Community discussions

Search found 591 matches

  • 1
  • 2
  • 3
  • 4
  • 5
  • 12
by pcunite
Fri Sep 07, 2018 7:42 pm
Forum: RouterBOARD hardware
Topic: RB4011
Replies: 178
Views: 11988

Re: RB4011

For me it's an issue of perception ... many people who, very reasonably assumed, that it would include the features of the 2011's/3011?

Exactly. I'm not angry, upset, or disenfranchised with MikroTik, but I was hoping for a full Switch/Router combo. A do-it-all device. So, a little disappointed.
by pcunite
Fri Aug 31, 2018 10:22 pm
Forum: RouterBOARD hardware
Topic: RB4011
Replies: 178
Views: 11988

Re: RB4011

Looks good, never used the USB (this unit does have 512mb on board) and the while the LCD is cool, never really used it accept for show. Might use this for a new 1GB fiber service coming into the area.
by pcunite
Thu Jun 28, 2018 5:52 pm
Forum: General
Topic: What are security risks of enabling FastTrack for est\rel connections [SOLVED]
Replies: 12
Views: 528

Re: What are security risks of enabling FastTrack for est\rel connections [SOLVED]

I don't think its a security problem (unless you have special jumping rules I guess). Its that you can't manage them with QTrees (if you're into that sort of thing).
by pcunite
Fri May 11, 2018 3:58 pm
Forum: Wireless Networking
Topic: Wireless woes and how to fix em :)
Replies: 15
Views: 1426

Re: Wireless woes and how to fix em :)

I think best practice is to leave power-mode alone and instead increase the gain if you want to reduce power.
by pcunite
Wed May 09, 2018 5:28 am
Forum: RouterBOARD hardware
Topic: current too low CRS112-8P-4S power VoIP phone [SOLVED]
Replies: 3
Views: 485

Re: current too low CRS112-8P-4S power VoIP phone [SOLVED]

The 48POW did work, however, the 48V2A96W is the new power supply.
by pcunite
Fri Apr 06, 2018 3:30 am
Forum: General
Topic: Multiple Road Warrior L2TP/IPsec clients behind NAT - solved
Replies: 23
Views: 2253

Re: Multiple L2TP/IPsec clients behind NAT - solved

Wow ... I've had issues with this on Peplink devices.

I think MikroTik should someone bake your solution into the firmware somehow.
by pcunite
Thu Apr 05, 2018 7:05 pm
Forum: RouterBOARD hardware
Topic: current too low CRS112-8P-4S power VoIP phone [SOLVED]
Replies: 3
Views: 485

current too low CRS112-8P-4S power VoIP phone [SOLVED]

Hello, I'm attempting to power a Grandstream 2170 phone from the new MikroTik CRS112-8P-4S-IN 8 port switch. The datasheet for the phone states a power draw of 5.4W using 802.3af. I'm using the included power supply plugged into the 18-28V side. When I try the 48-57V side, all the ports flash red. T...
by pcunite
Sat Mar 10, 2018 7:04 am
Forum: Announcements
Topic: Newsletter #81 (March 2018)
Replies: 23
Views: 9389

Re: Newsletter #81 (March 2018)

>> CRS328-24P-4S+RM

Nice!!!
by pcunite
Sat Mar 10, 2018 7:02 am
Forum: Announcements
Topic: Future of LTE products, user feedback requested
Replies: 50
Views: 7697

Re: Future of LTE products, user feedback requested

I would like a device, about the size of the hAP AC, that includes a built-in rechargeable battery. It will provide all the features of the hAP AC, with the added bonus of being able to route traffic over the LTE interface via my AT&T sim card (USA).
by pcunite
Wed Feb 21, 2018 11:37 pm
Forum: RouterBOARD hardware
Topic: HAP AC random reboots
Replies: 3
Views: 537

Re: HAP AC random reboots

Does kinda sound like a hardware issue.
by pcunite
Wed Feb 21, 2018 7:34 pm
Forum: Announcements
Topic: MikroTik News February 2018 (Issue #80)
Replies: 65
Views: 12153

Re: CRS328-24P-4S+RM is finally available

I've received information from our main Mikrotik supplier that CRS328 (24 PoE AF/AT) is already in production/sales.

