MikroTik

erlinden

What is your definition of "the best"?

erlinden

Do you really need your DNS server to be publically available? And the same question for LDAP?

erlinden

Most modern devices will prefer 5G radio over 2G radio. I do have Mikrotik wireless (while travelling) and Unifi (at home). The latter has band steering turned off. Because it doesn't work as smooth as one would expect and by turning down the 2G radio as low as possible all devices connect with the ...

erlinden

both. Need LAN and WIFI

Do you mean by LAN switching (and how many ports?), or is routing also required? Why did you come up with the RB4011 (will do fine in all cases, just not sure wether it is required)?

erlinden

Do you want to use the new devices as routers or as accesspoints. In case the latter, just use the cAP ac, hAP ac2 or Audience (wasn't aware of this new device...).

erlinden

Reset it without default configuration
Create a bridge and add all interfaces to it
Configure wireless settings (SSID/security/channels/transmission power/etc)
Add DHCP client to bridge (or you could leave this step and do configuration based on MAC address)

erlinden

I use my hAP AC Lite as travel router. Mostly using a wireless backhaul. Works perfectly, haven't had problems on connecting to any wireless network yet. So I fully disagree with @mkx (based on my experience).

erlinden

On the 2G radio only channel 1, 6 and 11 have no overlap (depending on country legislation, there could be more channels). Besides 2G has a higher penetration than 5G. To summarize: - lower transmission power to absolute minimum reuirements - select channels to get least interference - on 2G radio o...

erlinden

Do clients get a correct IP address (including gateway and DNS)?
Have you tried configuring the wAP manually instead of through CAPsMAN?
Could it be a regularity thing, because it is used outside (not all 5G channels are allowed to be used outside)?

erlinden

Please connect your Xbox to the cable that connects your house (and currently your TP-Link). Do the problems still occur?

Besides, can you post a tracert forum.mikrotik.com (do you know how to use the command prompt and how to copy from it)?

erlinden

Can you share some configs for those spam and virus rules?

https://www.howtoforge.com/amavisd_post ... ian_ubuntu
https://www.akadia.com/services/postfix_amavisd.html
https://blog.tinned-software.net/setup- ... h-postfix/

(first three hits on Google)

erlinden

Each channel is 20MHz wide, so you do the math. If I remember correct 40MHz is giving less problems...

erlinden

I probably would choose for cAP ac: https://mikrotik.com/product/cap_ac
But it depends on a lot more than being able to broadcast 6 SSID's (this gives overhead...sure you need 6?).
How many concurrent users per radio?
What are the performance requirements?

erlinden

It depends on the set country code (regulations) and channelwidth:

erlinden

Can you please post a /export hide-sensitive?
Assuming this is a serious topic?

erlinden

I prefer to use an internal DNS server to resolve private (internal) IP addresses instead of public IP addresses. This can be easily achieved by adding static entries.

erlinden

Please provide your config (export hide-sensitive).

erlinden

Who says I haven't sent the sup out info in already regarding the crash? You haven't said you did...and it does make sense to give the advice. Based on the information you supplied...this is not normal operation. Could you please share your config (as per requested by Dude2048)? What version are yo...

erlinden

You can have a site-2-site vpn with dynamic IP addresses.
In my situation I used this blog.: https://blog.pessoft.com/2016/05/29/mik ... s-and-nat/

In your case you have to run the script (for updating DDNS) only at the 20 sites.

erlinden

There is a WiKi page on how to upgrade a RB:
https://wiki.mikrotik.com/wiki/Manual:U ... g_RouterOS

I know that 6.45.2 (current stable) works flawless...not sure why the beta isn't.

Upgrading is not without risks. Make sure you have a backup before performing the upgrade.

erlinden

That's strange, especially as this seems to be a (your?) public IP address...
Your provider uses ns0.proxad.net and ns1.proxad.net (212.27.32.2 and 212.27.32.130).

Can you post a /export hide-sensitive please?
What version are you running?

erlinden

Can you show /ip dns print?

