Community discussions

Search found 40 matches

by sveno
Fri Jun 29, 2018 10:21 pm
Forum: General
Topic: DHCP client on bridge does not work?
Replies: 13
Views: 5759

Re: DHCP client on bridge does not work?

Hi Does your bridge have an IP address assigned to it? Does the bridge have ARP enabled? The DHCP client interface is the bridge yes. Everything is default and by default ARP is enabled everywhere. How come it works for some hours and then doesn't work for some hours? If I hard reset the device it ...
by sveno
Fri Jun 29, 2018 3:26 pm
Forum: General
Topic: DHCP client on bridge does not work?
Replies: 13
Views: 5759

Re: DHCP client on bridge does not work?

I have the exact same problem on many devices using latest ROS :(
Default config + ports in bridge = doesn't accept IP from DHCP server. Tried non MT DHCP server too, same result.
by sveno
Wed Apr 18, 2018 1:56 pm
Forum: Wireless Networking
Topic: QuickSet Nv2 AP + 2x CPE = "medium-access timeout" on second client [SOLVED]
Replies: 2
Views: 410

QuickSet Nv2 AP + 2x CPE = "medium-access timeout" on second client [SOLVED]

I got 3x SXTsq ac and set them up 1 as an PTP Bridge AP and other 2 as PTP Bridge CPE. The problem is that only one client can connect at a time. The second client gets the "medium-access timeout" error. If I disconnect the 1st CPE then the second connects successfully and the 1st CPE will connect b...
by sveno
Mon Dec 25, 2017 11:05 am
Forum: General
Topic: OpneVPN server binding issues
Replies: 6
Views: 866

Re: OpneVPN server binding issues

The only idea I have is to make a script:
1. delete all interfaces in the bridge to keep it tidy
2. add necessary interfaces to the bridge
by sveno
Sat Dec 02, 2017 9:30 am
Forum: General
Topic: OpneVPN server binding issues
Replies: 6
Views: 866

Re: OpneVPN server binding issues

I have the same issue. Is there a known workaround for this?
Is there another way to add a vpn server binding to the bridge or have the VPN client connections be part of the bridge?

I have this on a RB running v6.40.4 - haven't tested elsewhere.
by sveno
Tue Dec 27, 2016 3:38 pm
Forum: General
Topic: Why is only the first public IP working on my RB?
Replies: 5
Views: 748

Re: Why is only the first public IP working on my RB? [Solved]

The same problem occurred again. It was fixed by disabling and reenabling this: add address=1.1.1.2/29 interface=ether1-gateway network=1.1.1.0 It happened out of the blue - no changes to the router. 1.1.1.2 was unreachable the internet and 1.1.1.2 (192.168.1.2) couldn't access the internet. When I ...
by sveno
Tue Dec 06, 2016 4:06 pm
Forum: General
Topic: Why is only the first public IP working on my RB?
Replies: 5
Views: 748

Re: Why is only the first public IP working on my RB? [Solved]

Thanks for your feedback tslytsly. I am thinking that by some weird bug or other problem Winbox was showing me the incorrect (or old) rule order and that the rule order was indeed wrong with the masquerade rule being above src-nat.
by sveno
Tue Dec 06, 2016 11:31 am
Forum: General
Topic: Why is only the first public IP working on my RB?
Replies: 5
Views: 748

Re: Why is only the first public IP working on my RB?

Got it. You need to have BOTH of these in the masquerade rule:

add action=masquerade chain=srcnat out-interface=ether1-gateway \
src-address=!192.168.1.2 dst-address=!192.168.1.2

I thought the NAT table also has a rule priority like the Filer list but it doesn't. Doh!
by sveno
Tue Dec 06, 2016 10:02 am
Forum: General
Topic: Why is only the first public IP working on my RB?
Replies: 5
Views: 748

Why is only the first public IP working on my RB?

Running on a V6.37.1 I have the following: LAN 192.168.1.0/24 RB is 192.168.1.1 PC is 192.168.1.2 (should have 1.1.1.2 as public IP) WAN 1.1.1.0/29 1.1.1.1-1.1.1.5 assigned for me. 1.1.1.6 is the ISP gateway /ip address add address=192.168.1.1/24 comment="default configuration" interface=ether2-mast...
by sveno
Wed Oct 05, 2016 3:54 pm
Forum: General
Topic: What happens when CPU is 100%?
Replies: 5
Views: 679

Re: What happens when CPU is 100%?

That is already taken care of.


