MikroTik

gotsprings

Set the Mikrotik to use a DNS other than piehole... Like 8.8.8.8, 1.1.1.1. Then in your DHCP server... Set the DNS value under network to be piehole, Mikrotik. If piehole doesn't work... The client will ask the Mikrotik. I tried this and it doesn't work Can you tell where it fails? Is it that the p...

gotsprings

this switch is cheap for the capabilities it has, but for broken hardware its too much... If it doesn't work... it doesn't mater what it costs. Also... they finally admitted there is "just nothing they can do about" busy airtime. So I stopped using their wireless radios. Routing... Love THEM. ANYTH...

gotsprings

Set the Mikrotik to use a DNS other than piehole... Like 8.8.8.8, 1.1.1.1. Then in your DHCP server... Set the DNS value under network to be piehole, Mikrotik. If piehole doesn't work... The client will ask the Mikrotik. I tried this and it doesn't work Can you tell where it fails? Is it that the p...

gotsprings

Broadcasts don't work over VPN. So unless you use EoIP from Tik to Tik... You are not going to see the printer via airprint. Now if you can set the IP address of that printer on your device... That would work.

gotsprings

I meant: would a CRS326 running RouterOS be a more stable solution?

Changing vendors would be "more stable".

Mikrotik can route... But man... Switching and wireless is absolutely not in the same league.

gotsprings

Thanks for the assist bpwl.

gotsprings

We'll check that out... Once you change indoor to any, you get the upper frequencies.

gotsprings

United States 3
Indoor

gotsprings

I have worked on caps-man for some time now. Today I needed to take my home wireless AP out as it's needed for a commercial install. Still had a cAP AC in my trunk. So it seemed a good time to put it back online. Unit was defaulted and rather than. Setup cap... I set it up as an Access Point. Went i...

gotsprings

Thanks for the replies. Decided to sell the Mikrotik gear on eBay and use something else - routers and switches are great from MikroTik but wireless is terrible IMO. "Terrible" is a bit much. When it comes to routing... I am confident I can beat a Tik into what I need. When it comes to wireless... ...

gotsprings

Use a wireless wire for a PtP link. I got nearly 950Megs over a wireless connection with that product. Would definitely try it to link the buildings.

gotsprings

And this is "swatting a fly with a SHOTGUN"... but here is a little tip to help out if you have 2.4 radios doing this to you... First... Once you set up caps-man... NAME ALL YOUR RADIOS SOMETHING WITH 2.4 IN IT. (i.e. : caps-man interface name=Router_2.4) /system scheduler add interval=1d name=2.4dr...

gotsprings

BPWL. That system on main street was only listed as it was obvious. But as also stated in that post... Lots of standard US HOME deployments. Places where I wouldn't call interference "that high". Problems are less frequent... But still occurs. Now here... 2 cAP ACs will run about $140. The step to $...

gotsprings

So your main point is a 240$ AP from Rukus is better than a 50$ AP from MK? My point is maybe you were trying to use the MK in a setup they were never meant to support ( heavy noise, lots of clients) ? Because I have 3 CAP ACs at home with capsman and around 30 Wifi Clients and I have yet to see an...

gotsprings

Gotsprings, in very particular cases we will see issues with all vendors. People are buying Tiks and thinking they will get cheap Ciscos or Arubas. They will not, especially discussing Wifi. As people say here, MK is great for routing, mediocre for WIFI. But I prefer to have everything from the sam...

gotsprings

That seems to be the product its built to compete with. Anyone done the comparisons yet? In the Mesh world and for busy home networks, based on my field experiences nobody beats Netgear RBKxx systems -- NOBODY period FULL Stop Ruckus --- The only manufacturer that has successfully exploited Spatial...

gotsprings

I gave the audience a few months... Same old quirks here and there. Shutting of a radio was new to me. I have seen Tik radios stop accepting clients until rebooted... but actually disabled and stopped transmitting the SSID... that was new. R610 was on sale for $270. Couldn't pass that up. Configured...

gotsprings

Are you saying that your Router is Running Caps-Man? Thats fine if it is... (Most common deployment I would think.) the firewall will function at your router like normal. If you have LOCAL FORWARDING unchecked... all traffic is tunneled back to the Caps-Man Controller. This cause a considerable slow...

gotsprings

Because you can't fast track and actually have to route and use encryption, for what you asked But the configuration shows neither - fasttracking cannot speed up anything as the firewall is not there at all, and encryption is not used either. Do I read it right that the main WAN is PPPoE? I can't g...

gotsprings

Tech Lord... Point 2 about stability... With Tik Radios... In noisy environments radios will just stop accepting clients and will continue doing this until rebooted. Then devices can connect for some amount of time again. Until its time to reboot again. My work around was to keep a printer on the sa...

gotsprings

Because you can't fast track and actually have to route and use encryption, for what you asked

gotsprings

Can you use a VPN to go faster than your current internet speed?
Is that what you asked?

If so, in short... No.

gotsprings

Once again... The cost savings are not equal to the drop in performance.

