Community discussions

MUM Europe 2020

Search found 29 matches

by JasonEde
Wed Sep 18, 2019 1:42 pm
Forum: Wireless Networking
Topic: hAP AC2+cAP AC Roaming is a joke
Replies: 35
Views: 6128

Re: hAP AC2+cAP AC Roaming is a joke

My point is, I like to have ROS, the swiss knife for Wireless which can do all Wifi applications with one device and one SW. But we come to a point where I want more performance and functions for indoor use cases, and I will never us an RB4011 for instance as an outdoor PtP device. Instead of that ...
by JasonEde
Wed Sep 18, 2019 12:08 pm
Forum: Wireless Networking
Topic: hAP AC2+cAP AC Roaming is a joke
Replies: 35
Views: 6128

Re: hAP AC2+cAP AC Roaming is a joke

I think this is what makes more and more members of this forum lament on. Regarding bugs and missing features. Mikrotik decided to use OpenSource for the bootloader and the kernel at least (NTP? OpenVPN?). But most drivers and protocols are obviously developed in house. While other vendors use hard...
by JasonEde
Tue Jun 18, 2019 11:01 am
Forum: General
Topic: Linux vulnerabilities: CVE-2019-11477, CVE-2019-11478, CVE-2019-11479
Replies: 15
Views: 3484

Re: Linux vulnerabilities: CVE-2019-11477, CVE-2019-11478, CVE-2019-11479

Surely it's more cpu efficient to detect and add users to a dynamic address list which you then drop in raw?
I can't imagine you'd want to accept traffic from someone trying to kill your systems?
by JasonEde
Fri Jun 02, 2017 9:49 am
Forum: Wireless Networking
Topic: CAP can not connect to CAPSMANV2 Certificate error
Replies: 9
Views: 7248

Re: CAP can not connect to CAPSMANV2 Certificate error

Look in System->Certificates and select the ones you want to remove and select revoke. You'll not be able to delete the device certificates unless you revoke and delete the CA.
by JasonEde
Thu Jun 30, 2016 2:53 pm
Forum: General
Topic: CCR 1036-8G-2S+ Power Factor
Replies: 8
Views: 1246

Re: CCR 1036-8G-2S+ Power Factor

Just because the standards don't require it doesn't mean it's not benefical for customers in data centres. From the example above the difference in costs is ~£26 per month that adds up to considerable amounts especially in an area where margins are already tight. The problem is compounded by lots of...
by JasonEde
Thu Jun 30, 2016 1:30 pm
Forum: General
Topic: CCR 1036-8G-2S+ Power Factor
Replies: 8
Views: 1246

Re: CCR 1036-8G-2S+ Power Factor

We've had this too.. In our case power factor was 0.39 on a CCR1009
by JasonEde
Tue Jun 28, 2016 7:26 pm
Forum: General
Topic: Router for FTTH autorized with PPPOE and using VLAN
Replies: 13
Views: 1702

Re: Router for FTTH autorized with PPPOE and using VLAN

The throughput you get through each unit depends highly on your rules on firewall/nat etc. If you've limited firewall and make use of fastpath then should get throughput close to specified figures.
VPNS (with encryption) and lots of firewall rules all act to reduce your throughput.
by JasonEde
Tue Jun 28, 2016 7:01 pm
Forum: General
Topic: Router for FTTH autorized with PPPOE and using VLAN
Replies: 13
Views: 1702

Re: Router for FTTH autorized with PPPOE and using VLAN

Have you looked at the mikrotik/routerboard website at all?  All of the specifications are on there. The amount of memory does not equate to speed/throughput
by JasonEde
Fri Aug 21, 2015 10:00 am
Forum: Wireless Networking
Topic: CAPsMAN with two SSID
Replies: 11
Views: 13504

Re: CAPsMAN with two SSID

If you add the interface from the menu rather than just copying then it sorts the MAC address for you automatically.
by JasonEde
Sat Jun 20, 2015 10:25 pm
Forum: Forwarding Protocols
Topic: Anyone running MPLS on production WISP network ?
Replies: 4
Views: 1780

Re: Anyone running MPLS on production WISP network ?

