Community discussions

Search found 82 matches

by Fraction
Fri Apr 19, 2019 10:43 am
Forum: Virtualization
Topic: EoIP ( help ) works on Physical Mikrotik but not a CHR
Replies: 2
Views: 547

Re: EoIP ( help ) works on Physical Mikrotik but not a CHR

Try to set Promiscuous Mode to ”accept” on vSwitch or portgroup properties? I have done similar setup couple years ago and cannot remember surely, but I have a hunch that this was needed to get it work.
by Fraction
Tue Apr 09, 2019 5:35 pm
Forum: Announcements
Topic: Tik App, MikroTik android utility ALPHA test
Replies: 425
Views: 144273

Re: Tik App, MikroTik android utility ALPHA test

Any plans to add support for RoMON-connections?
by Fraction
Wed Apr 11, 2018 2:36 pm
Forum: RouterBOARD hardware
Topic: hAP ac² High temperature
Replies: 50
Views: 10686

Re: hAP ac² High temperature

Hmm.. Not sure is this a (known?) bug or something else, but with 6.41.3 on hAP ac^2 it seems that the system/health is not printing anything:
[x@y] > system health print

[x@y] >

Also Health-page in Winbox shows only buttons, not any actual data. Not so big deal for me, but just mentioned. :)
by Fraction
Sun Nov 27, 2016 10:06 pm
Forum: Beginner Basics
Topic: Mode button on RB750r3
Replies: 2
Views: 3880

Re: Mode button on RB750r3

Hi guys I just bought a RB750r3. On the side it has a "Mode" button. Does anyone know what that's used for? It's not a reset button, it's on the front. It's not a WPS button, it has no wifi. I've been reading documentation og Google for hours without any success :( It is not mentioned in any Mikrot...
by Fraction
Wed Oct 26, 2016 10:31 am
Forum: RouterBOARD hardware
Topic: New CPU - new product RB750Gr3 - RB750G family - now mmips
Replies: 180
Views: 67412

Re: New CPU - new product RB750Gr3 - RB750G family - now mmips

Have to say that after 2 weeks I'm still loving this little Beast. Have not had any issues with the device so far.. It seems to be stable and powerful enough to do wirespeed routing between users and servers in gigabit network and run IPSec-tunnels (aes-256-cbc) over 100Mbit Internet-connection. Def...
by Fraction
Wed Oct 19, 2016 4:32 pm
Forum: RouterBOARD hardware
Topic: RB2011 switch port groups
Replies: 38
Views: 48773

Re: RB2011 switch port groups

Hi, Is it possible to use switch based vlan's between switch groups? If I understand the theory right, it should work if I add "switch-cpu" in both groups as port to every vlan but I had no luck with that (sorry, can't give real config exports because I already went back to software-vlans and bridge...
by Fraction
Tue Oct 18, 2016 5:45 pm
Forum: RouterBOARD hardware
Topic: New CPU - new product RB750Gr3 - RB750G family - now mmips
Replies: 180
Views: 67412

Re: New CPU - new product RB750Gr3 - RB750G family - now mmips

strongest will be preferred. You can see which one exactly is picked by enabling ipsec logs, or counting how long are keys in SAs :)
Encr key was only 64 characters. :) But ok, strongest first. good to know.
by Fraction
Tue Oct 18, 2016 5:17 pm
Forum: RouterBOARD hardware
Topic: New CPU - new product RB750Gr3 - RB750G family - now mmips
Replies: 180
Views: 67412

Re: New CPU - new product RB750Gr3 - RB750G family - now mmips

Yes, hw encryption works for all aes-cbc algorithms.
Related question, if I have both aes-128-cbc & aes-256-cbc selected in IPSec proposal, is there any way to know which one is used? Enryption tab in IPSec SA says only "aes cbc".
by Fraction
Mon Oct 17, 2016 10:34 pm
Forum: RouterBOARD hardware
Topic: New CPU - new product RB750Gr3 - RB750G family - now mmips
Replies: 180
Views: 67412

Re: New CPU - new product RB750Gr3 - RB750G family - now mmips

Just buy one after I saw this topic. everything that I can say WOW :shock: 300/300 IPsec traffic via rb1100AHx2 BIG problem naturally I have imminently upgrade it to 6.37.1 (Current) EoIP with IPsec not Working. Working only upload. Download go to max 2 mbps. after upgrading to 6.38rc15 (Release ca...
by Fraction
Mon Oct 17, 2016 10:25 pm
Forum: General
Topic: Is re-ordering fixed yet with IPSec and hardware acceleration? (Updating thread)
Replies: 134
Views: 26269

