Community discussions

MikroTik App

Search found 379 matches

  • 1
  • 2
by ingdaka
Mon Oct 19, 2020 8:09 pm
Forum: General
Topic: Unknown traffic source
Replies: 6
Views: 199

Re: Unknown traffic source

There is not much information but in normal cases if this interface is UPLink there might be an attack in your router! If you have an public IP, on IP Settings check TCP-SYN Cookies. Also check if you have DNS Allow Remote Request checked!
by ingdaka
Sun Oct 11, 2020 9:49 pm
Forum: General
Topic: PPPOE problems
Replies: 3
Views: 243

Re: PPPOE problems

on your router terminal type
export hide-sensitive
and paste result here
by ingdaka
Fri Oct 02, 2020 1:39 am
Forum: The Dude
Topic: Dude on RB450G (mipsbe) ?
Replies: 1
Views: 162

Re: Dude on RB450G (mipsbe) ?

You should choose another one! There will not be any dude package for this architecture of processors!
by ingdaka
Tue Sep 22, 2020 9:52 pm
Forum: General
Topic: PPPoE creation and PPPoE scan
Replies: 7
Views: 412

Re: PPPoE creation and PPPoE scan

What is the reason that you are creating more than one PPPoE Server in the same interface! There is no logical reason for me, however you will see only the one because he has priority and is in the same L2 Broadcast Domain!
by ingdaka
Sun Sep 20, 2020 3:57 pm
Forum: RouterBOARD hardware
Topic: RB1100AHx2
Replies: 1
Views: 366

Re: RB1100AHx2

PoE does not have total full power to work with FAN-s!
by ingdaka
Sat Sep 19, 2020 8:18 pm
Forum: Beginner Basics
Topic: DHCP Server is showing red
Replies: 4
Views: 213

Re: DHCP Server is showing red

Error is because by default WLAN interface shows down when nobody is connected! That's why dhcp-server show in red because is configured in a down interface
by ingdaka
Fri Sep 18, 2020 5:38 pm
Forum: Beginner Basics
Topic: configuration
Replies: 1
Views: 155

Re: configuration

Then just create firewall filter rules lets say block vlan-x to access vlan-y
ip firewall filter add chain=input in-interface=vlan-x out-interface=vlan-y action=drop
by ingdaka
Thu Sep 17, 2020 5:37 pm
Forum: General
Topic: Best way to block sites. [SOLVED]
Replies: 2
Views: 340

Re: Best way to block sites. [SOLVED]

best way is to add hosts do STATIC DNS Cashe and redirect requests to router! This will not use your processor power!
by ingdaka
Thu Sep 17, 2020 2:33 pm
Forum: General
Topic: SRC-NAT With IP Pool without configure IP on WAN Interface
Replies: 4
Views: 204

Re: SRC-NAT With IP Pool without configure IP on WAN Interface

Already tried this, but does not work!
I've done this when I set a Public IP to a PPPoE user, but i my case I want to just NAT and MASK my IP with a different one from my Router IP!
by ingdaka
Thu Sep 17, 2020 1:34 pm
Forum: General
Topic: SRC-NAT With IP Pool without configure IP on WAN Interface
Replies: 4
Views: 204

SRC-NAT With IP Pool without configure IP on WAN Interface

Hello! I have a task that I've done many times in other vendors. Tried on Mikrotik but not working (maybe something is missing in my configs) I have a Public Pool 45.XX.YY.ZZ/24 45.XX.YY.1/24 is configured ISP Router as my gateway 45.XX.YY.2/24 is configured in my router I want to configure all my u...
by ingdaka
Sat Sep 12, 2020 3:15 pm
Forum: General
Topic: Single PPPoE account used on Multiple Routers
Replies: 3
Views: 203

Re: Single PPPoE account used on Multiple Routers

Go to PPP Profiles and check profile that you use when you create secrets and modify it!
Also on PPPoE Server you have ONE SESSION PER HOST
by ingdaka
Mon Sep 07, 2020 11:06 am
Forum: General
Topic: 2 BRAS With Same IP pool LIST
Replies: 7
Views: 1130

Re: 2 BRAS With Same IP pool LIST

How Increase PoD For vlan 100 Example By switch ??? Please Share me Solution
PADo is option that you can set on PPPoE Server Service in MIkrotik not in Switch!
by ingdaka
Mon Sep 07, 2020 10:46 am
Forum: General
Topic: one cable two wireless ISP
Replies: 13
Views: 717

Re: one cable two wireless ISP

In this case you should place an managed switch to dishes! And setup every in port in switch from dish(es), as VLAN access, 3 different VLAN-s and setup port that connect to mikrotik as trunk. Then on mikrotik you create 3 vlan subinterfaces and then you have 3 "WAN" interfaces!
by ingdaka
Fri Aug 28, 2020 9:23 pm
Forum: General
Topic: TLS problem with this forum since a few hours.
Replies: 14
Views: 691

Re: TLS problem with this forum since a few hours.

Me to, happens when you try function "post"
by ingdaka
Mon Aug 24, 2020 10:22 pm
Forum: General
Topic: CRS-112-8G-4S high cpu, dhcp
Replies: 3
Views: 192

Re: CRS-112-8G-4S high cpu, dhcp

CRS is a switch not a router! In this case about those dhcp assignment you should check physical connection of this device
by ingdaka
Fri Aug 21, 2020 10:58 pm
Forum: Beginner Basics
Topic: L2TP to specific port on switch?
Replies: 1
Views: 211

Re: L2TP to specific port on switch?

To dhcp leases of your mikrotik make your PC MAC bind to IP and your computer will get same IP every time! Then use mangle to mark traffic from src-ip (your computer IP) and route it through VPN
by ingdaka
Tue Aug 11, 2020 11:30 pm
Forum: RouterBOARD hardware
Topic: Mikrotik CCR2004 B/W Capacity
Replies: 7
Views: 1950

Re: Mikrotik CCR2004 B/W Capacity

Yes, and those 4 cores are a *LOT* more powerful than the ones in the CCR1009. The CCR2004 has close to 3 times the forwarding performance of the 1009. That may not entirely map into a 3 times lowering of the CPU load of the OP, but the CCR2004 will no doubt be a step up. Yes but he is talking as P...
by ingdaka
Tue Aug 11, 2020 10:14 pm
Forum: RouterBOARD hardware
Topic: Mikrotik CCR2004 B/W Capacity
Replies: 7
Views: 1950

Re: Mikrotik CCR2004 B/W Capacity

No! 1009 has 9 cores and 2004 just 4 Cores!
by ingdaka
Tue Aug 11, 2020 8:57 pm
Forum: General
Topic: PPTP Routing issues.
Replies: 1
Views: 507

Re: PPTP Routing issues.

Check both bridges to have arp=proxy-arp
by ingdaka
Thu Aug 06, 2020 11:58 pm
Forum: General
Topic: l2tp VPN routing issue
Replies: 2
Views: 716

Re: l2tp VPN routing issue

Need to know config of both routers to check it
by ingdaka
Sun Aug 02, 2020 12:38 am
Forum: General
Topic: Routing problem with Public IP subnets
Replies: 8
Views: 1851

Re: Routing problem with Public IP subnets

First of all you should make interfaces as arp=proxy-arp, next one you should exclude those IP from NAT
by ingdaka
Sat Aug 01, 2020 11:17 pm
Forum: General
Topic: IPSEC tunnels with failover
Replies: 5
Views: 1194

Re: IPSEC tunnels with failover

I've done this with 2 EoIP tunnels between sites and both EoIP interfaces in a Bond with RR, work's like a charm since 2 years for 14 sites.
by ingdaka
Thu Jul 30, 2020 2:15 am
Forum: Beginner Basics
Topic: interconnection between several networks in the same mikrotik
Replies: 9
Views: 1488

Re: interconnection between several networks in the same mikrotik

By default if you don't have any rules on firewall they will communicate to each other without problems
by ingdaka
Thu Jul 30, 2020 2:10 am
Forum: Virtualization
Topic: WIreless interface detected as ethernet interface
Replies: 3
Views: 780

Re: WIreless interface detected as ethernet interface

Everything that you will do in virtualization will be the same situation because software that you use to virtualize will do as ethernet
by ingdaka
Thu Jul 30, 2020 2:06 am
Forum: RouterOS v7 BETA
Topic: issue with pppoe
Replies: 2
Views: 640

Re: issue with pppoe

Please set interfaces arp=proxy-arp
by ingdaka
Thu Jul 30, 2020 1:57 am
Forum: General
Topic: IPsec VPN between Mikrotik and Fortigate
Replies: 8
Views: 1636

Re: IPsec VPN between Mikrotik and Fortigate

First of all! Upgrade both routers with latest firmware
by ingdaka
Sun Jul 19, 2020 1:33 am
Forum: General
Topic: BGP - 1072
Replies: 5
Views: 1537

Re: BGP - 1072

Tools > profile to find which process is using the CPU
by ingdaka
Wed Jul 15, 2020 9:38 pm
Forum: General
Topic: AP Openwrt managed by Mikrotik routeros
Replies: 4
Views: 1093

Re: AP Openwrt managed by Mikrotik routeros

UBNT devices are not supported by RouterOS, only think that you can do is to install them back AirOS and then to manage them with UNMS and Unifi Controller
by ingdaka
Tue Jul 14, 2020 11:10 pm
Forum: General
Topic: AP Openwrt managed by Mikrotik routeros
Replies: 4
Views: 1093

Re: AP Openwrt managed by Mikrotik routeros

Captive portal can be aranged by mikrotik, but none of MT Devices cannot be a controller for OpenWRT.
by ingdaka
Fri Jul 03, 2020 8:01 pm
Forum: General
Topic: PPPoE setup on a WISP network
Replies: 4
Views: 935

Re: PPPoE setup on a WISP network

You can setup ether3 also as PPPoE server. You AP-s should be configured as bridge! And Client CPE as pppoe client
by ingdaka
Thu Jul 02, 2020 11:40 pm
Forum: Beginner Basics
Topic: increase throughput by linking 100mbps ports [SOLVED]
Replies: 4
Views: 994

Re: increase throughput by linking 100mbps ports [SOLVED]

Yes you can use bonding to do this! But even if you do this you will not get never more thane 100Mbps in WiFi of hAP AC Lite
by ingdaka
Mon Jun 29, 2020 8:40 pm
Forum: Announcements
Topic: MUM EUROPE AND OTHER UPCOMING EVENTS - POSTPONED!
Replies: 43
Views: 79644

Re: MUM EUROPE AND OTHER UPCOMING EVENTS - POSTPONED!

