Community discussions

MUM Europe 2020

Search found 56 matches

by chris-oct
Wed Apr 09, 2008 9:50 pm
Forum: General
Topic: Macintosh on Hotspot stopped working April 6
Replies: 1
Views: 483

Macintosh on Hotspot stopped working April 6

We have multiple locations running Hotspot - with maybe 1000 active hotspot users. At every location, we have reports that all Apple Macintosh computers stopped working with hotspot this weekend. Looks like apple may have pushed out an update that is breaking interaction with hotspot... Has anyone e...
by chris-oct
Fri Feb 02, 2007 2:29 am
Forum: General
Topic: Hotspot giving Vista BSOD
Replies: 8
Views: 1675

Hotspot giving Vista BSOD

I had a customer who just bought Vista yesterday. He claims that the redirect page on hotspot is causing Vista to BSOD. I'm going to investigate more tomorrow. I'd like to see this first hand, and to see what code is causing it (probably Javascript).
by chris-oct
Wed Dec 06, 2006 10:10 pm
Forum: Scripting
Topic: Radius Incoming
Replies: 15
Views: 15047

This code uses the "radclient" application on *nix. Here, Let me remove PHP from the equasion. Now its just *nix. Maybe it will make more sense. echo "NAS-IP-Address=<nas_ip_address>,User-Name=<mac>,Framed-IP-Address=<framed_ip_address>,Acct-Session-Id=<acct_session_id>" | radclient <nas_ip_address>...
by chris-oct
Wed Dec 06, 2006 6:36 pm
Forum: The Dude
Topic: Vista Support
Replies: 16
Views: 4113

Vista Support

I tried my "The Dude" map on Windows Vista yesterday and everything went red. It appears the ping features are not working correctly, so the map thinks everything is down.
by chris-oct
Wed Dec 06, 2006 6:30 pm
Forum: Scripting
Topic: Radius Incoming
Replies: 15
Views: 15047

Here is a code snip of what I did in PHP $cmd = "echo NAS-IP-Address=$nas_ip_address,User-Name=$mac,Framed-IP-Address=$framed_ip_address,Acct-Session-Id=$acct_session_id | radclient $nas_ip_address:1700 disconnect password123"; The only way I could get these values is by enabling Radius Accounting, ...
by chris-oct
Thu Oct 12, 2006 8:08 pm
Forum: General
Topic: Hotspot problem - catching wrong IP address
Replies: 11
Views: 3384

You can do it all in the "filter" table.

Chain: input
In interface: ether2
src-address-list: !ether2-addresses (dont miss the exclamation point)
action: drop

Chain: forward
In interface: ether2
src-address-list: !ether2-addresses (dont miss the exclamation point)
action: drop
by chris-oct
Thu Oct 12, 2006 7:28 pm
Forum: General
Topic: Hotspot problem - catching wrong IP address
Replies: 11
Views: 3384

I think you are saying (for example): Your ether 2 has a DHCP range of 10.1.1.x Your hotspot is catching 192.168.0.x on ether2 hotspot because the SOHO routers are leaking these addresses out somehow. I create an address-list (in firewall) of ether2 addresses that are valid (10.1.1.x) . Then I creat...
by chris-oct
Thu Oct 12, 2006 6:59 pm
Forum: General
Topic: Serious problem with static routing in 2.9.31
Replies: 10
Views: 4394

Unfortunately it appears they did not fix it in 2.9.32 :( I am hoping they did fix it and just forgot to add it to the changelog... Changelog for 2.9.32: *) fixed bug in PPPoE, PPTP and L2TP - rate limiting queue addition failed sometimes; *) fixed bug in PPPoE, PPTP and L2TP - after reboot 100s of ...
by chris-oct
Mon Oct 09, 2006 6:59 pm
Forum: General
Topic: license problem
Replies: 3
Views: 2598

Have you read the new MikroTik license scheme? You may be able to upgrade with Netinstall even though the license is expired.
by chris-oct
Fri Oct 06, 2006 12:08 am
Forum: The Dude
Topic: 2.0beta10 issues
Replies: 5
Views: 2727

2.0beta10 issues

Installed 2.0beta10 this morning.