Excellent, really looking forward to the CRS328-24P-4S+RM.
by pcunite
Wed Feb 21, 2018 5:41 am
Forum: Beginner Basics
Topic: Clearing up some gray areas with my current NAT rules.
Replies: 10
Views: 524

Re: Clearing up some gray areas with my current NAT rules.

You want to keep your other masquerade rule, that's what makes hairpin work. ... So personally I'd just keep two rules, one for main NAT and other for hairpin (like you had it before), it seems easier to understand to me. What I was talking about was the dstnat part. If you use rule with in-interfa...
by pcunite
Wed Feb 21, 2018 4:14 am
Forum: Beginner Basics
Topic: Clearing up some gray areas with my current NAT rules.
Replies: 10
Views: 524

Re: Clearing up some gray areas with my current NAT rules.

In short, one dstnat rule for both internal and external connections is enough. Okay, I get you now. Because my default masquerade specified an interface, I required the rule for the local interface. Please edit my rules down to a fully working example. /ip firewall filter add chain=input action=ac...
by pcunite
Wed Feb 21, 2018 1:56 am
Forum: Beginner Basics
Topic: DVR Forwarding
Replies: 15
Views: 956

Re: DVR Forwarding

When I try to forward wan to lan with out success ... I can not connect from outside of my house.
How are you verifying this? Are you trying to connect from inside your LAN to your external IP and trying to come back in that way?
by pcunite
Wed Feb 21, 2018 1:50 am
Forum: Beginner Basics
Topic: Clearing up some gray areas with my current NAT rules.
Replies: 10
Views: 524

Re: Clearing up some gray areas with my current NAT rules.

@pcunite: So if you'd want to forward e.g. external port 8080 to internal 80, and you'd want it work also from inside, you'd have two rules like this? /ip firewall nat add chain=dstnat action=dst-nat protocol=tcp dst-port=8080 to-addresses=10.1.0.2 to-ports=80 dst-address-type=local dst-address=!10...
by pcunite
Tue Feb 20, 2018 5:09 am
Forum: General
Topic: RB1100Dx4 Multicore issue ?
Replies: 18
Views: 971

Re: RB1100Dx4 Multicore issue ?

I just want you guys to know the CCR1009 just solved the problem. every single core works!

Good to hear.
by pcunite
Tue Feb 20, 2018 5:07 am
Forum: General
Topic: Router capacity
Replies: 14
Views: 651

Re: Router capacity

I would also consider using only G/N on the 2.4Ghz radio ... as opposed to B/G/N
by pcunite
Sun Feb 18, 2018 10:52 pm
Forum: Beginner Basics
Topic: Clearing up some gray areas with my current NAT rules.
Replies: 10
Views: 524

Re: Clearing up some gray areas with my current NAT rules.

the importance of setting in-interface If your port mapping is not one-to-one (8080 -> 80) you'll have issues if you don't set the in-interface to be your WAN interface. I challenge anyone to best these rules! Study them carefully, and be enlightened. # Hairpin and Standard port forwarding example ...
by pcunite
Sat Feb 17, 2018 1:38 am
Forum: Wireless Networking
Topic: Wireless tool suggestion (this could help everybody)
Replies: 5
Views: 365

Re: Wireless tool suggestion (this could help everybody)

As a WISP, I could really use a powerfull tool like this to speed up my entire wireless network of hundreds of APs and thousands of clients ...

