Community discussions

MUM Europe 2020

Search found 19 matches

by martr84
Thu Aug 30, 2018 9:57 pm
Forum: General
Topic: Ikev2 + Eap Radius + Windows 10 Not Working - But Working On Apple Devices
Replies: 20
Views: 3076

Re: Ikev2 + Eap Radius + Windows 10 Not Working - But Working On Apple Devices

thanks mrz, if you need me to test anything just drop me a line.
by martr84
Wed Aug 22, 2018 6:09 pm
Forum: General
Topic: Ikev2 + Eap Radius + Windows 10 Not Working - But Working On Apple Devices
Replies: 20
Views: 3076

Re: Ikev2 + Eap Radius + Windows 10 Not Working - But Working On Apple Devices

Thanks for the reply on this mrz, from what i can tell no intermediates baring one from verisign are included in windows 10 as a default its only the root CA's. If anyone knows of a certificate authority with reasonably priced certificates that has the full chain present in windows please let me kno...
by martr84
Sun Aug 19, 2018 9:04 pm
Forum: General
Topic: Ikev2 + Eap Radius + Windows 10 Not Working - But Working On Apple Devices
Replies: 20
Views: 3076

Re: Ikev2 + Eap Radius + Windows 10 Not Working - But Working On Apple Devices

In the end i emailed support about the issue and got confirmation that the Mikrotik implementation requires the client to have the full chain present and that the mikrotik side does not pass over intermediates to the client. Basically on windows you have to install the intermediates, obviously this ...
by martr84
Mon Jul 30, 2018 7:25 pm
Forum: General
Topic: Ikev2 + Eap Radius + Windows 10 Not Working - But Working On Apple Devices
Replies: 20
Views: 3076

Re: Ikev2 + Eap Radius + Windows 10 Not Working - But Working On Apple Devices

Little More Update:

No real progress however i did notice both intermediates have tls client & tls server in their key usage and obviously my server certificate does also.

I wonder if this is confusing the windows client somehow?
by martr84
Wed Jul 25, 2018 12:54 pm
Forum: General
Topic: Feature Req: IKEv2 server and client
Replies: 291
Views: 82581

Re: Feature Req: IKEv2 server and client

Hi mark,

I’ve got another thread about this open in the general forum, but did you use a third party ca or your own? I want to use a third party ca and can’t get it to work without installing the intermediate cert on the windows clients. if you did use a third party ca which one?

Thanks
Martin
by martr84
Tue Jul 24, 2018 12:54 am
Forum: General
Topic: Ikev2 + Eap Radius + Windows 10 Not Working - But Working On Apple Devices
Replies: 20
Views: 3076

Re: Ikev2 + Eap Radius + Windows 10 Not Working - But Working On Apple Devices

Good Evening, i've done some more testing and with either Rapid ssl certificates or the Comodo certificates if i import the intermediate certificate into the windows machine personal certificate store the connection is successful. In the instance of the Comodo certificate i'm importing the "COMODO R...
by martr84
Fri Jul 20, 2018 3:48 pm
Forum: General
Topic: Ikev2 + Eap Radius + Windows 10 Not Working - But Working On Apple Devices
Replies: 20
Views: 3076

Re: Ikev2 + Eap Radius + Windows 10 Not Working - But Working On Apple Devices

Thanks again for the pointers on this i hadn't checked the CRL signing but have now however all appears to be signed by the same chain as the certificate. Once i get this working i do intend to post the config and general things I've encountered while getting this setup. Here is the certificates scr...
by martr84
Thu Jul 19, 2018 7:54 pm
Forum: General
Topic: Ikev2 + Eap Radius + Windows 10 Not Working - But Working On Apple Devices
Replies: 20
Views: 3076

Re: Ikev2 + Eap Radius + Windows 10 Not Working - But Working On Apple Devices

Really appreciated the response on this... So when i'm importing the certificates in this instance i follow this procedure. I've tried these scenarios: - I import the chain in 1 file listed below, i then import the server certificate vpn.xxx.xxx and then i import the private key. - i import the chai...
by martr84
Thu Jul 19, 2018 1:49 pm
Forum: General
Topic: Ikev2 + Eap Radius + Windows 10 Not Working - But Working On Apple Devices
Replies: 20
Views: 3076

Re: Ikev2 + Eap Radius + Windows 10 Not Working - But Working On Apple Devices

From further investigation it does seem to be certificate related Test 1: On the router board i generated a ca, server cert, client cert, i imported the ca and client cert into the machine store and changed from eap radius to certificate based auth and the connection worked. Test 2: I then flicked t...
by martr84
Tue Jul 17, 2018 1:04 pm
Forum: General
Topic: Ikev2 + Eap Radius + Windows 10 Not Working - But Working On Apple Devices
Replies: 20
Views: 3076