What will be the next products of hap ac^2 ?? :)
Have you seen this one
https://mikrotik.com/product/hap_ac3_lte6_kit
by ingdaka
Thu Jun 25, 2020 1:28 am
Forum: General
Topic: PPPoE Server - NTP and DNS passthrough [SOLVED]
Replies: 6
Views: 1624

Re: PPPoE Server - NTP and DNS passthrough [SOLVED]

As CRS112-8G-4S-IN is a switch with some L3 capabilities it is not recommended to be configured as BRAS
by ingdaka
Wed Jun 24, 2020 12:12 am
Forum: General
Topic: failed to add arp entry for IP 192.168.0.86: already have such arp (6)
Replies: 2
Views: 588

Re: failed to add arp entry for IP 192.168.0.86: already have such arp (6)

Looks like you ARP table is full and age is set to a longer time! See it in IP > ARP
by ingdaka
Tue Jun 16, 2020 5:37 pm
Forum: Wireless Networking
Topic: reset the password
Replies: 4
Views: 1321

Re: reset the password

Just hardware reset or netinstall, both ways will destroy all configurations!
by ingdaka
Tue Jun 16, 2020 5:36 pm
Forum: General
Topic: RB1100Dx4, best practice setting up VLAN
Replies: 4
Views: 1063

Re: RB1100Dx4, best practice setting up VLAN

You cannot use switch on this model because it has 3 Switch chips, Switch1 Port 1-5, Switch2 Port 6-10, Switch 3 Port 11-13, and if you will use switch ports between different switches will not communicate between each-other. You have to use Bridge!
by ingdaka
Tue Jun 16, 2020 5:26 pm
Forum: Wireless Networking
Topic: reset the password
Replies: 4
Views: 1321

Re: reset the password

If you don't have access on router there is no way!
by ingdaka
Tue Jun 09, 2020 8:46 pm
Forum: General
Topic: routing problem
Replies: 1
Views: 447

Re: routing problem

All mange rules make dst !LAN
by ingdaka
Tue Jun 09, 2020 8:42 pm
Forum: The User Manager
Topic: Reset User Password
Replies: 3
Views: 1134

Re: Reset User Password

You can't without reset!
by ingdaka
Sat Jun 06, 2020 5:48 pm
Forum: General
Topic: BGP Questions
Replies: 14
Views: 1937

Re: BGP Questions

As mbovenka has noticed then you will need https://mikrotik.com/product/ccr2004_1g_12s_2xs, but if is to much traffic you will need a bigger one!
by ingdaka
Sat Jun 06, 2020 12:59 pm
Forum: General
Topic: BGP Questions
Replies: 14
Views: 1937

Re: BGP Questions

Never use a switch as router...
Use a router depend on traffic you can use HEX or CCR1009! Default route just need to be advertised from ISP
by ingdaka
Thu Jun 04, 2020 7:30 pm
Forum: Beginner Basics
Topic: how can I route between my eth.n ports?
Replies: 2
Views: 638

Re: how can I route between my eth.n ports?

On terminal type: export hide-sensitive
and paste all output here
by ingdaka
Mon Jun 01, 2020 7:19 pm
Forum: Beginner Basics
Topic: Problem with ethernet speed Gigabit - 962UiGS-5HacT2HnT
Replies: 8
Views: 1346

Re: Problem with ethernet speed Gigabit - 962UiGS-5HacT2HnT

Can you check CPU usage at time that you are making that traffic?
by ingdaka
Sun May 31, 2020 3:59 pm
Forum: Scripting
Topic: SMS forwarding to Telegram
Replies: 1
Views: 606

Re: SMS forwarding to Telegram

Check 2 last videos of this awesome guy:

https://www.youtube.com/user/edemiriblog/videos
by ingdaka
Sun May 31, 2020 12:18 am
Forum: General
Topic: PPPoE server maximum performance.
Replies: 5
Views: 1240

Re: PPPoE server maximum performance.

I have a CCR1036 as PPPoE Server and actually has about 900 active PPPoE clients and more than 1.5Gbps traffic with less than 10% of processor usage!
by ingdaka
Tue May 26, 2020 7:44 pm
Forum: General
Topic: PPOE ( terminating... - peer is not responding )
Replies: 2
Views: 656

Re: PPOE ( terminating... - peer is not responding )

1. May be a problem with physical line!
2. RB1100AHx2 is pretty old device and I don't know if he can handle more than 150 PPP Sessions!
by ingdaka
Wed May 20, 2020 8:39 pm
Forum: General
Topic: CAN'T CONNECT TO SOPHOS FIREWALL THROUGH MY MIKROTIK
Replies: 8
Views: 1530

Re: CAN'T CONNECT TO SOPHOS FIREWALL THROUGH MY MIKROTIK

Please check PPPoE server profile for TCP MSS which option is checked
by ingdaka
Sun May 17, 2020 5:52 pm
Forum: Beginner Basics
Topic: Access a device Mikrotik
Replies: 4
Views: 1158

Re: Access a device Mikrotik

You should have a L2 broadcast domain to every device to have this possibility! Example: In my company I use VLAN "xxx" which is configured in every device, when I need this just connect my laptop in a switch port that is configured access to this VLAN!
by ingdaka
Sun May 17, 2020 5:40 pm
Forum: Beginner Basics
Topic: Joining 2 networks
Replies: 19
Views: 2470

Re: Joining 2 networks

First of all are those 2 "modems" Mikrotik Routers?
Can they connected together physically of not?
by ingdaka
Fri May 15, 2020 9:16 pm
Forum: General
Topic: Customising RouterOS version of Mikrotik Devices
Replies: 1
Views: 629

Re: Customising RouterOS version of Mikrotik Devices

To modify a NPK??? Is like mikrotik to give you the source code!
by ingdaka
Fri May 15, 2020 9:12 pm
Forum: RouterOS v7 BETA
Topic: mangle and routing-mark can not work for RouterOS v7
Replies: 9
Views: 3259

Re: mangle and routing-mark can not work for RouterOS v7

As it is in beta use it only in test environments so you can wait as long as it takes to be released. Don't use it in production environment.
by ingdaka
Sun May 03, 2020 11:53 pm
Forum: General
Topic: Online Mikrotik exams
Replies: 1
Views: 708

Re: Online Mikrotik exams

Still now, there is no info about that
by ingdaka
Sun May 03, 2020 11:50 pm
Forum: Forwarding Protocols
Topic: BGP advertise smaller prefix than /24 [SOLVED]
Replies: 7
Views: 3348

Re: BGP advertise smaller prefix than /24 [SOLVED]

Yes BGP as a routing protocol allows it, but RIR-s policies does not want it, so approximately all Internet Providers don't accept smaller than /24 from their downstream providers because they need to do summary in their network and nobody want some extra work for this!
by ingdaka
Sat May 02, 2020 3:48 pm
Forum: Beginner Basics
Topic: Internet on mikrotik router
Replies: 8
Views: 1495

Re: Internet on mikrotik router

1.Which on is the best and why? - PPPoE on Mikrotik, because you just remove 1 NAT in your Modem! 2. Which one is more secure? - PPPoE on modem and mikrotik with DHCP Client on connection port with modem, act as DMZ router and "WAN" dynamic IP 3. When pppoe is on mikrotik, does it have effect on per...
by ingdaka
Sat May 02, 2020 3:45 pm
Forum: Beginner Basics
Topic: Inter Vlan Routing
Replies: 27
Views: 4215

Re: Inter Vlan Routing

These switches can do it if you start them with routerOS not SwitchOS as they are dual boot!

But if we are talking to performance, they are switches not routers! They will not handle more then 1G in fast path routing!
by ingdaka
Fri May 01, 2020 3:25 pm
Forum: RouterBOARD hardware
Topic: Audible Alarm on disconnect
Replies: 4
Views: 1362

Re: Audible Alarm on disconnect

No, there is not any way!
by ingdaka
Tue Apr 28, 2020 9:44 pm
Forum: Virtualization
Topic: License rent for CHR
Replies: 8
Views: 1961

Re: License rent for CHR

they are only perpetual!
by ingdaka
Sun Apr 26, 2020 4:54 pm
Forum: General
Topic: CCR 1016 6.45.8 LTS / 6.46.5 Stable packages update error / fail
Replies: 2
Views: 770

Re: CCR 1016 6.45.8 LTS / 6.46.5 Stable packages update error / fail

Update packages fail with log error "can not install routeros-arm-6.44.1: it is not made for tile, but for arm" with "Long Term" channel. Actual versions / packages: dude 6.44.1 ntp 6.44.1 routeros-tile 6.44.1 Current firmware: 6.44.1 Model: CCR1016-12G After trying "Long Term" channel, i tried "St...
by ingdaka
Sun Apr 26, 2020 4:11 pm
Forum: The User Manager
Topic: I want the total code
Replies: 3
Views: 1814

Re: I want the total code

Can you explain more clear of your problem/request?
by ingdaka
Sat Apr 25, 2020 11:47 pm
Forum: Beginner Basics
Topic: parental control
Replies: 5
Views: 1512

Re: parental control

Just use 1.1.1.3 and 1.0.0.3 as your DNS and you will have block malware and adult sites!
by ingdaka
Sat Apr 25, 2020 3:03 pm
Forum: Forwarding Protocols
Topic: BGP advertise smaller prefix than /24 [SOLVED]
Replies: 7
Views: 3348

Re: BGP advertise smaller prefix than /24 [SOLVED]

BGP not allow to announce /24 to provider over eBGP but if you are in your network with iBGP you can do it!
by ingdaka
Sat Apr 25, 2020 2:48 pm
Forum: Beginner Basics
Topic: Multi Pools on DHCP Server
Replies: 2
Views: 969

Re: Multi Pools on DHCP Server

Yes for sure tested and running!
by ingdaka
Wed Apr 22, 2020 7:25 pm
Forum: Beginner Basics
Topic: Setting up /29 over /30 [SOLVED]
Replies: 7
Views: 2496

Re: Setting up /29 over /30 [SOLVED]

Yes is because of NAT! In nat roule specify src-address and will be OK, i think!

For better you should export your config and post it here!
by ingdaka
Tue Apr 21, 2020 1:02 am
Forum: General
Topic: 16 ports
Replies: 5
Views: 1450

Re: 16 ports

You need a switch or a router?
by ingdaka
Tue Apr 21, 2020 12:55 am
Forum: General
Topic: SNMP traffic - cpu load3
Replies: 1
Views: 795

Re: SNMP traffic - cpu load3

I use SNMP monitoring on my network with more than 100 RB, usage change is not more than 0.5%
by ingdaka
Tue Apr 21, 2020 12:48 am
Forum: RouterOS v7 BETA
Topic: RB CCR1072 block
Replies: 2
Views: 1445

Re: RB CCR1072 block

What do you mean BLOCK?
by ingdaka
Thu Apr 16, 2020 5:55 pm
Forum: Beginner Basics
Topic: Wisp Monitoring
Replies: 4
Views: 1600

Re: Wisp Monitoring

Use any SNMP application! I use Observium, also LibreNMS is a option!
by ingdaka
Thu Apr 16, 2020 1:02 pm
Forum: General
Topic: pppoe connection was already active closing previous one [SOLVED]
Replies: 15
Views: 12683

Re: pppoe connection was already active closing previous one [SOLVED]

There are some modems and ONU that have more than 1 configuring virtual interface on WAN, be sure not is this! Faced this in many of small ISP here in my county!
by ingdaka
Thu Apr 16, 2020 12:55 pm
Forum: General
Topic: Any ROS updates anymore?
Replies: 4
Views: 1584

Re: Any ROS updates anymore?

