Community discussions

Search found 40 matches

by simogere
Wed Jan 30, 2019 12:53 pm
Forum: General
Topic: POE Problem
Replies: 14
Views: 3123

Re: POE Problem

Hi, I need a little info: my wAP ac is connected to a hEX PoE. The wAP is powerd only if the setting of Poe on hAP port is setted up to "forced on". With "auto on" it does not work. Reason?

Thanks, Simone
by simogere
Wed Jan 30, 2019 12:22 pm
Forum: Wireless Networking
Topic: Again on WAP-AC PoE requirement
Replies: 7
Views: 981

Re: Again on WAP-AC PoE requirement

Hi, I need a little info: my wAP ac is connected to a hEX PoE. The wAP is powerd only if the setting of Poe on hAP port is setted up to "forced on". With "auto on" it does not work. Reason?

Thanks, Simone
by simogere
Wed May 30, 2018 1:25 pm
Forum: Beginner Basics
Topic: Firewall rules tips
Replies: 8
Views: 1253

Re: Firewall rules tips

It's just a little hard to believe that you need to access all those port from anywhere (whole internet). SSTP, PPTP, sure, if you use router as VPN server. Even WinBox or http for WebFig can make sense (just make sure that you don't have outdated RouterOS version, there are some very ugly vulnerab...
by simogere
Tue May 29, 2018 6:26 pm
Forum: Beginner Basics
Topic: Firewall rules tips
Replies: 8
Views: 1253

Re: Firewall rules tips

Yes, it's bad, the whole thing is almost useless. Input chain specifically allows to access pretty much everything running on router from everywhere, except DNS from WAN. There is drop rule at the end, to block connections from other sources than LAN bridge, but it's not very useful when it's after...
by simogere
Tue May 29, 2018 5:46 pm
Forum: Beginner Basics
Topic: Firewall rules tips
Replies: 8
Views: 1253

Re: Firewall rules tips

Hi anav, thanks for the reply.

The context is my home router. One ISP, one wan ip, a lan bridge with few ethernet ports, a dhcp server running on it and a masquerade of the lan network. That's all.

What's wrong with the DNS? The rules drop the external dns requests
by simogere
Tue May 29, 2018 4:33 pm
Forum: Beginner Basics
Topic: From one subnet to other but [SOLVED]
Replies: 10
Views: 685

Re: From one subnet to other but [SOLVED]

Try those rules:
chain=forward action drop protocol=tcp src-address=10.10.10.0/24 dst-port=!3389
chain=forward action drop protocol=udp src-address=10.10.10.0/24
by simogere
Tue May 29, 2018 4:17 pm
Forum: Beginner Basics
Topic: Firewall rules tips
Replies: 8
Views: 1253

Firewall rules tips

Hi, I need a hand with my firewall rules. Am I missing something basic? /ip firewall filter add action=drop chain=input connection-state=new dst-port=53 in-interface="sfp1 - WAN" protocol=udp add action=drop chain=input connection-state=new dst-port=53 in-interface="sfp1 - WAN" protocol=tcp add acti...
by simogere
Mon May 14, 2018 5:31 pm
Forum: Scripting
Topic: Script on 6.41RC - fetch not working
Replies: 5
Views: 1312

Re: Script on 6.41RC - fetch not working

Have you tried running the "/tool fetch" command manually? Does it work? If not - can you put the output here?
It doesn't work manually too.

With filezilla it works.
status: failed

failure: connection timeout
by simogere
Mon May 14, 2018 1:27 pm
Forum: Scripting
Topic: Script on 6.41RC - fetch not working
Replies: 5
Views: 1312

Re: Script on 6.41RC - fetch not working

Any solution?
by simogere
Sat Nov 18, 2017 11:36 am
Forum: General
Topic: Firewall rules: are they ok?
Replies: 0
Views: 577

Firewall rules: are they ok?

