Community discussions

MikroTik App

Search found 2390 matches

  • 1
  • 2
  • 3
  • 4
  • 5
  • 8
by erlinden
Thu Sep 05, 2024 3:57 pm
Forum: General
Topic: IOT devices won't connect using VLAN
Replies: 2
Views: 188

Re: IOT devices won't connect using VLAN

Can you share the config?
/export file=anynameyoulike
Remove serial and any other private info and post between code tags by using the </> button.
by erlinden
Wed Sep 04, 2024 5:17 pm
Forum: General
Topic: Mikrotik Vlan
Replies: 2
Views: 162

Re: Mikrotik Vlan

Can you share the config:
/export file=anynameyoulike
Remove serial and post between code tags by using the </> button.

Also, here is a great reference when it comes to VLAN:
viewtopic.php?t=143620
by erlinden
Wed Sep 04, 2024 4:05 pm
Forum: Wireless Networking
Topic: Slow WiFi [SOLVED]
Replies: 31
Views: 1915

Re: Slow WiFi [SOLVED]

If no VLAN's are involved, the D-Link will do just fine (assuming it has gigabit ports). The cAP ac does handle the wifi-qcom-ac pretty well (in my experience), though I red someone having out of memory problems (therefor a daily reboot was introduced). Haven't seen that problem myself (uptime over ...
by erlinden
Wed Sep 04, 2024 11:28 am
Forum: Wireless Networking
Topic: Legacy and new CAPsMan on the same x86 device
Replies: 6
Views: 657

Re: Legacy and new CAPsMan on the same x86 device

Can someone help?
Depends on how you want it to work exactly. Fyi, legacy supports CAPsMAN forwarding, wifi-qcom(-ac) doesn't.
by erlinden
Wed Sep 04, 2024 9:24 am
Forum: Beginner Basics
Topic: Email Spams problem due to malware in some device in the network
Replies: 3
Views: 273

Re: Email Spams problem due to malware in some device in the network

And how can i disable the port for everyone else
Add a drop rule on the forward chain that drops everything else:
add action=drop chain=forward
Make sure this rule is at the end of your rules.

I prefer the "allow specific traffic and drop everything else" way of thinking.
by erlinden
Tue Sep 03, 2024 5:38 pm
Forum: Beginner Basics
Topic: Email Spams problem due to malware in some device in the network
Replies: 3
Views: 273

Re: Email Spams problem due to malware in some device in the network

Allow on Source Address List, with dst port 587, protocol 6 (tcp), on the forward chain. This should be sufficient information...
by erlinden
Tue Sep 03, 2024 4:13 pm
Forum: Beginner Basics
Topic: Stuck in new setup
Replies: 6
Views: 666

Re: Stuck in new setup

Now I see...you don't want to have your IP address of the accesspoint in the same range as the office IP. Normally (I assumed because of the VLAN ID) you would have a management VLAN where you do the IP assignement of all hardware involved. To get it to work you can set the BAS_VLAN to ID 100. Not s...
by erlinden
Tue Sep 03, 2024 3:25 pm
Forum: Beginner Basics
Topic: Stuck in new setup
Replies: 6
Views: 666

Re: Stuck in new setup

Looks like MGT and CORP VLAN are messed up. I.e. the different network ranges are incorrect. Start with a basic setup and follow the topic by the letter. Then make changes as desired.

In regards to no access, are you using Winbox? Does it show up on discovery?
by erlinden
Tue Sep 03, 2024 8:44 am
Forum: General
Topic: netinstall ethernet port of hap ax3?
Replies: 4
Views: 307

Re: netinstall ethernet port of hap ax3?

Did you follow this wiki step by step?
https://wiki.mikrotik.com/wiki/Manual:Netinstall

As far as I know all ax devices are v7. Any reason for wanting to run v6?
by erlinden
Tue Sep 03, 2024 8:03 am
Forum: General
Topic: Which firmware is better, V6 or V7
Replies: 4
Views: 429

Re: Which firmware is better, V6 or V7

Gentlemen, what is the difference between firmware V6 and V7, which is better?
better?
by erlinden
Mon Sep 02, 2024 10:13 pm
Forum: General
Topic: hap ax3 random wireless disconnects
Replies: 75
Views: 7055

Re: hap ax3 random wireless disconnects

Yes, I know. And I'll tell my corporate laptop it should disconnect more often :D
by erlinden
Mon Sep 02, 2024 10:09 pm
Forum: Scripting
Topic: DuckDNS on Mikrotik
Replies: 1
Views: 227

Re: DuckDNS on Mikrotik

If you post an export of your config, we can have a look:
/export file=anynameyoulike
Post the content here without serial and any other private info en place it in between code tags by using the </> button.
by erlinden
Mon Sep 02, 2024 10:01 pm
Forum: General
Topic: hap ax3 random wireless disconnects
Replies: 75
Views: 7055

Re: hap ax3 random wireless disconnects

Would be beneficial if all people with problems share their config (at least the /interface/wifi part) to validate settings. Additional tip: when going up and down in versions you might run into some strange problems. Actually, I did...hence some steps that might be of use. I would advise (in case y...
by erlinden
Mon Sep 02, 2024 9:55 pm
Forum: Beginner Basics
Topic: capsman stops working after 7.14 upgrade [SOLVED]
Replies: 4
Views: 1602

Re: capsman stops working after 7.14 upgrade [SOLVED]

And in addition to @holvoetn complete answer: when upgrading through CAPsMAN, all packages are required (and installed). Manual upgrade is, as far as I know, the only way to miss packages.
by erlinden
Mon Sep 02, 2024 4:30 pm
Forum: SwOS
Topic: RB260GS login shows error after reset
Replies: 1
Views: 417

Re: RB260GS login shows error after reset

Could it be a cache problem? Have you tried using an InPrivate session?
by erlinden
Fri Aug 30, 2024 11:48 am
Forum: General
Topic: CAPsMAN, RB4011-RB960PGS-cAP AX/wAP ac [SOLVED]
Replies: 16
Views: 1136

Re: CAPsMAN, RB4011-RB960PGS-cAP AX/wAP ac [SOLVED]

Removing and adding the slave interfaces did the trick...working as expected and befor.
Will stick to MikroTik longer.
by erlinden
Fri Aug 30, 2024 11:26 am
Forum: General
Topic: Wifi Interface with no channel
Replies: 6
Views: 377

Re: Wifi Interface with no channel

It is indeed, hence you should install the wireless-7.xx.x-mipsbe.npk package (which is located in the \MIPSBE\Extra packages file.
by erlinden
Fri Aug 30, 2024 10:37 am
Forum: General
Topic: CAPsMAN, RB4011-RB960PGS-cAP AX/wAP ac [SOLVED]
Replies: 16
Views: 1136

Re: CAPsMAN, RB4011-RB960PGS-cAP AX/wAP ac [SOLVED]

I did configure it with VLAN on the bridge, and the HOME network is working perfectly with VLAN ID 50, GUEST on VLAN ID 51 isn't (actually, it created interfaces dynamically with VLAN ID 1 for the GUEST network, hence there were MGT VLAN IP addresses assigned, as that is the untagged VLAN on eth0 of...
by erlinden
Thu Aug 29, 2024 8:14 pm
Forum: General
Topic: CAPsMAN, RB4011-RB960PGS-cAP AX/wAP ac [SOLVED]
Replies: 16
Views: 1136

