Community discussions

MikroTik App

Search found 189 matches

by toxicfusion
Sat Nov 28, 2020 2:44 am
Forum: Announcements
Topic: MikroTik newsletter November 2020 (#98)
Replies: 51
Views: 8020

Re: MikroTik newsletter November 2020 (#98)

Correct me if I am wrong, but isn't the new wAP AC now identical to the cAP AC? Except cAP AC has PoE out on the 2nd port and is $20 cheaper. Are we really paying +$20 for a different case? I hope MikroTik can give real answer to this on the 'improvements' Perhaps they're all moving to ARM chipset ...
by toxicfusion
Wed Oct 14, 2020 5:21 pm
Forum: RouterBOARD hardware
Topic: NetMetal AC2 enclosure - Rj45 feed-thru?
Replies: 4
Views: 229

Re: NetMetal AC2 enclosure - Rj45 feed-thru?

BaseBox 2 and BaseBox 5. Regards. Understood. Those are same enclosure as The NetMetal. but there are rubber grommets at bottom where you slice and slide ethernet cable through. I'm asking if anyone has modified and instead used a better design and attached RJ47 feed-thru gland connectors IE: https...
by toxicfusion
Wed Oct 14, 2020 7:09 am
Forum: RouterBOARD hardware
Topic: NetMetal AC2 enclosure - Rj45 feed-thru?
Replies: 4
Views: 229

Re: NetMetal AC2 enclosure - Rj45 feed-thru?

I not have experience with NetMetal enclosures, but yes with BaseBox/NetBox enclosures and works perfect.

Regards.
Could you tell me what brand or provide me with web link to the feed-thru connectors you used?
by toxicfusion
Wed Oct 07, 2020 6:00 pm
Forum: RouterBOARD hardware
Topic: NetMetal AC2 enclosure - Rj45 feed-thru?
Replies: 4
Views: 229

NetMetal AC2 enclosure - Rj45 feed-thru?

Hello, Does anyone have experience with the NetMetal type enclosures and finding out-of-the-box compatible RJ-45 Feed-thru Glands that Fit?? I bought some, but I would need to use a step drill to slightly enlarge the bottom case hole. As well as reshape the sealing washer to make a secure fitment. A...
by toxicfusion
Mon Sep 07, 2020 6:29 am
Forum: Wireless Networking
Topic: WIFI 6 Roadmap
Replies: 36
Views: 26420

Re: WIFI 6 Roadmap

Unless Normis & Co, hire bpwl to start writing legible documentation and more importantly help the coders apply a logical approach to 'Tuning' existing wifi and future wifi, and assist in the move to other newer wifi generations, the MT wifi product line will continue to frustrate most users. We do...
by toxicfusion
Thu Sep 03, 2020 10:18 pm
Forum: Wireless Networking
Topic: NetMetal ac² Antennas Question
Replies: 10
Views: 554

Re: NetMetal ac² Antennas Question

Reply from Mikrotik

"NetMetal ac^2 has RP-SMA Female connectors. There is no restrictions, that only dual-band antennas should be used, but it would be advised to use them."
Cool - that is great they further clarified and mentioned requirement / suggestion of dual-band antenna's.
by toxicfusion
Thu Sep 03, 2020 12:11 am
Forum: Wireless Networking
Topic: NetMetal ac² Antennas Question
Replies: 10
Views: 554

Re: NetMetal ac² Antennas Question

Thank you for the confirmation! Enjoy your new stuff!
Welcome! And thank you. I'll maybe get to enjoy; it's going to customers site!

Also get to try the mANTBOX 12s sector! :)
by toxicfusion
Wed Sep 02, 2020 10:47 pm
Forum: Wireless Networking
Topic: NetMetal ac² Antennas Question
Replies: 10
Views: 554

Re: NetMetal ac² Antennas Question

Update -

The MikroTik NetMetal AC2 description is wrong. It has RP-SMA female connectors and uses RP-SMA male connector antenna's.

The antenna's I purchased as extra work 100% they are male RP-SMA's.
by toxicfusion
Wed Sep 02, 2020 8:03 pm
Forum: Wireless Networking
Topic: Wi-Fi performance bad on RB4011 - possible misconfig
Replies: 125
Views: 15712

Re: Wi-Fi performance bad on RB4011 - possible misconfig

Hi guys Ii have an RB 4011iGS. I have a pair of of MikroTik cAPac s connected by Cat 6a cable to the 4011. All three devices are running the latest release Rb 6.4.7.2. The cAPsc are managed by the 4011 using CAPs Man. My home internet service is a steady 150 Mbps. All devices that are connected to ...
by toxicfusion
Wed Sep 02, 2020 7:59 pm
Forum: Wireless Networking
Topic: NetMetal ac² Antennas Question
Replies: 10
Views: 554

Re: NetMetal ac² Antennas Question

I will let you know shortly! I am also confused by their description!! the MW-RP-SMA-52-ANT-5 are to arrive any minute... out for delivery. I check and test asap. I already have the MikroTik HGO's connected and spares for another incoming NetMetal AC. But I ordered four(4) MW-RP-SMA-52-ANT-5 antenna...
by toxicfusion
Wed Sep 02, 2020 7:50 pm
Forum: General
Topic: How to connect switches and router - planing network architecture
Replies: 3
Views: 718

Re: How to connect switches and router - planing network architecture

I Agree with anav, for amount of traffic in this network, solution 1 should and would be best option/solution. However, the core fiber switch will be single point of failure. same goes for single router. Perhaps have two(2) core distribution switches as well as dual access switches. Depending on ven...
by toxicfusion
Wed Sep 02, 2020 4:33 pm
Forum: Wireless Networking
Topic: NetMetal ac² Antennas Question
Replies: 10
Views: 554

Re: NetMetal ac² Antennas Question

You make valid point. I suppose it goes to usage case of that specific NetMetal Ac2 Unit. If you attach say mANT 15s antenna, then you only enable the 5Ghz part of the wireless radio/card and leave 2.4Ghz interface disabled. Honestly i do not know answer 100%, this is me reading between the MikroTik...
by toxicfusion
Wed Sep 02, 2020 4:30 pm
Forum: Wireless Networking
Topic: After enabling multicast-helper mt wireless bridges dont work anymore
Replies: 20
Views: 979

Re: After enabling multicast-helper mt wireless bridges dont work anymore

iam not shure this is possible on a capsman managed cap ill try.
Provision another SSID on your Caps using CapsMan. Create a new Config.

Then on your station-bridge AP -- tell it to connect to that new SSID.
by toxicfusion
Wed Sep 02, 2020 4:28 pm
Forum: Wireless Networking
Topic: After enabling multicast-helper mt wireless bridges dont work anymore
Replies: 20
Views: 979

Re: After enabling multicast-helper mt wireless bridges dont work anymore

Im really confused why using mikrotik wireless bridge on your printer(s)???

What about instead using an actual wireless print server adapter?
by toxicfusion
Wed Sep 02, 2020 5:45 am
Forum: Announcements
Topic: WinBox v3.25 released!
Replies: 68
Views: 6352

Re: WinBox v3.25 released!

Newer WinBox versions shouldn't break client's routers running stable, older ROS versions, disconnecting CAPs or whatever else the current version is able to kill or mess up with. Or atleast there should be some warning regarding this, when it encounters unsupported (anymore) ROS versions instead o...
by toxicfusion
Wed Sep 02, 2020 2:09 am
Forum: General
Topic: Forum redirect to https://forum.mikrotik.com:80/
Replies: 7
Views: 495

Re: Forum redirect to https://forum.mikrotik.com:80/

Thanks for the honesty!! More importantly Does bpwl have a wifi contract yet to help MT....................
Start a crowdfunding campaign if you need cash to hire him, Ive got $20 ready to donate as we speak.

I'll contribute to this..... I'm 100% on-board for said suggestion.
by toxicfusion
Tue Sep 01, 2020 10:53 pm
Forum: Announcements
Topic: WinBox v3.25 released!
Replies: 68
Views: 6352

Re: WinBox v3.25 released!

+1000000% same issue with Winbox 3.25 release and 6.45.9 and hotspot active tab!! Completely disconnected ALL active hotspot users and breaks. I had to dump all users from the queue. Not good, As I'm going to get angry phone call from this hotspot customer. I do not see version 3.24 available to dow...
by toxicfusion
Tue Sep 01, 2020 8:22 pm
Forum: Wireless Networking
Topic: NetMetal ac² Antennas Question
Replies: 10
Views: 554

Re: NetMetal ac² Antennas Question

No, cannot use that antenna - it is only for 2.4ghz. You need dual band supported antenna's

i just purchased a few of the MikroTik HGO's and some MW-RP-SMA-52-ANT-5 to also test -- EDIT. I just realized these MW-SMA-52s are male connectors; they'd need to be female to properly screw on
by toxicfusion
Tue Sep 01, 2020 7:24 pm
Forum: RouterBOARD hardware
Topic: CAPSMAN Manager For Medium to Big deployment
Replies: 4
Views: 408

Re: CAPSMAN Manager For Medium to Big deployment

How are you powering the NetPower unit to get the appropriate PoE power package? Dual 96watt power bricks?

Is the CCR acting as the core router and CapsManager? Or CCR solely acting as the Caps controller?
by toxicfusion
Tue Sep 01, 2020 7:20 pm
Forum: The User Manager
Topic: User Manager Payment Systems
Replies: 113
Views: 50228

Re: User Manager Payment Systems

+1 for Stripe support
another +1 for stripe!!!
by toxicfusion
Tue Sep 01, 2020 7:14 pm
Forum: Wireless Networking
Topic: After enabling multicast-helper mt wireless bridges dont work anymore
Replies: 20
Views: 979

Re: After enabling multicast-helper mt wireless bridges dont work anymore

Why use capsman to configure ONLY your wireless network bridge?? That is simple enough to do.

use capsman to control your significant amount of AP's. Anything less than 2-AP's for CapsMan is silly.
by toxicfusion
Tue Sep 01, 2020 4:52 am
Forum: Wireless Networking
Topic: After enabling multicast-helper mt wireless bridges dont work anymore
Replies: 20
Views: 979

Re: After enabling multicast-helper mt wireless bridges dont work anymore

most likely due to station pseudobridge setting. I believe this is limitation to only passing single mac-address?

if you are bridging MikroTik Wireless devices, use regular AP Bridge and station bridge mode
by toxicfusion
Tue Sep 01, 2020 4:49 am
Forum: Wireless Networking
Topic: hAP AC - phone does not detect smart device (vacuum cleaner)
Replies: 8
Views: 526

Re: hAP AC - phone does not detect smart device (vacuum cleaner)

Now the phone must find the vacuum cleaner. This is mostly done through broadcasts.And that is sometimes not so easy. Just some hints for checking .... - is there client/Station isolation? - is wifi originated broadcast limited for wifi? Flood protection? - what kind of protocol is used for this di...
by toxicfusion
Mon Aug 31, 2020 7:20 pm
Forum: Wireless Networking
Topic: Disconnected, interface disabled [SOLVED]
Replies: 1
Views: 222