Hi, I read the wiki and I just want to know if my firewall rules are ok or something is wrong or missed /ip firewall filter add action=accept chain=input comment="Accept input established and related connections" connection-state=established,related add action=accept chain=input comment="Accept inpu...
by simogere
Thu Aug 03, 2017 2:18 am
Forum: The Dude
Topic: The Dude 6.39.2 Log Files
Replies: 14
Views: 2846

Re: The Dude 6.39.2 Log Files

Waiting for the "old style" syslog... :-(
by simogere
Mon May 22, 2017 11:19 pm
Forum: Wireless Networking
Topic: Capsman + Repeater + Cap
Replies: 1
Views: 1013

Re: Capsman + Repeater + Cap

Nobody?
by simogere
Fri May 19, 2017 9:38 pm
Forum: Wireless Networking
Topic: Capsman + Repeater + Cap
Replies: 1
Views: 1013

Capsman + Repeater + Cap

Hi, I have a hAP AC and a hAP AC lite My target is to create a CAPsMAN on hap ac in order to manage 2,4 / 5 radios of the same hap ac and 2,5 radio of hap ac lite. The 5 ghz radio of the hap ac lite should be used to connect to 5 ghz CAP of the hap ac. hAP AP is my router, with dhcp server and all L...
by simogere
Fri May 19, 2017 4:43 pm
Forum: Beginner Basics
Topic: CAPsMan and station (bridge)
Replies: 1
Views: 662

Re: CAPsMan and station (bridge)

"I know that station-bridge will not work"

Why?
by simogere
Tue May 02, 2017 6:52 pm
Forum: General
Topic: PPTP iOS10
Replies: 59
Views: 24049

Re: PPTP iOS10

Actually L2TP+IPsec configuration is not too difficult. 1) Enable L2TP server, /interface l2tp-server server set authentication=mschap2 enabled=yes 2) Configure PPP profile, /ppp profile add change-tcp-mss=yes local-address=192.168.17.1 name=ipsec+L2TP remote-address=ipsec-pool use-encryption=yes /...
by simogere
Wed Oct 19, 2016 4:10 pm
Forum: The User Manager
Topic: Multiple Hotspots on the same router with RADIUS
Replies: 11
Views: 13916

Re: Multiple Hotspots on the same router with RADIUS

When you add NEW DEVICE ( NAS ) in user Manager it only allows one unique NAS ip address, if you try add the same, User manager will not take it. I have not played with ID, real, etc. parameters, i heart it is possible but i don't know how to do it. What i have done i have had created 3 user manage...
by simogere
Tue Oct 18, 2016 1:32 pm
Forum: The User Manager
Topic: 2 hotspots and 1 user manager
Replies: 3
Views: 2485

Re: 2 hotspots and 1 user manager

You can use domain in hotspot and radius configuration
Ok, but how? Hotspot profiles are 2. Radius server is only one!
by simogere
Mon Oct 17, 2016 3:44 pm
Forum: The User Manager
Topic: 2 hotspots and 1 user manager
Replies: 3
Views: 2485

2 hotspots and 1 user manager

Hi, I'm trying to find a solution to this problem: on my rb1100 I have 2 hotspots with their hotspot profile (with "use radius" flag option). /ip hotspot profile add hotspot-address=10.0.0.1 html-directory="HS1 -Ospiti" name=\ "hsprof1 - Ospiti" use-radius=yes add hotspot-address=10.10.0.1 html-dire...
by simogere
Fri Apr 17, 2015 6:53 pm
Forum: General
Topic: Lan and WLan on 2 different routers?
Replies: 1
Views: 382

Lan and WLan on 2 different routers?

