The best option would be for the bridge to be able to strip VLAN 0, but isn't that something MT needs to fix?
Can someone measure its idle power usage? Preferably with one or two 10g ports connected (optical sfp+ or DAC).
Also, how loud is it under low load circumstances?
... for CCRs, what model switches have people been using in front it to take care of the vlan 0 tagging?
I'm surprised the hEX/RB750Gr3 isn't recommended especially for people on 300/300 or 100/100. Does it not work well with wpa_supplicant despite having a switch chip?
Both? The Bridge Method and the Supplicant Method?
So, I picked up a hEX and ... the boards are identical size and layout - ports, power, usb, LEDs, etc. The hAP board will fit very nicely into the hEX case for anyone interested .
Own certificates are ok, but for own use (personal or some closed group). They are useless for services that have random visitors, because they would have to trust your CA to be able to verify them.
is the only advantage of going with the supplicant method to prevent having the actual ATT Gateway powered on and active at all times?
in the topic Switch with a separate router (RoaS), what is the difference between the Switch Config file and the Router Config file?
I tried this on an RB4011 using certs from an NVG510. Unfortunately I kept getting "rejected" after "authenticating", I did make sure I set the clock properly.
Shouldn't the topic be moved to viewforum.php?f=23?
what about when there are several LAN interfaces?
This is amazing. 802.1x method was incredibly easily once converted to .pem.
do you prefer to put highest priority 1 (in my situation game : Apex) to fast track?
add name=DOWN max-limit=1M parent=LAN queue=default
add name=UP max-limit=100k parent=WAN queue=default
I will still get : Download Mbps 9.68, Upload Mbps 0.56
How is this possible?
Can anyone post reasonable reason why it's important? Verification that file is downloaded is plain strange.
... is buying the certs themselves possible or do I need to specifically buy a NVG510 ... ?
For the purposes of hooking up a PC on port 4 when needed for management, yes I'd thought leaving it as untagged on VLAN 99 as no-one else will have physical access to this and it was purely a quick way should I be locked out.
How the heck do you get into this thing?
I found the free DNS servers at AdGuard to be very good. They seem to have more locations and the roundtrip is only 50ms. They also have some "family friendly" DNS servers which may interest some households.
i have tested that with no better results.
I have just tested a config on the 3011 and it don't seem to be able to get the vlan0 working like the rb4011 does.
/interface ethernet switch port set ether1 vlan-mode=fallback
After all I returned it and bought an RB4011. Wish everything works fine when I receive the new model.
Why do you recommend the RB4011 but without wireless?
Here is my configuration with my modification. I removed the real MAC address for this post.
I added DSCP into my Wireshark columns, and it shows CS6 level for all packets coming from the ONT.
The PoE injector supplied with cAP ac is a passive one. So, powering it from RB4011 should be fine ...
Thanks for the info, I need to buy a new one. Any progress with using wpa_supplicant (Dot1x) to completely remove the use of the AT&T RG gateway?
... while doing speed tests the CPU never goes over 20% ... now 34Mbps is the limit?
To be honest, it’s pure speculation that the config is the cause. But I’m happy to send you my config to look at. Can I email it?
Although not good, but also learning with mistakes.
It's not uncommon - Cisco call it Unicast mode as documented here.
I changed wlan1's MAC address, but this doesn't' fix the problem. 5Ghz still randomly disappearing. Log is clean.
Why is so complicated to get VLANs right on SwOS? There should only exist 3 cases: Trunk, Hybrid (with a PVID), and Access. It should not be that hard.
You can mount two CRS112 in 1U right? Since they're exactly half U?
An important difference - cAP AC has separate antennas for each chain /4/ and better wireless performance for that! hAP AC2 has 2 combined antennas for both frequencies!
!) dot1x - added support for IEEE 802.1X Port-Based Network Access Control (CLI only);
Do you still need to set the RG into bypass mode or should I reset that to defaults, too?
So, would I apply this same configuration on the SWITCH? What would you recommend for the access points?
I have also tried to manually decrease the TX power on the radios in the cAP-ac units, but when I do, I get an error that the feature is not supported.
Where do I install the putty package on my winbox??
We're in 2019 and mobile operators sell 50GB/month for 5€, who needs hotspots anymore?
In any case the distance is now down to 1000m, from 2000m.
So the 60Hz should work fine, but I am still offput by the difficulty in people managing to aim the bloody things.
i would do a netinstall and the attempt a restore from backup.
So the solution from picture attached below is not possible to achieve, right?
Fixed in 6.42.12, 6.43.12 and 6.44
# Web: https://forum.mikrotik.com/viewtopic.php?t=143620
It seems fine with me.