A lot of people run it on their wireless networks. It works great, but you need to have a good understanding of MTU to avoid issues with it.
by JasonEde
Thu Jun 18, 2015 7:07 pm
Forum: General
Topic: Nat before Ipsec VPN routing
Replies: 3
Views: 1080

Re: Nat before Ipsec VPN routing

How did you solve it then?
by JasonEde
Tue May 26, 2015 12:33 pm
Forum: General
Topic: Quick sanity check on remote tunnel setup...
Replies: 0
Views: 300

Quick sanity check on remote tunnel setup...

We've a remote site on a dynamic IP that we need to securely bridge onto 2 networks. At the main site those networks are already in VLANS 5 & 10 (with DHCP running there) so this is what I've set up and it works, but not sure if it's the best way to do it. Create an L2TP tunnel to the base (as we do...
by JasonEde
Sat Apr 18, 2015 9:42 am
Forum: General
Topic: CAPsMAN v2 ready for testing
Replies: 201
Views: 103943

Re: CAPsMAN v2 ready for testing

On 6.27 (ppc on 1100AHx2) with CM2 enabled if I try and get the OID list for snmp monitoring I can see... /caps-man registration-table> print oid 0 ;;; Accept connections if signal stronger than -80 mac-address=.1.3.6.1.4.1.14988.1.1.1.4.1.1.16.104.63.132.124.142.85 uptime=.1.3.6.1.4.1.14988.1.1.1.4...
by JasonEde
Tue Feb 03, 2015 10:28 am
Forum: General
Topic: CAPsMAN v2 ready for testing
Replies: 201
Views: 103943

Re: CAPsMAN v2 ready for testing

All units are now running on 6.25 and I'm still seeing a lot of disconnects and moving between APs. Sample of the logs are below. All these devices are stationary in the building... 08:22:03 caps,info 74:E2:F5:22:12:67@AP2-Net1 connected 08:22:03 caps,info 74:E2:F5:22:12:67@AP1-Net1 disconnected, re...
by JasonEde
Mon Feb 02, 2015 4:53 pm
Forum: General
Topic: CAPsMAN v2 ready for testing
Replies: 201
Views: 103943

Re: CAPsMAN v2 ready for testing

Will upgrade and try again. Where is the Capsman changelog? Doesn't look like it is part of the main changelog.
by JasonEde
Mon Feb 02, 2015 4:30 pm
Forum: General
Topic: CAPsMAN v2 ready for testing
Replies: 201
Views: 103943

Re: CAPsMAN v2 ready for testing

We're finding that users keep getting disconnected (temporarily) and the throughput isn't that good (we've had 7Mbps x 2Mbps when we've a 100Mbps feed into our office). We're running capsman on an 1100AHx2 and the CAPs on RB912 (we've 2 of them). Everything is on RouterOS 6.23. We've the access conn...
by JasonEde
Fri Jan 30, 2015 9:59 am
Forum: Wireless Networking
Topic: CAP can not connect to CAPSMANV2 Certificate error
Replies: 9
Views: 7248

Re: CAP can not connect to CAPSMANV2 Certificate error

Found the problem. Helps when look afresh.

I already had certificates in for the AP and so it was rejecting as it thought had already issued the certs. Revoked them and then tried again to set certificate=request and it happily re-issued and all connected fine.
by JasonEde
Fri Jan 30, 2015 8:37 am
Forum: Wireless Networking
Topic: CAP can not connect to CAPSMANV2 Certificate error
Replies: 9
Views: 7248

Re: CAP can not connect to CAPSMANV2 Certificate error

Both cap and capsman are V2
by JasonEde
Thu Jan 29, 2015 11:12 pm
Forum: Wireless Networking
Topic: CAP can not connect to CAPSMANV2 Certificate error
Replies: 9
Views: 7248

CAP can not connect to CAPSMANV2 Certificate error

I've CAPsman/CAP setup running on ROS 6.23 and Capsman V2. I can connect the caps to the capsman with no certificate, but if i try and set certificate to request to lock it to the capsman I'm getting the error below on the capsman unit 21:06:55 caps,error [::ffff:192.168.188.2:57647,IssueCert] reque...
by JasonEde
Tue Jan 27, 2015 10:22 am
Forum: General
Topic: CAPsMAN v2 ready for testing
Replies: 201
Views: 103943