WebFig might have an caching thingie...

erlinden

/ip dhcp-client set use-peer-dns=no

(client is 0)

erlinden

Can you please share all hardware included (especially routers involved) and number of clients? To answer your question: it depends. You can switch this into on big network where you don't have to bother about routing. If you want to keep current configuration, your routing has to be done over the w...

erlinden

Can you please show all wireless settings (including security, password is not relevant)? At what speed is the client connected? Is there a line of sight while testing? How are you testing, iperf3 (preferably)? I prefer to avoid using auto: select a channel that is least used. And use WPA2 AES only....

erlinden

First: Reset your device, make sure "No Default Configuration" is checked. Then: - Reconnect (use MAC instead of IP, WinBox will find your device) - Create bridge and add all interfaces - Add DHCP client to your bridge (then your Mikoritk will be accessible through an IP address) - Configure your wi...

erlinden

Can you please share your current settings?

erlinden

Found this topic (have you tried the search option?): https://forum.mikrotik.com/viewtopic.php?t=86734 By selecting Ceee (or any orther 4 digit option) you will get 80MHz channel width. Make sure you select the channel manually ( I totaly dislike the auto option) and turn down tranmission power (sea...

erlinden

I prefer using fixed channels. That would definitely be my first change in this configuration. Why did you choose the hAP AC over i.e. the RB951G-HnD? How is the interference in your situation? Don’t you have 5G capable devices?

erlinden

You might want to consider turning off fouter functionality on the Mikoritik. Just use it as switch and accesspoint (by removing NAT and creating a bridge where all interfaces should be part of).

erlinden

If I enabled the default firewall in the Quick Config screen and I then went to IP->Cloud and setup a CNAME on my domain what rule to I need to add to the firewall to allow myself to access the router with WinBox remotely from (xxx.xxx.xx.xxx - my office IP) You don't because it is highly unwise. I...

erlinden

FTP uses both port 21 and a range of passive ports. Only forwarding port 21 will not be sufficient.

erlinden

http://lmgtfy.com/?q=how+to+configure+l2tp+mikrotik

erlinden

please tell me how to do. I use winbox only, not console.

From Winbox you can start a terminal, just use the /export hide-sensitive command.

erlinden

Can you please share your config?
What UAP do you use? Is it updated?

erlinden

Can you share your WiFi settings?

erlinden

Could you please provide channel/channelwidth/transmissionpower settings?

erlinden

What is the purpose of the RB if you already have an Asus router?

erlinden

Please correct me if I'm wrong, I would: 1) create a brdige on the hAP-ac and place the SFP and a network port in it 2) create a bridge on the hAP-ac and place the wireless interfaces together with a (different) port in it -> connect this with the hAP-ac2 3) configure the hAP-ac2 as a normal wifi ro...

erlinden

Besides name and password, also security settings have to be equal. And make sure that you choose different channels (don't use auto, 1,6 or 11 on the 2G radio).

Roaming can be achieved by setting the optimum tranmission power (again, don't use auto). Set it as low as possible.

erlinden

I would start by selecting channels manually. For 2G radio use either 1, 6 or 11 and make sure bandwidth is set to 20MHz.

erlinden

Could it be that 5G radio channel is set to auto and that the selected channel is not supported by your device? Or that it was in a DFS waiting state? Perhaps you can share your settings?

erlinden

If you want to configure your cAP ac as accesspoint, you shouldn't configure a DHCP server on it. If you create a bridge and add all interfaces to it (like you did), all devices will get the IP address from the corporate DHCP server (as well as the cAP ac if you define a DHCP client). Two additional...

erlinden

Have you rebooted the router yet?

erlinden

Haven't had problems with this. Could you please supply some information, how is the 2G radio configured? And what is "really bad performance"?

erlinden

What country have you selected? And have you selected regulatory-domain?

erlinden

It depends. What Internet bandwidth do you have, up- and downstream? What will your firewall look like? To summarize, what are your requirements besides number of users!

erlinden

Mikrotik would not give us WPS if it was not secure.