Re: Disconnected, interface disabled [SOLVED]

fixed. issue was RJ45 end.
by toxicfusion
Mon Aug 31, 2020 5:52 am
Forum: Wireless Networking
Topic: Disconnected, interface disabled [SOLVED]
Replies: 1
Views: 222

Disconnected, interface disabled [SOLVED]

Hello, Did one of my MikroTik wAP AC devices just fry itself? Never seen this before. Last logs from device are below. Then it went offline. Power cycling PoE on switchport and no resolve. Site is 3 hours away and wont make it there until weekend. ZERO activity from switch port it connected to. Unle...
by toxicfusion
Fri Aug 28, 2020 6:22 pm
Forum: Wireless Networking
Topic: CapsMan RSSI access-list issue
Replies: 1
Views: 246

Re: CapsMan RSSI access-list issue

bump. anyone have information on the error for
18:74:2E:AF:0A:D3@5Ghz-Site9-wAP-1-1 disconnected, 4-way handshake timeout
by toxicfusion
Tue Aug 25, 2020 7:43 pm
Forum: Wireless Networking
Topic: CapsMan RSSI access-list issue
Replies: 1
Views: 246

CapsMan RSSI access-list issue

Hello, I have CapsMan in production, In reviewing the router logs. I am seeing quite a bit of the following error messages. Unsure if actual errors, or just CapsMan doing its job and not letting wireless devices connect that are not meeting min rssi requirement? 84:B8:B8:3D:82:FC@2Ghz-Site8-wAP-1 re...
by toxicfusion
Sat Aug 22, 2020 6:40 am
Forum: RouterBOARD hardware
Topic: PowerBox Pro Poe Input
Replies: 4
Views: 2041

Re: PowerBox Pro Poe Input

It works fine. Tested with Cisco SG-200 P models. It’s better to get the Mikrotik 48v adapter though, it has higher output if you will be using multiple ports. I’m just getting to this and was able to deploy this to the site. 1year after... Ironically, this site Also uses that same Cisco SG200-P as...
by toxicfusion
Fri Aug 21, 2020 9:10 pm
Forum: General
Topic: assigning bonding to new vlan bridge
Replies: 0
Views: 231

assigning bonding to new vlan bridge

Hello,

Is it possible to attach or have bonded interfaces [802ad] to be included with the new bridge vlan filtering method? 'all-vlan-bridge'?

If so, any example configs? As would need the bonded interfaces to be inside the bridge vlan interface, and able to pass the required vlans for trunking.
by toxicfusion
Wed Aug 19, 2020 4:50 pm
Forum: General
Topic: Blocking web page
Replies: 10
Views: 1591

Re: Blocking web page

It won't work if it's DNS based by someone simply specifying an alternative DNS, it won't work otherwise by bypassing via VPN. True, but moot point based on system/desktop security.... If domain environment, can disable users from changing TCP/IP settings and installing 3rd party software. Otherwis...
by toxicfusion
Wed Aug 19, 2020 12:18 am
Forum: General
Topic: capsman with hotspot - login not working
Replies: 2
Views: 497

Re: capsman with hotspot - login not working

bump.

anyone?
by toxicfusion
Mon Aug 17, 2020 8:34 pm
Forum: General
Topic: capsman with hotspot - login not working
Replies: 2
Views: 497

Re: capsman with hotspot - login not working

question:

Does the Router actually need WAN / internet connection for the hotspot page to work and open on devices??
by toxicfusion
Mon Aug 17, 2020 6:39 pm
Forum: Wireless Networking
Topic: capsman with hotspot2.0
Replies: 2
Views: 1874

Re: capsman with hotspot2.0

Can you elaborate on Hotspot 2.0 feature / package?

I have production MikroTik hotspots. I've just created another topic as i'm experiencing issue with CapsMan and hotspot. Guest-SSID works, but once guest connects to this SSID, the hotspot page is not being splashed or redirected.
by toxicfusion
Mon Aug 17, 2020 4:28 pm
Forum: General
Topic: capsman with hotspot - login not working
Replies: 2
Views: 497

capsman with hotspot - login not working

Hello, I have an existing hotspot configuration that is working 100%. I am testing a new configuration in a smaller lab environment prior to deploying. Issue: Configured capsman to provision new radio's. Devices are able to connect to the guest SSID and obtain IP, router see's the device(S) register...
by toxicfusion
Sun Aug 16, 2020 7:36 pm
Forum: General
Topic: Blocking web page
Replies: 10
Views: 1591

Re: Blocking web page

MikroTik webproxy is secure if properly configured. Although doesn’t work for SSL.

Suggestion is to use web based DNS filter.

I use ‘dnsfilter.com’
by toxicfusion
Thu Aug 06, 2020 8:03 pm
Forum: General
Topic: PowerBox Pro QCA8337 chip [SOLVED]
Replies: 8
Views: 1956

` [SOLVED]

You only have to add it to VLANs which require access to the CPU, in your config you have IP addresses assigned to VLAN10 and VLAN88 so those should be sufficient. If you have management via the VLANs on the all-vlan-bridge bridge I strongly recommend removing the bridge_bkup bridge as only one bri...
by toxicfusion
Wed Aug 05, 2020 4:12 pm
Forum: General
Topic: PowerBox Pro QCA8337 chip [SOLVED]
Replies: 8
Views: 1956

Re: PowerBox Pro QCA8337 chip [SOLVED]

Appears I have to add the switch1-cpu to all vlan ports within switch menu in order to properly do inter-vlan? I was able to add the switch1-cpu to my vlan10 (primary network), and once I did that, I was able to reach this switch from the upstream core router via both subnets. any further input from...
by toxicfusion
Wed Aug 05, 2020 2:24 am
Forum: General
Topic: PowerBox Pro QCA8337 chip [SOLVED]
Replies: 8
Views: 1956

Re: PowerBox Pro QCA8337 chip [SOLVED]

UPDATE with issue: I configured a router with a base config that will be used at production site. ISSUE: When connected to the upstream core switch/router. The untagged access port [computer] is unable to access the PowerBox. trying to access from vlan10, untagged to the management IP on the powerbo...
by toxicfusion
Wed Aug 05, 2020 1:17 am
Forum: General
Topic: PowerBox Pro QCA8337 chip [SOLVED]
Replies: 8
Views: 1956

Re: PowerBox Pro QCA8337 chip [SOLVED]

Update:

Tested and working with the lastest configuration from my post above [see to code].

Also works when I configure a switch port interface with vlan-id=ID, I'm able to get untagged traffic passing.
by toxicfusion
Tue Aug 04, 2020 10:43 pm
Forum: General
Topic: PowerBox Pro QCA8337 chip [SOLVED]
Replies: 8
Views: 1956

Re: PowerBox Pro QCA8337 chip [SOLVED]

You do not have the CPU switch port ( switch1-cpu ) in any of the /interface ethernet switch vlan statements so you will loose access. Thank you for pointing me to that. I earlier discovered this after re-reading the MikroTik documentation MULTIPLE Times.. lol. See to my new configuration. Should I...
by toxicfusion
Tue Aug 04, 2020 6:07 pm
Forum: General
Topic: PowerBox Pro QCA8337 chip [SOLVED]
Replies: 8
Views: 1956

Re: PowerBox Pro QCA8337 chip [SOLVED]

per the MikroTik documentation.. its very confusing by what they mean. I need more specific config example to have clarity. "For devices with QCA8337 and Atheros8327 switch chips a default vlan-header=leave-as-is should be used. When vlan-mode=secure is configured, it ignore switch port vlan-header ...
by toxicfusion
Tue Aug 04, 2020 5:53 pm
Forum: General
Topic: PowerBox Pro QCA8337 chip [SOLVED]
Replies: 8
Views: 1956

PowerBox Pro QCA8337 chip [SOLVED]

Hello, Very confusing with VLANS with the PowerBox [RB960RGS board] as it uses the QCA8337 switch chip. IF I use the new bridge VLAN method, it will disable HW Offloading and rely directly on CPU - and performance will suffer.... I've went ahead and configured the old/original method using the ether...
by toxicfusion
Tue Jul 28, 2020 10:18 pm
Forum: Wireless Networking
Topic: outdoor wAP AC or SXT install [SOLVED]
Replies: 8
Views: 1713

Re: outdoor wAP AC or SXT install [SOLVED]

Hello, I recommend checking out the NetMetal ac^2 router. https://mikrotik.com/product/netmetal_ac2 Thank you, didnt see this new product - I am now looking and considering this. As I see MikroTik recently put out new the outdoor omni HGO-antenna to go with it..... I could use this in center of are...
by toxicfusion
Tue Jul 28, 2020 10:12 pm
Forum: Wireless Networking
Topic: outdoor wAP AC or SXT install [SOLVED]
Replies: 8
Views: 1713

Re: outdoor wAP AC or SXT install [SOLVED]

Each radio wAP AC need to be able to cover at minimum a 200ft radius outside. 300ft be ideal.
by toxicfusion
Tue Jul 28, 2020 9:54 pm
Forum: Wireless Networking
Topic: outdoor wAP AC or SXT install [SOLVED]
Replies: 8
Views: 1713

Re: outdoor wAP AC or SXT install [SOLVED]

"The TX power is good, but the gain on the wAP AC's suck, only 2dBI." Well I disagree. It does not suck, it is a specific antenna pattern that is very good, if used for local access. So it all depends on what you want. Problem with antenna gains is that the higher the gain, the narrower the directi...
by toxicfusion
Mon Jul 27, 2020 4:16 pm
Forum: Wireless Networking
Topic: outdoor wAP AC or SXT install [SOLVED]
Replies: 8
Views: 1713

outdoor wAP AC or SXT install [SOLVED]

Hello, I'm looking to do an outdoor wireless install/upgrade to an existing client [outdoor camping venue]. They have older AP's that I used, but already have RB1100ahx4 as core router and doing radius + hotspot. Looking to replace all AP's and expand coverage.... Anyone have suggestions or more det...
by toxicfusion
Wed Jun 17, 2020 12:29 am
Forum: Announcements
Topic: MikroTik Newsletter June 2020 (#96)
Replies: 29
Views: 9435

Re: MikroTik Newsletter June 2020 (#96)

I thought it was about the RB itself - the color and input voltages.
So the injector is all that has been changed?
that is appeears to be true. Powered up the wAP AC and all appears normal. Same CPU speed, specs, etc.
by toxicfusion
Tue Jun 16, 2020 8:11 pm
Forum: Announcements
Topic: MikroTik Newsletter June 2020 (#96)
Replies: 29
Views: 9435

Re: MikroTik Newsletter June 2020 (#96)

