Community discussions

Search found 43 matches

by vasilevkirill
Tue Apr 09, 2019 3:06 pm
Forum: General
Topic: Winbox 3.18 Downloading Descriptors
Replies: 5
Views: 2861

Re: Winbox 3.18 Downloading Descriptors

hi
in new version WinBox use encryption, maybe you problem MTU? calculate MSS, or clear df bit.
by vasilevkirill
Sat Apr 06, 2019 1:37 am
Forum: General
Topic: [Feature request] Address List extension
Replies: 11
Views: 976

[Feature request] Address List extension

Hi, I would be interested to see such functionality in the address lists. /ip firewall address-list add list=hosts address=192.168.0.0/16 wildcard=255.255.10-20.255 Only networks will be third octet is in the range of 10-20 /ip firewall address-list add list=hosts address=192.168.0.0/16 wildcard=255...
by vasilevkirill
Wed Feb 06, 2019 11:54 pm
Forum: General
Topic: Configuring DPD on IPsec VPN
Replies: 2
Views: 445

Re: Configuring DPD on IPsec VPN

not enough information...

Check that the date and time are correct on the routers.
by vasilevkirill
Wed Feb 06, 2019 11:52 pm
Forum: General
Topic: IPIP tunnel using certificates
Replies: 1
Views: 377

Re: IPIP tunnel using certificates

hi
What are your problems?

check the following
correct time and date on each router.
availability of certificate CA on each router.
The certificate must be trusted.
by vasilevkirill
Sat Apr 28, 2018 11:51 pm
Forum: Announcements
Topic: v6.42.1 [current]
Replies: 272
Views: 45586

Re: v6.42.1 [current]

hi i use this construction /interface list add name=ISP_1 add name=ISP_2 add include=ISP_1,ISP_2 name=ISP /interface list member add interface=ether1 list=ISP_1 add interface=vrrp-mts-ISP1 list=ISP_1 add interface=vrrp-rt-ISP2 list=ISP_2 add interface=ether2 list=ISP_2 I used list ISP for firewall r...
by vasilevkirill
Wed Dec 06, 2017 9:21 am
Forum: Forwarding Protocols
Topic: multi site connectivity
Replies: 3
Views: 546

Re: multi site connectivity

hi
pptp - insecure
EoIP - it's best to use it when you need to get one broadcast domain between, and between the routers there is an Internet network.

If I understand you correctly, then you will be approached by the VPLS as the fastest tunnel
by vasilevkirill
Sat Dec 02, 2017 3:07 am
Forum: Forwarding Protocols
Topic: MPLS + TE two path two VPLS tunnels
Replies: 4
Views: 1086

Re: MPLS + TE two path two VPLS tunnels

It is certainly possible, you need tow sets of Loopbacks. TE tunnels and BGP peers on each set. Then set up BGP VPLS and filter out one of RT NLRIs in routing filters for each peer. Here is a step by step setup example: https://wiki.mikrotik.com/wiki/Manual:Multiple_TE_VPLS this example. real my ne...
by vasilevkirill
Fri Dec 01, 2017 12:29 am
Forum: Forwarding Protocols
Topic: MPLS/VPLS Packet Loss and Slow Speeds
Replies: 6
Views: 1098

Re: MPLS/VPLS Packet Loss and Slow Speeds

Yes for testing.
change in the EoIP MTU and L2MTU such as on the VPLS tunnel
by vasilevkirill
Thu Nov 30, 2017 10:19 pm
Forum: Forwarding Protocols
Topic: Blocking Private ASN inbound
Replies: 7
Views: 997

Re: Blocking Private ASN inbound

Use Filter https://wiki.mikrotik.com/wiki/Manual:Routing/Routing_filters Use regexp if first as use regexp = ^(6451[2-9]|645[2-9][0-9]|64[6-9][0-9]{2}|65[0-4][0-9]{2}|655[0-2][0-9]|6553[0-5]).* /routing filter add bgp-as-path="^(6451[2-9]|645[2-9][0-9]|64[6-9][0-9]{2}|65[0-4][0-9]{2}|655[0-2][0-9]|6...
by vasilevkirill
Thu Nov 30, 2017 10:05 pm
Forum: Forwarding Protocols
Topic: MPLS/VPLS Packet Loss and Slow Speeds
Replies: 6
Views: 1098