Everything needed is supported for this situation remote work! As we need to stay at home and safe, Mikrotik guys need it too!
Respect for all Mikrotik staff, be SAFE GUYS!
by ingdaka
Thu Apr 16, 2020 12:47 pm
Forum: The User Manager
Topic: Hotspot with and without radius server difference
Replies: 2
Views: 1753

Re: Hotspot with and without radius server difference

Also you open users in radius not in Mikrotik, and you will have an accounting history in radius!
by ingdaka
Thu Apr 16, 2020 12:44 pm
Forum: Beginner Basics
Topic: Port forwarding issue
Replies: 6
Views: 1646

Re: Port forwarding issue

add action=accept chain=forward dst-port=222 protocol=tcp - Should be chain=input not forward
add action=netmap chain=dstnat dst-port=222 in-interface-list=WAN log=yes protocol=tcp to-addresses=192.168.1.33 to-ports=22 - action dst-nat, not netmap
by ingdaka
Thu Apr 16, 2020 1:20 am
Forum: General
Topic: Authentication & Accounting interim-update=5m
Replies: 2
Views: 1298

Re: Authentication & Accounting interim-update=5m

You just set time in hh/mm/ss which set interval that router send accounting updates to radius server!
by ingdaka
Wed Apr 15, 2020 2:08 pm
Forum: General
Topic: Rb4011 Licence level 5 but 507 active pppoe tunnel
Replies: 2
Views: 1088

Re: Rb4011 Licence level 5 but 507 active pppoe tunnel

Are those all PPPoE or some of them are PPTP or L2TP?
by ingdaka
Wed Apr 15, 2020 2:02 pm
Forum: RouterBOARD hardware
Topic: CCR1009 temperature sensor issue
Replies: 11
Views: 3896

Re: CCR1009 temperature sensor issue

@SNITE @littledpurple what aplications do you use for SNMP Monitoring?
by ingdaka
Wed Apr 15, 2020 1:55 pm
Forum: RouterBOARD hardware
Topic: CCR1009 temperature sensor issue
Replies: 11
Views: 3896

Re: CCR1009 temperature sensor issue

Looks like S+ version have this issue with device temp, because Processor Temp is OK, I have 2 of them:
1. CCR1009-7G-1C - Never seen this.
2. CCR1009-7G-1C-1S+
Image
by ingdaka
Tue Apr 14, 2020 7:30 pm
Forum: General
Topic: ccr1036-8g-2s+ high CPU temperature [SOLVED]
Replies: 7
Views: 3001

Re: ccr1036-8g-2s+ high CPU temperature [SOLVED]

Better to have some ventilation!
by ingdaka
Tue Apr 14, 2020 7:27 pm
Forum: Beginner Basics
Topic: to instal backup to another router
Replies: 12
Views: 2698

Re: to instal backup to another router

No better is to export config in txt... (terminal / export) and then apply step by step to new router!
by ingdaka
Tue Apr 14, 2020 3:48 pm
Forum: General
Topic: ccr1036-8g-2s+ high CPU temperature [SOLVED]
Replies: 7
Views: 3001

Re: ccr1036-8g-2s+ high CPU temperature [SOLVED]

Air temp 37 degree???? Seems you have it a road POP... This core devices are designed for Data Room.
by ingdaka
Mon Apr 13, 2020 1:51 pm
Forum: Beginner Basics
Topic: Graphing issue
Replies: 8
Views: 1466

Re: Graphing issue

Your firewall is blocking input connection from WAN to router! To enable it in best secured way, 1st go to IP>Services and change http port form 80 to any port, "i like 9090 or 9099" be sure it is enabled. 2nd add a new firewall rule, chain=input, dst-port= "port which you set on http service", acti...
by ingdaka
Fri Apr 10, 2020 5:10 pm
Forum: Forwarding Protocols
Topic: Which routerboard for BGP (to replace a Cisco router)
Replies: 6
Views: 2516

Re: Which routerboard for BGP (to replace a Cisco router)

If we are talking for the same as in start of this topic!
Each CCR will connect with eBGP to providers and iBGP between each-other and everything will be OK!
by ingdaka
Thu Apr 09, 2020 10:35 pm
Forum: General
Topic: Vlan Speed 100 mpbs
Replies: 5
Views: 1500

Re: Vlan Speed 100 mpbs

I have that one and if there are no security scan over different interface vlan it will handle that traffic without any problem!
by ingdaka
Thu Apr 09, 2020 10:30 pm
Forum: RouterBOARD hardware
Topic: hAP ac3 spotted at FCC
Replies: 23
Views: 7278

Re: hAP ac3 spotted at FCC

Doesn't make much difference witch LTE standard it has. Using LTE as home broadband is hideously expensive. I wouldn't say that! In Albania you can get an PON connection with 50Mbps/20Mbps (down/up) for about 15 EUR/month. But there is another that I have a LTE Sim Card with unlimited monthly traff...
by ingdaka
Thu Apr 09, 2020 5:48 pm
Forum: General
Topic: Vlan Speed 100 mpbs
Replies: 5
Views: 1500

Re: Vlan Speed 100 mpbs

That depend what model of Fortigate and configurations! For Mikrotik lower cost RB4011 or a CCR1009 is better!
by ingdaka
Thu Apr 09, 2020 3:35 pm
Forum: Wireless Networking
Topic: Mikrotik hap lite TC - Can it bridge or repeat wirelessly?
Replies: 3
Views: 1376

Re: Mikrotik hap lite TC - Can it bridge or repeat wirelessly?

Better check how to install winbox on mac!
1. reset router with no default config
2. Create a bridge
3. add all ports on bridge
4. config wireless interface as AP with whatever ssid and password you want
by ingdaka
Thu Apr 09, 2020 3:30 pm
Forum: Beginner Basics
Topic: Collecting daily/monthly usage stats?
Replies: 8
Views: 2906

Re: Collecting daily/monthly usage stats?

The interface menu retains total bytes/packets in/out for each interface. You can copy out the numbers on the first of each month than zero it for next month.
If router is not rebooted for all month :)
by ingdaka
Thu Apr 09, 2020 3:26 pm
Forum: Beginner Basics
Topic: Mikrotik Load Balancing issue
Replies: 1
Views: 1140

Re: Mikrotik Load Balancing issue

You can't do nothing! Client server downloading use just one of routes, is an established connection from 1 path, if it fail connection is dropped cannot continue from other path because is another source IP that is requesting on server!
by ingdaka
Thu Apr 09, 2020 3:15 pm
Forum: General
Topic: Vlan Speed 100 mpbs
Replies: 5
Views: 1500

Re: Vlan Speed 100 mpbs

Even that you don't have firewall rules this is normal! CRS is a switch not a router!
by ingdaka
Mon Apr 06, 2020 12:30 am
Forum: General
Topic: ETHERNET SCHEDULE
Replies: 5
Views: 1457

Re: ETHERNET SCHEDULE

This will disable Ether5 everyday at 13:00 /system scheduler add interval=1d name=schedule1 on-event="/interface disable ether5" policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon start-date=apr/05/2020 start-time=13:00:00 This will enable Ether5 everyday at 08:00 /system schedu...
by ingdaka
Thu Apr 02, 2020 12:29 am
Forum: General
Topic: RB750gr3 for 140mb WAN + 20 clients [SOLVED]
Replies: 10
Views: 3263

Re: RB750gr3 for 140mb WAN + 20 clients [SOLVED]

Tested with 50 computers, approximately 30 L2TP users and ~200Mbps Internet and no more than 20% of processor usage!
by ingdaka
Tue Mar 31, 2020 2:15 am
Forum: RouterBOARD hardware
Topic: Huawei SFP and Mikrotik Routerboard
Replies: 1
Views: 1864

Re: Huawei SFP and Mikrotik Routerboard

They are GPON SFP not normal SFP they don't work in point-to-point mode!
by ingdaka
Fri Mar 27, 2020 4:38 pm
Forum: General
Topic: IP streser atack prevent
Replies: 13
Views: 2294

Re: IP streser atack prevent

thy this add chain=input protocol=udp in-interface=ether1 connection-state=!established,related action=drop To use that then you are using connections which is most expenceive, in processor time. If you put that in filter then use it to add the source IP address to an address list which is used in ...
by ingdaka
Fri Mar 27, 2020 2:52 pm
Forum: Forwarding Protocols
Topic: Which routerboard for BGP (to replace a Cisco router)
Replies: 6
Views: 2516

Re: Which routerboard for BGP (to replace a Cisco router)

If we are talking about 2921 even a CCR1009 will do his job!
by ingdaka
Fri Mar 27, 2020 1:59 pm
Forum: Beginner Basics
Topic: Firewall - how to block traffic to the router from one interface, no matter what the destination IP is
Replies: 3
Views: 1233

Re: Firewall - how to block traffic to the router from one interface, no matter what the destination IP is

Maybe you where connected before and connection state was still established.... when time is over and connection is dropped you started a new connection and for sure it will be dropped!
by ingdaka
Fri Mar 27, 2020 1:51 pm
Forum: General
Topic: IP streser atack prevent
Replies: 13
Views: 2294

Re: IP streser atack prevent

thy this
add chain=input protocol=udp in-interface=ether1 connection-state=!established,related action=drop
by ingdaka
Fri Mar 27, 2020 1:43 pm
Forum: General
Topic: RB951N bug mikrotik DO DDOS attack
Replies: 2
Views: 982

Re: RB951N bug mikrotik DO DDOS attack

And as I can see from your pic seems that you (device connected to mikrotik) is attacking others with syn flood. Maybe one of devices has malware or is a botnet.
by ingdaka
Thu Mar 26, 2020 2:39 pm
Forum: General
Topic: L2TP Tunnel VLAN
Replies: 2
Views: 1291

Re: L2TP Tunnel VLAN

L2TP does not support VLAN
by ingdaka
Thu Mar 26, 2020 10:18 am
Forum: Wireless Networking
Topic: licenc ap mode
Replies: 5
Views: 1790

Re: licenc ap mode

L3 License is dedicated for CPE not WISP
by ingdaka
Mon Mar 23, 2020 12:09 am
Forum: Beginner Basics
Topic: Disable Interface at certain hours
Replies: 2
Views: 1324

Re: Disable Interface at certain hours

Disable /system scheduler add name=Disable-Eth6 start-date=mar/23/2020 start-time=08:00:00 interval=1d on-event="/interface disable ether6" Enable /system scheduler add name=Enable-Eth6 start-date=mar/23/2020 start-time=16:00:00 interval=1d on-event="/interface enable ether6" This will run everyday!...
by ingdaka
Sun Mar 22, 2020 3:59 pm
Forum: General
Topic: What will happen if i disable ppp accounting from PPP Authentication&Accounting
Replies: 2
Views: 919

Re: What will happen if i disable ppp accounting from PPP Authentication&Accounting

If you don't use radius, Nothing! But question is why you need to disable it?!
by ingdaka
Sun Mar 22, 2020 3:52 pm
Forum: Forwarding Protocols
Topic: Unable to See Routes
Replies: 2
Views: 1456

Re: Unable to See Routes

This has been confirmed as a bug in emails from Mikrotik support.