Also as stated in another post... I picked up a Ruckus R610 for $270 US. It absolutely beats the Audience that sat in the same spot for several months. Throughput. Number of clients. Connectivity. It's just not close.

gotsprings

2011 is way to slow to hit 600 for just straight NAT. Pick up an hAP AC2. Much better processor and IPSec acceleration built in.

gotsprings

Which model?

gotsprings

Limit bandwidth of the others

gotsprings

A ruckus R710 is a pretty dated unit. An R510 or R610 is newer and I would take a R610 over the R710 anyday.

Now lets also skip the B--L$h!+. Ruckus has been on Promo for nearly 2 years. The $650 R510 is readily available on Amazon for ~$250. AND STOMPS ALL OVER THE AUDIENCE.

gotsprings

I was incredibly excited when caps-man first came out. I spent months tweaking and coming up with some really neat stuff. Mimicking features found in wireless systems costing 10-20 times more. But... I was wasting a TREMENDOUS amount of time on some pretty bad radios. You can tweak Mikrotik wireless...

gotsprings

Local forwarding will improve performance. However the radios themselves are "performance limited" compared to other manufactures.

gotsprings

/caps-man interface channel tx-power

gotsprings

www.domotz.com

gotsprings

Mikrotik wireless has been sub par all the way back in AC v1 the AC V2 devices have been plagued with constant issues relating to connection and throughput. Caps-man is incredible on paper. But in the wild... It's cost me a lot of money. Giving up and going back to another vendor was coslty... But w...

gotsprings

I followed another thread about this for a while but ultimately gave up. The Ubnt Edgeswitch I swapped in has experienced zero lockups and has not been rebooted in several months.

gotsprings

Do you see the dreaded 4-way Hand Shake time out in the logs?

gotsprings

Multiple APs should be on separate channels.

gotsprings

Local forwarding will take a large load off your network.

5Ghz doesn't through objects very well.

gotsprings

Bumping this up the request list too.

gotsprings

The more I use Mikrotik wireless... The more I love Ruckus.

If you need a solution... RUCKUS.
If you don't mind a hobby... Mikrotik.

This is completely the opposite of Mikrotik routing.

gotsprings

Default forwarding.

gotsprings

Audience shut off its 2.4 radio.

No idea when or why it did that. Generated a support file while the problem was happening. Got an email several days later asking me to make another support file if it happens again.

Yeah... Back to Ruckus thanks.

gotsprings

From my limited knowledge its a really cool and easy way to add two separate locations and make one of them 'part of the others LAN'.

EOIP... Its like stretching a long cable between 2 tiks. EVERYTHING goes across it.

gotsprings

I'm having issues on a hAP ac with WiFi calling. Call will connect for about 15 seconds before the person on the other end is unable to hear my voice while I can still hear theres. I've read the forums and others having issues but have been unable to find a solution. I'm running on ROS 6.45.8. I've...

gotsprings

Ovpn on Mikrotik is a non starter for connecting to other hardware. Mikrotik's version of OpenVPN is the older TCP protocol. Pretty sure Nord is going to use UDP. You can run the 7 series testing software from my understanding, which has Ovpn UDP support. So 11 years late and still in beta. No than...

gotsprings

Love Tik for routing and had to give up OVPN when I moved to Mikrotik... 10 years ago. Ovpn was messed up then and still not useable Tik wireless... I wish is worked better. But I have been burned too many times. Ruckus brought their prices down and I don't have any problems with them. So I have giv...

gotsprings

Get a raspberry pi and put it on the network.

gotsprings

/IP firewall export

gotsprings

Ovpn on Mikrotik is a non starter for connecting to other hardware. Mikrotik's version of OpenVPN is the older TCP protocol. Pretty sure Nord is going to use UDP.

gotsprings

My CRS328 is still passing packets. Powering devices. But it is gone from the DHCP server. Doesn't show up in a network scan. But winbox finds it at 192.168.88.1. Webpage is not reachable at 192.168.88.1

Anything I can do to get diagnostic info to Mikrotik?

gotsprings

@gotsprings - if the issue seems only related to SwOS and there are no cable/module issue, please report this on https://help.mikrotik.com/servicedesk/ or send an email to support@mikrotik.com EdPa I have not been able to keep my system online for more than a few days due to power issues in my area...

gotsprings

Sure it's not a voltage thing or something else rebooting? I have some pretty intricate settings on a few hAP AC2s that have had several months of uptimes. I never messed with the processor speed. I always updated routerOS and firmware. I have had some issues with cap radios on the running cap. But ...

gotsprings

Just cant remember if I have seen this somewhere. So i want to improve on the autoping of my webpower switch. What I want to do is ping 2 hosts and if both hosts return 3 pings or better take NO action and repeat in 5 minutes. Else Take action and run script in 8 minutes. /system script add dont-req...

gotsprings

Here are a few ways to get the public IP address Pick IP From Route (add WAN to your WAN connection name. ie. ether1-WAN) :global Stat [/ip route get [find gateway~"WAN"] pref-src] Pick IP from Address (add WAN to your WAN connection name. ie. ether1-WAN) :global OnEtherSub [/ip address get [find in...

gotsprings

There is also the fact that I ran the switch with routerOS for several weeks without incident.

gotsprings

My current work around.

https://dlidirect.com/products/new-pro-switch

gotsprings

I would expect a bad cable to be a problem right away... Not several days later.