Re: CAPsMAN, RB4011-RB960PGS-cAP AX/wAP ac [SOLVED]

Thanks as well, @mkx. Really appreciate your help! This is my current config: /interface bridge add admin-mac=xxxxxxxxxxxx auto-mac=no name=bridge-lan /interface ethernet set [ find default-name=ether1 ] name=ether1-trunk set [ find default-name=ether2 ] name=ether2-camera-rechts set [ find default-...
by erlinden
Thu Aug 29, 2024 5:39 pm
Forum: General
Topic: CAPsMAN, RB4011-RB960PGS-cAP AX/wAP ac [SOLVED]
Replies: 16
Views: 1136

Re: CAPsMAN, RB4011-RB960PGS-cAP AX/wAP ac [SOLVED]

Ok, I have adjusted as you configured it and removed the learning part.
Will monitor if this is of any help...thanks!
by erlinden
Thu Aug 29, 2024 5:16 pm
Forum: Beginner Basics
Topic: Default SOHO Firewall Rules
Replies: 10
Views: 662

Re: Default SOHO Firewall Rules

The default rules are enough for protection. Because your picture is no showing (better post /ip/firewall export), it is hard to say what you did. And I'm not going to read some website.
by erlinden
Thu Aug 29, 2024 3:33 pm
Forum: General
Topic: CAPsMAN, RB4011-RB960PGS-cAP AX/wAP ac [SOLVED]
Replies: 16
Views: 1136

Re: CAPsMAN, RB4011-RB960PGS-cAP AX/wAP ac [SOLVED]

The only thing I see in your config that jumps out at me is the independent-learning value.
Thanks gotsprings !

Another difference I notice is that you have switch1-cpu added to all your /interface ethernet switch vlan
May I ask what is the purpose of that?
by erlinden
Thu Aug 29, 2024 1:43 pm
Forum: Wireless Networking
Topic: Recommendations for replacement for Ubiquiti Picostation
Replies: 13
Views: 772

Re: Recommendations for replacement for Ubiquiti Picostation

Can you please add the requirements (apart from being outside and handling 20 caravans)?
by erlinden
Thu Aug 29, 2024 1:02 pm
Forum: General
Topic: CAPsMAN, RB4011-RB960PGS-cAP AX/wAP ac [SOLVED]
Replies: 16
Views: 1136

Re: CAPsMAN, RB4011-RB960PGS-cAP AX/wAP ac [SOLVED]

Bringing this topic back to live. I made all the adjustments to get rid of the VLAN ID = 1 necessity. All is working well, except for wireless and VLAN. For some reason I see in ARP and DHCP (leases) that wireless clients do sometimes get both IP addresses from the HOME or Guest VLAN AND the MGT VLA...
by erlinden
Thu Aug 29, 2024 9:23 am
Forum: General
Topic: CRS3X Switches and storm control/LoopProtect
Replies: 2
Views: 299

Re: CRS3X Switches and storm control/LoopProtect

This could very well be a user problem. Could you share the switch's config?
/export file=anynameyoulike
Remove serial and any other private info and place in between code tags by using the </> button.
by erlinden
Thu Aug 29, 2024 9:21 am
Forum: Beginner Basics
Topic: Need assistance with VLAN Firewall and NAT rules
Replies: 4
Views: 404

Re: Need assistance with VLAN Firewall and NAT rules

Your life would be much easier if you choose to go VLAN all the way. Lots of (correct) and great examples can be found in this topic: https://forum.mikrotik.com/viewtopic.php?t=143620 In regards to the firewall, you could consider allowing explicitely and dropping everything else. Just make sure tha...
by erlinden
Thu Aug 29, 2024 9:17 am
Forum: General
Topic: CapXL simple VLAN tagging [SOLVED]
Replies: 15
Views: 800

Re: CapXL simple VLAN tagging [SOLVED]

Sorry for missing the link. And thanks @jadaz!

The explanation of any setting can be found here:
https://help.mikrotik.com/docs/display/ROS/WiFi
by erlinden
Wed Aug 28, 2024 4:14 pm
Forum: Beginner Basics
Topic: Wireguard Persistent keep alive, Responder
Replies: 5
Views: 433

Re: Wireguard Persistent keep alive, Responder

Keepalive should be set on the "client" peer (as well as the is-responder).
by erlinden
Wed Aug 28, 2024 1:04 pm
Forum: Beginner Basics
Topic: Wireguard Persistent keep alive, Responder
Replies: 5
Views: 433

Re: Wireguard Persistent keep alive, Responder

From the documentation: is-responder (yes | no; Default: no) Specifies if peer is intended to be connection initiator or only responder. Should be used on WireGuard devices that are used as "servers" for other devices as clients to connect to. Otherwise router will all repeatedly try to co...
by erlinden
Wed Aug 28, 2024 12:37 pm
Forum: Wireless Networking
Topic: Slow WiFi [SOLVED]
Replies: 31
Views: 1915

Re: Slow WiFi [SOLVED]

If a wired conneciton is fast, then it is not related to the routing part of the router. I also notice that the 2.4GHz radio is broadcasting on channels 1, 3 and 6. In an ideal world (funny in the 2.4GHz context) you would only use channels 1, 6 and 11. Might want to configure frequencies 2412, 2437...
by erlinden
Wed Aug 28, 2024 11:41 am
Forum: Wireless Networking
Topic: NV2 on AX
Replies: 6
Views: 958

Re: NV2 on AX

Not only that, but the new capsman is not compatible with the older one. So if you have older devices and you buy a new one, you are SOL. Bit harsh, there are two paths you can walk in this use case: - if only ARM devices involved, upgrade them with the wifi-qcom-ac driver. - it is possible to run ...
by erlinden
Wed Aug 28, 2024 11:37 am
Forum: Wireless Networking
Topic: Ether: bridge port receiving packet with its own MAC address
Replies: 15
Views: 915

Re: Ether: bridge port receiving packet with its own MAC address

Can you add both the logging and the config?
/export file=anynameyoulike
Remove serial and any other private info, post in between code tags by using the </> button.
by erlinden
Wed Aug 28, 2024 11:27 am
Forum: General
Topic: Dynamic DNS [SOLVED]
Replies: 12
Views: 669

Re: Dynamic DNS [SOLVED]

You have to come up with your requirements first. If you are aiming for 99.99% uptime, there might be better solutions.
I can tell you it is working perfectly for me, and that might give you the impression it is perfect for you too. But again, only you can tell.
by erlinden
Wed Aug 28, 2024 11:02 am
Forum: General
Topic: Dynamic DNS [SOLVED]
Replies: 12
Views: 669

Re: Dynamic DNS [SOLVED]

So, "down a couple of times" during a period of years can be considered acceptable, right?
Is it acceptable to you? That is all that matters.
by erlinden
Wed Aug 28, 2024 9:41 am
Forum: General
Topic: Dynamic DNS [SOLVED]
Replies: 12
Views: 669

Re: Dynamic DNS [SOLVED]

Have been using it for years. Setup is very easy (checkbox), I noticed that the service has been down a couple of times.
by erlinden
Wed Aug 28, 2024 9:14 am
Forum: General
Topic: CapXL simple VLAN tagging [SOLVED]
Replies: 15
Views: 800

Re: CapXL simple VLAN tagging [SOLVED]

You would need to implement VLAN filtering on the bridge.
If you read this topic, you can find the AccessPoint.rsc which contains an example. In this example, all wifi interfaces are VLAN filtered, you just have to make the guest wifi interfaces so called "access ports".
by erlinden
Tue Aug 27, 2024 6:05 pm
Forum: Wireless Networking
Topic: Big Campus Networking help
Replies: 2
Views: 310

Re: Big Campus Networking help

It depends, especially as these requirements are far from complete.

