Community discussions

MikroTik App

Search found 40 matches

by kd2pm2
Sat Jun 27, 2020 4:25 am
Forum: Announcements
Topic: v6.47 [stable] is released!
Replies: 323
Views: 77696

Re: v6.47 [stable] is released!

Definitely not an ISP issue. 1.1.1.1 works great but when I go to use it for DOH my 2011 throws errors out at me usually the (6) and the (13)'s. Once in a while the 4011 will error but not as bad as the 2011 will. And a reboot will usually take care of it for a while then it comes back eventually Th...
by kd2pm2
Fri Jun 26, 2020 3:15 am
Forum: Announcements
Topic: v6.47 [stable] is released!
Replies: 323
Views: 77696

Re: v6.47 [stable] is released!

Got the same error messages trying to use 1.1.1.1 for DOH. I turned off DOH and no more issues. Not going to bother with DOH on 6.47 until MT can figure out what is causing the errors.
by kd2pm2
Wed Jun 24, 2020 11:46 pm
Forum: General
Topic: dns,error DoH server connection error: remote disconnected while in HTTP exchange
Replies: 5
Views: 1136

Re: dns,error DoH server connection error: remote disconnected while in HTTP exchange

I just basically pulled the plug on DOH for now. Not ready for prime time on MT hardware. Will wait for the point release to see if it gets resolved. Cloudflare standard DNS servers work just fine.
by kd2pm2
Wed Jun 24, 2020 4:33 am
Forum: RouterBOARD hardware
Topic: RB4011 Metal temperature is really hot
Replies: 52
Views: 13130

Re: RB4011 Metal temperature is really hot

My 2011 is running @ 35C and my 4011 is running @ 37C. Both are wifi versions.
by kd2pm2
Fri Jun 19, 2020 11:10 pm
Forum: General
Topic: DNS over HTTPS
Replies: 120
Views: 18050

Re: DNS over HTTPS

I believe I have to go back and get the PEM file for Cloudflare-DNS and load that back in as well...I believe one cant work without the other So its definitely an issue on a reboot that if you dont have a standard DNS server like 1.1.1.1 assigned as well as the DOH server....the DOH cannot and will...
by kd2pm2
Fri Jun 19, 2020 10:51 pm
Forum: General
Topic: DNS over HTTPS
Replies: 120
Views: 18050

Re: DNS over HTTPS

I believe I have to go back and get the PEM file for Cloudflare-DNS and load that back in as well...I believe one cant work without the other
by kd2pm2
Fri Jun 19, 2020 10:49 pm
Forum: General
Topic: DNS over HTTPS
Replies: 120
Views: 18050

Re: DNS over HTTPS

remove all those certificates and use just this one: /tool fetch url=https://cacerts.digicert.com/DigiCertGlobalRootCA.crt.pem /certificate import file-name=DigiCertGlobalRootCA.crt.pem passphrase=”” I did and there is no CRL and I am still logging the same DNS error DoH server connection error: SS...
by kd2pm2
Fri Jun 19, 2020 10:12 pm
Forum: General
Topic: DNS over HTTPS
Replies: 120
Views: 18050

Re: DNS over HTTPS

So here is my current DNS config. When I reboot the RB2011 it goes into infinity with handshake failures. Its trying to validate the CRL's but yet, it should already have it in certificates memory as being valid. I suspect that the certificates setting needs to be changed to perhaps not download the...
by kd2pm2
Fri Jun 19, 2020 8:11 pm
Forum: General
Topic: DNS over HTTPS
Replies: 120
Views: 18050

Re: DNS over HTTPS

try to follow this holy man's guidance,
https://jcutrer.com/howto/networking/mi ... over-https
Seems pretty close to what I have already done. I may have to go back to plan "B" and make the URL 1.1.1.1 instead of cloudflare-dns.com
by kd2pm2
Fri Jun 19, 2020 5:35 pm
Forum: General
Topic: DNS over HTTPS
Replies: 120
Views: 18050

Re: DNS over HTTPS

Anyone else getting this? Seems that if its time to get an updated cert file...it cant. Its a chicken/egg scenario where it cant get the info to do the fetch to update the cert. Easy fix is to just add in another dns entry like 1.1.1.1 and immediately DNS query works, it grabs does the fetch and the...
by kd2pm2
Thu Jun 11, 2020 5:01 am
Forum: General
Topic: dns,error DoH server connection error: remote disconnected while in HTTP exchange
Replies: 5
Views: 1136

Re: dns,error DoH server connection error: remote disconnected while in HTTP exchange

