MikroTik

gotsprings

If I were dealing with several sites...

I would have the sites call the Main router over L2TP +IPsec VPNs. So the devices that are behind carrier grade NAT are the "dialer".

gotsprings

If I were dealing with several sites...

I would have the sites call the Main router over L2TP +IPsec VPNs. So the devices that are behind carrier grade NAT are the "dialer".

gotsprings

Kept needing to VPN to the office to reach remote sites. The ACL for client networks expect connections from the office. EoIP from my house to the office. Bridge at home contains VLAN 254 and the EoIP tunnel. Bridge at the office has the local-bridge and EoIP tunnel. Result... on the right SSID (tag...

gotsprings

Local forwarding here.

gotsprings

More APs with smaller channel widths.

But if I am relying on the wifi, I go with a different vendor. Other manufactures might cost a bit more... But the lack of complaints is worth it!

gotsprings

I think it's a simple src-nat on router with IP address 172.16.100.1. If that router is Mikrotik, then simple /ip firewall nat add chain=srcnat action=src-nat dst-address=172.16.100.100 to-addresses=172.16.100.1 So whatever passing that router on the way towards router will get NATed. I usually add...

gotsprings

I have a hAP AC2 at home, and it connects to the CCR at my office using EoIP + IPSec.

Been stable for a few weeks.

I have one SSID here tied to the bridge the EoIP tunnel connects too. So when I need an office resource... I jump to that SSID.

gotsprings

You could check if an interface is active. Then if than based on that.

gotsprings

Used the audience again for a few weeks. It seemed better...

But the new R550 which is WiFi6 really trounced it.

The audience is louder and let's 5ghz things connect farther away... But it slows down everything.

gotsprings

All the places that pressured me to put Facebook wifi on their Ruckus Systems... Have all taken it off. (About 15 bars and restaurants)

What a difference a few years makes.

gotsprings

Swapped my audience for a ruckus R550.

"Just till the rest of the hardware for the install shows up..."

gotsprings

People look over my shoulder when i am working in caps-man...

"Damn... imagine if that could control good radios."

gotsprings

Use mangle to push that interfaces traffic over the VPN

gotsprings

Anything new around this topic? I have a case of Hap AC2 with newest firmware, that has this error: wlan1: disconnected, group key exchange timeout For now i tried to enable WMM and change group key timeout to 1 hour, but i doubt this will help, phones are just stuck on Acquiering IP adress. Someti...

gotsprings

Used a Ruckus R550 for the last 2 weeks...

That's a painful reminder...

gotsprings

Try and throw them off too early... And they jump back on the same antenna.

gotsprings

My reject rules is down near 87.

gotsprings

I also have a CAPsMAN system and sonos speakers that connect to different WiFI APs in my house. They work flawlessly. I didn't know Sonos could have synchronisation issues like you describe. Did you upgrade, try to re-start the setup, change speaker locations etc? From my experience, Sonos and CAPs...

gotsprings

They do... Lists.

gotsprings

-70 overlap seems a bit too hot to let something Want to Roam.

gotsprings

Have them join. Hit the copy to access list. Adjust the rules to allow them into your preferred network. Ban everything else.

gotsprings

Sonos makes its own mesh network. Wire a boost to your systems, and Sonos stops being an issue.

gotsprings

I am thinking to change my WiFi interference and better coverage. But of course I need WiFi 6 devices as well to take advantage of that. WiFi 4 works with interference. But Mikrotik's radios don't deal with interference as well as other vendors. This pains me daily on installs... I would be deployi...

gotsprings

Here is my recommendation /caps-man configuration add country="united states3" datapath.client-to-client-forwarding=yes \ datapath.local-forwarding=yes keepalive-frames=enabled mode=ap name=\ VLAN1 security.authentication-types=wpa2-psk security.encryption=\ aes-ccm security.group-encryption=aes-ccm...

gotsprings

Been running Audience as a CAP with an hAP AC2 being the caps-man for about a month now. Config Results in this: 2.4 2x2 20mhz Ch1 5.0 2x2 80mhz Ch36 5.8 4x4 80mhz Ch149 Pretty much covers the whole house and has better throughput that the hAP AC2 and cAP AC that sat in the same spot. Its not the Ru...

gotsprings

If your public IP is dynamic... Use IPCLOUD in your address list. That will dynamically adjust the dst-address. That would allow one rule to work inside and out. You would still need the loopback rule SEPARATE, that reads: src-address = 192.168.100.0/24 dst-address = 192.168.100.0/24 output interfac...

gotsprings

Znevna,

This one's for you...

From support:
"Hello,

We had some issues with the cloud servers in the past weeks, but if the same issue happens again, please let us know.

Best regards,
#####"

gotsprings

I have owned Sonos gear since it first came out. Configured hundreds over the years for work. Always wire one unit to the network and let the rest connect to the Sonos Mesh Wifi. Once you do that... Make sure that caps-man allows client to client and local forwarding. Don't put the Sonos on the hous...

gotsprings

Noticed yesterday that routers that would be using IP cloud1 started popping back up.