Re: Is re-ordering fixed yet with IPSec and hardware acceleration? (Updating thread)

Is re-ordering fixed yet with IPSec and hardware acceleration? (Updating thread) Not 100% sure what nathan1 meant by adding ping output to first post, but this ping is going aes-128-cbc eoip tunnel (hex3 - hap lite): 64 bytes from 192.168.50.1: seq=0 ttl=63 time=16.875 ms 64 bytes from 192.168.50.1...
by Fraction
Mon Oct 17, 2016 7:11 pm
Forum: General
Topic: Is re-ordering fixed yet with IPSec and hardware acceleration? (Updating thread)
Replies: 134
Views: 26269

Re: Is re-ordering fixed yet with IPSec and hardware acceleration? (Updating thread)

Is re-ordering fixed yet with IPSec and hardware acceleration? (Updating thread) Not 100% sure what nathan1 meant by adding ping output to first post, but this ping is going aes-128-cbc eoip tunnel (hex3 - hap lite): 64 bytes from 192.168.50.1: seq=0 ttl=63 time=16.875 ms 64 bytes from 192.168.50.1...
by Fraction
Mon Oct 17, 2016 6:56 pm
Forum: General
Topic: Is re-ordering fixed yet with IPSec and hardware acceleration? (Updating thread)
Replies: 134
Views: 26269

Re: Is re-ordering fixed yet with IPSec and hardware acceleration? (Updating thread)

Is re-ordering fixed yet with IPSec and hardware acceleration? (Updating thread) Not 100% sure what nathan1 meant by adding ping output to first post, but this ping is going aes-128-cbc eoip tunnel (hex3 - hap lite): 64 bytes from 192.168.50.1: seq=0 ttl=63 time=16.875 ms 64 bytes from 192.168.50.1...
by Fraction
Mon Oct 17, 2016 1:37 pm
Forum: Announcements
Topic: Winbox 3.7 released!
Replies: 63
Views: 111407

Re: Winbox 3.7 released!

Is it planned/reasonable feature, that Winbox shows last used connection entry (and allows connection) without entering master password?
by Fraction
Fri Oct 14, 2016 7:44 am
Forum: Announcements
Topic: Winbox 3.7 released!
Replies: 63
Views: 111407

Re: Winbox 3.7 released!

Switch-menu missing with hEX Gr3 (ROS 6.37.1), works with RB2011 (6.36.2) and hAP lite (6.34.6)
by Fraction
Wed Oct 12, 2016 10:12 pm
Forum: RouterBOARD hardware
Topic: New CPU - new product RB750Gr3 - RB750G family - now mmips
Replies: 180
Views: 67412

Re: New CPU - new product RB750Gr3 - RB750G family - now mmips

Has anyone this in real use yet? Mine should be ready for pick-up in local post office.

Ordered from Sonictest.eu, they also has these in stock already, although it is not listed on their website yet.
by Fraction
Sat Oct 08, 2016 2:15 pm
Forum: RouterBOARD hardware
Topic: New CPU - new product RB750Gr3 - RB750G family - now mmips
Replies: 180
Views: 67412

Re: New CPU - new product RB750Gr3 - RB750G family - now mmips

If you go back to the first post you will see a USB port in the photo.
They forgot to include it in the spec overview?
They also forgot to mention SD slot and confirmed it already, so maybe we have hope. :)
by Fraction
Thu Oct 06, 2016 2:57 pm
Forum: General
Topic: hAp Lite questions and doubts
Replies: 10
Views: 1248

Re: hAp Lite questions and doubts

First, have to agree with others.. If your customers don't trust you, they should maybe think some other ISP. :)

But, on the other hand, question to others.. why it is so "big deal" to allow read-only (policies: read & winbox) access for customers?
by Fraction
Fri Sep 02, 2016 5:02 pm
Forum: Announcements
Topic: Winbox 3.5 released!
Replies: 20
Views: 9476

Re: Winbox 3.5 released!

Secure Mode is still broken in Windows 10. The connection is not encrypted.
by Fraction
Fri Aug 05, 2016 4:34 pm
Forum: General
Topic: [SOLVED] Reinstall RouterOS in router mikrotik with OpenWRT
Replies: 6
Views: 2199

Re: [SOLVED] Reinstall RouterOS in router mikrotik with OpenWRT

What is the problem with rb751 exactly? Not showing up in Netinstall?