I am also getting the same error as well as

DoH server connection error: SSL: std failure: timeout (13)

DoH server connection error: SSL: internal error (6)

Using Cloudflare site for DOH lookups
by kd2pm2
Wed Jun 10, 2020 2:12 am
Forum: General
Topic: Public-Mikrotik-Bandwidth-Test-Server(s)
Replies: 630
Views: 539563

Re: Public-Mikrotik-Bandwidth-Test-Server(s)

Just tried it. I can get data when I transmit but I see no stats when I try to do a receive test.
by kd2pm2
Fri Jun 05, 2020 2:04 pm
Forum: Announcements
Topic: v6.47 [stable] is released!
Replies: 323
Views: 77696

Re: v6.47 [stable] is released!

what about local DOH server ? I have a cloudflare local DOH but not working with mikrotik. What do mean by "local"? Is that a local program (client) running on a other device in your local network connection to Cloudflare? I'm using cloudflare DOH server on raspberrypi https://blog.cloudflare.com/d...
by kd2pm2
Thu Jun 04, 2020 5:30 pm
Forum: Announcements
Topic: v6.47 [stable] is released!
Replies: 323
Views: 77696

Re: v6.47 [stable] is released!

This is the actual result of DoH. This build(6.47) is same as 6.47rc2. I'm fetching DoH connection error: idle timeout issue from both versions. This issue solves by rebooting router but not permanently. It starts after sometimes. A.PNG A1.PNG a2.PNG This will continue until reboot and start again ...
by kd2pm2
Thu Jun 04, 2020 4:18 am
Forum: Announcements
Topic: v6.47 [stable] is released!
Replies: 323
Views: 77696

Re: v6.47 [stable] is released!

https://jcutrer.com/howto/networking/mikrotik/mikrotik-dns-over-https --> DoH configuration on MikroTik router It is possible to use DoH only with "Verify DoH Certioficate" unchecked, or unchecked "Use CRL". Mikrotik is logging "DoH server connection error: SSL: handshake failed: unable to get cert...
by kd2pm2
Wed May 27, 2020 2:27 pm
Forum: General
Topic: Malwarebytes flags Winbox as malware
Replies: 8
Views: 1182

Re: Malwarebytes flags Winbox as malware

Saw that as well this morning having my cup of coffee and I get the pop up on my laptop telling me 3.24 is malware. Never had that with any other version. I suspect the same, just a false positive.
by kd2pm2
Wed May 27, 2020 2:24 pm
Forum: Announcements
Topic: Winbox v3.24 released!
Replies: 66
Views: 29437

Re: Winbox v3.24 released!

I never had this happen to me when I downloaded previous versions but now 3.24 is being flagged by MalwareBytes as having Malware.Generic malware. I suspect its a false positive but something changed since Malware Bytes never complained about previous versions...(and yes, I did download direct from ...
by kd2pm2
Wed May 27, 2020 4:41 am
Forum: General
Topic: My MikroTik is Hacked!!! Found file 7wmp0b4s.rsc [SOLVED]
Replies: 23
Views: 3503

Re: My MikroTik is Hacked!!! Found file 7wmp0b4s.rsc [SOLVED]

I had that happen to me a few years ago. Thats when I learned to turn off (after I upgraded my package and firmware) pretty much everything including mac telnet, turning off admin user and firewalling port 8291 from the internet. Since then I get the occasional DNS and port scan attacks but no acces...
by kd2pm2
Thu Apr 30, 2020 3:13 pm
Forum: General
Topic: SFP details missing in RB4011 vs RB2011
Replies: 2
Views: 888

Re: SFP details missing in RB4011 vs RB2011

Both routers are running latest stable 6.46.6. as ROS and FW. My only thought is that the HW in the RB2011 is not capable of reading the device information. The RB2011 is probably from 2012 or so...the module is 2018. That may be a long shot I will upload screenshots in a little bit so you can see t...
by kd2pm2
Thu Apr 30, 2020 2:59 am
Forum: General
Topic: SFP details missing in RB4011 vs RB2011
Replies: 2
Views: 888

SFP details missing in RB4011 vs RB2011

So I purchased the Mikrotik modules (S-85DLC05D) and put one on the RB4011 and one on the RB2011. When I go to the interfaces then to my SFP interface and the SFP tab, the RB4011 gives me all the details about the module. But on the RB2011 there is absolutely no information, yet I have a link and I ...
by kd2pm2
Thu Apr 16, 2020 10:53 pm
Forum: SwOS
Topic: Configuring VLAN on RB260GS
Replies: 10
Views: 2959