Edit/update

Received email this morning 10/05/20
"Hello,

We had some issues with the cloud servers in the past weeks, but if the same issue happens again, please let us know.

Best regards,
######"

gotsprings

cAP AC has the same MSRP... But I often find them for less than the hAP AC2. Something about sellers thinking of it as a WAP rather than the same unit with less switching ports. Good tip thanks. AC2 currently £68 on amazon which seems to be way better value then the £110 for hAP AC unless I am miss...

gotsprings

Since you didn't understand the suggestion by @sindy with the static DNS entry to some other public IP to which you have access instead of the MikroTik ones, you can replace almost all of the above "yes, I did" with "No, I did not" and any further "debugging" seems pointless. Cheers and good luck. ...

gotsprings

Do the devices all share the same ISP? All of my tests have been on Comcast, from various locations on their network. Nope. Geographically diverse too. All over the US. Some are on Comcast. Some on Verizon. Some on Spectrum. Some on ATT Cellular. etc etc etc. The issue where OLD routerOS and IPCLOU...

gotsprings

yay, another useless topic for the same issue. @sindy suggested something in the OTHER thread, did you do it? On your devices that don't work, point cloud.mikrotik.com and cloud2.mikrotik.com to another public IP where you can monitor incoming packets and see if you receive any UDP packet on port 1...

gotsprings

Solved: From support: "Hello, We had some issues with the cloud servers in the past weeks, but if the same issue happens again, please let us know. Best regards, ######" I appreciate the help some are trying to provide with the other thread... I think it might be easier to follow if I have a separat...

gotsprings

routers and CHRs are eligible for IP Cloud (sorry no x86 installs). If you try to get that - you can check the status of the ordeal. Fastest way is to use /ip cloud force-update instead disable/enable - as the first will attempt to re-auth with the server, the second will attempt to send a packet t...

gotsprings

Znevna, I have set up a rule to look for the 15252 in and out. They are set to log. On one router I will see it sending packets every minute with no response. I have set up a static entry in dns to force cloud2 to the IP address that was listed here. Support also gave me the same IP address. I have ...

gotsprings

Updated a hEX that would not update with Ipcloud... Used 6.47.4

Ipcloud started working.

The wAP AC behind it... Nope.

gotsprings

I have a CCR1009 which is almost 5 years old and it has been updating fine - I keep it current, so at one point was on 6.33 or earlier.

My CCR is also about that old... but it has been kept current.

gotsprings

I used the packet sniffer and when you enable ip cloud on a new device it sends one udp packet to one of the addresses resolved by cloud2.mikrotik.com on port 15252. In my case it is sending data to 159.148.172.251 and 159.148.172.201. I tried on two different cap ac devices. Once the request is ma...

gotsprings

What can you see if you just traceroute the resolved cloud IPs? This should tell you whether it is a routing issue somewhere between you and the servers or an overload of those servers. I am running ddns update on two units since yesterday and never hit a pause (but I just had a look a few times du...

gotsprings

Here is the output of a 6.40.8 unit that is not updating either. [admin@mikrotik] > /ip cloud print ddns-enabled: yes update-time: no public-address: 75.17x.xxx.xxx dns-name: xxxxxxxxxxxxxxx.sn.mynetname.net status: Error: request timed out And since this router has 3 wAP ACs behind it... here is wh...

gotsprings

I have a new cap ac that was shipped with 6.44 and updated it to 6.47.4 before resetting the config into caps mode. I just ran the following and it worked fine. /ip cloud set ddns-enabled=yes I have seen this across a few units now... ddns is enabled. [admin@MikroTik] /ip cloud> /ip cloud print ddn...

gotsprings

Solved: From support: "Hello, We had some issues with the cloud servers in the past weeks, but if the same issue happens again, please let us know. Best regards, #####" I have been seeing more and more cases of things not getting responses from IP cloud. Erroring out. Or just looking like the servic...

gotsprings

Took a wAP AC from 640.1 to 6.47.4.
IP cloud had never been enabled.
After reboot and update of firmware... IPCloud doesn't work.

Come ON Mikrotik... SOMETHING IS UP.

gotsprings

Updated a unit from older RouterOS to current. DID NOT DISABLE IP CLOUD IN BETWEEN. IP cloud doesn't work. Confirmed I can ping cloud2 See the router sending packets on the right port. Factory default unit and text imported to resume network. IPCloud doesn't even show updating anymore in winbox... H...

gotsprings

Updated a router from using Cloud to Cloud2.