Especially not after the same cable and router attached to another switch didn't have this issue.

Yup... Found the other thread...
viewtopic.php?t=142969

gotsprings

The FCS error was what the router was reporting when the switch was locked up. That cable had been used before with another manufacture's switch, and the switch never locked up. The cable is a direct connect type where the modules that go into the router and switch are part of the cable. I was hopin...

gotsprings

During lockup...
It still provided POE to a hAP AC2 and to a 5 port 260
What does this mean ?

It means that it's POE was still active despite the fact that the switch seemed completely locked up.

gotsprings

I guess you are using the CRS328-24P-4S+ switch, are you using the latest SwOS version?

CRS328-24P-4S+RM running switch OS, latest version.

gotsprings

Use what I gave you and change the IPs to match your needs.

gotsprings

Unit had been in operation for a few weeks at this point.

During lockup...
It still provided POE to a hAP AC2 and to a 5 port 260.

gotsprings

My network completely stopped. Couldn't get anything to work. Couldn't statically set an IP and reach the router. Rebooted router. nope. Noticed even my caps had stopped transmitting. Rebooted switch. Everything came back. Looked at the log from my router... Sfp-sfpplus1 fcs error on link After rebo...

gotsprings

Saw the same thing coming from BELOW 6.40.8 to above. I could ping cloud2 and everything. I messaged support but due to time differences and it being a production environment... unit came out. Got a reply a few days later... but field tech threw the unit away... it was a CRS125 from his truck that w...

gotsprings

I swear i remember an article more than a year ago, about holding the connection open to 8291 and using it to probe Tik Networks.

It was the next "big thing" after Slingshot.

gotsprings

Mikrotik's Version of OVPN has been abandoned for years. When I first started with RouterOS 10 years ago... OpenVPN was the first thing I had to "Give up on," using Mikrotik. I think i can find the exact post where I asked about OVPN being updated to work with THEN CURRENT standards. "Next RouterOS ...

gotsprings

I get nervous using a touchscreen with Winbox.

I think it would be up to the device on if it would let you open multiple instances of the App.

gotsprings

Put a filter forwarding rule to allow connections from the MAIN network to the HotSpot Network above the drop rule?

gotsprings

Do you actually need MESH... since you capitalized it... that means you are planning not to wire some of your Access Points?

gotsprings

Here is an example I use for DNS traffic on a Bar's Guest Network... Guest DHCP server hands out OPENDNS Family DNS servers to DHCP-Clients. If the people on that try to get creative and put in their own DNS servers to bypass that filter... they get caught be these. /ip firewall nat add action=dst-n...

gotsprings

I also stay with the 3011 over the 4011.

Too many reports about 4011 with wifi radios shutting down And I did see the SFP+ port shut down once in my test unit.

gotsprings

The RB2011 has a 2.4 only radio, from 2011. Or my favorite fact... When first released, the difference in price between the WiFi and non wifi unit was 1 dollar. Replace the whole thing with a hAP AC2. The wireless radios are AC MU-MIMO. They seem to top out right around 300Megs on the 5Gig radio. An...

gotsprings

On RB I have PPTP VPN server, open ports for applications.....everything works OK except outgoing connection to remote PPTP VPN server from PC behind RB.
Does anybody know why?

/IP firewall filter export

gotsprings

Client to client forwarding used to trip me up.

gotsprings

Port knocking and address lists. Also add scanners to drop list.

gotsprings

www.domotz.com

Email, alert on your phone, and log.

gotsprings

Don't know what sort of speed you pay for... But I would recommend putting a managed switch in front of the router to handle the 10VLAN tagging for you. Noticed a significant slowdown when I ran into a Google fiber install that needed VLAN2 on the WAN port. If I had an RB260GS handy... I bet it woul...

gotsprings

Upload an rsc file with the auto option?

gotsprings

Remember... I sent the support file to Mikrotik and this was the reply... Hello, When virtual AP is added to the CAPsMAN, it should be manually added to the bridge, because the virtual interfaces do not follow provisioning rules. Best regards, Viesturs R. Now let's look at that... When controlled by...

gotsprings

What do you seriously not get? The virtual APs are added dynamically. They are not added to the bridge. I added to the post to try to help someone solve a problem... And I posted how I was seeing something repeatable that seemed related. You just keep calling me wrong or implying I should bow down t...

gotsprings

@gotsprings
You are using local mode forwarding or caps man forward mode?

Sent from my Moto Z3 Play using Tapatalk

Local Forwarding... always local forwarding... Covered again and again in this thread.

