forum: Wireless Networking
Topic: hap ac achievable wifi speed?
Replies: 28
Views: 1022

Re: hap ac achievable wifi speed?

With 3 chain client (like macbook pro) we have seen above 500Mbit iperf3 results.
by normis
Mon Oct 01, 2018 2:24 pm
Forum: Announcements
Topic: Newsletter #84
Replies: 39
Views: 6476

Re: Newsletter #84

This is a Friday question I don't expect anyone to answer but will there be T-Shirts at the UK MuM in Birmingham?
I really hope so.
I love t-shirts.
Yes. T-shirts, stickers and free routers ;)
by normis
Mon Oct 01, 2018 11:33 am
Forum: General
Topic: iPhone XS and Mikrotik hAP ac
Replies: 26
Views: 1265

Re: iPhone XS and Mikrotik hAP ac

Users of the new iPhones are reporting the issues with all routers. They guess that the phones prefer 2GHz in some cases, and other issues. Wait for iOS 12.0.1 or something like that. It is a well discussed issue and not related to MikroTik
by normis
Tue Sep 25, 2018 10:46 am
Forum: General
Topic: What happens width Cloud Update time ?
Replies: 3
Views: 167

Re: What happens width Cloud Update time ?

cloud time should only be used to get approximate time, so that log doesn't show year 1970
if you have access to NTP, it will always be more precise
by normis
Tue Sep 25, 2018 8:34 am
Forum: General
Topic: MikroTik's GPL compliance regarding RouterOS
Replies: 28
Views: 5459

Re: MikroTik's GPL compliance regarding RouterOS

Of course you will receive the changes and Kernel patches. You will even get it online (no CD), if you ask for it. Well, I asked and... I was ignored :). I tried it twice on email to mt@mikrotik.com 05/2018 and 02/2017. No respond. So what should I do to get the sources? I am curious to read them a...
by normis
Fri Sep 21, 2018 9:07 am
Forum: General
Topic: How to change mikrotik password if you forgot?
Replies: 1
Views: 109

Re: How to change mikrotik password if you forgot?

You can't.

Reinstall and reset is the only option.
by normis
Thu Sep 20, 2018 11:47 am
Forum: RouterBOARD hardware
Topic: 100Mb LAN - what's the point?
Replies: 13
Views: 1054

Re: 100Mb LAN - what's the point?

OP has a point. New 60Ghz "Lite" model can do 60Ghz connection so up to Gbit over the air in full duplex and is specced with a 10/100 port. Mental! This is a CPE unit for connecting to an access point. If the AP has a gigabit connection and there are 8 CPEs connected, nobody can get more than 125Mb...
by normis
Wed Sep 19, 2018 2:13 pm
Forum: General
Topic: Add VirtIO-SCSI driver to CHR 6.40.9 (LONG-TERM)
Replies: 1
Views: 101

Re: Add VirtIO-SCSI driver to CHR 6.40.9 (LONG-TERM)

You seem to misunderstand how these versions work.
If we add something to long-term, it is no longer long term. This version can't be touched. Only this makes it so stable!
by normis
Tue Sep 18, 2018 1:46 pm
Forum: Wireless Networking
Topic: Mikrotik RB962UIGS wifi speed problem
Replies: 12
Views: 427

Re: Mikrotik RB962UIGS wifi speed problem

Bring it further away. Try other wifi frequency in settings. Make sure you have all 3 chains enabled.
by normis
Tue Sep 18, 2018 10:40 am
Forum: Announcements
Topic: v6.44beta [testing] is released!
Replies: 111
Views: 16411

Re: v6.44beta [testing] is released!

Remember that in MikroTik RouterOS, backup file is for restoring past configuration on the same device, not a safeguard against a lost or damaged device, for restoring on other devices, you should be using "export" config files.
by normis
Tue Sep 18, 2018 9:25 am
Forum: Announcements
Topic: Winbox vulnerability: please upgrade
Replies: 240
Views: 30198

Re: Winbox vulnerability: please upgrade

See above configuration line. It can't be default, because I don't know at what time you don't need any internet.
by normis
Mon Sep 17, 2018 3:38 pm
Forum: Announcements
Topic: Winbox v3.18 released!
Replies: 19
Views: 2934

Re: Winbox v3.18 released!

It is not a bug :D because you can't group something that is sorted by number, not by category. this is just how it works.
by normis
Mon Sep 17, 2018 1:47 pm
Forum: Announcements
Topic: Winbox vulnerability: please upgrade
Replies: 240
Views: 30198

Re: Winbox vulnerability: please upgrade

You can already do it. In system scheduler, add new entry that does this every 24 hours or whenever: /system package update check-for-updates once :delay 1s; :if ( [get status] = "New version is available") do={ install } https://wiki.mikrotik.com/wiki/Manual:Upgrading_RouterOS#RouterOS_auto-upgrade
by normis
Mon Sep 17, 2018 1:24 pm
Forum: Announcements
Topic: Winbox vulnerability: please upgrade
Replies: 240
Views: 30198

Re: Winbox vulnerability: please upgrade

Securely ? I only have winbox access opened to WAN and with different port than default one.
So it means you can keep using it without worry, and there is no urgent need for the manufacturer to force upgrade your device.
Also, how could we upgrade it, if you have a firewall.