I own a software consultancy. If you're serious, I'll build it for you. Won't be cheap.
by pcunite
Sat Feb 17, 2018 1:18 am
Forum: Beginner Basics
Topic: hAP AC + wAP R
Replies: 8
Views: 537

Re: hAP AC + wAP R

@pcunite: you talk about creating a bridge, but in what way? Configure the hAP to provide wifi, dhcp, routing to the internet, etc. On the wAP R, plug it's ether1 into hAP's ether2 (or whatever is available), and set up wAP something like so. /system identity set name=wAPR /interface bridge add nam...
by pcunite
Sat Feb 17, 2018 1:11 am
Forum: General
Topic: VoIP priorization DSCP [SOLVED]
Replies: 1
Views: 302

Re: VoIP priorization DSCP [SOLVED]

Read the posts in my signature.
by pcunite
Fri Feb 16, 2018 12:22 am
Forum: General
Topic: Suggestion to Mikrotik
Replies: 3
Views: 279

Re: Suggestion to Mikrotik

Very nice suggestion. Cash and hardware prizes, access to under development hardware.
by pcunite
Fri Feb 16, 2018 12:19 am
Forum: General
Topic: VoIP / SIP big problems [SOLVED]
Replies: 17
Views: 1677

Re: VoIP / SIP big problems [SOLVED]

So I assume that my NAT rules are fine? If you want/need NAT rules, they should look like this. First a sample firewall script setup to allow NAT. Then a sample NAT rule. /ip firewall filter add chain=input action=accept connection-state=established,related comment="Accept established related" add ...
by pcunite
Thu Feb 15, 2018 5:38 pm
Forum: General
Topic: VoIP / SIP big problems [SOLVED]
Replies: 17
Views: 1677

Re: VoIP / SIP big problems [SOLVED]

You shouldn't need to do anything special, no special firewall rules, no special nat rules, for things to work. Do turn off MikroTik's SIP ALG feature (ip / firewall / service ports, then disable SIP). Your PBX should have some settings for NAT which will keep an open connection over UDP to your pro...
by pcunite
Thu Feb 15, 2018 5:27 am
Forum: General
Topic: RB1100Dx4 Multicore issue ?
Replies: 18
Views: 971

Re: RB1100Dx4 Multicore issue ?

From Firewall / Connections / Tracking set TCP Established Timeout to something small, like 5 minutes to at least drop connections that aren't doing anything. This will not effect active connections. Does this help?
by pcunite
Wed Feb 14, 2018 8:59 pm
Forum: Beginner Basics
Topic: hAP AC + wAP R
Replies: 8
Views: 537

Re: hAP AC + wAP R

You don't need to do anything special on the wAP R. Give its interface an IP (you'll probably create a bridge, that is the interface I'm referring to), set the ip route and your DNS to be your hAP's IP, good to go.
by pcunite
Sat Feb 10, 2018 11:07 pm
Forum: General
Topic: DNS Server, port redirect?
Replies: 3
Views: 295

Re: DNS Server, port redirect?

Does this work for you?
/ip firewall nat
add action=dst-nat chain=dstnat dst-port=80 protocol=tcp  to-addresses=192.168.150.200 to-ports=8000
add action=dst-nat chain=dstnat dst-port=80 protocol=udp to-addresses=192.168.150.200 to-ports=8000
by pcunite
Fri Feb 09, 2018 8:44 pm
Forum: RouterBOARD hardware
Topic: HAP AC2 PERFORMANCE NUMBERS
Replies: 14
Views: 5248

Re: HAP AC2 PERFORMANCE NUMBERS

Yep, looks good. Hoping we can see an 8 port+ router/switch all-in-one based on this.
by pcunite
Fri Feb 09, 2018 4:59 pm
Forum: General
Topic: adding a port with the vlanes to the bridge
Replies: 2
Views: 170

Re: adding a port with the vlanes to the bridge

I don't yet know how to use the new version 6.41 that changes all this. However, for 6.39.3 and lower, you can do something shown below. Not sure of what your goals are with your unit. # READ ME # This is the setup for a single unit with a wlan interface # Create VLAN Trunk port on wlan1 /interface ...
by pcunite
Fri Feb 09, 2018 4:53 pm
Forum: RouterOS v6 RC and v7 BETA
Topic: CVE-2018-5951: MikroTik RouterOS Denial of Service Vulnerability
Replies: 20
Views: 3146

Re: CVE-2018-5951: MikroTik RouterOS Denial of Service Vulnerability

Personally ... I don't want any configuration, have to reset them anyway. I connect with Winbox and set it up from there. However, I do understand that the first time connecting with a web browser, you'd need the MikroTik to have an IP, and that means at least some form of configuration. So, since n...
by pcunite
Fri Feb 09, 2018 4:41 pm
Forum: Beginner Basics
Topic: Configuring RB951Ui-2HnD Router.
Replies: 8
Views: 415

Re: Configuring RB951Ui-2HnD Router.