Ikev2 + Eap Radius + Windows 10 Not Working - But Working On Apple Devices

Good Afternoon, I have ikev2 setup with a trusted third party CA based certificate on the routerboard and the radius server (nps 2016) and it works fine with iPhones without the need to install any certificates on the ios device. I'm using eap radius pass through and it all works great. However no m...
by martr84
Fri Jun 29, 2018 8:07 pm
Forum: General
Topic: Feature Req: IKEv2 server and client
Replies: 291
Views: 82581

Re: Feature Req: IKEv2 server and client

Good Afternoon,

I've setup ike2 with eap-radius and all is working fine on apple ios devices however i cant seem to get it to work on a windows 10 client. Has anyone got this confirmed as working with windows 10?

if so, if anyone has any pointers they would be greatly appreciated.

Thanks
Martin.
by martr84
Fri Oct 06, 2017 2:12 pm
Forum: SwOS
Topic: LACP + VLAN
Replies: 0
Views: 750

LACP + VLAN

I'm considering buying a few CSS326 switches but i can't seem to find in the documentation about a combination of LACP and VLANs. Basically i want to be able to setup a lag of 4 ports between 2 switches and then pass 3 tagged VLANS over the LAG. Is this possible? looking at the documentation is it a...
by martr84
Wed May 11, 2016 1:42 pm
Forum: General
Topic: all IPsec tunnels stops after few days
Replies: 17
Views: 6908

Re: all IPsec tunnels stops after few days

sorry to resurrect an old thread but I'm seeing what seems to be this issue on 6.35.2 on a CCR1016-12G. i'm running l2tp with ipsec between the 2 local networks at each site. the l2tp tunnels stay up and the ipsec tunnel seems to establish with no errors but if you look at current bytes under instal...
by martr84
Fri Mar 04, 2016 11:56 pm
Forum: Beginner Basics
Topic: Routing Conundrum - ISP Routed Subnet
Replies: 3
Views: 798

Re: Routing Conundrum - ISP Routed Subnet

I did think it was a little odd and not what i've experienced in the past from other providers. i've managed to find a bit of info they provided if it adds anything in regards to context. I was unsure even if the /27 was routed when i first saw the address's. i've ask for a technical contact on thei...
by martr84
Fri Mar 04, 2016 11:34 pm
Forum: Beginner Basics
Topic: Routing Conundrum - ISP Routed Subnet
Replies: 3
Views: 798

Routing Conundrum - ISP Routed Subnet

We have just had a gigabit leased line installed, they have provided us with a /27 however the routing seems a little strange. Normally i would have thought the ISP would have routed the /27 via a /30, is this what other people have experienced ? However in this case we have been given: - 1.1.1.1 as...
by martr84
Fri May 11, 2012 12:52 am
Forum: General
Topic: nth routing - VPN for bandwidth aggregation to data centre
Replies: 2
Views: 1070

Re: nth routing - VPN for bandwidth aggregation to data cent

Thanks for the reply, Couple of questions: The tunnels that you establish to the Data Centre Routerboard, Are you routing a "public ip" to the tunnel clients or do you nat in the data centre? Also the nth rules are quite new for me, im guessing that nth rules have to be applied at both the data cent...
by martr84
Wed May 09, 2012 9:42 pm
Forum: General
Topic: nth routing - VPN for bandwidth aggregation to data centre
Replies: 2
Views: 1070

nth routing - VPN for bandwidth aggregation to data centre

We have 4 adsl lines which we currently balance using a non mikrotik solution, and have a data centre close by, since we have control over either end of the connections i would like to "Bond" the ADSL lines to the data centre and aggregate the bandwidth of all the lines and make use of the high spee...
by martr84
Mon Feb 13, 2012 1:11 am
Forum: Beginner Basics
Topic: Virgin Media(uk) and rb751u-2hnd
Replies: 3
Views: 1844

Re: Virgin Media(uk) and rb751u-2hnd

Good News, I got it working, thank you for all the help. i had not rebooted the virgin media modem, even though the modem was supplying an ip address from the isp and all the correct subnet, DNS details etc. I'm guessing the modem does something internally with the mac address of the connected route...
by martr84
Sun Feb 12, 2012 1:46 am
Forum: Beginner Basics
Topic: Virgin Media(uk) and rb751u-2hnd
Replies: 3
Views: 1844

Virgin Media(uk) and rb751u-2hnd

I am new to the routerboard scene, but have just bought a rb751u-2hnd for use on my 50mbit virgin media connection. using the default config provided with the router I should be able to plug my modem into ether-1 and a laptop in ether2 and get Internet access. However I don't. The router receives an...