Community discussions

Search found 958 matches

by jo2jo
Mon Aug 19, 2019 4:53 am
Forum: General
Topic: OVPN Server , move to new mikrotik (certificate export / move ??) [SOLVED]
Replies: 2
Views: 337

Re: OVPN Server , move to new mikrotik (certificate export / move ??) [SOLVED]

>>When exporting the certificate, don't forget to set password. If you don't, only certificate without private key is exported. Sob was correct, in winbox (or cli), you must set a passphrase when exporting the cert. If you dont, then when you go to import the exported cert, it will *not* contain the...
by jo2jo
Sun Aug 18, 2019 2:12 am
Forum: General
Topic: OVPN Server , move to new mikrotik (certificate export / move ??) [SOLVED]
Replies: 2
Views: 337

OVPN Server , move to new mikrotik (certificate export / move ??) [SOLVED]

question: how do you move OVPN Certificates from one mikrotik to another mikrotik ? Info: I have (all working for many months) a routerboard acting as a OVPN server, with certs, and a linux box acting as a OVPN client (ie linux ovpn client connects to mikrotik ovpn server). I now need to upgrade the...
by jo2jo
Mon Jun 03, 2019 12:37 am
Forum: General
Topic: Feature Request: ETA on Feature Requests
Replies: 5
Views: 1130

Re: Feature Request: ETA on Feature Requests

i know this thread is a bit old, but i agree with all the posts above (including agree with normis 's reply/ his point). but im hoping that something like this list (or wiki style?) could be implemented on MTs end. even wo dates , a implemented / rejected / being worked on / considered - list (as an...
by jo2jo
Mon Jun 03, 2019 12:32 am
Forum: General
Topic: Feature Request: Countdown TIMER on FW / NAT rules
Replies: 2
Views: 567

Re: Feature Request: Countdown TIMER on FW / NAT rules

+1 Even if it's possible to match rules on an adress list with one IP with timeout to get a similar result it is quite cluttered. agreed, this above is one of the "rough" work-arounds i was referring to. but ofcourse this can only be taken so far (as compared to being able to put a countdown on act...
by jo2jo
Tue May 28, 2019 1:50 am
Forum: General
Topic: Feature requests
Replies: 1160
Views: 207829

Re: Feature requests - Re Winbox , close all

The suggestion from another user session-> close all windows , only occurs when you EXIT winbox (ie the next time you connect all windows will be closed).
wrong
oh wow, you are correct, choosing session-> close all windows , does infact accomplish this (wo existing the app). thanks!
by jo2jo
Sun May 26, 2019 11:54 pm
Forum: General
Topic: Feature Request: Countdown TIMER on FW / NAT rules
Replies: 2
Views: 567

Feature Request: Countdown TIMER on FW / NAT rules

I would really love to see an option added to the various /ip filter XX commands (FW,NAT,MANGLE), that allows you set a timeout= to disable option (ie a countdown). Exactly like we currently have on dynamic IP address-list entries. We often will have to make a quick/temporary FW or NAT rule for a cu...
by jo2jo
Sun May 26, 2019 11:43 pm
Forum: General
Topic: Feature Request: Logging of all administrator user actions
Replies: 19
Views: 4153

Re: Feature Request: Logging of all administrator user actions

+1 - def need more detailed logging of admin actions, and maybe such that they can be written to the log (thus can go out over remote syslog) and so they will persist through router reboots (if the RB device supports NV memory).
tks
by jo2jo
Sun May 26, 2019 11:42 pm
Forum: General
Topic: Feature requests
Replies: 1160
Views: 207829

Re: Feature requests - Re Winbox , close all

A feature I would like to see in Winbox is a new selection to close all winbox windows Example - many many windows open in winbox , click close-all and presto they all close and you still have your connected winbox session North Idaho Tom Jones I would love to see this also. Often on lower end RBs ...
by jo2jo
Wed May 22, 2019 9:14 pm
Forum: RouterBOARD hardware
Topic: Dual voltage POE on CRS112-8P-4S-IN [SOLVED]
Replies: 4
Views: 1027

Re: Dual voltage POE on CRS112-8P-4S-IN [SOLVED]

great news / great solution to this question that ive been having for over 6 months (ever since that first announcement PDF mt news-letter)! it looks like you CAN run a 24v passive device AND a 48v active poe device from these crs112-8p MTs at the same time! there is exactly what i was hoping for, a...
by jo2jo
Wed May 22, 2019 9:09 pm
Forum: Announcements
Topic: Winbox vulnerability: please upgrade
Replies: 329
Views: 88868

Re: Winbox vulnerability: please upgrade

AFAIK there is no way to extract your config wo an admin password, others (more familiar with netinstall) might chime in otherwise (netinstall has that save config button/checkbox, but i think it requires your password first). You have to consider, MT does not want to make it so that someone with ev...
by jo2jo
Tue May 21, 2019 7:34 am
Forum: RouterBOARD hardware
Topic: Dual voltage POE on CRS112-8P-4S-IN [SOLVED]
Replies: 4
Views: 1027

Re: Dual voltage POE on CRS112-8P-4S-IN [SOLVED]

well ill have one of these units here in a day or two, and will test exactly what my question/reply above states. Ill update here when i know. It would be really nice!, if you are able to power a 24v passive poe device on eth3 , and a active ~48v af/at poe device (ie a IPcam) on eth5 , at the same t...
by jo2jo
Tue May 21, 2019 7:32 am
Forum: General
Topic: Please add basic portScan tool ( port scanner scan )
Replies: 31
Views: 9824

Re: Please add basic portScan tool ( port scanner scan )

You could just make scan in TheDude and have results in no time. If you do this more than once per year, it is definitely worth it. That is interesting idea, but when we often need to do this, its on random customers/routers , so using dude as a "port scan" tool, would take a fair amount of setup (...
by jo2jo
Thu May 16, 2019 2:23 am
Forum: RouterBOARD hardware
Topic: Dual voltage POE on CRS112-8P-4S-IN [SOLVED]
Replies: 4
Views: 1027

Re: Dual voltage POE on CRS112-8P-4S-IN [SOLVED]

what im still not 100% clear on, is assuming you have 2x Power supplies connected to a CRS112-8P-4S (a 48v one and a 24v one), are you then able to power eth connected devices at BOTH 48v (active POE) *AND* devices at 24v (passive poe)? ie: could i connect a IP Camera (802.3af Active POE) to eth3 , ...
by jo2jo
Fri May 10, 2019 1:13 am
Forum: General
Topic: Please add basic portScan tool ( port scanner scan )
Replies: 31
Views: 9824

Re: Please add basic portScan tool ( port scanner scan )

+1 (for own post), 2x times this week different customers needed us to find a cctv DVR on their system (which is behind our mikrotik). would have been so quick via port scan x/24 for port 80 via a ROS ps tool . but instead had to setup a MT + a VPN setup on both sides and a laptop with nmap (about 2...
by jo2jo
Wed May 01, 2019 1:48 am
Forum: General
Topic: simple queue missing traffic (ie not working) (simple 1 pc setup)
Replies: 4
Views: 398

Re: simple queue missing traffic (ie not working) (simple 1 pc setup)

when i looked at the traffic more closely, i saw some was UDP , which then made me realize that the UDP traffic is mostly what is causing this. (you can only really control TCP , not udp, for the reasons you stated). Will need to look at other sites where i have seen this before to see if there is a...
by jo2jo
Sat Apr 27, 2019 2:23 am
Forum: General
Topic: simple queue missing traffic (ie not working) (simple 1 pc setup)
Replies: 4
Views: 398

Re: simple queue missing traffic (ie not working) (simple 1 pc setup)

thanks for reply, (i have always been seting local 192 IP of the PC as the queue's target) my SS maynot have been in sync as i was trying different queues, but mainly i wanted the export to show that i dont have any other FW or mangle rules that could be interfering. even with 0.01 bucket size, stil...
by jo2jo
Fri Apr 26, 2019 3:24 am
Forum: General
Topic: simple queue missing traffic (ie not working) (simple 1 pc setup)
Replies: 4
Views: 398

simple queue missing traffic (ie not working) (simple 1 pc setup)

i have encountered this before for clients, but now that i have a fiber line at the office im able to reproduce/test this while controlling for everything. this is only MT attached to the fiber line, there is only 1 pc behind the mikrotik (is doing NAT, no fasttrack). the Simple queue, whether on th...
by jo2jo
Tue Mar 19, 2019 5:33 am
Forum: General
Topic: CPU consumption by Horizon?
Replies: 2
Views: 527

Re: CPU consumption by Horizon?

sorry i cant answer, but i do have this same question.

will the use of horizon on a bridge port, cause HW-offload to become disabled?

(another way to ask this- is the bridge port -> horizon feature available in SWos?)
tks
by jo2jo
Sat Mar 02, 2019 3:35 am
Forum: General
Topic: Please add basic portScan tool ( port scanner scan )
Replies: 31
Views: 9824

Re: Please add basic portScan tool ( port scanner scan )

@dagelf Originally I thought you just came with miracle, but it does not really work. Firstly, it would take huge amount of time as it does not work in parallel and you have to interrupt each connection which gets established, secondly, it actually crashed my winbox and produced autosupout.rif ... ...
by jo2jo
Sat Mar 02, 2019 3:30 am
Forum: General
Topic: req: (winbox) add COPY to torch tool
Replies: 0
Views: 295

req: (winbox) add COPY to torch tool

it would be very helpful if torch (and other "realtime" tools with similar interfaces) would allow / add the copy ability. ie, in torch, we need the ability to right click on a DST IP address and choose copy (so that you can paste that ip into something else, without having to retype it). this would...
by jo2jo
Wed Feb 27, 2019 10:35 am
Forum: General
Topic: Default Config w Mac-Telnet disabled - Change Needed?
Replies: 7
Views: 1828

Re: Default Config w Mac-Telnet disabled - Change Needed?

boy, do we still run into this issue constantly! im talking 5-10 times a month, or more! we have mikrotik everywhere, and this default-config "update/change" a few yrs ago, really is a problem. its the difference between having customers, or non-tech (less $ / hr) installers, do installs VS needing ...
by jo2jo
Wed Feb 27, 2019 7:57 am
Forum: Scripting
Topic: [CONTRIB] UPDATED Automated Batch Commands...
Replies: 2
Views: 2035

Re: [CONTRIB] UPDATED Automated Batch Commands...

thank you for this. im gong to try it out, and hope it still works (13 yrs later, and this is still the only solution i know of to mass config/update config of many MTs)
by jo2jo
Fri Feb 22, 2019 9:54 am
Forum: General
Topic: could not make socket
Replies: 7
Views: 2644

Re: could not make socket

I actually saw this same error myself, for the first time ever (on mikrotik). I had lost a few connections on my PC so i connected to winbox, and my internet connections was fine (other VPNs were connected and 4-8mbit of BW was flowing over my internet/isp uplink) but when i tried to ping a few rand...
by jo2jo
Wed Jan 23, 2019 10:41 am
Forum: General
Topic: [Feature Request] Changing SNMP port
Replies: 2
Views: 1599

Re: [Feature Request] Changing SNMP port

I agree, i have a handful of locations where the ISP blocks udp 161. It would be nice if we could change this in the winbox interface directly. but do keep in mind you can accomplish this same thing via a NAT rule (depending upon your setup/layout). here is what im using for a MT that has a public i...
by jo2jo
Mon Dec 31, 2018 10:03 am
Forum: Wireless Networking
Topic: real p2p performance of DISC Lite5 ac
Replies: 3
Views: 619

real p2p performance of DISC Lite5 ac

hi, Can anyone please provide some examples of real performance they are getting between two DISC Lite5 ac , in a p2p link ( RBDiscG-5acD , this product: https://mikrotik.com/product/disc_lite5_ac). I realize there are alot of factors for any wireless 5g p2p link, but im mainly looking to replace a ...
by jo2jo
Mon Dec 31, 2018 9:52 am
Forum: RouterBOARD hardware
Topic: DISC Lite5 ac
Replies: 2
Views: 547

Re: DISC Lite5 ac

or for that short distance, the newer mikrotik 60ghz panel radios. 1gbit full duplex is possible.
by jo2jo
Wed Dec 19, 2018 9:35 pm
Forum: General
Topic: LCD Display causing packet loss... what???
Replies: 14
Views: 1819

Re: LCD Display causing packet loss... what???

as i posted above (about a year or 2 ago) i fully confirm this issue on seveal different RB2011 and rb3011s (and one other RB with an LCD screen that im forgetting). fix is always to disable/turn off LCD screen (which i do on all devices now, unfortunately) I can say that on a few CCR1009-7G-1C-1S+ ...
by jo2jo
Mon Dec 17, 2018 10:07 pm
Forum: General
Topic: IP CLOUD is down
Replies: 61
Views: 10593

Re: IP CLOUD is down

same issue here (this is 18hours now). Ive updated some routers from 6.42.7 to 6.43.7 (to new cloud system as directed) , but the issue is the same. the problem is that myhnetname.net WILL NOT resolve (ie a dns problem , not a /ip cloud problem). this is really unacceptable- only because ip cloud ha...
by jo2jo
Mon Dec 10, 2018 2:23 am
Forum: General
Topic: Feature request: Remove fasttrack dummy rule
Replies: 33
Views: 38550

Re: Feature request: Remove fasttrack dummy rule

i like the FT dummy rule. there have been a few times ive added fasttrack to older RBs that DONT support it, the ONLY way i was able to notice this was by seeing the dummy rule was not increment at all.
by jo2jo
Thu Nov 29, 2018 1:23 am
Forum: General
Topic: ros Traceroute STD DEV calculation incorrect?
Replies: 0
Views: 264

ros Traceroute STD DEV calculation incorrect?