Im sorry to report it moved much slower on my machine.

Also, I added some new elements, and when I make changes to them, change name or device type, I do not see the map update. I rolled back to 2.0beta9 and everything is working well again.
by chris-oct
Thu Oct 05, 2006 6:37 pm
Forum: The Dude
Topic: Current changelog?
Replies: 5
Views: 1965

Thanks uldis. Im going to give it a try. My map is tiny now so I dont notice the difference. Maybe I will get used to the new look.
by chris-oct
Thu Oct 05, 2006 6:08 pm
Forum: The Dude
Topic: Current changelog?
Replies: 5
Views: 1965

Dude 2.0b10 maps look different. There are no borders on map elements. I dont think I like it
by chris-oct
Thu Oct 05, 2006 7:34 am
Forum: General
Topic: 2.9.31
Replies: 5
Views: 3774

Please keep us posted on your OSPF results with this version
by chris-oct
Wed Sep 27, 2006 7:23 pm
Forum: General
Topic: History - Please add date and time stamp
Replies: 2
Views: 1003

History - Please add date and time stamp

The History feature in Winbox does not have a Date or Time stamp. Please add one!

Also it would be nice to have the IP number of the incoming connection.
by chris-oct
Thu Sep 21, 2006 9:16 pm
Forum: General
Topic: Offering routes via DHCP
Replies: 4
Views: 1333

Im unable to get Option 33, 121 or 249 to add routes
by chris-oct
Fri Sep 15, 2006 6:31 pm
Forum: General
Topic: what in gods name is this?
Replies: 3
Views: 1224

That website is not very informative to jump right to the conclusion that 3128 is a trojan. 3128 is the default port for many proxy servers.
by chris-oct
Thu Sep 14, 2006 2:13 am
Forum: General
Topic: Radius Rate-Limit backwards?
Replies: 2
Views: 1484

I should have read the documentation a little closer... like you said:

from the point of view of the router (so "rx" is client upload, and "tx" is client download).

Thank you
by chris-oct
Wed Sep 13, 2006 7:39 pm
Forum: General
Topic: Radius Rate-Limit backwards?
Replies: 2
Views: 1484

Radius Rate-Limit backwards?

I have a rate limit set by radius: 1024K/512K 1200K/1200K 1200K/1200K 10/10 According to the MT documents: rx-rate[/tx-rate] [rx-burst-rate[/tx-burst-rate] [rx-burst-threshold[/tx-burst-threshold] [rx-burst-time[/tx-burst-time] [priority] [rx-rate-min[/tx-rate-min]]]] After radius creates the queue ...
by chris-oct
Fri Sep 08, 2006 7:05 pm
Forum: General
Topic: DHCP default network
Replies: 15
Views: 3202

Ive heard of some people disabling ARP in some way (in the interface). Then in DHCP-Server enable "Add ARP for leases". This way, they only get in the arp table if they leave DHCP ON. and if they try to set an IP address manually, they can not communicate with the server (or it wont communicate with...
by chris-oct
Fri Sep 08, 2006 6:04 pm
Forum: General
Topic: DHCP default network
Replies: 15
Views: 3202

ah, so set this in radius. I was thinking of this. only problem i had was that I wanted to use the radius for wireless auth and i cant have radius reporting back positive no matter what for that, but then i though i could run 2 different radius servers on different ports and just have dhcp run on p...
by chris-oct
Fri Sep 08, 2006 3:31 am
Forum: General
Topic: DHCP default network
Replies: 15
Views: 3202

Re: DHCP default network

I am going to use Radius to check for DHCP attributes and I would like to have the clients in the ip pool "unauth" if their mac is not found in the radius db. Is there a way to setup a default ip pool for stuff to fall into if no other attribute is assigned to it? Yes I do this... If I understand y...
by chris-oct
Mon Aug 28, 2006 7:32 pm
Forum: The Dude
Topic: Map devices/links on 2.0b7 do not update.
Replies: 10
Views: 3465