Now IP cloud doesn't even show updating.

gotsprings

I have had the hAP AC, hAP AC2, cAP AC, wAP AC, RB 4011, and the Audience in the same spot. I load up the network with a minimum of 25 clients on that one wAP and start a video stream on my Roku before testing. Then I take the average. Have you also done the tests with RouterOS v7.1beta2 and compar...

gotsprings

cAP AC has the same MSRP... But I often find them for less than the hAP AC2. Something about sellers thinking of it as a WAP rather than the same unit with less switching ports.

gotsprings

Got an email from support
..... "The server has not received any info prom this device."

So yeah it looks like Mikrotik broke something on IPCloud 1 relating to 6.40.

gotsprings

"if caps-man could only control a good radio..."

I type it here all the time. When it comes to wireless... I am going to go with another vendor.

gotsprings

Some news , I have my IPv4: 207.32.194.24 IPv6: 2605:4e40:0:1fe:: back on-line again. EDIT: btest user is --> btest and btest password is --> btest ( btest & btest ) I set the queue to allow btest-ing up to 4-Gig. Question - Who has a 10-Gig Internet connected Mikrotik I can perform a btest to/from...

gotsprings

Little to the right.

gotsprings

they can deprecate anytime support for version older than 6.43, why would anyone care about those with so many security issues in them anyway? Because when you try to take a look at an old system that was installed in 2014 and last touched in 2018... knowing that IP cloud(1) has been deprecated wou...

gotsprings

Since my other post is getting read but not answered... Is the older IP Cloud service still working? cloud.mikrotik.com I have a few older routers out there that I think still use the old service. Was it shut down or is something else going on? ############ UPDATE: Got an email from support (several...

gotsprings

Go to interfaces.
Find your WAN interface.
Go to status. You will see up/down since last reboot.

gotsprings

Why not slide the board out of the case?

gotsprings

With a printer a few years back...
I couldn't get it to connect to WPS.

Made an unencrypted network and connected the printer is o that. Then I used the web GUI of the printer to enter the SSID and password for the actual network. Hit apply and the printer has been on wireless for several years now.

gotsprings

So do both my hAP ac & RB4011, with a 866Mbps PHY rate (OnePlus 5T as client). I have had the hAP AC, hAP AC2, cAP AC, wAP AC, RB 4011, and the Audience in the same spot. I load up the network with a minimum of 25 clients on that one wAP and start a video stream on my Roku before testing. Then I ta...

gotsprings

My R610 would get up near 400/400 So do both my hAP ac & RB4011, with a 866Mbps PHY rate (OnePlus 5T as client). I have had the hAP AC, hAP AC2, cAP AC, wAP AC, RB 4011, and the Audience in the same spot. I load up the network with a minimum of 25 clients on that one wAP and start a video stream on...

gotsprings

log into one of the caps and watch its logs.

If they can't reach the controller... that would explain it.

gotsprings

Is the older IP Cloud service still working?
cloud.mikrotik.com

I have a few older routers out there that I think still use the old service.

Was it shut down or is it just cranky yesterday and today?

gotsprings

My R610 would get up near 400/400 So do both my hAP ac & RB4011, with a 866Mbps PHY rate (OnePlus 5T as client). I have had the hAP AC, hAP AC2, cAP AC, wAP AC, RB 4011, and the Audience in the same spot. I load up the network with a minimum of 25 clients on that one wAP and start a video stream on...

gotsprings

Sorinp, His post looks like he stated he has a hAP AC2 and a cAP AC. Yeap, you're right. Sorry for missing that. I have a hAP AC2 down in the basement running caps-man. The radio is not turned on. Then there is an Audience sitting in my living room set to use all 3 radios as APs. Which results in: ...

gotsprings

Sorinp, His post looks like he stated he has a hAP AC2 and a cAP AC. Yeap, you're right. Sorry for missing that. I have a hAP AC2 down in the basement running caps-man. The radio is not turned on. Then there is an Audience sitting in my living room set to use all 3 radios as APs. Which results in: ...

gotsprings

Get a bunch of wAP AC and spread them around.

gotsprings

Sorinp,

His post looks like he stated he has a hAP AC2 and a cAP AC.

gotsprings

20 MHz 2.4 signals go 2 channels over.
So 1 interferes on 2 and 3.
5 would interfere on 4 and 3. 6 and 7.

1 6 11. Repeat with geographic boundaries.

Setting the power levels is the next step. (After physical placement again)

Then the reject rules.

gotsprings

Drop rule.

Then somewhere above the drop rule... An accept rule from an address list that you approve of.

gotsprings

It's not L2TP that I'm an trying to get to work. It's an ipsec site to site vpn between firewalls. I can get L2TP to work ok.

I get that.

I am telling you about something that actually works.

Hoping you could maybe look at that and figure out what "might be helpful" for your issue.

gotsprings

I have a "portable camera system" that uses a similar link. The camera system is a box with several cameras attached. There is a Netgear wireless modem in the box. This connects to a hAP AC2. The output of that goes to a switch to drive the cameras. The Netgear is on ATT cellular and has carrier gra...

gotsprings

Use channels 1 6 11.
Turn down the transit power on APs. (Or place them better)
Use that access control list... But set the reject LOWER.

gotsprings

"I like to listen to my stereo from 2 rooms away..."
Said by no one EVER!