Is there Reset-button in 751, did you try that?
by Fraction
Wed Aug 03, 2016 11:41 pm
Forum: General
Topic: [SOLVED] Reinstall RouterOS in router mikrotik with OpenWRT
Replies: 6
Views: 2199

Re: Reinstall RouterOS in router mikrotik with OpenWRT

http://forum.mikrotik.com/viewtopic.php?t=93341 , NathanA mentioned rbcfg-utitlity, maybe that helps you to get your device boot to Netinstall?
by Fraction
Sun Jul 31, 2016 5:07 pm
Forum: Announcements
Topic: v6.36 [current] is released!
Replies: 183
Views: 42063

Re: v6.36 [current] is released!

Watchdog has rebooted my RB2011UAS twice during last week:  .. Jul/26/2016 13:36:19 system,error,critical router was rebooted without proper shutdown by watchdog timer .. Jul/30/2016 11:26:31 system,error,critical router was rebooted without proper shutdown by watchdog timer .. -No watch addresses d...
by Fraction
Sat Jul 30, 2016 4:33 pm
Forum: General
Topic: feature request: add Port List to firewall
Replies: 34
Views: 6873

Re: feature request: add Port List to firewall

router IS firewall and vice versa. and decent router - insecure and useless/dangerous w/o decent firewall and decent firewall ~ useless w/o routing. There is a lot of places where you have router doing just routing and firewall doing just filtering and optionally NAT:ting (of course with default ro...
by Fraction
Sat Jul 30, 2016 1:34 am
Forum: General
Topic: feature request: add Port List to firewall
Replies: 34
Views: 6873

Re: feature request: add Port List to firewall

- multiple protocols: this makes no real sense, and netfilter doesn't support it anyway Its not so uncommon that applications needs both, udp- and tcp-ports and also icmp is used in quite strange places.  And if you want to do strict rule for encrypted EoIP-tunnel, you need 3 rules at minimum: -one...
by Fraction
Fri Jul 29, 2016 10:01 pm
Forum: General
Topic: feature request: add Port List to firewall
Replies: 34
Views: 6873

Re: feature request: add Port List to firewall

- multiple protocols: this makes no real sense, and netfilter doesn't support it anyway Its not so uncommon that applications uses both, udp- and tcp-ports and also icmp is used in quite strange places.  -multiple ports: this is already possible, only you need to specify it inside the rule, not as ...
by Fraction
Fri Jul 29, 2016 4:48 pm
Forum: General
Topic: feature request: add Port List to firewall
Replies: 34
Views: 6873

Re: feature request: add Port List to firewall

+1 for the ability to use multiple protocols & ports in one filter rule.
by Fraction
Thu Jul 28, 2016 10:20 pm
Forum: General
Topic: Feature request: CLI hints in WinBox
Replies: 7
Views: 1363

Re: Feature request: CLI hints in WinBox

Nice idea, if doable with reasonable effort. :)

Not only in previewing purposes, but sounds also quite good way to learn CLI for the beginners..
by Fraction
Fri Jul 22, 2016 5:38 pm
Forum: Announcements
Topic: v6.36 [current] is released!
Replies: 183
Views: 42063

Re: v6.36 [current] is released!

Winbox Secure Mode doesn't work with Windows 10.

Secure mode -box is checked and lock icon appears after login, but if I capture the traffic with Wireshark, the connection is not encrypted at all.. 
by Fraction
Sat Jul 02, 2016 11:15 am
Forum: General
Topic: One more off-topic from the big flooder =)
Replies: 8
Views: 1200

Re: One more off-topic from the big flooder =)

It's a huge amount of messages, but still have to say that Chupaka is one of the few nicknames I recognize and definitely in positive sense. So many good answers to "stupid" questions & configuration problems. :)

Thank you for helping us novices, Chupaka. :)
by Fraction
Thu Jun 09, 2016 2:22 pm
Forum: Announcements
Topic: v6.34.6 [bugfix] is released!
Replies: 60
Views: 18877

Re: v6.34.6 [bugfix] is released!

hAP lite upgraded 3,5 hrs ago and no issues detected so far.. Timestamps are ok now.
by Fraction
Sun Jun 05, 2016 12:55 pm
Forum: Announcements
Topic: v6.34.5 [bugfix] is released!
Replies: 23
Views: 7094

Re: v6.34.5 [bugfix] is released!