And where does the maximum number of accesspoints come from?
Why are you assigned with this task?
What is the budget?

Choosing hardware is the least difficult part of this job.
by erlinden
Tue Aug 27, 2024 5:39 pm
Forum: Wireless Networking
Topic: Slow WiFi [SOLVED]
Replies: 31
Views: 1915

Re: Slow WiFi [SOLVED]

Well, then start by describing the issue you need to resolve first.
The topic name might give an indication :D
But agreed, both problem description and the requirements are very welcome!
by erlinden
Tue Aug 27, 2024 5:19 pm
Forum: Wireless Networking
Topic: Slow WiFi [SOLVED]
Replies: 31
Views: 1915

Re: Slow WiFi [SOLVED]

Some feedback requires insights into the config:
/export file=anynameyoulike
Remove serial and any other private info and post here inbtween code tags by using the </> button.
by erlinden
Tue Aug 27, 2024 2:50 pm
Forum: General
Topic: VLAN and Passthrough
Replies: 3
Views: 371

Re: VLAN and Passthrough

A topic which is really going to help you:
viewtopic.php?t=143620
by erlinden
Mon Aug 26, 2024 7:43 pm
Forum: Wireless Networking
Topic: SA Query timeout
Replies: 86
Views: 21236

Re: SA Query timeout

Giving this a go! Disabled it on 5Ghz interface and switched back from WPA2/3 to WPA/WPA2.
Why use WPA (when you can use open)?
8)
by erlinden
Sun Aug 25, 2024 10:16 am
Forum: Beginner Basics
Topic: Stuck in new setup
Replies: 6
Views: 666

Re: Stuck in new setup

Better (best?) idea is using VLAN's. Please read this great topic to get loads of informations and examples:
viewtopic.php?t=143620
by erlinden
Sun Aug 25, 2024 12:30 am
Forum: Beginner Basics
Topic: New router but no 5GHz - broken?
Replies: 3
Views: 419

Re: New router but no 5GHz - broken?

Because the frequency isn't set, it could take up to 10 minutes until the 5GHz radio is broadcasting.
You can set the frequency to 5180 (channel 36) manually to avoid this situation.

Does the log give any info?
At what frequency is the radio broadcasting?
by erlinden
Sat Aug 24, 2024 5:59 pm
Forum: Wireless Networking
Topic: HAP AX2 no connection to CAPsMAN
Replies: 10
Views: 603

Re: HAP AX2 no connection to CAPsMAN

How do I enable the capsman server on one of the AX2? I dont see a Capman option to enable it and set certificate options.
https://help.mikrotik.com/docs/display/ ... ionexample:
by erlinden
Fri Aug 23, 2024 7:29 pm
Forum: Beginner Basics
Topic: New router but no 5GHz - broken?
Replies: 3
Views: 419

Re: New router but no 5GHz - broken?

Yeah...or misconfigured. You make it a bit challenging coming up with a reason with the little info you provide.
Can you post:
/export file=annameyoulike
Remove serial and any other private info.
by erlinden
Thu Aug 22, 2024 2:49 pm
Forum: Wireless Networking
Topic: Mikrotik or others on AX wifi access point
Replies: 160
Views: 7335

Re: Mikrotik or others on AX wifi access point

As I mentioned in the article above, I really don't understand it very well, but maybe I can write the config details here as soon as possible and get ideas from you. Thank you.
Sure, no problem. It would be really great to have the config of the cAP ac as well, just to compare.
by erlinden
Thu Aug 22, 2024 2:44 pm
Forum: Wireless Networking
Topic: Mikrotik or others on AX wifi access point
Replies: 160
Views: 7335

Re: Mikrotik or others on AX wifi access point

What makes you think it is better and what makes you think it is not. Might be interesting to lower transmission power to get better performance.
by erlinden
Thu Aug 22, 2024 11:32 am
Forum: General
Topic: Port 445 is open even though samba is disabled
Replies: 8
Views: 537

Re: Port 445 is open even though samba is disabled

Then it would be interesting to see your complete config:
/export file=anynameyoulike
Remove serial and any other private info.
by erlinden
Thu Aug 22, 2024 9:53 am
Forum: Announcements
Topic: v7.16rc [testing] is released!
Replies: 223
Views: 69403

Re: v7.16rc [testing] is released!

Standalone AP or using CAPsMan?
CAPsMAN:

RB4011, 2x RB960 (v6.49.13), 1x Powerbox Pro (v6.49.13), 2x cAP AX, 1x wAP ac
by erlinden
Wed Aug 21, 2024 4:37 pm
Forum: Announcements
Topic: v7.16rc [testing] is released!
Replies: 223
Views: 69403

Re: v7.16rc [testing] is released!

I ran into a problem with VLAN's: wireless clients got MGT VLAN addresses assigned as well as HOME VLAN addresses. Found out from looking at the DHCP leases and IP ARP entries. After downgrading to 7.15.3 the problem was solved.

Yes, all information was supplied to support.
by erlinden
Wed Aug 21, 2024 4:04 pm
Forum: General
Topic: CRS 317-1G-16S+ Inter-VLAN routing problems (Solved)
Replies: 3
Views: 600

Re: CRS 317-1G-16S+ Inter-VLAN routing problems

Don't use VLAN ID = 1 explicitely /interface vlan add comment="Core infrastructure/Management VLAN" interface=Bridge name=VLAN1 vlan-id=1 add comment="Servers' VLAN" interface=Bridge name=VLAN250 vlan-id=250 Also, I'm missing VLAN 3249 as part of the /interface vlan (while it is ...
by erlinden
Wed Aug 21, 2024 1:53 pm
Forum: General
Topic: VLAN considerations along with CapsMan
Replies: 14
Views: 1128

Re: VLAN considerations along with CapsMan

By using hybrid ports to the CAPs, one can leave them in defaults CAPS Mode. Only identity can be adjusted (if wanted).
by erlinden
Wed Aug 21, 2024 1:51 pm
Forum: General
Topic: manual winbox upgrade
Replies: 5
Views: 388

Re: manual winbox upgrade

Indeed, just replace the existing executable with the new one.
by erlinden
Wed Aug 21, 2024 1:34 pm
Forum: General
Topic: manual winbox upgrade
Replies: 5
Views: 388