Yes... using local forwarding.

gotsprings

I needed to run a script when a interface became active... This became the base of it. :local "Interface-1" [/interface get [find name=ether1] running] :local "Interface-2" [/interface get [find name=ether2] running] Based my script on the true / false nature of the output. Might help someone else a...

gotsprings

I got around this by using resolve. I resolve my public IP address. And make that a local variable. Then I compare that variable to what I pick off IP cloud or route pref-source. This cuts down on sending unnecessary traffic to my name server provider. And NOTHING GETS WRITTEN TO MY LOG UNTIL... I s...

gotsprings

It is added as a slave configuration in provisioning. That's what this has all been about. I seriously don't know if it's a language thing... Or you are trying to be rude. But here it is is plain English. I have multiple configurations under caps man. In provisioning... I have 1 config as the main. ...

gotsprings

After manually adding the interfaces to the bridge... Updating Router OS broke it. Generated a support file and sent it to Mikrotik. Readded the interfaces manually, then received this reply. Hello, When virtual AP is added to the CAPsMAN, it should be manually added to the bridge, because the virtu...

gotsprings

:global MainInterface [/ip dhcp-server get number=0 interface] /interface vlan add name="VLAN101" interface=$MainInterface vlan-id=101 /ip pool add name="Pool 101" range=192.168.101.100-192.168.101.150 /ip dhcp-server add address-pool="Pool 101" authoritative=after-2sec-delay disabled=no interface=...

gotsprings

You need to include more about your topology.

gotsprings

Use Winbox Connect your computer directly to the Mikrotik Set a static IP on your computer of 192.168.88.88 Open winbox and select Neighbors The Tik should show up via IP and MAC address. CIick on the MAC address and it will populate in winbox Hit connect Navigate to /IP address Select the IP addres...

gotsprings

Did you add bridge in the data path?

I don't.

gotsprings

Ok i ll give it a try and let you know... By the way when you already have a good router, i mean a powerful one just go with capsman forwarding... Am not really sure why you use local forwarding so much.... That would be Mikrotik staff. When I was getting crap numbers from cAP AC, Mikrotik support ...

gotsprings

Thanks for the comments, checked the provided doc, couldn't see anything that I hadn't already done. I'm not using separate VLANs, I just want the new SSID in the existing single VLAN set up. If you don't want to use vlan what is the point to have multiple SSID? I have a wireless printer that has q...

gotsprings

@gotsprings i ll give it a try tomorrow and i will let you know... What is your ROS version by the way ? 6.45.7. But I have noticed this for a little while now. I had an install with 3 cAP AC and a hAP AC2 as the router. I got complaints about people not being able to connect. After painfully worki...

gotsprings

If I have a /29 IP address on the WAN...
I assign them to the WAN interface.
I put the proper gateway in routes.
Then I use address-lists and src-nat to, to send different traffic over the different IPs.
Pretty sure the default for an interface is "arp enabled".

Did I miss something?

gotsprings

It slows the throughput to garbage It depends, but in general terms i do not agree... I have in production capsman with local forwarding mode as well and never seen such behavior... Why do you manually add the interfaces inside the bridge? This is not how its done! You go to wireless cap bridge and...

gotsprings

TO MAKE THIS CLEAR... I only observe this when the CAPS-MAN is running in the same device that I am trying to control as a cap. If its on a router or other device... all caps work just fine with virtual APs or SLAVE configs. I ve made many many capsman configurations. But so that i can be sure that...

gotsprings

Thanks for the comments, checked the provided doc, couldn't see anything that I hadn't already done.

I'm not using separate VLANs, I just want the new SSID in the existing single VLAN set up.

That's what I was typing... Add the second WLAN to your bridge.

gotsprings

TO MAKE THIS CLEAR... I only observe this when the CAPS-MAN is running in the same device that I am trying to control as a cap. If its on a router or other device... all caps work just fine with virtual APs or SLAVE configs. THIS HAPPENS 100/100 across 4 different test routers that have caps-man run...

gotsprings

/ip firewall Nat export

gotsprings

https://mikrotik.com/products/group/wir ... and-office

gotsprings

I'm afraid you may have to set arp=proxy-arp on the WAN interface if the all the public addresses are from the same subnet attached to the WAN interface.

I don't think I have ever had to do that.

gotsprings

Use this as a baseline...
https://support.hidemyass.com/hc/en-us/ ... _site=true

gotsprings

In fact, in such a setup you need a router to allow communication between the VLANs, not to block it.

Yup... That right there. If no switch is layer 3 or a router... You are not getting from one subnet to the others.

And like xvo posted...
I see managed switches when I see this diagram.

gotsprings

Back when I was "all about open source"... I used OVPN all day. When I moved to Mikrotik... I found a all but deserted protocol. I asked about OVPN being brought up to modern standards... And there was chatter about "next router OS release..." That was ~10 years ago. If you want to use OVPN... Don't...

gotsprings

How about recursive routing for the 2 ISPs? That eliminates the need to change distances dynamically. Also you can query if a route is active or not. Then make your script work on If active then, else then. You could alternatively set a static route to a host using your primary ISP and firewall it f...

gotsprings

I am still looking at the CCR1009-7G-1C-1S+ as the router for a restaurant???

Then he mentions overkill for a radio?

gotsprings

Clear line of site and proper aim is a must thou.

gotsprings

You mean hAP AC2?