First reboot after upgrade "solved" the timestamp issue..
by Fraction
Thu Jun 02, 2016 7:55 pm
Forum: Announcements
Topic: v6.34.5 [bugfix] is released!
Replies: 23
Views: 7094

Re: v6.34.5 [bugfix] is released!

All routes coming from RIP went inactives today. I saw RIP receiving updates every 3 mins as usually and routes were also visible in main routing table, but without A-flag (only Dr). I added one of the routes as static route, and it worked immediately.

Reboot solved the problem.
by Fraction
Wed Jun 01, 2016 12:54 pm
Forum: Announcements
Topic: v6.34.5 [bugfix] is released!
Replies: 23
Views: 7094

Re: v6.34.5 [bugfix] is released!

Hmm.. it seems that logging doesn't use/regognize time zones anymore. Every timestamp in logs are now in GMT time. I'm quite sure that it worked before upgrade (from previous bugfix). [admin@hap-lite] > /log print .. 09:49:16 system,info,account user admin logged in from X.X.X.X via ssh ... [admin@h...
by Fraction
Tue May 31, 2016 11:59 am
Forum: General
Topic: Force change of IP public in script
Replies: 4
Views: 848

Re: Force change of IP public in script

If it is dynamic, changing mac-address of wan-interface could be one possible solution:

/interface ethernet reset-mac-address <name-of-WAN-interfae>
by Fraction
Sat May 28, 2016 7:58 pm
Forum: Announcements
Topic: Winbox3.4 released!
Replies: 54
Views: 19312

Re: Winbox3.4 released!

Edit: I leave my original message to below, but actually the test I did is way too "fancy" and you can try this simply using live capturing in Wireshark, since the encryption happens/should happen in application layer, you should not be able to read anything from Wireshark livestream.. Anyhow.. It s...
by Fraction
Thu May 05, 2016 12:33 pm
Forum: RouterBOARD hardware
Topic: RouterOS x86 Max Memory
Replies: 9
Views: 4039

Re: RouterOS x86 Max Memory

Probably not the case for the original poster, but I just wanted to mention that CHR uses 64-bit instruction sets and can utilize much more than 2GB:

"Minimum 32MB of RAM (maximum supported 2GB, except on Cloud Core devices and CHR installations, where there is no maximum)"
by Fraction
Tue May 03, 2016 12:03 am
Forum: General
Topic: Winbox Safe mode
Replies: 26
Views: 42046

Re: Winbox Safe mode

This definitely should be an default option. :)
by Fraction
Sat Apr 23, 2016 1:43 pm
Forum: Virtualization
Topic: Cloud Hosted Router
Replies: 583
Views: 188050

Re: Cloud Hosted Router

I will be great if we can do some type of migration license from x86 to CHR since 3 type of level license has the same price Level 4 = P1 ($45) Level 5 = P10 ($95) Level 6 = Unlimited ($250) Any news/instuctions about this topic? I saw Normis asked raffav to contact support after this post, is that...
by Fraction
Fri Dec 04, 2015 8:06 pm
Forum: The Dude
Topic: The Dude is back! v6.34rc test build released
Replies: 269
Views: 74281

Re: The Dude is back! v6.34rc test build released

Are language selection and web interface planned to brought back? Or maybe some Android client? Time will tell, cannot say anything at this point yet. Yep, you definitely should avoid "Windows-only" solutions and try to do this platform independently from the begin. And web interface is usually the...
by Fraction
Fri Dec 04, 2015 8:00 pm
Forum: The Dude
Topic: The Dude is back! v6.34rc test build released
Replies: 269
Views: 74281

Re: The Dude is back! v6.34rc test build released

... Removed features: * Windows server ... Oh... So no more standalone poking on the network from my windows machine without installing something on the routers... Beta3 is here to stay :( Hmm.. Did you realize that you only need to install Dude-server to one router? Also, as "quick and dirty worka...
by Fraction
Tue Nov 24, 2015 6:57 am
Forum: RouterBOARD hardware
Topic: RB3011UiAS-RM
Replies: 102
Views: 52201

Re: RB3011UiAS-RM

Looks very promising device, althought I'm more waiting the desktop version, hopefully its coming soon too..