Re: manual winbox upgrade

Winbox can be downloaded on the download page:
https://mikrotik.com/download

https://mt.lv/winbox64 (64 bit)
https://mt.lv/winbox (32 bit)
by erlinden
Wed Aug 21, 2024 12:13 pm
Forum: General
Topic: VLAN considerations along with CapsMan
Replies: 14
Views: 1128

Re: VLAN considerations along with CapsMan

One disadvantage of this config, @neki, is that you have to manually adjust the CAPs (as they expect to be able to reach the CAPsMAN untagged by default).
As far as I know, you can't enable bridge VLAN filtering on ax devices. Only on ac devices, using the wifi-qcom-ac driver, this is supported.
by erlinden
Wed Aug 21, 2024 11:30 am
Forum: Wireless Networking
Topic: Legacy and new CAPsMan on the same x86 device
Replies: 6
Views: 657

Re: Legacy and new CAPsMan on the same x96 device

From v7.13.x you get the "new" CAPsMAN (capable of managing ax devices) "for free". It is added in the menu under wifi. The documentation will give you some more insights: https://help.mikrotik.com/docs/display/ROS/WiFi#WiFi-WiFiCAPsMAN The "old" CAPsMAN is part of the ...
by erlinden
Tue Aug 20, 2024 5:46 pm
Forum: General
Topic: Router OS 7 on RBD52G-5HacD2HnD (hAP ac^2)
Replies: 3
Views: 580

Re: Router OS 7 on RBD52G-5HacD2HnD (hAP ac^2)

Downgrade is nearly as easy as upgrading: you have to manually copy the (current) packages to the router en press the downgrade button.
As always, make a complete export (/export file=anynameyoulike) that can be restored any time.
by erlinden
Tue Aug 20, 2024 2:30 pm
Forum: General
Topic: Canon network printing issues
Replies: 2
Views: 319

Re: Canon network printing issues

Bit of an assumption: connect everything to the MikroTik and you will be fine.
If not (possible), make a small network diagram including all clients.
by erlinden
Tue Aug 20, 2024 2:28 pm
Forum: Virtualization
Topic: BTH vpn
Replies: 3
Views: 472

Re: BTH vpn

Here you can find the official documentation including an example:
https://help.mikrotik.com/docs/display/ ... uardtunnel
by erlinden
Tue Aug 20, 2024 11:52 am
Forum: Beginner Basics
Topic: New to Mikrotik
Replies: 19
Views: 1263

Re: New to Mikrotik

Then I found out you have to install QCOM package. So might try updating again.
The disadvantage of upgrading manually is that you could miss an additional package.
You can add it later any time, just add package.

When upgrading automatically, this won't happen.
by erlinden
Mon Aug 19, 2024 5:22 pm
Forum: General
Topic: Low speed via CAPsMAN
Replies: 17
Views: 1093

Re: Low speed via CAPsMAN

It isn't...at least, it shouldn't be.
Please test with iPerf to get better insights on the wireless speed. Using speedtest does include a lot of (possible) influencing factors.

To get best performance, please consider using the wifi-qcom-ac driver.
by erlinden
Mon Aug 19, 2024 4:33 pm
Forum: General
Topic: I have problem with microtick 750GL
Replies: 1
Views: 322

Re: I have problem with microtick 750GL

Might be a cashing thingy...have you tried reinstalling winbox?
What RouterOS and what Winbox version are you using?
by erlinden
Mon Aug 19, 2024 12:10 pm
Forum: Beginner Basics
Topic: Some ports on switches are slow
Replies: 6
Views: 493

Re: Some ports on switches are slow

Are you using RouterOS or SwOS?
Can you share the config of the switch?

Could there be any queue active on the port (or VLAN)?
by erlinden
Mon Aug 19, 2024 9:28 am
Forum: General
Topic: Problem with connecting new cap ax to the Capsman
Replies: 19
Views: 1817

Re: Problem with connecting new cap ax to the Capsman

Looks like your CAPsMAN has some errors: /interface wifi provisioning add action=create-dynamic-enabled disabled=no master-configuration=*4 \ slave-configurations=*3 supported-bands=5ghz-ac add action=create-dynamic-enabled disabled=yes identity-regexp=.*AC.* \ master-configuration=*3 name-format=2G...
by erlinden
Mon Aug 19, 2024 9:16 am
Forum: General
Topic: Allowing a VLAN to Access WAN(Internet)
Replies: 6
Views: 1069

Re: Allowing a VLAN to Access WAN(Internet)

A complete export of /ip/firewall would be very helpfull. Even better...a complete export:
/export file=anynameyoulike
Remove serial and any other private info.
by erlinden
Sat Aug 17, 2024 6:23 pm
Forum: General
Topic: Problem with connecting new cap ax to the Capsman
Replies: 19
Views: 1817

Re: Problem with connecting new cap ax to the Capsman

The wireless interfaces look disabled, can you enable them?
by erlinden
Sat Aug 17, 2024 9:17 am
Forum: Wireless Networking
Topic: Issue with roaming
Replies: 4
Views: 524

Re: Issue with roaming

Happy to hear, you can mark your topic as solved. Will probably give me some karma points 8)
by erlinden
Sat Aug 17, 2024 9:14 am
Forum: Beginner Basics
Topic: WireGuard or OpenVPN [SOLVED]
Replies: 32
Views: 2951

Re: WireGuard or OpenVPN [SOLVED]

If the IPS is blocking the ports , and even if you play with 443 that will not help to establish connections. Not sure why is that,
Are you stating that on the same port and with same protocol OpenVPN will work while Wireguard does (sometimes) not?
by erlinden
Fri Aug 16, 2024 2:20 pm
Forum: General
Topic: Firmware Upgrade
Replies: 4
Views: 527

Re: Firmware Upgrade

Have you checked the log?
by erlinden
Fri Aug 16, 2024 1:55 pm
Forum: General
Topic: Firmware Upgrade
Replies: 4
Views: 527

Re: Firmware Upgrade

Incorrect cpu architecture? Bit more info would be usefull...
by erlinden
Fri Aug 16, 2024 1:00 pm
Forum: Wireless Networking
Topic: Issue with roaming
Replies: 4
Views: 524

Re: Issue with roaming

You can add "fast transition", which should make it more easy for clients to roam: /interface wifi security add authentication-types=wpa2-psk ft=yes ft-over-ds=yes name=JUJUMAESIN-SEC passphrase=[whatever you use] What signal does the client have when connected to the CAP instead of the ro...
by erlinden
Fri Aug 16, 2024 12:35 pm
Forum: General
Topic: Low speed via CAPsMAN
Replies: 17
Views: 1093

Re: Low speed via CAPsMAN

Signal is okay! Frequency was my mistake, please try eiher 5180 or leave it empty (for automatic selection). The latter will choose based on a scan.
by erlinden
Fri Aug 16, 2024 11:23 am
Forum: General
Topic: Low speed via CAPsMAN
Replies: 17
Views: 1093

Re: Low speed via CAPsMAN

Seems a bit low(er) than possible. What is the signal value?
Could you change frequency to 5120 (channel 36)?
Did you perform a frequency scan? Any other wifi networks that could be interferring?
by erlinden
Fri Aug 16, 2024 8:39 am
Forum: General
Topic: Low speed via CAPsMAN
Replies: 17
Views: 1093