Btw thank you R1CH for your input!
by sveno
Wed Oct 05, 2016 8:16 am
Forum: General
Topic: What happens when CPU is 100%?
Replies: 5
Views: 679

Re: What happens when CPU is 100%?

What causes the 100% CPU load? What Mikrotik device do you use, and in what environment? 750UP. Looking at the profile tool, it is spending most of the cycles on the firewall (incl conn+packet marking) which also peaks really high together with networking, dns is up to 1-15% Most of the time the CP...
by sveno
Tue Oct 04, 2016 11:59 am
Forum: General
Topic: What happens when CPU is 100%?
Replies: 5
Views: 679

What happens when CPU is 100%?

Couldn't find anything regarding this - what does happen when CPU is over limit (100%)? Is there a process priority? I do know that VoIP does not like it at all but what decisions are made in the router I don't know. Can somebody explain?
by sveno
Thu Jan 07, 2016 9:15 am
Forum: RouterBOARD hardware
Topic: RBSXT LTE
Replies: 59
Views: 20588

Re: RBSXT LTE

In Estonia 3 and 7 are used for dense population areas. Recently Tele2 also added band 1 (2100). In rural areas (even just outside Tallinn!) band 20(800) is most popular. For example 10-15km from Tallinn centre Tele2 and Elisa often only have band 20 in use. So I cannot use SXT LTE here. Very little...
by sveno
Tue Oct 06, 2015 11:51 am
Forum: General
Topic: Tired of bad 4G USB stick reliability - alternatives for WAN backup (EU)?
Replies: 1
Views: 268

Tired of bad 4G USB stick reliability - alternatives for WAN backup (EU)?

I have tried many LTE sticks both pppoe and hilink but they are all kind of unreliable. I don't mean the LTE connection which is super reliable - the sticks hang and reboot! I know that one option is a Routerboard with minipci LTE. What else is there to buy in EU? Reliable sticks? some wired LTE rou...
by sveno
Sat Oct 03, 2015 12:46 pm
Forum: General
Topic: Problem with Huawei E3372 4G modem on RB2011uias-2hnd-in
Replies: 6
Views: 3736

Re: Problem with Huawei E3372 4G modem on RB2011uias-2hnd-in

I have the same problem with 951G-2HnD (6.31) and E3372-153 - under stress it disconnects and the LTE router interface (hilink www) is not accessible, does not reconnect (at least in 20 minutes) - USB power reset helps and its working in 15 seconds or less.
by sveno
Thu Sep 03, 2015 2:49 pm
Forum: General
Topic: RB<->RB OVPN - Can't access serverside LAN :( (Fixed- OVPN settings problem)
Replies: 3
Views: 716

Re: RB<->RB OVPN - Can't access serverside LAN :(

This is already in place. I wouldn't be able to ping Server IPs otherwise (192.168.1.1 and 10.0.0.1) I made an accept rule on the server for icmp, OVPN interface and it does get hits so the problem is in sending replies. No outbound ICMP reply hits. Any clues how to locate the problem? EDIT. RB-SERV...
by sveno
Sat Aug 29, 2015 10:31 pm
Forum: General
Topic: How do I prioritize traffic with fluctuating uplink speed (LTE)?
Replies: 0
Views: 245

How do I prioritize traffic with fluctuating uplink speed (LTE)?

Hi, what I want is simple: I want the guest subnet (or bridge-guest) to be eating leftovers of LAN (bridge-local) only but my LTE uplink is unrestricted. This means I can have 70/30 and sometimes it's just 7/10Mb/s. How would you set this up? I don't care if there is nothing left for the guest netwo...
by sveno
Thu Aug 27, 2015 10:27 am
Forum: General
Topic: RB<->RB OVPN - Can't access serverside LAN :( (Fixed- OVPN settings problem)
Replies: 3
Views: 716

RB<->RB OVPN - Can't access serverside LAN :( (Fixed- OVPN settings problem)

Server RB - 192.168.1.1 (192.168.1.0/24) Client RB - 192.168.2.1 (192.168.2.0/24) PPP pool - 10.0.0.0/24, server is 10.0.0.1, client gets 10.0.0.10 Internet access (NAT) works on both routers, they can ping each others LAN IPs over OVPN Only server can ping client LAN addresses when I add a route: a...
by sveno
Thu Aug 13, 2015 2:32 pm
Forum: General
Topic: Block SIP attacks using Mikrotik Firewall
Replies: 7
Views: 10003

Re: Block SIP attacks using Mikrotik Firewall

Great filters thank you.