Re: MPLS/VPLS Packet Loss and Slow Speeds

hi
disable mpls
add EoIP tunnel instead VPLS and test again
and change MTU and L2MTU as well as VPLS tunnel
by vasilevkirill
Wed Nov 29, 2017 3:29 pm
Forum: Forwarding Protocols
Topic: MPLS + TE two path two VPLS tunnels
Replies: 4
Views: 1086

MPLS + TE two path two VPLS tunnels

hi. OSPF + BGP between loopback addresses BGP= only l2vpn (VPLS) I need to make two VPLS tunnels (two clients) between R1 and R5 link R1-R3-R4-R5 and the link R1-R2-R5 https://image.ibb.co/hjQHpb/1111.png I know that it's impossible to do in RouterOS simple. There is an option to raise two TE tunnel...
by vasilevkirill
Wed Aug 16, 2017 2:04 pm
Forum: Beginner Basics
Topic: routing issues
Replies: 6
Views: 681

Re: routing issues

pls
show
/ip firewall nat export
by vasilevkirill
Wed Aug 16, 2017 1:56 pm
Forum: Forwarding Protocols
Topic: Redundant radio links OSPF NBMA priority
Replies: 3
Views: 1075

Re: Redundant radio links OSPF NBMA priority

Hi
Priority only used in OSPF protocol for selected DR and BDR.
Your network uses Link-Link
DR and BDR respectively do not need.
Use the point-to-point network type and set up the Hello and the Dead interval

What are your losses on the channel and delay?
by vasilevkirill
Wed Aug 16, 2017 1:46 pm
Forum: Scripting
Topic: PPPoE
Replies: 2
Views: 423

Re: PPPoE

Use a separate profile for each of the clients.
Use On Down
by vasilevkirill
Tue Dec 06, 2016 10:09 am
Forum: General
Topic: IPsec Generate Policy From Template
Replies: 4
Views: 1691

Re: IPsec Generate Policy From Template

up+
by vasilevkirill
Mon Dec 05, 2016 12:48 pm
Forum: General
Topic: IPsec Generate Policy From Template
Replies: 4
Views: 1691

Re: IPsec Generate Policy From Template

up+
by vasilevkirill
Sun Dec 04, 2016 10:52 pm
Forum: General
Topic: PPTP port change
Replies: 2
Views: 1309

Re: PPTP port change

Hello,
We need to change PPTP server 1723 port for another one - 2001 for example.
Is there any possibility in RouterOS or any workaround solution?
Thanks a lot!
try using NAT redirect
by vasilevkirill
Sun Dec 04, 2016 10:10 pm
Forum: General
Topic: IPsec Generate Policy From Template
Replies: 4
Views: 1691

IPsec Generate Policy From Template

hi I have the following templates [admin@number543.lab.mikrotik.me] > ip ipsec policy print detail Flags: T - template, X - disabled, D - dynamic, I - inactive, * - default 0 TX* group=default src-address=::/0 dst-address=::/0 protocol=all proposal=default template=yes 1 T group=gre src-address=192....
by vasilevkirill
Thu Jun 18, 2015 10:57 am
Forum: Beginner Basics
Topic: Hotspot
Replies: 2
Views: 952

Re: Hotspot

The trial included mikrotik if you can create a dynamic user. if the user will go to the link $(link-login-only)?dst=$(link-orig-esc)&username=T-$(mac-esc) . I want to include a trial mode, but does not allow the authorization of the link. This is done so that the user does not do automatic registra...
by vasilevkirill
Mon Jun 15, 2015 11:43 pm
Forum: Beginner Basics
Topic: Hotspot
Replies: 2
Views: 952

Hotspot

How can I create a dynamic user hotspot, besides web
$(link-login-only)? dst = $ (link-orig-esc) & amp; username = T - $ (mac-esc)
I am willing to use all the options for ssh, api, snmp, except web
by vasilevkirill
Mon May 18, 2015 8:53 pm
Forum: General
Topic: The NAT is not working Content.
Replies: 10
Views: 1550

Re: The NAT is not working Content.