Take a look at this example configuration. Read all the comments and verify you're okay with it. Before applying this do a system reset configuration (no default, no backup). Then connect to it via WInbox over a MAC address. Notes: Apply this config in sections at a time. The Set interface names if ...
by pcunite
Fri Feb 09, 2018 4:13 pm
Forum: General
Topic: Exchange mailbox access on cell phones [SOLVED]
Replies: 4
Views: 214

Re: Exchange mailbox access on cell phones [SOLVED]

Hair pin example. NAT works in conjunction with your firewall rules. Although the DNS suggestion sounds nice. # Hairpin example # 10.1.0.1 is the router # 10.1.0.2 is your internal server /ip firewall filter add chain=input action=accept connection-state=established,related comment="Allow establishe...
by pcunite
Fri Feb 09, 2018 3:33 pm
Forum: Beginner Basics
Topic: MikroTik Home Setup
Replies: 6
Views: 516

Re: MikroTik Home Setup

You'll want to have at least a CRS1 or CRS3 type switch for VLAN creating and testing.
by pcunite
Fri Feb 09, 2018 1:06 am
Forum: General
Topic: SIP ALG doesn't work in a proper way
Replies: 16
Views: 955

Re: SIP ALG doesn't work in a proper way

I always disable SIP ALG on MikroTik and let my phones and PBX handle NAT (they have options for this). If your phones and PBX can handle it, forgo using the included SIP helper.
by pcunite
Fri Feb 09, 2018 1:04 am
Forum: General
Topic: CRS326 6.41.1 VLAN trunk to WAPAC no traffic
Replies: 3
Views: 442

Re: CRS326 6.41.1 VLAN trunk to WAPAC no traffic

Trim this down some more. You have the wAP config on network 192.168.0.x, yet the CSR326 says that vlan-id 102 is 192.168.2.x. Your firewall rules seem to be for a router, not a switch.

Simplify for me.

:-)
by pcunite
Fri Feb 09, 2018 12:01 am
Forum: Beginner Basics
Topic: Port blocking
Replies: 2
Views: 196

Re: Port blocking

Use the following example. It blocks by default. Change bridge-LAN and ether-WAN to match your interface names, naturally. /ip firewall filter add chain=input action=accept connection-state=established,related comment="Accept established related" add chain=input action=accept in-interface=bridge-LAN...
by pcunite
Thu Feb 08, 2018 11:48 pm
Forum: RouterBOARD hardware
Topic: Mikrotik hAP AC 2.4ghz utterly unusable?
Replies: 5
Views: 587

Re: Mikrotik hAP AC 2.4ghz utterly unusable?

Please help. Everyone is complaining about the internet never working. Export your configuration (pasting it between forum code tags) from this command: /export compact hide-sensitive file=MyFile.rsc The output will be under your "Files" option in the GUI. Here is an example config you should be us...
by pcunite
Sat Feb 03, 2018 10:36 pm
Forum: Announcements
Topic: MikroTik News February 2018 (Issue #80)
Replies: 65
Views: 12153

Re: MikroTik News February 2018 (Issue #80)

Excellent news on the PoE switch! Nice work, MikroTik. I have a 28 IP network camera installation coming up in May of this year. Could really use a rackmount 24 port PoE switch too!
by pcunite
Thu Jan 11, 2018 5:42 am
Forum: Scripting
Topic: Script implementing Active Congestion Control
Replies: 37
Views: 2297

Re: Script implementing Active Congestion Control

Interesting ... may give this a look when I get time.
by pcunite
Sat Jan 06, 2018 5:49 am
Forum: RouterBOARD hardware
Topic: CRS112-8P-4S WHEN?
Replies: 5
Views: 630

Re: CRS112-8P-4S WHEN?