I have a odd problem though: although the drop rule on the forward chain gets 200 hits/second - the packets are still forwarded and NOT dropped. What could cause this?
by sveno
Thu Jul 23, 2015 4:06 pm
Forum: RouterBOARD hardware
Topic: Does Huawei E303 or E173 work with RouterBOARD (also E3372)
Replies: 14
Views: 4963

Re: Does Huawei E303 or E173 work with RouterBOARD (also E3372)

Do you mean that it doesn't work as a LTE nor as a ppp-client interface?
by sveno
Thu Jul 23, 2015 3:31 pm
Forum: Beginner Basics
Topic: OpenVPN & LDAP
Replies: 1
Views: 1144

Re: OpenVPN & LDAP

I would also like to know whether OpenVPN works with LDAP for client authentication.
by sveno
Thu Dec 25, 2014 9:22 am
Forum: General
Topic: 3G PCIe vs. 3G USB
Replies: 5
Views: 1124

Re: 3G PCIe vs. 3G USB

Actually I haven't looked at 3G for a while, all LTE these days: throughput and latency. Sometimes also better signal. 3G is cheaper. Sierra Wireless is a solid bet, Huawei isn't bad either. Look at the supported HW list to avoid problems: http://wiki.mikrotik.com/wiki/Supported_Hardware#3G_cards_an...
by sveno
Tue Dec 23, 2014 8:04 pm
Forum: General
Topic: Wifi coverage - MikroTik or Ubiquiti
Replies: 4
Views: 2712

Re: Wifi coverage - MikroTik or Ubiquiti

Here, read this: http://blog.serverfault.com/2011/12/12/a-studied-approach-at-wifi-part-1/ Compare transmission power. Some are super high-power and I advise to turn those down to optimal levels. High RF pollution is a source of stress. Live testing is where the optimal AP solutions are found. Easy ...
by sveno
Tue Dec 23, 2014 7:45 pm
Forum: General
Topic: 3G PCIe vs. 3G USB
Replies: 5
Views: 1124

Re: 3G PCIe vs. 3G USB

My preference is:
Primary link? PCIe - reliable and fast.
Backup? USB - cheap, often even free with contract. Easily repurposable.
by sveno
Sun Dec 21, 2014 10:37 am
Forum: Beginner Basics
Topic: NAT question - multiple public IP use on one subnet.(solved)
Replies: 7
Views: 1846

Re: NAT question - multiple public IP use on one subnet.

Ok. A really weird thing happened. I switched the local address to another server ..and voila it is responding. I changed both the scr-nat and the dst-nat to say 192.168.1.6. The weird thing is that the src-nat still has 0 hits. So the masquerade is using 1.1.1.1 and 1.1.1.2. What is going on? EDIT:...
by sveno
Sun Dec 21, 2014 10:13 am
Forum: Beginner Basics
Topic: NAT question - multiple public IP use on one subnet.(solved)
Replies: 7
Views: 1846

Re: NAT question - multiple public IP use on one subnet.

Got the Dst-Nat working by adding the external IP (1.1.1.2) to addresses: 0 192.168.1.1/24 192.168.1.0 ether2-master-local 1 1.1.1.1/29 1.1.1.6 ether1-gateway 2 1.1.1.2/29 1.1.1.6 ether1-gateway Still no hits on src-nat (first in table below). Specifying TCP and a port (443) didn't change anything. ...
by sveno
Mon Dec 15, 2014 9:21 am
Forum: Beginner Basics
Topic: Bonding 2 WAN Connections
Replies: 13
Views: 45470

Re: Bonding 2 WAN Connections

Agree with ebreyit- you need someone who bonds the other side too, a gateway where your inbound connections that you desire to bond, are routed through.
by sveno
Mon Dec 15, 2014 9:17 am
Forum: Beginner Basics
Topic: DHCP error message
Replies: 4
Views: 884

Re: DHCP error message

I don't see an address pool associated with your DHCP server. Pools are under /ip pool
by sveno
Sat Dec 13, 2014 11:37 am
Forum: Beginner Basics
Topic: NAT question - multiple public IP use on one subnet.(solved)
Replies: 7
Views: 1846

Re: NAT question - multiple public IP use on one subnet.

Bump. I'm still stumped over this. Is there anything wrong with my config or are these lines ok and the problem is elsewhere?
by sveno
Fri Dec 12, 2014 8:14 am
Forum: Beginner Basics
Topic: DHCP error message
Replies: 4
Views: 884

Re: DHCP error message

How is you DHCP and addressing set up?
by sveno
Sat Dec 06, 2014 8:29 am
Forum: Beginner Basics
Topic: NAT question - multiple public IP use on one subnet.(solved)
Replies: 7
Views: 1846

Re: NAT question - multiple public IP use on one subnet.