Just making note the included POE injector is different design and markings on it. Need me show a picture? None of the new MikroTik newsletter depicted this GBPOE adapter. Also the wAP Ac box had a 'NEW' sticker. So perhaps a change from MikroTik?? or fake?? IMG_0243.jpg IMG_0242.jpg IMG_0244.jpg IM...
by toxicfusion
Tue Jun 16, 2020 6:50 pm
Forum: Announcements
Topic: MikroTik Newsletter June 2020 (#96)
Replies: 29
Views: 9435

Re: MikroTik Newsletter June 2020 (#96)

FYI - I just ordered and received a new wAP AC device, seems it was recently revised??? Included a new GBPOE injector. No more rubberized feel [new look is dark gray and white] and input voltage is now to -57v [prior were 48v].

box had new sticker 'X001A2AHLF' RBWAPG-5HACT2HnD

What is going on?
by toxicfusion
Fri Jun 12, 2020 4:50 pm
Forum: Announcements
Topic: MikroTik Newsletter June 2020 (#96)
Replies: 29
Views: 9435

Re: MikroTik Newsletter June 2020 (#96)

+WIFI6 and an updated WAP AC model!! [Wap AC2??] I really enjoy the WAP AC [RBwAPG-5HacT2HnD-US]. But really could use better wifi gain and sesnativities. As 5Ghz drops off very quickly, short distances. I have a few deployed and will continue to purchase. The CAP AC model I had to return those.. Ra...
by toxicfusion
Sun Feb 02, 2020 12:31 am
Forum: General
Topic: EoIP Tunnels stopped working
Replies: 2
Views: 824

EoIP Tunnels stopped working

Hello, Since upgrading to 6.45.8 on Routers (CCR, RB2011, etc). My EOIP Tunnels are broken.. Unable to pass traffic. Even tried latest stable, still broke. Upgraded from 6.44.2 IP >> Interfaces >> my EOIP interface is not coming online... why?! What has changed. The tunnels show established and heal...
by toxicfusion
Fri Oct 25, 2019 8:01 pm
Forum: General
Topic: Help - mikrotik firewall or ISP issue
Replies: 4
Views: 1120

Help - mikrotik firewall or ISP issue

Hello, Clients router (RB2011) has been working 100% Beautifully for longest time. I provide them with HOSTED PBX, suddenly this week outbound attempts to port 5060 for phones registration fails. Phones connect and disconnect. Seems connection is terminated. No changes, ever... I reboot ISP modem an...
by toxicfusion
Wed Sep 25, 2019 6:53 am
Forum: Useful user articles
Topic: Wi-Fi for 2,600 users using a wAP-60Gx3-AP to eight wAP-60G Stations over an ~130º field of view
Replies: 3
Views: 4258

Re: Wi-Fi for 2,600 users using a wAP-60Gx3-AP to eight wAP-60G Stations over an ~130º field of view

This is great, also beautiful place!

Question: How was power supplied to the station units and the attached Xirrus radio's? Was there battery power being fed, or have AC outlet poles/extension cables ran to the exact placement of the Mikrotik w60 slave units?
by toxicfusion
Wed Sep 25, 2019 6:08 am
Forum: RouterBOARD hardware
Topic: PowerBOX Pro - 4 pair PoE IN
Replies: 11
Views: 3542

Re: PowerBOX Pro - 4 pair PoE IN

bump
by toxicfusion
Thu Sep 19, 2019 5:46 pm
Forum: RouterBOARD hardware
Topic: PowerBOX Pro - 4 pair PoE IN
Replies: 11
Views: 3542

Re: PowerBOX Pro - 4 pair PoE IN

I'm looking for answers as well. I emailed Mikrotik support, but not sure of answer..

Like to power the 'PowerBox Pro' with 4-pair POE input from a Netonix WISP Switch. 48HV.

Will this work, or smoke the device?
by toxicfusion
Wed Aug 21, 2019 9:01 pm
Forum: General
Topic: vlan bridge (new way) HW offload and performance
Replies: 23
Views: 8331

Re: vlan bridge (new way) HW offload and performance

Correct. Router (L3 GW) --> Core Switch (L3 CRS switch with all the VLANs) --> Access Switches (downstream L2 switches) --> Devices Core switch has all your VLANS and trunk down to access layer switch(s). Core switch has a single uplink port to your RB gateway device. --> Correct and yes a single u...
by toxicfusion
Thu Aug 15, 2019 5:21 pm
Forum: General
Topic: vlan bridge (new way) HW offload and performance
Replies: 23
Views: 8331

Re: vlan bridge (new way) HW offload and performance

@ksteink - thank you, again! I may consider your approach to a RB as the router for WAN outbound and termination point, and then a MT switch for inter-vlan traffic and rules. Assuming you're more of a core + access layer style network designs? From the MT CRS switch you do an IP route 0.0.0.0/0 to t...
by toxicfusion
Thu Aug 15, 2019 12:57 am
Forum: General
Topic: vlan bridge (new way) HW offload and performance
Replies: 23
Views: 8331

Re: vlan bridge (new way) HW offload and performance

this wiki which was posted earlier was helpful: https://wiki.mikrotik.com/wiki/Manual:Switch_Chip_Features amazing how MikroTik used best switch chips in prior RB1100ahx2 model, and for RB1100ahx4 (new) they used lesser vlan capable switch chip! Sigh.. . I loved the 1100ahx2 model, deployed many. Al...
by toxicfusion
Thu Aug 15, 2019 12:35 am
Forum: General
Topic: vlan bridge (new way) HW offload and performance
Replies: 23
Views: 8331

Re: vlan bridge (new way) HW offload and performance

@ksteink WOW - awesome, thank you for such big break down and config examples. I appreciate this. Will inter-vlan routing work by 'default' when configuring the switch chip in this manner? Or will I need ip route rules? As in some cases, some of the vlans need to be able to reach each other, others ...
by toxicfusion
Wed Aug 14, 2019 7:16 pm
Forum: General
Topic: vlan bridge (new way) HW offload and performance
Replies: 23
Views: 8331

Re: vlan bridge (new way) HW offload and performance

So confusing as block diagram on RB3011 and RB4011 both show switch chips. RB3011 states ports 6-10 is 2Gb/s aggregated... but ports 1-5 show same 1Gb/s links to each CPU.. sigh. Also one is Realtek vs QCA. So just have to know which is 100% VLAN capable within switch chip itself and not using softw...
by toxicfusion
Wed Aug 14, 2019 7:05 pm
Forum: General
Topic: vlan bridge (new way) HW offload and performance
Replies: 23
Views: 8331

Re: vlan bridge (new way) HW offload and performance

@Sindy - Thank you, great explanations and break down! You're always great with laying it out. I do more of a collapsed core configuration for most SMB networks. Some clients require ipsec tunnel between offices. Other clients single location and I'll do EOIP tunnel to my NOC router to perform netwo...
by toxicfusion
Wed Aug 14, 2019 6:31 pm
Forum: General
Topic: vlan bridge (new way) HW offload and performance
Replies: 23
Views: 8331

Re: vlan bridge (new way) HW offload and performance

maybe Normis or another from MT and chime in to clarify... So if ALL software, it'll hammer or leverage the CPU... the RB4011 has ARM processor, so is it negated performance wise? Or is there sigificant performance boost in say RB3011 with the vlan aware switch chip ASIC (ASIC being faster than CPU?...
by toxicfusion
Wed Aug 14, 2019 5:05 pm
Forum: General
Topic: vlan bridge (new way) HW offload and performance
Replies: 23
Views: 8331

Re: vlan bridge (new way) HW offload and performance

block diagram shows HW acceleration... is this ONLY for IPSec, or this mean HW acceleration on ethernet for wirespeed? If so, perhaps the RB4011 is an upgrade path over RB2011. The switch chips used in the 4011 are not VLAN-aware and don't support hardware rules so if you need L2 traffic to be hard...
by toxicfusion
Tue Aug 13, 2019 10:32 pm
Forum: General
Topic: Ready Voucher 2.15 [SOLVED]
Replies: 6
Views: 2291

Re: Ready Voucher 2.15 [SOLVED]

There any firewall black lists? Perhaps need to add to walled garden (allowed) within hotspot setup?

What about after a reboot of router, issue still same?

Create a new service account (user + pass) to be used for the API auth with ReadyVoucher?
by toxicfusion
Tue Aug 13, 2019 9:56 pm
Forum: General
Topic: Ready Voucher 2.15 [SOLVED]
Replies: 6
Views: 2291

Re: Ready Voucher 2.15 [SOLVED]

This probably due to API change

speak with developer of ReadyVoucher
by toxicfusion
Tue Aug 13, 2019 9:37 pm
Forum: The User Manager
Topic: UserMan+Hotspot - The Most Buggy
Replies: 2
Views: 3002

Re: UserMan+Hotspot - The Most Buggy

It is buggy... But the vouchers work? lol. you can also manually create your radius users and assign. But once you set your profiles and do mass creation of vouchers(UserMan), I've had good luck.. I just ignore the webUI bugs. hopefully they fix. Otherwise, have to look for third party hotspot solut...
by toxicfusion
Tue Aug 13, 2019 9:24 pm
Forum: RouterBOARD hardware
Topic: RB4011 high, uneven CPU load and a crash.
Replies: 20
Views: 8555

Re: RB4011 high, uneven CPU load and a crash.

It might be the IPsec tunnel (HW Offload) with the type your using (Encryption type). Unsure if a bug and its loading up on single CPU core. I wouldnt worry if only single core being loaded up.
DH Group
SHA, MD5?
SHA-128, SHA-256?

What routerOS release? Try the 6.45 long term.
by toxicfusion
Tue Aug 13, 2019 6:49 pm
Forum: RouterBOARD hardware
Topic: RB4011 high, uneven CPU load and a crash.
Replies: 20
Views: 8555

Re: RB4011 high, uneven CPU load and a crash.

Interesting! Not to hijack, with PRTG you using? I like those graphs.

Do you have any ipsec tunnels? Are you using bridge vlan configuration? do your config export.... /export hide-sensitive
by toxicfusion
Tue Aug 13, 2019 5:49 pm
Forum: RouterBOARD hardware
Topic: RB US-LTE product - which is better?
Replies: 3
Views: 2989

Re: RB US-LTE product - which is better?

Or wondering if should consider "RBLHGR&R11e-LTE-US" this dish antenna with the high 17db gain.... I can point toward cell tower location... cell coverage in this area is spotty in some area's due to city limited the addition and build of towers (beach side) Otherwise, with the RB912R-2nD-LT. device...
by toxicfusion
Tue Aug 13, 2019 5:24 pm
Forum: RouterBOARD hardware
Topic: RB US-LTE product - which is better?
Replies: 3
Views: 2989

RB US-LTE product - which is better?