Ive been running several long traceroutes (long = ~ 12 hours) on various RBs i have located at different providers (im trying to gather info on ISP quality/routes/latency for future purchase decisions). However im seeing that the STD DEV value provided by the traceroute tool differs big time from wh...
by jo2jo
Thu Nov 29, 2018 1:13 am
Forum: Announcements
Topic: Newsletter 85
Replies: 30
Views: 9904

Re: Newsletter 85

i like the 4x port SFP+ switch! Also, personally, i feel the complaints about no gig eth on the new LTE product are a bit overblown. its very rare to get 100m+ on a lte C3/C4 device of any kind. Also for those saying what about using this device in a city to improve a decent lte signal to better- it...
by jo2jo
Mon Nov 26, 2018 12:52 am
Forum: Scripting
Topic: Bandwidth test daily
Replies: 9
Views: 2970

Re: Bandwidth test daily

cool, see this thread too, at the bottom i made a tiny modification to make it so repeated/scheduled BW test results can be pulled via SNMP (ie so they can be graphed over time).
viewtopic.php?f=9&t=129513&p=699739
by jo2jo
Sun Nov 25, 2018 1:48 am
Forum: Scripting
Topic: script to run manual bandwidth test and save to file
Replies: 6
Views: 3809

Re: script to run manual bandwidth test and save to file

thank you for posting this! I already had a script that ran a BW test every 5 minutes, but i was then just using SNMP to "grab" the results (ie snmp traffic with short interval, and looking for the spike). I can add this- for some of my mt scripts, one way to retrieve the value of a variable (or res...
by jo2jo
Thu Oct 18, 2018 12:46 am
Forum: General
Topic: /ip dns servers= (cache) - how are multiple servers used?
Replies: 18
Views: 1807

Re: /ip dns servers= (cache) - how are multiple servers used?

to update everyone, i received this reply from MT support (email): Yes, once DNS servers are responding properly, the same weight is applied. In case one DNS server is not responding, its weight is decreased, then router check again if server is responding and weight is decreased or increased (wheth...
by jo2jo
Sun Oct 14, 2018 12:00 am
Forum: General
Topic: optimize FW rule by using connection-state=new ?
Replies: 6
Views: 647

Re: optimize FW rule by using connection-state=new ?

Thanks for the replies and inputs, I do realize the pros/cons of how im doing FW vs the more standard (even default-config) of add rules to accept what you want, then DROP ALL ELSE. In regards to my main question of performance / efficiency, my idea/theory was that in using connection-state=new , th...
by jo2jo
Sat Oct 13, 2018 4:51 am
Forum: Scripting
Topic: Portknocking by script.
Replies: 9
Views: 2754

Re: Portknocking by script.

/tool fetch host=<DYNIPHOST> src-path=SOMERANDOMSTRING mode=http port=9119 keep-result=no /tool fetch host=<DYNIPHOST> src-path=ANOTHERRANDOMSTRING mode=http port=9229 keep-result=no This is a good idea to trigger the dst device of your port-knocking, however be sure to do it like this: :do {/tool ...
by jo2jo
Sun Sep 30, 2018 11:15 pm
Forum: General
Topic: /ip dns servers= (cache) - how are multiple servers used?
Replies: 18
Views: 1807

Re: /ip dns servers= (cache) - how are multiple servers used?

sob, this thread exactly shows why we NEED a formal answer to this. At some locations where 100x or 1000x users are at risk, i need a formal / official answer to something that can cause everyone internet to "stop" (or appear dead), ie DNS. The most fundamental / critical part of the services we pro...
by jo2jo
Sat Sep 29, 2018 10:50 pm
Forum: General
Topic: /ip dns servers= (cache) - how are multiple servers used?
Replies: 18
Views: 1807

/ip dns servers= (cache) - how are multiple servers used?

This question does not have a clear answer from mikrotik (and the manual has very little data on /ip dns , and does not specifically address this important question): With this setting how does rOS use the multiple DNS servers? (ie equal weight? failover? ratio?): /ip dns set allow-remote-requests=y...
by jo2jo
Thu Sep 27, 2018 5:33 am
Forum: General
Topic: DNS utilization
Replies: 15
Views: 4990

Re: DNS utilization

And regarding how servers for queries are chosen that is correct - router will use 1 cache server and only if it starts to not respond will go to next entry and change only if current one is not responding. guys, please add this to the manual. was searching for it for about 10 minutes because it's ...
by jo2jo
Sat Sep 22, 2018 11:46 pm
Forum: General
Topic: How control several Mikrotik`s not one by one
Replies: 24
Views: 2449

Re: How control several Mikrotik`s not one by one

davidw - do you all still offer this tool? i see the site is down ,but can see that its something we would like to use / buy (by looking at site on wayback machine). (if the tool is not around anymore, do you offer paid api development?) lmk pls , thanks (sorry there was no way to msg you directly t...
by jo2jo
Sat Sep 22, 2018 11:13 pm
Forum: General
Topic: optimize FW rule by using connection-state=new ?
Replies: 6
Views: 647

optimize FW rule by using connection-state=new ?

i have 2 rules like this to protect management ports (ros management ports, as well as for other dst-nat ports for devices on network). /ip firewall filter add action=drop chain=input in-interface=ether1-ISP dst-port=20-55,80-445,2000,8022-8729 protocol=tcp src-address-list=!adminPublicIPs /ip firew...
by jo2jo
Sat Sep 22, 2018 10:39 pm
Forum: General
Topic: How do we filter torrent now?
Replies: 19
Views: 2938

Re: How do we filter torrent now?

2 ways come to mind (have used both w decent success). 1- assuming all your customers are using a dns server you control (ie the mt dns), you can use regex static entries, and normal static entries (and use a rule to redirect all udp 53 dns to your mt dns, to keep ppl from setting their own customer...
by jo2jo
Sat Sep 22, 2018 1:29 am
Forum: General
Topic: 6.43rc5 bricked RB1100AHx4
Replies: 16
Views: 2500

Re: 6.43rc5 bricked RB1100AHx4

is this related to / a fix for the issue u encountered possibly ? :

What's new in 6.43.2 (2018-Sep-18 12:12):
Changes in this release:
*) routerboot - fixed RouterOS booting on devices with particular NAND memory (introduced in v6.43);
by jo2jo
Wed Sep 12, 2018 1:48 am
Forum: Announcements
Topic: Newsletter #84
Replies: 47
Views: 12876

Re: Newsletter #84

Is it possible to do a license upgrade on the SXTsq Lite60 and connect two of them for a short link? They look physically a bit more suitable for outdoor mast mounting than the wAP 60G AP. That's always possible without an upgrade of the license. Just set the 'master' or AP in 'bridge' mode instead...
by jo2jo
Mon Sep 10, 2018 5:39 am
Forum: General
Topic: Simple accounting per internal address
Replies: 5
Views: 3097

Re: Simple accounting per internal address

hi, another *rough* way to do this is to add a simple queue for each internal IP (w speed 500m/500m or something very high so it wont queue the users). (you can use script + a for loop to generate many queues quickly, ie 254 of them for a /24 ), then in winbox add the columns for total-tx-bytes / rx...
by jo2jo
Wed Sep 05, 2018 11:24 pm
Forum: General
Topic: WInbox feature request: drag and drop column order and right click column menu
Replies: 18
Views: 3277

Re: WInbox feature request: drag and drop column order and right click column menu

+1 for this in winbox (ability to change column order). While most of the columns (especially extra "non-standard columns) do have a pretty good default column order, there are some that are way out of place . thus ability in winbox to re-arrange or change the column order would be very helpful. tha...
by jo2jo
Wed Sep 05, 2018 5:19 am
Forum: General
Topic: FastTrack slow performance
Replies: 11
Views: 1427

Re: FastTrack slow performance

ive never experienced anything similar, but it would help to know what is your source of internet and its speed. Have you tried connecting to that directly (use a FW/becareful if its a modem or ISP device that directly gives your PC a public IP). Have you changed the cat patch cables? (im sure you h...
by jo2jo
Wed Sep 05, 2018 4:39 am
Forum: General
Topic: remotely manage MT's
Replies: 4
Views: 725

Re: remotely manage MT's

You could have all remote / cpe MT's run a VPN client (add vpn interface) back to a central MT (either in a Datacenter or a cloud MT), then only allow management via the VPN network. All of this can be done in ROS at no additional charge (FYI if your new to mt / ros). The use of VPN client is nice a...
by jo2jo
Sat Sep 01, 2018 11:12 pm
Forum: Wireless Networking
Topic: RouterOS station roaming at specified signal level
Replies: 1
Views: 881

Re: RouterOS station roaming at specified signal level

I know this is an old thread, but if you are still looking for a solution, you may want to look for APs that support 802.11k (roaming/neighbor reports). (and maybe also 802.11r) . these protocols, if the AP and client support them, allow the AP to give the client a list of "offical similar" aps near...
by jo2jo
Fri Aug 31, 2018 12:39 am
Forum: General
Topic: enhance "check-gateway" feature - use arbitrary check IP
Replies: 29
Views: 28771

Re: enhance "check-gateway" feature - use arbitrary check IP

xqx: thanks for explination , 2 questions: 1- assuming you dont have any other static routes (ie no other entries in /ip route), could you use: add distance=3 gateway=192.168.2.254 instead of: add distance=10 gateway=192.168.2.254 (im just trying to fully understand if there is a link between the sc...
by jo2jo
Wed Aug 29, 2018 7:25 am
Forum: RouterBOARD hardware
Topic: [Woobm] - Can't see characters while typing
Replies: 4
Views: 663

Re: [Woobm] - Can't see characters while typing

Im seeing this same issue on Termius (ios ssh/telnet client) - Im also seeing quite a few garbage characters (but ~95% of output is fine). Is it possible i need to set a specific charset in termius? (currently utf-8 ) (im testing the woobm on a CCR1009 's usb port). woobm is still a very handy / coo...
by jo2jo
Wed Aug 15, 2018 10:31 pm
Forum: Scripting
Topic: changing /system default-configuration script
Replies: 5
Views: 2562

Re: changing /system default-configuration script

I agree w pcdwarf, here is a related thread i started requesting the same thing (ie return to the prior MT default-config ability to configure a brand-new device over eth1, even if done in a secure, time limited, or otherwise, way).

viewtopic.php?f=2&t=117450
by jo2jo
Sun Aug 12, 2018 10:12 pm
Forum: General
Topic: VPN connection drops
Replies: 6
Views: 1170

Re: VPN connection drops

emma, next time this happens (ie peer failed to reply , and vpn wont connect), try this: on the vpn CLIENT side, go to ip , firewall, connections (big list of all connections). find the connection for your VPN servers's public IP (in the list above), and click REMOVE (the red "-" button) then see if...
by jo2jo
Sat Aug 04, 2018 8:48 pm
Forum: Scripting
Topic: Blacklist Filter (Development Topic)
Replies: 191
Views: 25152

Re: Blacklist Filter (Development Topic)

dave, maybe make a google forums entry where users (who plan to pay once you go live, which i realize may be a good while away) can submit their email address to you, easily and securely (easy for you to create/keep i mean). This way when you launch, you can send an email to all those who submitted,...
by jo2jo
Sat Aug 04, 2018 4:20 am
Forum: RouterBOARD hardware
Topic: How to PoE power CCR1009-7G-1C-1S+PC [SOLVED]
Replies: 3
Views: 1284

Re: How to PoE power CCR1009-7G-1C-1S+PC [SOLVED]

to add some info to this thread, i was disappointed to find out that my UBNT EdgeSwitch (24p / 250w) was unable to passive POE power my new CCR1009-7G-1C-1S+ (non passive cooling, full 19" version). This is the fault / limit of the UBNT Switch, as its specs show that it only allows up to 17w per por...
by jo2jo
Sat Aug 04, 2018 4:03 am
Forum: Scripting
Topic: Blacklist Filter (Development Topic)
Replies: 191
Views: 25152

Re: Blacklist Filter (Development Topic)

Hi, since I'm interested about the blacklist service and in order to evaluate whether it's useful to me, I'd like to know, what exactly is blacklisted? Who/what created such list of IPs? Thanks in advance. the dev of this script/list uses both publicly available lists of "bad" ips (spamhaus , malco...
by jo2jo
Fri Aug 03, 2018 8:26 am
Forum: Scripting
Topic: Blacklist Filter (Development Topic)
Replies: 191
Views: 25152

Re: Blacklist Filter (Development Topic)

I loved your service and used it, im def. willing to pay once you are live. Do you have anywhere we can sign up for an email alert or some info once the paid service is done/live? (subbing to this thread or the other main/closed thread will produce alot of "noise") tks
by jo2jo
Fri Aug 03, 2018 8:19 am
Forum: Scripting
Topic: Blacklist Filter update script
Replies: 632
Views: 105864

Re: Blacklist Filter update script

Thanks for running the service all these years and doing such a great job with the script and updates! ive really appreciated it. I too would pay 5 (maybe 10$) a month for this same service to continue. Is there anywhere we can signup for an email/alert when your paid service goes live? (other than ...
by jo2jo
Fri Aug 03, 2018 12:47 am
Forum: Scripting
Topic: Script check DNS serve is alive
Replies: 6
Views: 2753

Re: Script check DNS serve is alive

is there anyway to check a DNS request against a specific dns server? ( ie equivlent of linux: dig @192.168.1.117 -p53 netflix.com ) ? im trying to script (or netwatch) a check to confrim that a specific DNS server is working (ie its resolving dns queries) , else change the DNS the mikrotik uses. (a...
by jo2jo
Sun Jul 29, 2018 6:15 am
Forum: Scripting
Topic: Can't launch script from Netwatch
Replies: 14
Views: 5152

Re: Can't launch script from Netwatch

nothing to help yall with from me, but here is a relevant thread with more info on this same issue (i have alot of netwatch + script combos as well):
viewtopic.php?f=2&t=134538
by jo2jo
Sun Jul 29, 2018 5:54 am
Forum: General
Topic: Netwatch deprecated ? [SOLVED]
Replies: 48
Views: 8780

Re: Netwatch deprecated ? [SOLVED]

this is very concerning. netwatch is something admins depend on to keep their routers up/online and accessible. now i have a huge unknown floating around as we use netwatch to call scripts (since netwatch is too basic with a single ping to cause an action, so great mt scripts are the perfect solutio...
by jo2jo
Fri Jul 06, 2018 5:01 pm
Forum: General
Topic: Please add basic portScan tool ( port scanner scan )
Replies: 31
Views: 9824

Re: Please add basic portScan tool ( port scanner scan )

while i know it is wrong to " bump" your own thread, but on a weekly basis ( weekly is a bare minimum, sometimes daily basis) i need a portscan tool on ros. Its ridiculous having to look up mac-address OIDs and/or use /sys telnet port=x as a rough port scan tool to ID devices. Often when i come into...
by jo2jo
Sun Jun 17, 2018 8:04 am
Forum: Wireless Networking
Topic: AC equipment and spectral scan problem
Replies: 169
Views: 26718

Re: AC equipment and spectral scan problem

All the discussion in here are GREAT, really useful, detailed info and stats- thanks! I hope we can also keep the focus on AC Spectral scan (and when will it come MT??). pls, any kind of ETA or info?? I mainly do APs for end user clients/devices (ie building or apartment wifi), but i can add one of ...
by jo2jo
Sat Jun 16, 2018 7:48 am
Forum: General
Topic: Bridge taking mac of Virtual AP (even if not lowest mac)
Replies: 1
Views: 329

Re: Bridge taking mac of Virtual AP (even if not lowest mac)

to update- i got a reply from mt support- (in regurads to bridges, and them taking the mac address of a vAP over all other member ports): "currently it will assign the MAC address of the first interface that is up, virtual interfaces are a bit more likely to be up first." We do not have plans to chn...
by jo2jo
Fri Jun 15, 2018 9:31 pm
Forum: Wireless Networking
Topic: Wireless KeepAlive Frames ? and/or super high "last activity" on clients
Replies: 5
Views: 3581

Re: Wireless KeepAlive Frames ? and/or super high "last activity" on clients

is there any update on this (or mt reply) - im still seeing this, only on vAP wireless ints, and on 6.42.3 (on all types of mt wireless devices, ie wap AC and cap AC, amoung others)- all have KeepAlive frames enabled / is checked it doesnt seem to cause any issues, that i know of, but it does cause ...
by jo2jo
Fri Jun 15, 2018 2:50 am
Forum: General
Topic: Bridge taking mac of Virtual AP (even if not lowest mac)
Replies: 1
Views: 329

Bridge taking mac of Virtual AP (even if not lowest mac)

I have a bridge with ports: eth1 , wlan1 and a vAP (ap-bridge) interface of wlan1. (ros 6.42.3) Eth1 has the "lowest" mac of all, yet the bridge keeps taking the mac address of the vAP. (i read on the forums from user citing the manual- that a bridge with all defaults, will take the mac of the "lowe...
by jo2jo
Thu Jun 07, 2018 9:53 pm
Forum: General
Topic: No POE Power Cycle @ hEX POE
Replies: 14
Views: 3450

Re: No POE Power Cycle @ hEX POE

hi, I thought I confirm this in my opening post, but yes, ping power cycle does not work also ( seems to be any kind of automatic power cycling outside of manually by the user, switching from POE off to POE auto, does NOT work). A temporary, rough, work around, that I have been using is a script i w...
by jo2jo
Tue Jun 05, 2018 6:21 am
Forum: RouterBOARD hardware
Topic: CAP ac bad Antenna design?
Replies: 95
Views: 21316

Re: CAP ac bad Antenna design?