Now I have the following under nat: chain=srcnat action=src-nat to-addresses=1.1.1.2 src-address=192.168.1.5 out-interface=ether1-gateway log=no chain=srcnat action=masquerade out-interface=ether1-gateway log=no chain=dstnat action=dst-nat to-addresses=192.168.1.5 dst-address=1.1.1.2 log=no addresse...
by sveno
Fri Dec 05, 2014 8:40 am
Forum: Beginner Basics
Topic: NAT question - multiple public IP use on one subnet.(solved)
Replies: 7
Views: 1846

NAT question - multiple public IP use on one subnet.(solved)

Hi, I have a public IP NATed with masquerade but I want an address of the same local subnet to use another public IP. Can I do this or do I need another network for this machine (like DMZ)? Edit: I tried to use !192.168.1.5 as source address in the main src-nat to exclude it but still the 192.168.1....
by sveno
Thu Nov 27, 2014 3:35 pm
Forum: General
Topic: failure: Info command already running!
Replies: 3
Views: 1502

Re: failure: Info command already running!

I have the RB750UP running v6.21.1. Using the Huawei E3272 that only works as a ppp-client. Status is connected and I have an IP. Don't know if related but yesterday the LED on the modem said LTE (established) but Info window showed 3G. EDIT: Ended up reseting the router because I really needed to k...
by sveno
Thu Nov 27, 2014 2:24 pm
Forum: General
Topic: failure: Info command already running!
Replies: 3
Views: 1502

failure: Info command already running!

Basically I opened the info window in Winbox yesterday for the USB modem but today its not working in winbox, neither through terminal. Removing the USB modem did not help and I am not restarting the router. What can I do?
by sveno
Fri Oct 24, 2014 8:04 am
Forum: General
Topic: Huawei E3372 "Modem does not have serial interface"
Replies: 2
Views: 4650

Re: Huawei E3372 "Modem does not have serial interface"

Did you try with RouterOS 6.8? Did you add dhcp client for lte interface?
by sveno
Fri Oct 17, 2014 4:02 pm
Forum: RouterBOARD hardware
Topic: Which board is right for me? (WAN,LAN,3G) (GOT IT!)
Replies: 0
Views: 468

Which board is right for me? (WAN,LAN,3G) (GOT IT!)

I am looking for a router board as a router for 50 machines that does the minimum of: wired WAN wired LAN 3G backup, preferably mini pcie with SIM slot Extras would be: WLAN, Gig LAN, PoE. Edit: Maybe the best route is to use a 3G ethernet bridge and a 4/5 port router? What 3G device would you get t...
by sveno
Wed Jun 20, 2012 3:33 pm
Forum: General
Topic: Problems VPN L2TP
Replies: 7
Views: 4069

Re: Problems VPN L2TP

I have the same problem.

OSX 10.7.4 and RB450 v5.16

using 3des enc and sha hash with mod1024 as OSX should prefer.

Does anyone have a clue what osx wants?


Sven
by sveno
Sat May 19, 2012 6:38 pm
Forum: General
Topic: Can't get OpenVPN (tun) up with win client - TLS fail
Replies: 1
Views: 2185

Re: Can't get OpenVPN (tun) up with win client - TLS fail

I'm now using easy-rsa generated keys and get the same result on win7 with openvpn 2.2.2 as client. The client says this: Sat May 19 18:20:29 2012 us=50000 OpenVPN 2.2.2 Win32-MSVC++ [SSL] [LZO2] [PKCS11] built on Dec 15 2011 Sat May 19 18:20:29 2012 us=50000 WARNING: --ping should normally be used ...
by sveno
Mon May 14, 2012 8:54 pm
Forum: General
Topic: Can't get OpenVPN (tun) up with win client - TLS fail
Replies: 1
Views: 2185

Can't get OpenVPN (tun) up with win client - TLS fail

Hi, I have a router running 5.16 set up according the openVPN Wiki guide (http://wiki.mikrotik.com/wiki/OpenVPN) using cacert.org and tun (ip) mode. the openvpn gui shows this error: Mon May 14 20:40:36 2012 TLS: Initial packet from ( server ip ):1194, sid=f0fc6eab 56522674 Mon May 14 20:40:36 2012 ...