Re: Configuring VLAN on RB260GS

This online course explains it easily.

https://mynetworktraining.com/courses/enrolled/820895
by kd2pm2
Thu Apr 16, 2020 4:53 am
Forum: General
Topic: Public-Mikrotik-Bandwidth-Test-Server(s)
Replies: 630
Views: 539563

Re: Public-Mikrotik-Bandwidth-Test-Server(s)

Wow I just noticed ---> 496,719 Views as of April 15'th 2020 Won't be long till this " Public-Mikrotik-Bandwidth-Test-Server(s) " hits 1/2 million views !!! North Idaho Tom Jones Thanks for hosting the server! Just did a test in NJ on Comcast...actually getting more than advertised. I have 300 D/L ...
by kd2pm2
Thu Apr 16, 2020 4:48 am
Forum: Beginner Basics
Topic: Problems with DHCP server and bridge mode
Replies: 16
Views: 2752

Re: Problems with DHCP server and bridge mode

Again, your setup makes no sense. Forget the wifi of the iSP router, put it into bridge mode. Nowhere does your config actually show you have a WAN input into the MT router. He should take Ethernet 1 and remove it from the bridge if thats the interface connected to the modem. Allow the HEX to do au...
by kd2pm2
Tue Apr 14, 2020 4:33 am
Forum: General
Topic: No syslog on critical alerts
Replies: 14
Views: 2222

Re: No syslog on critical alerts

My wild guess is that this message is generated so early after the reboot that the network connectivity has not established yet by that time. And since Mikrotik only supports syslog via UDP, there is no second chance for the message. I think this thinking is correct. And it extends to logging to di...
by kd2pm2
Mon Apr 13, 2020 2:51 pm
Forum: General
Topic: DNS question
Replies: 3
Views: 1215

Re: DNS question

I have 6 DNS servers listed and they indeed do rotate based upon other parameters. I also have my query timeout set for 500ms and my total timeout set for 5 seconds. I try not to wait too long for responses and it works for me to move from server to server. If set for 2 seconds (default), I would th...
by kd2pm2
Mon Apr 13, 2020 2:47 pm
Forum: General
Topic: No syslog on critical alerts
Replies: 14
Views: 2222

Re: No syslog on critical alerts

What does the message look like in your syslog server? Is it being parsed correctly for your syslog server to see the critical message correctly?

As Zacharias noted, set each severity separately to go to your syslog server and see if that helps. Thats how I have mine set.
by kd2pm2
Mon Apr 13, 2020 3:39 am
Forum: Beginner Basics
Topic: ISP allways redirecting http to their ISP website, how bypass it?
Replies: 3
Views: 2055

Re: ISP allways redirecting http to their ISP website, how bypass it?

Afaik either they interfering your DNS request or using DPI (Deep Packet Inspection), try using DoH (DNS Over Https) feature on latest ROS 6.47beta49, sample setup is the following (Credit @CosmosNetwork ) : DoH configuration example. Cacert.pem is CA certificates extracted from Mozilla . /ip dns s...
by kd2pm2
Sun Apr 12, 2020 8:25 pm
Forum: General
Topic: Hardaware offload in RB1100Ahx2
Replies: 2
Views: 1064

Re: Hardaware offload in RB1100Ahx2

El archivo PDF muestra que el 1100 tiene el chipset AR8327. Por lo tanto, creo que puede descargar HW.

https://i.mt.lv/cdn/rb_files/Block-RB1100AHx2.pdf
by kd2pm2
Fri Apr 10, 2020 6:27 pm
Forum: Announcements
Topic: v6.46.5 [stable] is released!
Replies: 72
Views: 27043

Re: v6.46.5 [stable] is released!

Thank you! Where can I find this? I know there already is this option for CAPsMAN, I was hoping to find it in the regular Wireless interfaces too. *) wireless - added "skip-dfs-channels" parameter; You can set this parameter in the command line. I haven't found it in Winbox. [user@hAPac2] > /interf...
by kd2pm2
Fri Apr 10, 2020 4:24 pm
Forum: Announcements
Topic: v6.46.5 [stable] is released!
Replies: 72
Views: 27043

Re: v6.46.5 [stable] is released!