Questions: For USA-LTE-4G (mikrotik knows USA is 4G) I'm compairing two products. they appear to have the same 4G/LTE modem (R11e modem) RB912R-2nD-LTm&R11e-LTE-US and RBwAPR-2nD&R11e-LTE-US Second is same enclosure as the current outdoor wAP AC products. but has the R11e chip. questions: 1. which w...
by toxicfusion
Tue Aug 13, 2019 4:49 pm
Forum: General
Topic: vlan bridge (new way) HW offload and performance
Replies: 23
Views: 8331

Re: vlan bridge (new way) HW offload and performance

By way - I see the RB4011 and RB1100ahx4 obviously share same ARM CPU, block diagram shows HW acceleration... is this ONLY for IPSec, or this mean HW acceleration on ethernet for wirespeed? If so, perhaps the RB4011 is an upgrade path over RB2011.
by toxicfusion
Tue Aug 13, 2019 4:41 pm
Forum: General
Topic: vlan bridge (new way) HW offload and performance
Replies: 23
Views: 8331

vlan bridge (new way) HW offload and performance

Hello, I know it has been mentioned here and also some snippets on the MikroTik Wiki.... Have some existing RB2011 out in field in production. I have a client (decent sized network, 4 attached switches) to the RB2011. Using RB2011 as router-on-stick, or functioning as collapsed core (RB2011 has all ...
by toxicfusion
Tue Jul 09, 2019 5:21 pm
Forum: RouterBOARD hardware
Topic: PowerBox Pro Poe Input
Replies: 4
Views: 2041

PowerBox Pro Poe Input

Hello, Question - looking at documentation and datasheet. Can anyone confirm or deny if the PowerBox Pro can be Powered UP by 802.3af POE input? Looking to power up the Powerbox Pro with POE 802.3af input, and have it output the same voltage as applied to downstream devices attached to it. Otherwise...
by toxicfusion
Fri Jul 05, 2019 7:22 am
Forum: Wireless Networking
Topic: [ETA] new wireless driver?
Replies: 3
Views: 1329

Re: [ETA] new wireless driver?

This is needed. All these new WAP/CAP products with the AC1200, AC1600, AC1800, AC2000 chipset.. But terrible 5Ghz performance. I fear its due to 6.0X RouterOS using older linux Kernel, thats limitation. Unless they backport the current drivers to the older kernel or they develop drivers in-house......
by toxicfusion
Fri Jul 05, 2019 6:58 am
Forum: Wireless Networking
Topic: Mikrotik WLAN & CAPsMAN - Bad download perfomance
Replies: 47
Views: 10247

Re: Mikrotik WLAN & CAPsMAN - Bad download perfomance

sigh... I"m experiencing the same exact issues and limitations! Using CAPsMAN as well with the WAPS. Very annoying. Love MikroTik - perhaps too much of a fanboy. But when UBT wireless kicks their ass... just hate their software and constant changes. But their cloud controller aspect is sweet - able ...
by toxicfusion
Fri Jul 05, 2019 2:49 am
Forum: Wireless Networking
Topic: CAPsMAN bandwidth problem
Replies: 1
Views: 651

Re: CAPsMAN bandwidth problem

I was having similar issues..... Hope someone has some answers as been crickets! With "Local Forwarding" performance is OK and close to wire speeds with AC (depending on AP). I'm finding the CAP AC's to perform worse than the wAP AC's. (different wireless chipset). But with "Client to Client forward...
by toxicfusion
Wed Jul 03, 2019 9:51 pm
Forum: Wireless Networking
Topic: CAPsMAN - config gripes and questions
Replies: 2
Views: 706

Re: CAPsMAN - config gripes and questions

I have a client about to send all these AP's back... Perhaps theres TOO many configuration options?!... makes want to just use Ubiq***... sigh. WTF, I'm losing patience and faith. Do I enable both local forwarding && client to client?? Or just local forwarding? Appears when I do not specify vlan in ...
by toxicfusion
Wed Jul 03, 2019 7:20 pm
Forum: Wireless Networking
Topic: CAPsMAN - config gripes and questions
Replies: 2
Views: 706

Re: CAPsMAN - config gripes and questions

little update: Disabled Caps manager on router, then removed all the CAP interfaces. Originally when the cAPS joined they were in red, I went and created copies and manually named the interfaces based on 2ghz or 5ghz "xxAP-2Ghz" "xxAP-5Ghz", and then copied again for the slave interface. But after r...
by toxicfusion
Wed Jul 03, 2019 6:22 pm
Forum: Wireless Networking
Topic: CAPsMAN - config gripes and questions
Replies: 2
Views: 706

CAPsMAN - config gripes and questions

Hello, Looking for explicit answers to CAPSMAN configuration for 'datapath' config. What is difference of 'local forwarding' and 'client to client forwarding'? The information on articles all contradict themselves. is client to client the same as 'default forwarding' on the ssid? Also having issues ...
by toxicfusion
Mon Jul 01, 2019 6:35 am
Forum: Wireless Networking
Topic: CAPSman - only single CAP will connect
Replies: 13
Views: 2638

Re: CAPSman - only single CAP will connect

Ok fixed.. I was overthinking it. Considering the ether1 interface is 'untagged' and the native vlan on the network, I can tag the SSID with vlan via capsman config.

I reset the AP's and select CAP mode, then all is good. All AP's are now provisioned via CAPsMan

Thanks!
by toxicfusion
Sun Jun 30, 2019 9:25 pm
Forum: Wireless Networking
Topic: CAPSman - only single CAP will connect
Replies: 13
Views: 2638

Re: CAPSman - only single CAP will connect

all three(3) CAPS appear to connect with "CAP-764D285B8904" for name & common name. I prob have config issue. Realized I had a mgmt SSID (hidden SSID) on all the AP's, but the .rsc file had the same mad address specified. I just went and removed the virtual interface from all the AP's. Do I need to ...
by toxicfusion
Sun Jun 30, 2019 9:10 pm
Forum: Wireless Networking
Topic: CAPSman - only single CAP will connect
Replies: 13
Views: 2638

Re: CAPSman - only single CAP will connect

Ok, have two(2) access points connected to CAPSMAN Controller. The 3rd will not connect, or keeps dropping off due to 'ident conflict'. Mac Addresses are different. However, the WLAN interfaces appear to be identical to that of the bridged interface they're associated with...?? did /interface ethern...
by toxicfusion
Sun Jun 30, 2019 8:33 pm
Forum: Wireless Networking
Topic: CAPSman - only single CAP will connect
Replies: 13
Views: 2638

Re: CAPSman - only single CAP will connect

Gotcha. Found the AP that was causing a loop/conflict. Mac address burned are so close :88:8E and 84:8E. But believe a config made them both the same. Removed AP, and all is fine. However, using vlan-bridge and vlan tagging. Dont the CAP AP's need to have their bridge interface configured and vlans ...
by toxicfusion
Sun Jun 30, 2019 6:24 pm
Forum: Wireless Networking
Topic: CAPSman - only single CAP will connect
Replies: 13
Views: 2638

Re: CAPSman - only single CAP will connect

I just did wireless reset on two of the AP's and now DHCP server on main router is going crazy, as if the eth1 interface is suddenly flapping and handing out address over and over and complaining of conflict or loop. I may roll back the CCR to 'long term' build, as thought was bug with release and u...
by toxicfusion
Sun Jun 30, 2019 6:07 pm
Forum: Wireless Networking
Topic: CAPSman - only single CAP will connect
Replies: 13
Views: 2638

Re: CAPSman - only single CAP will connect

Have you restored configuration from another device, that you get mac conflict? If yes please you need to do MAC reset of interface Thanks, I will try this again. I tried the reset command, but the MAC stayed the same? "/interface wireless reset-configuration <wireless interface>" Is this the wrong...
by toxicfusion
Sun Jun 30, 2019 5:00 pm
Forum: Wireless Networking
Topic: CAPSman - only single CAP will connect
Replies: 13
Views: 2638

Re: CAPSman - only single CAP will connect

What about the issue of the certificate error as well as 'removing stale connection' which happens constantly when not using certificate.
by toxicfusion
Sun Jun 30, 2019 7:07 am
Forum: Wireless Networking
Topic: CAPSman - only single CAP will connect
Replies: 13
Views: 2638

Re: CAPSman - only single CAP will connect

Sigh.. CAPs will join when I do 'none' for certificate. But this is not secure.

More problem, the cAPS keep dropping off. See screenshot
Screen Shot 2019-06-30 at 12.05.57 AM.png
by toxicfusion
Sun Jun 30, 2019 6:46 am
Forum: Wireless Networking
Topic: CAPSman - only single CAP will connect
Replies: 13
Views: 2638

Re: CAPSman - only single CAP will connect

Update: Just noticed two(2) of the CAP Ap's have the same MAC address configured or displaying for wlans. Howd this happen? When the .rsc file used does not have any mac="" specified... Further, these were brand new CAP AC's and I did reset routerboard with no-configuration save and no-default-confi...
by toxicfusion
Sun Jun 30, 2019 6:11 am
Forum: Wireless Networking
Topic: CAPSman - only single CAP will connect
Replies: 13
Views: 2638

CAPSman - only single CAP will connect

Hi, Have CapsMan on CCR1009-8S-1S router.... fine. new Mikrotik CAP AC units. Only a single CAP AC will connect. All other CAPS error out "Request certificate, but failed to issue: a valid certificate with the same common name already exists!" Why is this? The CAPS are generating the same certificat...
by toxicfusion
Tue Mar 26, 2019 9:39 pm
Forum: General
Topic: wAP vlan bridge issue
Replies: 6
Views: 840

Re: wAP vlan bridge issue

vlan10 on trunk port is set as native. switchport trunk native, rest are tagged.

yes, switches, core are all on vlan10 subnet - no mgmt (yet). Its relatively small network here in contrast. Didnt feel need to further complicate it by adding mgmt vlan
by toxicfusion
Tue Mar 26, 2019 1:41 am
Forum: General
Topic: wAP vlan bridge issue
Replies: 6
Views: 840

Re: wAP vlan bridge issue

haha.. wow - smh! I was exhausted other night when I connected this WAP. The switchport it was connected to was WRONG. config was correct, but port on switch was also correct, but i had it in wrong port. as the switch numbering was not (1up, 2up) etc. normally 1-24 are top, 25-48 below. all good! phew
by toxicfusion
Tue Mar 26, 2019 1:20 am
Forum: General
Topic: wAP vlan bridge issue
Replies: 6
Views: 840

Re: wAP vlan bridge issue

@anav. - help me before like you did before with suggestions? I'm 100% baffled here... MikrotTik core router is working fine with bridge vlan filtering and the tagged/untagged. Unifi AP's with SSID vlan tag assignment is working fine as well for the various SSID's. But on the MikroTik WAP AC - is NO...
by toxicfusion
Sun Mar 24, 2019 12:05 am
Forum: General
Topic: wAP vlan bridge issue
Replies: 6
Views: 840

wAP vlan bridge issue

Hello, I am using the new VLAN method when configuring an wAP ac. Setup is essentially same as the MikroTik router (which is working). I have mikrotik router with interface ports acting as trunk ports (vlan10 is untagged), and to downstream switches. Those switches are working. Also have older Ubiqu...
by toxicfusion
Wed Mar 13, 2019 4:19 pm
Forum: General
Topic: bridge vlan sanity [SOLVED]
Replies: 18
Views: 1427