Put wireless access points where devices are used.

gotsprings

I have had to use a cAP AC as a router. The hAP AC2 was out of stock for months and I needed to get a system online.

As most resi systems only have 1 wan feed... Its not outside the realm of reasonable to make it a router.

gotsprings

Had to loan out my Ruckus R610. Reconfigured an Audience to be the WAP (cap) for my house. Its 3 radios 2.4 2x2 5.0 2x2 5.8 4x4 All the radios are serving clients... and between me working and the kid in Zoom class... not dropping yet. I am on the 4x4 (5.8) radio and he happens to be in the 2x2 (5.0...

gotsprings

I think beamforming (the explicit/standard 802.11ac one) is more important than MU-MIMO because it focuses the signal to clients and thus they can negotiate better data rates with the AP. Although MU-MIMO can help on a four chain radio (like the RB4011 or the Audience) with several devices using th...

gotsprings

I pay the 75 bucks a year to Domotz.

gotsprings

MU-MIMO never worked/supported...
And busy environments cause the 2.4 radios to "give up".

gotsprings

Default settings in caps-man have local forwarding turned off and client to client forwarding turned off.

gotsprings

nobody has 40 locations liar

Umm what?

I have been deploying Mikrotiks for around 10 years now. I assure you... I have done more than 40 sites in a month during peaks.

gotsprings

Check the log?

gotsprings

Put APs where you need signal... Not 2 walls away.

gotsprings

Set channel width to 20 is a pretty good rule for 2.4 too.

gotsprings

The easiest way is to use capsman forwarding mode, by defining the bridge in capsman datapath configuration and not enabling local forwarding traffic for the new ssid will be sent to the bridge without vlans.

If you don't mind slowing your throughput to a crawl... Go right ahead and do this.

gotsprings

Besides, you can ignore the rants...MikroTik does supply rocksolid WiFi solutions. They just require proper setup . I am sorry... That's just not true. Mikrotik wireless has been behind the times for a while now. They never got MU-MIMO working. And the 2.4 radios will flat out stop accepting client...

gotsprings

The point of the forum is to share information peer to peer. So none of this crap from manufactures like... "Well we have never heard of that before." Further more... I would go weeks between emails with support about their crap wireless. Only bitching about it on the forum got them to public ask.. ...

gotsprings

No betas for me... Or my end users.

gotsprings

OLD issue/topic. No fix.

Move it to trash (where the crs354-48G/P should be also).

Hahaha

gotsprings

Audience?

gotsprings

i believe in Mikrotik I believe I need a different vendor for wireless. Routers have been good to me. Switches have burned me. Wireless has dragged consistently. I invested a lot of time in caps-man only to have to abandon it for radio performance. Stick with other vendors for switching and wireles...

gotsprings

It doesn't make sense to use CAPsMAN on the (single) device it is managing. So, no...just config the hAP ac2 as preferred.
I use CAPsMAN if there are three or more accesspoints involved.

Audience

gotsprings

Homes are not exempt. Business at least usually have hours of operation. Homes owners can, will and do call anytime!

gotsprings

Mangle to mark the connections.

Routing rule to catch the output.

gotsprings

Need a loop back rule too.

gotsprings

how to reboot the router monthly
Why?

Exactly!

gotsprings

I find it easiest to do with RSC files.

But you can copy a backup onto a new unit... You have to reset the MACs afterwords.

gotsprings

Do you have a public IP at the LTE modem.

In the US... You don't unless you paid extra for a static IP.

gotsprings

Woohoo! Figured it out with your recommendation to set the country code in the CAPsMAN Configuration, and a bit of playing around. Thank you for your quick response, it is greatly appreciated! For anyone else that may come across this, I had to do a few things to get the WAP AC broadcasting on both...

gotsprings

Sorry guys, could you please move your "i hate wireless from mtik" to another, different thread? we need to get this port 1 till 8 issue resolved quickly, but to mix all up here doesnt help much. thank you. Mikrotik specifically asked for it... But I did include the problem with my switch and how I...

gotsprings

>> So what I meant was... I have found that their is a pretty common problem that I run into using Mikrotik Wireless that I can solve by swapping vendors. >> AND THAT I DO NOT SPEC MIKROTIK RADIOS FOR ANYTHING CRITICAL ANYMORE. I know we're getting off topic here but which vendor did you switch to?...

gotsprings

Also... they finally admitted there is "just nothing they can do about" busy airtime. So I stopped using their wireless radios. What do you mean by that? To improve stability in a high noise environment you can enable RTS/CTS. You can always fine-tune the wireless interface by adjusting hw-retries,...

gotsprings

I think the most important thing is stability. As for others, they are still acceptable. The latest version is not stable. In my impression, the previous version is very stable. Fully agree. Stability is a must. The rest is nice to have. For my experience the 6.45.6 is the most stable version. (The...

