Community discussions

Search found 160 matches

by ingdaka
Mon Oct 14, 2019 10:20 pm
Forum: General
Topic: Block Anydesk
Replies: 2
Views: 74

Re: Block Anydesk

L7 firewall block *.net.anydesk.com with regexp
by ingdaka
Thu Oct 10, 2019 9:17 pm
Forum: General
Topic: pppoe users dont disconnect after some day of uptime
Replies: 2
Views: 782

Re: pppoe users dont disconnect after some day of uptime

What is keepalive timeout configured in PPPoE Server?
by ingdaka
Fri Oct 04, 2019 11:06 pm
Forum: General
Topic: Mikrotik automatically changes password
Replies: 6
Views: 1247

Re: Mikrotik automatically changes password

2 new Golden Rules for every device:
1. If there is no default password, create one in first login.
2. If there is a default password, change it in first login.
by ingdaka
Fri Oct 04, 2019 11:02 pm
Forum: Beginner Basics
Topic: Should be a simple task of port forwarding [SOLVED]
Replies: 2
Views: 706

Re: Should be a simple task of port forwarding [SOLVED]

ip firewall nat add chain=dstnat dst-address=your_Pulic_IP protocol=tcp dst-port=Public_Port action=dst-nat to-addresses=your_LAN(Device)_IP to-ports=devide_Port
Paste this to terminal of Routerboard
by ingdaka
Thu Oct 03, 2019 9:19 pm
Forum: Forwarding Protocols
Topic: Failover between three Mikrotik routers
Replies: 9
Views: 924

Re: Failover between three Mikrotik routers

If you have just 1 or 2 subnets in each router you can use static routing, but if you have mode I would prefer OSPF
by ingdaka
Thu Oct 03, 2019 9:16 pm
Forum: General
Topic: Mikrotik PPPoE+Static Ip not working
Replies: 3
Views: 546

Re: Mikrotik PPPoE+Static Ip not working

Just Go to terminal type export and then paste it here! DNS does not have anything to do with default gateway in static IP configuring!
by ingdaka
Wed Oct 02, 2019 9:13 pm
Forum: General
Topic: MikroTik Bonding Failover Issues.
Replies: 3
Views: 329

Re: MikroTik Bonding Failover Issues.

I user RR and everything works perfect between 2 RB1100AHx4
by ingdaka
Tue Oct 01, 2019 10:48 pm
Forum: Beginner Basics
Topic: ISP Setup
Replies: 9
Views: 1034

Re: ISP Setup

Hi all, Thanks a lot for the replies. I very much appreciated it. What we planned is to have "PPPoE concentrates configured with Centralized AAA Radius", as ingdaka proposed. We have considered using each 1016s as PPPoE and dhcp server for each zone, but management wanted to centralized the control...
by ingdaka
Tue Oct 01, 2019 12:05 am
Forum: General
Topic: HexS to RB951G as AP
Replies: 2
Views: 347

Re: HexS to RB951G as AP

There is just 1 cpu 600MHz, so what are you waiting to have a full GB network 100% of time? Sorry dude!
by ingdaka
Mon Sep 30, 2019 11:02 pm
Forum: Beginner Basics
Topic: ISP Setup
Replies: 9
Views: 1034

Re: ISP Setup

In my idea you can configure 1036 as MAIN WAN AGGREGATION Router and all 1016 as PPPoE servers for clients! 1036 as a PPPoE server and all 1016 as PPPoE clients...! Also redundand paths between houses? Sounds too much... No! 1036 will have just routes to Public and Between 1016. 1016 to be PPPoE Se...
by ingdaka
Mon Sep 30, 2019 9:39 pm
Forum: Beginner Basics
Topic: ISP Setup
Replies: 9
Views: 1034

Re: ISP Setup

In my idea you can configure 1036 as MAIN WAN AGGREGATION Router and all 1016 as PPPoE servers for clients! Communication from 1036 to all 1016 to be with OSPF of iBGPso you can add backup redundant path between branches in a second moment!
by ingdaka
Thu Sep 26, 2019 11:08 pm
Forum: Virtualization
Topic: OpenWrt for ARM-based RB1100AHx4
Replies: 9
Views: 2815

Re: OpenWrt for ARM-based RB1100AHx4

Here you are at Mikrotik (RouterBoard + Router OS) forum. Not RouterBoard with 3rd party firmware, this can be your responsibility!
by ingdaka
Sun Sep 22, 2019 9:36 pm
Forum: Beginner Basics
Topic: PPPoe connection to ISP with tagged VLAN
Replies: 18
Views: 1686

Re: PPPoe connection to ISP with tagged VLAN

I'm a bit aware, why those ISP use Fiber connection and give you sync speed on 100Mbps! It's fucking wrong to use SFP to 100Mbps!
by ingdaka
Fri Sep 20, 2019 10:28 pm
Forum: Beginner Basics
Topic: PPPoe connection to ISP with tagged VLAN
Replies: 18
Views: 1686

Re: PPPoe connection to ISP with tagged VLAN

interface vlan add vlan-id=20 interface=sfp1 name=vlan20
interface pppoe-client add interface=vlan20 name=PPPoE_Out user=xxxxx password=yyyyyy use-peer-dns=yes add-default-route=yes
by ingdaka
Mon Sep 16, 2019 9:50 pm
Forum: General
Topic: Route All Traffic over L2TP
Replies: 2
Views: 413

Re: Route All Traffic over L2TP

First of all we need your network schema and config to help you! But if it is typical you need 2 default routes 0.0.0.0/0 to your Public interface of router with distance 1 and another one with exit interface your L2TP Interface with distance 2! Then you should mangle your LAN traffic via prerouting...
by ingdaka
Tue Sep 10, 2019 11:45 pm
Forum: RouterOS v7 BETA
Topic: cAP ac: no capsman [SOLVED]
Replies: 9
Views: 1512

Re: cAP ac: no capsman [SOLVED]

As you can read in this topic viewtopic.php?f=1&t=152003

What is not available:

- BGP / MPLS disabled
- Extra packages
- Winbox does not show all features, use CLI for most functionality

CAPs is a Extra Package Feature
by ingdaka
Tue Sep 10, 2019 11:42 pm
Forum: RouterOS v7 BETA
Topic: cAP ac: no capsman [SOLVED]
Replies: 9
Views: 1512

Re: cAP ac: no capsman [SOLVED]

You have to wait for ROS v7, is just in test version and does not have all features enabled!
by ingdaka
Tue Sep 10, 2019 10:17 pm
Forum: General
Topic: Remote Access & Port Forward Over L2TP [SOLVED]
Replies: 4
Views: 495

Re: Remote Access & Port Forward Over L2TP [SOLVED]

Just got it! Have to create a mangle rule to routing mark traffic of my camera and set a default route for this marked traffic and set as exit interface my vpn interface!
by ingdaka
Fri Sep 06, 2019 12:42 am
Forum: General
Topic: Remote Access & Port Forward Over L2TP [SOLVED]
Replies: 4
Views: 495

Remote Access & Port Forward Over L2TP [SOLVED]