Will be needing the 24 port version soon.
by pcunite
Fri Oct 20, 2017 12:35 am
Forum: Beginner Basics
Topic: accessing NAS from behind mikrotik router
Replies: 3
Views: 416

Re: accessing NAS from behind mikrotik router

Your question does not seem to match the diagram. What is the main router? That is what the NAS is connected to. The secondary "Mikrotik" router has no effect here - if coming from the Internet.
by pcunite
Mon Oct 16, 2017 8:44 pm
Forum: Announcements
Topic: RouterOS (v6.39.3, v6.40.4, v6.41rc) NOT affected by WPA2 vulnerabilities
Replies: 58
Views: 92907

Re: RouterOS NOT affected by WPA2 vulnerabilities

From the link : What if there are no security updates for my router? Our main attack is against the 4-way handshake, and does not exploit access points, but instead targets clients. So it might be that your router does not require security updates. We strongly advise you to contact your vendor for m...
by pcunite
Wed Oct 11, 2017 8:23 pm
Forum: General
Topic: Service Ports, SIP Direct Media, SDP
Replies: 10
Views: 5864

Re: Service Ports, SIP Direct Media, SDP

I just gave a presentation on SIP ALG at the Mikrotik MUM in Denver Colorado 2017 explaining everything about SIP ALG in RouterOS watch here: https://youtu.be/tM7wyKdnIKA Thank you for the presentation. Helpful. One clarification. Grandstream phones and their PBX are both NAT aware - in the sense t...
by pcunite
Tue Oct 10, 2017 7:46 pm
Forum: General
Topic: Intel SFP+ support?
Replies: 11
Views: 950

Re: Intel SFP+ support?

The question is: are the Intel SFP+ optical modules compatible with Mikrotik CCR1072-1G-8S+?
After you buy them, test them, and confirm they are working, the answer to your question will be yes. Otherwise, no.
by pcunite
Tue Oct 10, 2017 7:45 pm
Forum: Wireless Networking
Topic: Default Forward Question
Replies: 2
Views: 334

Re: Default Forward Question

What was your question?
by pcunite
Tue Oct 10, 2017 12:39 am
Forum: General
Topic: Odd VOIP Behavior on Mikrotik 3011
Replies: 12
Views: 670

Re: Odd VOIP Behavior on Mikrotik 3011

Are you talking about on the phone itself?
Yes
by pcunite
Mon Oct 09, 2017 10:52 pm
Forum: General
Topic: Odd VOIP Behavior on Mikrotik 3011
Replies: 12
Views: 670

Re: Odd VOIP Behavior on Mikrotik 3011

I believe they re-register every 240 seconds, according to the vendor.
Change this to be less than 180 seconds, say 120. The remote server maybe terminating them. MikroTik's timeout is 300. Linux is 180 I think.
by pcunite
Fri Oct 06, 2017 2:58 pm
Forum: General
Topic: MikroTik Bandwidth Issues
Replies: 1
Views: 218

Re: MikroTik Bandwidth Issues

You don't mention the hardware, and I don't see an export of your configuration.
by pcunite
Fri Oct 06, 2017 5:48 am
Forum: Beginner Basics
Topic: Here is my last attempt - RB3011 - No Server outbound connection
Replies: 20
Views: 1135

Re: Here is my last attempt - RB3011 - No Server outbound connection

Look at this script. I've minimized it down to something simpler to work on. Read slowly. I don't understand what you're doing with ether1 as opposed to SFP1. The SB4141 does not have a fiber interface. You have an issue there. Before testing this script, I recommend you do a System / Reset # apply ...
by pcunite
Fri Oct 06, 2017 5:41 am
Forum: Beginner Basics
Topic: Here is my last attempt - RB3011 - No Server outbound connection
Replies: 20
Views: 1135

Re: Here is my last attempt - RB3011 - No Server outbound connection

How are you connected to your ISP's modem? Fiber or ether1? You have ether1 in the same bridge as your lan, which has a different subnet.
  • 1
  • 2
  • 3
  • 4
  • 5
  • 12