2.0b7 Changing "Name" or "Type" on a device does not update on the map.
by chris-oct
Thu Aug 24, 2006 6:47 pm
Forum: General
Topic: HotSpot and public ip (NAT)
Replies: 29
Views: 6410

The way we got public IPs to work with hotspot is to have radius set a public IP (Framed-IP-Address) after they authenticate. You dont want to set those public IPs to the Mikrotik interface. Just make sure the route is in place to route packets destined for those ips to the appropriate place.
by chris-oct
Tue Aug 22, 2006 6:19 pm
Forum: The Dude
Topic: Moving elements between maps
Replies: 8
Views: 2924

This is a huge feature. Please add this to future versions
by chris-oct
Tue Aug 22, 2006 6:06 pm
Forum: The Dude
Topic: Flag is always white
Replies: 1
Views: 1308

Flag is always white

I had 2.0b6 installed but the link bug and other bugginess I rolled back to 2.0b3. Now the flag in the system tray is always white even though everything on my map is green.
by chris-oct
Tue Jun 20, 2006 12:21 am
Forum: General
Topic: Rate-Limit (from Radius) burst refill
Replies: 1
Views: 670

Rate-Limit (from Radius) burst refill

Im wondering how exactly the burst feature works on the Rate-Limit being set from Radius. If we set a Rate-Limit of 1M/1M 5M/5M 1M/1M 60/60, then the customer can burst to 5Mb for 60 seconds, at which time the connection drops to 1Mb. A couple questions: 1) If the customer downloads at 4Mb, can they...
by chris-oct
Tue Jun 06, 2006 1:16 am
Forum: General
Topic: Routerboard 532 will not get an ip from my cable provider
Replies: 7
Views: 1153

I always have to reboot the cable modem when switching devices it's connected to... Then it picks up dhcp
by chris-oct
Tue May 30, 2006 6:17 pm
Forum: General
Topic: Walled garden to paypal payment page
Replies: 17
Views: 3802

Try using the "IP List" in Walled Garden. This allows server by IP instead of by name.
by chris-oct
Tue May 16, 2006 12:56 am
Forum: General
Topic: OSPF takes much CPU resources
Replies: 1
Views: 756

I would also like to know if OSPF is the cause for CPU spikes on our server. Should we be using routing-test and not routing package?
by chris-oct
Tue May 16, 2006 12:53 am
Forum: General
Topic: CPU 100% High, how can see what process take the 100%
Replies: 5
Views: 1328

We also have times when the CPU will spike and there is no way to find out what is causing it.
by chris-oct
Thu May 04, 2006 5:54 pm
Forum: General
Topic: SSH to external device fail
Replies: 7
Views: 1641

Post firewall filter rules as well
by chris-oct
Mon May 01, 2006 10:44 pm
Forum: General
Topic: Hotspot & MAC authentication
Replies: 5
Views: 2122

First I change login.html on the hotspot. Make a link to your signup page. Capture some useful information when you redirect to your credit card signup screen like this: <a href="http://domain.tld/signup/status.php?dst=$(link-orig-esc)&mac=$(mac-esc)&ip=$(ip)&hostname=$(hostname)&id=$(identity)">Cli...
by chris-oct
Sat Apr 29, 2006 1:19 am
Forum: General
Topic: BitTorrent Encryption Observations
Replies: 5
Views: 1622

I just reviewed those other posts and I see that as well.

http://forum.mikrotik.com/viewtopic.php ... ht=torrent

So it seems you have three options:

1) Block ALL bittorrent - encrypted and non-encrypted

2) Rate Limit unencrypted, but not rate-limit encrypted

3) No rate limit at all
by chris-oct
Fri Apr 28, 2006 10:42 pm
Forum: General
Topic: BitTorrent Encryption Observations
Replies: 5
Views: 1622