I have a scenario like in picture: https://i.ibb.co/m6wCZj5/L2TP.jpg R1 has public IP and is configured as L2TP Server! R2 have just internet over nat and is configured as L2TP client! Both routers have full routing table to know each-other routes. R2 has a CCTV system connected. I can access this s...
by ingdaka
Thu Sep 05, 2019 12:04 pm
Forum: Forwarding Protocols
Topic: 2 WAN BGP failover
Replies: 6
Views: 727

Re: 2 WAN BGP failover

First of all 10.10.... looks like is an Private IP, you cannot advertise them to BGP!
by ingdaka
Thu Sep 05, 2019 12:02 pm
Forum: Beginner Basics
Topic: Change DDNS name (Mikrotik cloud)
Replies: 10
Views: 1056

Re: Change DDNS name (Mikrotik cloud)

That's for security reasons! Maybe I know your company name and I can attach you! But I don't think I will be able to get you router MAC Address to attach you!
by ingdaka
Tue Sep 03, 2019 11:01 am
Forum: Forwarding Protocols
Topic: Help with Mikrotik hAP series
Replies: 3
Views: 427

Re: Help with Mikrotik hAP series

Sometimes users don't set DNS on DHCP server!

Go to terminal and type export hide-sensitive and paste result here!
by ingdaka
Mon Aug 26, 2019 11:30 pm
Forum: Beginner Basics
Topic: Graphing problems
Replies: 3
Views: 352

Re: Graphing problems

Winbox have problems with graphing, please see webconfig
by ingdaka
Mon Aug 26, 2019 11:06 pm
Forum: Wireless Networking
Topic: CAPsMAN issue with 2 SSIDs
Replies: 3
Views: 414

Re: CAPsMAN issue with 2 SSIDs

Make this queue in subnet for employees or in bridge connected to datapath
by ingdaka
Sun Aug 25, 2019 12:09 pm
Forum: Beginner Basics
Topic: Problem with port forwarding
Replies: 1
Views: 261

Re: Problem with port forwarding

Type export in terminal and paste result here!
by ingdaka
Sat Aug 24, 2019 10:13 pm
Forum: General
Topic: BLOCK SPAMMERS DONT WORK - FIREWALL
Replies: 5
Views: 687

Re: BLOCK SPAMMERS DONT WORK - FIREWALL

Filter rules work on top down order, so you need to change order! Add src to address list should be before drop rule!
by ingdaka
Wed Aug 21, 2019 6:00 pm
Forum: Beginner Basics
Topic: Unstopable DSTNAT
Replies: 16
Views: 2166

Re: Unstopable DSTNAT

Go to terminal type export and paste the result here!
by ingdaka
Mon Aug 19, 2019 1:19 am
Forum: General
Topic: Problem with RB1100AHx4 In SWITCH1
Replies: 7
Views: 478

Re: Problem with RB1100AHx4 In SWITCH1

Or you have a device that is Broadcasting MAC
by ingdaka
Mon Aug 19, 2019 1:15 am
Forum: General
Topic: Problem with RB1100AHx4 In SWITCH1
Replies: 7
Views: 478

Re: Problem with RB1100AHx4 In SWITCH1

Is not problem with RB1100, problem is because you have loop on your network!
by ingdaka
Wed Aug 14, 2019 10:41 pm
Forum: Beginner Basics
Topic: Simple non internet Wireless acess point
Replies: 1
Views: 371

Re: Simple non internet Wireless acess point

1. Remove default config.
2. Add a bridge
3. Add app ports on this bridge (ether1, wlan1, wlan2)
4. Set IP 2.0.0.1/24 on bridge.
5. Setup dhcp-server to give IP 101-254
6. Set wlan1 and wlan2 as ap bridge and set password you want!
7. Set a password for your router
ALL DONE
by ingdaka
Wed Aug 14, 2019 12:01 am
Forum: Beginner Basics
Topic: print from one vlan to another?
Replies: 4
Views: 1105

Re: print from one vlan to another?

If you do NAT between 2 Subnets you cannot do access IP from one subnet to other one! The should just to be routed to each other!
by ingdaka
Tue Aug 13, 2019 3:50 pm
Forum: Beginner Basics
Topic: Mdaemon Mail Server With IP Nat in Mikrotik,,, Help
Replies: 2
Views: 492

Re: Mdaemon Mail Server With IP Nat in Mikrotik,,, Help

You have to configure 202.24.210.22 also in public interface of your router! Remote request about DNS should not be checked for security, you can get syn flood DDOS attach in your router using port 53! No need to use static entry on your router! Src-nat rule need to be setup to show allow mailserver...
by ingdaka
Tue Aug 13, 2019 3:41 pm
Forum: Beginner Basics
Topic: print from one vlan to another?
Replies: 4
Views: 1105

Re: print from one vlan to another?

Are those 2 VLAN (Subnets) configured in the same router?
by ingdaka
Tue Aug 13, 2019 3:39 pm
Forum: General
Topic: router without vlan CAN WORK with Mikrotik?
Replies: 2
Views: 465

Re: router without vlan CAN WORK with Mikrotik?

None of routers has VLAN configured by default!
by ingdaka
Tue Aug 13, 2019 3:38 pm
Forum: Wireless Networking
Topic: Extending the range of a wireless network with mikrotik
Replies: 5
Views: 1520

Re: Extending the range of a wireless network with mikrotik

You can use cAP, but to be sure about mobility you have to use CAPsMAN
by ingdaka
Mon Aug 12, 2019 4:22 pm
Forum: General
Topic: IPSec or NAT - Strange Problem RB750GR3
Replies: 0
Views: 213

IPSec or NAT - Strange Problem RB750GR3

Hello! 1. I see a problem with IPSec tine by time with one of my routers that is RB750Gr3. Sometime IPSec tunnel is UP, PH1 and PH2 are up but not sending traffic! Problem resolved after i kill active peers. 2. Next problem is that sometimes users try to access server to remote site and cannot find ...
by ingdaka
Sat Aug 10, 2019 11:19 pm
Forum: General
Topic: Strange Network Loop
Replies: 2
Views: 378

Re: Strange Network Loop

As Sindy has told you! Simple way there is a problem with cables!
Image
https://ibb.co/sHQjpLh

Also as I see there is the same MAC of Mikrotik know from port 2 and 3! Maybe there is a cable Loop too!
by ingdaka
Sat Aug 10, 2019 11:10 pm
Forum: RouterBOARD hardware
Topic: CCR1009-7G-1C-1S+ & Cisco 3750X SFP Problem
Replies: 1
Views: 382

Re: CCR1009-7G-1C-1S+ & Cisco 3750X SFP Problem

This is a problem to cisco compatibility! So you should post this request to cisco forums!
by ingdaka
Sat Aug 10, 2019 11:04 pm
Forum: RouterBOARD hardware
Topic: Electrical Problems Causing Failure
Replies: 10
Views: 1354