Re: Low speed via CAPsMAN

If that is the device you test with...yes.
This information can be found either on /interface/wifi/registration (are you using Winbox?) or on the laptop (are you using Windows?).
by erlinden
Fri Aug 16, 2024 8:30 am
Forum: Wireless Networking
Topic: New CAPsMAN, VLAN and error with provisioning "--- SSID not set"
Replies: 16
Views: 1610

Re: New CAPsMAN, VLAN and error with provisioning "--- SSID not set"

I have found out several topics as well in cookbook, but it seems that it will be not for my setup, so I have to read and find something else.
Here in the documentation you can find it:
https://help.mikrotik.com/docs/display/ ... %22package:
by erlinden
Thu Aug 15, 2024 6:05 pm
Forum: General
Topic: Low speed via CAPsMAN
Replies: 17
Views: 1093

Re: Low speed via CAPsMAN

Can you post at what connection rate the client is connected?
by erlinden
Thu Aug 15, 2024 4:55 pm
Forum: General
Topic: Low speed via CAPsMAN
Replies: 17
Views: 1093

Re: Low speed via CAPsMAN

Can you set local-forwarding to true:

/caps-man datapath
add bridge=bridge-guest name=guest local-forwarding=yes
by erlinden
Thu Aug 15, 2024 1:43 pm
Forum: Wireless Networking
Topic: Mikrotik or others on AX wifi access point
Replies: 160
Views: 7335

Re: Mikrotik or others on AX wifi access point

Within days/weeks the wAP AX will be introduced. Which, if I understood correct, will be smaller.

Accorindg to @Normis:
wAP ax will be a very small device and is coming very very soon (question of days or weeks)
by erlinden
Thu Aug 15, 2024 1:02 pm
Forum: Wireless Networking
Topic: Missing wAP ax successor to wAP ac, what are outdoor AX WiFi alternatives?
Replies: 23
Views: 2063

Re: Missing wAP ax successor to wAP ac, what are outdoor AX WiFi alternatives?

wAP ax will be a very small device and is coming very very soon (question of days or weeks)
:-D :-D :-D
by erlinden
Thu Aug 15, 2024 12:08 pm
Forum: Wireless Networking
Topic: Connecting v6 Device to CAPsMAN v7 [SOLVED]
Replies: 3
Views: 624

Re: Connecting v6 Device to CAPsMAN v7 [SOLVED]

The new CAPsMAN does only support wifi-qcom and wifi-qcom-ac devices. The latter is supported on ac devices, using the ARM processor. Unfortunately, the RB951 is a MIPSBE device, hence you can't find it. If you want it to be managed by your switch, you have to add the wireless package and run two in...
by erlinden
Thu Aug 15, 2024 11:51 am
Forum: General
Topic: Low speed via CAPsMAN
Replies: 17
Views: 1093

Re: Low speed via CAPsMAN

Set extension-channel to either Ce (40MHz) or Ceee (80MHz) on the 5GHz radio to get higher conenction rates. You might as well let the CAPsMAN (actually the CAP) choose a channel itself, as is configured on the hAP ac3.
by erlinden
Thu Aug 15, 2024 9:54 am
Forum: General
Topic: Low speed via CAPsMAN
Replies: 17
Views: 1093

Re: Low speed via CAPsMAN

Why did you set bandwidth to 20MHz on the 5GHz radio? This will probably make a huge difference, when set to 80MHz (Ceee). No need to set VLAN ID 1 on the datapath. Instead of using "2412,2422,2432,2442,2462", you better use 2412,2437,2462 for non overlapping channels. When setting transmi...
by erlinden
Thu Aug 15, 2024 9:15 am
Forum: Beginner Basics
Topic: VLAN on Wifi - Have Unifi AP w no Cloud Key - will it work ? [SOLVED]
Replies: 5
Views: 745

Re: VLAN on Wifi - Have Unifi AP w no Cloud Key - will it work ?

Please elaborate , why are you asking this question on a other vendors forum? Seems to me this is a good question for the UBI forum (or perhaps you already asked there?). Or just join the MikroTik community (as I did) and get proper support. 8) I would expect that the Windows Unifi Controller/Docker...
by erlinden
Wed Aug 14, 2024 8:51 pm
Forum: Wireless Networking
Topic: New CAPsMAN, VLAN and error with provisioning "--- SSID not set"
Replies: 16
Views: 1610

Re: New CAPsMAN, VLAN and error with provisioning "--- SSID not set"

Well... Start by removing this radio MAC address: /interface wifi provisioning add action=create-enabled common-name-regexp="" disabled=no identity-regexp=\ "" master-configuration=config_internal_users radio-mac=00:00:00:00:00:00 \ slave-configurations=config_guests This will pr...
by erlinden
Wed Aug 14, 2024 5:11 pm
Forum: Scripting
Topic: Mac no asignada a dhcp
Replies: 2
Views: 357

Re: Mac no asignada a dhcp

English translation (thanks to Google): Hello, I want to make a foreach based on a list of IPs to check if they are assigned in the dhcp and take action to be positive No answers here...you might get some (paid) support here: https://mikrotik.com/consultants OR What have you done so far. What is wor...
by erlinden
Wed Aug 14, 2024 4:49 pm
Forum: Beginner Basics
Topic: Switch IP address at VLAN [SOLVED]
Replies: 6
Views: 973

Re: Switch IP address at VLAN [SOLVED]

Can you share the config?
/export file=anynameyoulike
Remove serial and any other private info.
by erlinden
Wed Aug 14, 2024 4:11 pm
Forum: Beginner Basics
Topic: Can't change network
Replies: 11
Views: 671

Re: Can't change network

Can you show exactely what IP addresses should be available for DHCP? You are aware that you can configure multiple pools? In addition, can you please share your (relevant part of the) config: /export hide-sensitive file=anynameyoulike Remove serial and any other private info and post here between c...
by erlinden
Wed Aug 14, 2024 3:57 pm
Forum: Announcements
Topic: v7.16rc [testing] is released!
Replies: 223
Views: 69403

Re: v7.16rc [testing] is released!

Do you have examples on what changes you have made that weren't provisioned?
by erlinden
Wed Aug 14, 2024 3:46 pm
Forum: Beginner Basics
Topic: Can't change network
Replies: 11
Views: 671

Re: Can't change network

Have you changed the IP pool? This is where you define the IP addresses that are available.
by erlinden
Wed Aug 14, 2024 3:25 pm
Forum: Wireless Networking
Topic: WIFI 6 AX
Replies: 1
Views: 439

Re: WIFI 6 AX

Could you also show the provisioning?
https://help.mikrotik.com/docs/display/ ... ovisioning
by erlinden
Wed Aug 14, 2024 1:20 pm
Forum: General
Topic: modes and wifi
Replies: 5
Views: 746

Re: modes and wifi

First step, forget Quickset (except for initial config...but then, still forget it). Do it manually, you will get so much more options (besides the knowledge you gain). As soon as I change anything in Winbox, the configuration is gone, I have to repeat everything over and over. This shouldn't be the...
by erlinden
Wed Aug 14, 2024 10:42 am
Forum: RouterBOARD hardware
Topic: CRS328-24P-4S+RM wirespeed switching?
Replies: 3
Views: 502

Re: CRS328-24P-4S+RM wirespeed switching?

