Community discussions

Search found 98 matches

  • 1
  • 2
by ingdaka
Mon Jul 15, 2019 8:14 pm
Forum: Beginner Basics
Topic: Block Youtube but not with gmail
Replies: 9
Views: 399

Re: Block Youtube but not with gmail

Put new created rules on top of firewall list!
by ingdaka
Thu Jul 11, 2019 1:09 pm
Forum: Beginner Basics
Topic: hEX (revision 3) with Dual Wan - HELP
Replies: 2
Views: 206

Re: hEX (revision 3) with Dual Wan - HELP

Do you need just failover or loadbalancing between both wan-s?
by ingdaka
Wed Jul 10, 2019 10:14 am
Forum: General
Topic: L2TP clinet work on windows not work in mikrotik
Replies: 4
Views: 204

Re: L2TP clinet work on windows not work in mikrotik

You need to post you configuration of Mikrotik L2TP Client
by ingdaka
Wed Jul 10, 2019 12:20 am
Forum: General
Topic: Port Forwarding Not Working but Shows Packets
Replies: 11
Views: 617

Re: Port Forwarding Not Working but Shows Packets

When you create dst-nat rule, is not important to specify in interface, but need to specify destination address (WAN IP [Public])
by ingdaka
Mon Jul 08, 2019 8:47 pm
Forum: Beginner Basics
Topic: Port Forwarding RB2011UiAS
Replies: 8
Views: 428

Re: Port Forwarding RB2011UiAS

First of all I will suggest to reset router without default configuration!
Then configure it step-by-step with your requirements!
by ingdaka
Mon Jul 08, 2019 8:44 pm
Forum: General
Topic: IPsec.Well Done !!!!
Replies: 1
Views: 293

Re: IPsec.Well Done !!!!

Is this an issue?
by ingdaka
Sat Jul 06, 2019 9:07 pm
Forum: General
Topic: IPSec VPN tunnels not working when upgraded to 6.45.1
Replies: 2
Views: 393

Re: IPSec VPN tunnels not working when upgraded to 6.45.1

That is a security feature that was developed since 6.44! You need to set both Remote and Local Peer IP! Before there was just remote peer IP!
by ingdaka
Fri Jul 05, 2019 2:17 pm
Forum: Beginner Basics
Topic: Installed new SXT LTE kit - Whatsapp images can't send or receive
Replies: 3
Views: 208

Re: Installed new SXT LTE kit - Whatsapp images can't send or receive

Your "bad luck"! Installed internet access on that day! Not Mikrotik device fault!
by ingdaka
Fri Jul 05, 2019 2:14 pm
Forum: Beginner Basics
Topic: admin password recovery
Replies: 6
Views: 395

Re: admin password recovery

Then only way for mikrotik is to reset devices to factory default!
by ingdaka
Fri Jul 05, 2019 1:57 pm
Forum: Beginner Basics
Topic: Cannot access Hikvision NVR remotely
Replies: 4
Views: 284

Re: Cannot access Hikvision NVR remotely

First of all NR51P6-16 is not any Hikvision Device, maybe any Chinese copy of hikvision!
Second you if port 8080 is open in nat and is available on NVR you should type Public IP:8080 in your browser not just IP, because if you type only IP will respond to port 80 which belong to router web page!
by ingdaka
Tue Jul 02, 2019 9:29 pm
Forum: RouterBOARD hardware
Topic: What RB to choose?
Replies: 6
Views: 759

Re: What RB to choose?

For now I use hEX S to handle about 360 Mbps / 360 Mbps from 3 ISP with BGP configured and is working OK so far! For traffic you need with some fw roles hEX S will do his job well!
by ingdaka
Tue Jul 02, 2019 9:26 pm
Forum: General
Topic: 2 networks in the same bridge
Replies: 1
Views: 228

Re: 2 networks in the same bridge

No there is not! Because you cannot set ip address in slave interface
by ingdaka
Mon Jul 01, 2019 9:18 pm
Forum: General
Topic: VPN for multiple Sites.
Replies: 2
Views: 276

Re: VPN for multiple Sites.