Re: bridge vlan sanity [SOLVED]

Awesome, Looking forward to seeing an RB2011 "WORKING" config with the vlans!! Cheers. hey anav! Success.. "/interface bridge add name=all-vlan-bridge vlan-filtering=yes add admin-mac= auto-mac=no fast-forward=no name=bridge-local /interface ethernet set [ find default-name=ether1 ] comment="TRNK t...
by toxicfusion
Wed Mar 06, 2019 4:40 pm
Forum: General
Topic: bridge vlan sanity [SOLVED]
Replies: 18
Views: 1427

Re: bridge vlan sanity [SOLVED]

question: Will inter-vlan routing work since all vlans are within the single bridge? I will need inter-vlan, and then can create firewall rules to block some traffic as needed. When within the same bridge or not on the same bridge, the answer is NO at layer 2, YES at layer IF, you make the proper f...
by toxicfusion
Wed Mar 06, 2019 4:38 pm
Forum: General
Topic: bridge vlan sanity [SOLVED]
Replies: 18
Views: 1427

Re: bridge vlan sanity [SOLVED]

anav - which working config would you like? I had it on a HEX & PowerBox Pro for a small campground, trunk ports back to a L3 switch. The 'unorthodox' method I did way back when I was naive and still learning the 'new way'. Which after grasping it... is much cleaner.. This new config I'm working on ...
by toxicfusion
Wed Mar 06, 2019 4:06 pm
Forum: General
Topic: bridge vlan sanity [SOLVED]
Replies: 18
Views: 1427

Re: bridge vlan sanity [SOLVED]

In the meantime it never hurts to go back to some decent references and this is the best.................. Pick the example which fits closest to your scenario (Router-Switch-AP (all in one)) https://forum.mikrotik.com/viewtopic.php?f=13&t=143620 Appreciated! I did a similar setup ~6+ months ago wi...
by toxicfusion
Wed Mar 06, 2019 4:05 pm
Forum: General
Topic: bridge vlan sanity [SOLVED]
Replies: 18
Views: 1427

Re: bridge vlan sanity [SOLVED]

question:

Will inter-vlan routing work since all vlans are within the single bridge? I will need inter-vlan, and then can create firewall rules to block some traffic as needed.
by toxicfusion
Wed Mar 06, 2019 3:58 pm
Forum: General
Topic: bridge vlan sanity [SOLVED]
Replies: 18
Views: 1427

Re: bridge vlan sanity [SOLVED]

toxic, Look at my last config, I kept the bridge pvid at default ie 1 Yes. bridge itself has vlan filtering The bridge ports that are trunk cannot have pvid assigments its only for incoming untagged traffic that needs to be tagged. hence wlan1, wlan2 and eth3 Give that a try. If it doesnt work then...
by toxicfusion
Wed Mar 06, 2019 12:25 am
Forum: General
Topic: bridge vlan sanity [SOLVED]
Replies: 18
Views: 1427

Re: bridge vlan sanity [SOLVED]

Basics, Trunk ports do not get pvid Access ports get pvid Your eth3 I thought was going to a managed switch first...........thus also a trunk port. BUT now I see its going to an un-managed switch....... You also dont mention an access point but have guest wifi now added as well??? Thanks for reply ...
by toxicfusion
Wed Mar 06, 2019 12:14 am
Forum: General
Topic: bridge vlan sanity [SOLVED]
Replies: 18
Views: 1427

Re: bridge vlan sanity [SOLVED]

do i set the bridge port to pvid=10, along with the individual ports within the bridge to make untagged traffic the default native vlan? such as: /interface bridge add name=bridge-all-vlans vlan-filtering=yes pvid=10 /interface bridge port add bridge=bridge-all-vlans interface=ether1 pvid=10 add bri...
by toxicfusion
Tue Mar 05, 2019 10:45 pm
Forum: General
Topic: bridge vlan sanity [SOLVED]
Replies: 18
Views: 1427

Re: bridge vlan sanity [SOLVED]

reading on prior posts. I believe PVID=ID is equivelant to cisco switch trunk native (which sets vlan as access/untagged). Here is maybe more simple config (taken from prior post). Modified for my usage: /interface bridge add name=bridge-all-vlans vlan-filtering=yes pvid=1 /interface bridge port add...
by toxicfusion
Tue Mar 05, 2019 10:22 pm
Forum: General
Topic: bridge vlan sanity [SOLVED]
Replies: 18
Views: 1427

Re: bridge vlan sanity [SOLVED]

Device is an RB2011-uas-in, perhaps better if I just use built in switch-chip functionality??

I'm just so use to creating bridges, adding interfaces and the vlans be within the bridge interface so those packets are untagged. As creating bridge use to by default untag.
by toxicfusion
Tue Mar 05, 2019 10:07 pm
Forum: General
Topic: bridge vlan sanity [SOLVED]
Replies: 18
Views: 1427

Re: bridge vlan sanity [SOLVED]

Thanks! pvid=10 is default data vlan (untagged traffic, data lan) This is set for the cisco SG series switch as well (pvid=10), ports vlan10=untagged, all other vlans=tagged on switch. switch port going to mikrotik will untagged vlan10, and rest tagged. I was reading documentation on wiki. That I ca...
by toxicfusion
Tue Mar 05, 2019 9:18 pm
Forum: General
Topic: bridge vlan sanity [SOLVED]
Replies: 18
Views: 1427

bridge vlan sanity [SOLVED]

Hey there, Just looking for some clarity on my brain fog when it comes to the new vlan method within bridge vlan. Historically, I would just create multiple vlan entries and rename them, and associate to interfaces. Topology > Mikrotik Router >> Cisco Switch(s) Mikrotik eth1 >> Sw1. (10,20,40,99) Mi...
by toxicfusion
Sat Mar 02, 2019 6:00 am
Forum: General
Topic: RB1100x4 not accessible!
Replies: 9
Views: 953

Re: RB1100x4 not accessible!

That was my mindset, I had 1100x2 locally. this was an x4. I was prepping to overnight a new one and re-config with config backups Howevr.. HUZZAH.. I was teamviewered to laptop, worked with client and set a local gateway - as was dual homed... then was able to netboot and re-install. Old config was...
by toxicfusion
Sat Mar 02, 2019 5:30 am
Forum: General
Topic: RB1100x4 not accessible!
Replies: 9
Views: 953

Re: RB1100x4 not accessible!

not good. NetInstall not detecting router on boot. Power cycled with reset held, did for 15-seconds. USR LED was off and port 13 came active and had activity. NetInstall did not show router, and then shortly after -timeout the routerboard rebooted. Then no activity. Cause? Or will I need to resort t...
by toxicfusion
Sat Mar 02, 2019 4:27 am
Forum: General
Topic: RB1100x4 not accessible!
Replies: 9
Views: 953

Re: RB1100x4 not accessible!

Central NY - upstate..
by toxicfusion
Sat Mar 02, 2019 3:42 am
Forum: General
Topic: RB1100x4 not accessible!
Replies: 9
Views: 953

Re: RB1100x4 not accessible!

Update: client reporting no activity lights on any of the ethernet ports on mikrotik router. I be able to open it up and perform reset, boot it and restore from saved backup file? I wonder if it blew up and uninstall actually removed perhaps I can get into it via another internet connection/wireless...
by toxicfusion
Sat Mar 02, 2019 3:29 am
Forum: General
Topic: RB1100x4 not accessible!
Replies: 9
Views: 953

Re: RB1100x4 not accessible!

PS: never have encountered such issue with as many routerboards & for as many years I've been working with MikroTik :(

Hopefully someone has some tips or ideas as to what happened.
by toxicfusion
Sat Mar 02, 2019 3:23 am
Forum: General
Topic: RB1100x4 not accessible!
Replies: 9
Views: 953

RB1100x4 not accessible!

Hello, Was remotely working on client that is 1,200 miles away.... RB1100ahx4 router. Has TheDude installed. Suddenly ran out of disk space.. Got logged in, was unable to delete files. had highlighted TheDude package and Clicked 'Uninstall'. Showed was scheduled for removal. Hope it wasnt removing R...
by toxicfusion
Tue Sep 04, 2018 6:39 pm
Forum: General
Topic: remotely manage MT's
Replies: 4
Views: 1355

Re: remotely manage MT's

Thanks! Unfortunately, Not operating as an ISP or WISP at moment. CPE's I consider are more so managed routers I provide to clients (MT's I config and install for clients for their offices). Be nice if I was full on routed network for them (providing them Internet access) and I would 100% use MikroT...
by toxicfusion
Fri Aug 31, 2018 6:10 pm
Forum: General
Topic: remotely manage MT's
Replies: 4
Views: 1355

Re: remotely manage MT's

bump
by toxicfusion
Thu Aug 30, 2018 3:19 pm
Forum: General
Topic: Hotspot Problem with iOS
Replies: 3
Views: 1012

Re: Hotspot Problem with iOS

Most likely issue within the iPhone safari settings for tracking cookie / protection. Same with safari web browser on Mac OSX
by toxicfusion
Wed Aug 29, 2018 11:30 pm
Forum: General
Topic: remotely manage MT's
Replies: 4
Views: 1355

remotely manage MT's

Looking for general idea's how others are managing their customers MikroTik devices. Either as a CPE device or a managed router I'm looking to setup a "jump box" central management server that has winbox, dude client as well as Radius. Then be seperate MikroTik CHR virtual machine. -Windows Server 2...
by toxicfusion
Wed Aug 29, 2018 9:06 pm
Forum: General
Topic: Hotspot with userman & auth settings
Replies: 0
Views: 486

Hotspot with userman & auth settings

Hey there, After many hours of working with MikroTIk hotspot and having user gripes.. Primarily ANDROID devices... Noticed that it is all within the configuration aspect. This is undocumented items.. At first i ONLY had: hotspot server Login configured with "Http Chap, cookie". This caused issues au...
by toxicfusion
Tue Aug 28, 2018 3:21 pm
Forum: General
Topic: bridge vlan setup (new way) [SOLVED]
Replies: 45
Views: 37313

Re: bridge vlan setup (new way) [SOLVED]

When configuring WiFi interfaces as VLAN tagged, you need to do configuration like this: # enable VLAN tagging on wlan interfaces ... all physical as well as virtual. VLAN IDs can be different on every wlan interface. # The commands below go on top of "regular" WiFi configuration. /interface wirele...
by toxicfusion
Tue Aug 28, 2018 4:46 am
Forum: General
Topic: bridge vlan setup (new way) [SOLVED]
Replies: 45
Views: 37313

Re: bridge vlan setup (new way) [SOLVED]

last question - looking for tips or suggestions. Thinking about buying the MikroTik mANTbox 12s (2.4ghz 120* setor) setup as AP Bridge. This to replace an OLD engenius 2.4ghz N radio..... Would the vlan tagging be the same when associating to SSID's? As will need to associate / include the SSID & vl...
by toxicfusion
Tue Aug 28, 2018 4:23 am
Forum: General
Topic: bridge vlan setup (new way) [SOLVED]
Replies: 45
Views: 37313