Are you refering to the part where this switch is (ab)used as router?
by erlinden
Wed Aug 14, 2024 9:41 am
Forum: Wireless Networking
Topic: Is there a guid for setting up multiple CAP AX with 1 controller
Replies: 5
Views: 607

Re: Is there a guid for setting up multiple CAP AX with 1 controller

Just follow this help page: https://help.mikrotik.com/docs/display/ROS/WiFi#WiFi-WiFiCAPsMAN My tips: - use fixed channels for the 5GHz channels, 40MHz bandwidth (by creating a config/provision rule per CAPS filtered by MAC address) - when not using EAP, use wpa2-psk only with CCMP (only) as encrypt...
by erlinden
Wed Aug 14, 2024 9:26 am
Forum: General
Topic: enable switch chip.. more bandwidth in use?
Replies: 2
Views: 446

Re: enable switch chip.. more bandwidth in use?

Can you show the config as well?
/export file=anynameyoulike
Remove serial and any other private info en post between code tags by using the </> button.
by erlinden
Wed Aug 14, 2024 9:25 am
Forum: Wireless Networking
Topic: WIFI connecting issues
Replies: 6
Views: 963

Re: WIFI connecting issues

Can you give it a try with:

WPA2-PSK (only) and CCMP (as encryption)?
by erlinden
Tue Aug 13, 2024 1:46 pm
Forum: General
Topic: Frequent Crashes After Updates on MikroTik hAP ac3 – Seeking Solutions
Replies: 8
Views: 560

Re: Frequent Crashes After Updates on MikroTik hAP ac3 – Seeking Solutions

Really would like to have a peek at your config:
/export file=anynameyoulike
Remove serial and any other private info.
by erlinden
Tue Aug 13, 2024 10:55 am
Forum: Beginner Basics
Topic: CAPsMAN through Switch under VLAN [SOLVED]
Replies: 15
Views: 1733

Re: CAPsMAN through Switch under VLAN [SOLVED]

Are you running the CAP's in default CAPS Mode? Are the CAP's connected to a hybrid port (where MGT VLAN is untagged)? Would you be willing to share your config?

Thanks! :-D
by erlinden
Tue Aug 13, 2024 10:44 am
Forum: Beginner Basics
Topic: CAPsMAN through Switch under VLAN [SOLVED]
Replies: 15
Views: 1733

Re: CAPsMAN through Switch under VLAN [SOLVED]

I agree except I ran into the problem that clients also received MGT VLAN IP addresses when connecting with a wifi-qcom-ac CAP. Then I started over following the CAPsMAN VLAN description in the help pages (https://help.mikrotik.com/docs/display/ROS/WiFi#WiFi-CAPsMAN-CAPVLANconfigurationexample:). Th...
by erlinden
Tue Aug 13, 2024 10:26 am
Forum: Beginner Basics
Topic: CAPsMAN through Switch under VLAN [SOLVED]
Replies: 15
Views: 1733

Re: CAPsMAN through Switch under VLAN [SOLVED]

For me it works when adding VLAN ID 1 on the switch.
by erlinden
Mon Aug 12, 2024 4:45 pm
Forum: General
Topic: Can't get UPnP to work in RouterOS 7.14.1 (Worked in RouterOS 6.x)
Replies: 15
Views: 1240

Re: Can't get UPnP to work in RouterOS 7.14.1 (Worked in RouterOS 6.x)

Can you post the ouput of:
/ip/upnp print
/ip/upnp/interfaces print
by erlinden
Mon Aug 12, 2024 3:26 pm
Forum: General
Topic: Cap devices only: "Check for updates" error - timeouts
Replies: 5
Views: 465

Re: Cap devices only: "Check for updates" error - timeouts

When using CAPsMAN you can push upgrades. Set package-path and place the packages in that path.
See here:

https://www.youtube.com/watch?v=1Ct6aJXTE5g
by erlinden
Mon Aug 12, 2024 2:48 pm
Forum: General
Topic: How can I access remotely MT behind a modem?
Replies: 13
Views: 712

Re: How can I access remotely MT behind a modem?

Can you change this rule, where the to port is the default Winbox port?

And change this rule in the firewall as well:
/ip firewall filter
add action=accept chain=input dst-port=8291 in-interface=ether1 protocol=tcp
by erlinden
Mon Aug 12, 2024 2:33 pm
Forum: General
Topic: How can I access remotely MT behind a modem?
Replies: 13
Views: 712

Re: How can I access remotely MT behind a modem?

Yes it is behind NAT and does not have a public IP address.
Did you do port forwarding on the NAT device as well?
by erlinden
Mon Aug 12, 2024 1:12 pm
Forum: General
Topic: How can I access remotely MT behind a modem?
Replies: 13
Views: 712

Re: How can I access remotely MT behind a modem?

I would prefer through VPN over making a service available publically.
Is your MT behind NAT, or does it have a publically available IP address?
Who removed all filter rules that are part of the default?
by erlinden
Mon Aug 12, 2024 11:39 am
Forum: Beginner Basics
Topic: Struggling to hard reset and provision cAP-2nD
Replies: 2
Views: 391

Re: Struggling to hard reset and provision cAP-2nD

If you can't access it after a reset (sure the credentials are correct?) and it won't go into CAPS Mode, you could consider to perform a netinstall:
https://help.mikrotik.com/docs/display/ROS/Netinstall
by erlinden
Sun Aug 11, 2024 2:28 pm
Forum: General
Topic: site-site Wiregaurd Setup
Replies: 13
Views: 798

Re: site-site Wiregaurd Setup

As the wireguard interface isn't part of the LAN interface list AND doesn't have an accept rule on the input chain, it is blocked (hence you can't ping it). You can test this by either adding an additional rule: /ip firewall filter add action=accept chain=input comment="defconf: accept ICMP&quo...
by erlinden
Sun Aug 11, 2024 2:14 pm
Forum: Beginner Basics
Topic: Weird filtering issue on 7.15.3
Replies: 2
Views: 412

Re: Weird filtering issue on 7.15.3

Enable logging on the drop rule to get insights why this rule isn't working.