Hi, my RB951G-2HnD is configured like a router: - port 1 wan - bridge with port 2, 3, 4 , 5, wlan1 - dhcp, masquerade (nat) and a static route (the gateway) Anyway, on wan port arrive 2 different vlans: a default untagged vlan (the one I'm using) and a tagged vlan. So, I added a second masquerade ru...
by simogere
Mon Apr 13, 2015 11:06 am
Forum: The User Manager
Topic: No active users / sessions in User Manager
Replies: 3
Views: 1741

Re: No active users / sessions in User Manager

Maybe that's because of CSS's caches.
It happens a lot.
Just delete you're browser's cache and cookies and every thing.... :D and Login into UM again.
This should work. all the time for me.
No, no problem with css. The same problem appears on every client I use to see the UM.
by simogere
Thu Apr 09, 2015 9:51 am
Forum: The User Manager
Topic: No active users / sessions in User Manager
Replies: 3
Views: 1741

No active users / sessions in User Manager

Hi guys, is happening to me for two days that I can't see from the web gui of UM the active users and sessions. Nothing is changed. There are logs about authentications (ok and fails) but no more sessions registered and no more active users and sessions too. The hotspot stil working without problems...
by simogere
Wed Mar 04, 2015 11:40 am
Forum: The User Manager
Topic: Export / import users problems - batch change profile
Replies: 2
Views: 1412

Export / import users problems - batch change profile

Hi, I have to clone the configuration of a user manager. I installed manually the usermanager in the new RB450 and with a simple "export file=namefile verbose" I' exported the configuration from the old RB450. Removed all the mac-address from the src file and run it from the terminal of the new RB. ...
by simogere
Fri Sep 05, 2014 1:23 pm
Forum: General
Topic: Walled Garden problems: youtube
Replies: 1
Views: 1084

Walled Garden problems: youtube

Hi, even if I add to the walled gardens of the hotspot:
- www.youtube.com
- https://www.youtube.com
- m.youtube.com
- https://m.youtube.com
- ytimg.com (the player)

i cannot see youtube site but the rb redirects to the captive portal.

Any tips?

Thanks in advance, Simone.
by simogere
Tue Aug 05, 2014 11:12 pm
Forum: Beginner Basics
Topic: RDP 3389 block to external connections
Replies: 10
Views: 5335

Re: RDP 3389 block to external connections

Hi Craig inbound RDP connections works fine outbound RDP connections not work to all RDP connections regardless of destination Same problem: it happens if you set up a 3389 ingoing NAT. The solution is specify, for that rule, the interface that receive the ingoing rdp request. http://oi61.tinypic.c...
by simogere
Wed Jul 16, 2014 6:58 pm
Forum: The User Manager
Topic: Accounting request not sent: no response
Replies: 2
Views: 2685

Re: Accounting request not sent: no response

and the rest of the config? Hi, i don't know why but today i have just 1 "no response". It's so strange.... What does "Radius accounting request not sent: no response" means? Another question: I use user manager + on board radius on my RB450G. I have some profiles on um like No limit, 2M, 3M, 4M......
by simogere
Tue Jul 15, 2014 4:49 pm
Forum: The User Manager
Topic: Accounting request not sent: no response
Replies: 2
Views: 2685

Accounting request not sent: no response

Hi guys, I need a hand, sorry

Look this screenshot please

Image

Why there's all those "no response"?

Thanks in advance, Simone.
by simogere
Tue Jul 15, 2014 2:53 am
Forum: The User Manager
Topic: Still problems with time offset on UM -> Bug or noob?
Replies: 16
Views: 3747

Still problems with time offset on UM -> Bug or noob?