Вы либо что то недоговариваете, либо вы не знаете чего вы хотите.
по ваше правилу вы собираетесь парсить весь трафик, не конктратизируя ТСP или UDP какие порты dst. А также action, просто accept?
by vasilevkirill
Sat May 16, 2015 11:41 pm
Forum: General
Topic: The NAT is not working Content.
Replies: 10
Views: 1550

Re: The NAT is not working Content.

Чтобы понимать конкретно чтовы хотите сделать, покажите на примере. "правило студию"
by vasilevkirill
Thu May 14, 2015 8:53 am
Forum: General
Topic: CAPSMAN and Hotspot
Replies: 2
Views: 1103

Re: CAPSMAN and Hotspot

sorry for my English!


Access Point CAP ~ 600
maximum peak hours ~ 1000-2000 clients

CAPSMANAGER - all traffic will take place centrally via the CCR
by vasilevkirill
Thu May 14, 2015 1:13 am
Forum: General
Topic: CAPSMAN and Hotspot
Replies: 2
Views: 1103

CAPSMAN and Hotspot

Hi, I have two Router CCR1016 (master and backup) It is necessary for them to connect about 500 access points, and to let the traffic through CCR1016! Question: whether testing high stress? and the number of customers? since there will be about one thousand. ---- hotspot You must install 40 servers ...
by vasilevkirill
Tue May 12, 2015 11:39 am
Forum: General
Topic: The NAT is not working Content.
Replies: 10
Views: 1550

Re: The NAT is not working Content.

What exactly are you trying to filter?

-------
Покажите правило которым вы хотите отфильтровать пакет, а также объясните что хотите поймать!
by vasilevkirill
Mon May 11, 2015 9:34 pm
Forum: General
Topic: High ping loss rate while using bonding
Replies: 1
Views: 489

Re: High ping loss rate while using bonding

at the level of L1 exactly all right?
If no EtherChanel use links that no loss?

convolution configuration on both routers.

Try mode = 802.3ad
see also CPU load
by vasilevkirill
Mon May 11, 2015 8:18 pm
Forum: General
Topic: no response that ping the VLAN interface IP address on RB750? V6.21.1
Replies: 2
Views: 574

Re: no response that ping the VLAN interface IP address on RB750? V6.21.1

If you are using a master port, vlan must be taken from the master port.

you are sure that the VLAN to mikrotik comes.?
1. Turn off the vlan interface.
2. With the other hand will generate traffic vlan
3.c using torch tagget see if there is traffic on the interface
by vasilevkirill
Mon May 11, 2015 8:12 pm
Forum: General
Topic: problem with merge two wan and get full speed from two with one external ip ?
Replies: 9
Views: 1149

Re: problem with merge two wan and get full speed from two with one external ip ?

If you do not use NAT can use ECMP, but he would not give a fair division of the channel.
by vasilevkirill
Mon May 11, 2015 8:07 pm
Forum: Beginner Basics
Topic: Unable to reach internet from routed subnet
Replies: 12
Views: 1241

Re: Unable to reach internet from routed subnet

little data.

Show tracert to 8.8.8.8 to the router
Show tracert to 8.8.8.8 to the PC
by vasilevkirill
Mon May 11, 2015 7:54 pm
Forum: General
Topic: packets "escaping" marking in mangle
Replies: 9
Views: 3792

Re: packets "escaping" marking in mangle

hello Where do you see the packages are not market? Usually in the filter to drop invalid packets do you have? Show log after the addition of such a rule add action=jump chain=forward connection-mark=HTTP jump-target=C1 packet-mark=!HTTP_P add action=log chain=C1 log-prefix=NOT_MARKET_HTTP_CONNETCT ...
by vasilevkirill
Thu May 24, 2012 3:20 pm
Forum: General
Topic: Bridged Firewall
Replies: 3
Views: 756

Re: Bridged Firewall

If I understand you correctly, you can use EoIP
http://wiki.mikrotik.com/wiki/Manual:Interface/EoIP
by vasilevkirill
Thu May 24, 2012 3:13 pm
Forum: General
Topic: is there a more simple way to count new connections?
Replies: 2
Views: 505

Re: is there a more simple way to count new connections?

rule performed on a single connection, respectively, in the same rule can not be traced four attempts to connect.
by vasilevkirill
Thu May 24, 2012 3:09 pm
Forum: General
Topic: 3g modem huawei not work
Replies: 8
Views: 1324