gotsprings

Might have been nice if they ever got it working.

gotsprings

I get right in the Low 300s point blank with AC2 radios from Mikrotik. well as long as the environment is not crowded.

gotsprings

Hi GotSprings, You populate the Wap-R ac with what ever LTE PCIe modem you want. My case an Quectel EP06. The modem works pretty good and is available in various versions and think one that fits well the US. I really love this thing. I use it as a Wifi AP for the garden (switch Wifi on/off via SMS)...

gotsprings

Dug back into the unit Yesterday. Defaulted the unit with NO CONFIGURATION. Manually put in a DHCP client and built a bridge for the interfaces. Put in my Caps-Man Template. This made it possible to make use of the 4x4 AC radio for clients. The 2x2 5Ghz Radio is currently Turned off... lets see how ...

gotsprings

The new wAP-R-AC is the great 4 core ARM with 2.4GHz, 5GHz and a mini-PCie slot and LTE antennas in the classic wAP case. https://mikrotik.com/product/wap_r_ac If only Mikrotik Cellular could work worth a crap in the US... I WOULD BE ALL OVER THIS THING!!! Set it up as my failover for commercial in...

gotsprings

I have Gigabit service. The Audience Never came close to 500M. Used it as a WAP running caps-man with it's wireless as the cap. (What it is designed to do). And much like every other Mikrotik WAP I have ever used (ONCE THEY SHAKE THE INITIAL BUGS OUT)... it slammed into a brick wall right around 300...

gotsprings

Ok... well here is an idea. So in practice... assuming your PiHole sits at 192.168.1.3 Set your DHCP server to tell clients to use 8.8.8.8 and 8.8.4.4. Make a firewall address list named Google /ip firewall address-list add address=8.8.8.8 comment="GoogleDNS" list=Google add address=8.8.4.4 comment=...

gotsprings

So in caps-man we are supposed to lower transmit power.
I am (and it is working perfectly)

Aside from all the mikrotik WiFi glitches... lowering power level like this has worked for me too.

gotsprings

From the Wiki:
https://wiki.mikrotik.com/wiki/Manual:C ... e_TX_power

So in caps-man we are supposed to lower transmit power.

gotsprings

However according to Mikrotik you are not supposed to adjust tx power, only antenna gain.

viewtopic.php?t=121782#p599546
viewtopic.php?t=129865

Is that the same for caps-man?

gotsprings

Put a back up controller on site? In wireless, there is a configuration option to have more than one caps-man. I tried running my inlaws wireless from my office... and any hickup caused the APs to "return to adoption mode." All my caps-man jobs have been with the ROUTER ONSITE running Caps-Man. The ...

gotsprings

I mean... I did answer 2 hours and 36 minutes after you posted...

gotsprings

You could run caps-man on your switch?

Then you could set up your wireless profile in caps-man config. Once that's set... All you need to do on the APs is set the to caps-mode. You can do this in cli with one line. Or you can do it by press and hold on the WAP at Power Up.

gotsprings

If caps-man is running on your router...

Telnet to the capAC.
/system reset-configuration skip-backup=yes caps-mode=yes

gotsprings

Posted before.... Here are a few ways to get the public IP address Pick IP From Route (add WAN to your WAN connection name. ie. ether1-WAN) :global Stat [/ip route get [find gateway~"WAN"] pref-src] Pick IP from Address (add WAN to your WAN connection name. ie. ether1-WAN) :global OnEtherSub [/ip ad...

gotsprings

/IP firewall mangle

gotsprings

Set the Mikrotik to use a DNS other than piehole... Like 8.8.8.8, 1.1.1.1. Then in your DHCP server... Set the DNS value under network to be piehole, Mikrotik. If piehole doesn't work... The client will ask the Mikrotik. I tried this and it doesn't work Can you tell where it fails? Is it that the p...

gotsprings

this switch is cheap for the capabilities it has, but for broken hardware its too much... If it doesn't work... it doesn't mater what it costs. Also... they finally admitted there is "just nothing they can do about" busy airtime. So I stopped using their wireless radios. Routing... Love THEM. ANYTH...

gotsprings

Set the Mikrotik to use a DNS other than piehole... Like 8.8.8.8, 1.1.1.1. Then in your DHCP server... Set the DNS value under network to be piehole, Mikrotik. If piehole doesn't work... The client will ask the Mikrotik. I tried this and it doesn't work Can you tell where it fails? Is it that the p...

gotsprings

Broadcasts don't work over VPN. So unless you use EoIP from Tik to Tik... You are not going to see the printer via airprint. Now if you can set the IP address of that printer on your device... That would work.

gotsprings

I meant: would a CRS326 running RouterOS be a more stable solution?

Changing vendors would be "more stable".