(duplicate of my post to other related thread, but info is relevant) hi, i wanted to post my limited wifi testing so far on the cap AC (good). I bought the unit from amazon a few days ago (most standard MT US sellers are out of stock). Running latest release, 6.42.3 (updated FW also). Im very impres...
by jo2jo
Tue Jun 05, 2018 6:20 am
Forum: Wireless Networking
Topic: Mikrotik CAP AC Performance Review
Replies: 45
Views: 18887

Re: Mikrotik CAP AC Performance Review

hi, i wanted to post my limited wifi testing so far on the cap AC (good). I bought the unit from amazon a few days ago (most standard MT US sellers are out of stock). Running latest release, 6.42.3 (updated FW also). Im very impressed so far with my limited tests (and i have other threads on here wi...
by jo2jo
Mon May 28, 2018 12:50 am
Forum: General
Topic: /ip route rules and mangle load balancing issues
Replies: 1
Views: 423

/ip route rules and mangle load balancing issues

We have been trying to stream-line the load balancing on some MTs we inheareted, however on some /ip route rules were manually added and we would like to remove them (but are having issues removing). There are 2x internet uplinks, of equal speed, both with Pub IPs. All local clients are on 192.168.4...
by jo2jo
Thu Apr 19, 2018 8:31 am
Forum: General
Topic: poe out, Power Cycle button never works
Replies: 6
Views: 1147

Re: poe out, Power Cycle button never works

interesting, well the issue /bug def. applies to all hex POE (on both 24v and 48v), ive now tested several of them. I had to end up writing a script that does a ping check and if down, will manually power cycle the ports (via /int eth poe ... on / off) . hopefully bug will be fixed soon with a rOS u...
by jo2jo
Fri Apr 13, 2018 12:42 am
Forum: General
Topic: New OID for CPU
Replies: 7
Views: 4578

Re: New OID for CPU

bump - (mt support ?) We still dont have consistency pre-CPU OID change (ie around 6.35). How do we access (via snmp OID) the CPU load % shown in /system resource print (ie the avg of X cores, instant value). This is not a minor issue, its very important to graph / have access to CPU % data. I appre...
by jo2jo
Wed Apr 04, 2018 7:41 am
Forum: General
Topic: Log all console commands [SOLVED]
Replies: 27
Views: 7174

Re: Log all console commands [SOLVED]

+1 pls
by jo2jo
Wed Apr 04, 2018 7:33 am
Forum: General
Topic: Logging topics description
Replies: 2
Views: 870

Re: Logging topics description

we will make a list of topic explanations this week. the manual will be updated http://wiki.mikrotik.com/wiki/Log still would like to see this added to wiki. (also a more clear example or explination of effects of having multipule topics in a rule, ie is it an AND or OR that will trigger the action...
by jo2jo
Tue Apr 03, 2018 11:08 pm
Forum: Wireless Networking
Topic: Wi-Fi speed issues on hAP AC Lite
Replies: 37
Views: 17656

Re: Wi-Fi speed issues on hAP AC Lite

On 6.40.5 wifi works with no problems. http://www.speedtest.net/result/7195844333.png Thanks for reply / info- Is this on a Hap AC (if so was the RB purchased recently)? Also, I’m assuming that this is via a three chain desktop/laptop AC adapter/client , right? ( as those are the down speeds I do s...
by jo2jo
Mon Apr 02, 2018 1:24 am
Forum: General
Topic: Please add basic portScan tool ( port scanner scan )
Replies: 31
Views: 9824

Re: Please add basic portScan tool

Will TheDude not save the situation? Not sure how theDude is relevant to this ( or thedude is just as relevant/irrelevant as manually running nmap outside ros ) , we are looking for a port scan utility to be added to routerOS, this way it is accessible directly from/on our various routerboards/rOSd...
by jo2jo
Sun Apr 01, 2018 7:07 am
Forum: General
Topic: Feature Request: Logging of all administrator user actions
Replies: 19
Views: 4153

Re: Feature Request: Logging of all administrator user actions

Plus 1 - I agree, even detail blogginglogging for even one admin user would be very useful and helpful (Ie more than the current logging of “firewall rule changed “would be helpful, Best would be exact print out of rule change from X to Y ) .
by jo2jo
Sun Apr 01, 2018 7:04 am
Forum: General
Topic: No POE Power Cycle @ hEX POE
Replies: 14
Views: 3450

Re: No POE Power Cycle @ hEX POE

Hi, I am seeing the same issue, see my thread on the same thing ( mt says they might look into it but they seem to be aware of the issue);

viewtopic.php?f=2&t=132238
by jo2jo
Fri Mar 30, 2018 7:12 am
Forum: General
Topic: Change multiple rules at same time?
Replies: 6
Views: 2991

Re: Change multiple rules at same time?

what is posted in first reply (or quoted below) does not work, or does not work with src-addy lists. command i tried: set src-address-list="list 2 2" [find src-address-list=list1] (also tried the way that would make logical sense): set [find src-address-list=list1] src-address-list="list 2 2" result...
by jo2jo
Thu Mar 29, 2018 11:37 pm
Forum: General
Topic: poe out, Power Cycle button never works
Replies: 6
Views: 1147

Re: poe out, Power Cycle button never works

I've used this on hex POE and hex POE lite. both works. POE is set to force on. it used as a switch though, not a router. if that makes any difference. Interesting , When you say is used as a switch, do you mean it’s running SWOS, or is it running routerOS (and using a bridge interface) What versio...
by jo2jo
Thu Mar 29, 2018 8:13 pm
Forum: General
Topic: poe out, Power Cycle button never works
Replies: 6
Views: 1147

Re: poe out, Power Cycle button never works

to update: i got a reply from MT support, and they said the only work around is to manually set poe-out to OFF, then back to AUTO/Forced-ON, and they hope to be able to fix the button in a ROS update soon.

(i guess this button is not used very often or else MT / others would have caught this).
by jo2jo
Sat Mar 24, 2018 10:05 am
Forum: General
Topic: Fasttrack & queue tree non-global queues
Replies: 4
Views: 1669

Re: Fasttrack & queue tree non-global queues

If I enable fasttrack on the router, they see 660 / 550 which is the limit of the microwave link to that router. Pretty significant difference. But, as soon as I enable fasttrack, the 25 and 50 mbps clients see unlimited as well even though the queue tree for them is not using global. Cwachs - i’m ...
by jo2jo
Wed Mar 21, 2018 5:54 pm
Forum: General
Topic: poe out, Power Cycle button never works
Replies: 6
Views: 1147

poe out, Power Cycle button never works

Ive never been able to see or get the Power Cycle command (in winbox) to work (or do anything at all). ie i should be able to click it, select eth4 , set duration to 5s or 10s, and then poe OUT on eth4 should be set to off, for 5/10s then come back on (to thus power cycle what ever device is getting...
by jo2jo
Wed Mar 21, 2018 6:08 am
Forum: General
Topic: /ip cloud (ddns + time) = Error: request timed out (90% of time)
Replies: 9
Views: 9549

Re: /ip cloud (ddns + time) = Error: request timed out (90% of time)

So it is up to some network guy on Mikrotik's (or their ISP) side to fix the routing issue, and everything will be fine. Did you try to clear DNS cache? 91.188.51.139 does not exist anymore and cloud.mikrotik.com is resolved to 81.198.87.240 We Still constantly see Error: request timed out (althoug...
by jo2jo
Tue Mar 20, 2018 6:22 am
Forum: RouterBOARD hardware
Topic: new mt poe SW - CRS112-8P-4S-IN POE question
Replies: 2
Views: 951

Re: new mt poe SW - CRS112-8P-4S-IN POE question

thanks for reply Mistry, I had ofcourse read that PDF and the specs page prior to posting (neither directly answer my question), however MT support replied to my email (with the same question), and the answer is: YES! this device (and i assume its 24 port version) CAN support 24v Passive POE on spec...
by jo2jo
Sun Mar 18, 2018 5:57 pm
Forum: General
Topic: Please add basic portScan tool ( port scanner scan )
Replies: 31
Views: 9824

Please add basic portScan tool ( port scanner scan )

Hi, I’ve been using routerOS since v 2.x (and LOVE IT), and have hundreds of mt s deployed, a feature I’m constantly in need of is even a bare-bones/basic built in port scanner: /tool portscan (or /tool portScanner) It doesn’t have to be powerful or advanced like nmap, nor fast, just a tool that can...
by jo2jo
Tue Mar 13, 2018 8:55 am
Forum: RouterBOARD hardware
Topic: new mt poe SW - CRS112-8P-4S-IN POE question
Replies: 2
Views: 951

new mt poe SW - CRS112-8P-4S-IN POE question

i still cant get an answer to this, on the new: CRS112-8P-4S-IN it has 2x DC plug inputs, so if you plug in a 24v DC in AND a 48v DC in, can you then *choose* Passive 24v POE on some ports, and 802.3at/af (active poe) on some ports? ie like you can do on a UBNT EdgeSwitch POE ? or is it all or nothi...
by jo2jo
Sun Feb 18, 2018 11:54 pm
Forum: General
Topic: /ip cloud (ddns + time) = Error: request timed out (90% of time)
Replies: 9
Views: 9549

/ip cloud (ddns + time) = Error: request timed out (90% of time)

Any one know what is up with /ip cloud (the mt DDNS and "update time" cloud service) and "Error: request Timed out"? Ive been seeing this over the past 12 months at just about every install i have done (installs on various ISPs ). *usually*, by hitting Force Update several times i can get a request/...
by jo2jo
Fri Feb 16, 2018 10:10 pm
Forum: Beginner Basics
Topic: ip neighbor 6.41, interface, discover-interface-list
Replies: 6
Views: 7721

Re: ip neighbor 6.41, interface, discover-interface-list

I was stumped at first too after 6.41 upgrade, until i found this thread. (perhaps a message in winbox or CLI pointing to new location/use of interface list , even if temporary, would be helpful). For about a week or 2 i had to settle for Mac-telnet / neighbor info being broadcast on WAN / public in...
by jo2jo
Thu Feb 15, 2018 6:34 am
Forum: General
Topic: New OID for CPU
Replies: 7
Views: 4578

Re: New OID for CPU

Also can someone please show where in the CLI we can access these OIDs (ie at what / run Print oid at)? i never used to have an issue using the OID from /sys resource pr oid (or /sys resour cpu pr oid) but as of recent ROS versions / recent deployments the CLI is returning OID that give error. tks
by jo2jo
Wed Feb 14, 2018 1:45 am
Forum: Wireless Networking
Topic: Wi-Fi speed issues on hAP AC Lite
Replies: 37
Views: 17656

Re: Wi-Fi speed issues on hAP AC Lite

All of the above posters seem to have in common that the half speed only happens on 2GHz. Please test 5GHz also. Also try to disable one of the chains and see what happens then. Im not sure how much real world proof you all need, but i have tested every consumer type (builtin wifi) device MT makes ...
by jo2jo
Wed Feb 14, 2018 1:43 am
Forum: Wireless Networking
Topic: Wi-Fi speed issues on hAP AC Lite
Replies: 37
Views: 17656

Re: Wi-Fi speed issues on hAP AC Lite

All of the above posters seem to have in common that the half speed only happens on 2GHz. Please test 5GHz also. Also try to disable one of the chains and see what happens then. Im not sure how much real world proof you all need, but i have tested every consumer type (builtin wifi) device MT makes ...
by jo2jo
Thu Feb 01, 2018 6:19 am
Forum: Announcements
Topic: MikroTik News February 2018 (Issue #80)
Replies: 65
Views: 17073

Re: MikroTik News February 2018 (Issue #80)

.. * new hAP ac² Dual Band Desktop AP, $69 ... Does this device provide more real WLAN throughput as the hAP ac (i saw never more than ~130MBit even if i had a 866MBit WIFI 5GHz connection) ? See this post: https://forum.mikrotik.com/viewtopic.php?f=7&t=113830 Im seeing same max speed issues (on ha...
by jo2jo
Thu Jan 04, 2018 1:39 am
Forum: Wireless Networking
Topic: Wi-Fi speed issues on hAP AC Lite
Replies: 37
Views: 17656

Re: Wi-Fi speed issues on hAP AC Lite

Notes: hAP AC Lite is 100mbps ethernet ports only. In order to go above 100mbps, I bonded 2 ports to my RB750Gr3. thanks soonwai, that is useful info and very detailed, but to be clear my speed issues/problems and testing are all on 5ghz. Ive never benchmarked 2ghz much as in most places its not ve...
by jo2jo
Sun Dec 24, 2017 3:54 am
Forum: Wireless Networking
Topic: Wi-Fi speed issues on hAP AC Lite
Replies: 37
Views: 17656

Re: Wi-Fi speed issues on hAP AC Lite

(only speaking of 5ghz performance below, we just about dont test for 2.4 bc of interference): I think this is either a HW issue (wireless chipsets used), or something in the ROS driver, but we contently see MUCH worse wifi speeds on mobile devices when comparing MT (wAP AC, hAP AC, hAP AC Lite) VS ...
by jo2jo
Mon Nov 27, 2017 11:15 am
Forum: The Dude
Topic: Dude windows .exe client change log?
Replies: 0
Views: 306

Dude windows .exe client change log?

