Community discussions

Search found 945 matches

by pcunite
Thu May 16, 2019 5:45 am
Forum: Announcements
Topic: v6.43.16 [long-term] is released!
Replies: 12
Views: 7373

Re: v6.43.16 [long-term] is released!

Fast fix, thanks MikroTik.
by pcunite
Tue Apr 30, 2019 7:32 pm
Forum: Beginner Basics
Topic: Setting up Port Isolation, in addition to web traffic logging/monitoring?
Replies: 4
Views: 306

Re: Setting up Port Isolation, in addition to web traffic logging/monitoring?

In addition to OpenDNS, also take a look at cleanbrowsing.org and their offering.
by pcunite
Fri Apr 26, 2019 8:49 pm
Forum: Announcements
Topic: v6.44.3 [stable] is released!
Replies: 123
Views: 31971

Re: v6.44.3 [stable] is released!

I have been running RB4011 for more than a month and never had this reported issue on wlan. Not even when there was no client connected to it for a few days. So it seems it is not happening on all units. Can you export your config (between code tags) for this thread to see what you might be doing d...
by pcunite
Fri Apr 26, 2019 8:46 pm
Forum: Wireless Networking
Topic: RB4011iGS+5HacQ2HnD-IN 5Ghz disappearing
Replies: 13
Views: 1888

Re: RB4011iGS+5HacQ2HnD-IN 5Ghz disappearing

I changed wlan1's MAC address, but this doesn't' fix the problem. 5Ghz still randomly disappearing. Log is clean.

You can't change it on your own, there is an internal problem. This is just a sign.
by pcunite
Fri Apr 26, 2019 2:56 pm
Forum: General
Topic: Feature Request: 802.1X over ethernet
Replies: 39
Views: 9783

Re: Feature Request: 802.1X over ethernet

Client side support added in 6.45beta37: /interface dot1x client

Thank you.
by pcunite
Fri Apr 26, 2019 2:55 pm
Forum: Wireless Networking
Topic: Hotspot Configuration
Replies: 4
Views: 594

Re: Hotspot Configuration

There is an issue with iPhones and using the HotSpot 'address-pool' option. It is a NAT helper. Set it to none and see if your issue is resolved.
by pcunite
Fri Apr 26, 2019 2:52 pm
Forum: RouterBOARD hardware
Topic: RB4011: wlan1 disabling itself
Replies: 260
Views: 33935

Re: RB4011: wlan1 disabling itself

After today's 5ghz experiments, the following can be summarized: 1. switch chip does not work in bridge mode. 2. Mac adresss duplication on sfp and wlan1 3. curve driver for wlan1, does not work on 4 chains. 4. 160mhz not working. - This is superfluous, here 802.11ac does not work correctly. Excell...
by pcunite
Thu Apr 25, 2019 9:03 pm
Forum: Beginner Basics
Topic: wpa_supplicant on rb4011
Replies: 7
Views: 703

Re: wpa_supplicant on rb4011

I use the RB4011 and am also looking forward to something like wpa_supplicant working. You can see my current work around at the moment here. Only recently has MikroTik announced support for something that might allow us to host our own certificates. It is not ready for use yet.
by pcunite
Thu Apr 25, 2019 8:49 pm
Forum: SwOS
Topic: VLan Type enabled vs strict
Replies: 3
Views: 679

Re: VLan Type enabled vs strict

Why is so complicated to get VLANs right on SwOS? There should only exist 3 cases: Trunk, Hybrid (with a PVID), and Access. It should not be that hard.

I agree.
by pcunite
Tue Apr 23, 2019 9:25 pm
Forum: Beginner Basics
Topic: Noobish Requesting Help - VLANed home network [SOLVED]
Replies: 15
Views: 932

Re: Noobish Requesting Help - VLANed home network [SOLVED]

Read through this post and find the example that mirrors your situation I'll look this through, initial review says it looks a lot like the posts and tutorials I've been reading, but I will always read more! This might be a good time to mention the Saddle Ridge Hoard : A couple found $10 million in...
by pcunite
Tue Apr 23, 2019 12:16 am
Forum: RouterBOARD hardware
Topic: CRS328-24P-4S+RM - 24x7 fans or temperature sensitive?
Replies: 64
Views: 9272

Re: CRS328-24P-4S+RM - 24x7 fans or temperature sensitive?

You can mount two CRS112 in 1U right? Since they're exactly half U?

It measures 200mm wide (7.875 inch). Would be nice to have a 1U case that holds both.
by pcunite
Mon Apr 22, 2019 8:20 pm
Forum: RouterBOARD hardware
Topic: RB4011: wlan1 disabling itself
Replies: 260
Views: 33935

Re: RB4011: wlan1 disabling itself

I know its frustrating guys. I will say that the RB4011 router only model is very nice. The Wifi model, at the moment, is just not ready.
by pcunite
Mon Apr 22, 2019 8:18 pm
Forum: RouterBOARD hardware
Topic: CRS328-24P-4S+RM - 24x7 fans or temperature sensitive?
Replies: 64
Views: 9272

Re: CRS328-24P-4S+RM - 24x7 fans or temperature sensitive?

There is no any device with passive cooling from any vendor, right?

You might be better served with two CRS112. I use one for my PoE equipment. Very happy with it. Note you'll also need to purchase the 48POW or the 48V2A96W.
by pcunite
Fri Apr 19, 2019 7:10 pm
Forum: Beginner Basics
Topic: HotSpot with userman as login page
Replies: 9
Views: 828

Re: HotSpot with userman as login page

It seems , however, once signup is done, you are immediately redirected to http://routerip/user that is a page you cannot find (to be edited) among files .... (am I wrong ?) Yes, sorry at the moment I'm out of pocket. But, I just wanted to give you confidence it can be done. There is a flow, I thin...
by pcunite
Fri Apr 19, 2019 6:18 pm
Forum: General
Topic: CRS326 + multiple vlans with hardware offloading and non-vlan ports
Replies: 5
Views: 457

Re: CRS326 + multiple vlans with hardware offloading and non-vlan ports

Yeah, the dude pcunite needs to change his nick to be vlan unite ;-) more to the point, MT should pay him to do a proper user manual!! Thank you. I would be very happy to do the documentation. I think MikroTik has a great product with enthusiastic users on the forums. We form a team. Would love to ...
by pcunite
Thu Apr 18, 2019 10:03 pm
Forum: Wireless Networking
Topic: CAP AC Vs HAP AC2
Replies: 5
Views: 1162

Re: CAP AC Vs HAP AC2

An important difference - cAP AC has separate antennas for each chain /4/ and better wireless performance for that! hAP AC2 has 2 combined antennas for both frequencies!

Thank you, I answered too quickly before researching thoroughly.
by pcunite
Thu Apr 18, 2019 7:45 pm
Forum: Wireless Networking
Topic: CAP AC Vs HAP AC2
Replies: 5
Views: 1162

Re: CAP AC Vs HAP AC2

The cAP ac and hAP ac² are basically identical with regards to wifi clients. Their differences are that the hAP has ports and the cAP does not.
by pcunite
Thu Apr 18, 2019 7:35 pm
Forum: General
Topic: CRS328: Searching for infos / pointers about hardware COS DSCP
Replies: 7
Views: 552

Re: CRS328: Searching for infos / pointers about hardware COS DSCP

Throughput rate limit is not QoS!!! I don't understand why they're talking about QoS in that way... To me, QoS is priority level. I saw VLAN-Priority in the documentation but didn't find anything about how the switch will effectively handle this (if at all). Okay, read this . Does this apply better?
by pcunite
Thu Apr 18, 2019 7:31 pm
Forum: Beginner Basics
Topic: HotSpot with userman as login page
Replies: 9
Views: 828

Re: HotSpot with userman as login page

Just add a meta redirect tag at the top of the final landing page in the flow. There is also dst. Read here, it was very helpful to me.
by pcunite
Thu Apr 18, 2019 3:52 pm
Forum: Announcements
Topic: v6.45beta [testing] is released!
Replies: 305
Views: 71451

Re: v6.45beta [testing] is released!

dot1x - added support for IEEE 802.1X Port-Based Network Access Control (CLI only); I hope I can use this to authenticate to AT&T fiber services directly. I'll need a certificate, but that's obtainable. @pcunite - Can you provide a pointer to how to obtain the certificate? Currently, Still need to ...
by pcunite
Thu Apr 18, 2019 3:06 pm
Forum: Beginner Basics
Topic: HotSpot with userman as login page
Replies: 9
Views: 828

Re: HotSpot with userman as login page

it would be nice to do it all inside the same routerboard machine. Yes, it would. But there is no server side scripting on the MikroTik. You can do it all now on the MikroTik, but you can not process the data the user gives you. It's not about simply logging them in, don't you want to react to the ...
by pcunite
Thu Apr 18, 2019 12:39 am
Forum: General
Topic: CRS326 + multiple vlans with hardware offloading and non-vlan ports
Replies: 5
Views: 457

Re: CRS326 + multiple vlans with hardware offloading and non-vlan ports

See the VLAN link in my signature. I've implemented it with great success in my environments.
by pcunite
Thu Apr 18, 2019 12:23 am
Forum: General
Topic: CRS328: Searching for infos / pointers about hardware COS DSCP
Replies: 7
Views: 552

Re: CRS328: Searching for infos / pointers about hardware COS DSCP

I have only one long CAT6 cable link (so forget about 10 Gbps). ... I went to the switch menu "port" tab and tried to set "vlan mode" to "secure" (for the hEX router port): whatever i do in this menu end up with "VLAN mode not supported". So, for now it doesn't seem i can do hardware VLAN / QoS. An...
by pcunite
Wed Apr 17, 2019 9:17 pm
Forum: General
Topic: CRS328: Searching for infos / pointers about hardware COS DSCP
Replies: 7
Views: 552

Re: CRS328: Searching for infos / pointers about hardware COS DSCP

I've never worked in a network that was so saturated that the Trunk port on a Switch was a place of contention for VoIP traffic. I always handle this at the Router. However, I'm sure there are those that need to think about this. I was planning to work on a 20+ IP camera network in which the plan wa...
by pcunite
Wed Apr 17, 2019 5:36 pm
Forum: Beginner Basics
Topic: HotSpot with userman as login page
Replies: 9
Views: 828

Re: HotSpot with userman as login page

I'm doing this. User hits the Hotspot. I redirect them immediately to an external Linux server running PHP. That redirect, is a POST containing their MAC, IP, etc. The page their redirected to now asks for their email address. When they submit their email, I post them back to the HotSpot server usin...
by pcunite
Sat Apr 13, 2019 4:55 pm
Forum: General
Topic: What is your gaming config?
Replies: 2
Views: 302

Re: Config Needed for 2011 gaming Router

You didn't state your bandwidth, but generally the RB2011 is not fast enough. Use the hAP AC2 or RB4011. Then you can throw QoS rules at it and it won't bog down under load.
by pcunite
Sat Apr 13, 2019 4:51 pm
Forum: Beginner Basics
Topic: Router for my new home!
Replies: 14
Views: 1176

Re: Router for my new home!

Recommending RB951Ui-2HnD in year 2019 is ridiculous. This model has been here for ages. It does not have gigabit ports, CPU has just one core, wifi is just 2.4GHz. RB951Ui-2nD is even worse ... They need to move these archaic models, and others, to the archive section. Confusing for newcomers to s...
by pcunite
Fri Apr 12, 2019 11:05 pm
Forum: Announcements
Topic: v6.45beta [testing] is released!
Replies: 305
Views: 71451

Re: v6.45beta [testing] is released!

!) dot1x - added support for IEEE 802.1X Port-Based Network Access Control (CLI only);

I hope I can use this to authenticate to AT&T fiber services directly. I'll need a certificate, but that's obtainable.
by pcunite
Wed Apr 10, 2019 5:37 am
Forum: Beginner Basics
Topic: Using RouterOS to VLAN your network
Replies: 90
Views: 23117

Re: Using RouterOS to VLAN your network

One thing MikroTik discusses that you don't mention is hybrid ports ... I believe they say this is not a safe way to operate security wise in conclusion but it wasn't clear. If you trust your equipment, yourself, and your end users, you can use hybrid ports. You're giving a device the ability to se...
by pcunite
Tue Apr 09, 2019 8:38 pm
Forum: General
Topic: Anybody ues AT&T Gigabit Fiber with Mikrotik RouterOS?
Replies: 77
Views: 8962

Re: Anybody ues AT&T Gigabit Fiber with Mikrotik RouterOS?

Do you still need to set the RG into bypass mode or should I reset that to defaults, too?