I would expect the double quotes are the problem.
by erlinden
Sun Aug 11, 2024 11:26 am
Forum: Beginner Basics
Topic: First time hAP ax3 setup with VLANs, no traffic going upstream
Replies: 5
Views: 544

Re: First time hAP ax3 setup with VLANs, no traffic going upstream

These are the default firewall rules, with some irrelevant ones removed. :? If you want this device to work as router, you want a masquerade rule. But there is a lot more that is missing. If you want to have it working as switch, please read this great topic: https://forum.mikrotik.com/viewtopic.ph...
by erlinden
Sun Aug 11, 2024 10:07 am
Forum: Beginner Basics
Topic: CAPsMAN through Switch under VLAN [SOLVED]
Replies: 15
Views: 1733

Re: CAPsMAN through Switch under VLAN [SOLVED]

Aah, thanks for the explanation. You are referring to the old version (which is part of the wireless package), while TS is using the new version. The new version lacks the forwarding options.
by erlinden
Sun Aug 11, 2024 10:04 am
Forum: Beginner Basics
Topic: First time hAP ax3 setup with VLANs, no traffic going upstream
Replies: 5
Views: 544

Re: First time hAP ax3 setup with VLANs, no traffic going upstream

Besides a lot of firewall rules....VLAN filtering isn't enabled on the bridge.
by erlinden
Sun Aug 11, 2024 9:57 am
Forum: Wireless Networking
Topic: Too many interfaces for radio (CAPsMAN)
Replies: 3
Views: 426

Re: Too many interfaces for radio (CAPsMAN)

Seems to me that there are more SSID/interfaces configured than can be handled. A quick peek on your config will give better insights, can you pleas share it? /interface/wifi export file=anynameyoulike Remove serial and any other private info and post in between code tags by using the </> button.
by erlinden
Sun Aug 11, 2024 9:54 am
Forum: Beginner Basics
Topic: hAP ax3 with issues after reset
Replies: 8
Views: 1104

Re: hAP ax3 with issues after reset

My tips:
Change power supply (just to be sure)
Netinstall the device:
https://help.mikrotik.com/docs/display/ROS/Netinstall
by erlinden
Sun Aug 11, 2024 9:52 am
Forum: Wireless Networking
Topic: cAPs name in CAPsMan
Replies: 2
Views: 362

Re: cAPs name in CAPsMan

I have: - set identity on the CAP - use %I in the Name Format (as part of the provisioning From the documentation : name-format (string) Base string to use when constructing names of provisioned interfaces. Each new interface will be created by taking the base string and appending a number to the en...
by erlinden
Sat Aug 10, 2024 11:17 pm
Forum: Beginner Basics
Topic: CAPsMAN through Switch under VLAN [SOLVED]
Replies: 15
Views: 1733

Re: CAPsMAN through Switch under VLAN [SOLVED]

Local forwarding should be enabled on the datapaths because the AP is not directly connected behind the CAPsMAN Not sure what exactely you are referring to, but from the wiki: WiFi CAPsMAN only passes wireless configuration to the CAP, all forwarding decisions are left to the CAP itself - there is ...
by erlinden
Sat Aug 10, 2024 7:01 pm
Forum: General
Topic: CAPsMAN, RB4011-RB960PGS-cAP AX/wAP ac [SOLVED]
Replies: 16
Views: 1136

Re: CAPsMAN, RB4011-RB960PGS-cAP AX/wAP ac [SOLVED]

Yeah...as it seams. Remains the question...why should I add the "independent-learning=yes" for VLAN 1 on the switch?

And thanks for the addition, I added this indeed.
by erlinden
Sat Aug 10, 2024 5:56 pm
Forum: General
Topic: site-site Wiregaurd Setup
Replies: 13
Views: 798

Re: site-site Wiregaurd Setup

Checked your conig (better to place it inbetween code tags by using the </> button): /ip address add address=192.168.10.1/24 interface=" WG-HQ" network=192.168.10.0 Should be: /ip address add address=192.168.10.1/32 interface=" WG-HQ" network=192.168.10.0 AND /ip address add addr...
by erlinden
Sat Aug 10, 2024 4:55 pm
Forum: General
Topic: site-site Wiregaurd Setup
Replies: 13
Views: 798

Re: site-site Wiregaurd Setup

Mikrotik has a great explanation: https://help.mikrotik.com/docs/display/ROS/WireGuard#WireGuard-SitetoSiteWireGuardtunnel Did you add this part to the firewall as well (don't mind the used IP addresses...)? Additionally, it is possible that the "forward" chain restricts the communication ...
by erlinden
Sat Aug 10, 2024 1:48 pm
Forum: General
Topic: CAPsMAN, RB4011-RB960PGS-cAP AX/wAP ac [SOLVED]
Replies: 16
Views: 1136

CAPsMAN, RB4011-RB960PGS-cAP AX/wAP ac [SOLVED]

I need some VLAN help. I run a router with 2 VLAN's: 50 (HOME) and 51 (Guests). I use CAPsMAN to manage my 2 cAP AX and 1 wAP ac. One cAP AX is connected to the RB4011 directly, the second (and the wAP ac) are conencted through the RB 960PGS. All devices are connected through trunk ports (VLAN 50 an...
by erlinden
Thu Aug 08, 2024 6:52 pm
Forum: Beginner Basics
Topic: Wi-Fi connection randomly drops, then reconnects in seconds [SOLVED]
Replies: 21
Views: 2212

Re: Wi-Fi connection randomly drops, then reconnects in seconds [SOLVED]

Can you try setting encryption to, mbach:
encryption=ccmp,gcmp,ccmp-256,gcmp-256
And use wpa2-psk only.

And enable debug, wifi logging to get some additional information.
by erlinden
Thu Aug 08, 2024 11:12 am
Forum: General
Topic: HAP AX2 dead
Replies: 7
Views: 864

Re: HAP AX2 dead

by erlinden
Mon Aug 05, 2024 5:48 pm
Forum: Beginner Basics
Topic: tagged and untagged in one vlan table
Replies: 10
Views: 725

Re: tagged and untagged in one vlan table

The VLAN bible of Mikrotik:
viewtopic.php?t=143620

Thanks snippan for the addition. I just wanted to add it...
by erlinden
Mon Aug 05, 2024 1:38 pm
Forum: General
Topic: DoH configured but apparently not working
Replies: 3
Views: 503

Re: DoH configured but apparently not working

Did you succesfully import the certificate that is used? Anything in the log that might give an indication? Does it work if you (temporarily) disable certificate check?
Can you also check if https://1.1.1.1/dns-query does work?
by erlinden
Sun Aug 04, 2024 11:13 am
Forum: Wireless Networking
Topic: 7.15.x CAPsMAN Setup
Replies: 32
Views: 3420

Re: 7.15.x CAPsMAN Setup

OK so if I'm reading this page right, I have to do specific config on -each- CAP in order for wifi to work on a VLAN. No, you don't. What is shown is a config if you want to do it manually from scratch. If you either reset it to CAPS Mode through the reset button or the menu option it will give you...
by erlinden
Sat Aug 03, 2024 6:52 pm
Forum: Beginner Basics
Topic: wifi-qcom/AX manual WiFi uplink
Replies: 4
Views: 1105

Re: wifi-qcom/AX manual WiFi uplink

If memory serves me well, it shows that there are no clients connected to the radio.

Do you want to have feedback on your config?
/export file=anynameyoulike
Remove serial and any other private info.
by erlinden
Sat Aug 03, 2024 12:37 am
Forum: Wireless Networking
Topic: hAP ax3 wireless problem [SOLVED]
Replies: 174
Views: 35079

Re: hAP ax3 wireless problem [SOLVED]

What reasons could there be for the “Link downs” of a 5Ghz meter to trigger?
If you want some feedback, just share the config:
/export file=anynameyoulike
Remove serial and any other private info.
by erlinden
Fri Aug 02, 2024 11:23 pm
Forum: General
Topic: Hello, please help. DHCP Issues.
Replies: 1
Views: 502

Re: Hello, please help. DHCP Issues.

