Community discussions

MikroTik App

Search found 28 matches

by intermod
Mon Mar 02, 2020 1:21 am
Forum: RouterBOARD hardware
Topic: Wish - RB2011UiAS-2HnD-RM ?
Replies: 30
Views: 13479

Re: Wish - RB2011UiAS-2HnD-RM ?

Yes, yes, its 2020 and I am replying. Frustrated (again) that I cannot find a 2011 or similar MT rackmount with wireless. Yes, its going in a metal rack, but its for equipment support in the data center/radio repeater site while we are in front of the rack. Plenty of 2.4 GHz energy getting out of th...
by intermod
Thu Nov 28, 2019 5:31 am
Forum: SwOS
Topic: CSS326-24G-2S+RM can't access web GUI - what am I doing wrong?
Replies: 10
Views: 6392

Re: CSS326-24G-2S+RM can't access web GUI - what am I doing wrong?

Alas - the switch is still shipping with V2.9 (11-25-19), and the default IP address is not 192.168.88.1. After reviewing the MT Wiki, one graphic indicated that it tries DHCP for the first 10 seconds, then falls back to the 88.1. Wrong; its half the story. You can let the switch sit powered up for ...
by intermod
Thu Oct 17, 2019 2:23 am
Forum: SwOS
Topic: CSS326-24G-2S+RM power consumption question
Replies: 1
Views: 2687

Re: CSS326-24G-2S+RM power consumption question

Measured this device on the bench today as we are placing it in battery-float operation. Idle, all ports disabled (w/no physical connections): 0.40A @ 13.8 VDC Idle, all ports enabled (none connected): 0.40A @ 13.8 VDC Idle, one port enabled (w/ one connected at 1 GB): 0.42A @ 13.8 VDC Idle, all por...
by intermod
Tue Sep 03, 2019 8:34 pm
Forum: General
Topic: Feature Request: IPerf
Replies: 55
Views: 14955

Re: Feature Request: IPerf

I get that. One key reason we purchase MT products is because they provide so many diagnostic features. Setting up an end-to-end iperf test today requires we visit each endpoint and leave equipment there specifically to run iperf (we never have access to client servers to use). And it must be custom...
by intermod
Tue Mar 26, 2019 6:44 pm
Forum: Beginner Basics
Topic: Route traffic from one port via VPN - OpenVPN
Replies: 0
Views: 521

Route traffic from one port via VPN - OpenVPN

Hi All: I am using RB2011UiAS-IN routers running V6.44.1. I have configured a *bridged* OVPN Client at the "remote" site, and it connects to another RB2011 running OVPN Server at the "local" site. I need all traffic on remote eth10 to route through the VPN connection through to the local router. All...
by intermod
Wed Oct 17, 2018 7:17 pm
Forum: General
Topic: Feature Request: IPerf
Replies: 55
Views: 14955

Re: Feature Request: IPerf

I will look into Traffic Generator if it gives us similar data. However, this would only be useful for internal analysis of our network - not the WAN. We are constantly in a battle with ISPs. It is much better to use an application that they understand or they will dismiss its results. In other word...
by intermod
Fri May 25, 2018 7:26 pm
Forum: Announcements
Topic: VPNfilter official statement
Replies: 191
Views: 94884

Re: VPNfilter official statement

As the hack could have been sniffing traffic, our other systems may be at risk. So we don't have to audit all of our other systems now, how can we tell whether our particular device was compromised? This is very important. This could be extremely costly for our organization.
by intermod
Thu Mar 08, 2018 9:40 pm
Forum: General
Topic: Feature Request: OpenVPN [ovpn] udp tunnels
Replies: 250
Views: 106547

Re: Feature Request: OpenVPN [ovpn] udp tunnels

Argh....stumbled across this limitation here. Needing UDP wOVPN here as well. The UDP seems to operate faster, and we use lots of VoIP here that cannot tolerate retries. Is this a CPU horsepower issue?
by intermod
Thu Mar 08, 2018 9:20 pm
Forum: General
Topic: Cannot forward port with Nat Rule
Replies: 18
Views: 9901

Re: Cannot forward port with Nat Rule

I am running 6.41.2 and the only difference between mine (working) and yours is I don't specific an In Interface under General. Not sure of the implications to that. You might also try specifying a source IP address instead, or leave it blank.
by intermod
Sun Apr 17, 2016 11:53 pm
Forum: General
Topic: Mikrotik as source of DNS Amplification attacks
Replies: 31
Views: 13056

Re: Mikrotik as source of DNS Amplification attacks

OK - understand completely. As was noted in an earlier post....RouterOS can be dangerous if one does not pay attention to the details. I would have missed that to be honest.