I see the windows client (.exe) updating on download.mt.com (ie the .exe shows dude-install-6.40.5.exe) (ie it keeps with the ROS version), but the changelog here (https://wiki.mikrotik.com/wiki/Manual:The_Dude_v6/dude_v6.xx_changelog) shows only up to 6.39 , and says to watch the dude RC fourm post...
by jo2jo
Mon Nov 27, 2017 11:07 am
Forum: Announcements
Topic: MikroTik used by Amazon in their cloud datacenters
Replies: 34
Views: 18070

Re: MikroTik used by Amazon in their cloud datacenters

Super cool! MT and all us users must be on to something good finally :)

A thread with picts/notes of MT "sightings in the wild" would be miles long... for good reason!
by jo2jo
Mon Nov 20, 2017 5:17 am
Forum: General
Topic: Winbox Feature Req: Show Winbox Bandwidth usage at top
Replies: 5
Views: 1079

Re: Winbox Feature Req: Show Winbox Bandwidth usage at top

any plans to add this MT? winbox usage can easily get up into the 500k/s -1mbit range on large address-lists, dns cache, queue lists... users can forget and leave these open overtime and then wonder why their speeds at a site are taking a hit. even winbox with interface list can often use 100k/s tha...
by jo2jo
Sat Oct 28, 2017 9:14 am
Forum: General
Topic: WInbox feature request: drag and drop column order and right click column menu
Replies: 18
Views: 3277

Re: WInbox feature request: drag and drop column order and right click column menu

+1 in winbox pls! there are many columns that i like to have added, that may be long in length, so it would be great if we could arrange the columns so that we dont have to loose important columns if we want to see long length columns. (its really amazing the number of columns MT / Winbox allows us ...
by jo2jo
Sat Oct 28, 2017 3:49 am
Forum: General
Topic: My iWinbox app is released! Manage your RouterOS devices on iPhone/iPad and SNMP monitoring
Replies: 35
Views: 12541

Re: My iWinbox app is released! Manage your RouterOS devices on iPhone/iPad and SNMP monitoring

Would it ever be possible for your iWinbox app to also use Winbox port 8291 to access/communicate with a MT? or is winbox a closed protocol that MT has not released details/specs for? btw; i have bought the full , max, version of your app, mainly to support you!, as i dont have API nor API-SSL enabl...
by jo2jo
Sat Oct 28, 2017 3:25 am
Forum: Announcements
Topic: Tik App, MikroTik android utility ALPHA test
Replies: 425
Views: 144353

Re: Tik App, MikroTik android utility ALPHA test

Just wanted to put in another request for an iOS version. The only similar app on iOS requires use of the MT API which we disable on our default configs ( + the app is expensive), we would much prefer an even basic version for iOS by Mikrotik which uses winbox pt 8291 by default.

thanks
by jo2jo
Mon Oct 23, 2017 7:42 am
Forum: Scripting
Topic: Google Dynamic DNS update script
Replies: 4
Views: 4000

Re: Google Dynamic DNS update script

This is an EXCELLENT script, thanks to OP for the main script (+others who have made changes and posted here)!! my version/changes are tested working on rOS 6.40.4 and with Google Domains (Synthetic Records -> Dynamic DNS). below are some changes that I made that will maybe help others (it does what...
by jo2jo
Mon Oct 23, 2017 2:23 am
Forum: General
Topic: Feature Request: Copy Rule(s)
Replies: 3
Views: 1544

Re: Feature Request: Copy Rule(s)

add copy-from= Excellent, a few days ago i had to use my phone to SSH into a newly confg'd mt WIFI AP and needed to clone a /int wire sec profile to change a users WPA2 PSK , i was trying copy, duplicate but niether worked (nor did <tab> show them as options)... I eventually did a rough work around...
by jo2jo
Mon Oct 16, 2017 5:48 am
Forum: General
Topic: why ros SNMP returns /int comments= for name OID vs /int name= ?
Replies: 0
Views: 297

why ros SNMP returns /int comments= for name OID vs /int name= ?

Comments = comments Interface name = interface name so why does ROS return an interfaces' comments when the snmp oid for an interface name is queried? (this was a change made several ros ago, as in v4 or v5 and doesnt make any sense) ie: query name= via snmp, and you get the interfaces comment= , no...
by jo2jo
Fri Oct 13, 2017 2:19 am
Forum: The Dude
Topic: Export Map interval
Replies: 17
Views: 3947

Re: Export Map interval

I also wish this feature would return, we use various programs to display maps/graphs of network stats, and they all allow embedding/placment of iFrame and other items. Currently embeding a iframe for the WebFig based Dude map will work for a few minutes (via iframe) , but webfig login will time out...
by jo2jo
Mon Oct 09, 2017 10:45 pm
Forum: Beginner Basics
Topic: MUM presentations
Replies: 7
Views: 1596

Re: MUM presentations

Hello! I don't find any topic for this question. Therefore write here. I want to download all presentation from MUMs, but not be able found any resources with this. In MUM's presentations has many interesting information. Where may I find it? Sorry for my English. Also a good method, google search ...
by jo2jo
Sun Oct 01, 2017 9:24 am
Forum: General
Topic: LCD Display causing packet loss... what???
Replies: 14
Views: 1819

Re: LCD Display causing packet loss... what???

Im going to to a big, new thread on this tomorrow, but after 5 days of trying to figure out why only a Rb3011 was showing weird BW speed issues, the fix was to DISABLE THE LCD SCREEN. Im talking BW issues, during which CPU load is maxing at 30-40% tops, so not high load or high BW... but fix was to ...
by jo2jo
Sun Oct 01, 2017 1:51 am
Forum: RouterBOARD hardware
Topic: Redundant power inputs
Replies: 25
Views: 6189

Re: Redundant power inputs

newest RouterBOARD models support both PoE and Jack powering at the same time. When one of them will fail, other will continue to power the device. If the voltages will be different, it will use the higher one, and will switch to the other one when that one is removed. Basically redundant power. Th...
by jo2jo
Wed Sep 27, 2017 12:09 am
Forum: General
Topic: tool traffic-monitor - Interval? (ie how often executes?)
Replies: 0
Views: 299

tool traffic-monitor - Interval? (ie how often executes?)

how often does /tool traffic-monitor execute the on-event= action? ie if i set it to send an email if eth1 drops below 1mbit, is it as soon as it drops below 1mbit? will i get emails every 1s while it is below 1mbit? is it a 1min interval? also how is the bw reading calculated- is an AVG of x # of s...
by jo2jo
Tue Sep 26, 2017 10:30 pm
Forum: General
Topic: dhcp-client stuck in rebinding state when moved to new network
Replies: 4
Views: 9546

Re: dhcp-client stuck in rebinding state when moved to new network

Even as of rOS 6.40.3, Im still seeing this rebinding issue on various types of dhcp-servers (ie various types of devices that a rOS device is connected to as a dhcp-client). For example (in one configuration), if i power cycle a cable modem, in rOS the dhcp-client will go to rebinding as soon as th...
by jo2jo
Mon Sep 18, 2017 5:08 am
Forum: General
Topic: SNMP Get returns interface COMMENTS, not interface NAME
Replies: 0
Views: 472

SNMP Get returns interface COMMENTS, not interface NAME

I noticed at some point the ROS started returning an interfaces comments instead of the interfaces name when a snmp client queries the builtin ROS snmp server. This is pretty annoying as users often add comments to interfaces that have nothing to do with the interfaces proper name (which is why they...
by jo2jo
Mon Aug 28, 2017 10:13 pm
Forum: General
Topic: snmp security... private or authorized?
Replies: 6
Views: 2420

Re: snmp security... private or authorized?

hi, any chance MT could update the manual with info on the snmp "security" setting (none, authorized, private): https://wiki.mikrotik.com/wiki/Manual:SNMP read-access (yes | no; Default: yes) Whether read access is enabled for this community security (authorized | none | private; Default: none) writ...
by jo2jo
Wed Aug 09, 2017 7:43 pm
Forum: Announcements
Topic: v6.40.1 [current]
Replies: 74
Views: 23075

Re: v6.40.1 [current]

Everyone who sees log messages about PoE but did not see them in previous versions - There was no PoE-OUT logging topic in past RouterOS versions. It was just now introduced in 6.40 version. in my post (in regards to passive POE issues introduced only in 6.40.1) , im not referring to log messages, ...
by jo2jo
Tue Aug 08, 2017 12:51 am
Forum: Announcements
Topic: v6.40.1 [current]
Replies: 74
Views: 23075

Re: v6.40.1 [current]

After the upgrade to version 6.40.1 from 6.39.2, problems with PoE ports: 00:10:11 poe-out,warning ether4 detected poe-out status: short_circuit 00:10:13 poe-out,info ether4 detected poe-out status: wait_for_load 00:10:14 poe-out,warning ether4 detected poe-out status: short_circuit 00:10:14 poe-ou...
by jo2jo
Sun Aug 06, 2017 4:44 am
Forum: General
Topic: 802.11ac spectral scan
Replies: 158
Views: 32620

Re: 802.11ac spectral scan

I agree we still really need this , esp. on some of the latest RB hardware / products it's surprising it's not still supported.

Even an expected date or some kind of official comment would be helpful.
Thanks
by jo2jo
Tue Aug 01, 2017 11:04 pm
Forum: General
Topic: Default Config w Mac-Telnet disabled - Change Needed?
Replies: 7
Views: 1828

Re: Default Config w Mac-Telnet disabled - Change Needed?

Don't you think that the need to keep not so proficient users safe from possible security breaches outweighs your need for commodity on device deployment? Thanks for your comments and info on this topic, Yes, I do totally agree with this point above, which i why i have no issue with any of the othe...
by jo2jo
Tue Aug 01, 2017 8:13 pm
Forum: General
Topic: Default Config w Mac-Telnet disabled - Change Needed?
Replies: 7
Views: 1828

Re: Default Config w Mac-Telnet disabled - Change Needed?

If you don't like the factory default config, you can supply your own from within 'netinstall', and whatever you gaveit will become the new default for the device from then on. If you just want to make a couple minor changes to the factory default, export the factory default to an .rsc, and make wh...
by jo2jo
Thu Jul 27, 2017 1:13 am
Forum: Announcements
Topic: v6.40 [current]
Replies: 101
Views: 22674

Re: v6.40 [current]

I was SUPER happy and hopeful to see this: *) defconf - improved IPv4 default firewall configuration; but.... From the new Def_config.txt file: /ip neighbor discovery set [find name="ether1"] discover=no and filter add chain=input action=drop in-interface-list=!LAN comment="defconf: drop all not co...
by jo2jo
Thu Jul 27, 2017 1:12 am
Forum: General
Topic: Default Config w Mac-Telnet disabled - Change Needed?
Replies: 7
Views: 1828

Default Config w Mac-Telnet disabled - Change Needed?

One thing i used to love about MT devices, was how they had Mac-Telnet enabled on all interfaces, by default from the factory. this made it very easy for a remote admin, with just a single Mikrotik on a network, to allow customers to have new MTs shipped directly to the customer and provide them wit...
by jo2jo
Mon Jul 17, 2017 9:54 pm
Forum: Scripting
Topic: Blacklist Filter update script
Replies: 632
Views: 105864

Re: Blacklist Filter update script

thank you so much for putting all this work into this FREE project, that you offer for us. Its really great! Today i started getting the alarm on my rb3011 (great idea to singal updates btw!) , so i checked the log and went and found the required script update. So im now running the latest from OP o...
by jo2jo
Wed Jul 05, 2017 8:16 pm
Forum: General
Topic: Which queue type to use?
Replies: 2
Views: 1000

Re: Which queue type to use?

Thanks, This did help quite a bit and is what im using with success in my setup, however i still seem to be having issues with the "download-limit-at=Xmbit" setting, Even with "download limit at = 17500k" , Im still seeing packets queued when only 8.3mbit of data / usage are passing- This wouldn't b...
by jo2jo
Wed Jun 28, 2017 12:20 am
Forum: General
Topic: Feature Req: show Standard Deviation on Pings / in Ping Gui
Replies: 2
Views: 628

Feature Req: show Standard Deviation on Pings / in Ping Gui

When running cli: /ping x.x.x.x (Or in winbox tool ->ping) it would be great if in addition to Min / Max / Avg stats, you would also provide the STD (standard deviation among all the pings for that run). Much like how you provide STD on the EXCELLENT ROS v6 Traceroute tool. This would be very helpfu...
by jo2jo
Sat Jun 24, 2017 8:39 pm
Forum: General
Topic: Winbox Feature Req: Show Winbox Bandwidth usage at top
Replies: 5
Views: 1079

Winbox Feature Req: Show Winbox Bandwidth usage at top

Ie, at the top (where you can right click to add CPU usage/mem usage, Time and Uptime,) allow us to show the current bandwidth utilization of the winbox session. I know the Green Bars in the top right corner show if data is being sent across the winbox connection, but we really need to be able to se...
by jo2jo
Thu Jun 22, 2017 11:54 pm
Forum: General
Topic: Which queue type to use?
Replies: 2
Views: 1000

Which queue type to use?