Don't know, I think it does not matter what the RG is doing if you intend to power it off. Disable the Wifi feature would be at least one suggestion.
by pcunite
Tue Apr 09, 2019 6:37 am
Forum: Beginner Basics
Topic: Need Help Configuring Hotspot & AP VLAN
Replies: 10
Views: 706

Re: Need Help Configuring Hotspot & AP VLAN

So, would I apply this same configuration on the SWITCH? What would you recommend for the access points?

Access points follow the modern recommendation. The above example, is strictly for CRS1xx switches.
by pcunite
Thu Apr 04, 2019 4:40 pm
Forum: General
Topic: v6 RC and v7 BETA
Replies: 126
Views: 24513

Re: v6 RC and v7 BETA

All I can say is that development of v7 has picked up in the last few months, more than ever. While I can't promise anything stable, it is pretty safe to say, that some kind of public test release (like beta for specific platforms) could be expected this year. The chances of that happening are now ...
by pcunite
Thu Apr 04, 2019 7:01 am
Forum: Beginner Basics
Topic: Need Help Configuring Hotspot & AP VLAN
Replies: 10
Views: 706

Re: Need Help Configuring Hotspot & AP VLAN

You are using a CRS1xx switch. Therefore VLAN configuration is different, at least for the time being, from what CRS3xx and faster processors can do. However, do read the post that anav linked for you. This way you will have the current and modern MikroTik recommendations in your head. It will make ...
by pcunite
Tue Apr 02, 2019 5:34 am
Forum: Wireless Networking
Topic: cAP-ac Throughput & High Ping Problems
Replies: 33
Views: 3397

Re: cAP-ac Throughput & High Ping Problems

I have also tried to manually decrease the TX power on the radios in the cAP-ac units, but when I do, I get an error that the feature is not supported.

This is done via the Antenna Gain setting.
by pcunite
Sat Mar 30, 2019 2:43 pm
Forum: General
Topic: UKNOF 43 CVE
Replies: 223
Views: 40170

Re: UKNOF 43 CVE

I want to reiterate what I've stated elsewhere: I believe that all modern software companies need to implement a certain type of business process, known as Lean-Agile . Bugs will happen, no reasonable person is upset about that. Rather it is the release cadence, release channel, and review process t...
by pcunite
Fri Mar 29, 2019 2:15 pm
Forum: General
Topic: Ring of switches and Vlans
Replies: 8
Views: 746

Re: Ring of switches and Vlans

Make a list of every MAC address you have, on the interfaces. Then, you should probably set admin-mac to hard code something that will be unique.
by pcunite
Thu Mar 28, 2019 3:28 pm
Forum: General
Topic: UKNOF 43 CVE
Replies: 223
Views: 40170

Re: UKNOF 43 CVE

I highly recommend MikroTik look into implementing something like the Safe 4.5 Lean-Agile framework for their company. It will help to get a handle on the continuous release cycle that is their type of company. This is a business process for how to organize, coordinate, and manage simultaneous hardw...
by pcunite
Wed Mar 27, 2019 11:40 pm
Forum: RouterBOARD hardware
Topic: RB4011 Metal temperature is really hot
Replies: 46
Views: 6951

Re: RB4011 Metal temperature is really hot

I have the non-wifi model. System/Health reports 40C. Another model I manage shows the same.
by pcunite
Mon Mar 25, 2019 3:49 pm
Forum: Beginner Basics
Topic: CRS328-24P-4S+RM as an internet router
Replies: 4
Views: 402

Re: CRS328-24P-4S+RM as an internet router

I want what you want, a true switch/router combo. But the CRS328 is not that. I mean, sure, for a really slow Internet connection it might handle it, but serious routing? No.
by pcunite
Mon Mar 25, 2019 3:43 pm
Forum: Announcements
Topic: Suggestions requested: general hotspot controller improvements in functionality
Replies: 11
Views: 1940

Re: Suggestions requested: general hotspot controller improvements in functionality

We are looking for ideas on how to improve our hotspot controller. How are you using the MikroTik Hotspot software? Have you encountered lack of a specific feature? I'm implementing a HotSpot for someone right now. For my needs, I would like a PHP processor (or some type of back-end scripting suppo...
by pcunite
Sat Mar 23, 2019 11:11 pm
Forum: RouterBOARD hardware
Topic: CRS328-24P-4S+RM idle power consumption
Replies: 5
Views: 1091

Re: CRS328-24P-4S+RM idle power consumption

I have been testing the 8 port CRS112-8P-4S-IN and its power characteristics with a P4400 Kill-A-Watt meter . Firmware 6.43.13 was installed. Using the included 28V 3.4A power adapter. Power draw 1) 4 watts, when powered on, nothing plugged into ports, the idle state. 2) 5 watts, when one PC plugged...
by pcunite
Mon Mar 18, 2019 5:08 am
Forum: General
Topic: Putty updated to 0.71
Replies: 12
Views: 709

Re: Putty updated to 0.71

Where do I install the putty package on my winbox??

Putty is a 3rd party utility that runs on Windows. You use it to connect to the SSH server instance on the MikroTik.
by pcunite
Sat Mar 16, 2019 12:01 am
Forum: General
Topic: HOTSPOT login https error
Replies: 11
Views: 919

Re: HOTSPOT login https error

Could you share your configuration? I would be grateful.

See here in this post.
by pcunite
Fri Mar 15, 2019 5:50 pm
Forum: General
Topic: HOTSPOT login https error
Replies: 11
Views: 919

Re: HOTSPOT login https error

Just make sure nothing is in the walled garden. As long as the user is using a modern browser or phone, they should get the prompt for the portal. This has been my experience too in testing. I only use HTTP CHAP and Cookie for my Hotspot server login settings, not HTTP(s). I will have more live exp...
by pcunite
Fri Mar 15, 2019 4:05 am
Forum: General
Topic: 6.44.1 Broke Stuff Need to Downgrade to 6.44
Replies: 4
Views: 581

Re: 6.44.1 Broke Stuff Need to Downgrade to 6.44

When I'm testing, I like to update the MikroTik, update the firmware, them reset it without any configuration. Then I add back in my own script. That seems to fix issues others seem to have. Try that, then see if you still have found a bug.
by pcunite
Fri Mar 15, 2019 3:56 am
Forum: Beginner Basics
Topic: Hotspot wifi and Lan users
Replies: 13
Views: 891

Re: Hotspot wifi and Lan users

Awesome, pcunite when complete and functioning, can you post the config of both please! Here you go. While creating this example, I also noticed some areas that might be confusing in my other VLAN examples. So, I'll be updating those to better show how the BASE_VLAN should be implemented, as I do h...
by pcunite
Wed Mar 13, 2019 6:50 pm
Forum: Beginner Basics
Topic: Hotspot wifi and Lan users
Replies: 13
Views: 891

Re: Hotspot wifi and Lan users

I'm in the process of setting this up for someone. I prefer the use of a separate device to function as the Hotspot (captive portal) server. I'm using the hEX S for this purpose with an RB4011 as the main router. You need VLANs, of course, such that Guests accessing the Guest SSID are on a VLAN of t...
by pcunite
Fri Mar 08, 2019 4:13 am
Forum: The Dude
Topic: Crap on HAP AC2
Replies: 4
Views: 610

Re: Crap on HAP AC2

Perhaps a bad unit or config? I have one working well.
by pcunite
Thu Mar 07, 2019 11:21 pm
Forum: Beginner Basics
Topic: Using RouterOS to VLAN your network
Replies: 90
Views: 23117

Re: Using RouterOS to VLAN your network

I lose connectivity to my cAP ACs and router, they no longer show up in Winbox. How do I ensure all devices are still reachable? Winbox accessibility and visibility are two different features that are possible with MikroTik products. When using VLANs, the Neighbor Discovery protocol will not show d...
by pcunite
Thu Mar 07, 2019 7:08 pm
Forum: Beginner Basics
Topic: Using RouterOS to VLAN your network
Replies: 90
Views: 23117

Re: Using RouterOS to VLAN your network

The rest of the discussion has not been resolved. Many are having problems trying to implement your examples and many issues stem from the lack of clarity on pvid=1 vs pvid=99 . In other words, what is being assigned to the bridge, and what affect it has on reaching devices such as router, switches...
by pcunite
Thu Mar 07, 2019 6:35 pm
Forum: General
Topic: Wireless Recommendation Wanted
Replies: 7
Views: 433

Re: Wireless Recommendation Wanted

The cAP AC and the hAP ac² are the best. The hAP has 5 ports if you need them. These units are not outdoor rated, if you need that you'll need to consider the wAP AC.
by pcunite
Thu Mar 07, 2019 6:15 pm
Forum: Beginner Basics
Topic: Using RouterOS to VLAN your network
Replies: 90
Views: 23117

Re: Using RouterOS to VLAN your network

1) What the heck is BASE_VLAN? 2) Why assign ether7 to be an access port? The BASE_VLAN is a special network for accessing the MikroTik hardware. A network consists of routers, switches, and APs, so if every device has a BASE_VLAN interface, you can Winbox them from this special MGMT network. The f...
by pcunite
Fri Mar 01, 2019 3:59 pm
Forum: Beginner Basics
Topic: Introduction to RouterOS documentation
Replies: 13
Views: 893

Re: Introduction to RouterOS documentation

@csaunders72,

Pull up a chair and plan to stay awhile here in the forums. The documentation makes perfect sense, after several years of using the products. : - )
by pcunite
Sat Feb 23, 2019 9:09 pm
Forum: General
Topic: Hotspot Apple Login Page HELP!
Replies: 19
Views: 2352

Re: Hotspot Apple Login Page HELP!

We're in 2019 and mobile operators sell 50GB/month for 5€, who needs hotspots anymore?

Hotels, mainly. All those laptops and tablets. Clients want free wifi, so before they hit the internet, you've gotten see that login page.
by pcunite
Sat Feb 23, 2019 8:51 pm
Forum: Beginner Basics
Topic: Using RouterOS to VLAN your network
Replies: 90
Views: 23117

Re: Using RouterOS to VLAN your network

I made the big switch tonight using vlan11 vs. vlan1 for my homelan. However, I can no longer access my capacs to manage them. Remember we do not tag the bridge on the capac for some reason LOL. So why can I not, with my pc being on vlan11, use winbox to see capacs? I see the router just fine! It i...
by pcunite
Sat Feb 23, 2019 7:21 pm
Forum: General
Topic: Advanced VLAN setup HAP AC RouterOS
Replies: 9
Views: 736

Re: Advanced VLAN setup HAP AC RouterOS

See the link in my signature. I also recommend you go with the RB4011, (the hAP ac² might work) so that you have enough CPU power to use the unit as a switch. It all depends on how much traffic goes from your PC to a local NAS or whatever.
by pcunite
Sat Feb 23, 2019 6:43 pm
Forum: Beginner Basics
Topic: Using RouterOS to prioritize (Qos) traffic for a Class C net
Replies: 111
Views: 186063

Re: Using RouterOS to prioritize (Qos) traffic for a Class C net

Version 3, running smooth @bolean, How does this test compared to what you're doing? https://i.ibb.co/r2xSRfr/Queue-Tree3.png /queue tree # DOWN add max-limit=90M name=DOWN parent=bridge1 queue=default add name="1. VOIP" packet-mark=VOIP parent=DOWN priority=1 queue=default add name="2. ACK" packet...
by pcunite
Sat Feb 23, 2019 12:20 am
Forum: Wireless Networking
Topic: Point 2 Point -2000M Boat Races
Replies: 11
Views: 1057

Re: Point 2 Point -2000M Boat Races

In any case the distance is now down to 1000m, from 2000m.
So the 60Hz should work fine, but I am still offput by the difficulty in people managing to aim the bloody things.

I would think some sort of a geared head might help.
by pcunite
Fri Feb 22, 2019 7:41 pm
Forum: General
Topic: Accidentally updated router firmware to long term 6.42.12
Replies: 2
Views: 379

Re: Accidentally updated router firmware to long term 6.42.12

i would do a netinstall and the attempt a restore from backup.

This maybe what you have to do, first, do a system reset. Then load in your config file manually.
by pcunite
Fri Feb 22, 2019 4:09 pm
Forum: General
Topic: Security issue when Winbox exposed
Replies: 68
Views: 5961

Re: Security issue when Winbox exposed

We can only thank good people like the Tenable guys, who report to us first.

+1
by pcunite
Fri Feb 22, 2019 1:24 am
Forum: General
Topic: Three vlans at home on MT hap ac2 - best practice?
Replies: 20
Views: 1054

Re: Three vlans at home on MT hap ac2 - best practice?

So the solution from picture attached below is not possible to achieve, right?