That could allow for better airtime usage, in theory.

gotsprings

On the device running as Caps-Man... Slave SSIDs don't get added to the bridge by default.

Open bridge and add the ports.

I have seen this on several units now.

gotsprings

Finally got one in for testing.

Used the quickset screen to match my wifi settings... Swapped my R510 out.

Unit uses standard POE so it lit right up where the ruckus had been.
19 devices connected.

Will follow up.

gotsprings

Took some WAGs today and it appears I have the edgeswitch routing.

gotsprings

RouterOS v6.46beta59 has fixes for wireless. Do they fix your performance problems with hap ac2?
(Not with CAPSMAN, this is full of bugs)

Which Bugs exactly in caps-man?

gotsprings

https://community.ui.com/tags/edgemax

And i am the top one.

gotsprings

Looking for some help on an install that I have been thrown into. I could bore you with the story but here are the important parts. 5 subnets 192.168.1.0/24, 192.168.10.0/24,192.168.20.0/24,192.168.30.0/24,192.168.40.0/24 They have all Ubiquiti EdgeSwitches. No problem... I set up a hAP AC2 with the...

gotsprings

So I still don't know what to buy. Want RB4011 for wireless. Currently have CCr1009-7G-1C-PC + 2x UniFi Pro. CCR will sell. Maybe will stay with RB4011 as main router and wifi + RB962UiGS for wifi in another room? The 4011 has had problems with SFP+ port and with WiFi interfaces. I would hold off o...

gotsprings

Probably that default config problem where the DHCP-SERVER has no DNS entry.

gotsprings

A bit more tricky is going to be the setup / config, specially if you will use 3 AP Wifi interfaces (and not as MESH). Which 5Ghz network will a client select if you have 2 with same SSID at two different channels? Or create 2 or 3 different SSID? Running two 5GHz channels with same SSID in the sam...

gotsprings

Distros in the US are sending out "we have Audience in stock". But still not seeing anyone saying... "Yes I have used it... And..." Everybody is waiting for you to share the experience :wink: # While I used to LOVE TESTING STUFF OUT AND BEING FIRST... Not getting paid, and ending up holding the bag...

gotsprings

Distros in the US are sending out "we have Audience in stock".

But still not seeing anyone saying... "Yes I have used it... And..."

gotsprings

We believe we have fixed the issue, but that particular fix has not yet been released. Wait for the next beta please. FORTUNATELY... I only have one in the field and it has not exhibited this particular problem. Could the fact that I am in the US have something to do with it? The reports of the wif...

gotsprings

What was the outcome of this?

gotsprings

What is Eero? :shock: mesh WiFi https://eero.com/ I have 2 in bridge mode. Excellent wireless coverage. I did order Audience to give it a try. Eero is what the guy who has NO BUSINESS AT ALL TOUCHING A NETWORK, is bringing into a commercial install. .... Rather confused why you quoted me and posted...

gotsprings

What is Eero? :shock: mesh WiFi https://eero.com/ I have 2 in bridge mode. Excellent wireless coverage. I did order Audience to give it a try. Eero is what the guy who has NO BUSINESS AT ALL TOUCHING A NETWORK, is bringing into a commercial install. Sparky, "I use this all the time." Me, "YEAH IN H...

gotsprings

That seems to be the product its built to compete with.

Anyone done the comparisons yet?

gotsprings

I see this problem the same day I configure the router. Now on some jobs the problem pops up a few days after I have left. Those ones... disabling the radio interface sometimes cures it. But the jobs where I see those messages right away... I have to change manufactures. Too many lost hours and clie...

gotsprings

I have the same similar issue “disconnected, received disassoc: sending station leaving”. I have not found a fix for this problem but I think I have a workaround that has solved this issue. Wrote a script and add it to the scheduler as shown below: /system scheduler add interval=1w name=Recycle-Cap...

gotsprings

Logged into my one and only restaurant/bar Caps-System, in the middle of an American Football Game. (They agreed to be the Guinea Pigs when they compared the cost to the Ruckus System at their other store.) 3 cAP AC and 1 hAP AC2 as the main router. I might as well have 2.4 turned off. 2.4 only clie...

gotsprings

A problem I seem to have nailed down... If I set up caps-man on the hAP AC2 and then tell its wireless interface to JOIN THE CAP... All SSIDs start transmitting and the configuration looks like the other caps. I ve configured many many routers as capsman manager with their own WiFi joining as a cap...

gotsprings

Chechito: Environments where there are other wireless networks is when it really crumbles. I have managed to keep 50 clients connected to a cAP AC or hAP AC. But if there is a lot of wireless around you that isn't your... You get all sorts of disconnect messages. Anuser: Private PSK is a function of...

gotsprings

They are not going to set up a VPN. If they have dynamic servers... Find out if they have a domain. You could resolve the domain and have a script punch it into the src-address when a change happens. Or with the addition of address lists... You can put the domain in there and it will resolve it as o...