Assume i have a 20mbit upload connection. (im only concerned with upload in this case/post). I want to have a queue setup such that 19mbit upload is the max that can be used. (thus leaving 1mbit free, and not maxing out the line) I have one simple queue named "A" which i want to be able to use all t...
by jo2jo
Mon Jun 19, 2017 8:17 pm
Forum: General
Topic: IP/Cloud doesn't perform auto-update
Replies: 19
Views: 16597

Re: IP/Cloud doesn't perform auto-update

Hi Please assist me with a script for No-IP portal. am currently on Version 6.39.2 (mipsbe) Thanks A simple google search for: mikrotik ddns script (or better yet i like to use on google : mikrotik ddns script site:forum.mikrotik.com ) will find your answer. here are some links from that search: ht...
by jo2jo
Sat Jun 17, 2017 11:53 pm
Forum: The Dude
Topic: Dude Network Map reset on discovery + Add default winbox password for discovery?
Replies: 8
Views: 2548

Re: Dude Network Map reset on discovery + Add default winbox password for discovery?

can anyone answer this? I dont see how a bunch of graphs of latency to mikrotik servcies (telnet ping, http ping) is useful beyond what can be done with snmp monitoring. The advantage dude provides is it can access winbox/ros data , so how do you allow dude discovery to know the login/pass to use? tks
by jo2jo
Sat Jun 17, 2017 10:41 pm
Forum: The Dude
Topic: Simple Dude Discovery Question - pls help.
Replies: 2
Views: 613

Simple Dude Discovery Question - pls help.

HOW do i set a profile/agent/group, so that i can set the ROS username/pass and *THEN* when i run Discovery it will find all ROS RBs and i wont have to manually enter each ROS username/pass Scenario: I have a dude server (CHR , on AWS, latest version) -- i have a VPN from there to a Site with 24 Ro...
by jo2jo
Sat Jun 17, 2017 9:30 am
Forum: General
Topic: 802.11ac spectral scan
Replies: 158
Views: 32620

Re: 802.11ac spectral scan

I really hope im missing something, but after seeing the potential of /int wire spectral-scan on some of our slightly older MT equipment (ie hAPac and Sextants) , we just deployed 12 x new OmniTik5 AC poe's (48v poe ones, not the older OmniTik 5ghz) For a client, and i went to run (6.39.2) : /int wi...
by jo2jo
Thu Jun 15, 2017 9:01 am
Forum: RouterBOARD hardware
Topic: 802.3 POE and PoE Out = Forced On ? (ie on new Omnitik 5 poe)
Replies: 2
Views: 602

Re: 802.3 POE and PoE Out = Forced On ? (ie on new Omnitik 5 poe)

Thanks, That is super helpful and informative! The main point i took away (and didnt know) was that *any* (not all) 802.3 compliant devices will accept power if they are provided with "passive" 48v. So that does help me understand how Forced-On might work @ 48v. I hope MT can chime in here, or updat...
by jo2jo
Thu Jun 15, 2017 7:59 am
Forum: Wireless Networking
Topic: New wireless registration details
Replies: 4
Views: 1206

Re: New wireless registration details

I have been wondering these same questions as well, Mikrotik- can you update the manual with an explination of the TX / RX rates as shown in /int wireless reg ?

or update this thread even?

thanks!
by jo2jo
Wed Jun 14, 2017 9:07 pm
Forum: General
Topic: IP/Cloud doesn't perform auto-update
Replies: 19
Views: 16597

Re: IP/Cloud doesn't perform auto-update

This is most certainly not meant that way. Your actual router must have the external IP. It will not detect changes on your gateways IP and we have no plans for such functionality. You can send your LAN IP if you want, via the "use-local-address" option if you want, but detection still applies only...
by jo2jo
Tue Jun 06, 2017 5:16 am
Forum: General
Topic: Winbox GUI Filter Feature / Button
Replies: 8
Views: 928

Winbox GUI Filter Feature / Button

Is my syntax off , or am i missing something when i try to filter an address , via the Winbox Filter, in /ip fire address-lists

(see attached screen shot)
reguardless of what i try to put here, i always end up with 0 results. (name filtering works fine however)

tks
winbox.JPG
by jo2jo
Tue Jun 06, 2017 2:25 am
Forum: General
Topic: Mangle Routing Mark for mt's builtin VPN Clients ?
Replies: 1
Views: 524

Re: Mangle Routing Mark for mt's builtin VPN Clients ?

EDIT: I decided to email MT support and got this helpful, quick reply from them: "You should have rules which puts routing mark on 1701 for L2TP and another routing mark for 1723 TPC and GRE 47 traffic." I had only been marking for 1701 UDP and proto GRE, so i will re-test with also marking for 1723...
by jo2jo
Mon Jun 05, 2017 1:58 am
Forum: General
Topic: Mangle Routing Mark for mt's builtin VPN Clients ?
Replies: 1
Views: 524

Mangle Routing Mark for mt's builtin VPN Clients ?

(mikrotik Routerboards on both sides of this connection) Side A is running MT's PPTP Server and L2TP server (both builtin Mikrotik, on this device's single, public IP) Side B (at a different location) is running PPTP-Client and L2TP-Client to Side A. (this all works great) On Side B im looking to us...
by jo2jo
Sat May 20, 2017 12:00 am
Forum: RouterBOARD hardware
Topic: 802.3 POE and PoE Out = Forced On ? (ie on new Omnitik 5 poe)
Replies: 2
Views: 602

802.3 POE and PoE Out = Forced On ? (ie on new Omnitik 5 poe)

On a Mt device such as the excellent / versatile new OmniTIK 5 poe (RBOmniTIKPG-5HacD ) - when the RB is powered with 802.3at (or af for that matter) - and you then plug in another 802.3af device (such as an IP camera)- How does “PoE Out = Forced ON” differ from “PoE Out = Auto ON” (or does it?) - a...
by jo2jo
Mon Apr 10, 2017 8:18 am
Forum: General
Topic: Feature request: CAPsManager - roaming
Replies: 79
Views: 23213

Re: Feature request: CAPsManager - roaming

+1 - i think the prior posts (esp. the last 2 posts) make very clear how important this feature set has become now (802.11k and 802.11r ), and it def should be at or near the top of mikrotik's ROS list. if it is/isnt, i really think we should at a min. get a offical reply from MT on the features tim...
by jo2jo
Mon Apr 10, 2017 8:15 am
Forum: General
Topic: Wireless beacon interval and DTIM missing
Replies: 17
Views: 5140

Re: Wireless beacon interval and DTIM missing

+1 -- really need this feature to cut down on wasted frequency when deploying alot of APs density for coverage reasons see this amazing info on how important this feature is (and that we def. should have it in a product as advanced at ROS) http://www.revolutionwifi.net/revolutionwifi/p/ssid-overhead...
by jo2jo
Sat Apr 08, 2017 12:01 am
Forum: RouterBOARD hardware
Topic: 960PGS availability
Replies: 7
Views: 1182

Re: 960PGS availability

any chance you could post a link? Or better, a reply from MT on when 960PGS will start shipping again to dealers (or have they been discontinued)? I just went through 11 different MT re-sellers (EU/USA - google: RB960PGS ) and only found one that shows it as in stock (not sure if this one is accurat...
by jo2jo
Thu Apr 06, 2017 1:44 am
Forum: RouterBOARD hardware
Topic: 960PGS availability
Replies: 7
Views: 1182

Re: 960PGS availability

Same exact issue here, i see users posting questions as far back as nov. 2016 (ie users have them / were able to get them). but ive been looking for RB960PGS (ie hEX POE w poe AF/AT) since dec 2016 - ive not been able to find them anywhere (in US). Places that show them as out of stock keep pushing ...
by jo2jo
Tue Apr 04, 2017 2:39 am
Forum: General
Topic: l2tp Tunnel ( 2x MTs) - enable IPsec and mt TX BW tests fail
Replies: 3
Views: 586

Re: l2tp Tunnel ( 2x MTs) - enable IPsec and mt TX BW tests fail

well, it was infact a MTU / MRU issue, i tried lowering the client side (l2tp-client interface) to 1300/1300 mtu/mru and the BW test works. I had stopped around 1380 when trouble shooting earlier (and lowering it incrementally and testing, but for some reason it needed to be REALLY low- so maybe its...
by jo2jo
Tue Apr 04, 2017 2:32 am
Forum: General
Topic: l2tp Tunnel ( 2x MTs) - enable IPsec and mt TX BW tests fail
Replies: 3
Views: 586

Re: l2tp Tunnel ( 2x MTs) - enable IPsec and mt TX BW tests fail

that has already been in place... even tried lowering MTU / MRU on client side and rebooting both sides.. see attached for proof (note the D bc of the ppp profile creating the rule). top is server, bottom is client side (in img) EDIT: see my reply below this one, it was a MTU/MRU - just needed to be...
by jo2jo
Sun Apr 02, 2017 12:18 am
Forum: General
Topic: l2tp Tunnel ( 2x MTs) - enable IPsec and mt TX BW tests fail
Replies: 3
Views: 586

l2tp Tunnel ( 2x MTs) - enable IPsec and mt TX BW tests fail

i have a central rb1200 (as a VPN server - ROS 6.38) , into which several MTs VPN-Client into. I also have ipSEC setup on this VPN server and use it often (from MTs , Win7 , iOS). Im currently setting up a hap AC LITE ( ros 6.38.5 ) - i was trying to see if there are any speed differences between no...
by jo2jo
Thu Mar 30, 2017 6:21 am
Forum: General
Topic: [Feature Request] UPnP client for ROS
Replies: 15
Views: 2994

Re: [Feature Request] UPnP client for ROS

I agree with this feature request - Espesically with how often ISP are now providing Modem/Router combo devices, it would be nice to be able to use a upnp client on ROS to punch a hole in a router that is infront of the mikrotik (ie to punch a hole for TCP 8291 for winbox for example).

tks
by jo2jo
Tue Mar 28, 2017 8:52 pm
Forum: General
Topic: dynDNS SCRIPT THAT WORKS
Replies: 13
Views: 20954

Re: dynDNS SCRIPT THAT WORKS

IMHO RouterOS should have native DynDns and NO-IP support. It's not allways possible to get rid of ISP device or use it as a bridge.

RouterOS *DOES* already have a solution to this/your issue- (via winbox) its under IP -> CLOUD (enable ddns) or via the CLI: /IP Cloud Print
by jo2jo
Tue Mar 28, 2017 2:01 am
Forum: General
Topic: dynDNS SCRIPT THAT WORKS
Replies: 13
Views: 20954

Re: dynDNS SCRIPT THAT WORKS

For simple DDNS requirements there is the built in DDNS under /ip cloud ? It's free and it works :-)

It's url is serial_numer.sn.mynetname.net

Great solution! i had forgot about this feature that MT added a while back! tks
by jo2jo
Sat Jan 28, 2017 10:52 pm
Forum: General
Topic: Change binding port on L2TP server/client
Replies: 3
Views: 919

Re: Change binding port on L2TP server/client

up! many reasons this is needed (esp for those that need to use a UDP based tunnel)
by jo2jo
Sat Jan 28, 2017 10:51 pm
Forum: Beginner Basics
Topic: L2TP client change destination port away from UDP 1701
Replies: 8
Views: 2003

Re: L2TP client change destination port away from UDP 1701

is this feature still not added as of 6.38.1? why can we not change the port L2TP uses?

I under stand we can add another MT but thats another point of failure and another device to have to manage (for just one simple feature request).

tks
by jo2jo
Tue Jan 10, 2017 8:34 pm
Forum: General
Topic: rOS w UPS package on APC SMT1500RM2U only getting partial UPS data (USB)
Replies: 3
Views: 888

Re: rOS w UPS package on APC SMT1500RM2U only getting partial UPS data (USB)

I'm hoping threads (and support emails) like this might bring it to supports/my Dev's attention, it's obviously something they need to add or tweak. I emailed Support about three weeks ago with as much information as I could provide (sup out and data from APC) but I never heard back from mt support....
by jo2jo
Sun Jan 01, 2017 1:27 pm
Forum: Scripting
Topic: Blacklist Filter update script
Replies: 632
Views: 105864

Re: Blacklist Filter update script

Just wanted to say THANK YOU for all your hard work on this list! its really excellent! and your decision to use dynamic address list entries is really sharp. (dynamic address entries simply means that on the address-list rules, he sets a timeout value, so that the mikrotik stores the address list i...
by jo2jo
Fri Dec 16, 2016 9:16 pm
Forum: Beginner Basics
Topic: frequent query upgrade.mikrotik.com
Replies: 11
Views: 1658

Re: frequent query upgrade.mikrotik.com

There was a bug on 6.33 early versions. You have .3. Upgrade and it should not do this anymore. It is simply re-trying when it should not. I dont understand your reply, so are you saying i should update via the Release Candidate channel? because this router is currently running the latest rOS, 6.37...
by jo2jo
Fri Dec 16, 2016 12:57 am
Forum: Beginner Basics
Topic: frequent query upgrade.mikrotik.com
Replies: 11
Views: 1658

Re: frequent query upgrade.mikrotik.com

im having this same issue, i noticed this was poping up in my remote syslog once every minute: 12-15-2016 16:55:11 Local7.Debug 192.168.4.210 dns VALvpn_RB_433_BACKUPmt__: done query: #1 upgrade.mikrotik.com 52.222.214.132 12-15-2016 16:55:11 Local7.Debug 192.168.4.210 dns,packet VALvpn_RB_433_BACKU...
by jo2jo
Sun Dec 11, 2016 10:34 pm
Forum: General
Topic: rOS w UPS package on APC SMT1500RM2U only getting partial UPS data (USB)
Replies: 3
Views: 888

rOS w UPS package on APC SMT1500RM2U only getting partial UPS data (USB)

hi, First off, let me say what a wonderful feature it is that MT offers the UPS extra package for rOS (and still keeps it updated going all the way back to roS 2.9.X !). It another element of how amazingly versatile rOS and mikrotik router-boards are. Im using a hAP AC Lite and rOS 6.37.3 (i have ot...
by jo2jo
Sun Nov 27, 2016 6:19 am
Forum: General
Topic: Wireless Sniffer streaming and @#$%@ TZSP
Replies: 8
Views: 3768

Re: Wireless Sniffer streaming and @#$%@ TZSP

hi, you need to have libpcap installed before you try to compile on linux (yum install libpcap-dev or apt-get ).

also look into:
https://gist.github.com/jabberd/b9d6a29098a5b8f1ee45

or see my post about stripping tzsp (wireless) here:
http://forum.mikrotik.com/viewtopic.php?f=7&t=95792
by jo2jo
Sat Nov 26, 2016 7:38 am
Forum: Wireless Networking
Topic: wireless sniffer streaming to a server
Replies: 5
Views: 2938

Re: wireless sniffer streaming to a server

hey, look into this: https://gist.github.com/jabberd/b9d6a29098a5b8f1ee45 The last step allowed me to convert tzsp captures (streaming from a mikrotik doing a streaming wireless sniff to a machine running wireshark/tcpdump , and capturing on its eth interface ) into .cap files that a fully readable ...
by jo2jo
Fri Sep 23, 2016 9:11 am
Forum: Wireless Networking
Topic: "Ghost" Clients staying in reg table for days even though they are way out of range and Last Act was days ago ??
Replies: 1
Views: 556

"Ghost" Clients staying in reg table for days even though they are way out of range and Last Act was days ago ??