LOL! Do you really think Mikrotik will only provide functionality if it is secure!?

WPS is very secure as it is switched off after that.

Sounds like a valid reason, indeed WPS is only secure if it turned off.

erlinden

You are very wellcome, glad to hear about your progress.

I prefer to use DHCP reservation, this will give you static IP addresses as well.

erlinden

What version are you running on the mAP?
Please don't use the quicksettings...just don't.

erlinden

Reset the mAP (option in the menu), select no configuration

Login the mAP after it is rebooted

Create a bridge

Add all interfaces to the bridge

Add DHCP client if you want to have the mAP an IP address

So...leave the GL 750 as is, nothing to do there

erlinden

Reset it to default, no configuration. Afterwards, you can connect it to the router and configure it (connect to the mAP on MAC address). Next: Make a bridge and have all interfaces part of this bridge. Add a DHCP client (if you want the mAP to have an IP address. Configure your WiFi interfaces as w...

erlinden

I prefer to solve these problems with DNS, just have the service resolved to your internal IP address on your network (and your public IP address for the rest of the world).

erlinden

What client are you using for testing?
At what speed is the client connected?
Can you test with fixed channel?

erlinden

Why not do it properly and run a VPN service? Are you aware that there was (and still is depending on the version of RouterOS you are running) a huge security issue?

erlinden

Are you using fixed channels?
Why do you have two (overlapping) DHCP pools?
Why UPnP?

erlinden

I found this blog to be very helpfull:
https://justinho.com/blog/2017/07/15/hap-ac-lite.html

The benefit of the hAP ac² is CPU power. In the end it all depends on your requirements.

erlinden

[Update] It seems to work with the settings shown underneath... I want to use the Rate Limit in combination with Time For Rate Limited. My preferred schedule would be: 24x7 Internet access Every day, limit at these times: 00:00:00-07:30:00 11:30:00-16:00:00 20:00:00-00:00:00 Though it seems obvious,...

erlinden

It is not a problem, it is unexpected behaviour (for you). Switching channels is de Dynamic part in DFS. The Wiki: https://en.wikipedia.org/wiki/List_of_WLAN_channels gives you an overview on all allowed channels you can select. Perhaps you can do a WiFi scan with a client to find out the best chann...

erlinden

Why do you think the port is limited? What is the CPU load while testing? Could it be cable related (do you see a lot of CRC errors)?

erlinden

Can you please share your wireless settings?

erlinden

On the second router there are no devices connected is used only for WiFi, mobile users only. I thought it is better as it is, doesn't it cause more traffic on my LAN if i set it as acesspoint? Or should i set a different subnet if i set it as acesspoint? It is worse and you only created an additio...

erlinden

What is 'Best performance' for you?

Besides above reply, please configure your second hAP as accesspoint (create one bridge with all interfaces connected to it). It makes no sense to have double NAT.

erlinden

It seems my ISP is blocking port 80. I have changed port number and now all works fine! The problem is solved! Thanks to all! Actually I think you created yourself a bigger problem. Access to the router over a non-encrypted connection. You may want to reconsider your configuration, setting up VPN i...

erlinden

Was the MT supplied by your ISP? If Yes...sure they can. If Not...they won't touch it.
Sure the MT is not compromised by a hacker?

erlinden

Can you please post your public IP address?

erlinden

Lol, sorry. If your router has no gateway, how will it be able to use external DNS servers? Perhaps you can tell us a bit more of what you are doing, how things are connected and what you are trying to accomplish?

erlinden

Can you share a ipconfig /all? Probably you want to set your MirkoTik as (only) DNS server in the DHCP options.

erlinden

Great help here...just one thing (and it might be my preference...) that I want to share:

- Never use auto channel, just do a proper WiFi scan and select the best channels
- On the 2G radio choose either channel 1, 6 or 11. Never use 20/40mhz-Ce! Choose 20mhz.