Well, I'm suggesting you create two SSID names, Home and Home24G. Name them whatever you want.
by pcunite
Fri Feb 22, 2019 1:04 am
Forum: General
Topic: Three vlans at home on MT hap ac2 - best practice?
Replies: 20
Views: 1054

Re: Three vlans at home on MT hap ac2 - best practice?

This is what I have been asking since beginning. How to assign to correct VLAN via MAC or any other mechanism. Right, in the VLAN document (linked in my signature) this is shown using difference SSID values. You make as many SSID's (which are applied to virtual wlan interfaces) as you need, each on...
by pcunite
Thu Feb 21, 2019 6:20 pm
Forum: General
Topic: Unauthorized access to MikroTiK
Replies: 20
Views: 2717

Re: Unauthorized access to MikroTiK

My concern is that this latest exploit could make the news cycle again. MikroTik's documentation is very poor and does little to teach security best practices. We can blame customers for not becoming experts, but that will not fix MikroTik's reputation. If many of your customers are blowing their le...
by pcunite
Thu Feb 21, 2019 5:51 pm
Forum: General
Topic: Security issue when Winbox exposed
Replies: 68
Views: 5961

Re: Security issue when Winbox exposed

Fixed in 6.42.12, 6.43.12 and 6.44

Thank you, I was about to ask because I saw 6.42.1 used in the video. So, fixed 9 days ago. I see the line item: *) winbox - improvements in connection handling to router with open winbox service; I would not have caught that as being this serious.
by pcunite
Thu Feb 21, 2019 5:46 pm
Forum: General
Topic: Security issue when Winbox exposed
Replies: 68
Views: 5961

Re: Security issue when Winbox exposed

This, from surface reading the article, seems very serious. There should be full support and expected behavior for allowing Winbox to the world if it is password protected. I think a look from someone at MikroTik is appropriate.
by pcunite
Thu Feb 21, 2019 3:05 pm
Forum: General
Topic: Three vlans at home on MT hap ac2 - best practice?
Replies: 20
Views: 1054

Re: Three vlans at home on MT hap ac2 - best practice?

Study the article in my signature.
by pcunite
Thu Feb 21, 2019 5:33 am
Forum: General
Topic: Force Wifi users only get ip from its AP DHCP server [SOLVED]
Replies: 3
Views: 346

Re: Force Wifi users only get ip from its AP DHCP server [SOLVED]

My understanding is that sure, if the MikroTik bridge is in the middle, you can use bridge filter. However, all on the same switch, you'll need to use the new DHCP Snooping feature.
by pcunite
Thu Feb 21, 2019 1:50 am
Forum: RouterBOARD hardware
Topic: LTAP is here?
Replies: 2
Views: 586

Re: LTAP is here?

March 7th can't keep all its secrets from us.
by pcunite
Wed Feb 20, 2019 8:05 pm
Forum: Beginner Basics
Topic: Overall Satisfaction with MikroTik Routers
Replies: 1
Views: 284

Re: Overall Satisfaction with MikroTik Routers

Welcome to your new nightmare! Haha! Seriously though, they are pretty cool. Enjoy.
by pcunite
Wed Feb 20, 2019 4:59 pm
Forum: General
Topic: CCR1036-12G-4S and rx-jabber problem
Replies: 3
Views: 441

Re: CCR1036-12G-4S and rx-jabber problem

When trying to track down weird errors, do the following, then report your success.

  • backup your export: export file=CCR1036.rsc
  • upgrade firmware, and also the factory-firmware
  • reset configuration to no default configuration
  • apply export file slowly back in
by pcunite
Tue Feb 19, 2019 9:47 pm
Forum: Wireless Networking
Topic: Point 2 Point -2000M Boat Races
Replies: 11
Views: 1057

Re: Point 2 Point -2000M Boat Races

Looking into this, out of curiosity, it seems that this pdf would indicate (scroll down to maximum distance comparison) the LHG 5 would be sufficient. Here are some others. It uses MIPSBE, so none of the Arm issues. This covers PTP, now what else do you need?
by pcunite
Tue Feb 19, 2019 9:32 pm
Forum: Wireless Networking
Topic: Point 2 Point -2000M Boat Races
Replies: 11
Views: 1057

Re: Point 2 Point -2000M Boat Races

Sounds like a neat project. I don't have a lot of experience in that area to say.
by pcunite
Tue Feb 19, 2019 8:20 pm
Forum: General
Topic: Voice Quality Issue
Replies: 2
Views: 425

Re: Voice Quality Issue

Robotic and choppy could be hardware CPU related. Which product are you using and what is total bandwidth from your ISP?
by pcunite
Tue Feb 19, 2019 8:14 pm
Forum: General
Topic: Routing SIP to specific WAN
Replies: 2
Views: 475

Re: Routing SIP to specific WAN

To add to what vklpt said, set the RTP range. You'll need at least two ports per simultaneous active phone call.
by pcunite
Tue Feb 19, 2019 8:08 pm
Forum: General
Topic: Mikrotik VLANs and skinning rabbits
Replies: 8
Views: 501

Re: Mikrotik VLANs and skinning rabbits

Several of us forum members have put our heads together and have come up with this. Please read is slowly and with a cup of coffee. Also, throw away everything you know about MikroTik and VLANs as you read it. If you have any trouble afterwards, help can be provided.
by pcunite
Sun Feb 17, 2019 4:23 pm
Forum: General
Topic: AVOIDING VLAN1 ON BRIDGE????
Replies: 36
Views: 2108

Re: AVOIDING VLAN1 ON BRIDGE????

@pcunite: The only thing I'd change ... I'd allow ICMP in chain=input also from WAN I'll make a step sideways now: sometimes hybrid (trunk with native) is a necessity, but only when such port is facing other network or a particular device requiring such setup. Right, I always allow for ICMP. That w...
by pcunite
Sun Feb 17, 2019 3:58 pm
Forum: General
Topic: Hotspot status.html
Replies: 8
Views: 1319

Re: Hotspot status.html

The value is still static. Then with META tags or JavaScript, you'll have to reload the page because it seems the embedded web server does not send down new data. If there is another way to query with JavaScript, I don't know how. If we could AJAX a php file, but I don't think we can. Maybe with Ja...
by pcunite
Sun Feb 17, 2019 3:41 am
Forum: RouterBOARD hardware
Topic: crs317-1g-16s-rm Fault LED
Replies: 3
Views: 546

Re: crs317-1g-16s-rm Fault LED

I'm not familiar with SwOS, but if you can turn on the additional logging options as shown here, perhaps you can see something.
by pcunite
Sun Feb 17, 2019 12:17 am
Forum: General
Topic: AVOIDING VLAN1 ON BRIDGE????
Replies: 36
Views: 2108

Re: AVOIDING VLAN1 ON BRIDGE????

@mkx,
Here is what I hope to be the final version of the Router.rsc file. Everything look okay? I'll update all other examples to follow suit, taking out pvid=1. I want to focus on the Security section now. Might take a month or more.

# Web: https://forum.mikrotik.com/viewtopic.php?t=143620
by pcunite
Sat Feb 16, 2019 8:04 pm
Forum: RouterBOARD hardware
Topic: RB4011 twin-tray 1U
Replies: 7
Views: 969

Re: RB4011 twin-tray 1U

The RB4011 is a nice platform. The fact that they made a WiFi version tells me that this iteration might be locked-in. However, they could release other variants to accommodate you. You might benefit from simply modding it yourself (take the board out and put it in a custom case).
by pcunite
Sat Feb 16, 2019 7:56 pm
Forum: General
Topic: vlan bridge config is PITA - improvement suggestions
Replies: 2
Views: 327

Re: vlan bridge config is PITA - improvement suggestions

If you're doing this very frequently, there would be gains to scripting it all, for sure. Someone could even make a web-based GUI to export it all for us.
by pcunite
Sat Feb 16, 2019 7:53 pm
Forum: General
Topic: RB4011 - SFP Link Flapping once per second
Replies: 3
Views: 712

Re: RB4011 - SFP Link Flapping once per second

There is an issue with the RB4011 and SFP modules, currently being worked out.
by pcunite
Sat Feb 16, 2019 7:51 pm
Forum: Beginner Basics
Topic: MultiSSID AccessPoint with tagged VLAN problem
Replies: 18
Views: 930

Re: MultiSSID AccessPoint with tagged VLAN problem

Thanks for this Information. But why did nobody mention that it is better, from a performance perspective, to use the Switch chips? Because it is in everyone's interest for MikroTik to have an API that does it all for us, that abstracts away the hardware differences. That is what I'm learning. I ha...
by pcunite
Sat Feb 16, 2019 3:57 am
Forum: General
Topic: Config Review - Security Conscience Home User
Replies: 19
Views: 1283

Re: Config Review - Security Conscience Home User

I'm not sure how I feel yet, but the idea is that if you have a service listening on a non-standard port, the slow moving port scanners (who are doing 21, 25, etc) will eventually find it. So, if you see a port 21 attempt, and you don't host FTP, well, you can block that IP from doing anything else ...
by pcunite
Fri Feb 15, 2019 10:11 pm
Forum: General
Topic: AVOIDING VLAN1 ON BRIDGE????
Replies: 36
Views: 2108

Re: AVOIDING VLAN1 ON BRIDGE????

1) True trunk ports frame-types should be set to admit-only-vlan-tagged . 2) On ingress, untagged frames will be dropped. So, pvid setting is ignored and could be set to anything. 3) On egress, pvid setting doesn't matter at all, it's the untagged section of /interface bridge vlan which defines it....
by pcunite
Fri Feb 15, 2019 7:32 pm
Forum: General
Topic: AVOIDING VLAN1 ON BRIDGE????
Replies: 36
Views: 2108

Re: AVOIDING VLAN1 ON BRIDGE????

It seems fine with me.

Wait, sorry. I've been tired lately. Shouldn't both be set to:
frame-types=admit-only-untagged-and-priority-tagged

They are both Access ports, so you can hook your laptop in direct.
by pcunite
Fri Feb 15, 2019 5:18 pm
Forum: General
Topic: AVOIDING VLAN1 ON BRIDGE????
Replies: 36
Views: 2108

Re: AVOIDING VLAN1 ON BRIDGE????

I'm with @anav regarding ether7 on router. Make it a dedicated access port for management VLAN, the same as is port ether24 on switch. @mkx, Would you confirm this update? Is this what it needs to be now? Verify no tags on ingress, set to 99, on egress, remove tag. #Router: # Optional: Change ether...
by pcunite
Fri Feb 15, 2019 3:02 pm
Forum: General
Topic: DHCP Offering Lease Without Success
Replies: 35
Views: 9454

Re: DHCP Offering Lease Without Success

Does not help ... no change .. still receiving warnings

Same for me, issue still remains.
by pcunite
Fri Feb 15, 2019 3:01 pm
Forum: General
Topic: Hotspot status.html
Replies: 8
Views: 1319

Re: Hotspot status.html

I apologize, remove these lines:

// if sUPTIME is not parsed, show current time, simply for testing
sUPTIME = new Date();
by pcunite
Fri Feb 15, 2019 5:22 am
Forum: General
Topic: Hardware for 6000 concurrent users
Replies: 9
Views: 781

Re: Hardware for 6000 concurrent users

I'll investigate with the customer about web filtering.

Try these guys, CleanBrowsing.org, simple and easy to use.
by pcunite
Fri Feb 15, 2019 5:20 am
Forum: General
Topic: Hotspot status.html
Replies: 8
Views: 1319

Re: Hotspot status.html

Replace status.html with the contents of this HTML. <!DOCTYPE html> <html lang="en"> <head> <title>Status Page</title> <meta charset="utf-8" /> <meta name="viewport" content="width=device-width, initial-scale=1.0" /> <meta http-equiv="pragma" content="no-cache" /> <meta http-equiv="expires" content=...
by pcunite
Fri Feb 15, 2019 2:18 am
Forum: RouterBOARD hardware
Topic: Why people pair UBNT APs with MikroTik routers?
Replies: 55
Views: 29928

Re: Why people pair UBNT APs with MikroTik routers?

But all the complains about ARM are wireless related, right? A pure router (a true CCR) could do well, couldn't it? The 4011 has some problems with the FSP+ ports - but they are chipset related, not CPU related. Or I am missing something?

I'm loving the RB4011. I don't use the WiFi model.
by pcunite
Thu Feb 14, 2019 11:06 pm
Forum: General
Topic: AVOIDING VLAN1 ON BRIDGE????
Replies: 36
Views: 2108

Re: AVOIDING VLAN1 ON BRIDGE????

I have two possible updates for the VLAN tutorial. Modifying the first RoaS example, I've converted it to a pure VLAN implementation, also setting up maximum VLAN security options. The firewall is left open to the LAN side (or rather the VLAN). Locked it down as you please.