Im seeing something weird, ive never seen before: When i check in on some WIFI APs i have in an apartment complex, im seeing lots of "ghost" client registrations in the /int wireless registration-table , table (see attachment to see ) - its the ones with Several days of "up-time" yet last activity i...
by jo2jo
Thu Sep 22, 2016 4:31 pm
Forum: Wireless Networking
Topic: RB/SEXTANT Cable hole
Replies: 13
Views: 2274

Re: RB/SEXTANT Cable hole

I am sorry you had this experience. The SEXTANT was one of our first designs, and we have improved a lot in our newest LHG, DynaDish and QRT models. Thanks for the reply Normis, its not that big of deal on the sextant, and you are right - small mistakes like this are bound to happen especially with...
by jo2jo
Thu Sep 22, 2016 4:01 pm
Forum: Wireless Networking
Topic: RB/SEXTANT Cable hole
Replies: 13
Views: 2274

Re: RB/SEXTANT Cable hole

Everyone is justifying the foolish planning and design of the Sextant's rj45 jack and wire entrance diameter on price and cost savings and value... none of those have anything to do with an flaw that could have been fixed easily and in-expensively at initial design *or* during initial testing (ie si...
by jo2jo
Tue Sep 20, 2016 1:57 pm
Forum: The Dude
Topic: 2 Dude developers
Replies: 9
Views: 3471

Re: 2 Dude developers

Hi,

did anything ever happen with this or the requested features? there are one or 2 features on there that i know we could use. (and also some of the requested feature i think already can be done with dude and mikrotik as is, perhaps through scripts and some creative solutions)

tks
by jo2jo
Sun Sep 18, 2016 7:06 pm
Forum: General
Topic: IPsec/L2TP - opening a 2nd connection kills 1st one
Replies: 7
Views: 4433

Re: IPsec/L2TP - opening a 2nd connection kills 1st one

Thanks for the reply. I understand what you are saying and totally agree. However I can say with certainty he that I have mixed every type of VPN Micro chipped supports in the exact same scenario with success, in some cases multiples of each VPN with success. It's only once I've added the IP sec wit...
by jo2jo
Sun Sep 18, 2016 1:03 pm
Forum: General
Topic: IPsec/L2TP - opening a 2nd connection kills 1st one
Replies: 7
Views: 4433

Re: IPsec/L2TP - opening a 2nd connection kills 1st one

if you see dynamically created policy then click copy and hit apply and then it will be static ?? i think your not understanding my issue, its the dynamic policy (on the remote Mikrotik VPN server ) that is causing my local mikrotik router's L2TP client *(NOT L2TP/IPsec, just L2TP)* interface to dr...
by jo2jo
Sat Sep 17, 2016 10:13 pm
Forum: General
Topic: IPsec/L2TP - opening a 2nd connection kills 1st one
Replies: 7
Views: 4433

IPsec/L2TP - opening a 2nd connection kills 1st one

I just upgraded to iOS 10 and thus lost PPTP VPN support, so i was forced to setup IPsec / L2tp on my (data-center) collocated mikrotik VPN server so that i could again have VPN on my iPhone. I also have a mikrotik at my home as my main router (as well as mikrotiks at many other locations of mine, a...
by jo2jo
Sun Sep 04, 2016 8:54 am
Forum: Wireless Networking
Topic: Wireless KeepAlive Frames ? and/or super high "last activity" on clients
Replies: 5
Views: 3581

Wireless KeepAlive Frames ? and/or super high "last activity" on clients

Can someone please explain what ENABLING or DISABLING wireless interface -> keepalive frames does? Mainly in the context of a mikrotik being used as an Access Point to consumer wireless devices (ie Phones, Tablets, Laptops of various types). the mikrotik manual's Description for this properly is bla...
by jo2jo
Sat Sep 03, 2016 10:48 am
Forum: General
Topic: Winbox 3.5 "Connect to ALL" feature not working
Replies: 1
Views: 804

Winbox 3.5 "Connect to ALL" feature not working

Hi, I would LOVE if this newly added (added in 3.0b releases) feature, "Connect To ALL" (when you select multiple saved or "Managed" Winbox entries. However every time ive tried to use it, it will only open a connection to one of my selections, but then does open X number of new winbox instances (ho...
by jo2jo
Thu Sep 01, 2016 2:54 am
Forum: General
Topic: Winbox stores all your saved passwords UN ENCRYPTED locally
Replies: 7
Views: 4269

Re: Winbox stores all your saved passwords UN ENCRYPTED locally

I WAS ABLE TO REMOTE IN TO MY PC AND CONFIRM THIS!! IF YOU DO SET A MASTER PASSWORD , IT SEEMS TO ENCRYPT (OR OTHERWISE OBFUSCATE ) THE SAVED "MANAGED" ENTRIES OF WINBOX ON YOUR LOCAL COMPUTER (i tested this by looking at the .CDB file , before and after setting a " Master Password" the file is un-r...
by jo2jo
Thu Sep 01, 2016 2:49 am
Forum: General
Topic: Winbox stores all your saved passwords UN ENCRYPTED locally
Replies: 7
Views: 4269

Re: Winbox stores all your saved passwords UN ENCRYPTED locally

There already is support for master password for some time. Hmm.. maybe he is right, i will check this in a few hours when i get back to my pc.. the only reason i say that maybe he is correct (ie setting a msaster password ENCRYPTS the saved entries stored on your pc) is because i found this post f...
by jo2jo
Wed Aug 31, 2016 8:34 pm
Forum: General
Topic: Winbox stores all your saved passwords UN ENCRYPTED locally
Replies: 7
Views: 4269

Winbox stores all your saved passwords UN ENCRYPTED locally

Hi, I know in winbox, when i do an export of my "Managed" tab entries the resulting .WBX file contains all my saved device passwords, un-encrypted in plaintext. That is fine for an export (as i just encrypt that .WBX file for storage). However when i import my .WBX file into winbox (after an winbox ...
by jo2jo
Tue Aug 23, 2016 2:29 pm
Forum: General
Topic: logging ARP changes
Replies: 2
Views: 691

Re: logging ARP changes

I would love to see this as well (arp logging option, ie when any changes are made to the arp table they can be logged via the standard mikrotik logging options)

tks
by jo2jo
Wed Jul 13, 2016 1:28 am
Forum: Wireless Networking
Topic: Mikrotik and Verizon LTE
Replies: 5
Views: 3229

Re: Mikrotik and Verizon LTE

Has anyone in the US gotten Verizon LTE to work (stable ly) on a mikrotik device? im in the same boat as the 2nd reply here,  in that we mainly (and love to) use all mikrotik devices, but have a need for a remote Verizon based access device and want to run this on mikrotik. I know there is the new S...
by jo2jo
Tue Jun 28, 2016 12:58 pm
Forum: Wireless Networking
Topic: Nest thermostat and setting the DTIM- and beacon interval
Replies: 5
Views: 4016

Re: Nest thermostat and setting the DTIM- and beacon interval

in terms of the beacon interval alone,  i dont see how that would in anyway affects the battery life of a client device (or a nest in your case).  Please correct me if im wrong but the beacon interval is essentially how often your AP transmits its SSID and other basic info like channel and B/G/N pro...
by jo2jo
Mon May 23, 2016 8:32 pm
Forum: The Dude
Topic: Dude Network Map reset on discovery + Add default winbox password for discovery?
Replies: 8
Views: 2548

Re: Dude Network Map reset on discovery + Add default winbox password for discovery?

EDIT: still dont have a solution to this beyond manually adding the same ROS login/pass over and over.

How do you tell DUDE which ROS user/pass to USE *before* it does its discovery.
by jo2jo
Mon May 23, 2016 4:10 am
Forum: Wireless Networking
Topic: Default Forward disabled, yet devices can still ping? [SOLVED]
Replies: 3
Views: 1390

Default Forward disabled, yet devices can still ping? [SOLVED]

It was my understand that when you disable (or uncheck in winbox) the Default Forward option , (for a wireless interface), this keeps any devices connected to that wireless interface from communicating DIRECTLY with each other? However, i have 2 x PCs, and connected them to a MT radio, with Default ...
by jo2jo
Mon May 23, 2016 1:03 am
Forum: The Dude
Topic: Dude Network Map reset on discovery + Add default winbox password for discovery?
Replies: 8
Views: 2548

Dude Network Map reset on discovery + Add default winbox password for discovery?

Hey ive been reading up and learning the dude and had 2 questions (im running the latest dude server 6.35.2): 1) why is it every time i run a new discovery my entire network map layout gets reset so all devices are ontop of each other , in the upper left corner? (there has to be a way to avoid this)...
by jo2jo
Mon Feb 01, 2016 11:35 am
Forum: General
Topic: Feature request: add Encryption to WiFi scan
Replies: 5
Views: 2312

Re: Feature request: add Encryption to WiFi scan

+1 for listing the type of Wireless Security used when running a Scan. While the "P" shows you that Security (or "privacy") is being used, it would be nice to know what type of Security (wep, WPA, WPA2 ect..). Just about every other type of scanner (or scan) provides this info in detail (even a basi...
by jo2jo
Fri Dec 25, 2015 9:29 am
Forum: General
Topic: Firewall technique / idea - feedback?
Replies: 13
Views: 1652

Re: Firewall technique / idea - feedback?

My original suggestion does -EXACTLY- what you want. You're re-inventing the wheel. State tracking does what you want automatically. Hi, I tried your exact rule and it did not accomplish the same as my rule ( for example i was able to ping google from the server with your rule, with my rules im not...
by jo2jo
Wed Dec 23, 2015 4:16 am
Forum: General
Topic: Firewall technique / idea - feedback?
Replies: 13
Views: 1652

Re: Firewall technique / idea - feedback?

Thanks for your reply, I do understand your analogy (including the "reverse" part) , however i dont personally agree with it- home routers and NAT mainly deal with port access control (tcp / udp ports) and private IPs, what im doing deals mainly with public IP related access control. In terms of my ...
by jo2jo
Tue Dec 22, 2015 3:41 pm
Forum: General
Topic: Firewall technique / idea - feedback?
Replies: 13
Views: 1652

Re: Firewall technique / idea - feedback?

What you're doing is eminently possible. Think about it - it's just like a "home" router plugged in backwards; your home router wouldn't allow any traffic in unless it's related to an outbound connection. I get what your saying, but even with a home router your PC *is* able to outbound connect to a...
by jo2jo
Mon Dec 21, 2015 9:16 am
Forum: General
Topic: Firewall technique / idea - feedback?
Replies: 13
Views: 1652

Re: Firewall technique / idea - feedback?

I had time to get this working, here are the firewall rules that accomplish what im talking about / trying to describe: (ignore that my in-interface is infact a BRIDGE, there is a reason specific to my setup that i have to use a bridge, normally on most setups this would be a normal Ethernet interfa...
by jo2jo
Mon Dec 21, 2015 7:49 am
Forum: General
Topic: Firewall technique / idea - feedback?
Replies: 13
Views: 1652

Re: Firewall technique / idea - feedback?

Thanks for your reply and your firewall example, Maybe I'm explaining it incorrectly, because you're one single firewall rule would not accomplish what I'm trying to do. For example if there's a virus on the server that is establishing outbound connections from the server to various other websites t...
by jo2jo
Sun Dec 20, 2015 11:22 am
Forum: General
Topic: Firewall technique / idea - feedback?
Replies: 13
Views: 1652

Firewall technique / idea - feedback?

I manage several Colo and dedicated servers at various data centers around the world, something we often do is physically place a mikrotik router inside of our Colo d server chassis and power it via a Molex and then connect the servers ethernet to the mikrotik and then the uplink from the data cente...
by jo2jo
Sun Aug 23, 2015 10:42 am
Forum: General
Topic: [6.10] Dynamic IPsec policies not deleted after disconnect
Replies: 8
Views: 2885

Re: [6.10] Dynamic IPsec policies not deleted after disconnect

Same issue here, the dynamic policy is created (as it should) from setting the l2tp server to use-ipsec and assigning a pre-shared key. however once the client disconnects from the l2tp/ipsec tunnel, the dynamic plolicy should be removed (and if the user re-connects from the same source IP, then it ...
by jo2jo
Fri Aug 14, 2015 6:13 pm
Forum: General
Topic: Feature request - DNSCrypt support...
Replies: 157
Views: 45512

Re: Feature request - DNSCrypt support...

this would be Amazing if ROS supported DNSCrypt. would really open up alot of potentail buyers to ROS just for this one feature in a home router that doesnt require alot of linux+setup.

tks
by jo2jo
Sat Jul 18, 2015 11:32 pm
Forum: General
Topic: IP address only active IF eth port is active?
Replies: 2
Views: 483

Re: IP address only active IF eth port is active?

Jarda: that is not an option in this scenario.
by jo2jo
Fri Jul 17, 2015 10:20 am
Forum: General
Topic: IP address only active IF eth port is active?
Replies: 2
Views: 483

IP address only active IF eth port is active?

I have a unique situation where a Mikrotik router is rack mounted onto a mobile cart (with wheels). It travels between an office and a remote location. When its at the office I need its ip address to be 192.168. 12.8 /24 , however when its at a remote location i need its IP address to be 192.168. 12...
by jo2jo
Sun Jul 12, 2015 9:15 am
Forum: RouterBOARD hardware
Topic: RB2011UAS Console Port to Cisco SW
Replies: 6
Views: 2272

Re: RB2011UAS Console Port to Cisco SW

FYI: I just purchased as CISCO Blue Rj45-to-RJ45 console cable (rj45 on both ends) and im still unable to get anything to show up on /sys serial-terminal port=serial0 on the RB2011UAS. MT: what is up with the RJ45 console ports on this specific Routerboard version (the RB2011)?? using the same, new ...
by jo2jo
Wed Jun 24, 2015 7:13 am
Forum: RouterBOARD hardware
Topic: RB2011UAS Console Port to Cisco SW
Replies: 6
Views: 2272

Re: RB2011UAS Console Port to Cisco SW

Have you tried a regular straight-through cat5? I should have stated this in my OP, but yes i have tried a regular cat5 as well as a crossover cat5 , neither give any input from the cisco SW via serial-console. thanks EDIT: i also have a db9 male to male gender changer, so i tried hooking Cisco RJ4...
by jo2jo
Tue Jun 23, 2015 4:01 am
Forum: RouterBOARD hardware
Topic: RB2011UAS Console Port to Cisco SW
Replies: 6
Views: 2272

Re: RB2011UAS Console Port to Cisco SW

Another, perhaps more clear way of asking my question is: Has anyone hooked a RB2011UAS (or any RB with a RJ45 Console port) to another device also with a RJ45 console port? (ie a cisco switch with a RJ45 console port, *not* a standard db9 console port) and if so how / what kind of cable did you use...
by jo2jo
Mon Jun 22, 2015 8:51 am
Forum: RouterBOARD hardware
Topic: RB2011UAS Console Port to Cisco SW
Replies: 6
Views: 2272

RB2011UAS Console Port to Cisco SW

Hi, the RB2011UAS has a rj45 console port on the back, im using a blue RJ45 cisco console cable to connect it to a cisco 2950 which also has a RJ45 "console port". Ive set the RB side baudrate to 9600/8/n/1 (as well as tried auto baud) and power cycle the cisco switch but i get no input on RB /syste...
by jo2jo
Sun Jan 04, 2015 11:40 am
Forum: General
Topic: Updates requireing a physical power cycle??
Replies: 0
Views: 388

Updates requireing a physical power cycle??