Re: CAPsMAN v2 ready for testing

Having a serious issue with capsman v2. radios are rb912's running the current version 6.25(started with the first beta of v2). we have carts of hp stream 11 with realtek wireless cards, when more than ~10-15 connect to a single access point the throughput drops to almost nothing and the client beg...
by JasonEde
Thu Jan 08, 2015 2:14 pm
Forum: Wireless Networking
Topic: CAPsMAN with two SSID
Replies: 11
Views: 13504

Re: CAPsMAN with two SSID

Cheers, that sorted it :) New interfaces now do auto-increment... Might try again in 6.23
by JasonEde
Thu Jan 08, 2015 1:39 pm
Forum: Wireless Networking
Topic: CAPsMAN with two SSID
Replies: 11
Views: 13504

Re: CAPsMAN with two SSID

Below is the my router config in case anyone can spot anything silly... # jan/08/2015 11:36:51 by RouterOS 6.24 # /caps-man channel add band=2ghz-b/g/n frequency=2422 name=2.4G-channel-3 tx-power=-5 add band=5ghz-a/n frequency=5180 name=5G-channel-36 tx-power=-5 /interface bridge add name=Priv-Bridg...
by JasonEde
Thu Jan 08, 2015 1:27 pm
Forum: Wireless Networking
Topic: CAPsMAN with two SSID
Replies: 11
Views: 13504

Re: CAPsMAN with two SSID

I'm trying with 6.24, but still can't get the second SSID to connect. I'm still not sure there isn't something wrong with my config and I'd like to check before contacting support :)
by JasonEde
Thu Jan 08, 2015 12:14 pm
Forum: Wireless Networking
Topic: CAPsMAN with two SSID
Replies: 11
Views: 13504

Re: CAPsMAN with two SSID

I'm having a similar issue with Capsman V2 running on 6.23. I've got a primary SSID running on an interface and datapath is to bridge1 on the capsman unit. If I then attach a sub-interface with a new SSID (and corresponding datapath to bridge2) then I can see the wireless network, but I just cannot ...
by JasonEde
Fri Jan 18, 2013 4:24 pm
Forum: Beginner Basics
Topic: bridging firewall with each port restricted to 1 public IP
Replies: 0
Views: 1143

bridging firewall with each port restricted to 1 public IP

We're looking to setup a mikrotik as a bridging firewall and we're starting off by trying this on a 750G. I've the router setup on test range 172.16.154.1/24 I've port 1 as the gateway port 2 as the management network port 4 as 172.16.254.10 port 5 as 172.16.254.11 There is a bridge called no-nat co...
by JasonEde
Fri Jun 22, 2012 4:09 pm
Forum: Beginner Basics
Topic: Mixed NAT and No-NAT on IP Range possible?
Replies: 5
Views: 1172

Re: Mixed NAT and No-NAT on IP Range possible?

We're going to split the subnets as it seems the simplest way forward.
by JasonEde
Thu Jun 14, 2012 2:58 pm
Forum: Beginner Basics
Topic: Mixed NAT and No-NAT on IP Range possible?
Replies: 5
Views: 1172

Re: Mixed NAT and No-NAT on IP Range possible?

We only have 1 IP range presented that want to split up and use this way.

Hmm... My mistake. Just been told we have a routed subnet... so first IP is the network, second is the gateway which is not on our equipment.
by JasonEde
Thu Jun 14, 2012 2:15 pm
Forum: Beginner Basics
Topic: Mixed NAT and No-NAT on IP Range possible?
Replies: 5
Views: 1172

Re: Mixed NAT and No-NAT on IP Range possible?

We just get the IP's presented to us currently... Previously a sonicwall was used and the IP's we wanted NO-NATed were bound to the auxiliary interface and then we passed those straight through... I'm guessing we could do the same on routeros? just bind some of the public IP's to port 0 for NATing a...
by JasonEde
Thu Jun 14, 2012 11:43 am
Forum: Beginner Basics
Topic: Mixed NAT and No-NAT on IP Range possible?
Replies: 5
Views: 1172

Mixed NAT and No-NAT on IP Range possible?

We've a public range with a subnet mask 255.255.255.192 so 62 IP's and the default gateway is the 1st IP in this range so for say 192.168.0.1-192.168.0.62 the gateway is 192.168.0.1 We currently NAT the entire range, but are looking to have part of the range using NAT and part with NoNat (i.e. stuff...