First of all we need to know the idea of network! Then requests that you need and then current configurations!
by ingdaka
Sun Jun 30, 2019 6:38 pm
Forum: Wireless Networking
Topic: CAPSman - only single CAP will connect
Replies: 13
Views: 1207

Re: CAPSman - only single CAP will connect

If you have done reset form winbox just check caps mode!
by ingdaka
Sun Jun 30, 2019 5:03 pm
Forum: Wireless Networking
Topic: CAPSman - only single CAP will connect
Replies: 13
Views: 1207

Re: CAPSman - only single CAP will connect

Have you restored configuration from another device, that you get mac conflict? If yes please you need to do MAC reset of interface
by ingdaka
Fri Jun 28, 2019 10:39 pm
Forum: Beginner Basics
Topic: 3 WAN failover
Replies: 3
Views: 627

Re: 3 WAN failover

Better to use PCC if you want loadbalancing https://www.youtube.com/watch?v=qDJ16kLe2hI&t=9s
Video shows just 2 wan but can me used for 3 wan too!
by ingdaka
Fri Jun 28, 2019 10:37 pm
Forum: General
Topic: Mikrotik DHCP with redundant links.
Replies: 4
Views: 452

Re: Mikrotik DHCP with redundant links.

You can use Bridges to mikrotik create vlan10 interface in ether1, and vlan10 interface in ether2 and put those 2 interfaces in same bridge, so dhcp server with be setup on bridge (same for other vlans), but should take care about PVST+ in switches to take care about loop!
by ingdaka
Fri Jun 28, 2019 10:32 pm
Forum: Beginner Basics
Topic: Simulation two WAN with one ISP
Replies: 3
Views: 548

Re: Simulation two WAN with one ISP

If you have 2 different gateways is one situation, if you have only 1 gateway you need L2 loadbalancing with is via portchannel
by ingdaka
Fri Jun 28, 2019 10:31 pm
Forum: Beginner Basics
Topic: how to close all UDP ports on mikrotik?
Replies: 1
Views: 216

Re: how to close all UDP ports on mikrotik?

ip firewall filter add chain=input protocol=udp action=drop This is to block every UDP packet destinated to your router! Is you want to block only port scanners you can do it Rule-1 /ip firewall filter add chain=input protocol=tcp psd=21,3s,3,1 action=add-src-to-address-list address-list="port scann...
by ingdaka
Fri Jun 28, 2019 10:24 pm
Forum: General
Topic: Forward DNS/web site to a local IP
Replies: 2
Views: 340

Re: Forward DNS/web site to a local IP

Gr3 is OK for this! First we need to know is if ISP Router is in bridge mode or in router mode!
by ingdaka
Thu Jun 20, 2019 10:25 pm
Forum: General
Topic: hap ac2 restarts each 5-20 minutes [SOLVED]
Replies: 4
Views: 367

Re: hap ac2 restarts each 5-20 minutes [SOLVED]

Most of time a power failure!
by ingdaka
Sat Jun 15, 2019 11:04 pm
Forum: General
Topic: need help choosing hardware
Replies: 5
Views: 344

Re: need help choosing hardware

by ingdaka
Fri Jun 14, 2019 6:04 pm
Forum: Beginner Basics
Topic: CCR1016-12S-1S+ CPU 100% Every Day
Replies: 2
Views: 221

Re: CCR1016-12S-1S+ CPU 100% Every Day

If you are sure that there is an attach on ports 5069 and 9956 then drop traffic to those ports!
by ingdaka
Thu Jun 13, 2019 10:07 pm
Forum: Beginner Basics
Topic: My first Mikrotik Router - Firewall Help
Replies: 16
Views: 888

Re: My first Mikrotik Router - Firewall Help

Yes you resolved your problem but have make you router vulnerable because somebody can send you connections to UDP port 53 and saturate you processor usage!
by ingdaka
Wed Jun 12, 2019 11:52 pm
Forum: General
Topic: Wierd Problem with Mikrotik
Replies: 5
Views: 422

Re: Wierd Problem with Mikrotik

I will try to replace RB3011 with a more powerful router and make all routers update to Current version!
by ingdaka
Wed Jun 12, 2019 11:50 pm
Forum: Beginner Basics
Topic: My first Mikrotik Router - Firewall Help
Replies: 16
Views: 888