Re: Electrical Problems Causing Failure

This one looks more like high humidity of air! Also ionized humidity of air, like a close to beach air!
by ingdaka
Sat Aug 10, 2019 10:57 pm
Forum: General
Topic: ISP VLAN
Replies: 3
Views: 482

Re: ISP VLAN

If Switchport is Access VLAN Untaged configurations to Mikrotik should configure directly in interface, no VLAN need!
If switchport is Trunk with allowed VLAN (Tagged VLAN), you can config VLAN in Mikrotik!
by ingdaka
Sat Aug 10, 2019 10:52 pm
Forum: Beginner Basics
Topic: RouterOS 6.44.3 IPsec Peers tab missing options
Replies: 2
Views: 540

Re: RouterOS 6.44.3 IPsec Peers tab missing options

New versions of RouterOS has some changes in menu!
by ingdaka
Sat Aug 10, 2019 10:46 pm
Forum: Beginner Basics
Topic: how to send all trafic over l2tp clinet vpn
Replies: 4
Views: 553

Re: how to send all trafic over l2tp clinet vpn

That's because your VPN server can block ping to protest his self from ping flood! Also speed of Internet over VPN is limited by VPN Server!
by ingdaka
Thu Aug 01, 2019 3:38 pm
Forum: Beginner Basics
Topic: Cannot get BT (UK) with PPPoE working :(
Replies: 5
Views: 513

Re: Cannot get BT (UK) with PPPoE working :(

If you can ping 8.8.8.8 from inside mikrotik but there is not Internet on LAN, then you have forgot to setup NAT!
by ingdaka
Thu Aug 01, 2019 3:33 pm
Forum: General
Topic: EoIP, WIN 10 DHCP problem
Replies: 2
Views: 286

Re: EoIP, WIN 10 DHCP problem

It should work!
Just go to terminal type export and paste all config here! Hide sensitive information!
by ingdaka
Thu Aug 01, 2019 3:32 pm
Forum: Beginner Basics
Topic: Small MikroTik, Big MikroTik
Replies: 2
Views: 346

Re: Small MikroTik, Big MikroTik

Only change is power and capability to handle traffic and other links!
by ingdaka
Mon Jul 29, 2019 11:38 pm
Forum: General
Topic: site to site ipsec Mikrotik/Teltonika
Replies: 24
Views: 2198

Re: site to site ipsec Mikrotik/Teltonika

Teltonika RUT955 also use IPsec, PPTP or L2TP that can run very good in Mikrotik too!
by ingdaka
Mon Jul 29, 2019 11:29 pm
Forum: Beginner Basics
Topic: DHCP Server Text is RED
Replies: 2
Views: 465

Re: DHCP Server Text is RED

Just do and "export" in terminal and paste the script here!
Maybe the bridge1 does not have an IP Address!
by ingdaka
Mon Jul 29, 2019 9:07 pm
Forum: General
Topic: Unable to access router from failover WAN IP when primary WAN IP is active, and vice versa.
Replies: 2
Views: 404

Re: Unable to access router from failover WAN IP when primary WAN IP is active, and vice versa.

Because you ping router from backup IP and he try to respond through active default route!
by ingdaka
Sun Jul 28, 2019 1:07 pm
Forum: General
Topic: RB960PGS full use of 200/100 Fibre?
Replies: 5
Views: 636

Re: RB960PGS full use of 200/100 Fibre?

I suggested RB1100 AHx4 because he mentioned that: "not using sfp, but Ethernet to ISP ONT". Yes I'm aware about ONT, if this little device will be capable to take all this traffic all time without problems!
A suggestion for you is to make that ONT as Bridge and config ISP settings to Mikrotik!
by ingdaka
Sun Jul 28, 2019 12:30 am
Forum: General
Topic: RouterBOARD 750UP - no Respones> Reset with no Default Configuration
Replies: 1
Views: 263

Re: RouterBOARD 750UP - no Respones> Reset with no Default Configuration

You can try netinstall! But this router is so old!
by ingdaka
Sat Jul 27, 2019 9:57 pm
Forum: General
Topic: Remotely monitor large amount of routers
Replies: 20
Views: 2065

Re: Remotely monitor large amount of routers

What I have did in my network with about 500 Routers that are using dynamic wan IP, thinking :?: :?: :?: :?: SNMP will not help me! So I got this solution: Setup and SNMP monitoring server with http://www.observium.org/ free and works very good (last update automatic 1 script Installation). Got one ...
by ingdaka
Sat Jul 27, 2019 9:39 pm
Forum: General
Topic: VPN to Mikrotik for an Android phone!!!
Replies: 6
Views: 657

Re: VPN to Mikrotik for an Android phone!!!

I work many remote access Mikrotik with L2TP to my Note 8 Device with Android 9, no issue since now! You can use Mikrotik ass L2TP server but to get connected you need to forward port 4500 and 500 from TP-Link to Mikrotik!
by ingdaka
Sat Jul 27, 2019 9:33 pm
Forum: General
Topic: RB960PGS full use of 200/100 Fibre?
Replies: 5
Views: 636

Re: RB960PGS full use of 200/100 Fibre?

For a cheap device you can use RB1100AHx4 as it will be OK for about 200 PPPoE Clients but not more (Tested to one of my clients)
For a good device during to 500 PPPoE Clients you can use CCR1009-7G-1C-PC
by ingdaka
Sat Jul 27, 2019 7:56 am
Forum: Beginner Basics
Topic: Permit Winbox
Replies: 11
Views: 1124

Re: Permit Winbox

In default configuration access from wan is blocked! Just go to IP > Firewall > Filter Rules and disable input drop rule ate the end of list
Of better recommend is to create a new rule chain input, protocol tcp, Dst. Port 8291, action accept and put this rule on top of all other rules!
by ingdaka
Thu Jul 25, 2019 9:52 pm
Forum: General
Topic: [ASK] FastTrack for SpeedTest
Replies: 14
Views: 930

Re: [ASK] FastTrack for SpeedTest

This will not work because when you use speedtest.net there is no traffic based on the webpage but on the server you choose and different server has different IP! But all servers use port 8080 so you can fasttrack this port!
by ingdaka
Thu Jul 25, 2019 12:45 am
Forum: General
Topic: Feature request for v7.x
Replies: 269
Views: 63556

Re: Feature request for v7.x

+1 for BGP4-MIB (RFC 4273)
by ingdaka
Sun Jul 21, 2019 10:41 pm
Forum: General
Topic: winbox
Replies: 1
Views: 443

Re: winbox

Try to disable antivirus!
by ingdaka
Sat Jul 20, 2019 10:24 pm
Forum: Beginner Basics
Topic: Force IP (Fortigate) to use specific wan (Mikrotik) [SOLVED]
Replies: 8
Views: 1074

Re: Force IP (Fortigate) to use specific wan (Mikrotik) [SOLVED]

I work in mikrotik! I think he is using nat on fortigate! Because he is on dual wan (or sd-wan)!
by ingdaka
Sat Jul 20, 2019 10:18 pm
Forum: Virtualization
Topic: Transferring license from mikrotik server to Vmware Virtual Machine
Replies: 2
Views: 711

Re: Transferring license from mikrotik server to Vmware Virtual Machine

As I have experience about 7 years with mikrotik transfer of license can't be done because of change of machine ID
by ingdaka
Thu Jul 18, 2019 7:46 pm
Forum: General
Topic: how to display Password of PPPOE user from a Mikrotik router?
Replies: 5
Views: 509

Re: how to display Password of PPPOE user from a Mikrotik router?