erlinden

If a 2G WiFi network is sufficient, this is a good solution. Configuration is straight forward:
[*]factory reset without default configuration
[*]put all interfaces on the same switch (or bridge)
[*]configure wireless as required

erlinden

Or run a DNS server on your RB750 and have the website URL resolved to the internal IP address.

erlinden

Port forwarding is not like rocket sience. If you experience difficulties in the firewall and GUI you might want to come to the conclusion that neither MikroTik nor your basic networking knowledge is sufficient.

erlinden

This RB only supports 2G radio (as you know). Bandwidth depends on a ot of factors, the way I would solve it (besides all the steps you have done already) is by using 5G radio. Does the ZTE suport 5G? What speeds do you get with this modem/router? Why do you use the RB as well?

erlinden

What is the use of setting a fixed IP address to an accesspoint? I prefer to have all my IP related stuff done by a DHCP server, reservations for any device necessary.

And to answer you question: DNS is for name resolving. So in any case of name resolving you need a DNS server.

erlinden

Two options (as far as I know):

- Use Capsman
- Configure your cAP as accesspoint *)

*) Reset config with no default, create bridge and add all interfaces to this bridge (or switch), use DHCP client (for configuration options), configure wireless. That's about it.

erlinden

The difference I see with my router is that allow-remote-requests is set to yes while yours is set to no.

erlinden

Can you post the script you are using?

erlinden

Not sure if I understand you correct...do you want to connect the RB1100 to the TM router? If you want double NAT (assumption, based on the fact that you are referring to a private IP range). If the TM is doing DHCP, you can set the RB1100 Address Acquisition to Automatic . Local Network should be s...

erlinden

Same problem is in hap ac lite. It justifies each other differently. Just do not use the mikrotik as a home appliance. True if you don't know completely what you are doing. Otherwise, the device is great! @TS: I have very good results by setting security to AES (and not TKIP, not sure what you used...

erlinden

Try setting 5G radio to a fixed channel. Don't know the implementation of MikroTik but it sure can help.

erlinden

Can you post your configuration please?

erlinden

Seem your internet connect is behind an NAT router.
You must have a direct internet connect.

That or (at least) all ports should be forwarded on the other NAT thing as well. Does it have to do NAT? Can it be in bridge modus? Can you make an overview of your network?

erlinden

What is de purpose of using a router in this case? If you want to create just one big network, configure one bridge on the MikroTik (reset without default) and you are done.

erlinden

Thanks, works like a charm now! Think I should dive into the world of firewalls a bit more...

erlinden

I have created a site to site vpn connection from home to my parrents, based on this tutorial: https://blog.pessoft.com/2016/05/29/mikrotik-ipsec-tunnel-with-ddns-and-nat/ This works very stable (RB3011 - RB951), though the speed is not really high (which is probably caused by the RB951, which doesn...

erlinden

As this device only has a 2G radio, first thought would be interference. How did you configure WiFi? Are there other WiFi networks on the 2G band in your neighborhood?

erlinden

Can you explain what you try to accomplish? Are these site-to-site connections? Context would be very beneficial.

erlinden

There are a lot of tutorials on the Internet, this one helped me a lot:
https://www.techonia.com/6034/configure ... rver-ipsec

erlinden

Have you checked this behaviour with other devices and/or other cables? How is the Hex powered? What firmware version or you running?

erlinden

I did a search on this forum, does this topic answer your question?
viewtopic.php?t=61450

erlinden

Choose the one of routers for vpn server and use cloud /ddns/ for establish the ppp connection !