gotsprings

If the port doesn't change between WAN and LAN... you don't need to-ports=38880-38884 As for the compliance scans... SOB was asking if those ports need to be open to the whole world or only the POS servers? For example... at one of my bars, they used an online ordering company. This was before door ...

gotsprings

2 months??? wAP ACs took nearly a year to get stable numbers. In that specific case, a special situation is presented, which was the incorporation of a new ipq4xxx platform and a massive support for the ARM architecture Are you sure you are talking about wAP ac and not cAP ac ? The wAP ac is MIPSBE...

gotsprings

take it with a grain of salt

new devices comes with their own issues, and take some time to be resolved

i recommend to wait at least 2 months after introduction to market, to include a new device in a serious project

2 months??? wAP ACs took nearly a year to get stable numbers.

gotsprings

I won't pretend my Mikrotik Caps systems can touch My Ruckus systems.

but that kick below -87 in the access-list, is one of the easier tweaks that HELPED with roaming.

gotsprings

Love Tik for routing... but when it comes to wireless... not so much. If you have a connection faster than about 300M, you are going to want to look at other vendors for the wireless.

Also if you are in a very dense WiFi environment... other manufactures handle interference better than Tik.

gotsprings

Adding a rule to the access list to kick devices below 87... really helped the roaming on my installs.

/caps-man access-list
add action=accept interface=any signal-range=-87..120
add action=reject interface=any signal-range=-120..-88

gotsprings

I have a bunch of cAPs installs out there and have a pretty good template to apply to my routers to function as the router and controller. I set up the caps configurations to allow client to client forwarding and local forwarding. After putting caps man on the primary router... I log into each cAP A...

gotsprings

I think you need to set the IP address that the VPN client comes in as. Then firewall rules will dictate what clients can then reach the next subnet. If I understood the diagram... its not VPN from one site to another... but a wired connection. If that is the case... you have one feed from the first...

gotsprings

Whenever I see oVPN in a Mikrotik thread... I stop reading. OpenVPN has been crippled in Mikrotik for like 10 years now.

gotsprings

I didn't read the whole thing..

When local net goes back to local net on local interface.... That is what the hairpin Nat rule needs to have.

gotsprings

A company's office doesn't have a public IP address. My office does. I have the Far office calling my Office over L2TP. The route between them is 2 points. On each router... I have a route that points to the l2tp route. Encryption engine grabs the traffic before it goes over the tunnel. I vpn to my ...

gotsprings

And please keep in mind lots of users have posted about the constant connect disconnects that show up as station leaving... Or what ever it was. And people have reported that one for years to no avail. In the case of this ticket... I had another problem with Mikrotik wireless that I took the time to...

gotsprings

The conclusion is that a particularly high interference is causing your issue. How do you think this can be easily/quickly fixed by us? Normis, As I, and a other people on this forum have found... It's not that uncommon an occurrence. And an immediate fix is to replace the Mikrotik wireless with an...

gotsprings

Tech in the field (related to owner, so I was out ranked) insisted on putting in the cap AC he had in his truck. In the days since. Customer has been pounding him with complaints for the last week. Calling everyday. We get into the configuration and try to adjust things... But this is another site w...

gotsprings

Several new firmwares have been released... Gave them a try... Problem is still there.

Now I get to start all over learning another wifi vendor.

gotsprings

Isn't chromebook a Chrome browser based device? Webfig is the answer then

After years of Winbox... Webfig ain't even close.

And can't you install "apps" in Chromebook?

gotsprings

Give me Winbox on a Chromebook... (Asked for this years ago.)

gotsprings

The client should be setting their VPN to NOT SEND ALL TRAFFIC, if you don't want them sending their traffic over your ISP.

If you put a firewall rules in their to deny their traffic access to the WAN... That would get them to disconnect or at least look up split tunneling VPN.

gotsprings

Tom, WAP LTE is 10/100 on the Ethernet port and 2.4 on the radio. Compounding the problems in the US, is the Cellular radio doesn't work with Band 13. This is the most common band used by Verizon. The configuration of the cellular is not "straight up". I wasted too much time on this... Just pay for ...

gotsprings

Use a different manufacture for wireless and just forget about Mikrotik wireless.

This "glitch" has been observed and reported for years at this point.

Get over it and move on.

gotsprings

+1 for Band 13 (US Verizon)

The reason I only have one in the field.

gotsprings

i have another problem with wifi. it seemes to drop speed tenfold after several days of working without reboot. reboot solves wifi speed problem but again only for several days. help needed :( Write a simple scheduler and and script to reboot it every 48 hours. Professionally... We put a stop on Mi...

gotsprings

Upgraded a cAP AC to 6.45.2 Reset Configuration Like I normally do... but this site was not a CAP install. /system reset-configuration UNIT CAME UP AS A ROUTER. wAP AC has always done this. This was the first time I have seen a cAP AC do this. Had to have tech on site connect to the local SSID to ge...

gotsprings

We used to use Cradlepoint but there's limited space in these device boxes, hence the move to using Routerboards since we're tunneling back to HQ anyway. The LTE card is perfect for this application. We might try a MVNO that utilizes Verizon and see if they will be more flexible in their accomodati...