Re: My first Mikrotik Router - Firewall Help

When you setup portfw and try to access this port from WAN that means there are "new connection" not related or established! You are not allowing new connections to initiate 3 way handshake to make those connections established!
by ingdaka
Wed Jun 12, 2019 11:45 pm
Forum: General
Topic: SNMP traffic monitoring bug
Replies: 2
Views: 195

Re: SNMP traffic monitoring bug

I monitor Mikrotik SNMP with 3 other softwares and everything works very well!
by ingdaka
Wed Jun 12, 2019 11:38 pm
Forum: Beginner Basics
Topic: Mikrotik VPN Connection
Replies: 6
Views: 548

Re: Mikrotik VPN Connection

Please post your configurations here! And see what happen!
by ingdaka
Fri Jun 07, 2019 10:14 pm
Forum: General
Topic: Mikrotik Online Certifications Test
Replies: 8
Views: 11897

Re: Mikrotik Online Certifications Test

These are their politics! But how you want to learn! Cisco also is the same all materials are on netacad! If you want to do the same with mikrotik you can get courses timeline https://mikrotik.com/training/about and search for topics on internet and learn, then you can ask trainers for discount to r...
by ingdaka
Fri Jun 07, 2019 10:09 pm
Forum: Wireless Networking
Topic: Wireless problems with Android and iOS phones
Replies: 6
Views: 527

Re: Wireless problems with Android and iOS phones

If this problem happens to new phones like Samsung Galaxy S10, Note 9 or iPhone X series!
Try to uncheck TKIP encryption from WiFi security!
by ingdaka
Sat Jun 01, 2019 5:14 pm
Forum: Wireless Networking
Topic: Large Apartment, no Ethernet
Replies: 28
Views: 1490

Re: Large Apartment, no Ethernet

by ingdaka
Tue May 28, 2019 9:45 pm
Forum: Beginner Basics
Topic: How to reserve IP in mikrotik hex poe lite [SOLVED]
Replies: 7
Views: 362

Re: How to reserve IP in mikrotik hex poe lite [SOLVED]

1st option: go to: IP > DHCP Server > Leases, find IP, right click and make static
2nd option: go to: IP > DHCP Server > Pool nad make changes as picture below to exclude those IP from Pool

Example Excluded IP form 172.16.100.111 to 172.16.100.115
Image
by ingdaka
Tue May 28, 2019 10:03 am
Forum: Beginner Basics
Topic: One last Newbie Question.. Hopefully
Replies: 4
Views: 313

Re: One last Newbie Question.. Hopefully

There are to much options for protecting your router and remote management it secured! One of them is to drop connections initial form WAN and allow IP Sec, so connect to router with VPN and do whatever you want!
by ingdaka
Tue May 28, 2019 9:45 am
Forum: Beginner Basics
Topic: Combining 2 Separate ISP into 1 Lan
Replies: 1
Views: 166

Re: Combining 2 Separate ISP into 1 Lan

https://www.youtube.com/watch?v=qDJ16kLe2hI

Use this, as wan 2 use PPPoE-Client Interface!
by ingdaka
Tue May 28, 2019 9:35 am
Forum: Beginner Basics
Topic: Route or Bridge ? ?
Replies: 13
Views: 710

Re: Route or Bridge ? ?

Better with router, and IP firewall
by ingdaka
Mon May 27, 2019 9:48 pm
Forum: The Dude
Topic: Interfaces monitoring [SOLVED]
Replies: 6
Views: 843

Re: Interfaces monitoring [SOLVED]

You can check Observium live on Mikrotik here, is my environment: http://171.22.151.3/ Credentials: demo/public There are 3 Mikrotik Devices 1 used as internal DHCP Server and CAPsMAN, 1 run as central router with DHCP Server and CAPsMAN and last one is a CCR that is used as PPPoE Server for approxi...
by ingdaka
Mon May 27, 2019 9:22 pm
Forum: Beginner Basics
Topic: Couple Newbie Questions. [SOLVED]
Replies: 2
Views: 246

Re: Couple Newbie Questions. [SOLVED]

To change IP Pool: Use winbox go to IP>Pool, double click pool and change it as you want!
To change DNS: Use winbox go to IP>DHCP Server > Networks, Double click network, if you see DNS Server gray click on it and write your dns, to add an second dns server, click on down arrow next to first one!
by ingdaka
Sun May 26, 2019 10:23 pm
Forum: Beginner Basics
Topic: Ban IP's / Drop connections of RDP Brute forcers
Replies: 6
Views: 521