There is no way to accomplish a "true" peer to peer connection without the use of script?

erlinden

For setting up a router you don't need an ISP. You should connect both computer and wAP AC with a cable and configure as you wish. I check the specs of RB750r2 and it doesn't have wireless. so that means it doesn't support wAP AC? I assume you can connect the both with cable? Please check Capsman: h...

erlinden

If you look at the interfaces and select a LAN connection (in your case ether3) you see the option 'Master Port'. Here you can select ether2.
In the picture the master port hasn't been set yet:

erlinden

Be very careful with cameras directly attached to the Internet. Unless you are willig to help botnets... I would advise to use VPN to make a secure connection to the network over which the camera (or nvr?) can be connected.

erlinden

Wat do you mean with "not picking up"? Are the Unifies supposed to user the MikroTik for wireless uplink purposes? How should the Unifies know about a portal on the MikroTik? Have you made adjustments on the controller? Can you please draw the network with the IP's and inter-device connections? Do h...

erlinden

Sure, think this article can be helpful:
https://www.techonia.com/6034/configure ... rver-ipsec

erlinden

My best guess would be that you want your mAP lite configured as accesspoint.
Just get rid of the configuration, place everything in a bridge and configure WiFi as required.

Think this thread will help you a lot (especially the answer by @Sob):
viewtopic.php?t=94568

erlinden

Can you either explain what you would like to accomplish or draw a picture of the network? Does it have something to do with network bridges...?

By the way, if a topic isn't answered, you might consider updating the topic with relevant information instead of creating a new one.

erlinden

"Related ports" doesn't make sense...I think the best (only?) option would be blocking IP addresses. Lots of examples here on the forum.

erlinden

Think this movie says it all (turn off the sound

):
https://www.youtube.com/watch?v=Afit-y-1TZA

erlinden

Think the easiest way is to configure it as router, why did you choose cpe mode?

erlinden

What port did you forward for mail? Think that port 25 should be forwarded at leat for mail purposes. Can you explain the attached rules?

erlinden

Can you explain why two clients share the same MAC address?

erlinden

I used to run an internal DNS server to revolve My domains to private (internal) IP adresses. The other option is (I think it is called) hairpin NAT.

erlinden

Ask your friend to help you configure this router...I still think this one is really cool (as well as really old...)

erlinden

Remove current configuration and create a bridge afterwards. Let the bridge consist of all LAN and WLAN interfaces and your done. How the MikroTik will behalve as a switch.

erlinden

I think both pietroscherer & Sob mentioned that you have to get into contact with your ISP. They are managing a device that is doing NAT for you.

To get some insights...can you post a tracert www.mikrotik.com? That would be very helpful!

erlinden

If your ISP is blocking ports...you are screwed. I'm still a bit puzzled what your ISP has to do with bypassing router login!?

erlinden

Google found this link for me:
https://wiki.mikrotik.com/wiki/L2TP_%2B ... r_and_a_PC

If you have the option, skip PPTP VPN (security).

erlinden

Have hou tried to reset the device?

erlinden

I configured different VLAN's to isolate my guest network from my normal network. This way both my Unifi accesspoints and my wAP ac can be easibly configured to support different networks. Indeed, virtual wlans connected to a specific VLAN.

erlinden

How are you testing the port forward?
Sure the 192.168.88.254 isn't your router, but the server running both SSH and Web?
What do you see when you browse to http://192.168.88.254?

erlinden

Have both the UAP-AC-LR and the wAP ac. The UAP has better throughput, but I have to admit that I have better tweak skills on the Unifi stack. There is not much difference in the way roaming is working (think both platforms work with a RSSI thresshold). If you prefer a great GUI, Unifi is the way to...

erlinden

Instead of hairpin NAT you can have the webserver revolved to the internal IP address. Just user thee DNS server in thee MT.

erlinden

Why do you want your SSID to be hidden? It's not like really secure as the SSID can be easily captured (if you got the tools).

erlinden

Is 54MB/s your throughput or your connection speed? The latter, I think you mean 54Mb/s, which is indeed to little.
Can you provide some more settings?

erlinden

That's the point I was happy with safe mode. I was never able to connect to the device with no default configuration.