It seems as of ROS 5.x and ROS 6.x when updating Routerboards there are several that end up needing a physical power cycle or worse, they need a full netinstall (meaning the device has to be removed from the customer, with downtime, and brought to a shop/laptop with serial cable and windows OS). Im ...
by jo2jo
Fri Sep 26, 2014 9:36 am
Forum: General
Topic: Netinstall with EoIP/PXE: Not working?
Replies: 5
Views: 1983

Re: Netinstall with EoIP/PXE: Not working?

just wanted to follow up, the data-center got my pre setup rb433 and i was successfully able to run net install across the internet (via sstp tunnel and eoip tunnel + bridge) as described above in my post. worked great! quite a few **.***..**...** when it was sending the initial kernel for the RB120...
by jo2jo
Sun Sep 21, 2014 12:39 pm
Forum: General
Topic: Netinstall with EoIP/PXE: Not working?
Replies: 5
Views: 1983

Re: Netinstall with EoIP/PXE: Not working?

I know this is an old thread, but some others may find the point of the thread useful, as i did. I had a similar situation as OP where i needed to do a REMOTE netinstall to a RB 1200 that failed after updating from (routerboot 3.10 ) 6.11 to 6.19 , im not sure why this minor updated totally wiped my...
by jo2jo
Wed Sep 17, 2014 9:59 pm
Forum: General
Topic: 3 x routerboard WIPED and locked by ROS 6.11 to 6.19 upgrade
Replies: 0
Views: 364

3 x routerboard WIPED and locked by ROS 6.11 to 6.19 upgrade

i have lots of RBs deplyed and have been upgrading and using MT RBs since 2.9.51 but only recently with ros 6.19 have i seen upgrades been going horribly wrong. earlier in the week upgrading a rb 433 and a rb 493 from ROS 6.x to 6.19 cuased the devices to be locked after rebooting. This most recent ...
by jo2jo
Wed Sep 10, 2014 4:21 pm
Forum: General
Topic: mt to mt l2tp tunnels encrypted or not?
Replies: 1
Views: 733

Re: mt to mt l2tp tunnels encrypted or not?

To add some additional information, I did a /tool packet sniff of my public Internet interface of the packets of a mt to mt L2TP vpn tunnel connection with MPPE 128 shown as the "encoding" and then analyzed the .cap with wireshark. In wireshark I applied decode as L2TP on the entire l2tp handshake ,...
by jo2jo
Wed Sep 10, 2014 4:19 am
Forum: General
Topic: mt to mt l2tp tunnels encrypted or not?
Replies: 1
Views: 733

mt to mt l2tp tunnels encrypted or not?

i constatly read to use Ipsec across your l2tp tunnels for true encryption (which ive slowly been adding to each of my many l2tp links), and that data flowing across a l2tp tunnel is NOT encrypted . however i do not understand this line from the MT manual: L2TP is a secure tunnel protocol for transp...
by jo2jo
Wed Jan 01, 2014 2:40 pm
Forum: General
Topic: Centos / Linux on metarouter on RouterBoard (MIPSBE)
Replies: 3
Views: 4684

Centos / Linux on metarouter on RouterBoard (MIPSBE)

Im looking for a linux distro that can be run via metarouter, that is: a MetaRouter that give a standard linux prompt when connected to via SSH. I need the 'ping' command to work on this metaRouter instance, nothing more. This may seem like an unusual request/question, however my goal is to use Paes...
by jo2jo
Fri Jul 26, 2013 9:13 am
Forum: RouterBOARD hardware
Topic: rb 951-2n pwr and act green lights ON, no ethernet lights
Replies: 1
Views: 1018

rb 951-2n pwr and act green lights ON, no ethernet lights

i have a RB 951-2n that when powered on, both the power and the act light are solid green and stay on. none of the Ethernet lights light up, nor does the other side of the Ethernet link show a link. Ive tried holding the reset button prior to powering the device, and after powering the device, nothi...
by jo2jo
Sun May 05, 2013 8:49 pm
Forum: General
Topic: Cisco Blue Serial console cable to RB 433 or CCR-1016 serial
Replies: 4
Views: 5852

Re: Cisco Blue Serial console cable to RB 433 or CCR-1016 se

Hi, There are only routerboards in this scenario, my issue/question is with the serial port of the CCR-1016 (routerboard cloud router). no windows or PCs (maybe you thought i was trying to connect from my laptop to the RB? thats incorrect, im trying to go from the RouterBoard direct to the cisco con...
by jo2jo
Sun May 05, 2013 7:00 am
Forum: General
Topic: Cisco Blue Serial console cable to RB 433 or CCR-1016 serial
Replies: 4
Views: 5852

Cisco Blue Serial console cable to RB 433 or CCR-1016 serial

Hi, ive used serial-terminal to manage some Cisco switches VIA a router-board in the past, however its been a while. I searched and could not find an answer: Im able to connect to my cisco switch via RB 433's serial port by setting baud rate to 9600. it works great and i can manage the switch. howev...
by jo2jo
Sun Mar 31, 2013 12:30 pm
Forum: Wireless Networking
Topic: Battery Powered system (w110v ac charging), battery failure?
Replies: 6
Views: 2088

Battery Powered system (w110v ac charging), battery failure?

Hi, Im setting up a MT system (wireless) that will be powered (poe) from a ubnt tough-switch (puts 24vdc passive across the cat5 cable to MT rb).- The power source for the ubnt tough-switch and thus the MT units, will be direct from a 24v DC battery using this battery/charging/power source set: (Tyc...
by jo2jo
Fri Mar 29, 2013 12:16 am
Forum: General
Topic: USA mt Consultant
Replies: 5
Views: 795

USA mt Consultant

Hi, Can anyone suggest a mt consultant, in the USA, that they have had a good experience with? Ive contacted a few from the mt consultants list over the past 10 days but ive been having issue getting replies and/or getting pricing info (most haven't replied or reply, then dont follow up, so that has...
by jo2jo
Thu Mar 28, 2013 12:16 am
Forum: General
Topic: winbox always downloading plugins?
Replies: 2
Views: 3902

winbox always downloading plugins?

any idea what i can do to get it so that winbox doesnt always download plugins for ROS version i know ive used winbox to access before? can we just get a BIG winbox with all the plugins? its really annyoing to have to wait for 1mb of data transfers before you can admin your router. esp on slow conne...
by jo2jo
Tue Mar 19, 2013 6:50 am
Forum: Wireless Networking
Topic: 3x3 MIMO link speed problem.
Replies: 12
Views: 4653

Re: 3x3 MIMO link speed problem.

what kind of antennas / dishes?

tks
by jo2jo
Mon Feb 25, 2013 10:23 pm
Forum: Wireless Networking
Topic: Problem with mikrotik and IOS6
Replies: 46
Views: 39337

Re: Problem with mikrotik and IOS6

We are seeing this same issue. only solution that seems to be working on this issue is to not use Mikrotik for CPE (or anything that will be serving consumer devices as that WILL BE AN APPLE DEVICE of some kind). on a RB 711 n i have here for testing (actually 4 of them, all for testing), 6.0 RC9 an...
by jo2jo
Sat Feb 02, 2013 9:55 pm
Forum: Wireless Networking
Topic: 2 x mt-Sextant, 7 mile in bridge/station - CANT Mac-Telnet
Replies: 6
Views: 1844

Re: 2 x mt-Sextant, 7 mile in bridge/station - CANT Mac-Tel

That's actually incorrect, it appears from what I saw the firewall is on the Wanport. I actually went to the location today and climbed up the tower and when I plugged into the ethernet port I was able to winbox in over layer two, I then added an IP address to the wan interface and of course was abl...
by jo2jo
Sat Feb 02, 2013 8:15 am
Forum: Wireless Networking
Topic: 2 x mt-Sextant, 7 mile in bridge/station - CANT Mac-Telnet
Replies: 6
Views: 1844

Re: 2 x mt-Sextant, 7 mile in bridge/station - CANT Mac-Tel

i cant, i forgot to add an IP address to the WAN before i left (this is stated in the initial post), else i would not have this issue with mac-telnet as i could use telnet and IP.

tks
by jo2jo
Sat Feb 02, 2013 8:06 am
Forum: Wireless Networking
Topic: 5 Ghz P2P Link expected bandwith?
Replies: 21
Views: 3649

Re: 5 Ghz P2P Link expected bandwith?

you could quickly try a pair of MT Sextants or SXT's in 5ghz to rule out hardware or cable / antenna / power supply issues with your current setup.

they are very inexpensive 99$ a pc OR LESS and you can just use them for testing when you are done (or use them for the link)
by jo2jo
Sat Feb 02, 2013 7:58 am
Forum: Wireless Networking
Topic: 2 x mt-Sextant, 7 mile in bridge/station - CANT Mac-Telnet
Replies: 6
Views: 1844

2 x mt-Sextant, 7 mile in bridge/station - CANT Mac-Telnet

I just today setup 2 Mt sextants (RB 711-n 's are the hardware on sextants fyi). great link ,great quality. about 7 mile link, -69/-71 RSSI, great CCQ. the "client" side is in station mode, with the SSID set to the "AP" side's ssid. The other side (the side i CAN access) is in bridge mode. again all...
by jo2jo
Fri Feb 01, 2013 2:12 am
Forum: General
Topic: Winbox hangs downloading plugins
Replies: 1
Views: 2794

Re: Winbox hangs downloading plugins

when ive seen issues with direct connections to RB via winbox, its usually a sign of a too weak power supply, or a power supply that is failing / failed. (power supply to the router board that is).
by jo2jo
Tue Jan 22, 2013 11:20 pm
Forum: Wireless Networking
Topic: pasting commands from wiki = syntax errors
Replies: 2
Views: 1775

pasting commands from wiki = syntax errors

im trying to use some of these wiki layer 7 commands, but pasting them into terminal gives tons of syntax errors and usually the rule is added with just a name and no content. http://wiki.mikrotik.com/wiki/L7 for example, how can i get that bittorrent rule: /ip firewall layer7-protocol add comment="...
by jo2jo
Mon Jan 21, 2013 8:23 am
Forum: Wireless Networking
Topic: power supply IN by radio causing interference/noise?
Replies: 0
Views: 515

power supply IN by radio causing interference/noise?

Im curious if anyone has any input with regards to placing a (120v to 12vdc) or even a (POE(802.11af) to 12vdc) power supply, in the same enclosure as a radio (on a mt board) - thus the power supply is very close to the radio, could cause 2.4ghz or 5ghz noise or interference? i haven't noticed this ...
by jo2jo
Wed Jan 09, 2013 1:11 am
Forum: General
Topic: RB 951-2n bricked/unusable after RC6 update
Replies: 3
Views: 2864

RB 951-2n bricked/unusable after RC6 update

i had a RB 951-2n running ros 6.0rc5 and last night upgraded it to RC6. (all of this to address the nonstop wireless issues with this very buggy RB series). the led lights come on, as well as the Ethernet port indicator if i plug in a Ethernet cable. however i cant access or see the RB in anyway aft...
by jo2jo
Tue Dec 11, 2012 10:07 pm
Forum: General
Topic: slow l2tp VPN between two MT boxes?
Replies: 5
Views: 1704

Re: slow l2tp VPN between two MT boxes?

Im still seeing this same issue (it has never stopped, i just dont use MT for VPN) so i figured id re open this 6 yr old thread. now new locations, different datacenter, still same issue: bw test to IP of mikrotik, 15mbit down, 6 up ( 20/6 line). same bw test through a l2tp tunnel of the two MTs, 20...
by jo2jo
Tue Dec 11, 2012 7:02 am
Forum: RouterBOARD hardware
Topic: Rb951-2n trouble
Replies: 15
Views: 5196

Re: Rb951-2n trouble

I have several 951-2n 's (6 to be exact). Ive seen alot of issues with wireless on these units, 5.19 did seem to be an improvement over 5.16 but even with 5.22 wireless is not very stable. Reboots via winbox or cli at times result in the router hanging and a power cycle is required. I realize this i...
by jo2jo
Tue Nov 13, 2012 5:37 am
Forum: General
Topic: Mac-telnet rarely works anymore?
Replies: 5
Views: 1954

Re: Mac-telnet rarely works anymore?

still not resolved. Im seeing this right now on a RB 433 ros 3.30 to RB 532 ros 2.9.40 and also to a RB532 ros 2.9.51. all at same location, on same switch, can mac-ping but no mac-telnet in general mac-telnet- Some times it works, but 90% of the time it does not. Mac-Ping works and of course 1ms pi...
by jo2jo
Mon Nov 05, 2012 6:27 am
Forum: General
Topic: DO NOT USE CHANGEIP.com for dyn IP
Replies: 5
Views: 5789

Re: DO NOT USE CHANGEIP.com for dyn IP

Just because they state this 180 day issue in there terms doesnt mean i should be hesitant to bring this to the attention of anyone who may be using them or is thinking of using them. Requiring one to log in to a website has nothing to do with updating the IP address of your sub-DNS. Having your acc...
by jo2jo
Sun Oct 28, 2012 11:39 pm
Forum: General
Topic: DO NOT USE CHANGEIP.com for dyn IP
Replies: 5
Views: 5789

DO NOT USE CHANGEIP.com for dyn IP

a while back i setup several dynamic ips with changeip.com becuase the someone wrote a mikrotik script for it. Well i just WASTED about 6 hours reconfig many of my dynamic IP mikrotiks boxes because for some ridiculous reason change ip requires you to log in every 6 months (keep in mind i have had a...
by jo2jo
Sat Oct 27, 2012 10:27 pm
Forum: General
Topic: Mac-telnet rarely works anymore?
Replies: 5
Views: 1954

Re: Mac-telnet rarely works anymore?

anyone from mikrotik care to chime in? this is a pretty big issue for us.
by jo2jo
Wed Oct 24, 2012 2:29 am
Forum: General
Topic: Mac-telnet rarely works anymore?
Replies: 5
Views: 1954

Mac-telnet rarely works anymore?