Re: 3g modem huawei not work

will send a letter to mikrotik.rif

I just wonder how will this be supported?
I will send an update? or as something differently?
by vasilevkirill
Thu May 24, 2012 2:59 pm
Forum: General
Topic: 2 gateways, 1 wan and 1 lan interface, web proxy
Replies: 5
Views: 1423

Re: 2 gateways, 1 wan and 1 lan interface, web proxy

You can create two ports on the proxy
and marking all incoming traffic to pass and then according to the src-address. redirect to the correct port of the proxy.
then let all outbound traffic to port 8080 and send the label with the gateway pointing to it labeled. "routing mark"
by vasilevkirill
Thu May 24, 2012 2:48 pm
Forum: General
Topic: 3g modem huawei not work
Replies: 8
Views: 1324

Re: 3g modem huawei not work

ok but if I have 50 routers?
or do you want to say that the support?
by vasilevkirill
Thu May 24, 2012 1:51 pm
Forum: General
Topic: 2 gateways, 1 wan and 1 lan interface, web proxy
Replies: 5
Views: 1423

Re: 2 gateways, 1 wan and 1 lan interface, web proxy

the easiest is to delete the route 0.0.0.0 / 0
and
add two gateways to the default route
[vasilevkirill@MikroTik] > ip route add dst-address=0.0.0.0/0
gateway=10.10.10.1,10.10.20.1
by vasilevkirill
Thu May 24, 2012 1:42 pm
Forum: General
Topic: PPPoE and firewall
Replies: 2
Views: 689

Re: PPPoE and firewall

for example
You can explicitly specify the mac address in the rule ppoe server
by vasilevkirill
Thu May 24, 2012 11:24 am
Forum: General
Topic: Need help (VPN)
Replies: 1
Views: 533

Re: Need help (VPN)

You need to add the reverse route

rb750
172.20.1.0/24 --> pptp server 2820
192.168.0.0/24 --> pptp server 2820

draytek 2820
10.20.1.0/24 --> pptp client rb750
172.20.1.0/24 --> pptp client 2700

draytek 2700
10.20.1.0/24 --> pptp server 2820
192.168.0.0/24 --> pptp server 2820
by vasilevkirill
Thu May 24, 2012 11:06 am
Forum: General
Topic: multiple pppoe clients over the same interface
Replies: 1
Views: 463

Re: multiple pppoe clients over the same interface

there should be no problem!
but if these appear, you can create a virtual interface.
by vasilevkirill
Thu May 24, 2012 10:44 am
Forum: RouterBOARD hardware
Topic: RB751U and Huawei E353 no ports detected
Replies: 8
Views: 4365

Re: RB751U and Huawei E353 no ports detected

Thanks to Mikrotik support the phantoms have dissapeared. Now there's a new interface lte1 with apn, user and password parameters. Better way to configure, no need of old kind serial ports... Testing with D-Link pendrive DWM-156 works the old way with ppp-client and usbX port, so watch-out the way ...
by vasilevkirill
Thu May 24, 2012 10:23 am
Forum: General
Topic: 3g modem huawei not work
Replies: 8
Views: 1324

Re: 3g modem huawei not work

Check also topic http://forum.mikrotik.com/viewtopic.php?f=3&t=62044

I have the same issue. It seems there should be a new interface ?
I saw this post, but I have 50 pieces of modems and routers.
each time will have to write a letter to the mikrotik?
by vasilevkirill
Thu May 24, 2012 10:19 am
Forum: General
Topic: 3g modem huawei not work
Replies: 8
Views: 1324

Re: 3g modem huawei not work

I saw this post, but I have 50 pieces of modems and routers.
each time will have to write a letter to the mikrotik?
by vasilevkirill
Tue May 22, 2012 7:53 am
Forum: General
Topic: 3g modem huawei not work
Replies: 8
Views: 1324

3g modem huawei not work

hi RB751G-2HnD I use huawei hilink e353 [admin@MikroTik] /system resource> print uptime: 12h7m31s version: 5.16 free-memory: 47804KiB total-memory: 62192KiB cpu: MIPS 24Kc V7.4 cpu-count: 1 cpu-frequency: 400MHz cpu-load: 2% free-hdd-space: 30160KiB total-hdd-space: 61440KiB write-sect-since-reboot:...