BitTorrent Encryption Observations

In my tests, 96% of encrypted torrent packets are escaping/bypassing the p2p packet mark Firewall: Mangle Chain: forward, P2P: all-p2p, mark-packet: p2p p2p Queue Trees: p2p_incoming - parent: ether2, packet mark: p2p, max-limit: 64k p2p_outgoing - parent: ether1, packet mark: p2p, max-limit: 64k Wi...
by chris-oct
Wed Apr 19, 2006 6:56 pm
Forum: General
Topic: 2.9.20 released ...
Replies: 18
Views: 3108

Bump.
by chris-oct
Wed Apr 19, 2006 6:14 pm
Forum: General
Topic: 2.9.20 "System rebooted because of kernel failure"
Replies: 4
Views: 1234

2.9.20 "System rebooted because of kernel failure"

2.9.20 "System rebooted because of kernel failure" I have recieved confirmation from MT that they are working on this problem. We have this .20 version rolled out to maybe 10 routers in production and have seen the kernel error on 4 of them so far. The routers reboot or the routers lock up. There ne...
by chris-oct
Tue Apr 18, 2006 4:17 pm
Forum: General
Topic: cannot access https websites
Replies: 5
Views: 1483

Double NAT possibly?
by chris-oct
Fri Apr 14, 2006 5:50 pm
Forum: General
Topic: 2.9.20 released ...
Replies: 18
Views: 3108

In version 2.9.19 there was a bug - hotspot walled-garden rules did not work. That bug was introduced in 2.9.19 and fixed in 2.9.20. Thanks to hecklertm for reporting a problem! Why is the walled garden fix not posted in the 2.9.20 changelog? The changelog for 2.9.20 is : *) fixed write-sect-total ...
by chris-oct
Wed Apr 12, 2006 9:17 pm
Forum: General
Topic: SYN Flood Attacks
Replies: 10
Views: 2448

Even if you block the SYN flood attack , it can eat all your bandwidth and cost you downtime or money. Nasty, nasty stuff..
by chris-oct
Tue Apr 11, 2006 8:50 pm
Forum: General
Topic: 2.9.20 released ...
Replies: 18
Views: 3108

I just rebooted a RB500 2.9.20 and graphs stay through reboot.
by chris-oct
Tue Apr 11, 2006 6:23 pm
Forum: General
Topic: DHCP-Server with Radius
Replies: 8
Views: 5276

For this configuration I found this works best: Set DHCP Server to use pool-2. Lease Timeout something short like 240. Set Radius to send DEFAULT Access-Accept on failure. Send no other default responses. On Radius success, have Radius send Framed-Pool=pool-1, Session-Timeout = 1200 (or something lo...
by chris-oct
Tue Apr 11, 2006 1:14 am
Forum: General
Topic: DHCP-Server with Radius
Replies: 8
Views: 5276

I dont know off the top of my head but anything is possible. Time to google
by chris-oct
Mon Apr 10, 2006 5:55 pm
Forum: General
Topic: Bittorrent and MT
Replies: 16
Views: 3595

If I remember correctly, MT responded to the encrypted BT and detect it correctly. They claimed to be one of the first to detect it.
by chris-oct
Mon Apr 10, 2006 5:53 pm
Forum: General
Topic: DHCP-Server with Radius
Replies: 8
Views: 5276

You could make the DNS server for pool2 send all DNS requests to the same IP number which is a login page.