I was reading here http://forum.mikrotik.com/viewtopic.php?f=10&t=24631&hilit=user+manager+time+zone http://forum.mikrotik.com/viewtopic.php?f=2&t=50648&p=258491&hilit=user+manager+time+zone#p258491 http://wiki.mikrotik.com/wiki/User_Manager/QA/Incorrect_time_shown_for_sessions_and_credits RB conf: ...
by simogere
Fri Jul 11, 2014 5:44 pm
Forum: General
Topic: Logging web traffic to remote webserver
Replies: 33
Views: 10157

Re: Logging web traffic to remote webserver

With this one works fine:
/system logging
set LogServerNotice2 prefix=INFO topics=info,!firewall
My syslog is a pc with The Dude 3.6
by simogere
Fri Jul 11, 2014 5:36 pm
Forum: General
Topic: Logging web traffic to remote webserver
Replies: 33
Views: 10157

Re: Logging web traffic to remote webserver

I think I found the problem:
/system logging
set 0 prefix=INFO topics=info,!firewall
Set 0 not working:
[admin@MikroTik] /system logging> set action=
LogServerInfo2  LogServerNotice2  disk  echo  memory  remote
Which one I have to use?
by simogere
Fri Jul 11, 2014 5:18 pm
Forum: General
Topic: Logging web traffic to remote webserver
Replies: 33
Views: 10157

Re: Logging web traffic to remote webserver

Mine is RB450. Damn, I can't find where is the problem...
by simogere
Fri Jul 11, 2014 5:04 pm
Forum: General
Topic: Logging web traffic to remote webserver
Replies: 33
Views: 10157

Re: Logging web traffic to remote webserver

RouterOS version? Mine is 6.15
by simogere
Fri Jul 11, 2014 4:47 pm
Forum: General
Topic: Logging web traffic to remote webserver
Replies: 33
Views: 10157

Re: Logging web traffic to remote webserver

Ok, I don't uderstand :D

Any tips about hotspot logs that not working?
by simogere
Fri Jul 11, 2014 4:29 pm
Forum: General
Topic: Logging web traffic to remote webserver
Replies: 33
Views: 10157

Re: Logging web traffic to remote webserver

ci sono due regole apposta, la prima logga le connessioni, la seconda (add action=LogServerNotice2 topics=hotspot,info,!debug) logga gli utenti, così rimane la corrispondenza tra utente e mac address/IP >>>- I can't see logs in log shell of rb. How i can do it? (without storing them) /system loggin...
by simogere
Fri Jul 11, 2014 11:10 am
Forum: General
Topic: Logging web traffic to remote webserver
Replies: 33
Views: 10157

Re: Logging web traffic to remote webserver

Hi thanks for the post. I'll try it tomorrow. What are the differences between this method? [admin@Test-HotSpot] > ip firewall filter add chain=forward action=log connection-state=new [admin@Test-HotSpot] > system logging add topics=firewall action=remote [admin@Test-HotSpot] > system logging actio...
by simogere
Wed Jul 09, 2014 10:43 pm
Forum: General
Topic: Logging web traffic to remote webserver
Replies: 33
Views: 10157

Re: Logging web traffic to remote webserver

Hi thanks for the post. I'll try it tomorrow. What are the differences between this method? [admin@Test-HotSpot] > ip firewall filter add chain=forward action=log connection-state=new [admin@Test-HotSpot] > system logging add topics=firewall action=remote [admin@Test-HotSpot] > system logging action...
by simogere
Wed Jul 09, 2014 6:28 pm
Forum: General
Topic: Logging web traffic to remote webserver
Replies: 33
Views: 10157

Re: Logging web traffic to remote webserver

Those rules not only log the firewall, but also the pppoe autentication. ALL THIS RULE ARE VALID ONLY FOR "PPP" CLIENTS, for HotSpot the method is different... For HotSpot I suggest you to use "Cloud4Wi"... Hi rextended, thanks for the conf. What about hotspot loging configuration? Thanks in advanc...
by simogere
Wed Jul 09, 2014 11:33 am
Forum: Beginner Basics
Topic: VLAN - Dumb question
Replies: 1
Views: 626

VLAN - Dumb question

Hi guys, I have a question about VLANs.

What is the difference between:
- create a VLAN "A" applied on ether2
- add an ip address on ether2

and

- create a VLAN "A" applied on ether2
- add an ip address on VLAN "A"

Thanks in advance, Simone.