It will be fixed in v7.
by ingdaka
Sat Mar 21, 2020 11:38 pm
Forum: General
Topic: Winbox password recovery?
Replies: 6
Views: 1589

Re: Winbox password recovery?

Or open winbox > tools >export
then open .wbx file with notepad and all usernames/password are there in plain text
by ingdaka
Fri Mar 20, 2020 11:39 pm
Forum: General
Topic: Set PPP password expiration
Replies: 1
Views: 817

Re: Set PPP password expiration

No! Just if you use radius
by ingdaka
Fri Mar 13, 2020 11:56 pm
Forum: General
Topic: CCR1036-12G-4S NAT problem.
Replies: 1
Views: 884

Re: CCR1036-12G-4S NAT problem.

Can you give better description of the problem
by ingdaka
Thu Mar 12, 2020 12:21 am
Forum: Beginner Basics
Topic: Radius Accounting Request
Replies: 3
Views: 1609

Re: Radius Accounting Request

Do you have a radius server in your environment?
by ingdaka
Tue Mar 03, 2020 10:31 pm
Forum: General
Topic: RAM Support x86
Replies: 4
Views: 1814

Re: RAM Support x86

by ingdaka
Tue Mar 03, 2020 10:14 pm
Forum: Beginner Basics
Topic: Unable to configure Mikrotik SXT with Tenda(N301) [SOLVED]
Replies: 15
Views: 5096

Re: Unable to configure Mikrotik SXT with Tenda(N301) [SOLVED]

Is not an Mikrotik problem but an ISP configuration! 2 ways:
1st configure PPPoE Client on SXT and then configure tenda router as WAN DHCP Client!
2nd Configure Tenda router as PPPoE Client
by ingdaka
Sat Feb 29, 2020 11:59 pm
Forum: General
Topic: Loop between bridged vlans in several routers
Replies: 2
Views: 1333

Re: Loop between bridged vlans in several routers

I've faced this problem before but was one of my IT that connected 2 access vlan (different vlans) of the switch together!
by ingdaka
Fri Feb 28, 2020 8:21 pm
Forum: General
Topic: How is it revealed load balance
Replies: 2
Views: 1237

Re: How is it revealed load balance

What do you mean! With detection of loadbalance?
by ingdaka
Fri Feb 28, 2020 8:13 pm
Forum: General
Topic: RB4011 and RB1100 AHx4 "bricks" randomly
Replies: 156
Views: 31186

Re: RB4011 and RB1100 AHx4 "bricks" randomly

I have 3 of them and I've not faced this problem never! Uptime more than 1 year running without any problem with normal 700Mbps to 1G of traffic!
by ingdaka
Fri Feb 28, 2020 8:13 pm
Forum: General
Topic: RB1100AHx4 crash every 20 - 40 days [SOLVED]
Replies: 17
Views: 6205

Re: RB1100AHx4 crash every 20 - 40 days [SOLVED]

I have 3 of them and I've not faced this problem never! Uptime more than 1 year running without any problem with normal 700Mbps to 1G of traffic!
by ingdaka
Fri Feb 28, 2020 8:08 pm
Forum: General
Topic: How to hide src-nat rule but allow dst-rules in web skin?
Replies: 2
Views: 1296

Re: How to hide src-nat rule but allow dst-rules in web skin?

As you will give them access to firewall part you cannot do it!
by ingdaka
Fri Feb 28, 2020 9:44 am
Forum: Beginner Basics
Topic: rb1100ahx4 switch port isolation
Replies: 2
Views: 1642

Re: rb1100ahx4 switch port isolation

Hiow many VLAN do you have in ether1?
by ingdaka
Thu Feb 27, 2020 10:29 am
Forum: RouterOS v7 BETA
Topic: V7 modules missing, BGP and mpls missing, ipv6 always enabled.
Replies: 5
Views: 3151

Re: V7 modules missing, BGP and mpls missing, ipv6 always enabled.

As you can know V7 is in Beta testing and modules comes on each beta publish! There is no BGP yet and there are lot of other stuff missing! I don't see nothing strange here! https://mikrotik.com/download/changelogs/development-release-tree See all change logs on 7.0 beta 3 and there is confirmed tha...
by ingdaka
Thu Feb 27, 2020 9:27 am
Forum: General
Topic: public ip to local ip client
Replies: 1
Views: 1140

Re: public ip to local ip client

1st option is to make interfaces proxy-arp and then to assign those IP to users via PPPoE
2nd option is to make source nat:
ip firewall nat> add action=src-nat chain=srcnat src-address=192.168.0.6 to-addresses=213.212.xxx.62
And don't forget that this src-nat rule should be on top of all others!
by ingdaka
Wed Feb 26, 2020 9:27 am
Forum: General
Topic: Mikrotik OS 6.45.6 Hacked
Replies: 10
Views: 5777

Re: Mikrotik OS 6.45.6 Hacked

Like Strods wrote! This is an old script that is from old version of ROS. Also Do you use a master password for Winbox? If not then you should know that if you export addresses.wbx this is an unencrypted file that can be opened with notepad and to read all IP/username/passwords saved there!
by ingdaka
Mon Feb 24, 2020 6:14 pm
Forum: RouterBOARD hardware
Topic: Which CCR? Need Advice / Recommendation [SOLVED]
Replies: 22
Views: 9115

Re: Which CCR? Need Advice / Recommendation [SOLVED]

For 1G and IP address you need, 1009 is ok
by ingdaka
Sun Feb 23, 2020 12:13 am
Forum: General
Topic: interface is slave
Replies: 2
Views: 1163

Re: interface is slave

Because all ports form 2 to 8 and SFP+ and SFP are slave of a bridge, so you need to setup your dhcp server on bridge interface!
by ingdaka
Fri Feb 21, 2020 10:54 pm
Forum: RouterBOARD hardware
Topic: CCR1009 collision and loop
Replies: 7
Views: 3401

Re: CCR1009 collision and loop

You can use 172.16.0.0/24 range is allocated for private!
by ingdaka
Fri Feb 21, 2020 10:34 pm
Forum: RouterBOARD hardware
Topic: CCR1009 collision and loop
Replies: 7
Views: 3401

Re: CCR1009 collision and loop

add address=193.168.0.1/20 interface=WAN-OUT network=193.168.0.0

You cannot use 193.168.0.0/20 on your LAN as it is a public routed subnet not a Private allocated one!
by ingdaka
Fri Feb 21, 2020 10:25 pm
Forum: RouterBOARD hardware
Topic: Maximum ISP speed for CCR1016-12G
Replies: 1
Views: 2516

Re: Maximum ISP speed for CCR1016-12G

For sure it will!
https://mikrotik.com/product/CCR1016-12 ... estresults test results for this router!
by ingdaka
Fri Feb 21, 2020 10:24 pm
Forum: RouterBOARD hardware
Topic: correct hardware choice for expansion
Replies: 2
Views: 2730

Re: correct hardware choice for expansion

Maybe will cost many but I will suggest 1036!
by ingdaka
Fri Feb 21, 2020 10:15 pm
Forum: General
Topic: /to graph in Winbox :-(
Replies: 2
Views: 1075

Re: /to graph in Winbox :-(

Have you tried to open with winbox64
by ingdaka
Wed Feb 19, 2020 11:33 pm
Forum: General
Topic: PPPoE different IP after disconnect/connect
Replies: 3
Views: 1259

Re: PPPoE different IP after disconnect/connect

When a user disconnect and connect again in short time this is something that looks normal because of arp table age!
by ingdaka
Mon Feb 17, 2020 10:39 pm
Forum: General
Topic: Simple queue for PPPoE client with dynamic remote address [SOLVED]
Replies: 5
Views: 2059

Re: Simple queue for PPPoE client with dynamic remote address [SOLVED]

You can create them dynamic from PPPoE profiles! In profiles you set limits and on tab queue, 3rd option is queue type! So every time that a client will connect a dynamic queue will be created and when client disconnect queue will be removed!
by ingdaka
Sun Feb 16, 2020 12:00 am
Forum: General
Topic: WibBox 3.21 Resolution Problem
Replies: 1
Views: 1058

WibBox 3.21 Resolution Problem

There are problem with upgrade to WinBox Version 3.21. New Upgrades about HiDPI displays have problem to Logs! https://i.ibb.co/H4ygx4w/winbox3-21.jpg This is how logs are show in this version in a UHD display of 15 inch laptop! I need to zoom out to see them in very very small letters! Please fix t...
by ingdaka
Sat Feb 15, 2020 8:05 pm
Forum: Beginner Basics
Topic: Router os hardware [SOLVED]
Replies: 2
Views: 2490

Re: Router os hardware [SOLVED]

Octa core Xeon server, with 16 GB of RAM! Will be enough for your setup but just you need to find ports for network! Or I will suggest any of Mikrotik CCR 1036 Models!
by ingdaka
Mon Feb 10, 2020 10:07 pm
Forum: General
Topic: Report and Monitoring
Replies: 3
Views: 1023

Re: Report and Monitoring

I will suggest Observium! Easy to install and you can make customization as it is open source and php based! It works very well for me!
by ingdaka
Thu Feb 06, 2020 12:02 pm
Forum: General
Topic: Feature request: ask confirm for every operation
Replies: 9
Views: 1281

Re: Feature request: ask confirm for every operation

Don't do important work using your phone or with a baby on your arms...
by ingdaka
Wed Feb 05, 2020 11:08 am
Forum: General
Topic: Strange Speed Tests
Replies: 3
Views: 1402

Re: Strange Speed Tests

Make some tests with iPERF
by ingdaka
Wed Feb 05, 2020 10:25 am
Forum: General
Topic: Blocked external IP
Replies: 14
Views: 1694

Re: Blocked external IP

Try it with chain input!
by ingdaka
Mon Feb 03, 2020 11:52 pm
Forum: The User Manager
Topic: Hex RB750Gr3 Maximum active session limit for pppoe
Replies: 1
Views: 2853

Re: Hex RB750Gr3 Maximum active session limit for pppoe

200 Based on license!
by ingdaka
Mon Feb 03, 2020 11:45 pm
Forum: General
Topic: Hotspot Problem with Apple IOS
Replies: 5
Views: 1785

Re: Hotspot Problem with Apple IOS

I think that this should be asked to Apple Forum not Mikrotik! When Mikrotik works with all Android and Windows, ask Apple how their system process the packets in idle mode!
by ingdaka
Mon Feb 03, 2020 11:36 pm
Forum: General
Topic: hAP ac^2 performance drop
Replies: 6
Views: 1583

Re: hAP ac^2 performance drop

Already more than 50 pcs installed with last stable version 6.46.2 and all of them works good! Tested all of them and all CPU works!
by ingdaka
Mon Feb 03, 2020 11:08 pm
Forum: RouterBOARD hardware
Topic: Mikrotik rb3011 switch mode - is it possible?
Replies: 4
Views: 2808

Re: Mikrotik rb3011 switch mode - is it possible?