Re: bridge vlan setup (new way) [SOLVED]

Ok Cool.. I want to thank you all for your help. I was able to regain access to the Hex S device and reconfigure, along with the PowerBox Pro.. Caveat or bug in 6.41.3 (hex S). I tried to do PVID=1 on the /interface bridge all-vlan-bridge (as in example #1 provided by Sindy). I was not able to acces...
by toxicfusion
Mon Aug 27, 2018 11:48 pm
Forum: General
Topic: bridge vlan setup (new way) [SOLVED]
Replies: 45
Views: 37313

Re: bridge vlan setup (new way) [SOLVED]

When i config'd the device I created a new bridge. was /interface bridge name=vlan_master and under vlan_master ports, i had tagged=eth1, eth2, eth3, eth4, untagged=eth5 after your advice, i added 'vlan_master' to list of tagged members. broke when i removed PVID=10 to PVID=1 on the vlan_master brid...
by toxicfusion
Mon Aug 27, 2018 11:21 pm
Forum: General
Topic: bridge vlan setup (new way) [SOLVED]
Replies: 45
Views: 37313

Re: bridge vlan setup (new way) [SOLVED]

device IP is 192.168.128.251/24 (vlan 10 is subnet 192.168.128.0/24) secondary IP would be 192.168.88.251/24 which is vlan 88 /ip address=192.168.128.251/24 interface=all-vlan-bridge /ip address=192.168.88.251/24 interface=vlan-mgmt @Sindy - I will work to do regular bridging method as you have desc...
by toxicfusion
Mon Aug 27, 2018 10:55 pm
Forum: General
Topic: bridge vlan setup (new way) [SOLVED]
Replies: 45
Views: 37313

Re: bridge vlan setup (new way) [SOLVED]

Well, bridge can be a bit confusing due to it's twin personality I already described in one of my previous posts. So, if bridge is declared untagged (by setting PVID), then it's the interface personality of bridge that acts as untagged, while switch-like personality of bridge still carries those pa...
by toxicfusion
Mon Aug 27, 2018 9:16 pm
Forum: General
Topic: bridge vlan setup (new way) [SOLVED]
Replies: 45
Views: 37313

Re: bridge vlan setup (new way) [SOLVED]

I will add back PVID=10 to the all-vlan-bridge interface and correct the /bridge vlan settings. Will this effect the eth1 being a trunk port? Considering its going to untag vlan 10 on ingress? What about vlan 10 traffic egress, that'll re-tag and so the upstream Cisco will ingest it back as tagged t...
by toxicfusion
Mon Aug 27, 2018 9:12 pm
Forum: General
Topic: bridge vlan setup (new way) [SOLVED]
Replies: 45
Views: 37313

Re: bridge vlan setup (new way) [SOLVED]

All the VLANs on one line must have the identical tagged/untagged settings for all ports, and all member ports of the same VLAN must be on a single line. Which means that each VLAN with at least one untagged (access) port must have its own line. Hence two lines, one listing all the VLANs which have ...
by toxicfusion
Mon Aug 27, 2018 8:37 pm
Forum: General
Topic: bridge vlan setup (new way) [SOLVED]
Replies: 45
Views: 37313

Re: bridge vlan setup (new way) [SOLVED]

default route...


route all back to core switch IP or should I just route all to default IP of the Mikrotik RB1100 router?

ip route 0.0.0.0/24 to IP ADDR of router?
by toxicfusion
Mon Aug 27, 2018 8:33 pm
Forum: General
Topic: bridge vlan setup (new way) [SOLVED]
Replies: 45
Views: 37313

Re: bridge vlan setup (new way) [SOLVED]

Thanks Sindy! This is pretty much what I will have after fact. my missing component was I forgot (was naive to it) to have the vlan_master bridge interface set as tagged question: /interface bridge vlan add bridge=all-vlan-bridge vlan-ids=10 tagged=all-vlan-bridge,ether1,ether2 untagged=ether5 add b...
by toxicfusion
Mon Aug 27, 2018 8:12 pm
Forum: General
Topic: bridge vlan setup (new way) [SOLVED]
Replies: 45
Views: 37313

Re: bridge vlan setup (new way) [SOLVED]

Will get drawing real quick. Waiting on client to get laptop and connect (swap with phone) and see If I can regain access to this Hex S device here is quick topology: RB1100AHX4 (core) >> Cisco POE switch (SW01) >> HEX S >> MT PowerBox. >> AP RB1100AHX eth12 & 13 > trnk (bond lacp). vlans 10,20,40,6...
by toxicfusion
Mon Aug 27, 2018 7:54 pm
Forum: General
Topic: bridge vlan setup (new way) [SOLVED]
Replies: 45
Views: 37313

Re: bridge vlan setup (new way) [SOLVED]

so for configuration sake it appears I need following: /interface bridge vlan_master add all my physical interfaces that need to be tagged, as tagged ports add vlan_master bridge as tagged member add untagged port that will be access port add the list of VLAN ID's.. within /bridge ports add PVID=10 ...
by toxicfusion
Mon Aug 27, 2018 7:49 pm
Forum: General
Topic: bridge vlan setup (new way) [SOLVED]
Replies: 45
Views: 37313

Re: bridge vlan setup (new way) [SOLVED]

Mac-server is available - i used mac address to connect prior when I was onsite and locked myself out before. Switch is not showing within winbox as mac neighbor. I'll need client to go with laptop and unplug the phone (this is in port) and connect laptop via ethernet cable (just swapping with phone...
by toxicfusion
Mon Aug 27, 2018 7:25 pm
Forum: General
Topic: bridge vlan setup (new way) [SOLVED]
Replies: 45
Views: 37313

Re: bridge vlan setup (new way) [SOLVED]

Thank you... Wish I seen this a moment ago. I took remote connection to client computer and gained access to the Hex S Added the vlan_bridge interface to the /bridge vlan > tagged port. Was still able to ping and it dynamically displayed as tagged ports. I waited a minute as device was still accessi...
by toxicfusion
Mon Aug 27, 2018 6:46 pm
Forum: General
Topic: bridge vlan setup (new way) [SOLVED]
Replies: 45
Views: 37313

Re: bridge vlan setup (new way) [SOLVED]

@xvo Thank you for input. These MikroTik devices are really acting as switches -- they're hanging off a Cisco switch (upstream) and the core router is an RB1100ahx4.. So is my entire issue because I never added this master bridge interface to the list of interfaces that need to be set to tagged unde...
by toxicfusion
Mon Aug 27, 2018 6:23 pm
Forum: General
Topic: bridge vlan setup (new way) [SOLVED]
Replies: 45
Views: 37313

Re: bridge vlan setup (new way) [SOLVED]

also since I'm specifying VLAN ID's under the bridge vlan setup. Do I still need to create /interface vlan(s) and pop them under a bridge interface or physical?
by toxicfusion
Mon Aug 27, 2018 6:17 pm
Forum: General
Topic: bridge vlan setup (new way) [SOLVED]
Replies: 45
Views: 37313

Re: bridge vlan setup (new way) [SOLVED]

So just to clarify: I have a single bridge that contains the VLAN ID's (listed) and then I'm specifying the ports to be tagged, and the ports to be untagged. For the specified 'untagged' ports. I also under vlan > ports > I give it a PVID. And further clarification sake (I think this is my issue). I...
by toxicfusion
Sat Aug 25, 2018 6:08 pm
Forum: General
Topic: bridge vlan setup (new way) [SOLVED]
Replies: 45
Views: 37313

Re: bridge vlan setup (new way) [SOLVED]

soooooo...... did I totally only miss one(1) setting this entire time? I did NOT add the "master vlan_bridge" interface to the bridge >> ports >> vlan as interface to be tagged... is that entire issue?! As I only added the individual physical interfaces to the list of interfaces to be tagged. Then F...
by toxicfusion
Sat Aug 25, 2018 6:01 pm
Forum: General
Topic: bridge vlan setup (new way) [SOLVED]
Replies: 45
Views: 37313

Re: bridge vlan setup (new way) [SOLVED]

Client/friend is most likely going to return the PowerBox Pro and the Hex S and I'll install Netonix Switches.. due to odd POE requirements. switch in middle (hex X) was required as it accepted POE input (48dc), and outputted on port5 48dc - as there was a VOIP phone connected going into a camper/ca...
by toxicfusion
Sat Aug 25, 2018 5:55 pm
Forum: General
Topic: bridge vlan setup (new way) [SOLVED]
Replies: 45
Views: 37313

Re: bridge vlan setup (new way) [SOLVED]

Thanks for input When I configured bridge >> Vlans >> and Vlan >> ports the bridge I added PVID and enabled vlan-filtering... I had vlan-id's listed all throughout the bridge interface and specfied which ports are tagged and specified the one port that was to be untagged. Further, on the port that w...
by toxicfusion
Sat Aug 25, 2018 5:17 am
Forum: General
Topic: bridge vlan setup (new way) [SOLVED]
Replies: 45
Views: 37313

bridge vlan setup (new way) [SOLVED]

Hey there, Since routerOS 6.41 - implementation of new vlan methodology. Took me awhile to wrap my head around the idea of it.. I think i understand. But upon me implementing it ad-hoc for a new customer of mine... Im struggling. Anyone help? As it made me look like a fool configuring a Mikrotik Pow...
by toxicfusion
Wed Aug 22, 2018 7:16 am
Forum: General
Topic: routeros hacked again
Replies: 17
Views: 4778

Re: routeros hacked again

Thank you for reply. I know the general security rule of thumb - to not allow winbox open to web. TO lock it down to a management ISP (IP) or use Radius + AAA, etc. But issue is when I'm on road, or no office with a static IP to have a strict winbox allow whitelist on WAN interface.. I'm small consu...
by toxicfusion
Wed Aug 22, 2018 6:43 am
Forum: General
Topic: routeros hacked again
Replies: 17
Views: 4778

Re: routeros hacked again

I will echo these statements. Just had devices with 6.40' & 6.42 hacked. 8291 open to interwebz, but locked with secure password... i guess I need to use longer than 12. sigh one of the hacked routers; the person setup web proxy rules and caused havok on network - causing machines to redirect and se...
by toxicfusion
Tue Jun 19, 2018 9:05 pm
Forum: Wireless Networking
Topic: MikroTik for RV Park
Replies: 0
Views: 634

MikroTik for RV Park

Hello, Looking to revamp a RV Park / Campground and their wifi. Reading nv2 has had much needed improvements since ROS release 6.42... Promising! Debating either to utilize all MikroTik products in this build, or goto Ubiquiti... I'm leaning more towards MikroTik as I can do hotspot + the dude and a...
by toxicfusion
Fri Dec 08, 2017 4:36 pm
Forum: Virtualization
Topic: CHR and use OpenVPN Server setup
Replies: 1
Views: 2427

CHR and use OpenVPN Server setup

Hello, Curious, has anyone successfully hosted CHR and configured it as a OpenVPN Server VPN concentrator? I'd like to spin up a new CHR instance and it ONLY do OpenVPN (I can install purchased SSL cert). Like to do hosted VPN for clients of mine. Need to work as such: Client local SSL VPN >> intern...
by toxicfusion
Wed Apr 19, 2017 5:06 pm
Forum: Announcements
Topic: MUM Europe 2017 Live!
Replies: 64
Views: 16695

Re: MUM Europe 2017 Live!