Thoughts?
by pcunite
Thu Feb 14, 2019 3:00 pm
Forum: General
Topic: AVOIDING VLAN1 ON BRIDGE????
Replies: 36
Views: 2108

Re: AVOIDING VLAN1 ON BRIDGE????

If untagged frames are allowed across trunk ports, then some VLAN renumbering can happen (usually this is not desirable) when pvid settings on trunk ports are not consistent. One could argue that the bridge's pvid setting defines which is "native" VLAN. At the end of the day, having some "native" V...
by pcunite
Thu Feb 14, 2019 2:42 pm
Forum: General
Topic: Guide to (possibly) hack RouterOS ... If yes please protect it
Replies: 10
Views: 1006

Re: Guide to (possibly) hack RouterOS ... If yes please protect it

As long as you have physical access to the device, there is always some way to get in ... What that means, together with root access is obvious - devices may be potentially infected so deep that even netinstall will be unable to wipe it. True, I think MikroTik's reputation is fine. Apple, and their...
by pcunite
Thu Feb 14, 2019 1:09 am
Forum: Forwarding Protocols
Topic: VLAN - how to?
Replies: 1
Views: 452

Re: VLAN - how to?

To help you with this, its beneficial to use standard terms. I think you're asking the following? You can see more examples in my signature. There is some setup not shown in the examples below. But, this is a start. Cisco Port 8 is a Trunk port. So, you want MikroTik port 8 to be Trunk? # Set ingres...
by pcunite
Thu Feb 14, 2019 12:31 am
Forum: General
Topic: AVOIDING VLAN1 ON BRIDGE????
Replies: 36
Views: 2108

Re: AVOIDING VLAN1 ON BRIDGE????

I'm tempted to reply to @pcunite's post saying that there is no such thing as native vlan ... it's either vlan or it is not. If vlan is a vlan, it's carrying vlan tag with numerical VID (no such number like native ). But I won't reply like this :wink: :-) Well, as I work on my Security section , th...
by pcunite
Wed Feb 13, 2019 11:06 pm
Forum: General
Topic: AVOIDING VLAN1 ON BRIDGE????
Replies: 36
Views: 2108

Re: AVOIDING VLAN1 ON BRIDGE????

Hello, sorry, I've been so busy. These questions are important and interesting.

So, you want a pure VLAN configuration, is that it? All networks and VLANs on your MikroTik without the Native VLAN being present?
by pcunite
Tue Feb 12, 2019 11:56 pm
Forum: Scripting
Topic: Visual Studio IDE 2017 RouterOS API C
Replies: 1
Views: 295

Re: Visual Studio IDE 2017 RouterOS API C

Thank you.
by pcunite
Tue Feb 12, 2019 4:08 pm
Forum: Beginner Basics
Topic: Building a home small lab
Replies: 1
Views: 251

Re: Building a home small lab

Am I right in thinking the smaller Mikrotik routers and switches pretty much do what the bigger ones do but obviously slower and have less ports. Well, not exactly. There are some differences . Comes down to what you want to do. I'm hoping MikroTik makes a small version of their CRS326 so I can hav...
by pcunite
Mon Feb 11, 2019 5:22 pm
Forum: General
Topic: DHCP Offering Lease Without Success
Replies: 35
Views: 9454

Re: DHCP Offering Lease Without Success

This option somehow "checked" even DHCP server has it "unchecked" so if you forgot to uncheck then static reservation broadcasts it.

I'm having this issue with one device in my network. Are you suggesting to check or uncheck it?
by pcunite
Sun Feb 10, 2019 10:19 pm
Forum: Beginner Basics
Topic: Using RouterOS to VLAN your network
Replies: 90
Views: 23117

Re: Using RouterOS to VLAN your network

Bridges need to be tagged members of a VLAN when device needs some L3 (mostly, could be L2 as well) interaction with said VLAN. Access Point doesn't, its job is to forward packets between L2 interfaces. Router does, it needs to shuffle packets on L3 through CPU. So yes, adding BR1 as tagged member ...
by pcunite
Sun Feb 10, 2019 6:24 am
Forum: Beginner Basics
Topic: Using RouterOS to VLAN your network
Replies: 90
Views: 23117

Re: Using RouterOS to VLAN your network

All example topics have now been posted. I recommend you use test hardware to try things out before implementing them in your main network. I've been using the hEX PoE lite and hAP ac lite units because they can be found cheaply and I can power them off each other easily. The two reserved posts I ha...
by pcunite
Sat Feb 09, 2019 9:47 pm
Forum: Beginner Basics
Topic: the magic of connection-state=new
Replies: 4
Views: 633

Re: the magic of connection-state=new

Forgive me, I don't have time to properly discuss this topic in depth, at the moment. I'm working on publishing (just did a moment ago) some more configuration files (the single Access Point one). However, to @anav , your opinion is valued and there maybe some merit to them. I'm not trying to teach ...
by pcunite
Sat Feb 09, 2019 4:31 pm
Forum: Beginner Basics
Topic: Using RouterOS to VLAN your network
Replies: 90
Views: 23117

Re: Using RouterOS to VLAN your network

... it would be just fine if we added connection-state=new to the second rule ... from a functionality point of view it wouldn't change a bit, but it'd show the real reason for having this rule. mkx has explained concisely how connection-state=new is really the highlight for the existence of anothe...
by pcunite
Sat Feb 09, 2019 2:27 am
Forum: Beginner Basics
Topic: QoS Tree VoIP problem
Replies: 42
Views: 2518

Re: QoS Tree VoIP problem

My cpu in normal usage shows 10-15%. When downloading a file, 50-70% usage. What kind of hardware must I buy to prioritize traffic? I bought a CRS109 only for QoS. Ι am very dissatisfied. I do understand your frustration. New comers to the MikroTik brand do not realize product differences, understa...
by pcunite
Sat Feb 09, 2019 1:28 am
Forum: Beginner Basics
Topic: Using RouterOS to VLAN your network
Replies: 90
Views: 23117

Re: Using RouterOS to VLAN your network

I don't have NEW in any of my rules, I don't see any in the default config, so where are you pulling this rectal pluck from? When a packet enters a chain , I want to know what interface it came in on. Next, I want to know where it is going. Using connection-state=new allows you to make a decision r...
by pcunite
Sat Feb 09, 2019 12:29 am
Forum: Beginner Basics
Topic: Using RouterOS to VLAN your network
Replies: 90
Views: 23117

Re: Using RouterOS to VLAN your network

(2) Add text explaining how oneliners can be used. example: /ip interface bridge vlan bridge=BR1 tagged=BR1,sfp1,sfp2 vlan-ids=10,20,30 (3) (a) Why not show ingressfiltering=yes ? (3) (b) Why not show pvid=xx admit frame types= ? A goal I have is to be verbose about VLAN concepts and brief about ot...
by pcunite
Fri Feb 08, 2019 8:36 pm
Forum: Beginner Basics
Topic: Using RouterOS to VLAN your network
Replies: 90
Views: 23117

Re: Using RouterOS to VLAN your network

Hi pcunite. Two questions: @anav, I have updated the configuration files. Please reexamine, and then ask your question again. Then, I'll give you a formal response. Yesterday evening, I had the opportunity to actually implement the config files on real hardware and made some adjustments. Question 1...
by pcunite
Fri Feb 08, 2019 8:34 pm
Forum: Beginner Basics
Topic: Using RouterOS to VLAN your network
Replies: 90
Views: 23117

Re: Using RouterOS to VLAN your network

I'll take this opportunity to open a discussion about how to deal with wifi "access ports" to vlans. There are two ways: vlan-mode=use-tag vlan-id=BLUE interface bridge subtree where wlan1 interface is an access port to a VLAN So what is the better (more understandable/readable) way to configure it...
by pcunite
Fri Feb 08, 2019 8:26 pm
Forum: General
Topic: 802.11ac Wave2 Support?
Replies: 33
Views: 7522

Re: 802.11ac Wave2 Support?

The beta with iPhone fixes is not public yet. Please wait a little bit. it's being released today.

Thank you Normis. If you guys could a write up on what the juicy details were, that would be great.
by pcunite
Fri Feb 08, 2019 7:00 pm
Forum: Beginner Basics
Topic: Using RouterOS to VLAN your network
Replies: 90
Views: 23117

Re: Using RouterOS to VLAN your network

So do you mean wired or actually weird Thank you, no I actually mean weird (using because noun phrasing) because I find it confusing to have bridge access set this way at this point in the syntax. The stated reasons , explain why, but I feel that port vs bridge (the bridge is a virtual switch or co...
by pcunite
Fri Feb 08, 2019 4:50 pm
Forum: Beginner Basics
Topic: Using RouterOS to prioritize (Qos) traffic for a Class C net
Replies: 111
Views: 186063

Re: Using RouterOS to prioritize (Qos) traffic for a Class C net

I have a CRS109-8G. With ubiquity the result is much better.

I would not use the CRS109 for QoS tasks. Too under powered in my opinion. However, there are many variables.
by pcunite
Fri Feb 08, 2019 3:22 pm
Forum: General
Topic: VLAN not working with new 6.41 [SOLVED]
Replies: 7
Views: 1980

Re: VLAN not working with new 6.41 [SOLVED]

Is this advice still valid? I mean, to remove the vlan tagging done by the switch CPU on a CRS125 and add vlan tagging using the Bridge?! I ask this because the MT wiki says specifically otherwise ?! I believe the hope is that we get a unified and coherent way of doing this going forward . If you'r...
by pcunite
Fri Feb 08, 2019 3:18 pm
Forum: Beginner Basics
Topic: Cloud Router Switch administration [SOLVED]
Replies: 11
Views: 745

Re: Cloud Router Switch administration [SOLVED]

Last night I purchased CRS328-4C-20S-4S+RM switch. I am doing something terribly wrong?

You'll be rewarded to learn RouterOS, but it will take you 100 hours. If you're post count goes up, it will encourage us to help you. For now, start slow. Read, read, read. This is going to take you awhile.
by pcunite
Fri Feb 08, 2019 3:13 pm
Forum: Beginner Basics
Topic: Using RouterOS to prioritize (Qos) traffic for a Class C net
Replies: 111
Views: 186063

Re: Using RouterOS to prioritize (Qos) traffic for a Class C net

I am also writing here because I have not found a solution. Has anyone managed to give priority to VoIP, and to work with no problem, with full load on the line? My problem is this . Someday, I hope to do another write up on this subject, when I get time . I had hoped that one would not need to be ...
by pcunite
Thu Feb 07, 2019 12:34 am
Forum: General
Topic: Use a Routerboard to tag packets for a management VLAN
Replies: 7
Views: 802

Re: Use a Routerboard to tag packets for a management VLAN

See the VLAN link in my signature.
by pcunite
Wed Feb 06, 2019 9:21 pm
Forum: Wireless Networking
Topic: Update to 6.43.11 not good for wireless
Replies: 4
Views: 965

Re: Update to 6.43.11 not good for wireless

Before the update, antenna gain was 2. After the update, antenna gain is 3.

The higher the gain, the lower the output power. Go back to 2, if you feel you need it.
by pcunite
Wed Feb 06, 2019 9:18 pm
Forum: General
Topic: Mikrotik sending out rogue DHCP requests [SOLVED]
Replies: 11
Views: 1093

Re: Mikrotik sending out rogue DHCP requests [SOLVED]

We have put a block on all possible chains, in every possible place of the firewall to block port 67 and 68. And nothing has stopped it. DHCP uses raw sockets (a socket of protocol raw instead of tcp/udp). Thus it is not visible to the IP / Firewall rules. This is a Linux kernel design, not a Mikro...
by pcunite
Wed Feb 06, 2019 9:07 pm
Forum: Wireless Networking
Topic: Update to 6.43.11 not good for wireless
Replies: 4
Views: 965

Re: Update to 6.43.11 not good for wireless

What is your Antenna Gain value set to?
by pcunite
Wed Feb 06, 2019 8:57 pm
Forum: General
Topic: choosing VPN protocols
Replies: 2
Views: 402

Re: choosing VPN protocols

I don't know about Android, but Windows 10 and iOS 11 can do better. Try to use AES256, SHA256, and ECP256. That should be your attempted baseline today. Example configuration here.
by pcunite
Wed Feb 06, 2019 5:00 pm
Forum: General
Topic: Anybody ues AT&T Gigabit Fiber with Mikrotik RouterOS?
Replies: 77
Views: 8962

Re: Anybody ues AT&T Gigabit Fiber with Mikrotik RouterOS?