Depend what you want to reach with! Do you need vlan-s or not!
But in every case sure it can!
by ingdaka
Tue Jan 28, 2020 3:06 pm
Forum: General
Topic: Layer 2 tunnel via IPSEC/IKEv2
Replies: 2
Views: 721

Re: Layer 2 tunnel via IPSEC/IKEv2

If you need L2 Tunneling and all devices are Mikrotik user EoIP.
by ingdaka
Tue Jan 28, 2020 3:03 pm
Forum: Beginner Basics
Topic: hAP ac and PoE IP-camera
Replies: 14
Views: 2128

Re: hAP ac and PoE IP-camera

This device has PoE out just for other Mikrotik devices not standard PoE devices. Cameras need pure PoE, if you need this buy a PoE Switch!
by ingdaka
Sat Jan 25, 2020 2:11 am
Forum: Wireless Networking
Topic: trouble configuring wifi MikroTik RB962UiGS-5HacT2HnT
Replies: 1
Views: 1530

Re: trouble configuring wifi MikroTik RB962UiGS-5HacT2HnT

If you are connected in only 54 Mbps you are connected in 5GHz A mode! To test speed please use N/AC mode in 5GHz configuration also check security option use only WPA2 PSK, Aes-ccm chippers! Don't use TKIP chippers!
by ingdaka
Fri Jan 24, 2020 12:03 am
Forum: Beginner Basics
Topic: help please!!!!
Replies: 3
Views: 1692

Re: help please!!!!

Get a CCR 1009!
by ingdaka
Thu Jan 23, 2020 12:22 pm
Forum: Beginner Basics
Topic: Replacing current router
Replies: 2
Views: 916

Re: Replacing current router

This is not an difficult job! But if you don't have any experience! Then you can hire and Mikrotik consultant form List https://mikrotik.com/consultants to come on site or you can hire one to help with configuration from remote (more cheap i thing) and to explain what to do on-site just for physical...
by ingdaka
Thu Jan 23, 2020 12:17 pm
Forum: Wireless Networking
Topic: Huawei WS832
Replies: 2
Views: 1788

Re: Huawei WS832

Here you are on Mikrotik, not TP-Link or Huawei!
by ingdaka
Thu Jan 23, 2020 12:16 pm
Forum: General
Topic: Is ti possible to Load balance using hAP mini
Replies: 1
Views: 399

Re: Is ti possible to Load balance using hAP mini

Yes you can do it! Just use for example Ether 1 for wired connection and Ether 2 to connect to 4G Modem! If you have an USB 4G modem you can't do it because hAP Mini don't have an USB port!
by ingdaka
Thu Jan 23, 2020 12:13 pm
Forum: General
Topic: Can't route between Bridge and Eth1 [SOLVED]
Replies: 2
Views: 570

Re: Can't route between Bridge and Eth1 [SOLVED]

As I can see you don't have and default route and you have an wrong out interface on masquerade rule!
by ingdaka
Fri Jan 17, 2020 11:17 pm
Forum: General
Topic: Router Selection for VPN
Replies: 2
Views: 679

Re: Router Selection for VPN

https://mikrotik.com/product/RB750Gr3 this one will do the job very well!
by ingdaka
Fri Jan 17, 2020 11:07 pm
Forum: General
Topic: HAP AC like simple switch wireless
Replies: 21
Views: 2762

Re: HAP AC like simple switch wireless

Yes it is because of performance of hAP AC Lite, look ate the picture below! With 40-45 Mbps it goes to 95-100% Processor usage! So cannot support more traffic! It looks like you are running btest TO the device in the image. If so, you are also measuring the CPU eaten up by the btest processes. Run...
by ingdaka
Fri Jan 17, 2020 10:55 pm
Forum: Beginner Basics
Topic: Mikrotik LTE
Replies: 9
Views: 2026

Re: Mikrotik LTE

If you see an different IP i think is because of FUP. Maybe your LTE Provider has set up Fair Usage Policy that drop your speed after some total traffic! In my country cable providers use it with and amount of 100Gb / week! This is jut my opinion, there are so many other reasons for this that need t...
by ingdaka
Fri Jan 17, 2020 10:51 pm
Forum: General
Topic: Protect from hacking router
Replies: 5
Views: 1206

Re: Protect from hacking router

This option has been fixed many years ago! As you can see this blog post is from 2012
by ingdaka
Fri Jan 17, 2020 9:44 am
Forum: General
Topic: Routing between subnets does not work
Replies: 2
Views: 633

Re: Routing between subnets does not work

First of all is that subnets are configured in slave interfaces! All interfaces are slave of bridge!
by ingdaka
Wed Jan 15, 2020 11:38 pm
Forum: General
Topic: HAP AC like simple switch wireless
Replies: 21
Views: 2762

Re: HAP AC like simple switch wireless

Yes it is because of performance of hAP AC Lite, look ate the picture below! With 40-45 Mbps it goes to 95-100% Processor usage! So cannot support more traffic! I have more than 80 of those routers and is the same thing! I use this for clients that need under 20Mbps and need WiFi just for small area...
by ingdaka
Wed Jan 15, 2020 11:25 pm
Forum: General
Topic: Mikrotik and CVE-2020-0601
Replies: 4
Views: 1100

Re: Mikrotik and CVE-2020-0601

Router OS is not Microsoft Windows based and is not .NET coded!
by ingdaka
Wed Jan 08, 2020 10:50 pm
Forum: Beginner Basics
Topic: Cheap Router for Load Balancing
Replies: 5
Views: 1413

Re: Cheap Router for Load Balancing

All Mikrotik routers can do this! Best way is PCC
For home I will recommend hAP ac lite or hAP ac lite TC. Both 5 Ethernet Ports 2.5 and 5 GHz WiFi. But this depend on surface of WiFi that you will need to cover!
by ingdaka
Mon Jan 06, 2020 11:31 pm
Forum: Forwarding Protocols
Topic: ccr1036-8g-2s+em - Multiple BGP Sessions
Replies: 2
Views: 2031

Re: ccr1036-8g-2s+em - Multiple BGP Sessions

Yes you can do it! Because you can create many instances and when setup peer you setup it with which instance will connect to it! But you have to talk with your provider if they will give you connection with the same IP or not! As it is one of mos powerful routers of Mikrotik it can handle this but ...
by ingdaka
Mon Jan 06, 2020 11:14 pm
Forum: Forwarding Protocols
Topic: Mikrotik BGP Aggregate /26-28
Replies: 1
Views: 1604

Re: Mikrotik BGP Aggregate /26-28

Yes if all router are yours! Because you can use iBGP form 1036 to core and then Core can announce them as /24 with eBGP to upstreams!
Or you can use OSPF in place of iBGP
by ingdaka
Sat Jan 04, 2020 12:31 am
Forum: General
Topic: router for BGP ?
Replies: 11
Views: 1892

Re: router for BGP ?

Depend how much traffic and routing table you will have! In my company with about 300Mbps with just 1 /22 Public to advertise and receive only 0.0.0.0/0 from ISP 4 ISP in Total I have deployed and Hex S (RB760iGS). Is working great since 1 year now!
by ingdaka
Sat Dec 28, 2019 11:58 pm
Forum: RouterBOARD hardware
Topic: Hardver config request[HELP] [SOLVED]
Replies: 11
Views: 6633

Re: Hardver config request[HELP] [SOLVED]

Yes you ca use DAC Cables!

This is list of hardware supported
https://wiki.mikrotik.com/wiki/MikroTik ... lity_table

Does not mean to be the same, but is recommended to be at same speed for example you cannot use 1.25Gbps SFP to one side and 10Gbps to other side!
by ingdaka
Sat Dec 28, 2019 11:52 pm
Forum: Beginner Basics
Topic: CAPs MAN and Firewall
Replies: 3
Views: 1362

Re: CAPs MAN and Firewall

What Configurations I need to do to have a MESH Wireless Network with Mikrotik CAP ac, so the users will be automatically connected to the nearest AP when they are moving from one office to another? If you use CAPsMAN you don't need MESH do to roaming mobility, just and an access list rule to CAPsM...
by ingdaka
Sat Dec 28, 2019 11:40 pm
Forum: Scripting
Topic: FUP Allowance & Speed
Replies: 5
Views: 3042

Re: FUP Allowance & Speed

In my experience you need Radius to do this,, you can't do this from Mikrotik as RB Device cannot count total Monthly / Weekly user traffic!
by ingdaka
Sat Dec 28, 2019 11:38 pm
Forum: General
Topic: Does anyone know if a fully updated Mikrotik Device is going to be vulnerable to this?
Replies: 9
Views: 2093

Re: Does anyone know if a fully updated Mikrotik Device is going to be vulnerable to this?