Mikrotik can route... But man... Switching and wireless is absolutely not in the same league.

gotsprings

Thanks for the assist bpwl.

gotsprings

We'll check that out... Once you change indoor to any, you get the upper frequencies.

gotsprings

United States 3
Indoor

gotsprings

I have worked on caps-man for some time now. Today I needed to take my home wireless AP out as it's needed for a commercial install. Still had a cAP AC in my trunk. So it seemed a good time to put it back online. Unit was defaulted and rather than. Setup cap... I set it up as an Access Point. Went i...

gotsprings

Thanks for the replies. Decided to sell the Mikrotik gear on eBay and use something else - routers and switches are great from MikroTik but wireless is terrible IMO. "Terrible" is a bit much. When it comes to routing... I am confident I can beat a Tik into what I need. When it comes to wireless... ...

gotsprings

Use a wireless wire for a PtP link. I got nearly 950Megs over a wireless connection with that product. Would definitely try it to link the buildings.

gotsprings

And this is "swatting a fly with a SHOTGUN"... but here is a little tip to help out if you have 2.4 radios doing this to you... First... Once you set up caps-man... NAME ALL YOUR RADIOS SOMETHING WITH 2.4 IN IT. (i.e. : caps-man interface name=Router_2.4) /system scheduler add interval=1d name=2.4dr...

gotsprings

BPWL. That system on main street was only listed as it was obvious. But as also stated in that post... Lots of standard US HOME deployments. Places where I wouldn't call interference "that high". Problems are less frequent... But still occurs. Now here... 2 cAP ACs will run about $140. The step to $...

gotsprings

So your main point is a 240$ AP from Rukus is better than a 50$ AP from MK? My point is maybe you were trying to use the MK in a setup they were never meant to support ( heavy noise, lots of clients) ? Because I have 3 CAP ACs at home with capsman and around 30 Wifi Clients and I have yet to see an...

gotsprings

Gotsprings, in very particular cases we will see issues with all vendors. People are buying Tiks and thinking they will get cheap Ciscos or Arubas. They will not, especially discussing Wifi. As people say here, MK is great for routing, mediocre for WIFI. But I prefer to have everything from the sam...

gotsprings

That seems to be the product its built to compete with. Anyone done the comparisons yet? In the Mesh world and for busy home networks, based on my field experiences nobody beats Netgear RBKxx systems -- NOBODY period FULL Stop Ruckus --- The only manufacturer that has successfully exploited Spatial...

gotsprings

I gave the audience a few months... Same old quirks here and there. Shutting of a radio was new to me. I have seen Tik radios stop accepting clients until rebooted... but actually disabled and stopped transmitting the SSID... that was new. R610 was on sale for $270. Couldn't pass that up. Configured...

gotsprings

Are you saying that your Router is Running Caps-Man? Thats fine if it is... (Most common deployment I would think.) the firewall will function at your router like normal. If you have LOCAL FORWARDING unchecked... all traffic is tunneled back to the Caps-Man Controller. This cause a considerable slow...

gotsprings

Because you can't fast track and actually have to route and use encryption, for what you asked But the configuration shows neither - fasttracking cannot speed up anything as the firewall is not there at all, and encryption is not used either. Do I read it right that the main WAN is PPPoE? I can't g...

gotsprings

Tech Lord... Point 2 about stability... With Tik Radios... In noisy environments radios will just stop accepting clients and will continue doing this until rebooted. Then devices can connect for some amount of time again. Until its time to reboot again. My work around was to keep a printer on the sa...

gotsprings

Because you can't fast track and actually have to route and use encryption, for what you asked

gotsprings

Can you use a VPN to go faster than your current internet speed?
Is that what you asked?

If so, in short... No.

gotsprings

Once again... The cost savings are not equal to the drop in performance.

Also as stated in another post... I picked up a Ruckus R610 for $270 US. It absolutely beats the Audience that sat in the same spot for several months. Throughput. Number of clients. Connectivity. It's just not close.

gotsprings

2011 is way to slow to hit 600 for just straight NAT. Pick up an hAP AC2. Much better processor and IPSec acceleration built in.

gotsprings

Which model?

gotsprings

Limit bandwidth of the others

gotsprings

A ruckus R710 is a pretty dated unit. An R510 or R610 is newer and I would take a R610 over the R710 anyday.

Now lets also skip the B--L$h!+. Ruckus has been on Promo for nearly 2 years. The $650 R510 is readily available on Amazon for ~$250. AND STOMPS ALL OVER THE AUDIENCE.

gotsprings

I was incredibly excited when caps-man first came out. I spent months tweaking and coming up with some really neat stuff. Mimicking features found in wireless systems costing 10-20 times more. But... I was wasting a TREMENDOUS amount of time on some pretty bad radios. You can tweak Mikrotik wireless...

gotsprings

Local forwarding will improve performance. However the radios themselves are "performance limited" compared to other manufactures.

gotsprings

/caps-man interface channel tx-power

gotsprings

www.domotz.com

gotsprings

Mikrotik wireless has been sub par all the way back in AC v1 the AC V2 devices have been plagued with constant issues relating to connection and throughput. Caps-man is incredible on paper. But in the wild... It's cost me a lot of money. Giving up and going back to another vendor was coslty... But w...

gotsprings

I followed another thread about this for a while but ultimately gave up. The Ubnt Edgeswitch I swapped in has experienced zero lockups and has not been rebooted in several months.

gotsprings

Do you see the dreaded 4-way Hand Shake time out in the logs?

gotsprings

Multiple APs should be on separate channels.

gotsprings

Local forwarding will take a large load off your network.

