Community discussions

Search found 14 matches

by danypd69
Wed Apr 17, 2019 3:13 pm
Forum: General
Topic: Suggestion: Completely virtual router based on two physical routers
Replies: 137
Views: 17264

Re: Suggestion: Completely virtual router based on two physical routers

Ok I will let you know what happens.
by danypd69
Wed Apr 17, 2019 2:32 pm
Forum: General
Topic: Suggestion: Completely virtual router based on two physical routers
Replies: 137
Views: 17264

Re: Suggestion: Completely virtual router based on two physical routers

Just a question ,should it work if i use two RB1100AHx4?
by danypd69
Wed Apr 17, 2019 9:51 am
Forum: General
Topic: Suggestion: Completely virtual router based on two physical routers
Replies: 137
Views: 17264

Re: Suggestion: Completely virtual router based on two physical routers

Hello, I am trying to use the scripts with two routers (1100Hx2 and 1100Dx4) with RouterOS version 6.44.2 but I am unable to make it working. Are these models ok? My problem is that after the initial $HAPushStandby any connection to the slave does not work anymore, if I try to do $HAPushStandby aga...
by danypd69
Wed Apr 17, 2019 12:08 am
Forum: General
Topic: Suggestion: Completely virtual router based on two physical routers
Replies: 137
Views: 17264

Re: Suggestion: Completely virtual router based on two physical routers

Hello, I am trying to use the scripts with two routers (1100Hx2 and 1100Dx4) with RouterOS version 6.44.2 but I am unable to make it working. Are these models ok? My problem is that after the initial $HAPushStandby any connection to the slave does not work anymore, if I try to do $HAPushStandby agai...
by danypd69
Thu Sep 08, 2016 12:46 pm
Forum: General
Topic: Sporadic connection refused on services behind nat
Replies: 13
Views: 1673

Re: Sporadic connection refused on services behind nat

Ok some other informations, the packets are dropped by the firewall as invalid packets. The question now is why are they marked as invalid? Firewall log Sep 8 11:32:28 192.168.100.254 firewall,info INPUT-INVALID input: in:Wan-1 out:(none), src-mac 00:21:a0:50:50:80, proto TCP (SYN), 5.5.5.5:36006->1...
by danypd69
Thu Sep 08, 2016 12:18 pm
Forum: General
Topic: Sporadic connection refused on services behind nat
Replies: 13
Views: 1673

Re: Sporadic connection refused on services behind nat

Hello, I tested it but the problem persists. I got two connection attempts that failed, from the packet dump it seems that the router ignores the incoming connection. I will enable log on all the drop rules to see if something is logged when it happens. 141 2016-09-08 09:34:29.667713 5.5.5.5 1.1.1.1...
by danypd69
Wed Sep 07, 2016 11:16 pm
Forum: General
Topic: Sporadic connection refused on services behind nat
Replies: 13
Views: 1673

Re: Sporadic connection refused on services behind nat

ok done, now I have 5 chain=input action=accept connection-state=established,related 6 chain=input action=drop connection-state=invalid 7 chain=input action=accept protocol=tcp in-interface=Wan-1 dst-port=1194 8 chain=input action=accept protocol=tcp in-interface=LAN (ether6) dst-port=8291 9 chain=i...
by danypd69
Wed Sep 07, 2016 10:32 pm
Forum: General
Topic: Sporadic connection refused on services behind nat
Replies: 13
Views: 1673

Re: Sporadic connection refused on services behind nat

Ok, here are my new rules. 0 chain=forward action=accept connection-state=established,related 1 chain=forward action=drop connection-state=invalid 2 chain=forward action=accept connection-state=new out-interface=Wan-1 3 chain=forward action=accept connection-nat-state=dstnat 4 chain=forward action=d...
by danypd69
Wed Sep 07, 2016 1:39 pm
Forum: General
Topic: Sporadic connection refused on services behind nat
Replies: 13
Views: 1673

Re: Sporadic connection refused on services behind nat

This is my firewall config, I have other nat rules but they refers to other hosts so they should not cause problems. /ip firewall filter add action=drop chain=input dst-port=53 in-interface=Wan-1 protocol=tcp add action=drop chain=input dst-port=53 in-interface=Wan-1 protocol=udp add action=reject c...
by danypd69
Wed Sep 07, 2016 1:13 pm
Forum: General
Topic: Sporadic connection refused on services behind nat
Replies: 13
Views: 1673

Re: Sporadic connection refused on services behind nat

pukkita you are right but I'm using ftp just as an example,
The problem happens also with other protocols and is related to the connection setup phase not to the ftp protocol.
by danypd69
Wed Sep 07, 2016 12:34 pm
Forum: General
Topic: Sporadic connection refused on services behind nat
Replies: 13
Views: 1673

Re: Sporadic connection refused on services behind nat

It happened again; the capture on the router shows a SYN from my client to the router and an immediate RST,ACK from the router to the client. 37697 2016-09-07 10:32:32.631282 5.5.5.5 1.1.1.1 TCP 74 54818 → 21 [SYN] Seq=0 Win=14600 Len=0 MSS=1402 SACK_PERM=1 TSval=153865795 TSecr=0 WS=64 37698 2016-0...
by danypd69
Wed Sep 07, 2016 10:29 am
Forum: General
Topic: Sporadic connection refused on services behind nat
Replies: 13
Views: 1673

Re: Sporadic connection refused on services behind nat

Rule added, I will report what happens.
Thanks
Daniele
by danypd69
Wed Sep 07, 2016 2:18 am
Forum: General
Topic: Sporadic connection refused on services behind nat
Replies: 13
Views: 1673

Sporadic connection refused on services behind nat

Hello, I have a simple routeros setup that I'm using to forward some services to an internal host; everything works fine but some times per day the connection to the services are refused. I'm using an RB 1100Hx2 with routeros 6.36.2 and I am currently testing the setup with an ftp server. The only o...
by danypd69
Tue Mar 25, 2014 9:02 pm
Forum: General
Topic: VPN cannot ping some hosts
Replies: 1
Views: 519

VPN cannot ping some hosts

Hello, I have a strange problem with a vpn (both openvpn and pptp) This is my setup ROUTER: ETH6 = 192.168.100.254, ETH2 = EXTIP1 HOST 1: ETH0 = 192.168.100.30 HOST 2: ETH0 = EXTIP2, ETH1 = 192.168.100.31 EXTIP and EXTIP2 are two internet public addresses The ethernets are all connected to the same ...