This phrase on that post: The report reads, “We are not sure why TCP 8291 is targeted, but we know that the Winbox protocol of the MikroTik Router device works on TCP / 8291 port and is exposed on the Internet.” Is the group real from North Korea or is supported by Cisco / Unify with friends because...
by ingdaka
Fri Dec 27, 2019 3:03 pm
Forum: Forwarding Protocols
Topic: TCP port forward doesnt work
Replies: 15
Views: 3275

Re: TCP port forward doesnt work

/ip firewall nat add chain=dstnat dst-address="your-public-IP" dst-port=55555 action=dst-nat protocol=tcp to-address=192.168.88.251 to-port=55555
by ingdaka
Fri Dec 27, 2019 2:53 pm
Forum: General
Topic: route internet from one IP over VPN
Replies: 21
Views: 3419

Re: route internet from one IP over VPN

Yes you cannot have internet because your route is added with disabled=yes should be disabled=no Go to IP routes and enable that route! Also to be sure that you will have internet when VPN is not working you need to add add disabled=no distance=2 gateway="your default gateway IP" routing-mark=[REDAC...
by ingdaka
Fri Dec 27, 2019 2:49 pm
Forum: RouterBOARD hardware
Topic: Hardver config request[HELP] [SOLVED]
Replies: 11
Views: 6633

Re: Hardver config request[HELP] [SOLVED]

260GS is enough for 5 cameras, in my experience 5 cameras cannot get more than 1Gbps traffic! Also CRS328-4C-20S-4S+RM has 24Port SFP to connect endpoints and 4 Combo {Ethernet / SFP+ (10Gbps)} to connect server with SFP+ or 10Gbps Ethernet Cards!
by ingdaka
Fri Dec 27, 2019 12:33 pm
Forum: RouterBOARD hardware
Topic: Hardver config request[HELP] [SOLVED]
Replies: 11
Views: 6633

Re: Hardver config request[HELP] [SOLVED]

Yes it will work but as 260GS has just SFP Port better use CRS328-4C-20S-4S+RM as main Switch is good and cost less
by ingdaka
Fri Dec 27, 2019 12:02 pm
Forum: General
Topic: Problem WIth VPN Ike2 [SOLVED]
Replies: 5
Views: 1066

Re: Problem WIth VPN Ike2 [SOLVED]

Is that because you are behind NAT and at this case 85.94.... cannot respond to you! You have to set port forward to router that is before Mikrotik!
by ingdaka
Thu Dec 26, 2019 8:55 am
Forum: RouterOS v7 BETA
Topic: Speedify Mulit WAN Bonding
Replies: 8
Views: 3972

Re: Speedify Mulit WAN Bonding

For me will be better if Mikrotik implement SD WAN, is the same what Mikrotik have now with PCC, but a simple way of configuration!
by ingdaka
Thu Dec 26, 2019 8:50 am
Forum: Beginner Basics
Topic: User can Browse Internet without Authentication
Replies: 5
Views: 1413

Re: User can Browse Internet without Authentication

Post your configuration here!
Type in terminal /export hide-sensitive
by ingdaka
Sat Dec 21, 2019 6:13 pm
Forum: SwOS
Topic: Can SwOS be upgraded to RouterOS
Replies: 6
Views: 3857

Re: Can SwOS be upgraded to RouterOS

Even RB260GSP or CSS326 and all CSS versions are SwOS only! They don't support RouterOS and there is no support for it!
by ingdaka
Thu Dec 19, 2019 10:40 pm
Forum: General
Topic: CRS326-24G-2S+RM able to switch 10Gb/s at wire speed?
Replies: 3
Views: 1001

Re: CRS326-24G-2S+RM able to switch 10Gb/s at wire speed?

I will prefer this one Ethernet/SFP+ (Combo Ports) CRS312-4C+8XG-RM
https://www.youtube.com/watch?v=b4Wp4SzdNj4&t=643s
by ingdaka
Thu Dec 19, 2019 10:23 pm
Forum: The User Manager
Topic: Help on my project 2WAN-2LAN
Replies: 7
Views: 3343

Re: Help on my project 2WAN-2LAN

I think he has 5.26 because is the only one that can be found on internet with "Crack"! He doesn't have a RouterBoard
by ingdaka
Wed Dec 18, 2019 11:42 pm
Forum: Beginner Basics
Topic: Port Forwarding
Replies: 5
Views: 1229

Re: Port Forwarding

In some cases you can't do it! In my case for example, I have the same situation ISP > ONT > Mikrotik
My ONT firmware work as ONT Router and can't be configured as bridge so I cannot config my Mikrotik with VLAN to get IP from ISP.
by ingdaka
Wed Dec 18, 2019 11:37 pm
Forum: General
Topic: Checking Status If Netflix is Down Or Not?
Replies: 3
Views: 1067

Re: Checking Status If Netflix is Down Or Not?

Is there anything to do with Mikrotik?
by ingdaka
Wed Dec 18, 2019 4:59 pm
Forum: Beginner Basics
Topic: Port Forwarding
Replies: 5
Views: 1229

Re: Port Forwarding

On this case best solution for me is to Activate DMZ to ONT with IP 192.168.100.2 and then make portforward in Mikrotik!
by ingdaka
Tue Dec 17, 2019 11:39 pm
Forum: Beginner Basics
Topic: Factory Reset Mikrotik Router - Lost internet
Replies: 6
Views: 1110

Re: Factory Reset Mikrotik Router - Lost internet

Did you configured it again as before?
by ingdaka
Tue Dec 10, 2019 12:18 am
Forum: Forwarding Protocols
Topic: PPP user automatically forward to 5231.xgen
Replies: 3
Views: 2028

Re: PPP user automatically forward to 5231.xgen

Are you sure that any of your clients in router 2 is not making any DNS Spoofing to your network with the same IP as Router A
by ingdaka
Sat Dec 07, 2019 12:42 pm
Forum: General
Topic: SSTP does not work without certificate
Replies: 14
Views: 2376

Re: SSTP does not work without certificate

They use windows based auto generated certificates!
by ingdaka
Sat Dec 07, 2019 12:40 pm
Forum: General
Topic: Setup Multiple ISPs [SOLVED]
Replies: 19
Views: 4708

Re: Setup Multiple ISPs [SOLVED]

Just use mangle routing-mark to mark you traffic coming from port 3 and 4 with 2 different marks and them assign them to default route rule!
by ingdaka
Sat Dec 07, 2019 12:30 pm
Forum: RouterBOARD hardware
Topic: Mikrotik hardware accelerated routing
Replies: 20
Views: 6118

Re: Mikrotik hardware accelerated routing

ASIC devices are always expensive... There are many in the market and are with high price! Mikrotik is for most of customers and prices are not in that level!
by ingdaka
Sat Dec 07, 2019 12:24 pm
Forum: General
Topic: SSTP does not work without certificate
Replies: 14
Views: 2376

Re: SSTP does not work without certificate

SSTP is a Certificate Based Tunnel Protocol so It will not work without a certificate! You can generate one for free on Internet and use it!
by ingdaka
Fri Dec 06, 2019 10:10 pm
Forum: Beginner Basics
Topic: PPPoE Server Setup
Replies: 5
Views: 950

Re: PPPoE Server Setup

With DMA there is a full package integration of everything you need for users! Traffic queue, total bandwidth limitations and all others including and a static MAC, so a client with specific PPPoE username and password can login only with 1 specific MAC. Until now have used some version of mikrotik ...
by ingdaka
Fri Dec 06, 2019 9:53 pm
Forum: RouterBOARD hardware
Topic: RB460G: Will this work with a 500Mbit WAN?
Replies: 5
Views: 2708

Re: RB460G: Will this work with a 500Mbit WAN?

/ip firewall filter add chain=forward action=fasttrack-connection connection-state=established,related /ip firewall filter add chain=forward action=accept connection-state=established,related Paste those 2 commands to mikrotik terminal and test your speed! This is a router with Gigabit Ethernet port...
by ingdaka
Wed Dec 04, 2019 10:44 pm
Forum: RouterBOARD hardware
Topic: QSFP compatibility ?
Replies: 2
Views: 3131

Re: QSFP compatibility ?

You should ask Mellanox for this if they have support for Mikrotik Modules!
by ingdaka
Wed Dec 04, 2019 9:44 pm
Forum: Beginner Basics
Topic: PPPoE Server Setup
Replies: 5
Views: 950

Re: PPPoE Server Setup

You can use DMA Radius Manager with Mikrotik, I've tried this with about 10 Mikrotik, 1 Server for about 10k clients and work perfect since 12 years!
by ingdaka
Tue Dec 03, 2019 10:47 pm
Forum: Beginner Basics
Topic: Dual WAN without configuration
Replies: 8
Views: 1255

Re: Dual WAN without configuration

If there are no administrative distance set traffic goes from port 4 because has lowest IP Subnet 192.168.120.0/24 vs 192.168.121.0/24 If you want to set which of them should work you can remove add default route to NO in IP>DHCP Client and add them manually with different distance! Lowest distance ...
by ingdaka
Tue Dec 03, 2019 10:39 pm
Forum: Wireless Networking
Topic: RB2011UiAS-2HnD-IN Vs mANTBox 19s what to chose? [SOLVED]
Replies: 5
Views: 3039

Re: RB2011UiAS-2HnD-IN Vs mANTBox 19s what to chose? [SOLVED]

If you are looking to costs too I would suggest Metal 52 AC or Omnitik5 (but this is for 5GHz only)
by ingdaka
Tue Dec 03, 2019 10:23 pm
Forum: Forwarding Protocols
Topic: 3 Devices, 1 Port. [SOLVED]
Replies: 3
Views: 3310

Re: 3 Devices, 1 Port. [SOLVED]

Yes you have: 1. Do not use port forward but use Cloud if is supported by your NVR (maybe you will have problems if both routers make NAT) 2. Change External Port: for 1st you have user public port 1234 and private 1234, for 2nd use public 1233 and private 1234 and 3rd use public 1232 and private 12...
by ingdaka
Mon Dec 02, 2019 9:43 pm
Forum: General
Topic: Download speed is less than expected RB1100AHx2
Replies: 4
Views: 696

Re: Download speed is less than expected RB1100AHx2

Have you seen processor usage during normal applying roles?
by ingdaka
Thu Nov 28, 2019 11:08 pm
Forum: General
Topic: pppoe server configuration [SOLVED]
Replies: 2
Views: 745

Re: pppoe server configuration [SOLVED]

Yes you need to create PPPoE Server for each interface or sub-interface, if you don't clients that send request to this specific VLAN will not get response if there is not any PPPoE server in this interface-vlan
by ingdaka
Tue Nov 26, 2019 10:00 pm
Forum: Forwarding Protocols
Topic: BGP Problem
Replies: 1
Views: 1556

Re: BGP Problem

Because of BGP is Dynamic routing you can do this just if you have a least 2 /24 Public subnets and you can add higher local preference one /24 to one provider and other one to 2nd provider!
Like in Wiki Example
https://wiki.mikrotik.com/wiki/Manual:S ... ultihoming
by ingdaka
Tue Nov 26, 2019 9:55 pm
Forum: General
Topic: Mikrotik VLANs [SOLVED]
Replies: 3
Views: 742

Re: Mikrotik VLANs [SOLVED]