5Ghz doesn't through objects very well.

gotsprings

Bumping this up the request list too.

gotsprings

The more I use Mikrotik wireless... The more I love Ruckus.

If you need a solution... RUCKUS.
If you don't mind a hobby... Mikrotik.

This is completely the opposite of Mikrotik routing.

gotsprings

Default forwarding.

gotsprings

Audience shut off its 2.4 radio.

No idea when or why it did that. Generated a support file while the problem was happening. Got an email several days later asking me to make another support file if it happens again.

Yeah... Back to Ruckus thanks.

gotsprings

From my limited knowledge its a really cool and easy way to add two separate locations and make one of them 'part of the others LAN'.

EOIP... Its like stretching a long cable between 2 tiks. EVERYTHING goes across it.

gotsprings

I'm having issues on a hAP ac with WiFi calling. Call will connect for about 15 seconds before the person on the other end is unable to hear my voice while I can still hear theres. I've read the forums and others having issues but have been unable to find a solution. I'm running on ROS 6.45.8. I've...

gotsprings

Ovpn on Mikrotik is a non starter for connecting to other hardware. Mikrotik's version of OpenVPN is the older TCP protocol. Pretty sure Nord is going to use UDP. You can run the 7 series testing software from my understanding, which has Ovpn UDP support. So 11 years late and still in beta. No than...

gotsprings

Love Tik for routing and had to give up OVPN when I moved to Mikrotik... 10 years ago. Ovpn was messed up then and still not useable Tik wireless... I wish is worked better. But I have been burned too many times. Ruckus brought their prices down and I don't have any problems with them. So I have giv...

gotsprings

Get a raspberry pi and put it on the network.

gotsprings

/IP firewall export

gotsprings

Ovpn on Mikrotik is a non starter for connecting to other hardware. Mikrotik's version of OpenVPN is the older TCP protocol. Pretty sure Nord is going to use UDP.

gotsprings

My CRS328 is still passing packets. Powering devices. But it is gone from the DHCP server. Doesn't show up in a network scan. But winbox finds it at 192.168.88.1. Webpage is not reachable at 192.168.88.1

Anything I can do to get diagnostic info to Mikrotik?

gotsprings

@gotsprings - if the issue seems only related to SwOS and there are no cable/module issue, please report this on https://help.mikrotik.com/servicedesk/ or send an email to support@mikrotik.com EdPa I have not been able to keep my system online for more than a few days due to power issues in my area...

gotsprings

Sure it's not a voltage thing or something else rebooting? I have some pretty intricate settings on a few hAP AC2s that have had several months of uptimes. I never messed with the processor speed. I always updated routerOS and firmware. I have had some issues with cap radios on the running cap. But ...

gotsprings

Just cant remember if I have seen this somewhere. So i want to improve on the autoping of my webpower switch. What I want to do is ping 2 hosts and if both hosts return 3 pings or better take NO action and repeat in 5 minutes. Else Take action and run script in 8 minutes. /system script add dont-req...

gotsprings

Here are a few ways to get the public IP address Pick IP From Route (add WAN to your WAN connection name. ie. ether1-WAN) :global Stat [/ip route get [find gateway~"WAN"] pref-src] Pick IP from Address (add WAN to your WAN connection name. ie. ether1-WAN) :global OnEtherSub [/ip address get [find in...

gotsprings

There is also the fact that I ran the switch with routerOS for several weeks without incident.

gotsprings

My current work around.

https://dlidirect.com/products/new-pro-switch

gotsprings

I would expect a bad cable to be a problem right away... Not several days later.

Especially not after the same cable and router attached to another switch didn't have this issue.

Yup... Found the other thread...
viewtopic.php?t=142969

gotsprings

The FCS error was what the router was reporting when the switch was locked up. That cable had been used before with another manufacture's switch, and the switch never locked up. The cable is a direct connect type where the modules that go into the router and switch are part of the cable. I was hopin...

gotsprings

During lockup...
It still provided POE to a hAP AC2 and to a 5 port 260
What does this mean ?

It means that it's POE was still active despite the fact that the switch seemed completely locked up.

gotsprings

I guess you are using the CRS328-24P-4S+ switch, are you using the latest SwOS version?