Or you could set up transparent proxy on pool2 which sends all requests to login page.
by chris-oct
Thu Apr 06, 2006 5:21 pm
Forum: General
Topic: DHCP-Server with Radius
Replies: 8
Views: 5276

Great! I saw that freeradius can set a default Acces-Accept which is exactly what we are looking for. Thanks
by chris-oct
Thu Apr 06, 2006 5:16 pm
Forum: General
Topic: 2.9.19 - Hotspot looks much better
Replies: 1
Views: 726

2.9.19 - Hotspot looks much better

From our test so far, 2.9.19 is making hotspot behave much better. We see much less of duplicate MAC addresses with multiple IPs
by chris-oct
Thu Apr 06, 2006 1:46 am
Forum: General
Topic: 2.9.19 locked a routerboard on "starting services"
Replies: 1
Views: 1192

2.9.19 locked a routerboard on "starting services"

We've done four upgrades to 2.9.19 today and are very excited about the hotspot fix. One x86 and three RB500 upgrades. Unfortunately, one of the RB500 upgrades locked the box. I just wanted to post about it in case anybody else has a similar problem. Our fix was this: We used netinstall to attempt r...
by chris-oct
Wed Apr 05, 2006 10:56 pm
Forum: General
Topic: DHCP-Server with Radius
Replies: 8
Views: 5276

DHCP-Server with Radius

Using DHCP-Server with Radius we can make it so only authenticated MAC addresses can get a DHCP lease. All non-authenticated MAC addresses cannot get a IP. Is there a way to make it so authenticated users grab a lease from "pool1", and non-authenticated users grab from "pool2"? This way we can have ...
by chris-oct
Mon Apr 03, 2006 6:01 pm
Forum: General
Topic: Winbox on MacOS X
Replies: 9
Views: 3241

Awesome! I just tried it in WINE with Ubuntu Linux and it works great too!
by chris-oct
Thu Mar 30, 2006 1:37 am
Forum: General
Topic: Linksys wireless routers doing DDOS attack???
Replies: 10
Views: 1726

You have 1500 vlans on a mikrotik? If not, how many do you put on a single mikrotik?
by chris-oct
Tue Mar 28, 2006 7:39 pm
Forum: General
Topic: Kernel Panic, router will not boot
Replies: 9
Views: 1563

I find the words used during reinstall to be a bit confusing. First the installer will say something like: This will erase everything on the disk. Continue? You have to press "Yes". Then it says: Keep old configuration? It may be best to ask the questions in the opposite order. Ask if they want to k...
by chris-oct
Tue Mar 28, 2006 7:36 pm
Forum: General
Topic: Linksys wireless routers doing DDOS attack???
Replies: 10
Views: 1726

Sounds like a loop to me. Sometimes I need to enable spanning tree to prevent loops
by chris-oct
Thu Mar 23, 2006 1:31 pm
Forum: General
Topic: 2.9.17.... or is it 2.9.13 ??
Replies: 8
Views: 1677

I had this same issue from 2.9.7 to 2.9.10. I disabled the other packages and now have a kernel panic! I can not boot the server! Help
by chris-oct
Tue Mar 21, 2006 9:05 pm
Forum: General
Topic: Host ip keeps changing. Multiple logins.
Replies: 12
Views: 4102

How do we create supout file?

** Edit ** Ive just been shown how to do it. Right off the main menu in the winbox
by chris-oct
Tue Mar 21, 2006 9:05 pm
Forum: General
Topic: Host ip keeps changing. Multiple logins.
Replies: 12
Views: 4102

The saga continues hotspot,info,debug XX:XX:BF:82:0F:7A (222.171.27.34): trying to log in by mac in 21-Mar 11:45:51.3 from xxx.xxx.199.22 hotspot,info,debug XX:XX:BF:82:0F:7A (xxx.xxx.181.51): logged out: host removed in 21-Mar 11:45:51.8 from xxx.xxx.199.22 hotspot,account,info,debug XX:XX:BF:82:0F...
by chris-oct
Tue Mar 21, 2006 8:34 pm
Forum: General
Topic: Host ip keeps changing. Multiple logins.
Replies: 12
Views: 4102

Here is a situation we had this morning. Notice the MAC address ending in "7A". It tries to log into hotspot with 20 different IP numbers. They are all fighting to log in. Each request hits the radius server and ended up DoS our radius server: hotspot,info,debug XX.XX:BF:82:0F:7A (204.16.208.104): t...