Re: Ban IP's / Drop connections of RDP Brute forcers

add chain=input protocol=tcp dst-port=22 src-address-list=ssh_blacklist action=drop \ comment="drop ssh brute forcers" disabled=no add chain=input protocol=tcp dst-port=22 connection-state=new \ src-address-list=ssh_stage3 action=add-src-to-address-list address-list=ssh_blacklist \ address-list-time...
by ingdaka
Sun May 26, 2019 10:18 pm
Forum: Beginner Basics
Topic: Network
Replies: 1
Views: 164

Re: Network

I will suggest change mAP-Lite with https://mikrotik.com/product/pwr_line_ap , so you do not need to many ports with PoE!
by ingdaka
Sun May 26, 2019 10:12 pm
Forum: The Dude
Topic: Interfaces monitoring [SOLVED]
Replies: 6
Views: 843

Re: Interfaces monitoring [SOLVED]

Yes graph is hosted on device only! In my company I use Observium, free PHP tool that is automatic discovery with SNMP. Is great to see traffic, discovery, map, processor, ram, storage and all others! All device types supported and most of all, it's open source and you can modify it in your needs! A...
by ingdaka
Sun May 26, 2019 9:48 pm
Forum: General
Topic: DNS ghost traffic
Replies: 4
Views: 314

Re: DNS ghost traffic

Also for security issues you need to disable DNS remote request, because your router will respond to requests from WAN! Just with a small command somebody can send you syn requests to porte 53 of your router and within 2 minutes your router will get 100% of processor usage!
by ingdaka
Fri Nov 23, 2018 11:02 pm
Forum: Beginner Basics
Topic: DHCP showing Red
Replies: 9
Views: 1731

Re: DHCP showing Red

As you can see from italic font of ether5 it indicates that port is notconnected!
by ingdaka
Fri Nov 16, 2018 12:28 pm
Forum: Beginner Basics
Topic: PPPoE with Public IP
Replies: 4
Views: 539

Re: PPPoE with Public IP

Activate it on bridge and on interfaces.

When create profile as local address choose 10.10.10.1 and as remote create a pool with public IP. Or you can set them manualy when creating user as they are not to much!
by ingdaka
Wed Nov 14, 2018 8:31 pm
Forum: Beginner Basics
Topic: PPPoE with Public IP
Replies: 4
Views: 539

Re: PPPoE with Public IP

Just activate proxy-arp on wan and lan interface and then give those IP from PPPoE like a /32 type it in REMOTE ADDRESS when create pppoe users!
by ingdaka
Mon Nov 12, 2018 10:35 pm
Forum: Wireless Networking
Topic: RB1100 and CAPsMAN
Replies: 4
Views: 475

Re: RB1100 and CAPsMAN

As CaPsMAN AHx2 can handle number of AP but maybe will be a problem for traffic of 1200 clients
by ingdaka
Thu Nov 01, 2018 10:14 pm
Forum: General
Topic: Urgent help for configure
Replies: 2
Views: 348

Re: Urgent help for configure

Where are you stuck on this?
by ingdaka
Sun Oct 28, 2018 10:30 am
Forum: Beginner Basics
Topic: same ip for multi interfaces
Replies: 4
Views: 582

Re: same ip for multi interfaces

You cannot set same subnet in 2 interfaces even is interfaces are physical or virtual! Always will get overlap!
by ingdaka
Sun Oct 21, 2018 12:14 am
Forum: Beginner Basics
Topic: Migrate CCR 1009 to CCR 1036
Replies: 3
Views: 585

Re: Migrate CCR 1009 to CCR 1036

Backup file will give you error if you are in different models. Even if you are in same model you have to make reset mac after restore to new machine. Best practice is to got to terminal to actual device type export, copy all to txt file, make your necessary modifications and then go to new device t...
by ingdaka
Sun Oct 21, 2018 12:07 am
Forum: Beginner Basics
Topic: daily auto reboot
Replies: 7
Views: 1095

Re: daily auto reboot

No it is not important! Even if you have problems with your router or AP, you should fix problem not reboot it everyday!
  • 1
  • 2