G
by intermod
Sun Apr 17, 2016 11:08 pm
Forum: General
Topic: RB2011UiAS-2HnD link down
Replies: 4
Views: 978

Re: RB2011UiAS-2HnD link down

Any update to this?
by intermod
Sun Apr 17, 2016 7:24 pm
Forum: General
Topic: Mikrotik as source of DNS Amplification attacks
Replies: 31
Views: 13056

Re: Mikrotik as source of DNS Amplification attacks

Just to be clear, when I reset the router back to factory defaults in January of 2016, the following rules were created by default (except for Winbox Access) The highlighted rule takes care of outside (WAN) DNS queries on the Eth1 gatetway, but not the others. So you can enable Allow Remote Requests...
by intermod
Tue Jan 19, 2016 6:20 pm
Forum: General
Topic: RB400 - Slow Winbox Screen Updates, Will Not Reboot/Shutdown
Replies: 2
Views: 699

Re: RB400 - Slow Winbox Screen Updates, Will Not Reboot/Shutdown

CCR? But yes. That did seem to take are of it. But I would like to know what the root cause was....
by intermod
Sat Jan 16, 2016 11:55 pm
Forum: General
Topic: Mikrotik as source of DNS Amplification attacks
Replies: 31
Views: 13056

Re: Mikrotik as source of DNS Amplification attacks

UPDATE: We found that the input chain DROP rule for Eth1-Gateway (WAN) had been disabled, and the "Allow Remote Requests" enabled. Either our error or we had been compromised. You guys were exactly correct. To be safe, we reset the config, reloaded new OS V6.33 and FW 3.24 (RB400). While "Allow Remo...
by intermod
Sat Jan 16, 2016 10:58 pm
Forum: General
Topic: RB400 - Slow Winbox Screen Updates, Will Not Reboot/Shutdown
Replies: 2
Views: 699

RB400 - Slow Winbox Screen Updates, Will Not Reboot/Shutdown

We have logged into two remote RB400 routers (V6.33.3 OS/ FW 3.24; both current) using Winbox V3 and found the following (among many other issues): Quick Set screen would not populate (blank) IP Firewall Filter Rules/Nat /Service ports, etc. screen not populating Specified filter rules either grayed...
by intermod
Fri Dec 18, 2015 11:42 pm
Forum: General
Topic: Mikrotik as source of DNS Amplification attacks
Replies: 31
Views: 13056

Re: Mikrotik as source of DNS Amplification attacks

Excellent. Thanks. We had remotely shut down the offending router; I I will check the config when we visit the site next to see where the issue was.
by intermod
Mon Dec 14, 2015 6:19 pm
Forum: General
Topic: Mikrotik as source of DNS Amplification attacks
Replies: 31
Views: 13056

Re: Mikrotik as source of DNS Amplification attacks

Thanks. If I understand, a WAN DNS request would be considered a "new" connection, which would not be acted upon on the input chain, yes? What remains unknown through is whether enabling DNS "Allow Remote Requests" still accepts port 53 on the WAN port. We had to shut down the remote router to stop ...
by intermod
Sat Dec 12, 2015 8:42 pm
Forum: General
Topic: Mikrotik as source of DNS Amplification attacks
Replies: 31
Views: 13056

Re: Mikrotik as source of DNS Amplification attacks

We just got slammed by this problem at a remote site. This costs us a fair amount of money to identify and resolve, not to mention the victim. While this product is usually sold to people who know what a DNA AA is, it would seem prudent to have this feature default off, or handled through a UDP Port...
by intermod
Tue Dec 01, 2015 6:50 am
Forum: General
Topic: Feature Request: IPerf
Replies: 55
Views: 14955

Re: Feature Request: IPerf NOW!

Absolutely essential. No other product in this class has the feature. We need an application that reports end-to-end jitter, OOS and latency for VoIP applications. RFC compliance is helpful. Its an older app, but its the one the ISPs understand - and if they "get-it", half my network problems would ...
by intermod
Sat Jun 27, 2015 6:44 pm
Forum: General
Topic: Hotspot 2.0 and 802.11U
Replies: 10
Views: 5859

Re: Hotspot 2.0 and 802.11U

Amy movement on this from Mikrotik? This would really be helpful....