[*]Unable to see skip DFS. Looked in wireless but where is it hiding? It is available in command line only, no support in WinBox nor WebFig yet. And next time you post something, would mind reading the whole thread to check if you question has already been answered , please? [*]At least on 5.8, whe...
by kd2pm2
Fri Apr 10, 2020 2:17 pm
Forum: Announcements
Topic: v6.46.5 [stable] is released!
Replies: 72
Views: 27043

Re: v6.46.5 [stable] is released!

[*]Unable to see skip DFS. Looked in wireless but where is it hiding? [*]When I attempt to access quick set, I see one of my wireless parameters is showing blue and then I get kicked out and have to reconnect. Once reconnected, the wireless parameter is fine. Its usually the frequency parameter that...
by kd2pm2
Fri Apr 10, 2020 3:09 am
Forum: Announcements
Topic: Winbox v3.22 released!
Replies: 117
Views: 46909

Re: Winbox v3.22 released!

I have to believe that cloud backup will be part of winbox in the next release. Just a tad annoying to do it in the terminal
by kd2pm2
Fri Apr 10, 2020 3:07 am
Forum: Announcements
Topic: v6.46.5 [stable] is released!
Replies: 72
Views: 27043

Re: v6.46.5 [stable] is released!

Upgraded one of my rb4011 6.46.4 to 6.46.5 using winbox 3.22 on my win10 - even though misaligned and missing text is a minor issue it still triggers my ocd. winbox3.22-ros6.46.5.minorissue.png I believe the fix is to drag open the window more to the right and its fixed!!! I just noticed that now. ...
by kd2pm2
Wed Apr 08, 2020 11:09 pm
Forum: RouterBOARD hardware
Topic: RB4011iGS+ 802.1Q VLANs
Replies: 4
Views: 2195

Re: RB4011iGS+ 802.1Q VLANs

I have yet to see a reasonable explanation as to why they chose to downgrade the switch chips in favor of going with the CPU approach. Is the design that much different that it doesn't need hardware offload or VLAN switching versus CPU?
by kd2pm2
Wed Apr 08, 2020 11:07 pm
Forum: Announcements
Topic: v6.46.5 [stable] is released!
Replies: 72
Views: 27043

Re: v6.46.5 [stable] is released!

What devices are supported? *) winbox - allow setting "20/40/80/160Mhz-eeeeeeCe" channel under "Channel Width" parameter;
I would hope the 4011....I currently use 80 which is fine, but was hoping to push it a little more
by kd2pm2
Wed Apr 08, 2020 11:03 pm
Forum: General
Topic: Feature request: Force sending of DHCP options to clients
Replies: 33
Views: 9907

Re: Feature request: Force sending of DHCP options to clients

I need to force option 252 out so that I can let the devices know to use a new or different web proxy. So anything MikroTik can do, sooner the better.
by kd2pm2
Tue Jan 23, 2018 6:35 am
Forum: General
Topic: 404 error on opening manual within winbox
Replies: 0
Views: 307

404 error on opening manual within winbox

So I found a problem where I could not check for package updates due to DNS issues. That was a firewall rule on the input chain that was allowing from LAN but from router. So thats taken care of. Now when I click on the manual button to pull of the table of contents from within winbox, I get the 404...
by kd2pm2
Wed May 22, 2013 10:58 pm
Forum: General
Topic: RB2011UAS-2HnD-IN issues with BOOTP/Netinstall
Replies: 0
Views: 856

RB2011UAS-2HnD-IN issues with BOOTP/Netinstall

Ok so finally had to break down and ask the forum since I cant find any logical explanation for what I am seeing (or not seeing) My upgrade from 5.24 to 5.25 caused some corruption and stopped by router dead in its tracks. Tried to go downgrade and that made it even worse. So now I have the panic KI...
by kd2pm2
Wed May 22, 2013 10:40 pm
Forum: RouterBOARD hardware
Topic: Unable to connect to 2011L
Replies: 17
Views: 7072

Re: Unable to connect to 2011L

Finally... after many days of trying... I have managed to connect using another laptop to the routerboard. I have reflashed with both 4.17 and 5.18. :D However... after rebooting I cannot access the router on any IP on any Eth port (does a reflash default to 192.168.88.1 ?) Also, winbox still does ...
by kd2pm2
Wed May 22, 2013 4:05 am
Forum: General
Topic: RouterOS 5.25 getting critical error creating backup file
Replies: 4
Views: 1666

RouterOS 5.25 getting critical error creating backup file

Anyone notice this? Not sure if this is new with 5.25 on my RB2011 but instead of seeing the typical 250K file size I only see about 50K or so and I get a critical error in the log that it cant read all the configuration files. I dont want to do a factory reset. I guess I could export everything and...