System is using external radius system! You cannot see them in mikrotik, just in radius!
by ingdaka
Tue Jul 16, 2019 8:43 pm
Forum: Wireless Networking
Topic: Status Link Down on CapsMan
Replies: 1
Views: 350

Re: Status Link Down on CapsMan

That happens because when no one is connected to that SSID it is considered as down interface!
by ingdaka
Mon Jul 15, 2019 8:14 pm
Forum: Beginner Basics
Topic: Block Youtube but not with gmail
Replies: 11
Views: 939

Re: Block Youtube but not with gmail

Put new created rules on top of firewall list!
by ingdaka
Thu Jul 11, 2019 1:09 pm
Forum: Beginner Basics
Topic: hEX (revision 3) with Dual Wan - HELP
Replies: 2
Views: 348

Re: hEX (revision 3) with Dual Wan - HELP

Do you need just failover or loadbalancing between both wan-s?
by ingdaka
Wed Jul 10, 2019 10:14 am
Forum: General
Topic: L2TP clinet work on windows not work in mikrotik
Replies: 4
Views: 297

Re: L2TP clinet work on windows not work in mikrotik

You need to post you configuration of Mikrotik L2TP Client
by ingdaka
Wed Jul 10, 2019 12:20 am
Forum: General
Topic: Port Forwarding Not Working but Shows Packets
Replies: 11
Views: 876

Re: Port Forwarding Not Working but Shows Packets

When you create dst-nat rule, is not important to specify in interface, but need to specify destination address (WAN IP [Public])
by ingdaka
Mon Jul 08, 2019 8:47 pm
Forum: Beginner Basics
Topic: Port Forwarding RB2011UiAS
Replies: 10
Views: 831

Re: Port Forwarding RB2011UiAS

First of all I will suggest to reset router without default configuration!
Then configure it step-by-step with your requirements!
by ingdaka
Mon Jul 08, 2019 8:44 pm
Forum: General
Topic: IPsec.Well Done !!!!
Replies: 1
Views: 373

Re: IPsec.Well Done !!!!

Is this an issue?
by ingdaka
Sat Jul 06, 2019 9:07 pm
Forum: General
Topic: IPSec VPN tunnels not working when upgraded to 6.45.1
Replies: 3
Views: 1506

Re: IPSec VPN tunnels not working when upgraded to 6.45.1

That is a security feature that was developed since 6.44! You need to set both Remote and Local Peer IP! Before there was just remote peer IP!
by ingdaka
Fri Jul 05, 2019 2:17 pm
Forum: Beginner Basics
Topic: Installed new SXT LTE kit - Whatsapp images can't send or receive
Replies: 3
Views: 327

Re: Installed new SXT LTE kit - Whatsapp images can't send or receive

Your "bad luck"! Installed internet access on that day! Not Mikrotik device fault!
by ingdaka
Fri Jul 05, 2019 2:14 pm
Forum: Beginner Basics
Topic: admin password recovery
Replies: 6
Views: 585

Re: admin password recovery

Then only way for mikrotik is to reset devices to factory default!
by ingdaka
Fri Jul 05, 2019 1:57 pm
Forum: Beginner Basics
Topic: Cannot access Hikvision NVR remotely
Replies: 4
Views: 457

Re: Cannot access Hikvision NVR remotely

First of all NR51P6-16 is not any Hikvision Device, maybe any Chinese copy of hikvision!
Second you if port 8080 is open in nat and is available on NVR you should type Public IP:8080 in your browser not just IP, because if you type only IP will respond to port 80 which belong to router web page!
by ingdaka
Tue Jul 02, 2019 9:29 pm
Forum: RouterBOARD hardware
Topic: What RB to choose?
Replies: 6
Views: 1022

Re: What RB to choose?

For now I use hEX S to handle about 360 Mbps / 360 Mbps from 3 ISP with BGP configured and is working OK so far! For traffic you need with some fw roles hEX S will do his job well!
by ingdaka
Tue Jul 02, 2019 9:26 pm
Forum: General
Topic: 2 networks in the same bridge
Replies: 1
Views: 274

Re: 2 networks in the same bridge

No there is not! Because you cannot set ip address in slave interface
by ingdaka
Mon Jul 01, 2019 9:18 pm
Forum: General
Topic: VPN for multiple Sites.
Replies: 2
Views: 347

Re: VPN for multiple Sites.

First of all we need to know the idea of network! Then requests that you need and then current configurations!
by ingdaka
Sun Jun 30, 2019 6:38 pm
Forum: Wireless Networking
Topic: CAPSman - only single CAP will connect
Replies: 13
Views: 1454

Re: CAPSman - only single CAP will connect

If you have done reset form winbox just check caps mode!
by ingdaka
Sun Jun 30, 2019 5:03 pm
Forum: Wireless Networking
Topic: CAPSman - only single CAP will connect
Replies: 13
Views: 1454

Re: CAPSman - only single CAP will connect

Have you restored configuration from another device, that you get mac conflict? If yes please you need to do MAC reset of interface
by ingdaka
Fri Jun 28, 2019 10:39 pm
Forum: Beginner Basics
Topic: 3 WAN failover
Replies: 5
Views: 1046

Re: 3 WAN failover

Better to use PCC if you want loadbalancing https://www.youtube.com/watch?v=qDJ16kLe2hI&t=9s
Video shows just 2 wan but can me used for 3 wan too!
by ingdaka
Fri Jun 28, 2019 10:37 pm
Forum: General
Topic: Mikrotik DHCP with redundant links.
Replies: 4
Views: 532

Re: Mikrotik DHCP with redundant links.

You can use Bridges to mikrotik create vlan10 interface in ether1, and vlan10 interface in ether2 and put those 2 interfaces in same bridge, so dhcp server with be setup on bridge (same for other vlans), but should take care about PVST+ in switches to take care about loop!
by ingdaka
Fri Jun 28, 2019 10:32 pm
Forum: Beginner Basics
Topic: Simulation two WAN with one ISP
Replies: 4
Views: 715

Re: Simulation two WAN with one ISP

If you have 2 different gateways is one situation, if you have only 1 gateway you need L2 loadbalancing with is via portchannel
by ingdaka
Fri Jun 28, 2019 10:31 pm
Forum: Beginner Basics
Topic: how to close all UDP ports on mikrotik?
Replies: 1
Views: 295

Re: how to close all UDP ports on mikrotik?

ip firewall filter add chain=input protocol=udp action=drop This is to block every UDP packet destinated to your router! Is you want to block only port scanners you can do it Rule-1 /ip firewall filter add chain=input protocol=tcp psd=21,3s,3,1 action=add-src-to-address-list address-list="port scann...
by ingdaka
Fri Jun 28, 2019 10:24 pm
Forum: General
Topic: Forward DNS/web site to a local IP
Replies: 6
Views: 676