CRS328-24P-4S+RM running switch OS, latest version.

gotsprings

Use what I gave you and change the IPs to match your needs.

gotsprings

Unit had been in operation for a few weeks at this point.

During lockup...
It still provided POE to a hAP AC2 and to a 5 port 260.

gotsprings

My network completely stopped. Couldn't get anything to work. Couldn't statically set an IP and reach the router. Rebooted router. nope. Noticed even my caps had stopped transmitting. Rebooted switch. Everything came back. Looked at the log from my router... Sfp-sfpplus1 fcs error on link After rebo...

gotsprings

Saw the same thing coming from BELOW 6.40.8 to above. I could ping cloud2 and everything. I messaged support but due to time differences and it being a production environment... unit came out. Got a reply a few days later... but field tech threw the unit away... it was a CRS125 from his truck that w...

gotsprings

I swear i remember an article more than a year ago, about holding the connection open to 8291 and using it to probe Tik Networks.

It was the next "big thing" after Slingshot.

gotsprings

Mikrotik's Version of OVPN has been abandoned for years. When I first started with RouterOS 10 years ago... OpenVPN was the first thing I had to "Give up on," using Mikrotik. I think i can find the exact post where I asked about OVPN being updated to work with THEN CURRENT standards. "Next RouterOS ...

gotsprings

I get nervous using a touchscreen with Winbox.

I think it would be up to the device on if it would let you open multiple instances of the App.

gotsprings

Put a filter forwarding rule to allow connections from the MAIN network to the HotSpot Network above the drop rule?

gotsprings

Do you actually need MESH... since you capitalized it... that means you are planning not to wire some of your Access Points?

gotsprings

Here is an example I use for DNS traffic on a Bar's Guest Network... Guest DHCP server hands out OPENDNS Family DNS servers to DHCP-Clients. If the people on that try to get creative and put in their own DNS servers to bypass that filter... they get caught be these. /ip firewall nat add action=dst-n...

gotsprings

I also stay with the 3011 over the 4011.

Too many reports about 4011 with wifi radios shutting down And I did see the SFP+ port shut down once in my test unit.

gotsprings

The RB2011 has a 2.4 only radio, from 2011. Or my favorite fact... When first released, the difference in price between the WiFi and non wifi unit was 1 dollar. Replace the whole thing with a hAP AC2. The wireless radios are AC MU-MIMO. They seem to top out right around 300Megs on the 5Gig radio. An...

gotsprings

On RB I have PPTP VPN server, open ports for applications.....everything works OK except outgoing connection to remote PPTP VPN server from PC behind RB.
Does anybody know why?

/IP firewall filter export

gotsprings

Client to client forwarding used to trip me up.

gotsprings

Port knocking and address lists. Also add scanners to drop list.

gotsprings

www.domotz.com

Email, alert on your phone, and log.

gotsprings

Don't know what sort of speed you pay for... But I would recommend putting a managed switch in front of the router to handle the 10VLAN tagging for you. Noticed a significant slowdown when I ran into a Google fiber install that needed VLAN2 on the WAN port. If I had an RB260GS handy... I bet it woul...

gotsprings

Upload an rsc file with the auto option?

gotsprings

Remember... I sent the support file to Mikrotik and this was the reply... Hello, When virtual AP is added to the CAPsMAN, it should be manually added to the bridge, because the virtual interfaces do not follow provisioning rules. Best regards, Viesturs R. Now let's look at that... When controlled by...

gotsprings

What do you seriously not get? The virtual APs are added dynamically. They are not added to the bridge. I added to the post to try to help someone solve a problem... And I posted how I was seeing something repeatable that seemed related. You just keep calling me wrong or implying I should bow down t...

gotsprings

@gotsprings
You are using local mode forwarding or caps man forward mode?

Sent from my Moto Z3 Play using Tapatalk

Local Forwarding... always local forwarding... Covered again and again in this thread.

Yes... using local forwarding.

gotsprings

I needed to run a script when a interface became active... This became the base of it. :local "Interface-1" [/interface get [find name=ether1] running] :local "Interface-2" [/interface get [find name=ether2] running] Based my script on the true / false nature of the output. Might help someone else a...

gotsprings

I got around this by using resolve. I resolve my public IP address. And make that a local variable. Then I compare that variable to what I pick off IP cloud or route pref-source. This cuts down on sending unnecessary traffic to my name server provider. And NOTHING GETS WRITTEN TO MY LOG UNTIL... I s...

gotsprings

It is added as a slave configuration in provisioning. That's what this has all been about. I seriously don't know if it's a language thing... Or you are trying to be rude. But here it is is plain English. I have multiple configurations under caps man. In provisioning... I have 1 config as the main. ...

gotsprings

After manually adding the interfaces to the bridge... Updating Router OS broke it. Generated a support file and sent it to Mikrotik. Readded the interfaces manually, then received this reply. Hello, When virtual AP is added to the CAPsMAN, it should be manually added to the bridge, because the virtu...

Search found 1002 matches