@inmultec,

The configuration I've posted is exactly what I'm doing. Give it a try and I'll help you work out any issues. With regards to TV service, I don't have that. This posts seem to indicate that IGMP is needed to make that work.
by pcunite
Wed Feb 06, 2019 12:01 am
Forum: Wireless Networking
Topic: WAP ac 5GHz issues with iPhone XS
Replies: 142
Views: 17981

Re: WAP ac 5GHz issues with iPhone XS

Just tested a new iPhone XS Max ... had issues with WiFi on the hAP AC and 6.42.11. Was necessary to set Band to 5Ghz-only-N.
by pcunite
Tue Feb 05, 2019 11:50 pm
Forum: General
Topic: Voice VLAN
Replies: 6
Views: 952

Re: Voice VLAN

See here.
by pcunite
Tue Feb 05, 2019 9:16 pm
Forum: RouterBOARD hardware
Topic: 2011UiAS-2HnD and r2
Replies: 5
Views: 485

Re: 2011UiAS-2HnD and r2

Oh, I see. Do both models show PoE out on port 10? Otherwise, I'm not sure what the difference would be. That model has been around a while.
by pcunite
Tue Feb 05, 2019 8:50 pm
Forum: RouterBOARD hardware
Topic: 2011UiAS-2HnD and r2
Replies: 5
Views: 485

Re: 2011UiAS-2HnD and r2

Please be more specific or link to products.
by pcunite
Tue Feb 05, 2019 6:49 pm
Forum: General
Topic: Voice VLAN
Replies: 6
Views: 952

Re: Voice VLAN

I would like to replace both of the switches in building 1 & 2 with a CRS MikroTik switch. Is there any way to setup Auto-Voice VLAN in MikroTik switches to function in the same manner as Cisco using Vendor MAC codes?

Only use the CRS3xx series and use this approach.
by pcunite
Tue Feb 05, 2019 6:39 pm
Forum: General
Topic: MikroTik Bridget network got DDOS
Replies: 4
Views: 515

Re: MikroTik Bridget network got DDOS

I would run at least a RB4011 these days. However, you'll also need to use the raw table to drop as fast as you can. Ultimately, however, you may need upstream (your ISP) support as they will most likely always be able to do it better than your equipment.
by pcunite
Tue Feb 05, 2019 6:25 pm
Forum: General
Topic: Windows short name resolution with bridge and firewall [SOLVED]
Replies: 8
Views: 902

Re: Windows short name resolution with bridge and firewall [SOLVED]

I expect you probably just want to apply the firewall rules to traffic that will be crossing trust levels, such as private to public interfaces--in other words, routed traffic. If that's the case, then you should not configure the bridge to use the firewall.

+1 Agree.
by pcunite
Tue Feb 05, 2019 6:10 pm
Forum: Wireless Networking
Topic: wAP AC for medium densidty outdoor Wireless (Hotspot) project
Replies: 7
Views: 658

Re: wAP AC for medium densidty outdoor Wireless (Hotspot) project

The total number of simultaneous users will never be greater than 1000 for the whole covered area. I think that the second option is better except the fact that I won't be using Tik devices. You are correct. I would not feel comfortable recommending the current line up of MikroTik AP units for this...
by pcunite
Tue Feb 05, 2019 5:53 pm
Forum: General
Topic: Windows short name resolution with bridge and firewall [SOLVED]
Replies: 8
Views: 902

Re: Windows short name resolution with bridge and firewall [SOLVED]

What's the hardware topology? Your export is of a CCR1009, is it the last hop? No, it is connected to a router you say. So, what is providing DNS for your workstations? Let me see the configuration for whatever is providing DNS too. We need to know, you need to know, packet flow. When you ping from ...
by pcunite
Tue Feb 05, 2019 5:41 pm
Forum: RouterBOARD hardware
Topic: RB2011 Power Adapter Woes
Replies: 3
Views: 441

Re: RB2011 Power Adapter Woes

Honestly the best way around this is just good filtered power and high quality redundant DC adapters.

I agree with that. Since these are RB2011 units, do you think maybe some capacitors are going bad?
by pcunite
Tue Feb 05, 2019 5:46 am
Forum: RouterBOARD hardware
Topic: RB2011 Power Adapter Woes
Replies: 3
Views: 441

Re: RB2011 Power Adapter Woes

Interesting, ever get it sorted out?
by pcunite
Tue Feb 05, 2019 5:35 am
Forum: General
Topic: Hotspot status.html
Replies: 8
Views: 1319

Re: Hotspot status.html

If you don't want a page refresh, you might be able to create a JavaScript function that reads that value in a loop. I've not tested it, however.
by pcunite
Tue Feb 05, 2019 5:28 am
Forum: General
Topic: Windows short name resolution with bridge and firewall [SOLVED]
Replies: 8
Views: 902

Re: Windows short name resolution with bridge and firewall [SOLVED]

Output your configuration via /export compact hide-sensitive file=MyFile.rsc and paste the file data in the forum wrapped in code tags.
by pcunite
Tue Feb 05, 2019 5:11 am
Forum: Beginner Basics
Topic: RB4011
Replies: 3
Views: 379

Re: RB4011

There is a lot to know before setting up a MikroTik. We can show you, but it won't make any sense until you do a lot of reading. Here is a simplistic sample config. If you like, I could help you under a paid assignment. Feel free to solicit the forum, however. /interface wireless set [ find default-...
by pcunite
Mon Feb 04, 2019 9:58 pm
Forum: General
Topic: Windows share - problem
Replies: 6
Views: 818

Re: Windows share - problem

You probably need to change your Windows network configuration from Public back to Private.
by pcunite
Mon Feb 04, 2019 9:39 pm
Forum: Wireless Networking
Topic: wAP AC for medium densidty outdoor Wireless (Hotspot) project
Replies: 7
Views: 658

Re: wAP AC for medium densidty outdoor Wireless (Hotspot) project

Sure no problem, I can share/report everything. Okay, for starters, there is probably no one on the forums who has ever done an install this big and has ever come back to report about it (that I know of). However, the really cool thing about a proper wireless setup is: if you can manage three units...
by pcunite
Mon Feb 04, 2019 7:08 pm
Forum: Wireless Networking
Topic: wAP AC for medium densidty outdoor Wireless (Hotspot) project
Replies: 7
Views: 658

Re: wAP AC for medium densidty outdoor Wireless (Hotspot) project

I will only agree to help you under the following arrangement:

  1. You will do exactly as suggested.
  2. When it doesn't work, you will report. When it does, you will share.
  3. Return to point #1.
by pcunite
Mon Feb 04, 2019 6:53 pm
Forum: RouterBOARD hardware
Topic: CCR1009-8G-1S-1S+ Can't get more than 350-450 Mbps single session, can get more with multiple sessions
Replies: 10
Views: 1262

Re: CCR1009-8G-1S-1S+ Can't get more than 350-450 Mbps single session, can get more with multiple sessions

If you need QoS then Queue Tree should work with fasttrack.

From the manual:
Queues (except Queue Trees parented to interfaces), firewall filter and mangle rules will not be applied for FastTracked traffic.
by pcunite
Sun Feb 03, 2019 11:39 pm
Forum: RouterBOARD hardware
Topic: For real, what is with these blinding power leds?
Replies: 11
Views: 1269

Re: For real, what is with these blinding power leds?

Maybe use a sharpie pen to dim it?
by pcunite
Sat Feb 02, 2019 5:41 pm
Forum: General
Topic: Define SIP in PPPoE
Replies: 5
Views: 689

Re: Define SIP in PPPoE

My understanding, not the authority here, ... for non-encrypted packets, you can identify Session Initiation text that appears. I don't know how traffic is flowing through your router to tell you which chain. This is step 1. Then you need to identify RTP (the audio) which gets randomly assigned to p...
by pcunite
Sat Feb 02, 2019 4:58 pm
Forum: Wireless Networking
Topic: 802.11ax [SOLVED]
Replies: 118
Views: 19670

Re: 802.11ax [SOLVED]

MikroTik should not allow nv2 to be selected on 802.11ac hardware. It is clearly broken, why even give the customer the option of being disappointed?

They need a user experience manager who thinks about these things. Hard to find super techie and yet a client advocate in the same person.
by pcunite
Fri Feb 01, 2019 11:08 pm
Forum: Beginner Basics
Topic: which Mikrotik for a small office
Replies: 1
Views: 245

Re: which Mikrotik for a small office

The RB4011 is a fantastic unit and comes with rack ears to mount it. A step up would be the CCR1009. A step down would be the RB3011.
by pcunite
Fri Feb 01, 2019 8:46 pm
Forum: General
Topic: Winbox Urgent Suggestion
Replies: 15
Views: 1099

Re: Winbox Urgent Suggestion

Not Java, JavaScript . But, yeah, a MAC connection ... hmm, I don't know who to do that. The HTML5 (that's html, css, javascript) client I'm suggesting, that I would personally create, would be entirely over a WebSocket . I've written my own server before and WebSocket is the way to do a proper fast...
by pcunite
Fri Feb 01, 2019 8:22 pm
Forum: General
Topic: Connecting VPN Site Subnets
Replies: 5
Views: 442

Re: Connecting VPN Site Subnets

But I still cannot ping for example 10.0.1.40 from Router A. I still get a timed out response on this attempt.

You'll need forward firewall rules to allow the other network, or you could choose an interface (but L2TP are usually dynamic).
by pcunite
Fri Feb 01, 2019 4:26 pm
Forum: Scripting
Topic: A small project to do ($)
Replies: 1
Views: 308

Re: A small project to do ($)

I am interested in helping you. I recommend the hAP because the tiny USB connector on the hAP lite (both cable and unit side) are easy to break if handled improperly. I don't have a horse in the race, just trying to limit future cost of repairs. The hAP lite is a nice price, however. 5Ghz is also a ...
by pcunite
Fri Feb 01, 2019 4:01 pm
Forum: RouterBOARD hardware
Topic: CRS328-24P-4S+RM Head-Of-Line blocking?
Replies: 3
Views: 524

Re: CRS328-24P-4S+RM Head-Of-Line blocking?

Are you using SwOS or RouterOS?
by pcunite
Fri Feb 01, 2019 3:58 pm
Forum: Wireless Networking
Topic: 802.11ax [SOLVED]
Replies: 118
Views: 19670

Re: 802.11ax [SOLVED]

Guess a lot changes in 7 years

It is fair for MikroTik to fix an issue with a standard that later gets updated and moves on past the fix.
by pcunite
Fri Feb 01, 2019 3:55 pm
Forum: General
Topic: Winbox Urgent Suggestion
Replies: 15
Views: 1099

Re: Winbox Urgent Suggestion

I would like to see a faithful port of Winbox to HTML5~JavaScript. I'm prepared to even make it if paid to do so.
by pcunite
Fri Feb 01, 2019 3:51 pm
Forum: General
Topic: High number of established connections for one address
Replies: 20
Views: 1410

Re: High number of established connections for one address

TCP sessions should be able to last days without a router breaking them.

There is no way I'm going to hold a connection open for that long. Sorry. If you're alive, prove it. A tiny packet every 4m 30secs is not going to break the internet.
by pcunite
Fri Feb 01, 2019 5:00 am
Forum: General
Topic: Setting 2 MikroTik for hot-standby
Replies: 6
Views: 782

Re: Setting 2 MikroTik for hot-standby

How can we make both R1 and R2 config stay in sync?