Re: Forward DNS/web site to a local IP

Gr3 is OK for this! First we need to know is if ISP Router is in bridge mode or in router mode!
by ingdaka
Thu Jun 20, 2019 10:25 pm
Forum: General
Topic: hap ac2 restarts each 5-20 minutes [SOLVED]
Replies: 4
Views: 475

Re: hap ac2 restarts each 5-20 minutes [SOLVED]

Most of time a power failure!
by ingdaka
Sat Jun 15, 2019 11:04 pm
Forum: General
Topic: need help choosing hardware
Replies: 5
Views: 434

Re: need help choosing hardware

by ingdaka
Fri Jun 14, 2019 6:04 pm
Forum: Beginner Basics
Topic: CCR1016-12S-1S+ CPU 100% Every Day
Replies: 2
Views: 305

Re: CCR1016-12S-1S+ CPU 100% Every Day

If you are sure that there is an attach on ports 5069 and 9956 then drop traffic to those ports!
by ingdaka
Thu Jun 13, 2019 10:07 pm
Forum: Beginner Basics
Topic: My first Mikrotik Router - Firewall Help
Replies: 16
Views: 1060

Re: My first Mikrotik Router - Firewall Help

Yes you resolved your problem but have make you router vulnerable because somebody can send you connections to UDP port 53 and saturate you processor usage!
by ingdaka
Wed Jun 12, 2019 11:52 pm
Forum: General
Topic: Wierd Problem with Mikrotik
Replies: 5
Views: 511

Re: Wierd Problem with Mikrotik

I will try to replace RB3011 with a more powerful router and make all routers update to Current version!
by ingdaka
Wed Jun 12, 2019 11:50 pm
Forum: Beginner Basics
Topic: My first Mikrotik Router - Firewall Help
Replies: 16
Views: 1060

Re: My first Mikrotik Router - Firewall Help

When you setup portfw and try to access this port from WAN that means there are "new connection" not related or established! You are not allowing new connections to initiate 3 way handshake to make those connections established!
by ingdaka
Wed Jun 12, 2019 11:45 pm
Forum: General
Topic: SNMP traffic monitoring bug
Replies: 2
Views: 258

Re: SNMP traffic monitoring bug

I monitor Mikrotik SNMP with 3 other softwares and everything works very well!
by ingdaka
Wed Jun 12, 2019 11:38 pm
Forum: Beginner Basics
Topic: Mikrotik VPN Connection
Replies: 6
Views: 675

Re: Mikrotik VPN Connection

Please post your configurations here! And see what happen!
by ingdaka
Fri Jun 07, 2019 10:14 pm
Forum: General
Topic: Mikrotik Online Certifications Test
Replies: 8
Views: 13191

Re: Mikrotik Online Certifications Test

These are their politics! But how you want to learn! Cisco also is the same all materials are on netacad! If you want to do the same with mikrotik you can get courses timeline https://mikrotik.com/training/about and search for topics on internet and learn, then you can ask trainers for discount to r...
by ingdaka
Fri Jun 07, 2019 10:09 pm
Forum: Wireless Networking
Topic: Wireless problems with Android and iOS phones
Replies: 6
Views: 850

Re: Wireless problems with Android and iOS phones

If this problem happens to new phones like Samsung Galaxy S10, Note 9 or iPhone X series!
Try to uncheck TKIP encryption from WiFi security!
by ingdaka
Sat Jun 01, 2019 5:14 pm
Forum: Wireless Networking
Topic: Large Apartment, no Ethernet
Replies: 28
Views: 1894

Re: Large Apartment, no Ethernet

by ingdaka
Tue May 28, 2019 9:45 pm
Forum: Beginner Basics
Topic: How to reserve IP in mikrotik hex poe lite [SOLVED]
Replies: 7
Views: 490

Re: How to reserve IP in mikrotik hex poe lite [SOLVED]

1st option: go to: IP > DHCP Server > Leases, find IP, right click and make static
2nd option: go to: IP > DHCP Server > Pool nad make changes as picture below to exclude those IP from Pool

Example Excluded IP form 172.16.100.111 to 172.16.100.115
Image
by ingdaka
Tue May 28, 2019 10:03 am
Forum: Beginner Basics
Topic: One last Newbie Question.. Hopefully
Replies: 4
Views: 392

Re: One last Newbie Question.. Hopefully

There are to much options for protecting your router and remote management it secured! One of them is to drop connections initial form WAN and allow IP Sec, so connect to router with VPN and do whatever you want!
by ingdaka
Tue May 28, 2019 9:45 am
Forum: Beginner Basics
Topic: Combining 2 Separate ISP into 1 Lan
Replies: 1
Views: 209

Re: Combining 2 Separate ISP into 1 Lan

https://www.youtube.com/watch?v=qDJ16kLe2hI

Use this, as wan 2 use PPPoE-Client Interface!
by ingdaka
Tue May 28, 2019 9:35 am
Forum: Beginner Basics
Topic: Route or Bridge ? ?
Replies: 13
Views: 842

Re: Route or Bridge ? ?

Better with router, and IP firewall
by ingdaka
Mon May 27, 2019 9:48 pm
Forum: The Dude
Topic: Interfaces monitoring [SOLVED]
Replies: 6
Views: 1294

Re: Interfaces monitoring [SOLVED]

You can check Observium live on Mikrotik here, is my environment: http://171.22.151.3/ Credentials: demo/public There are 3 Mikrotik Devices 1 used as internal DHCP Server and CAPsMAN, 1 run as central router with DHCP Server and CAPsMAN and last one is a CCR that is used as PPPoE Server for approxi...
by ingdaka
Mon May 27, 2019 9:22 pm
Forum: Beginner Basics
Topic: Couple Newbie Questions. [SOLVED]
Replies: 2
Views: 341

Re: Couple Newbie Questions. [SOLVED]

To change IP Pool: Use winbox go to IP>Pool, double click pool and change it as you want!
To change DNS: Use winbox go to IP>DHCP Server > Networks, Double click network, if you see DNS Server gray click on it and write your dns, to add an second dns server, click on down arrow next to first one!
by ingdaka
Sun May 26, 2019 10:23 pm
Forum: Beginner Basics
Topic: Ban IP's / Drop connections of RDP Brute forcers
Replies: 6
Views: 665

Re: Ban IP's / Drop connections of RDP Brute forcers

add chain=input protocol=tcp dst-port=22 src-address-list=ssh_blacklist action=drop \ comment="drop ssh brute forcers" disabled=no add chain=input protocol=tcp dst-port=22 connection-state=new \ src-address-list=ssh_stage3 action=add-src-to-address-list address-list=ssh_blacklist \ address-list-time...
by ingdaka
Sun May 26, 2019 10:18 pm
Forum: Beginner Basics
Topic: Network
Replies: 1
Views: 221