Think I had to connect through WiFi to be able to connect...

erlinden

Thought default configuration contained masquerade and DHCP server...my mistake.

erlinden

If I understand correctly, you are looking for a way to let your device work as a switch with accesspoint functionallity. This can be easaly done by resetting the device with no default configuration: https://forum.mikrotik.com/viewtopic.php?t=71522 Then create a bridge and attach all the interfaces...

erlinden

In this case DNS together with a reverse proxy will do just fine. Make sure all the services have their own name. This way you don't have to do port translation.

erlinden

Instead of getting NAT loopback working, in my opinion it would make more sense to solve this by DNS. Have your MikroTik work as a DNS server for your clients and have all services that run internally resolved to the internal IP address.

erlinden

Please have a look at all the other topics that can be found on the wiki:
https://wiki.mikrotik.com/wiki/Manual:Interface/VLAN

erlinden

And for the forward part, please read:
viewtopic.php?t=50520

erlinden

I stopped using static IP adresses. All devices requiring a static IP address get them from the DHCP server. Just make IP addresses static in the DHCP server (and change them afterwards as required).

erlinden

For remote purposes I would always prefer using a VPN. It gives additional security and can be user for multiple purposes.

erlinden

Out of curiousity...Why would you need this distinction?

erlinden

Do you think Google knows about your (internal) hostnames? Well actually...they might

Make sure the RB750 is used as the only DNS server on your clients. This way only non-internal hosts are revolved by public DNS servers.

erlinden

Which of the two is the VPN server and which the client?
What configuration did you try?
What errors did you run into?

erlinden

Can you post an ipconfig /all. Perhaps clients don't resolve names with the RB750 but instead are using your ISP (or Googles) DNS servers.

erlinden

You are trying to perform a NAT loopback. Think in Mikrotik land it is called hairpin (or something like that).
Why connect to the public IP address instead of the internal server IP address (DNS

)?

erlinden

How is your wAP ac configured?
Can you post IP information?

erlinden

Assuming you are using a domain name, I would resolve the name internally to the NAS and externally to your public IP. Still a bit puzzled why one would like to use a VPN on a internal network.

erlinden

Sorry to hear...

Mostly on forums people ask a question. Perhaps you should ask one too...?
And while you are at it, please supply your hardware, firmware and configuration.

erlinden

Can you please provide us with the settings you used?

erlinden

Thanks for the post, are you using VLANs to isolate the traffic or just using unique SSIDs for access control?

VLAN are used for traffic isolation. The Guest VLAN is only used for WiFi.

erlinden

I was working on this this weekend, what I did: Reset without configuration Configure wan1 & wan2 and enabled them Added virtual wan3 (bound to wan1) & wan4 (bound to wan2) for my guest vlan Put it all in one bridge. Ran into some disconnects but in the end it all worked. Do the clients receive an I...

erlinden

Do you get an IP address on the WAN port of your RB?
Did you leave your modem powerless for a couple of minutes and then powered it all up?

erlinden

Basic configuration is easy...just install Winbox. The default configuration will do fine. Port forwards are a bit more complicated, but there is tons of information available. And there (this) communityis more then willing to help. My advise...just do it. I think if you only require a router the RB...

erlinden

Would be very helpfull if you show us your firewall rules.

erlinden

Spamhaus is indeed listing IP addresses that are sending spam mail. Still puzzled what this has to do with a game server. As long as your customers are able to send spam mail through your public IP addresses you can be sure that it will be listed. Easiest solution, block port 25 out. Why would your ...

erlinden

Everything is possible with Mikrotik. Are you talking about a dozen site-to-site connections? What bandwidth do you need per connection? What is your knowledge on this topic?

erlinden

Are you using IPv6? If not, just turn it off.

Can you please copy the output in the commando prompt instead of taking pictures?

erlinden

Can you post:

ipconfig /all
nslookup www.yahoo.com
nslookup www.yahoo.com 8.8.8.8

erlinden

Do you have something like a dynamic dns solution? How did you configure your VPN server (and why are you still uring PPTP)? Can you provide all information about your setup, like what is in front of the Mikrotik? Which version of RouterOS are you running? Any logs about this situation?

erlinden

I would prefer using VPN over direct connection with port obfuscation.

erlinden

Telnet is available on your WAN interface...that is not a good idea. Please configure VPN for any administration on your MikroTik router (and the rest of the network if required).

erlinden

Any band requirements? DFS support? Etc.?

erlinden

What are the requirements?

erlinden

Have you tried using WinBox?

erlinden

Still not clear to me what you are trying to accomplish...