Few questions:
-ipsec performance (hw crypto?)
-NAND size
-MetaROUTER ability
-Lane between cpu & switch chips

Thank you in advance.
by Fraction
Tue Jun 02, 2015 12:31 pm
Forum: Announcements
Topic: FastTrack - New feature in 6.29
Replies: 237
Views: 139993

Re: FastTrack - New feature in 6.29

It seems like FastTrack somehow disturbs my ssh/cifs server connections through IPSec-tunnel.. Ping still works as expected and I can even connect to suitable ports with telnet, but connecting with Putty (ssh) or Windows Explorer (CIFS) just hangs until timeout.. Anyhow, From IP/Firewall/Connection ...
by Fraction
Mon Mar 30, 2015 1:10 pm
Forum: General
Topic: IPSec VPN Use custom DNS
Replies: 1
Views: 815

Re: IPSec VPN Use custom DNS

Or must I have that manually set in the Shrew client configs?
That is only working method I have figured out so far, but if someone knows better way, I'm also very interested. :)
by Fraction
Thu Oct 09, 2014 12:01 pm
Forum: General
Topic: Same subnet - firewall - block device access
Replies: 3
Views: 1303

Re: Same subnet - firewall - block device access

And be sure that both devices are connected directly to your firewall. If there is switch between firewall and devices, traffic never comes to firewall.
by Fraction
Mon Oct 06, 2014 6:56 pm
Forum: General
Topic: License Upgrade Restrictions removed?
Replies: 2
Views: 876

Re: License Upgrade Restrictions removed?

Hmm.. also line "upgradable-to: XXX" has disappeared from license information (/system license print) . I have one ROS 6.17 (lev4 license) and there it still exist, but not anymore in ROS 6.20 (lev5)..
by Fraction
Mon Oct 06, 2014 9:01 am
Forum: General
Topic: Did we loose IP cloud?
Replies: 155
Views: 26193

Re: Did we loose IP cloud?

Hmm.. still working on my 2011. /system package print Flags: X - disabled # NAME VERSION SCHEDULED 0 routeros-mipsbe 6.20 /ip cloud print enabled: yes update-time: yes status: updated Edit: Actually.. "/ip cloud force-update" did this: /ip cloud print enabled: yes update-time: yes status: Error: req...
by Fraction
Mon Jun 02, 2014 10:01 pm
Forum: General
Topic: Conditional DNS forwarding
Replies: 17
Views: 35090

Re: Conditional DNS forwarding

Hi, This is definitely not a beta issue (actually not issue at all) and this topic is also quite old, but I reuse it anyway.. Explained method really works (although I would really appreciate more straightforward way to do this), but is it possible (I pretty sure it is, but my regexp-skilz are just ...
by Fraction
Mon Jun 02, 2014 6:46 pm
Forum: RouterBOARD hardware
Topic: Mikrotik 6:13
Replies: 1
Views: 813

Re: Mikrotik 6:13

Need some help, I'm emulating the Mikrotik 6:13 in VirtualBox and accessing through Winbox for experiments with olefins software networks using OpenFlow protocol, this protocol is not accompanied by the image of the system, so I downloaded a file on the Mikrotik site in the downloads / Mipsbe / All...
by Fraction
Tue May 20, 2014 6:28 pm
Forum: RouterBOARD hardware
Topic: RB2011UAS-2HnD stops responding spontaneously
Replies: 42
Views: 12061

Re: RB2011UAS-2HnD stops responding spontaneously

Apparently this issue has been fixed in 6.13. From yesterday, all clients (6 clients using L2TP/IPSec) were connected. Today cache size is 56 now. Normally it would be something between 2k-4k.
Has not happened for me either with 6.13, so this looks promising!
by Fraction
Mon Mar 17, 2014 2:56 pm
Forum: RouterBOARD hardware
Topic: RB2011UAS-2HnD stops responding spontaneously
Replies: 42
Views: 12061

RB2011UAS-2HnD stops responding spontaneously

Hi, I have been suffering with a quite annoying problem with RB2011UAS-2HnD (ROS 6.10) last few weeks. This happened first time at same day than I upgraded from ROS6.9 to 6.10, so I'm not sure is it related to ROS-version or RB or what. I didn't change my configuration at that time (which has been w...
by Fraction
Thu Feb 06, 2014 6:40 pm
Forum: Forwarding Protocols
Topic: Problem with RIP routing
Replies: 3
Views: 1659

Re: Problem with RIP routing

Hmm.. Thank you, reboot solved my case too. First I rebooted only sending router (router1), but it didn't help. Then I rebooted receiving one (router2) too, and that made the trick.
Sounds like a bug in ROS6.9?
by Fraction
Wed Feb 05, 2014 11:44 pm
Forum: Forwarding Protocols
Topic: Problem with RIP routing
Replies: 3
Views: 1659

