Community discussions

Search found 15 matches

by hkusulja
Wed Oct 16, 2019 8:18 pm
Forum: General
Topic: Need help to configure two IPSec Tunnels in chain [SOLVED]
Replies: 7
Views: 549

Re: Need help to configure two IPSec Tunnels in chain [SOLVED]

Plain IPSec tunnels can be confusing at first. Let's say you have: /ip ipsec policy add <other options> src-address=<local subnet> dst-address=<remote subnet> \ sa-src-address=<local router address> sa-dst-address=<remote router address> If you watch packets in firewall (in different chains), you'l...
by hkusulja
Wed Oct 16, 2019 6:55 pm
Forum: General
Topic: Need help to configure two IPSec Tunnels in chain [SOLVED]
Replies: 7
Views: 549

Re: Need help to configure two IPSec Tunnels in chain [SOLVED]

Yeah, ok, it works, but I do not know why and how :P

new/additional IPsec policy:
src: 192.168.3.0/24
dest: 192.168.1.0/24
peer: SiteA-peer
proposial: SiteA-proposial
level: unique
by hkusulja
Wed Oct 16, 2019 12:19 am
Forum: General
Topic: Need help to configure two IPSec Tunnels in chain [SOLVED]
Replies: 7
Views: 549

Re: Need help to configure two IPSec Tunnels in chain [SOLVED]

If it's plain IPSec (no tunnel inside like IPIP, GRE, ...), just add additional policies. Between site A and B you need policies for .1 <-> .2 (you already have this) and .1 <-> .3 (new one). Between B and C it needs to be .2 <-> .3 (existing) and .1 <-> .3 (new). Also change level option from requ...
by hkusulja
Tue Oct 15, 2019 6:09 pm
Forum: General
Topic: Need help to configure two IPSec Tunnels in chain [SOLVED]
Replies: 7
Views: 549

Need help to configure two IPSec Tunnels in chain [SOLVED]

Hello, I have latest MikroTik RouterOS and need help to setup two IPSec Tunnels in chain for communication. Scenario: SiteA <> SiteB <> SiteC ---- Tunnel1 ---- Tunnel2 SiteA - LAN: 192.168.1.0/24, ISP WAN: 1.1.1.1/30 SiteB - LAN: 192.168.2.0/24, ISP WAN: 2.2.2.1/30 SiteC - LAN: 192.168.3.0/24, ISP W...
by hkusulja
Tue Jun 09, 2015 5:13 pm
Forum: General
Topic: DNS Record Type Request
Replies: 16
Views: 8361

Re: DNS Record Type Request

I agree that MikroTik RouterOS should support record type. Including CNAME, MX, NS and if possible SRV and PTR records.
We understand this is not advanced DNS server, but this is small feature that is very useful for SOHO environment in various small companies.
by hkusulja
Sun May 03, 2015 9:16 pm
Forum: General
Topic: Winbox 3 RC
Replies: 639
Views: 125812

Re: Winbox 3 RC

Hi, what about keyboard shortcuts in latest winbox 3.0 for enable (E) and disable (D) on list itmes (interfaces, firewall rules etc.). It seems that this does not work anymore. I believe a lot of people have been commenting on this, and that I think they disabled these short cuts because a lot of u...
by hkusulja
Sun May 03, 2015 4:27 pm
Forum: General
Topic: Winbox 3 RC
Replies: 639
Views: 125812

Re: Winbox 3 RC

Hi,
what about keyboard shortcuts in latest winbox 3.0 for enable (E) and disable (D) on list itmes (interfaces, firewall rules etc.). It seems that this does not work anymore.
by hkusulja
Wed Nov 14, 2012 12:08 pm
Forum: General
Topic: RouterOS 6rc3 using "old" kernel 3.3.5 instead 3.4
Replies: 6
Views: 2556

RouterOS 6rc3 using "old" kernel 3.3.5 instead 3.4

Hi, regarding to newsletter today: http://download2.mikrotik.com/news-42.pdf it says that RouterOS 6rc3 has latest kernel with drivers (3.3.5), which is not true, latest is 3.4 with additional drivers which is few months old kernel and still not implement in RouterOS. I believe this is big feature, ...
by hkusulja
Sun Nov 11, 2012 12:33 pm
Forum: General
Topic: Kernel 3.4 please - Hyper-V support OOTB
Replies: 8
Views: 3102

Re: Kernel 3.4 please - Hyper-V support OOTB

Current, RouterOS 5.x and 6.x does not work at all in any network adapter combination on Hyper-V, we must use 4.x and legacy adapters. If you upgrade to kernel to 3.4, everything will be natively supported. I believe this will be great opportunity for Mikrotik and number of users. Are there any news...
by hkusulja
Sun Nov 11, 2012 12:29 pm
Forum: General
Topic: [FEATURE REQUEST] Hotspot users expire date
Replies: 2
Views: 1712

Re: [FEATURE REQUEST] Hotspot users expire date

Yes, RADIUS is multipurpose, if not, please implement "expires on" for each hotspot user. I believe this is very easy to implement.

Thank you
by hkusulja
Sun Oct 21, 2012 6:10 am
Forum: General
Topic: [FEATURE REQUEST] Hotspot users expire date
Replies: 2
Views: 1712

[FEATURE REQUEST] Hotspot users expire date

Hi,
i suggest to implement feature, for every hotspot user, additional field "expires on" which is date/time, when this time happens, user should be automatically disabled.

should be very usefull for lot of cases (caffe bars, monthly subscribers etc.)
by hkusulja
Mon Jul 09, 2012 9:29 am
Forum: General
Topic: Route problem for LAN with VRRP , is a bug ?
Replies: 4
Views: 1057

Re: Route problem for LAN with VRRP , is a bug ?

After few reboots, did not help, but after few days, it worked normally. Yes, problem is with interface up/down order. Now it is running for a weeks.
I could not figure how to change interface up/down order on boot.
by hkusulja
Tue Jul 03, 2012 11:56 am
Forum: General
Topic: Kernel 3.4 please - Hyper-V support OOTB
Replies: 8
Views: 3102

Re: Kernel 3.4 please - Hyper-V support OOTB

Yes, we also need Hyper-V support for RouterOS.
by hkusulja
Tue Apr 17, 2012 5:30 pm
Forum: General
Topic: Route problem for LAN with VRRP , is a bug ?
Replies: 4
Views: 1057

Re: Route problem for LAN with VRRP , is a bug ?

Hi, After few reboots of both routers it seems it runs fine. However maybe sometimes, after boot, my LACP and VLAN interfaces are not ready so it want assigne this ip addres and create DAC route for interfaces. (it has IP address, but can not ping anybody on local network except itself, DAC route is...
by hkusulja
Fri Apr 13, 2012 1:21 am
Forum: General
Topic: Route problem for LAN with VRRP , is a bug ?
Replies: 4
Views: 1057

Route problem for LAN with VRRP , is a bug ?

Hi, I have two RB450G with 5.12 version. On both i have interface named "LAN" with normal local ip (10.23.2.3/24) and (10.23.2.4/24). Ofcorse this automatically implicates to have routes (DAC - 10.23.2.0/24 gateway: LAN). After setting up VRRP with shared IP 10.23.2.1, network: 10.23.2.1 on new vrrp...