Would you like to set different privileges per user?
What does your firewall look like?
Why are you (still) using PPTP?

erlinden

lmgtfy

erlinden

Single connection upload will be limited by max upload speed per VDSL connection. If you require faster upload you have to be able to user more connections for thee upload. Like newsservers...

erlinden

You can check this link.

erlinden

You might want to reconsider enabling the router configuration site through the WAN interface. Security (un)wise...in my opinion. Instead enable VPN and browse to the private IP of the router. The public IP is on RB2011? If yes, just put only the public IP in the browser without any port. Don't forg...

erlinden

Thanks blajah, for some reason the forward is working again AND the block is working as well

erlinden

A previously created (and working) port forward is no longer working. This is port 50022 outside forwarded to my Synology NAS. The only things I changed afterwards is installing a VPN server, adding a guest vlan and block all traffic from guest vlan . Another problem I can't solve is how to block al...

erlinden

I just had to open ports 500, 1701 and 4500 for UDP, you should add port forwards like mentioned here:
https://www.nasa-security.net/mikrotik/ ... ith-ipsec/

erlinden

in QuickSet, click the "VPN" checkbox, and a L2TP+IPsec setup will be made automatically, and you can connect right away. So just one click in QuickSet page.

This is really nice! Will this also add necessary firewall rules?

erlinden

I'm running L2TP on my RB750Gr3, only needed the 3 UDP ports.
Have you tried the L2TP VPN server locally?

erlinden

I would suggest creating a VLAN (for the servers) to separate the networks.
Don't forget a firewall rule that drops any traffic between the two.

Wat have you tried so far?

erlinden

By default one of the ports is a WAN port. Which ports did you use? Have you tried two other ports?

erlinden

This YouTube video helped me a lot:
https://www.youtube.com/watch?v=-Q2vCrcI4xI&t=965s

Summary:
Add a VLAN adapter to ethernet 2 (I am using the default configuration)
Add an address to the VLAN
Create a DHCP server and attach it to the VLAN adapter

That's it

erlinden

For performance reasons I suggest using the internal DNS server of your Mikrotik as DNS server for all clients. You can forward requests to any DNS server you like, either OpenDNS or your provider. Still not clear what you would like to accomplish.

erlinden

Have you changed your firewall?
You need to accept several ports...

erlinden

I have the VPN running on my RB750Gr3 and adjusted the firewall with: UDP 500 UDP 4500 UDP 1701 5 See also: IP Protocol Type=UDP, UDP Port Number=500 <- Used by IKEv1 (IPSec control path) IP Protocol Type=UDP, UDP Port Number=4500 <- Used by IKEv1 (IPSec control path) IP Protocol Type=UDP, UDP Port ...

erlinden

Tanks For the respons so far... Building an AP sounds like a good alternative. I found this setup: RB912UAG-5HPnD in combination with R11e-2HPnD OR RB912UAG-2HPnD in combination with R11e-5HnD Either one of the combinations above beter than the other? Or is there a beter alternative? Combine the abo...

erlinden

Current situation: Cable Internet, 50/5Mbps RB951G-2HnD (main router) RB911G-5HPnD (5GHz AccessPoint) New situation: Fiber Internet, 300/300Mbps I'm looking for a new router that is capable of handling the new speed (and preferably is future proof...500/500 Mbps will be available within a couple of ...

erlinden

I tried the WDS Bridge Tutorial but have the feeling that the server (AP) side cannot be configured for both wireless clients and a wds bridge station. Can someone confirm?

erlinden

http://www.e-miel.net/wp-uploads/e-miel.net/2013/06/Network.jpg My existing network consists of the RB951G-2HnD that is setup as standard router (wired/wireless/port forwards/etc.). DHCP is handled by the Server1 (192.168.50.0/24). I want to create a transparent bridge with the RB951-2N, but am a b...

Search found 169 matches