Problem with RIP routing

Hi, I'm trying to setup very simple RIP setup with 2 routers and only few subnets (yes, I can do it with static routes and it works, but I really want to know what is wrong in this anyway). My setup is kind of one-direction setup, where another router (router1) sends static-routes & connected-routes...
by Fraction
Wed Jan 01, 2014 5:32 pm
Forum: General
Topic: Centos / Linux on metarouter on RouterBoard (MIPSBE)
Replies: 3
Views: 4682

Re: Centos / Linux on metarouter on RouterBoard (MIPSBE)

Sorry, there was differences in result output.
by Fraction
Wed Jun 19, 2013 11:31 pm
Forum: General
Topic: RB2011 & 3G
Replies: 2
Views: 1379

Re: RB2011 & 3G

Also Huawei E353 and E367 are usable for 3G connections with RB2011. Only drawback after that older (and much slower) E1552 is that it now seems impossible to send or receive SMS-messages during 3G connections. It just says that channel is already in use although with E1552 it worked well.. Has anyo...
by Fraction
Fri Jun 14, 2013 11:46 pm
Forum: General
Topic: [Feature Req.] Enable access to microSD card of 3G usb mode
Replies: 8
Views: 4058

Re: [Feature Req.] Enable access to microSD card of 3G usb m

+1 for this. Edit: Actually, it randomly works at least with Huawei usb-sticks.. Sometimes after reboot I can see my micro-SD and it is totally usable and usually also stays there until I have to reboot my device next time. So far I haven't managed to figure any formula when it is available and when...
by Fraction
Tue Jun 11, 2013 10:22 pm
Forum: General
Topic: RB2011 & 3G
Replies: 2
Views: 1379

Re: RB2011 & 3G

2011UAS-2HnD (ROS 6.0) & Huawei E1552 works pretty well together.
by Fraction
Wed May 29, 2013 10:36 pm
Forum: General
Topic: SSTP VPN with Win7 'verify client certificate'
Replies: 11
Views: 5308

Re: SSTP VPN with Win7 'verify client certificate'

Any new ideas concerning this? I'm still saying that Microsoft is not the problem and Windows SSTP-client is already supporting client-side certificates. sstp1.png sstp2.png Have you done any investigations about that? Also, Wiki says that Windows client supports only RC4 encryption, this is not tru...
by Fraction
Tue May 14, 2013 5:33 pm
Forum: General
Topic: [Solved] Radius - winbox accepted, SSH rejected
Replies: 4
Views: 1483

Re: Radius - winbox accepted, SSH rejected

Hey guys, I have setup "/user AAA" to go with radius. I can login to winbox fine with a username/pass from radius, however I can not login to console or SSH with the radius user. The user is getting authentificated agains the radius server, but Im getting reject messages. Radius is sending the "ful...
by Fraction
Thu May 09, 2013 4:21 pm
Forum: General
Topic: v5.25 released
Replies: 52
Views: 16483

Re: v5.25 released

After this upgrade wlan interface doesn't exist anymore in my RB2011UAS-2HnD. Its simple and totally lost from interface-listing. I already tried fresh ROS 5.25 netinstall but it didn't help. I'll try downgrade back to 5.24 tomorrow if I find some spare time. Also Quick set page is disappeared from...
by Fraction
Tue Apr 30, 2013 4:41 pm
Forum: General
Topic: v5.25 released
Replies: 52
Views: 16483

Re: v5.25 released

After this upgrade wlan interface doesn't exist anymore in my RB2011UAS-2HnD. Its simple and totally lost from interface-listing. I already tried fresh ROS 5.25 netinstall but it didn't help. I'll try downgrade back to 5.24 tomorrow if I find some spare time. Also Quick set page is disappeared from...
by Fraction
Mon Apr 29, 2013 10:36 pm
Forum: General
Topic: v5.25 released
Replies: 52
Views: 16483

Re: v5.25 released

After this upgrade wlan interface doesn't exist anymore in my RB2011UAS-2HnD. Its simple and totally lost from interface-listing. I already tried fresh ROS 5.25 netinstall but it didn't help. I'll try downgrade back to 5.24 tomorrow if I find some spare time. Also Quick set page is disappeared from ...
by Fraction
Mon Apr 29, 2013 10:33 am
Forum: General
Topic: Mikrotik as source of DNS Amplification attacks
Replies: 31
Views: 11688

Re: Mikrotik as source of DNS Amplification attacks

I'll risk my own professionalism-factor too and say +1 for previous poster.. It would be very nice feature to be able to enable or disable DNS-server per interface.
by Fraction
Wed Mar 06, 2013 8:44 am
Forum: General
Topic: 5.24 released!
Replies: 161
Views: 44264

Re: 5.24 released!