Beginning from the 6th post here, a fellow forum member has created a script for this purpose.
by pcunite
Fri Feb 01, 2019 4:38 am
Forum: General
Topic: Changing port egress rate causes lockup - CRS328
Replies: 3
Views: 578

Re: Changing port egress rate causes lockup - CRS328

What happens when you make the same change via the command line?
by pcunite
Thu Jan 31, 2019 10:53 pm
Forum: Scripting
Topic: If VLAN Exists Statement
Replies: 2
Views: 295

Re: If VLAN Exists Statement

Would it be possible to parse the output of /interface vlan print ?
by pcunite
Thu Jan 31, 2019 10:41 pm
Forum: General
Topic: Setting 2 MikroTik for hot-standby
Replies: 6
Views: 782

Re: Setting 2 MikroTik for hot-standby

Read about the VRRP concept with MikroTik here.
by pcunite
Wed Jan 30, 2019 9:22 pm
Forum: Wireless Networking
Topic: Hotspot Alternative
Replies: 0
Views: 310

Hotspot Alternative

Subject: I appreciate MikroTik's Hotspot offering and all the work they put into it. But I want a simpler way of allowing internet access instead of redirects which break SSL (TLS) certificate behavior. How about we use the embedded web server in a different way. Read on! Need: I need to allow free...
by pcunite
Wed Jan 30, 2019 5:00 pm
Forum: General
Topic: [Formal Complaint] Support is ignoring my problem for 3 weeks
Replies: 28
Views: 1830

Re: [Formal Complaint] Support is ignoring my problem for 3 weeks

@Frostbyte, I'd liked to jump in here to help you with the frustration. 1. There is a firmware/hardware issue with the WiFi version of the RB4011. I'm on the forums alot, and I'm seeing a pattern with this device. 2. MikroTik has a support problem. Not because their not nice, or they try to be inten...
by pcunite
Wed Jan 30, 2019 4:36 pm
Forum: General
Topic: How to migrate RB3011 to CCR1009
Replies: 4
Views: 422

Re: How to migrate RB3011 to CCR1009

You do realize that your question can not be answered.
by pcunite
Tue Jan 29, 2019 6:38 pm
Forum: Beginner Basics
Topic: [ASK] Mikrotik Hotspot re-login
Replies: 1
Views: 170

Re: [ASK] Mikrotik Hotspot re-login

Remove the cookie option or shorten the time it is valid.
by pcunite
Tue Jan 29, 2019 4:43 am
Forum: General
Topic: High number of established connections for one address
Replies: 20
Views: 1410

Re: High number of established connections for one address

You could modify the settings under "/ip firewall connection tracking". Most connections will implement a keep-alive if they need it open for a long time. I'm using est timeout of 30m with no issues This works well. I use a 5 minute time and have no issues. There is almost nothing doing a keep-aliv...
by pcunite
Mon Jan 28, 2019 8:05 pm
Forum: Wireless Networking
Topic: Art-Net / UDP port 6454 over WIFI
Replies: 9
Views: 667

Re: Art-Net / UDP port 6454 over WIFI

Anyone have some last things for me to try?

Turn off discovery:

/ip neighbor discovery-settings
set discover-interface-list=none

/ipv6 nd
set [ find default=yes ] disabled=yes
by pcunite
Mon Jan 28, 2019 7:19 pm
Forum: General
Topic: DHCP philosophy - where/what is it best served by?
Replies: 9
Views: 654

Re: DHCP philosophy - where/what is it best served by?

You should absolutely not push to control DNS in a Windows Active Directory environment. Not sure why you would want the headache. DNS is very important for Outlook clients for example. Do you know how to setup the resolution for Autodiscover? There are other topics no doubt too that we don't unders...
by pcunite
Sun Jan 27, 2019 11:17 pm
Forum: Beginner Basics
Topic: help : just allow whatsapp ip traffic move on vpn
Replies: 2
Views: 380

Re: help : just allow whatsapp ip traffic move on vpn

That's a beautiful diagram and worthy of our help. Do this, write in your native tongue into this site, then paste the English converted version here. It does quite well.
by pcunite
Sun Jan 27, 2019 11:14 pm
Forum: Beginner Basics
Topic: Traffic Forwarding
Replies: 16
Views: 934

Re: Traffic Forwarding

I believe (no proof yet) the ability to hardware offload, with one bridge, will be coming to more models via a firmware upgrade in the future. So, it is good to understand it and learn it. Just FYI. However, as others have stated, performance is degraded today for all but the CR3x series.
by pcunite
Sun Jan 27, 2019 3:57 pm
Forum: General
Topic: a clear configuration L2TP server on a Mikrotik router
Replies: 6
Views: 1285

Re: a clear configuration L2TP server on a Mikrotik router

12:21:23 ipsec,error no suitable proposal found. 12:21:23 ipsec,error 213.119.169.98 failed to get valid proposal. 12:21:23 ipsec,error 213.119.169.98 failed to pre-process ph1 packet (side: 1, status 1). 12:21:23 ipsec,error 213.119.169.98 phase1 negotiation failed. That is totally normal. Now, yo...
by pcunite
Sat Jan 26, 2019 11:23 pm
Forum: General
Topic: a clear configuration L2TP server on a Mikrotik router
Replies: 6
Views: 1285

Re: a clear configuration L2TP server on a Mikrotik router

Here is how to do it for iOS and Windows 10. Note, that the Windows 10 profile needs to be created via command line to get AES256 support. I don't have experience with Android, but generally speaking, if you can't connect you'll need to use hash-algorithm=sha1 and other less secure methods (not reco...
by pcunite
Sat Jan 26, 2019 7:55 am
Forum: Beginner Basics
Topic: Naming of ROS (and other) devices
Replies: 3
Views: 388

Re: Naming of ROS (and other) devices

  • Firewall
  • Switch1
  • Switch2
  • SwitchEast
  • SwitchFloor1

You don't have to get too creative. : - )
by pcunite
Sat Jan 26, 2019 12:49 am
Forum: General
Topic: PWR-Line AP
Replies: 48
Views: 8511

Re: PWR-Line AP

I was told that this product won't be coming to the UK as MikroTik have no interest in marketing this product in the UK.

Can you hook it up to a short cable convertor, naturally suitable for your environment?
by pcunite
Fri Jan 25, 2019 8:34 pm
Forum: Beginner Basics
Topic: Groove + hAP setup
Replies: 2
Views: 268

Re: Groove + hAP setup

The Groove is the router, the hAP is the switch. You're creating a network. All the normal rules and configurations apply. If you want consultation, I'll help you for flat fee.
by pcunite
Fri Jan 25, 2019 7:23 pm
Forum: General
Topic: From Draytek to Mikrotik...
Replies: 11
Views: 1210

Re: From Draytek to Mikrotik...

How can I master RouterOS? Also, this is for home use, not for work. I don't want to go mad with a terminal interface without a GUI. You need to set aside about 100 hours to do what you're wanting to do and understand it. We could help you, but it would be very frustrating unless you were prepared ...
by pcunite
Fri Jan 25, 2019 7:13 pm
Forum: General
Topic: IKEv2 Site-To-Site VPN
Replies: 4
Views: 735

Re: IKEv2 Site-To-Site VPN

Using BCP to Create Layer 2 Networks Over the Internet by Steve Discher. The video and pdf.
by pcunite
Fri Jan 25, 2019 7:10 pm
Forum: Beginner Basics
Topic: Can't access device via WinBox?
Replies: 2
Views: 258

Re: Can't access device via WinBox?

When you saying that you can't connect via Winbox, how are you attempting to connect? Via IP or MAC?
by pcunite
Fri Jan 25, 2019 6:52 pm
Forum: Wireless Networking
Topic: Cap AC, Hap AC2 or UniFi?
Replies: 38
Views: 10431

Re: Cap AC, Hap AC2 or UniFi?

For roaming just go with ubiquity.

I agree with your post, however, you are coming at this from a commercial perspective. The OP is asking about his home. So, why not just recommend Rukus for everything? I mean, if we're going to go down that road.
by pcunite
Fri Jan 25, 2019 6:47 pm
Forum: Beginner Basics
Topic: Where can I set and see the list of IP addresses (or networks) allowed to access the web configuration tool over SSL?
Replies: 8
Views: 641

Re: Where can I set and see the list of IP addresses (or networks) allowed to access the web configuration tool over SSL

Setting up the firewall is a personal thing. Default drop at the end of both chains is highly recommended. From there you allow things in that you want. For the forward chain, you'll should probably accept related, establish, but also New (if coming from local interface). For controlling MikroTik's ...
by pcunite
Fri Jan 25, 2019 3:05 am
Forum: General
Topic: Radius - wireless login - to Active Directory
Replies: 5
Views: 801

Re: Radius - wireless login - to Active Directory

No harm in sharing it if you can. I don't use this feature, but might someday.
by pcunite
Thu Jan 24, 2019 10:50 pm
Forum: General
Topic: pasting .rsc on a blank slate router
Replies: 4
Views: 497

Re: pasting .rsc on a blank slate router

You got disconnected because you were connected to a port that was somehow reassigned (added to a bridge, name changed, etc.). You'll need to do those steps early, and then you can paste the whole load after that. However, consider using /import instead. You may need to add delay 3 here and there.
by pcunite
Thu Jan 24, 2019 9:24 pm
Forum: Beginner Basics
Topic: Where can I set and see the list of IP addresses (or networks) allowed to access the web configuration tool over SSL?
Replies: 8
Views: 641

Re: Where can I set and see the list of IP addresses (or networks) allowed to access the web configuration tool over SSL

The http(s) server in MikroTik only works if you have created certificates. Do like so: # Create CA certificate first: /certificate add name=IssuedByName common-name=IssuedByName days-valid=1825 key-usage=key-cert-sign,crl-sign # Sign the CA certificate: /certificate sign IssuedByName # Create a reg...
by pcunite
Thu Jan 24, 2019 9:18 pm
Forum: Wireless Networking
Topic: Turn down Tx power
Replies: 20
Views: 1329

Re: Turn down Tx power

So anyways, still no luck getting this thing to lower its transmit power. I would suggest a firmware upgrade, followed by a clean system reset, then enter in settings I showed you for both main and guest. Note that as you increase gain, moving towards a max high of 20 (so start at 10), you will not...
by pcunite
Thu Jan 24, 2019 4:08 pm
Forum: General
Topic: PROTOCOL QUIC PLEASE & QUICkly ;-)
Replies: 8
Views: 1301

Re: PROTOCOL QUIC PLEASE & QUICkly ;-)

Also worth reading: https://calendar.perfplanet.com/2018/quic-and-http-3-too-big-to-fail/ https://datatracker.ietf.org/meeting/100/materials/slides-100-mptcp-a-proactive-approach-to-avoid-performance-degradation-of-mptcp-00 What I want from protocols is a way to tell them how much bandwidth they ca...
by pcunite
Thu Jan 24, 2019 3:10 pm
Forum: Wireless Networking
Topic: Turn down Tx power
Replies: 20
Views: 1329

Re: Turn down Tx power

If there's a reason you suggest 6.40.9? It looks like that's what you're telling me to do for the last (manual/GUI) part, but then why only for the guest profile? And why in the "/interface wireless security-profiles" part are you having me change the key update time? If you're going to run the lon...
by pcunite
Thu Jan 24, 2019 6:55 am
Forum: Wireless Networking
Topic: Turn down Tx power
Replies: 20
Views: 1329

Re: Turn down Tx power

Apply these rules in the terminal. Note the manual line at the end. You'll need to do that in the GUI. You have a lot of non-standard settings. Don't apply a gain over 20. Don't use wpa-psk (only wpa2 versions). Give this a try. Also, I would run 6.40.9 as the latest firmware (prior to the new bridg...
by pcunite
Thu Jan 24, 2019 6:41 am
Forum: General
Topic: Replace RB2011Ui with RB4011iGS
Replies: 2
Views: 320

Re: Replace RB2011Ui with RB4011iGS

Well, you should start afresh, however, you can see what you've done via: /export compact file=MyFile.rsc
by pcunite
Thu Jan 24, 2019 5:18 am
Forum: Wireless Networking
Topic: Turn down Tx power
Replies: 20
Views: 1329

Re: Turn down Tx power

We can help you. Post the output of /interface wireless export hide-sensitive between forum code tags. The correct way to use antenna-gain is a combination of settings that need to be active or not.
by pcunite
Wed Jan 23, 2019 10:17 pm
Forum: General
Topic: UDP SIP INVITEs fragmenting through EoIP
Replies: 8
Views: 542

Re: UDP SIP INVITEs fragmenting through EoIP

I found the Issue - the INVITEs some yealink phones create are always larger than their set MTU, for example with MTU set to 1500, my invites are 1652 bytes, since it sends all the enabled audio/video codecs there, making the packets way too big. With the additional limit of 1450 MTU in the OpenSta...
by pcunite
Wed Jan 23, 2019 10:14 pm
Forum: General
Topic: What about January newsletter?
Replies: 1
Views: 287

Re: What about January newsletter?

I would like to see the announcement of a CRS3xx / 8 port / desktop case / PoE switch. As far as firmware updates, hardware offloading support when using VLAN filtering on more devices, like the RB4011. Lastly, something amazing for the indoor WiFi AP market.
by pcunite
Wed Jan 23, 2019 9:56 pm
Forum: General
Topic: PROTOCOL QUIC PLEASE & QUICkly ;-)
Replies: 8
Views: 1301

Re: PROTOCOL QUIC PLEASE & QUICkly ;-)

QUIC appears to look like udp in winbox, but doesn't have the same behavior. I found this out the hard way after realizing that it doesn't work with rules like connection-rate when marking traffic. There was a bug with connection-rate in the past, are you still having issues? At the moment, I mark ...
by pcunite
Wed Jan 23, 2019 9:31 pm
Forum: General
Topic: PROTOCOL QUIC PLEASE & QUICkly ;-)
Replies: 8
Views: 1301

Re: PROTOCOL QUIC PLEASE & QUICkly ;-)

Can someone share how much of their current traffic is QUIC, please?