Re: Network

I will suggest change mAP-Lite with https://mikrotik.com/product/pwr_line_ap , so you do not need to many ports with PoE!
by ingdaka
Sun May 26, 2019 10:12 pm
Forum: The Dude
Topic: Interfaces monitoring [SOLVED]
Replies: 6
Views: 1294

Re: Interfaces monitoring [SOLVED]

Yes graph is hosted on device only! In my company I use Observium, free PHP tool that is automatic discovery with SNMP. Is great to see traffic, discovery, map, processor, ram, storage and all others! All device types supported and most of all, it's open source and you can modify it in your needs! A...
by ingdaka
Sun May 26, 2019 9:48 pm
Forum: General
Topic: DNS ghost traffic
Replies: 4
Views: 406

Re: DNS ghost traffic

Also for security issues you need to disable DNS remote request, because your router will respond to requests from WAN! Just with a small command somebody can send you syn requests to porte 53 of your router and within 2 minutes your router will get 100% of processor usage!
by ingdaka
Fri Nov 23, 2018 11:02 pm
Forum: Beginner Basics
Topic: DHCP showing Red
Replies: 9
Views: 2263

Re: DHCP showing Red

As you can see from italic font of ether5 it indicates that port is notconnected!
by ingdaka
Fri Nov 16, 2018 12:28 pm
Forum: Beginner Basics
Topic: PPPoE with Public IP
Replies: 4
Views: 665

Re: PPPoE with Public IP

Activate it on bridge and on interfaces.

When create profile as local address choose 10.10.10.1 and as remote create a pool with public IP. Or you can set them manualy when creating user as they are not to much!
by ingdaka
Wed Nov 14, 2018 8:31 pm
Forum: Beginner Basics
Topic: PPPoE with Public IP
Replies: 4
Views: 665

Re: PPPoE with Public IP

Just activate proxy-arp on wan and lan interface and then give those IP from PPPoE like a /32 type it in REMOTE ADDRESS when create pppoe users!
by ingdaka
Mon Nov 12, 2018 10:35 pm
Forum: Wireless Networking
Topic: RB1100 and CAPsMAN
Replies: 4
Views: 529

Re: RB1100 and CAPsMAN

As CaPsMAN AHx2 can handle number of AP but maybe will be a problem for traffic of 1200 clients
by ingdaka
Thu Nov 01, 2018 10:14 pm
Forum: General
Topic: Urgent help for configure
Replies: 2
Views: 392

Re: Urgent help for configure

Where are you stuck on this?
by ingdaka
Sun Oct 28, 2018 10:30 am
Forum: Beginner Basics
Topic: same ip for multi interfaces
Replies: 4
Views: 658

Re: same ip for multi interfaces

You cannot set same subnet in 2 interfaces even is interfaces are physical or virtual! Always will get overlap!
by ingdaka
Sun Oct 21, 2018 12:14 am
Forum: Beginner Basics
Topic: Migrate CCR 1009 to CCR 1036
Replies: 3
Views: 635

Re: Migrate CCR 1009 to CCR 1036

Backup file will give you error if you are in different models. Even if you are in same model you have to make reset mac after restore to new machine. Best practice is to got to terminal to actual device type export, copy all to txt file, make your necessary modifications and then go to new device t...
by ingdaka
Sun Oct 21, 2018 12:07 am
Forum: Beginner Basics
Topic: daily auto reboot
Replies: 7
Views: 1253

Re: daily auto reboot

No it is not important! Even if you have problems with your router or AP, you should fix problem not reboot it everyday!
by ingdaka
Sat Oct 06, 2018 4:52 pm
Forum: Beginner Basics
Topic: I broke my network and can't access Webfig. Please help
Replies: 5
Views: 862

Re: I broke my network and can't access Webfig. Please help

Winbox can work ON mac os too...
by ingdaka
Sat Oct 06, 2018 4:50 pm
Forum: Beginner Basics
Topic: Question about virtual AP bridge and NAT
Replies: 7
Views: 449

Re: Question about virtual AP bridge and NAT

All LAN that you will create will have internet because of masquerade rule, there you have setup just exit interface, not source subnets, so it get all subnets
by ingdaka
Sun Sep 30, 2018 8:53 pm
Forum: General
Topic: CCTV DVR Port Forwarding [SOLVED]
Replies: 9
Views: 3269

Re: CCTV DVR Port Forwarding [SOLVED]

Config is OK, but 8000 is port for access by DVR software not from WEB interface, you need to configure 8080 port to on the same way as you have configured 8000! You need masquerade role too! If you have problems, please go to terminal and type export, and paste the results here!
by ingdaka
Sat Sep 29, 2018 9:40 pm
Forum: General
Topic: [Help] Port Forwarding load balancing mikrotik
Replies: 5
Views: 585

Re: [Help] Port Forwarding load balancing mikrotik

This will work only if you do DST-NAT and SRC-NAT for each device, because on load-balancing you get dynamic ingress and egress traffic, so if you ask router to access form outside from ISP1 IP it will respond back with a traffic from ISP2 that is the problem! But if you do a src-nat that the IP tha...
by ingdaka
Sat Sep 29, 2018 9:36 pm
Forum: General
Topic: CCTV DVR Port Forwarding [SOLVED]
Replies: 9
Views: 3269

Re: CCTV DVR Port Forwarding [SOLVED]

ip firewall nat add chain=dstnat dst-address=your-public-ip-address protocol=tcp dst-port=external-port action=dst-nat to-
addresses=your-dvr-ip to-ports=your-dvr-port

This will work if you have and Public IP Address on WAN offered by ISP!
by ingdaka
Sat Sep 29, 2018 9:30 pm
Forum: General
Topic: EoIP Tunnel not running?
Replies: 8
Views: 1593

Re: EoIP Tunnel not running?

Please check logs and ave you tried to ping routers if they can reach each-other?
by ingdaka
Fri Sep 21, 2018 8:55 pm
Forum: Beginner Basics
Topic: WebFig connection lost after applying Quick Set
Replies: 3
Views: 670

Re: WebFig connection lost after applying Quick Set

Even that you set your IP you don't set interface where this IP will be applied!
by ingdaka
Sun Sep 16, 2018 3:49 pm
Forum: General
Topic: confused in solutions [SOLVED]
Replies: 3
Views: 377

Re: confused in solutions [SOLVED]

https://www.youtube.com/watch?v=dnLKyu4_md8
This is for 2 WAN but with same config you can use 3 or 4 WAN links!
by ingdaka
Wed Sep 12, 2018 11:05 pm
Forum: RouterBOARD hardware
Topic: Mikrotik CCR1072 new with 4Gb of ram less [SOLVED]
Replies: 12
Views: 2226

Re: Mikrotik CCR1072 new with 4Gb of ram less [SOLVED]

If they are new, you should go to the reseller where you buy them! ASAP!
by ingdaka
Wed Sep 12, 2018 11:01 pm
Forum: Beginner Basics
Topic: Load Balance not working with IDM
Replies: 6
Views: 497