What's new in 6.0rc11 (2013-Feb-22 09:17):
*) sstp server - added option to force AES encryption;

Is there any plans to bring this feature to ROSv5?
by Fraction
Mon Mar 04, 2013 12:31 pm
Forum: General
Topic: https not working over sstp vpn
Replies: 4
Views: 1600

Re: https not working over sstp vpn

Are you running SSTP in default port 443? Can you try it with different port? That was a bit long shot, but at least one thing what would be possible causing that.
by Fraction
Fri Mar 01, 2013 1:40 pm
Forum: General
Topic: main issue in rb2011
Replies: 4
Views: 666

Re: main issue in rb2011

You have problem to use Netinstall with some devices?
by Fraction
Wed Feb 27, 2013 10:09 pm
Forum: Virtualization
Topic: MetaROUTER stability issues on certain MIPSBE and PPC boards
Replies: 490
Views: 123116

Re: MetaROUTER stability issues on certain MIPSBE and PPC bo

I didn't tried that voltage.ko -trick, it felt too arduous to find out how to do that and give it a shot.
ROS version was 5.24.
by Fraction
Tue Feb 26, 2013 9:00 pm
Forum: Virtualization
Topic: MetaROUTER stability issues on certain MIPSBE and PPC boards
Replies: 490
Views: 123116

Re: MetaROUTER stability issues on certain MIPSBE and PPC bo

Ok, I stole PSU from TP-Link TL-WR1043ND (12V 1,5A) and RB2011 is again up and running. Next I'll set up my test-OpenWRT MetaROUTER again and maybe generate some load for that and we'll see what happens.. Well, not a significant difference.. I think freeze periods are a bit shorter than earlier, bu...
by Fraction
Tue Feb 26, 2013 5:55 pm
Forum: Virtualization
Topic: MetaROUTER stability issues on certain MIPSBE and PPC boards
Replies: 490
Views: 123116

Re: MetaROUTER stability issues on certain MIPSBE and PPC bo

Ok, I stole PSU from TP-Link TL-WR1043ND (12V 1,5A) and RB2011 is again up and running. Next I'll set up my test-OpenWRT MetaROUTER again and maybe generate some load for that and we'll see what happens..
by Fraction
Mon Feb 25, 2013 11:52 am
Forum: Virtualization
Topic: MetaROUTER stability issues on certain MIPSBE and PPC boards
Replies: 490
Views: 123116

Re: MetaROUTER stability issues on certain MIPSBE and PPC bo

Has anyone tried to change power supply for RB2011UAS-2HnD-IN and tested its impact to MetaROUTER stability? Is it even possible to change it without losing warranty?
by Fraction
Thu Feb 21, 2013 10:28 pm
Forum: General
Topic: sstp and win 7 client
Replies: 4
Views: 2070

Re: sstp and win 7 client

And btw, if you have only few clients and little handwork is not problem, you don't even need that domain name. You can also use your client-computers hosts-file ( http://en.wikipedia.org/wiki/Hosts_(file) ). Main thing is just to take care that the address you connect with client match to your serv...
by Fraction
Thu Feb 21, 2013 10:14 pm
Forum: General
Topic: sstp and win 7 client
Replies: 4
Views: 2070

Re: sstp and win 7 client

http://wiki.mikrotik.com/wiki/Manual:Create_Certificates Did you use this method to create your certs? " When filling CN remember that it must not match on CA and server certificate otherwise later naming collision will occur. " This is what is confusing me. thanks I didn't read that page when I ma...
by Fraction
Wed Feb 20, 2013 10:50 pm
Forum: General
Topic: 5.24 released!
Replies: 161
Views: 44264

Re: 5.24 released!

Interesting first-hand notice of ROS 5.24 and RB2011.. On the spur of the moment I decided to try MetaROUTER after upgrade. I imported same OpenWRT image as earlier, made same basic setup as earlier and started to load it, just like I have done several times before (with different ROS versions). BUT...
by Fraction
Wed Feb 20, 2013 4:26 pm
Forum: General
Topic: sstp and win 7 client
Replies: 4
Views: 2070

Re: sstp and win 7 client

I'm trying to setup SSTP because I find wifi spots that block L2TP ports. I get an 0x8007274C error. From what I've seen here and on other pages it looks like my self signed cert is being rejected. I found one post that says the CN in the cert must match the IP address of the router. Since mine doe...
by Fraction
Wed Feb 20, 2013 10:47 am
Forum: General
Topic: SSTP VPN with Win7 'verify client certificate'
Replies: 11
Views: 5308

Re: SSTP VPN with Win7 'verify client certificate'

Wrong place to ask.. Contact Microsoft and ask them if such feature will be implemented.