You don't need 2 Bridges! But Just 1
Add VLAN 10 to Ether1
Add VLAN 20 to Ether1
Create bridge and add VLAN20, Ether2 & Ether 3 to this bridge
Add IP 192.168.0.0/24 to VLAN 10 Interface
Add IP 172.16.0.0/24 to Bridge Interface
Config Cisco Trunk port to Mikrotik as trunk with allowed vlan 10 and 20!
by ingdaka
Tue Nov 26, 2019 9:43 pm
Forum: Beginner Basics
Topic: One wan and Multiple MAC
Replies: 5
Views: 656

Re: One wan and Multiple MAC

If they assign you an Internal IP that mean that they have routed your public IP through this one, no need to DHCP client in WAN interface!
by ingdaka
Sat Nov 23, 2019 7:53 pm
Forum: Beginner Basics
Topic: CRS125-24G-1S and a Dell 6224 managed switch [SOLVED]
Replies: 4
Views: 798

Re: CRS125-24G-1S and a Dell 6224 managed switch [SOLVED]

First of all is that CRS125-24G-1S is a switch with some IP routing capabilities! So better to use a router as a router and a switch as a switch!
by ingdaka
Fri Nov 22, 2019 10:37 pm
Forum: General
Topic: Home network setup with 2 MikroTik routerboards [SOLVED]
Replies: 3
Views: 782

Re: Home network setup with 2 MikroTik routerboards [SOLVED]

In your case all solution is to add a static route to Router A who will have this: ip route add dst-address=192.168.88.0/24 gateway=192.168.11.253 disabled=no This will resolve your problem because when you try from PC to access NAS, Router A does not know path to your 192.168.88.0/24 and send all t...
by ingdaka
Thu Nov 14, 2019 10:21 pm
Forum: Beginner Basics
Topic: Virtual wireless AP .. one is R and one is RS ... ?
Replies: 2
Views: 762

Re: Virtual wireless AP .. one is R and one is RS ... ?

Yes It's because of bridge, if you leave mouse some second over letters you will see R - Running, means that Interface (in your case Guest AP) is running and RS - Running Slave, means that your interface is Running and Slave of Bridge!
by ingdaka
Thu Nov 14, 2019 10:18 pm
Forum: Beginner Basics
Topic: RB1100AH VLAN + NAT Config
Replies: 6
Views: 853

Re: RB1100AH VLAN + NAT Config

In that case I would not use NAT in Mikrotik but just in Fortigate and will add routes to Fortigate and Mikrotik to know each other! I do this in my office and Mikrotik in this case act as DMZ router!
by ingdaka
Sat Nov 09, 2019 2:52 pm
Forum: General
Topic: Internet access on static IP without PPPoE [SOLVED]
Replies: 5
Views: 1465

Re: Internet access on static IP without PPPoE [SOLVED]

PPPoE works in L2 so you don't need an IP on the interface! I use an specific /32 IP on an Virtual LoopBack Interface (bridge interface without any port on it). And just create a pool for clients that don't have any relation to this subnet. PPPoE works very well one /32 subnets!
by ingdaka
Sun Nov 03, 2019 10:13 pm
Forum: General
Topic: Only 100M internet connection on RB750Gr3
Replies: 7
Views: 1507

Re: Only 100M internet connection on RB750Gr3

And for sure you have a media converter from Optical Fiber to Ethernet Cable (Or an ONT device) that ca be like in my case!
by ingdaka
Sun Nov 03, 2019 3:00 pm
Forum: General
Topic: Only 100M internet connection on RB750Gr3
Replies: 7
Views: 1507

Re: Only 100M internet connection on RB750Gr3

What media (Copper / ADSL / Optical Fiber ) do your ISP use to give you internet?
by ingdaka
Sat Nov 02, 2019 6:30 pm
Forum: Beginner Basics
Topic: Routing question
Replies: 2
Views: 895

Re: Routing question

As Sob has wrote you /ip address add address=xxx.xxx.0.13/30 interface=<to customer> /ip route add dst-address=xxx.xxx.1.96/28 gateway=xxx.xxx.0.14 add dst-address=xxx.xxx.2.96/28 gateway=xxx.xxx.0.14 This is the config from your part! Client should take care of all his configurations! I got this ty...
by ingdaka
Sat Nov 02, 2019 6:24 pm
Forum: General
Topic: Only 100M internet connection on RB750Gr3
Replies: 7
Views: 1507

Re: Only 100M internet connection on RB750Gr3

How you get the link at home! I have faced this problem before, my operator gave me a ONU Modem with 4 Ethernet ports, I just use it as bridge and connect my Mikrotik router after and found that only one of 4 Ethernet ports was Gigabit Ethernet, 3 others where Fast Ethernet. Maybe here is the same p...
by ingdaka
Sat Nov 02, 2019 6:14 pm
Forum: General
Topic: Internet access on static IP without PPPoE [SOLVED]
Replies: 5
Views: 1465

Re: Internet access on static IP without PPPoE [SOLVED]

Please post your config and idea what you want to do!
by ingdaka
Thu Oct 31, 2019 10:51 pm
Forum: Forwarding Protocols
Topic: BGP | Use /24 in 2 different BGP Instances (Same AS)
Replies: 1
Views: 1761

Re: BGP | Use /24 in 2 different BGP Instances (Same AS)

1. You have to discus this with your ISP because they must do more configurations on this case to make IP summary and declare them in RIPE/ARIN policy!
2. What are the IP of peer that you get connect because if there is a different IP: Have your ISP configured both Instances?
by ingdaka
Thu Oct 31, 2019 10:34 pm
Forum: The Dude
Topic: Interfaces monitoring [SOLVED]
Replies: 14
Views: 9702

Re: Interfaces monitoring [SOLVED]

To ingdaka: 3 devices, 76 ports total? CooI. have 3658 devices at The Dude with Up to 1000 Clients on some PPPoE servers :) What is difference between non-100%-free Observium and free LibreNMS? http://www.observium.org/w/images/thumb/1/10/Screenshots-port.png/900px-Screenshots-port.png https://www....
by ingdaka
Thu Oct 31, 2019 10:29 pm
Forum: The Dude
Topic: Interfaces monitoring [SOLVED]
Replies: 14
Views: 9702

Re: Interfaces monitoring [SOLVED]

http://171.22.151.100:8000/
User/Password = demo/public
This user has access only to some random and different vendors of devices!
by ingdaka
Wed Oct 30, 2019 1:44 pm
Forum: General
Topic: Winbox RouterOS 5x
Replies: 6
Views: 1289

Re: Winbox RouterOS 5x

Maybe you have to upgrade ROS to have all functions, also your old ones have vulnerabilities, as update is free you can do it!
Or you have installed those "cracked" ones that are on internet on virtual machine? - If yes is your responsibility!
by ingdaka
Tue Oct 29, 2019 10:24 pm
Forum: General
Topic: Problem with DHCP server [SOLVED]
Replies: 12
Views: 2168

Re: Problem with DHCP server [SOLVED]

There is not any issue, but I have a question: Why you need an /16 subnet for 35 devices?
by ingdaka
Sat Oct 26, 2019 11:37 pm
Forum: General
Topic: Recover login password
Replies: 2
Views: 905

Re: Recover login password

If you have another full user, you can reset password of every other user created!
From backup you cannot find it!
by ingdaka
Sat Oct 26, 2019 11:32 pm
Forum: Beginner Basics
Topic: How to Forward the IP
Replies: 3
Views: 1023

Re: How to Forward the IP

If it is down means is not reachable, so how will detect Mikrotik to forward it?
by ingdaka
Sat Oct 26, 2019 2:55 pm
Forum: General
Topic: Help - mikrotik firewall or ISP issue
Replies: 4
Views: 1083

Re: Help - mikrotik firewall or ISP issue

This does not mean that every 2011 should have problems too..!
I did not mean that but their processor is becoming old now and cannot take care for new targets or security!
Mine get about 10 % with just 2 FW rules and 5Mbps of Traffic
by ingdaka
Sat Oct 26, 2019 12:54 am
Forum: General
Topic: Help - mikrotik firewall or ISP issue
Replies: 4
Views: 1083

Re: Help - mikrotik firewall or ISP issue

Try to change the router for 1 or 2 days! Or monitor the router for processor issues! I have an RB2011UiAS-2HnD-IN in my office and seems to have some problems, day to day randomly get stop working even that I use it just for and WiFi router!
by ingdaka
Sat Oct 26, 2019 12:50 am
Forum: Beginner Basics
Topic: Couldn't remove Switch Rule <> - can not change dynamic (6) ???
Replies: 3
Views: 986

Re: Couldn't remove Switch Rule <> - can not change dynamic (6) ???

Dynamic Created roles or routes cannot be removed! If this will be available to remove port will not forward traffic to Switch!
by ingdaka
Sun Oct 20, 2019 12:56 am
Forum: RouterBOARD hardware
Topic: RB1100x4
Replies: 5
Views: 2333

Re: RB1100x4

This port cannot be used for alarm inputs!
by ingdaka
Wed Oct 16, 2019 10:00 pm
Forum: General
Topic: CCR1036 core router FastPath FastTrack question
Replies: 5
Views: 992

Re: CCR1036 core router FastPath FastTrack question

As tests it should be capable to take care from 21 to 27 Gbps! But in real environment always need test!
by ingdaka
Tue Oct 15, 2019 10:18 pm
Forum: General
Topic: Winbox 3.20 x64 still with bugs from YEARS AGO
Replies: 9
Views: 1679

Re: Winbox 3.20 x64 still with bugs from YEARS AGO

This post tells that might be an early problem but not with winbox

viewtopic.php?t=90485

I haven't faced this issue in my career, even that I've worked in many RouterBoard versions including CCR, PowerPC, x86, or mmips!
by ingdaka
Tue Oct 15, 2019 10:06 pm
Forum: General
Topic: Winbox 3.20 x64 still with bugs from YEARS AGO
Replies: 9
Views: 1679

Re: Winbox 3.20 x64 still with bugs from YEARS AGO

Maybe its a problem with any of your devices! Using the same version and versions before with more than 100 Advertisement with no problem! Trying now there is no problem too!
by ingdaka
Tue Oct 15, 2019 9:29 pm
Forum: General
Topic: Winbox 3.20 x64 still with bugs from YEARS AGO
Replies: 9
Views: 1679

Re: Winbox 3.2 x64 still with bugs from YEARS AGO

Winbox 3.2 x64 where did you find this! Current version is 3.19?
by ingdaka
Mon Oct 14, 2019 10:20 pm
Forum: General
Topic: Block Anydesk
Replies: 10
Views: 13777

Re: Block Anydesk

L7 firewall block *.net.anydesk.com with regexp
by ingdaka
Thu Oct 10, 2019 9:17 pm
Forum: General
Topic: pppoe users dont disconnect after some day of uptime
Replies: 2
Views: 1137