Understood! No known issue's with the ARM cpus for the reordering? As ARM CPU is also in the RB3011

Be nice to also see a RB1100 series with SFP slots, or another CCR device with same ARM CPU and SFP's!
by toxicfusion
Tue Apr 18, 2017 5:31 pm
Forum: Announcements
Topic: MUM Europe 2017 Live!
Replies: 64
Views: 16695

Re: MUM Europe 2017 Live!

MikroTik showing some product love! I'm in love :) Love the new CRS328-24P-4S+RM Also refreshed classic RB1100ah -- x4! This is very awesome news. Question: I know since latest release, the IPSEC re-ordering has been fixed. Will this new X4 device with the new CPU chip be effected or uneffected -- a...
by toxicfusion
Thu Apr 06, 2017 5:50 pm
Forum: General
Topic: 50% bandwidth loss RB2011UiAS
Replies: 18
Views: 3015

Re: 50% bandwidth loss RB2011UiAS

for your "chain=input action=drop in-interface=ether1 log=yes log-prefix="DROP"

do not log this. eats up flash cycles / memory. Just my personal preference.

No need to run btest. try running www.speedtest.net
by toxicfusion
Wed Apr 05, 2017 6:51 pm
Forum: General
Topic: Mikrotik ROS7 or earlier BGP routing protocol
Replies: 4
Views: 1031

Re: Mikrotik ROS7 or earlier BGP routing protocol

I presume for ROS7, as that's been spoke of and quite the unicorn for awhile?

I see recently there is a fix for Ipsec re-ordering on the CCR devices as well? 2017 be quite the year!
by toxicfusion
Wed Apr 05, 2017 6:41 pm
Forum: Scripting
Topic: Blacklist Filter update script
Replies: 632
Views: 137290

Re: Blacklist Filter update script

I just went ahead and downloaded your script and applied to one of my MikroTiks for testing. So far so good! I'll roll this out to my client devices very soon, added security is always welcomed.

Thanks for a great contribution!
by toxicfusion
Wed Apr 05, 2017 6:01 pm
Forum: General
Topic: Problem RouterOS 6.38.5 - Denial of Service
Replies: 67
Views: 16042

Re: Vulnerability RouterOS 6.38.5 - Denial of Service

Is this 6.38.5 and above only? Or does this also work on 6.37.5?

I'd also like to know this as well.....

Does this explicitly effect devices running 6.38.5 and above. Or would it apply to all devices running 6.38.5 and below?
by toxicfusion
Wed Apr 05, 2017 6:00 pm
Forum: General
Topic: 50% bandwidth loss RB2011UiAS
Replies: 18
Views: 3015

Re: 50% bandwidth loss RB2011UiAS

Do you have a drop all input rule?? Please create (Security reasons). Create your required DST-NAT rules beforehand. Furthermore, be sure have filter rule: (This to allow local LAN traffic) chain=forward action=accept src-address=172.16.33.0/24 I have numerous RB2011 out in production in the wild, n...
by toxicfusion
Wed Apr 05, 2017 5:37 pm
Forum: General
Topic: Mikrotik ROS7 or earlier BGP routing protocol
Replies: 4
Views: 1031

Re: Mikrotik ROS7 or earlier BGP routing protocol

FRRouting was born or forked from prior developers of the Quagga team. They're currently implementing Multi core/threading.
by toxicfusion
Tue Apr 04, 2017 7:39 pm
Forum: General
Topic: Mikrotik ROS7 or earlier BGP routing protocol
Replies: 4
Views: 1031

Mikrotik ROS7 or earlier BGP routing protocol

So I thought I would share this as a personal suggestion or a thought towards MikroTIK team. We all are aware of the BGP issues with the Cloud Core Routers (Single core performance) and other oddities. Would MikroTIK be interested in integrating with "FRRouting" https://frrouting.org/ I think this w...
by toxicfusion
Fri Feb 17, 2017 3:44 am
Forum: Virtualization
Topic: CHR on Linode - Any Pointers - Not booting
Replies: 3
Views: 2344

Re: CHR on Linode - Any Pointers - Not booting

Glad I could help! Enjoy. Linode is great, used for years :)
by toxicfusion
Thu Feb 16, 2017 10:23 pm
Forum: RouterBOARD hardware
Topic: CSS326-24G-2S+RM benchmark on the routerboard.com
Replies: 5
Views: 2375

Re: CSS326-24G-2S+RM benchmark on the routerboard.com

Shout out to MIkroTik for suggestion: Why not get some White box switches (brocade silicon) and use MirkoTik SWOS ontop? use the ONIE boot/installer.... It makes me question! As some GREAT white box hardware out there. I would drool over MikroTik taking some whitebox switching hardware and making it...
by toxicfusion
Thu Feb 16, 2017 10:21 pm
Forum: RouterBOARD hardware
Topic: CSS326-24G-2S+RM benchmark on the routerboard.com
Replies: 5
Views: 2375

Re: CSS326-24G-2S+RM benchmark on the routerboard.com

I was looking to purchase this switch... what are the hardware specs?

Instead - I just picked up a used Quanta LB4m 48port (inc. 2 - 10Gbe SPF+ ports)....

I really want to use MikroTik SwOS -- howevever, without true LACP, I cannot. So for now it'll be MikroTik Routers and quanta switches.
by toxicfusion
Thu Feb 16, 2017 8:14 pm
Forum: Virtualization
Topic: CHR on Linode - Any Pointers - Not booting
Replies: 3
Views: 2344

Re: CHR on Linode - Any Pointers - Not booting

Have to setup the Instance for Full-virtualization and not paravirtualization Boot Settings: Direct Disk Boot into recovery disk. And will have to download the .img file and then extract it to disk. example: sudo gunzip -c myversion.img | sudo dd of=/dev/sdb bs=1m Replace /dev/sdb with your actual d...
by toxicfusion
Thu Dec 08, 2016 6:24 pm
Forum: General
Topic: No audio on sip calls over VPN
Replies: 8
Views: 5024

Re: No audio on sip calls over VPN

You probably need to add the other subnet to your PBX to allow SIP traffic (on PBX side)

Your firewall rules should be fine if your're able to pass traffic over tunnel

Why not use site to site ipsec VPN?
by toxicfusion
Thu Dec 08, 2016 6:21 pm
Forum: General
Topic: input drop all rule - moved by accident!!
Replies: 18
Views: 3780

Re: input drop all rule - moved by accident!!

Thanks everyone!

Noted about the baud rate needing to be 115200...

Customer is all set, connected using MAC address method within Winbox

NOTE: we do provide them fiber to their office, however I have telnet service disabled on the customer MikroTiks

I'll keep this in mind for future though!!
by toxicfusion
Wed Dec 07, 2016 7:33 pm
Forum: General
Topic: RouterOS DHCP and windows clients
Replies: 7
Views: 1504

Re: RouterOS DHCP and windows clients

Do you have a switch connected to router and devices connected to said switch?

I've had this issue with MAC & windows PC -- was a switch and the POE autonegotiate issue, took longer for link to establish and acquire the IP address. Was even happening with Fortigate router.
by toxicfusion
Wed Dec 07, 2016 7:23 pm
Forum: General
Topic: input drop all rule - moved by accident!!
Replies: 18
Views: 3780

Re: input drop all rule - moved by accident!!

update: I just tested this scenario with a spare mikrotik i have in the office. Winbox worked perfectly using mac address, didnt even need to configure an IP on the laptop NIC interface. However, I tried a tripp-lite USB to Rj45 console cable -- this doesnt appear to work for console? Nothing displa...
by toxicfusion
Wed Dec 07, 2016 7:00 pm
Forum: General
Topic: input drop all rule - moved by accident!!
Replies: 18
Views: 3780

Re: input drop all rule - moved by accident!!

You guys were on fire today replying to post ;). Appreciated!
by toxicfusion
Wed Dec 07, 2016 6:43 pm
Forum: General
Topic: input drop all rule - moved by accident!!
Replies: 18
Views: 3780

Re: input drop all rule - moved by accident!!

safe mode is avalaible after you connect to a site. top left.
Correct - which I use when I make config changes. Just waiting for feature request to be added to winbox for 'connect with safemode'

Will let you guys know if i'm able to regain access
by toxicfusion
Wed Dec 07, 2016 6:39 pm
Forum: General
Topic: input drop all rule - moved by accident!!
Replies: 18
Views: 3780

Re: input drop all rule - moved by accident!!

Thanks guys! I'm aware of the Winbox MAC connect (Neighbor) This was my first guess to access the device, but was uncertain if it would 100% bypass the firewall filter rules. I have a cisco style rj45 console cable. Will go onsite and make it happen. FYI: I'm using Winbox version 3.7 -- there is no ...
by toxicfusion
Wed Dec 07, 2016 6:26 pm
Forum: General
Topic: input drop all rule - moved by accident!!
Replies: 18
Views: 3780

Re: input drop all rule - moved by accident!!

access via console... its a RB2011 device

There is a Mini USB port in front, can connect with mini-usb and use terminal?

Idea's?
by toxicfusion
Wed Dec 07, 2016 6:24 pm
Forum: General
Topic: input drop all rule - moved by accident!!
Replies: 18
Views: 3780

Re: input drop all rule - moved by accident!!

Absolutely love safe mode. However, unfortunately by default winbox does not connect via safe mode When i make any config changes, I'll enable safe mode prior to changes. However, it was one of those -- let me watch some VOIP traffic and look over my firewall rules. As last night I made some rule ch...
by toxicfusion
Wed Dec 07, 2016 6:13 pm
Forum: General
Topic: input drop all rule - moved by accident!!
Replies: 18
Views: 3780

input drop all rule - moved by accident!!