Greg
by intermod
Sat Oct 06, 2012 12:29 am
Forum: General
Topic: RB2011UAS-2HnD-IN; No WAN Connectivity w/Cable Modem SOLVED
Replies: 11
Views: 3564

Re: RB2011UAS-2HnD-IN; No WAN Connectivity w/Cable Modem SOL

Mr. Brown: Thank you. Problem solved. I am new to the MT products and the sfp interface. I saw sfp enabled but ignored it. I was using the Quick Setup screen, and its was not clear which device was getting the WAN IP. I just found the IP/Addresses area which allows selection of the device and addres...
by intermod
Fri Oct 05, 2012 8:38 pm
Forum: General
Topic: RB2011UAS-2HnD-IN; No WAN Connectivity w/Cable Modem SOLVED
Replies: 11
Views: 3564

Re: RB2011UAS-2HnD-IN; No WAN Connectivity w/Cable Modem

[admin@MikroTik] > /export compact # jan/02/1970 00:11:27 by RouterOS 5.20 # software id = BDZA-D918 # /interface bridge add admin-mac=D4:CA:6D:31:B6:2A auto-mac=no l2mtu=2290 name=bridge-local protocol-mode=rstp /interface wireless set 0 band=2ghz-b/g/n channel-width=20/40mhz-ht-above country="uni...
by intermod
Fri Oct 05, 2012 3:36 am
Forum: General
Topic: RB2011UAS-2HnD-IN; No WAN Connectivity w/Cable Modem SOLVED
Replies: 11
Views: 3564

Re: RB2011UAS-2HnD-IN; No WAN Connectivity w/Cable Modem

Some providers also keep your mac address. So you will need to clone the mac address from the device that was previously connected if this is the case. Hope this reply is not posted twice - none of my replies are posting. Made sure the old router was powered down, then Cloned its WAN MAC and IP. No...
by intermod
Fri Oct 05, 2012 3:30 am
Forum: General
Topic: RB2011UAS-2HnD-IN; No WAN Connectivity w/Cable Modem SOLVED
Replies: 11
Views: 3564

Re: RB2011UAS-2HnD-IN; No WAN Connectivity w/Cable Modem

Did you power cycle the modem? Many cable modems require a power cycled everytime you plug a different router into them. Hope this is not reposted again - nonr off my previous replies ever made it. Yes - disconnected old router, power cycled, then connected MT, and powered up MT. This was using the...
by intermod
Fri Oct 05, 2012 2:47 am
Forum: General
Topic: RB2011UAS-2HnD-IN; No WAN Connectivity w/Cable Modem SOLVED
Replies: 11
Views: 3564

Re: RB2011UAS-2HnD-IN; No WAN Connectivity w/Cable Modem

Great minds think alike...I did this today. Setup the MT with the same MAC and there same static IP as the working router. Same problem. Also re-booted the modem and MT after doing this (I posted the result, but I suspect the moderator did not approve it yet). I have seen the MAC affinity on this mo...
by intermod
Thu Oct 04, 2012 6:24 pm
Forum: General
Topic: RB2011UAS-2HnD-IN; No WAN Connectivity w/Cable Modem SOLVED
Replies: 11
Views: 3564

Re: RB2011UAS-2HnD-IN; No WAN Connectivity w/Cable Modem

Just performed some additional tests to verify things: 1. I disconnected the old (working) router from the Cable Modem 2. Connected to the same physical Cable Modem eth port 3. Set the MT for the IP and MAC of the old router 4. Rebooted Cable Modem 5. Rebooted MT Problem remains - cannot ping beyond...
by intermod
Thu Oct 04, 2012 5:03 pm
Forum: General
Topic: RB2011UAS-2HnD-IN; No WAN Connectivity w/Cable Modem SOLVED
Replies: 11
Views: 3564

Re: RB2011UAS-2HnD-IN; No WAN Connectivity w/Cable Modem

Hi Jandafields:

Thanks for the reply. Yes - tried that. The Cable Modem does need this when the device's MAC address changes for a given static IP address.

I also tried verifying this is not a duplex/half-duplex or speed issue. Very odd.


G
by intermod
Mon Oct 01, 2012 6:58 am
Forum: General
Topic: RB2011UAS-2HnD-IN; No WAN Connectivity w/Cable Modem SOLVED
Replies: 11
Views: 3564

RB2011UAS-2HnD-IN; No WAN Connectivity w/Cable Modem SOLVED

Brand new unit, OS 5.19.1 - I am unable to ping or resolve any external public IPs when MT router WAN is connected directly to a Comcast Cable Modem (/29 static addresses). When MT router WAN is connected behind an existing router (e.g., sits on the LAN), internet connectivity and DNS requests work ...