Re: pppoe users dont disconnect after some day of uptime

What is keepalive timeout configured in PPPoE Server?
by ingdaka
Fri Oct 04, 2019 11:06 pm
Forum: General
Topic: Mikrotik automatically changes password
Replies: 6
Views: 1998

Re: Mikrotik automatically changes password

2 new Golden Rules for every device:
1. If there is no default password, create one in first login.
2. If there is a default password, change it in first login.
by ingdaka
Fri Oct 04, 2019 11:02 pm
Forum: Beginner Basics
Topic: Should be a simple task of port forwarding [SOLVED]
Replies: 2
Views: 1219

Re: Should be a simple task of port forwarding [SOLVED]

ip firewall nat add chain=dstnat dst-address=your_Pulic_IP protocol=tcp dst-port=Public_Port action=dst-nat to-addresses=your_LAN(Device)_IP to-ports=devide_Port
Paste this to terminal of Routerboard
by ingdaka
Thu Oct 03, 2019 9:19 pm
Forum: Forwarding Protocols
Topic: Failover between three Mikrotik routers
Replies: 9
Views: 2739

Re: Failover between three Mikrotik routers

If you have just 1 or 2 subnets in each router you can use static routing, but if you have mode I would prefer OSPF
by ingdaka
Thu Oct 03, 2019 9:16 pm
Forum: General
Topic: Mikrotik PPPoE+Static Ip not working
Replies: 3
Views: 949

Re: Mikrotik PPPoE+Static Ip not working

Just Go to terminal type export and then paste it here! DNS does not have anything to do with default gateway in static IP configuring!
by ingdaka
Wed Oct 02, 2019 9:13 pm
Forum: General
Topic: MikroTik Bonding Failover Issues.
Replies: 3
Views: 620

Re: MikroTik Bonding Failover Issues.

I user RR and everything works perfect between 2 RB1100AHx4
by ingdaka
Tue Oct 01, 2019 10:48 pm
Forum: Beginner Basics
Topic: ISP Setup
Replies: 9
Views: 1859

Re: ISP Setup

Hi all, Thanks a lot for the replies. I very much appreciated it. What we planned is to have "PPPoE concentrates configured with Centralized AAA Radius", as ingdaka proposed. We have considered using each 1016s as PPPoE and dhcp server for each zone, but management wanted to centralized the control...
by ingdaka
Tue Oct 01, 2019 12:05 am
Forum: General
Topic: HexS to RB951G as AP
Replies: 2
Views: 731

Re: HexS to RB951G as AP

There is just 1 cpu 600MHz, so what are you waiting to have a full GB network 100% of time? Sorry dude!
by ingdaka
Mon Sep 30, 2019 11:02 pm
Forum: Beginner Basics
Topic: ISP Setup
Replies: 9
Views: 1859

Re: ISP Setup

In my idea you can configure 1036 as MAIN WAN AGGREGATION Router and all 1016 as PPPoE servers for clients! 1036 as a PPPoE server and all 1016 as PPPoE clients...! Also redundand paths between houses? Sounds too much... No! 1036 will have just routes to Public and Between 1016. 1016 to be PPPoE Se...
by ingdaka
Mon Sep 30, 2019 9:39 pm
Forum: Beginner Basics
Topic: ISP Setup
Replies: 9
Views: 1859

Re: ISP Setup

In my idea you can configure 1036 as MAIN WAN AGGREGATION Router and all 1016 as PPPoE servers for clients! Communication from 1036 to all 1016 to be with OSPF of iBGPso you can add backup redundant path between branches in a second moment!
by ingdaka
Thu Sep 26, 2019 11:08 pm
Forum: Virtualization
Topic: OpenWrt for ARM-based RB1100AHx4
Replies: 9
Views: 5554

Re: OpenWrt for ARM-based RB1100AHx4

Here you are at Mikrotik (RouterBoard + Router OS) forum. Not RouterBoard with 3rd party firmware, this can be your responsibility!
by ingdaka
Sun Sep 22, 2019 9:36 pm
Forum: Beginner Basics
Topic: PPPoe connection to ISP with tagged VLAN
Replies: 19
Views: 6179

Re: PPPoe connection to ISP with tagged VLAN

I'm a bit aware, why those ISP use Fiber connection and give you sync speed on 100Mbps! It's fucking wrong to use SFP to 100Mbps!
by ingdaka
Fri Sep 20, 2019 10:28 pm
Forum: Beginner Basics
Topic: PPPoe connection to ISP with tagged VLAN
Replies: 19
Views: 6179

Re: PPPoe connection to ISP with tagged VLAN

interface vlan add vlan-id=20 interface=sfp1 name=vlan20
interface pppoe-client add interface=vlan20 name=PPPoE_Out user=xxxxx password=yyyyyy use-peer-dns=yes add-default-route=yes
by ingdaka
Mon Sep 16, 2019 9:50 pm
Forum: General
Topic: Route All Traffic over L2TP
Replies: 2
Views: 1123

Re: Route All Traffic over L2TP

First of all we need your network schema and config to help you! But if it is typical you need 2 default routes 0.0.0.0/0 to your Public interface of router with distance 1 and another one with exit interface your L2TP Interface with distance 2! Then you should mangle your LAN traffic via prerouting...
by ingdaka
Tue Sep 10, 2019 11:45 pm
Forum: RouterOS v7 BETA
Topic: cAP ac: no capsman [SOLVED]
Replies: 9
Views: 6890

Re: cAP ac: no capsman [SOLVED]

As you can read in this topic viewtopic.php?f=1&t=152003

What is not available:

- BGP / MPLS disabled
- Extra packages
- Winbox does not show all features, use CLI for most functionality

CAPs is a Extra Package Feature
by ingdaka
Tue Sep 10, 2019 11:42 pm
Forum: RouterOS v7 BETA
Topic: cAP ac: no capsman [SOLVED]
Replies: 9
Views: 6890

Re: cAP ac: no capsman [SOLVED]

You have to wait for ROS v7, is just in test version and does not have all features enabled!
by ingdaka
Tue Sep 10, 2019 10:17 pm
Forum: General
Topic: Remote Access & Port Forward Over L2TP [SOLVED]
Replies: 4
Views: 1056

Re: Remote Access & Port Forward Over L2TP [SOLVED]

Just got it! Have to create a mangle rule to routing mark traffic of my camera and set a default route for this marked traffic and set as exit interface my vpn interface!
by ingdaka
Fri Sep 06, 2019 12:42 am
Forum: General
Topic: Remote Access & Port Forward Over L2TP [SOLVED]
Replies: 4
Views: 1056

Remote Access & Port Forward Over L2TP [SOLVED]

I have a scenario like in picture: https://i.ibb.co/m6wCZj5/L2TP.jpg R1 has public IP and is configured as L2TP Server! R2 have just internet over nat and is configured as L2TP client! Both routers have full routing table to know each-other routes. R2 has a CCTV system connected. I can access this s...
by ingdaka
Thu Sep 05, 2019 12:04 pm
Forum: Forwarding Protocols
Topic: 2 WAN BGP failover
Replies: 6
Views: 2982

Re: 2 WAN BGP failover

First of all 10.10.... looks like is an Private IP, you cannot advertise them to BGP!
by ingdaka
Thu Sep 05, 2019 12:02 pm
Forum: Beginner Basics
Topic: Change DDNS name (Mikrotik cloud)
Replies: 11
Views: 3285

Re: Change DDNS name (Mikrotik cloud)

That's for security reasons! Maybe I know your company name and I can attach you! But I don't think I will be able to get you router MAC Address to attach you!
by ingdaka
Tue Sep 03, 2019 11:01 am
Forum: Forwarding Protocols
Topic: Help with Mikrotik hAP series
Replies: 3
Views: 2035

Re: Help with Mikrotik hAP series

Sometimes users don't set DNS on DHCP server!

Go to terminal and type export hide-sensitive and paste result here!
by ingdaka
Mon Aug 26, 2019 11:30 pm
Forum: Beginner Basics
Topic: Graphing problems
Replies: 3
Views: 687

Re: Graphing problems

Winbox have problems with graphing, please see webconfig
by ingdaka
Mon Aug 26, 2019 11:06 pm
Forum: Wireless Networking
Topic: CAPsMAN issue with 2 SSIDs
Replies: 3
Views: 828

Re: CAPsMAN issue with 2 SSIDs

Make this queue in subnet for employees or in bridge connected to datapath
by ingdaka
Sun Aug 25, 2019 12:09 pm
Forum: Beginner Basics
Topic: Problem with port forwarding
Replies: 1
Views: 517

Re: Problem with port forwarding

Type export in terminal and paste result here!
by ingdaka
Sat Aug 24, 2019 10:13 pm
Forum: General
Topic: BLOCK SPAMMERS DONT WORK - FIREWALL
Replies: 5
Views: 1217

Re: BLOCK SPAMMERS DONT WORK - FIREWALL

Filter rules work on top down order, so you need to change order! Add src to address list should be before drop rule!
by ingdaka
Wed Aug 21, 2019 6:00 pm
Forum: Beginner Basics
Topic: Unstopable DSTNAT
Replies: 17
Views: 3414

Re: Unstopable DSTNAT

Go to terminal type export and paste the result here!
by ingdaka
Mon Aug 19, 2019 1:19 am
Forum: General
Topic: Problem with RB1100AHx4 In SWITCH1
Replies: 7
Views: 1055

Re: Problem with RB1100AHx4 In SWITCH1

Or you have a device that is Broadcasting MAC
by ingdaka
Mon Aug 19, 2019 1:15 am
Forum: General
Topic: Problem with RB1100AHx4 In SWITCH1
Replies: 7
Views: 1055

Re: Problem with RB1100AHx4 In SWITCH1

Is not problem with RB1100, problem is because you have loop on your network!
by ingdaka
Wed Aug 14, 2019 10:41 pm
Forum: Beginner Basics
Topic: Simple non internet Wireless acess point
Replies: 1
Views: 675

Re: Simple non internet Wireless acess point

1. Remove default config.
2. Add a bridge
3. Add app ports on this bridge (ether1, wlan1, wlan2)
4. Set IP 2.0.0.1/24 on bridge.
5. Setup dhcp-server to give IP 101-254
6. Set wlan1 and wlan2 as ap bridge and set password you want!
7. Set a password for your router
ALL DONE
by ingdaka
Wed Aug 14, 2019 12:01 am
Forum: Beginner Basics
Topic: print from one vlan to another?
Replies: 4
Views: 1637

Re: print from one vlan to another?

If you do NAT between 2 Subnets you cannot do access IP from one subnet to other one! The should just to be routed to each other!
  • 1
  • 2