Re: Load Balance not working with IDM

IDM get connection to one server and stay in Established status until finishing the download! Torrent use different path-s and get connection from the line which have shortest path! So problem is with IDM technology not with Mikrotik!
by ingdaka
Sun Sep 02, 2018 11:44 pm
Forum: Beginner Basics
Topic: my Backup File doesn't work on the new router
Replies: 2
Views: 336

Re: my Backup File doesn't work on the new router

You should go to terminal and type export, then copy and paste everything to new router. Binary file need exact the same router to work, even this you have do make reset mac to every interface of new router!
by ingdaka
Sat Sep 01, 2018 1:52 pm
Forum: Beginner Basics
Topic: Dual Wan Setup for Dummies [SOLVED]
Replies: 7
Views: 892

Re: Dual Wan Setup for Dummies [SOLVED]

Go to IP > DHCP Client and Add your second dhcp on ether 5 with default route=no https://ibb.co/haU5ue https://ibb.co/fzRh7z Go to IP > Route to add your Default route for both ISP, delete any actual default route (0.0.0.0/0). Add new default route with 2 gateway interfaces or 2 IP Gateway if they d...
by ingdaka
Sat Sep 01, 2018 1:39 pm
Forum: RouterBOARD hardware
Topic: R450G overheating at about 51oC temperature?
Replies: 19
Views: 1464

Re: R450G overheating at about 51oC temperature?

How many years is your RB450G working, I use 5 of them in my company and I have scheduled them to reboot every 8 hours! Boy it's time to change!
by ingdaka
Sat Sep 01, 2018 1:35 pm
Forum: RouterBOARD hardware
Topic: RB3011 - SFP not working - hardware defect?
Replies: 8
Views: 1237

Re: RB3011 - SFP not working - hardware defect?

Or you have to use Mikrotik SFP Module!
by ingdaka
Sat Sep 01, 2018 1:30 pm
Forum: RouterBOARD hardware
Topic: Mikrotik VDSL / DSL Modem?
Replies: 314
Views: 87366

Re: Mikrotik VDSL / DSL Modem?

In the future??? Is DSL the future, I thing PON and SFP is the future!
by ingdaka
Fri Aug 31, 2018 10:31 pm
Forum: Beginner Basics
Topic: How to change mikrotik Rb750gr3 hotspot login page..?
Replies: 3
Views: 697

Re: How to change mikrotik Rb750gr3 hotspot login page..?

Right no wifi interface needed for hotspot! Go to files and find the login file page, drag and drop to computer, with just some basic knowledge to html change it and copy again into mikrotik!
by ingdaka
Fri Aug 24, 2018 6:41 pm
Forum: RouterBOARD hardware
Topic: Please give a remote hard reset option!!!
Replies: 11
Views: 1489

Re: Please give a remote hard reset option!!!

Hard Reset mean that you need to get in touch with device!
by ingdaka
Mon Aug 20, 2018 9:44 pm
Forum: General
Topic: Block traffic same subnet VLAN
Replies: 35
Views: 2047

Re: Traffic same subnet

Guys for 2 hosts in the same subnet no router is needed to have a connection, you are in L2 connection and router operates in L3 networking. So you need to block this traffic on switch, not in Mikrotik. If rules works form one subnet to other one, Mikrotik has done his job!
by ingdaka
Fri Jul 27, 2018 9:19 pm
Forum: General
Topic: Public Pool IP
Replies: 1
Views: 247

Re: Public Pool IP

Does this client get your service with route or PPPoE?
by ingdaka
Sat Jul 14, 2018 3:19 pm
Forum: General
Topic: How to prevent communication between two bridges? [SOLVED]
Replies: 7
Views: 855

Re: How to prevent communication between two bridges? [SOLVED]

ip firewall filter add chain=forward src-address=XXX.XXX.XXX.XXX/X dst-address=YYY.YYY.YYY.YYY/Y action=drop ip firewall filter add chain=forward src-address=YYY.YYY.YYY.YYY/Y dst-address=XXX.XXX.XXX.XXX/X action=drop XXX.XXX.XXX.XXX/X - Bridge1 Subnet example 192.168.1.0/24 YYY.YYY.YYY.YYY/Y - Brid...
by ingdaka
Fri Jul 13, 2018 10:15 pm
Forum: General
Topic: Completely wipe off and reset router
Replies: 1
Views: 343

Re: Completely wipe off and reset router

Best way is NetInstall
by ingdaka
Sun Jul 01, 2018 7:21 pm
Forum: Forwarding Protocols
Topic: Port Forwarding for Security Camera's
Replies: 10
Views: 1475

Re: Port Forwarding for Security Camera's

You have to specify ports in chain and in action too like below: ip firewall nat add chain=dstnat dst-address=XXX.XXX.XXX.XXX dst-port=81 action=dst-nat to-addresses=172.xxx.xxx.xxx to-ports=81 XXX.XXX.XXX.XXX your router public IP Retype this for all ports. Don't forget that ports should be open on...
by ingdaka
Wed Jun 27, 2018 10:04 pm
Forum: General
Topic: lost basebox 5 licence
Replies: 4
Views: 655

Re: lost basebox 5 licence

Basebox AC has been released with 6.x version of RouterOS, you can downgrade it to 5.x, just use netinstall again and install 6.x version on it and license will be restored.
by ingdaka
Tue Jun 26, 2018 9:16 am
Forum: Wireless Networking
Topic: wAP LTE kit - phenomenally bad performance
Replies: 20
Views: 3559

Re: wAP LTE kit - phenomenally bad performance

You use Mikrotik on HSDPA and your phone at 4G and you are waiting the same speed?
by ingdaka
Tue Jun 26, 2018 9:05 am
Forum: Beginner Basics
Topic: Vlans ,PPOE and external Radius Server
Replies: 3
Views: 439

Re: Vlans ,PPOE and external Radius Server

You have to use ACL between VLAN-s
by ingdaka
Tue Jun 26, 2018 8:56 am
Forum: Wireless Networking
Topic: Mikrotik wi-fi and Iphone = problem
Replies: 69
Views: 44992

Re: Mikrotik wi-fi and Iphone = problem

Set Wireless Protocol to Any or 802.11, don't leave it unspecified!
by ingdaka
Tue Jun 26, 2018 8:53 am
Forum: Beginner Basics
Topic: Port forwarding on 2 routers
Replies: 10
Views: 1136

Re: Port forwarding on 2 routers

At WAN Router you cant put wan interface in dst-nat role, you need your WAN Public IP Address
by ingdaka
Fri Jun 22, 2018 9:33 am
Forum: Beginner Basics
Topic: wlan interfaces not running
Replies: 8
Views: 1638

Re: wlan interfaces not running

You can enable interface but you will not see running state until at most one device is connected to your wifi
by ingdaka
Fri Jun 08, 2018 8:38 am
Forum: Announcements
Topic: VPNfilter official statement
Replies: 191
Views: 77477