The Chrome browser and the iOS YouTube app. How popular are they?
by pcunite
Wed Jan 23, 2019 9:08 pm
Forum: Wireless Networking
Topic: hAP ac2 in busy wifi location
Replies: 3
Views: 563

Re: hAP ac2 in busy wifi location

Country (regulatory-domain), Frequency, Channel width, and Antenna Gain are important and need to be set correctly. Between code tags, paste the output from /export compact hide-sensitive file=MyFile.rsc.
by pcunite
Wed Jan 23, 2019 8:03 pm
Forum: Beginner Basics
Topic: Blocking adult site
Replies: 4
Views: 440

Re: Blocking adult site

Use the DNS from cleanbrowsing.org. They'll also force Google, Bing, DuckDuckGo, to use safe search. If you're trying to stop a MikroTik forum enthusiast. well, you have more work to do.
by pcunite
Wed Jan 23, 2019 6:45 am
Forum: General
Topic: number of BGP networks is limited to 200
Replies: 1
Views: 220

Re: number of BGP networks is limited to 200

See here and here.
by pcunite
Wed Jan 23, 2019 6:00 am
Forum: General
Topic: UDP SIP INVITEs fragmenting through EoIP
Replies: 8
Views: 542

Re: UDP SIP INVITEs fragmenting through EoIP

Try using Bridge Control Protocol. Full video from USA MUM Steve Discher.

Using BCP to Create Layer 2 Networks Over the Internet by Steve Discher. The video and pdf.
by pcunite
Wed Jan 23, 2019 4:54 am
Forum: Beginner Basics
Topic: Information on models and configurations
Replies: 4
Views: 392

Re: Information on models and configurations

This link might be helpful.
by pcunite
Wed Jan 23, 2019 12:11 am
Forum: Beginner Basics
Topic: An idea I want to share..
Replies: 1
Views: 210

Re: An idea I want to share..

Sounds like you would like the idea of port knock. Otherwise, connecting over httpS, logging into a webpage, and then adding the IP would certainly be a valid option. You could control the MikroTik from it's API via a whitelisted IP range.
by pcunite
Mon Jan 21, 2019 7:34 pm
Forum: General
Topic: several AP's including Hotspot
Replies: 6
Views: 473

Re: several AP's including Hotspot

I have added to the description. Do you have any advice? Your setup is very doable. You'll need to understand a lot about VLANing and or RouterOS. There are several ways to do this. Are you renting your house for AirBNB use? Do floor tenants need physical access to ethernet ports? I'm guessing not ...
by pcunite
Sun Jan 20, 2019 5:24 am
Forum: General
Topic: several AP's including Hotspot
Replies: 6
Views: 473

Re: several AP's including Hotspot

Thank you for taking the time to diagram, it helps. I think now you should write a simple text description that details the access and permissions you're thinking about. At first, I was thinking every floor (of which there are two clients) would all be segmented. But then you asked about how can all...
by pcunite
Sat Jan 19, 2019 5:28 pm
Forum: Announcements
Topic: v6.44beta [testing] is released!
Replies: 365
Views: 84154

Re: v6.44beta [testing] is released!

The RB4011 is not an actively-cooled device so it will never be compatible with the S-RJ01. The compatibility table disagrees with You: https://wiki.mikrotik.com/wiki/MikroTik_SFP_module_compatibility_table The S-RJ01 is supported on the CSS/CRS326-24G-2S+ models - and they are passive cooled switc...
by pcunite
Sat Jan 19, 2019 7:39 am
Forum: Beginner Basics
Topic: Your Support Please
Replies: 5
Views: 363

Re: Your Support Please

I am sorry ... I can not find this menu in Mikrotik ???

Connect to the MikroTik and open the Terminal Window. Then you run this command:
/export compact hide-sensitive file=MyFile.rsc
Then you can open the "Files" menu option and download the file.
by pcunite
Sat Jan 19, 2019 6:40 am
Forum: RouterBOARD hardware
Topic: Please recommend router as bridge for 3000 concurrent users [SOLVED]
Replies: 9
Views: 1155

Re: Please recommend router as bridge for 3000 concurrent users [SOLVED]

In any case, the MikroTik device will work like this - a new device is connecting to client's AP - this new device is being redirected to local authorization service (obligatory by law), after authorization - MikroTik device allows further internet access. So, routing, NAT, and firewalling? You hav...
by pcunite
Sat Jan 19, 2019 1:41 am
Forum: Announcements
Topic: v6.44beta [testing] is released!
Replies: 365
Views: 84154

Re: v6.44beta [testing] is released!

Version 6.44beta61 has been released.

rb4011 - improved SFP+ interface linking to 1Gbps;

Does this mean the S-RJ01 is now compatible with the RB4011?
by pcunite
Sat Jan 19, 2019 12:42 am
Forum: General
Topic: For a CCR without switch chip, any way to do packet redirection based on MAC protocol?
Replies: 4
Views: 584

Re: For a CCR without switch chip, any way to do packet redirection based on MAC protocol?

I'm trying to bypass an ISP-issued gateway router with my CCR1009 7G (no switch chip), which involves redirecting EAP packets to the ISP hardware (for authentication). But since my CCR does not have a switch chip, is there any workaround that can be used to achieve this? Can "bridge filtering" be u...
by pcunite
Sat Jan 19, 2019 12:36 am
Forum: General
Topic: Anybody ues AT&T Gigabit Fiber with Mikrotik RouterOS?
Replies: 77
Views: 8962

Re: Anybody ues AT&T Gigabit Fiber with Mikrotik RouterOS?

Good news folks, you don't need anything else but a MikroTik to bypass the AT&T supplied Residential Gateway (ATT RG). No separate hardware needed! The one downside (not really) is that the CPU is involved. Because the RB4011 uses the RTL8367 switch chip, it does not have a Rule table . I have a 100...
by pcunite
Fri Jan 18, 2019 5:33 am
Forum: Beginner Basics
Topic: Multiple networks over rb3011
Replies: 8
Views: 497

Re: Multiple networks over rb3011

I just bought a RB3011, and I want to use one port for gateway, and the other 9 for 3 different networks. See the VLAN post in my signature. I hope to have the routing information added by tomorrow. VLANing with MikroTik will require some learning, which I hope to make simpler for new comers. Take ...
by pcunite
Wed Jan 16, 2019 7:09 pm
Forum: Forwarding Protocols
Topic: [Advertising] Italian book for advanced routing.
Replies: 3
Views: 650

Re: [Advertising] Italian book for advanced routing.

Would like to see it in English.

: - )
by pcunite
Wed Jan 16, 2019 4:21 pm
Forum: General
Topic: Anybody ues AT&T Gigabit Fiber with Mikrotik RouterOS?
Replies: 77
Views: 8962

Re: Anybody ues AT&T Gigabit Fiber with Mikrotik RouterOS?

This post by rajl explains it in more technical detail. AT&T's supplied Residential Gateway, aka RG router (an BGW210-700 in my case) use embedded certificates and the EAPOL protocol to authenticate with their ONT (Alcatel-Lucent G-010G-A) and to their upstream equipment. Thus, at least initially, t...
by pcunite
Tue Jan 15, 2019 11:03 pm
Forum: General
Topic: Anybody ues AT&T Gigabit Fiber with Mikrotik RouterOS?
Replies: 77
Views: 8962

Re: Anybody ues AT&T Gigabit Fiber with Mikrotik RouterOS?

You don't need the att modem/gateway because its not really a modem at least for the internet, all it does is provide a ready made vlan setting for you. I have my MikroTik directly connected to the ONT, ONT to me means fiber to ethernet modem. Its this device that needs to be registered to your acc...
by pcunite
Tue Jan 15, 2019 9:14 pm
Forum: General
Topic: Anybody ues AT&T Gigabit Fiber with Mikrotik RouterOS?
Replies: 77
Views: 8962

Re: Anybody ues AT&T Gigabit Fiber with Mikrotik RouterOS?

Has anyone found a way around the AT&T supplied router? I have fiber to the home now and the tech installed a BGW210-700. I have it configured for IP Passthrough, however it still maintains a NAT Table. Since its just an ethernet patch cable, would like to simply plug into ether1 on the MikroTik.
by pcunite
Sun Jan 13, 2019 6:52 am
Forum: RouterBOARD hardware
Topic: Router that does not sound like a Jet Engine for Home 10G Internet?
Replies: 7
Views: 1208

Re: Router that does not sound like a Jet Engine for Home 10G Internet?

Replace the stock fans with quieter versions. I once did that for an old 3Com switch I had.
by pcunite
Sun Jan 13, 2019 6:49 am
Forum: Beginner Basics
Topic: Can't get full Gigabit download speed on RB4011 [SOLVED]
Replies: 10
Views: 1924

Re: Can't get full Gigabit download speed on RB4011 [SOLVED]

Ether1 as wan or lan? I thought that the 10gb link with the switch would be plenty sufficient

ether1 as WAN. Just wanting you to test to see what happens. Naturally, the SFP should be enough.
by pcunite
Sun Jan 13, 2019 12:49 am
Forum: Beginner Basics
Topic: Can't get full Gigabit download speed on RB4011 [SOLVED]
Replies: 10
Views: 1924

Re: Can't get full Gigabit download speed on RB4011 [SOLVED]

Could you please test using ether1 instead of the SFP+ port?
by pcunite
Sun Jan 13, 2019 12:36 am
Forum: General
Topic: L2TP/IPSEC as a client to VPN providers
Replies: 12
Views: 817

Re: L2TP/IPSEC as a client to VPN providers

Hi, @pcunite Thanks for your reply again. But you are still missing my point, there is no such L2TP server stuff in my configuration. I'm talking about create a L2TP client over IPsec to a VPN provider (which means I'm on client side). Ahhh, missed that too. Sorry about that. I don't use that featu...
by pcunite
Sat Jan 12, 2019 5:13 pm
Forum: General
Topic: L2TP/IPSEC as a client to VPN providers
Replies: 12
Views: 817

Re: L2TP/IPSEC as a client to VPN providers

Because there is no interface created by IPSEC, I need instructions to make firewall rules to route traffic like I was able to do with previous L2TP practice(l2tp is working now but keep dropping randomly, IPSEC seems stable for now, maybe the reason is UDP port 1701 getting interfered but not UDP ...
by pcunite
Fri Jan 11, 2019 11:51 pm
Forum: General
Topic: L2TP/IPSEC as a client to VPN providers
Replies: 12
Views: 817

Re: L2TP/IPSEC as a client to VPN providers

I'm having problems with RouterOS connecting to VPN providers with IPSEC as a client. Let me jump in here and see if I can help. First, are you able to connect using IPsec? If not, then please do the following: 1. Turn on logging: /system logging add topics=ipsec,!packet 2. Start a log capture file...
by pcunite
Fri Jan 11, 2019 9:04 pm
Forum: Beginner Basics
Topic: VoIP traffic shaping doesn't works
Replies: 22
Views: 1161

Re: VoIP traffic shaping doesn't works

Here is my config, I use protocol and port as criteria to mark connections.

This line is probably the issue. It's the parent for VOIP_download.
add max-limit=1600k name=download parent=bridge priority=1
by pcunite
Fri Jan 11, 2019 3:02 pm
Forum: Beginner Basics
Topic: VoIP traffic shaping doesn't works
Replies: 22
Views: 1161

Re: VoIP traffic shaping doesn't works

You cannot have a downstream queue tree! ... it makes no sense to make another queue for people that already entered through the door and assign different priorities to them. The waiting already has happened on the other side. To help those who maybe reading the above comment for the first time. Wh...
by pcunite
Fri Jan 11, 2019 3:59 am
Forum: General
Topic: Misterious Ethernet problem
Replies: 13
Views: 1301

Re: Misterious Ethernet problem

What does the MikroTik log show after this happens? The issue is probably auto negotiation related.
by pcunite
Fri Jan 11, 2019 3:57 am
Forum: Beginner Basics
Topic: Winbox remote connection
Replies: 5
Views: 792

Re: Winbox remote connection

Am I missing something here? Remove all your firewall rules and use this sample rule set that works. Replace 1.1.1.1 with your public and 192.168.0.0 with your private side. Replace bridge-LAN and ether-WAN , naturally. /ip firewall filter add chain=input action=accept connection-state=established,...
by pcunite
Fri Jan 11, 2019 3:46 am
Forum: Wireless Networking
Topic: CAPsMAN issue's
Replies: 9
Views: 800

Re: CAPsMAN issue's

Have done this, the device works fine outside of capsman.