gotsprings

1 Cradlepoint CBA850LP6-NA Cellular Modem. 1 Mikrotik hAP AC2 Router. 2 Power Dsine 3501-GAC POE injectors. 2 Ruckus R510 Wireless Access points. The Cellular connection to the outside world will be the choke point. But the Ruckus Wireless Antennas are much better suited for having that many clients...

gotsprings

Bump. This sounds like what I am trying to do. I want to know if a device service is still running. Like checking a printer if 9100 is responding. In my case I have a device that responds to pings. Webserver works. But a service on 51510 stops responding as confirmed by Digital Loggers autoping agai...

gotsprings

Yup... A static IP follows the Sim card. I have taken one Sim that was setup with a static IP and moved it between 3 modems. The only issue I could think might bite you... The APN for Verizon Static is geographic. If you went to another geographic area... You may need to change the APN. In the DC m...

gotsprings

Yup... A static IP follows the Sim card. I have taken one Sim that was setup with a static IP and moved it between 3 modems. The only issue I could think might bite you... The APN for Verizon Static is geographic. If you went to another geographic area... You may need to change the APN. In the DC me...

gotsprings

I know I'm a little late to the party on this thread - I'm also trying to activate some Microtik LTE boards - this is the R11e-LTE-US boards and our Verizon rep tells us the IMEI "pattern" that Microtik is assigned isn't "registered" with Verizon so their sales and provisioning systems sees the IME...

gotsprings

This time...
"We were able to reproduce the problem. (Blah blah blah). We don't currently have a Fix."

When did you get this anwser?

June 10th.

gotsprings

I miss the good old days when Mikrotik Routed...
And Ubnt did wireless...

It's when one tried to do the other that things start to fall apart.

gotsprings

I got a good capture of Caps-man not allowing connections. Wrote up a what how and when for Mikrotik. They actually investigated it. All my prior interactions with Mikrotik about wireless have been pointless. One suggestion email per month with no resolution. This time... "We were able to reproduce ...

gotsprings

Need a gigabit interface and Sierra wireless modem.

gotsprings

This
Code: Select all
/ip firewall connection remove [find]

I have this exact command in my netwatch when it checks if the Primary ISP's DNS server is there AFTER RECURSIVE ROUTING.

So it CLEARS all connections whether flipping too or away from the Primary ISP.

gotsprings

I have a device that locks up. Send pings to it and it still replies. Bring up its webserver... that works too. So I need a script to look at a specific service port TCP 51510 I would like to make something like this... :if ([/ping 172.16.16.16 count=5] > 3) do={ :log info "It's Up" } else={ :log in...

gotsprings

Amazon seems to have a steady flow of Ruckus at ~50% off retail.

gotsprings

Support got back to me a few weeks later. They duplicated the problem by logging into the webserver from more than one IP. No fix yet.

Work around... Disable and reenable webserver under /IP services.

gotsprings

Could you please provide your ticket number? Now that the issue has been clearly identified and reproduced... What sort of time table can we expect for a fix? I am sure installers and integrators would love to see some sort of progress reports. The people I answer too are pretty annoyed, looking at...

gotsprings

I had exactly the same story on a big event with 12 sxt sq lite 2, it was awe full, i tried basically everything, for 5 hours, then i just moved to another brand then it worked... I was also using CAPsMAN. I am interested to know why that can happen Thank you Because some vendors can deal with inte...

gotsprings

Got email from Mikrotik. Explained the problem and how to reproduce it.

They did... And don't currently have a fix.

So high density with interference... If you see 4-way handshake time out in Caps-man...

Don't fight it. Don't mess with support. Just buy the Ruckus radio and move on.

gotsprings

Gave up weeks ago and seteled for DMZ mode.

Found Google service at this location to be "questionable" at best.

gotsprings

Could you please provide your ticket number? My most recent one... 2019052522002091 Generated MAY 25th... has not received a single response yet. I provided the rif file in the initial email. I then provided a copy paste of the log as the problem was being observed. Here is the thread that went wit...

gotsprings

If I have a problem with Mikrotik wireless... I send support files to support and hear nothing. Weeks and even months go by. The last time I got a reply on a wireless issue... I got one email per month with "suggestions". I type suggestions... Because they were NOT solutions. It was, "try this"... I...

gotsprings

For anyone keeping score... Still no email from Mikrotik support.

gotsprings

Did the Ruckus work? I've never seem something like this, are you sure there is no jammer nearby? Jammers don't show in any of the WiFi protocol scans.

I struggle to recall an install in the last 10 years that it hasn't.

gotsprings

Mikrotik wireless is THE REASON I get complaints. They can route and I love the routing. But the switches and more specifically the wireless is not up to it. Cheap is great... And it can fit some (I mean basic installs), but as a professional... I can't play around with thing for weeks. Hard limits ...

gotsprings

Mikrotik can route... Much Like a Sony TV looks incredible.