Hi, I have lots of installs of mt equipment (100+ units). ive noticed over the past 6 months that the mac-telnet tool rarely works any more. (from mikrotik to mikrotik). I can always mac-ping. but mac-telnet will ask for username and password then say connected, and then disconnected. (never shows s...
by jo2jo
Tue Sep 25, 2012 2:20 am
Forum: General
Topic: ROS 5.0 -- new OIDs for memory-total/memory-used?
Replies: 14
Views: 8118

Re: ROS 5.0 -- new OIDs for memory-total/memory-used?

Im looking for an answer to this also.

How do we get the OID for CPU usage on ROS 5.x +

tks
by jo2jo
Mon Jul 23, 2012 10:15 pm
Forum: Scripting
Topic: Random password script...
Replies: 7
Views: 10351

Re: Random password script...

neither of these works on v 5.19.
by jo2jo
Mon Jul 23, 2012 10:02 pm
Forum: Scripting
Topic: Sniffer script not working ros 5.19
Replies: 1
Views: 1607

Sniffer script not working ros 5.19

any ideas why this isnt working? :local a "test"; /tool sniffer set file-name=/usb1/$a; /tool sniffer start :delay 300 /tool sniffer stop if i change the $a to anything else it works, this is what im truly going for: :local a [/system clock get date]; /tool sniffer set file-name=/usb1/$a; /tool snif...
by jo2jo
Sun Dec 18, 2011 12:44 am
Forum: General
Topic: Erase all command history
Replies: 3
Views: 804

Re: Erase all command history

any update on enabling this very very simple feature that many people ask for?

>????????
by jo2jo
Sun Dec 18, 2011 12:42 am
Forum: General
Topic: Clear user command history
Replies: 13
Views: 12104

Re: Clear user command history

You will see this is very common, in stead of addressing the issues MT will give some crazy work around that does not directly address you issue, but is enough to keep you quite for now.

SO no they do NOT feel like coding this feature many people on this board have asked for.

sad
by jo2jo
Wed Oct 19, 2011 11:58 am
Forum: RouterBOARD hardware
Topic: RB1100AH - new product
Replies: 101
Views: 28998

Re: RB1100AH - new product

Any update on when these (rb1100AH) will be out to the distributors?

thanks
by jo2jo
Tue Oct 11, 2011 6:54 pm
Forum: General
Topic: L2TP Tunel through specific interface
Replies: 18
Views: 5617

Re: L2TP Tunel through specific interface

wifi442: tks for the post, but that network diagram does not apply to this bc you can easily put static routes for all those internal private IP subnets, and the problem is solved and traffic directed as tell it. i cant do specific static routes for public IPs as i dont know the IP the VPN client wi...
by jo2jo
Tue Oct 11, 2011 6:51 pm
Forum: General
Topic: L2TP Tunel through specific interface
Replies: 18
Views: 5617

Re: L2TP Tunel through specific interface

hi, thanks change, what you are tying to do is exactly what im trying to do. I just described it as leaving via a specifed outgoing interface becuase you can already set the incoming interface based upon the public IP the VPN client dials into the mikrotik on. So were you ever able to get your examp...
by jo2jo
Tue Oct 11, 2011 5:06 pm
Forum: General
Topic: L2TP Tunel through specific interface
Replies: 18
Views: 5617

Re: L2TP Tunel through specific interface

well still a very weak answer for MT support to give, OF CORSE IVE TRIED MARKING UDP 1701/1700 this was clearly pointed out to MT support. And ofcorse that does not work on the internal VPN. If im running a VPN server ON MY COMPUTER, this works fine, and ive tested it. THE PROBLEM BECOMES WHEN YOU N...
by jo2jo
Mon Oct 10, 2011 5:14 pm
Forum: General
Topic: L2TP Tunel through specific interface
Replies: 18
Views: 5617

Re: L2TP Tunel through specific interface

Does this mean something to anyone in terms of a real applicable rule, please: Hello, To reroute L2TP over specific gateway. Add routing-mark=route_via_154 in output chain for all l2tp traffic. Then all traffic will be routed over second gateway. Also since you have two IP addresses on the interface...
by jo2jo
Mon Oct 10, 2011 4:45 pm
Forum: General
Topic: L2TP Tunel through specific interface
Replies: 18
Views: 5617

Re: L2TP Tunel through specific interface

maybe I am not asking the question right, but I ignored your answer because it has nothing to do with my question. I am not talking about connecting 2 locations. I'm talking about a vpn, I need to make it so the mt vpn server response over the given public gateway / interface forget about everything...
by jo2jo
Sat Oct 08, 2011 12:11 am
Forum: General
Topic: l2tp tunnels with multiple internet connections issues
Replies: 11
Views: 4234

Re: l2tp tunnels with multiple internet connections issues

so you have 2 public Gateways on one mikrotik, and if dial vpn into public IP1 it talks back on public IP1? you see if they are close, and the same isp, this will work bc of router fancyness done by the ISP. (as ive seen at my Datacenter) can you post your rules maybe if its short?? tks here is ip f...
by jo2jo
Fri Oct 07, 2011 11:54 pm
Forum: General
Topic: l2tp tunnels with multiple internet connections issues
Replies: 11
Views: 4234

Re: l2tp tunnels with multiple internet connections issues

Hi that is correct. (your network map with isp 1 isp2) Also every rule i have been testing is always moved to the top so that is not the issue. THe main problem i every have is not the action, its getting the rule to be qualified (and thus see the packet counter go up) most of these tests the packet...
by jo2jo
Fri Oct 07, 2011 5:15 pm
Forum: General
Topic: l2tp tunnels with multiple internet connections issues
Replies: 11
Views: 4234

Re: l2tp tunnels with multiple internet connections issues

hi, here is the rule ive added, it doesnt seem to do anything to change this issue. /ip route rule add action=lookup disabled=no src-address=69.xxx.xxx.xxx/29 table=route_via_154 routevia154 is a routing rule that i successfully use to direct other servers out via the correct public IP gateway. Im s...
by jo2jo
Fri Oct 07, 2011 4:56 pm
Forum: General
Topic: L2TP Tunel through specific interface
Replies: 18
Views: 5617

Re: L2TP Tunel through specific interface

anyone know how to route the vpn listen server (if you search this question has been asked about 10 times, mikrotik support never replies or helps on this question which leads me to think it is a bug they do not want to acknowledge.) how about answering this outstanding issue vs asking more question...
by jo2jo
Fri Oct 07, 2011 11:09 am
Forum: General
Topic: L2TP Tunel through specific interface
Replies: 18
Views: 5617

Re: L2TP Tunel through specific interface

mikrotik support replied with this (does anyone know what this means?) I have asked for clarification, and i tried a few rules around this comment but no success: ------ Hello, To make it work set up nat rule to ro change source address of l2tp packets, then it will go out on correct interface. ----...
by jo2jo
Fri Oct 07, 2011 8:51 am
Forum: General
Topic: Plans for metaRouter on RB 1200?
Replies: 1
Views: 1029

Plans for metaRouter on RB 1200?

are there any plans on future RouteOS versions to support metarouters? this would be so great and is important considering that the RB1200 is the fastest mikrotik router made and Virtual machines need power to scale. I love my RB1200 btw and suggest them to anyone that has a server in a data-center ...
by jo2jo
Fri Oct 07, 2011 8:34 am
Forum: General
Topic: L2TP Tunel through specific interface
Replies: 18
Views: 5617

Re: L2TP Tunel through specific interface

Has anyone figured out how to do this on a single mikrotik device? i see how the OP did this with 2 Routerboards, but i have 2 public IP gateways on one RB1200 and i need to do l2tp tunnels on the 2nd interface but i cant get any of my mangle rules to grab and mark that traffic. does anyone have a m...
by jo2jo
Fri Oct 07, 2011 8:25 am
Forum: General
Topic: l2tp tunnels with multiple internet connections issues
Replies: 11
Views: 4234

Re: l2tp tunnels with multiple internet connections issues

Im trying to get past this same issue as well, ive tried all kinds of mangle rules but none of them can see the mikrotik's own l2tp traffic. I do have a server that is behind the router properly being connection marked, then routing marked via a separate public gateway. So that part is working, my p...
by jo2jo
Tue Oct 04, 2011 3:32 am
Forum: General
Topic: CPU usage "/tool profile" vs. "/system resources"
Replies: 14
Views: 14709

Re: CPU usage "/tool profile" vs. "/system resources"

I have a rb1200 in a datacenter and was wondering about this despondency that im seeing too. After upgrading to 5.7 from 5.2, overall the router is using much less cpu (i was never maxing out before tho). This is just a guess, but are these CPUS dual cores maybe? (my RB1200, which i bought a month a...
by jo2jo
Thu Sep 29, 2011 3:03 am
Forum: General
Topic: 2 Public Gateways?
Replies: 5
Views: 984

Re: 2 Public Gateways?

Thats what i was looking for in my orginal post but ppl are hesitant to post configs here, anyway here is my config i just ended up doing simple routing marks which are not in the wiki (the wiki is a better setup that allows true load balencing and failover.) but in my sistuation i was simply routin...
by jo2jo
Sun Sep 25, 2011 4:16 am
Forum: General
Topic: 2 Public Gateways?
Replies: 5
Views: 984

Re: 2 Public Gateways?

i got it! i had the gateway IP wrong, i knew i had the simple mangle rules done properly. you need to makr connection of src IP and in interface, then in 2nd rule mark routing of any packets with the connection mark set in rule 1 to routingmarkX. then set your gateway to only be used for routing mar...
by jo2jo
Sun Sep 25, 2011 4:12 am
Forum: General
Topic: 2 Public Gateways?
Replies: 5
Views: 984

Re: 2 Public Gateways?

Hey, Ive tried for days to implement the wiki policy routing but ive never been able to get it.

Can some one help me with just this speicifically:

if src IP address is 192.168.97.2 than route via public gateway 2 (64.54.55.2 for example).

thanks very much!
by jo2jo
Fri Sep 09, 2011 10:16 pm
Forum: RouterBOARD hardware
Topic: RB1200 Deception
Replies: 18
Views: 7820

Re: RB1200 Deception

I also have a RB1200 I just put into service and i'm very supprised at the poor CPU preformance thus far. I have only one firewall rule, accept all router does masquerading for a private IP server that is running a web hosting server (streams videos). Bandwidth is ~150mbit, 150 out uplink ethernet p...
by jo2jo
Fri Sep 09, 2011 11:13 am
Forum: General
Topic: 2 Public Gateways?
Replies: 5
Views: 984

2 Public Gateways?

Hi, I just got a RB1200 at one of my datacenters for my colo servers. There are 2 servers plugged into the rb1200 server a : 192.168.88.2/24 (rb1200 ip 192.168.88.1 ) server b: 192.168.97.2/24 (rb1200 ip 192.168.97.1 ) There are 2 Public IP up-links going to the rb1200 up-link a : 69.25.54.146/29 (....
by jo2jo
Mon Jul 18, 2011 8:35 am
Forum: Virtualization
Topic: New / Quick Question to MetaRouter
Replies: 1
Views: 1672

New / Quick Question to MetaRouter

I'm running mt hotspot connected to a (this box handles CC/payment web pages and radius logins) Linux, fedora 11 box that runs apache, mysql, freeradius, and a custom script. I would love to eliminate this physical machine and run it on a MetaRouter image. I've read alot so far on metarouter and I h...
by jo2jo
Fri Jul 08, 2011 8:46 pm
Forum: General
Topic: Hotspot Bridge Port
Replies: 13
Views: 3389

Re: Hotspot Bridge Port

Thanks that fixed the issue for me!
by jo2jo
Fri Jul 08, 2011 2:16 am
Forum: General
Topic: Hotspot Bridge Port
Replies: 13
Views: 3389

Re: Hotspot Bridge Port

Hi, I wanted to bump this thread as im having the same issue. I just moved my HS from 2.9.51 (where clicking on a host in ip->hotspot->hosts would show the correct bridge port which in my case are EoIP tunnels). Now on v5.5 everything works great (better Hotspot performance under heavy load too!) bu...
by jo2jo
Thu Jun 09, 2011 10:54 pm
Forum: RouterBOARD hardware
Topic: RB450G Gigabit problem
Replies: 11
Views: 6142

Re: RB450G Gigabit problem

Im having this same issue with equipment I co-located at 2 different data centers. Both have a 450G in-front of the server, BOTH are NOT ABLE TO LINK at 1gbit. At one datacetner they even ran a BRAND new cat6 cable to no avail. Ive tried every Ethernet port setting, on both sides, the link never com...
by jo2jo
Tue Nov 23, 2010 4:44 pm
Forum: General
Topic: RX Drops 450G v4.13
Replies: 8
Views: 2847

Re: RX Drops 450G v4.13

CONFIRMED FIXED, no more RX DROPS (never had any TX drops from start) so no drops at all now.

nice!
by jo2jo
Tue Nov 23, 2010 12:08 am
Forum: General
Topic: RX Drops 450G v4.13
Replies: 8
Views: 2847

RESOLVED Re: RX Drops 450G v4.13

this is resolved somewhat: first when i tried the option above of setting the port to 100mbit, the status showed 100mbit, even through router restarts. I had the datacenter change the cables, and ports on the 450G...same problems with RX drops. I then tried to set the port (going to the server) to 1...
by jo2jo
Sat Nov 20, 2010 1:06 am
Forum: General
Topic: RX Drops 450G v4.13
Replies: 8
Views: 2847

Re: RX Drops 450G v4.13

Hi, thanks for the reply, I made the settings after your post (set both ports to 100mibt ), and now about 15 hours later im still seeing the RX drops on both interfaces. another point that is unusual is its ONLY RX drops, not TX. On the port to the server its the RX that gets all the activity, on th...
by jo2jo
Fri Nov 19, 2010 5:47 am
Forum: General
Topic: RX Drops 450G v4.13
Replies: 8
Views: 2847

RX Drops 450G v4.13

I have a RB450G that is in-front of a collocated web server that mainly streams videos from a website, it averages 30-60MBIT 24/7. It also does nat Masquerading (as i have the server on a private IP ) and 3 DST-NAT Netmap rules (port 80, 443, video port) thats about it as far as rules. the cpu usage...