Thank you, I missed that where you had tried it stand-alone. Well, then its an issue with the cap manager. I don't use that feature. I don't know how to help you further.
by pcunite
Thu Jan 10, 2019 10:40 pm
Forum: RouterBOARD hardware
Topic: hap lite not enough space for update [SOLVED]
Replies: 16
Views: 5104

Re: hap lite not enough space for update [SOLVED]

I don't know what you mean with don't use flash directory. Normally, I click on download and install.

Under the Winbox tool, go to the "Files" menu option. Clear out anything there you're not using.
by pcunite
Thu Jan 10, 2019 9:56 pm
Forum: Beginner Basics
Topic: VoIP traffic shaping doesn't works
Replies: 22
Views: 1161

Re: VoIP traffic shaping doesn't works

Spend some time reading here.
by pcunite
Thu Jan 10, 2019 9:54 pm
Forum: General
Topic: Where are your QoS rules?
Replies: 2
Views: 474

Re: Where are your QoS rules?

My understanding is that dropping packets as close to the client as possible is best. However, whatever helps you to be able to manage your network is also a valid concern.
by pcunite
Thu Jan 10, 2019 9:53 pm
Forum: RouterBOARD hardware
Topic: RB2011 and Intel X540-AT2
Replies: 1
Views: 316

Re: RB2011 and Intel X540-AT2

I had some issues with auto-negotiation. There is some trick, but for me the best thing was to just get a RB4011.
by pcunite
Thu Jan 10, 2019 9:50 pm
Forum: General
Topic: RB4011 wlan1 goes unregistered
Replies: 1
Views: 343

Re: RB4011 wlan1 goes unregistered

I'm seeing reports on the board with the RB4011 and wifi. Too early to tell if there is a bug in the firmware or not. Try different wifi settings, set a channel instead of Auto, don't use DFS channels, limit the width to 40Mhz, etc.
by pcunite
Thu Jan 10, 2019 9:47 pm
Forum: Wireless Networking
Topic: WiFi UpLink Solution + Ethernet Downlink
Replies: 1
Views: 272

Re: WiFi UpLink Solution + Ethernet Downlink

You have not mentioned your bandwidth requirements. Start here to see if the hAP ac lite, hAP ac, or RB4011 fit the bill.
by pcunite
Thu Jan 10, 2019 9:44 pm
Forum: Beginner Basics
Topic: VLAN+DHCP
Replies: 4
Views: 513

Re: VLAN+DHCP

I'm really only familiar with using the newer technique for doing this. There is a lot to getting this right. I don't see vlan-filtering set but you're probably not going down that road if you're using the /interface ethernet switch vlan menu anyways. You might try to diagram things out and maybe so...
by pcunite
Thu Jan 10, 2019 9:24 pm
Forum: Wireless Networking
Topic: CAPsMAN issue's
Replies: 9
Views: 800

Re: CAPsMAN issue's

Here are three things you can try to track down the root cause. 1. Take one of the APs and make it s standalone AP. See if a client gets good speeds off that. 2. Scan the area with the slow speeds with the following command. /interface wireless spectral-history wlan1 . Post a screen shot of the outp...
by pcunite
Thu Jan 10, 2019 8:50 pm
Forum: General
Topic: Router o Firewall
Replies: 3
Views: 413

Re: Router o Firewall

Is the RB3011UiAS-RM a router or a firewall? I need to buy a firewall.

The RB3011 is a router with firewalling capability. This is a rack mount unit, so you might also consider the RB4011 which comes in a compact form.
by pcunite
Thu Jan 10, 2019 4:20 pm
Forum: General
Topic: The advantage that wins in portable deployments
Replies: 1
Views: 298

Re: The advantage that wins in portable deployments

You've posted a thoughtful point. I think what you're feeling is what a lot of us who really enjoy using MikroTik feel, that they are so complex no one can use them but us. I'm personally making an effort to document some of the things that get asked here on the forums continually. What I've struggl...
by pcunite
Thu Jan 10, 2019 1:14 am
Forum: SwOS
Topic: CSS326-24G-2S+RM can't access web GUI - what am I doing wrong?
Replies: 9
Views: 1816

Re: CSS326-24G-2S+RM can't access web GUI - what am I doing wrong?

It shows up in winbox, running software 2.7 and with the default ip. Connecting via Mac address gives an error. For fun, I tried via ip since I was already there, and all it did was open a browser tab that never loaded. Ahhh, so sorry. You have a C S S switch. My bad ... I'm only familiar with the ...
by pcunite
Thu Jan 10, 2019 12:30 am
Forum: General
Topic: Mikrotik IKEv2 road warrior VPN bypass fasttrack firewall rule ( SOLVED )
Replies: 9
Views: 896

Re: Mikrotik IKEv2 road warrior VPN bypass fasttrack firewall rule

L2TP ? But i use IKEv2 now

Sorry, but does it create a dynamic interface? I've not used IKEv2.
by pcunite
Wed Jan 09, 2019 9:55 pm
Forum: General
Topic: Mikrotik IKEv2 road warrior VPN bypass fasttrack firewall rule ( SOLVED )
Replies: 9
Views: 896

Re: Mikrotik IKEv2 road warrior VPN bypass fasttrack firewall rule

So is there any firewall rule for IPSec exclude ?

Depending on your rules, you'll need to add the LT2P interface to your list of allowed interfaces.
by pcunite
Wed Jan 09, 2019 9:53 pm
Forum: SwOS
Topic: CSS326-24G-2S+RM can't access web GUI - what am I doing wrong?
Replies: 9
Views: 1816

Re: CSS326-24G-2S+RM can't access web GUI - what am I doing wrong?

Perhaps I got 2 bad switches in a row? My guess is the lack of responses on here means no one has any idea why it's acting this way. Your switch is fine. Here is what you need to do: Turn the power on the switch, connect it to nothing Plug a computer into one of its ports Run Winbox , and then clic...
by pcunite
Wed Jan 09, 2019 9:16 pm
Forum: General
Topic: How to mark http video streams with firewall mangle rules
Replies: 3
Views: 1001

Re: How to mark http video streams with firewall mangle rules

The way to mark video streams is to look for connection rates and bytes. You'll flag a big file download too, but that is probably okay. Thus something like this: /ip firewall mangle add action=mark-connection chain=prerouting connection-bytes=500000-0 connection-mark=HTTP connection-rate=200k-100M ...
by pcunite
Wed Jan 09, 2019 3:04 pm
Forum: Announcements
Topic: v6.42.11 [long-term] is released!
Replies: 42
Views: 9106

Re: v6.42.11 [long-term] is released!

On the RB4011, the minimum RouterOS version is 6.43. Is there a way to install these bugfix versions?
by pcunite
Wed Jan 09, 2019 12:18 am
Forum: Beginner Basics
Topic: Using RouterOS to prioritize (Qos) traffic for a Class C net
Replies: 111
Views: 186063

Re: Using RouterOS to prioritize (Qos) traffic for a Class C net

Should this topic be moved to Useful user articles forum?

I would like to rewrite it, make it a little easier to follow.
by pcunite
Tue Jan 08, 2019 9:26 pm
Forum: General
Topic: RB4011iGS+RM for my use case
Replies: 7
Views: 1058

Re: RB4011iGS+RM for my use case

You're asking a lot of questions for one post and no diagram. So, I'll answer the questions I like best. My understanding and opinions are what follows. What is no routing-fast path? Bridging packets from port to port, aka like a switch under the perfect conditions. What is a "simple queue" vs. "ip ...
by pcunite
Tue Jan 08, 2019 7:50 pm
Forum: Wireless Networking
Topic: Multi router Wifi config
Replies: 1
Views: 269

Re: Multi router Wifi config

Do not ever "mesh" WiFi unless you have to. Always run a cable to each one, all connected back to a central switch/router is best. In your case, I guess you are daisy chaining because the RB951Ui has five ports? That can work too. All comes down to how many clients you want to support. To your quest...
by pcunite
Tue Jan 08, 2019 7:29 pm
Forum: General
Topic: Port Forwarding two devices with the same port
Replies: 3
Views: 595

Re: Port Forwarding two devices with the same port

Can I port forward two devices with the same port?

No.
by pcunite
Tue Jan 08, 2019 7:14 pm
Forum: RouterBOARD hardware
Topic: RB4011 wireless performance?
Replies: 26
Views: 3730

Re: RB4011 wireless performance?

In our case this one https://gzhls.at/blob/ldb/5/6/6/a/3594c3ceab12a4cef8fd319f6847e13ecafb.pdf Only 54 MBit @ ac @mistry7, Would you please make or acquire the data from the following screenshot? This shows the Intel AC-7260 on a ThinkPad X220. The AP was the hAP AC , v6.42.10. Windows 10 1703 sys...
by pcunite
Tue Jan 08, 2019 4:30 pm
Forum: General
Topic: Port forward to a Rogue DHCP Server on a different network [SOLVED]
Replies: 2
Views: 370

Re: Port forward to a Rogue DHCP Server on a different network [SOLVED]

Is it possible that the rogue DHCP server doesn't have default route set to your MT's address? Probably yes as you had to add additional IP address to MTs LAN interface to establish connectivity to it. So you probably have to do SRC-NAT as well...

Brilliant, worked perfectly.
by pcunite
Tue Jan 08, 2019 2:20 pm
Forum: Wireless Networking
Topic: rb4011 wireless version setting / reboot automatically
Replies: 25
Views: 2477

Re: rb4011 wireless version setting

Changed to another one, the problem still exists.

Can you post your config (between code tags)?
by pcunite
Tue Jan 08, 2019 4:30 am
Forum: General
Topic: Linux kernel 4.x - when?
Replies: 8
Views: 2090

Re: Linux kernel 4.x - when?

A little birdie whispered into my ear that March is a welcoming month full of surprises. :-)

Where those chirps or crickets that you heard?

~snicker ...
by pcunite
Tue Jan 08, 2019 2:26 am
Forum: General
Topic: SIP client cannot re-register in the SIP server after switching ISP (different NAT) [SOLVED]
Replies: 58
Views: 9695

Re: SIP client cannot re-register in the SIP server after switching ISP (different NAT) [SOLVED]

I also have a feeling this is a Linux bug at the core, not a ROS bug in particular. It would be nice if MT could implement a fix in current RouterOS, but what if it is already fixed in later Linux kernels? -- Nathan Yes, Peplink has the same issue. If the network bounces and there is NAT at both en...
by pcunite
Tue Jan 08, 2019 1:10 am
Forum: General
Topic: Port forward to a Rogue DHCP Server on a different network [SOLVED]
Replies: 2
Views: 370

Port forward to a Rogue DHCP Server on a different network [SOLVED]

This is a peculiar problem I would like your assistance with. I have a network that someone plugged in a Netgear router/switch combo into. It has DHCP services running on it too, of course . Thus on my MikroTik, I received a DHCP alert that let me know the MAC address. Then I looked up its IP addres...
by pcunite
Mon Jan 07, 2019 12:28 am
Forum: General
Topic: VLAN is to complicated
Replies: 21
Views: 1843

Re: VLAN is to complicated

A bit of behavior that is not really clear to me It is very confusing and so low level that I feel MikroTik needs to remove it. The only hope we have of understanding this (because I don't have access to their VLAN source code) is to read this very closely. I'm still confused because I think they a...
by pcunite
Mon Jan 07, 2019 12:05 am
Forum: Beginner Basics
Topic: Using RouterOS to VLAN your network
Replies: 90
Views: 23117

Re: Using RouterOS to VLAN your network

... Now some criticism: I'm confused by your mentioning of "port-based VLAN" and "trunk port" in the same sentence ... So with port-based VLAN, all ports can be just access ports, each to its own VLAN, and that is it. Once you start using some kind of tags carrying a VLAN ID consciously, in my unde...
by pcunite
Sun Jan 06, 2019 11:14 pm
Forum: General
Topic: VLAN is to complicated
Replies: 21
Views: 1843

Re: VLAN is to complicated

@pcunite: Could you please explain to me this line? # Set the port's egress behavior. /interface bridge vlan add bridge=B1 tagged=B1 untagged=ether1 vlan-ids=20 Is what follows a correct understanding? I am defining a VLAN bridge (in my case, all ports on a B1 bridge). All interfaces within my brid...
by pcunite
Sun Jan 06, 2019 5:54 am
Forum: General
Topic: Guest VLAN with Router + AP using new Bridge VLAN Filtering - Sample config
Replies: 5
Views: 1266

Re: Guest VLAN with Router + AP using new Bridge VLAN Filtering - Sample config

... In your particular scenario ... @sindy, Thank you for your help and feedback. In the spirit of my QoS thread, I'm making one for VLAN. There are so many questions about this topic, that I feel it warrants a special forum post on it. Give me a few weeks, but soon, I'll be seeking your feedback t...