That was that "is there any possibilities" -section of my question. :)

Anyway, EAP authentication with certificates is supported by Microsoft SSTP-solution.
by Fraction
Tue Feb 19, 2013 11:46 pm
Forum: General
Topic: SSTP VPN with Win7 'verify client certificate'
Replies: 11
Views: 5308

Re: SSTP VPN with Win7 'verify client certificate'

Is there any plans/possibilities to implement that feature usable with Windows-clients also?
Would make huge improvement to sstp's security and that way make it much better alternative to OpenVPN (which you don't want to development anymore).
by Fraction
Mon Feb 04, 2013 8:39 pm
Forum: General
Topic: 5.23 released!
Replies: 72
Views: 24648

Re: 5.23 released!

I made downgrade (fresh install with NetInstall & config restored from backup) back to ROS 5.22 and haven't seen those strange Winbox-problems at least yet. RouterBoard's FW is still 3.04.
by Fraction
Sun Feb 03, 2013 8:16 pm
Forum: General
Topic: 5.23 released!
Replies: 72
Views: 24648

Re: 5.23 released!

New problem with 5.23.. Winbox (and Webfig too) lost all information about interfaces. The whole Interfaces/Interface -tab is empty. Everything is working fine, no issues with connections or anything and SSH (and console) shows (/interface print) everything right. It is just Winbox and Webfig which ...
by Fraction
Sat Feb 02, 2013 4:12 pm
Forum: General
Topic: 5.23 released!
Replies: 72
Views: 24648

Re: 5.23 released!

My story with RB2011 continues.. Today I noticed that there is also new firmware available (3.04).. I made fw upgrade too and decided to boot again after that but now my device doesn't get up anymore. LCD screen shows first "routerboot configuration" then "ether boot" then fastly "loading kernel fr...
by Fraction
Thu Jan 31, 2013 9:23 pm
Forum: General
Topic: 5.23 released!
Replies: 72
Views: 24648

Re: 5.23 released!

My story with RB2011 continues.. Today I noticed that there is also new firmware available (3.04).. I made fw upgrade too and decided to boot again after that but now my device doesn't get up anymore. LCD screen shows first "routerboot configuration" then "ether boot" then fastly "loading kernel fro...
by Fraction
Wed Jan 30, 2013 11:47 pm
Forum: General
Topic: 5.23 released!
Replies: 72
Views: 24648

Re: 5.23 released!

I have the same model. My experience with it something like 3 or 4 weeks. After buying it, upgraded till to v6. I have something like 40 clients through PPPoE, local network, of course both NATed to ISP, one PPTP tunnel, and FTP server through USB port, and about 8 firewall rules.... Working perfec...
by Fraction
Wed Jan 30, 2013 9:18 pm
Forum: General
Topic: 5.23 released!
Replies: 72
Views: 24648

Re: 5.23 released!

I made this upgrade to my 2011UAS-2HnD couple hours ago and everything went well and looked fine after upgrade, but now I noticed that all my Wireless Security Profiles (2 with different options) had disappeared and my both wlans were totally unsecured.. Yesterday they were there (I know this 100% s...
by Fraction
Mon Jan 21, 2013 8:26 pm
Forum: General
Topic: IPSEC + Openswan
Replies: 5
Views: 3848

Re: IPSEC + Openswan

I have similar situation but without separate firewall. Openswan installed on OpenWRT router connected directly to Internet. From lan1 (behind OpenWRT) to lan2 (behind ROS 5.22) everything works nice, but from lan2 I can ping only my OpenWRT's lan-address (lan1 gateway). With tcpdump on OpenWRT (int...
by Fraction
Wed Jan 16, 2013 9:54 pm
Forum: General
Topic: OpenVPN unknown auth alg
Replies: 18
Views: 16605

Re: OpenVPN unknown auth alg

SOLVED !!! After 3 Weeks of fighting with the problem we finally find out the problem. The problem is caused by the openssl library, that is too new and isn't supported by openvpn mikrotik server. MT OpenVpn Server (like written in the WiKi) support OpenSSL ver 0.9.8 with Cipher BF algorithm inside...