Re: VPNfilter official statement

Full list of affected RouterBoards since now: MIKROTIK DEVICES: CCR1009 (new) CCR1016 CCR1036 CCR1072 CRS109 (new) CRS112 (new) CRS125 (new) RB411 (new) RB450 (new) RB750 (new) RB911 (new) RB921 (new) RB941 (new) RB951 (new) RB952 (new) RB960 (new) RB962 (new) RB1100 (new) RB1200 (new) RB2011 (new) ...
by ingdaka
Thu Jun 07, 2018 2:06 pm
Forum: Beginner Basics
Topic: L2TP/IPSEC server configuration questions
Replies: 6
Views: 810

Re: L2TP/IPSEC server configuration questions

It show 0 counter because Port 500 and IPSec-ESP is the same thing, so you get counter to first role because it has more priority!
by ingdaka
Thu Jun 07, 2018 1:40 pm
Forum: Wireless Networking
Topic: Suggested CAPsMAN Hardware
Replies: 11
Views: 1342

Re: Suggested CAPsMAN Hardware

I will suggest you https://mikrotik.com/product/RB750Gr3
RB750Gr3
by ingdaka
Sat May 26, 2018 9:09 am
Forum: Beginner Basics
Topic: How to block IP-range
Replies: 8
Views: 6475

Re: How to block IP-range

ip firewall filter add chain=input src-port=8282 action=drop ip firewall filter add chain=forward src-port=8282 action=drop ip firewall filter add chain=input dst-port=8282 action=drop ip firewall filter add chain=forward dst-port=8282 action=drop with those roles no one can communicate in your netw...
by ingdaka
Wed May 23, 2018 9:45 pm
Forum: General
Topic: VPN - Will my setup work? Same subnet on both ends
Replies: 6
Views: 786

Re: VPN - Will my setup work? Same subnet on both ends

On MAC it will work just check: Open Network Configurations > Click VPN interface Created > Advanced > Check Send All Traffic Over VPN Connection. I use more than 10 VPN like that for my remote clients and it works perfect!
by ingdaka
Sun May 20, 2018 4:21 pm
Forum: General
Topic: VPN - Will my setup work? Same subnet on both ends
Replies: 6
Views: 786

Re: VPN - Will my setup work? Same subnet on both ends

Sure it will work! Just you need to set your VPN interface as default gateway so all traffic will go through VPN!
by ingdaka
Sat May 19, 2018 11:32 pm
Forum: Beginner Basics
Topic: Assign Public Ip to ppp client.
Replies: 2
Views: 387

Re: Assign Public Ip to ppp client.

There is another way! Set Ether1 and Ether2 ARP as proxy-arp. Then when you create a ppp user config manually local ip that is your LAN subnet and Remote Public IP that you want to assign to client. https://image.ibb.co/jTG438/Screen_Shot_2018_05_19_at_22_23_56.png https://image.ibb.co/csFxO8/Screen...
by ingdaka
Sat May 19, 2018 11:15 pm
Forum: General
Topic: Mikrotik RB3011
Replies: 4
Views: 550

Re: Mikrotik RB3011

As the CPU is at hight usage you have to check who is using it and then to search for a solution. Please go to Tools>Profile, set CPU at all and click start. There you can check who is using cpu resources, post a result here!
by ingdaka
Sat Apr 28, 2018 6:34 pm
Forum: General
Topic: Local Mail server configuration Incoming Mails and Outgoing Emails
Replies: 2
Views: 362

Re: Local Mail server configuration Incoming Mails and Outgoing Emails

Full NAT: (DMZ) ip firewall nat add chain=dstnat dst-address=xxx.xxx.xxx.xxx action=dst-nat to-addresses=192.168.1.50 ip firewall nat add chain=srcnat src-address=192.168.1.50 action=src-nat to-addresses=xxx.xxx.xxx.xxx This will make full one-to-one NAT and will forward all WAN traffic to Server. B...
by ingdaka
Sat Apr 28, 2018 6:15 pm
Forum: Beginner Basics
Topic: VPN client acces to LAN pc
Replies: 6
Views: 1472

Re: VPN client acces to LAN pc

Thats happens because by default Windows does not pass all traffic from VPN interface. You need to set it up manually https://seed4.me/blog/send-all-traffic-over-vpn-windows/ So when you ping 10.10.10.1 traffic go from VPN interface, when you ping 192.168.1.0/24 it go from LAN Interface Default Gate...
by ingdaka
Sat Apr 28, 2018 6:06 pm
Forum: Beginner Basics
Topic: HELP Firewall Rules
Replies: 9
Views: 809

Re: HELP Firewall Rules

I will suggest you an other thing, remove firewall roles from switch, because switches get more CPU usage form firewall roles!
by ingdaka
Sat Apr 28, 2018 12:41 pm
Forum: General
Topic: L2TP is disconnect after every 8 hours
Replies: 47
Views: 7155

Re: L2TP is disconnect after every 8 hours

All of you: can you tell us what version of ROS you have, need to see if you are at same version, maybe there is a bug with!
by ingdaka
Sat Apr 28, 2018 12:29 pm
Forum: RouterBOARD hardware
Topic: Copper link longer than 100 meters
Replies: 16
Views: 1742

Re: Copper link longer than 100 meters

In my practice up to 100m will work fine, longer than this you will have problems. I have reached max of 200m with cat6 SFTP cable and need to force connection to 10M on both sides! So in my opinion don't use cable in more than 100m.
by ingdaka
Thu Apr 26, 2018 10:52 pm
Forum: Beginner Basics
Topic: Remote sites on same Net
Replies: 5
Views: 482

Re: Remote sites on same Net

In my opinion is better to use another VPN tunnel used by mikrotik, IPIP, this is more easy because IPIP interfaces can be bridged even that they are in different places with different WAN IP, you can use the same LAN subnet for ALL devices!
by ingdaka
Wed Apr 25, 2018 6:52 pm
Forum: Beginner Basics
Topic: Port forwarding - please help !
Replies: 29
Views: 2026

Re: Port forwarding - please help !

ip firewall nat add chain=dstnat dst-address=32.32.32.32 protocol=tcp dst-port=1111 action=dst-nat to-addresses=192.168.0.
10 to-ports=1111
Just Apply And All is OK
by ingdaka
Fri Apr 13, 2018 9:32 am
Forum: Beginner Basics
Topic: Queue Types
Replies: 12
Views: 1580

Re: Queue Types

Hello all,
That was because default-small queue type can accept just 10 packet per second! Is by default!
Regards
by ingdaka
Thu Apr 12, 2018 7:31 pm
Forum: Beginner Basics
Topic: Static IP to Client over PPPOE
Replies: 7
Views: 1432

Re: Static IP to Client over PPPOE

Hello, you have to set ARP to WAN interface of your router as ARP-PROXY so ISP router will know MAC of your client CPE. I have the same thing with /27 Public Subnet and works perfectly!
Regards!
by ingdaka
Thu Apr 12, 2018 12:08 am
Forum: Beginner Basics
Topic: Managing routers in different VLANS [SOLVED]
Replies: 3
Views: 374

Re: Managing routers in different VLANS [SOLVED]

If you do not have any access list to block access from one VLAN to another one, you can access them directly because all subnets will create a route because are connected one!