But a Sony speaker is a piece of $h!+.

gotsprings

While I have about 150 Mikrotiks out there as wireless devices... I just can't do it anymore. Just a waste of my time trying to get support to figure out what wrong with their gear. Much like I would never expect a Sony speaker to be worth a $h!+... Mikrotik wireless has let me down too many times a...

gotsprings

Done a bunch of Caps-man installs at this point. Found a lot of "hard limits"... That Mikrotik wireless is "crippled by". As long as I stayed with in the lines... Most installs went ok. Have better than 300 Meg's WAN to LAN. No Mikrotik wireless. Really busy wireless airtime. No Mikrotik wireless. I...

gotsprings

Used one. Tried on several Wireless providers. Issues with remote access on any of them...

Gave up and tried mofi.

Back to cradlepoint now.

gotsprings

There are mesh products you may have to look into, from other vendors.

gotsprings

Still nothing from support.

gotsprings

Post your wireless settings.

gotsprings

Try all the resets listed in the directions.

Last resort... Netinstall.

gotsprings

I ran a RB4011 at home as a wireless access point only, for about a month. While it suffered from the same... "Can't go faster than about 300M on speed tests..." (This has been the case with every Mikrotik Wireless I have tried.) I can't think of a time when the 5G was not accepting clients. I set t...

gotsprings

It would seem you are coming to the same findings I am. I can't get a single test to break 330 using Mikrotik Wireless. wAP AC, cAP AC, hAP AC, RB4011. This is a consistent thing. It's to the point now where I tell people flat out... "If your internet speed is above 250M we will not be able to use M...

gotsprings

Took cAP out of caps-mode. Same result. Well sort of. Log file showed unicast key time out. Went back to caps mode and added an unencrypted SSID. Devices connected for about 10 seconds. Then I got a disconnected for extensive data loss. Looked up several old posts tagged with extensive data loss. Th...

gotsprings

This seems to have come back on me. Router OS is 6.44.3 on hEX and cAP AC devices on the 2.4 radio are disconnecting from the wifi. Log into the router and check the logs and see... (MAC of Devices) disconnect 4-way handshake timeout Devices on 5Gig radio do not show this error. Last time I reported...

gotsprings

Support just got back to me and set to set the chain in Mangle to OUTPUT. That seems odd. Hello, In RouterOS you can set QoS priority 3 to outgoing VLAN packets using this rule: /ip firewall mangle add chain=output out-interface=GoogleVLAN action=set-priority new-priority=3 Best regards, Follow up ...

gotsprings

Support just got back to me and set to set the chain in Mangle to OUTPUT.

That seems odd.

Hello,

In RouterOS you can set QoS priority 3 to outgoing VLAN packets using this rule:

/ip firewall mangle
add chain=output out-interface=GoogleVLAN action=set-priority new-priority=3

Best regards,

gotsprings

That is correct, you got an IP without that line active so you could also omit that line.
but I think we are discussing a 3011 here, right?

Correct

gotsprings

Also check if your ethernet interface negotiates to the correct speed and duplex.

Status shows as Unknown.

gotsprings

That is correct, you got an IP without that line active so you could also omit that line.

Can't test because I am not even on the same continent.

Thanks for the help.

Will get someone on site to check it.

gotsprings

So in Mangle they want this? /ip firewall mangle add chain=forward out-interface=GoogleVLAN action=set-priority \ new-priority=3 comment="All other traffic with priority 3" I added it and released the DHCP-Client and got a new address. Now if I could get a bandwidth test server to let me connect.

gotsprings

First install with GoogleFiber. After looking into several documents I found that Small Business accounts ABSOLUTELY could remove the Google Router and go straight to their own router. The install I was working on was residential so Google refused to "click that switch" or help me get around the nee...

gotsprings

Using the WAP-R with T-Mobile and Verizon... Never saw better than about 11M. I have tucked tail and given in. At 579 dollars US... the CBA850 is my standard once again. Its not worth my time for the performance hits and issues I had with the MoFi. Won't "play with the WAP-R" anymore, until they get...

gotsprings

rebooted the RB3011 running 6.44 and the webserver is working again.

Support...

Could you please take a look at the file I sent.

gotsprings

Set the Mikrotik to use a DNS other than piehole... Like 8.8.8.8, 1.1.1.1.

Then in your DHCP server... Set the DNS value under network to be piehole, Mikrotik.

If piehole doesn't work... The client will ask the Mikrotik.

gotsprings

Dumb switch and both routers being independent won't go well with the requirement to control other router's bandwidth (on first router, as I undertand it).

Which should be done per router.

But let's face it... This could / should all be done on one router.

gotsprings

I use recursive routing and ping one if the DNS servers with netwatch. When it goes down... I use the connections flush method. Works perfectly.

gotsprings

Put a dumb switch infront of the two Mikrotiks. $30 or less.

gotsprings

Sent a support file to Mikrotik about 8 days ago.

What gives?

gotsprings

@gotsprings yeah it would be great if routeros had something like mesh tunneling or "SD-VPN". something like tinc would be great, but before that, ovpn with udp ;) I meant... SUBSCRIBE TO BIG LEAF'S Service. I only dealt with them on one install so far. The customer found them himself. BigLeaf take...

Search found 885 matches