Hey there, I was in a customer router (Winbox) monitoring traffic and doing a review of the firewall rules.... SOMEHOW, when I was ready to close the firewall window -- the filter input = drop all rule, got moved to top of list. I realized this and tried to move it back below the filter accept rules...
by toxicfusion
Wed Aug 10, 2016 6:49 pm
Forum: Scripting
Topic: WAN failover script help
Replies: 2
Views: 945

Re: WAN failover script help

Hi Chris thanks for reply. At first was by design for masquerade out ether10-gateway. During testing, I removed the 'out interface' so would masquerade out any interface -- i could still ping websites from both WAN interfaces (ether9 & ether10). But trying to visit websites from ether9 route wouldnt...
by toxicfusion
Wed Aug 10, 2016 4:51 pm
Forum: Scripting
Topic: WAN failover script help
Replies: 2
Views: 945

WAN failover script help

Hey everyone So I'm growing very angry and upset, all emotions. Having issues with a WAN failover setup/script for a customer. It's making me look like an IDIOT and fool. So many confusing options and scripts. Nearly none of them work. As people post about them and all have issues? I guess I'm looki...
by toxicfusion
Thu Jul 14, 2016 11:45 pm
Forum: Virtualization
Topic: CHR + Hyper-V + Virtual Nic in Trunk Mode = VLAN issues
Replies: 10
Views: 9223

Re: CHR + Hyper-V + Virtual Nic in Trunk Mode = VLAN issues

Not sure if similar issue for me I have CHR installed on a VPS provider that allows 'internal private network'  CHR instance has private network interface IP I have 3 other VM's with private network, along with eth interfaces configured. I have IPSEC vpn tunnel setup on CHR  and it terminates back t...
by toxicfusion
Wed Jul 06, 2016 9:19 pm
Forum: Virtualization
Topic: Cloud Hosted Router
Replies: 583
Views: 214259

Re: Cloud Hosted Router

If you are interested IN CHR on OVH VPS SSD, here you go: 1. Install any linux distro 2. From OVH control panel boot VPS to rescue mode 3. Type the magic from below :) : cd /root curl -O http://download2.mikrotik.com/routeros/6.35.2/chr-6.35.2.img.zip gunzip -S .zip chr-6.35.2.img.zip umount /mnt/v...
by toxicfusion
Wed Jul 06, 2016 8:01 pm
Forum: Announcements
Topic: v6.35.4 [current] is released!
Replies: 51
Views: 26442

Re: v6.35.4 [current] is released!

Does 6.35.4 fix the issue on RB2011 devices? There was a bug noted on version 6.34.6 with the 2nd switch group.

Is that fixed in this release?
by toxicfusion
Fri Jul 01, 2016 4:14 pm
Forum: Announcements
Topic: v6.34.6 [bugfix] is released!
Replies: 60
Views: 23115

Re: v6.34.6 [bugfix] is released!

NOTICE / BUG REPORT! RB1100Ahx2 Firmware 3.24 RouterOS 6.34.6 Upgrade went very well from 6.20....  However, this morning I've had phone calls of random workstations having issues accessing some remote resources.   We have MANY IPSEC VPN tunnels issue was people unable to access some mapped network ...
by toxicfusion
Fri Jun 17, 2016 11:22 pm
Forum: Announcements
Topic: v6.34.6 [bugfix] is released!
Replies: 60
Views: 23115

Re: v6.34.6 [bugfix] is released!

Just realized this 6.34.6 release.

Great news that another member posted "3 RB1100ahx2 upgrading all working well so far."  This give me a peace of mind

Planning to goto this version on  Tuesday evening.
by toxicfusion
Fri Jun 17, 2016 4:50 pm
Forum: Announcements
Topic: v6.35.4 [current] is released!
Replies: 51
Views: 26442

Re: v6.35.4 [current] is released!

@Basdno Thank you for the insight!  You're absolutely spot on, and no offense taken.  Definitely not planning the upgrade for a Friday!  Thinking I'll apply Monday or Tuesday evening (patch tuesday, bahaha!) I'll be sure to post back of any issues and or success with the upgrade on our production RB...
by toxicfusion
Fri Jun 17, 2016 3:47 pm
Forum: Announcements
Topic: v6.35.4 [current] is released!
Replies: 51
Views: 26442

Re: v6.35.4 [current] is released!

Good to know!  I will just 'buck up' and take the needed steps in precaution and load the update.  I want to take advantage of Fast Track and the ipsec enhancements.  6.20 has issues with SA-lifetimes and such. @MikroTik team does 6.35.4 make RB3011 (Arm CPU) completely stable and ready for producti...
by toxicfusion
Fri Jun 17, 2016 3:33 pm
Forum: Announcements
Topic: v6.35.4 [current] is released!
Replies: 51
Views: 26442

Re: v6.35.4 [current] is released!

Nice release on top of 6.35.  However, dynamic list to read only.. WTF??!

Anyone load 6.35 or the incremental updates on RB1100AHx2 devices?   I have had one online in production for 402 days current uptime....  Wanting to upgrade to latest rOS, but unsure if will break device. Currently on 6.20


 
by toxicfusion
Thu Apr 28, 2016 6:28 pm
Forum: Beginner Basics
Topic: Policy routing out one port and back in another on the same router
Replies: 1
Views: 784

Re: Policy routing out one port and back in another on the same router

Did you get this figured out? I'm looking to do something similar... Looking for idea's how to integrate MikroTik router with the powercode BMU
by toxicfusion
Tue Apr 05, 2016 5:55 pm
Forum: General
Topic: Mangle vs CoS for VOIP
Replies: 9
Views: 3209

Re: Mangle vs CoS for VOIP

Thank you for your insight and knowledge! noted! :)
by toxicfusion
Fri Apr 01, 2016 11:45 pm
Forum: General
Topic: Mangle vs CoS for VOIP
Replies: 9
Views: 3209

Re: Mangle vs CoS for VOIP

Ok So I have mangle rules to "mark" connection for the VOIP traffic and specific ports /ip firewall mangle add action=mark-connection chain=prerouting comment=VOIP_TRAFFIC dst-port=\ 5060-5099 new-connection-mark=VOIP protocol=udp add action=mark-packet chain=prerouting connection-mark=VOIP dst-port...
by toxicfusion
Fri Apr 01, 2016 11:39 pm
Forum: General
Topic: Mangle vs CoS for VOIP
Replies: 9
Views: 3209

Re: Mangle vs CoS for VOIP

Great points! I take care of an office with ~120 VOIP telephones on own voice VLAN. Sound quality is good, but at times it can sound a little 'rough' or seem as its degrading call quality over longer internal voice call. I can assume its network congestion/traffic across switches this network has HP...
by toxicfusion
Fri Apr 01, 2016 6:43 pm
Forum: General
Topic: Mangle vs CoS for VOIP
Replies: 9
Views: 3209

Re: Mangle vs CoS for VOIP

Understood As I can build a Queue Tree to "shape" the traffic over the WAN link; to give VOIP bandwidth requirements depending on network environment. in regards to DSCP > COS -- I can set this at the VOIP PBX level and specify for SIP/RTP. Most managed Swithces I can also define this on the VLAN le...
by toxicfusion
Fri Apr 01, 2016 6:02 am
Forum: General
Topic: Mangle vs CoS for VOIP
Replies: 9
Views: 3209

Mangle vs CoS for VOIP

Hey everyone I've been using MikroTik routers for quite awhile now 3+ years. Love them, they're my goto... with that being said; I've always used Mangle rules/tags to create a Queue Tree for traffic shaping with pretty good success. However, is there any added benefits or is it better to do CoS tagg...
by toxicfusion
Wed Apr 01, 2015 5:17 pm
Forum: Useful user articles
Topic: Using RouterOS to QoS your network - 2020 Edition
Replies: 211
Views: 267463

Re: Using RouterOS to prioritize (Qos) traffic for a Class C net

Thanks to know! I have RB2011 routers out in field with similar configuration, except VLAN's and they're using BRIDGES. So they might be fine. It might just be an issue with this RB1100AH as I'm using 'router on stick' configuration with VLAN's assigned to ether-trunks I'm worried that If I put the ...
by toxicfusion
Fri Mar 27, 2015 8:04 pm
Forum: Useful user articles
Topic: Using RouterOS to QoS your network - 2020 Edition
Replies: 211
Views: 267463

Re: Using RouterOS to prioritize (Qos) traffic for a Class C net

Below are my mangle rules I use similar / same QoS for customers and they experience same issues on local UPLOAD traffic being clamped. meaning, if I do a file transfer over the network from one computer to another -- that transfer gets capped. Mangle rules are essentially same for myself and i use ...
by toxicfusion
Tue Mar 17, 2015 8:57 pm
Forum: Useful user articles
Topic: Using RouterOS to QoS your network - 2020 Edition
Replies: 211
Views: 267463

Re: Using RouterOS to prioritize (Qos) traffic for a Class C net

Hi I've followed this guide... and have made adjustments to try and fix issues. However, when ever I have queue tree rules created for 'no-mark'. The router is ALSO clamping the LAN network file transfer speeds... not cool. /queue tree add max-limit=4M name=LEVEL_A_UP parent=ether1_wan01 queue=defau...
by toxicfusion
Thu Sep 26, 2013 6:32 pm
Forum: General
Topic: SIP mangle rules & queue's
Replies: 1
Views: 1647

Re: SIP mangle rules & queue's

well, found this article:
http://forum.mikrotik.com/viewtopic.php?f=13&t=73214

guess helpful.. customized it a little bit for our needs regarding the LEVELS max/min bandwidth (70meg x 5meg cable connection)

level A = 60meg down, 4Mmeg up

level B = 40meg down, 3meg up
by toxicfusion
Thu Sep 26, 2013 5:32 pm
Forum: General
Topic: SIP mangle rules & queue's
Replies: 1
Views: 1647

SIP mangle rules & queue's

Hello, Still learning MikroTik and growing extremely frustrated and confused with this configuration of firewall mangle rules and queues. I want to bash my head against a wall in this mass confusion. Trying to setup simple traffic shaping, and its a PITA (in my logic and though process) or I'm stupi...
by toxicfusion
Sat Jun 22, 2013 6:42 am
Forum: General
Topic: RouterOS 6.1 released
Replies: 198
Views: 60442

Re: RouterOS 6.1 released

upgrade from 6.0 to 6.1 broke all IPSEC VPN connections on RB1100ahx2... downgrade back to 6.0 resolved issue. Thought 6.1 would fix IPSEC VPN issue of random VPN disconnects and inability to pass traffic to CISCO end points. issue with link aggregation speeds 802.3ad as well - inconsistent balancing
by toxicfusion
Tue Jan 15, 2013 4:04 pm
Forum: Beginner Basics
Topic: VLANS on trunk interface with DHCP
Replies: 3
Views: 2470

Re: VLANS on trunk interface with DHCP

Ok - I found the error on my own and corrected it. DHCP servers are assigned to the VLAN's now with address pools. However the DCHP server(s) are NOT providing the default gateway. Computers receive IP and mask, but no default gateway; why!!? Furthermore, Have VOIP phone (VLAN20 - 192.168.20.0) - us...
by toxicfusion
Mon Jan 14, 2013 6:12 pm
Forum: Beginner Basics
Topic: VLANS on trunk interface with DHCP
Replies: 3
Views: 2470

VLANS on trunk interface with DHCP

Hello, Just purchased RB1100ahx2 (awesome), replacing cisco ISR1921. Trying to get the configuration of VLAN's and DHCP server running on this device. Having some confusion with configuration, its fustrating. Bonded two(2) ethernet ports; eth5 ð6 to create a trunk interface. assigned vlan1, vlan2...