From your config: /interface wireless security-profiles set [ find default=yes ] supplicant-identity=MikroTik add authentication-types=wpa-psk,wpa2-psk management-protection=allowed mode=\ dynamic-keys name=profile1 supplicant-identity=MikroTik Either remove wpa-psk or don't set any security. /inter...
by erlinden
Fri Aug 02, 2024 11:06 am
Forum: Wireless Networking
Topic: CAPSMAN issues managing many existing configured CAP-AC
Replies: 1
Views: 475

Re: CAPSMAN issues managing many existing configured CAP-AC

Looks like VLAN filtering is not enabled on the bridge. From the documentation: https://help.mikrotik.com/docs/pages/viewpage.action?pageId=46759946#WifiWave2(7.12andolder)-CAPsMAN-CAPVLANconfigurationexample: Here there is a distinction between 2.4GHz and 5GHz. Can you try to do the same? Are the S...
by erlinden
Tue Jul 30, 2024 10:52 am
Forum: Wireless Networking
Topic: hAP ax3 wireless problem [SOLVED]
Replies: 174
Views: 35079

Re: hAP ax3 wireless problem [SOLVED]

I hope the manufacturer will be able to fix all the errors and shortcomings of hAP ax3 with updates.
That would involve the users as well 8)

If you want some feedback, just share the config:
/export file=anynameyoulike
Remove serial and any other private info.
by erlinden
Tue Jul 30, 2024 10:49 am
Forum: General
Topic: how to identify which ip is infected and being used for a DDoS? [SOLVED]
Replies: 16
Views: 2386

Re: how to identify which ip is infected and being used for a DDoS? [SOLVED]

Turn it off and see if you can open the /ip/firewall/connections tab. That should be a good indication.
by erlinden
Tue Jul 30, 2024 10:47 am
Forum: Beginner Basics
Topic: Wi-Fi connection randomly drops, then reconnects in seconds [SOLVED]
Replies: 21
Views: 2212

Re: Wi-Fi connection randomly drops, then reconnects in seconds [SOLVED]

so it's unlikely that I misconfigured something. What could be the problem? What are some ways to troubleshoot this issue? By default WPA2 and WPA3 are enabled. That gave me a lot of problems. To troubleshoot (together with you): What RouterOS version are you running? Can you share the config? /exp...
by erlinden
Mon Jul 29, 2024 5:39 pm
Forum: Beginner Basics
Topic: Just installed and having troubles with DNS
Replies: 2
Views: 671

Re: Just installed and having troubles with DNS

/ip pool add name=default-dhcp ranges=192.168.88.10-192.168.88.254 /ip address add address=192.168.1.11/24 comment=defconf interface=bridge network=192.168.1.0 /ip dhcp-server network add address=192.168.0.0/24 comment=defconf dns-server=192.168.0.99 gateway=192.168.0.99 netmask=24 Looks like three...
by erlinden
Sun Jul 28, 2024 10:21 am
Forum: Announcements
Topic: v7.16beta [testing] is released!
Replies: 288
Views: 115928

Re: v7.16beta [testing] is released!

if u want to get to the trouble, then use the new CapsMan
Can you eleborate this? I'm onto the beta in my home environment (I know, just a small network). Haven't had any strange CAPsMAN things, at least for me it is working not any less stable than the stable version.
by erlinden
Fri Jul 26, 2024 3:25 pm
Forum: Wireless Networking
Topic: Netbox 5 AX Frequency Settings
Replies: 4
Views: 613

Re: Netbox 5 AX Frequency Settings

To use all frequencies, just buy another 10 (or something) Netboxes. Or understand how wifi is working.
Furthermore, why don't you want to set a country?
by erlinden
Fri Jul 26, 2024 3:15 pm
Forum: Wireless Networking
Topic: disconnecting wifi clients
Replies: 4
Views: 573

Re: disconnecting wifi clients

Are there more clients suffering from this?

You could add wireless debug logging to get some additional information.
Besides, can you perhaps share your config:
/export file=anynameyoulike
Remove serial and any other private info.
by erlinden
Thu Jul 25, 2024 7:33 pm
Forum: General
Topic: DoH certificate handshake failed (Quad9)
Replies: 7
Views: 782

Re: DoH certificate handshake failed (Quad9)

Could it be that the imported certificate is expired or renewed?
by erlinden
Thu Jul 25, 2024 7:10 pm
Forum: General
Topic: DoH certificate handshake failed (Quad9)
Replies: 7
Views: 782

Re: DoH certificate handshake failed (Quad9)

If you want to check "Verify DoH Certificate" (which you obviously do), you hwave to make sure the MikroTik has the Root CA installed.

Check this blog that explains the steps to get it to work:
https://www.shellhacks.com/mikrotik-dns ... loudflare/
by erlinden
Tue Jul 23, 2024 7:46 pm
Forum: Wireless Networking
Topic: 7.15.x CAPsMAN Setup
Replies: 32
Views: 3420

Re: 7.15.x CAPsMAN Setup

At least reset the accesspoint to CAPS Mode. Do you see any radios on /wifi/radios (that is on the CAPsMAN)?

Currently on smartphone, going through the config isn't easy.
by erlinden
Mon Jul 22, 2024 11:41 am
Forum: Beginner Basics
Topic: Allow Outgoing UDP TCP connections
Replies: 1
Views: 334

Re: Allow Outgoing UDP TCP connections

In a default situation the router won't block this (any) traffic outgoing.
Can you share your config (at least the /ip/firewall part)?
/ip/firewall export

or

/export file=anynameyoulike
Are you using LTE? Could be that the provider is blocking the traffic.
by erlinden
Sun Jul 21, 2024 11:58 pm
Forum: Beginner Basics
Topic: DNS issue hAP ax3 [SOLVED]
Replies: 2
Views: 1399

Re: DNS issue hAP ax3 [SOLVED]

Looks like the DNS server is disabled. To turn it on:
/ip dns
set allow-remote-requests=yes
by erlinden
Sun Jul 21, 2024 6:10 pm
Forum: Announcements
Topic: v7.15.3 [stable] is released!
Replies: 644
Views: 219272

Re: v7.15 [stable] is released!

I was also getting the script error in my logs after upgrading to 7.15. "executing script from scheduler failed, please check it manually" The solution was to replace the word "system" with "routeros" Old - :set Var1 "$[/system package get system version]" Ne...
by erlinden
Sun Jul 21, 2024 6:02 pm
Forum: RouterBOARD hardware
Topic: wAP ac (RBwAPG-5HacT2HnD) rebooting every 10 seconds
Replies: 3
Views: 594

Re: wAP ac (RBwAPG-5HacT2HnD) rebooting every 10 seconds

Either get a new wAP ac or, if time wouldn't be of an issue, wait for a wAP ax.
by erlinden
Sun Jul 21, 2024 3:10 pm
Forum: General
Topic: MikroTik hAP ac2 cant login
Replies: 4
Views: 501

Re: MikroTik hAP ac2 cant login

Assuming you are using the wifi-qcom-ac driver:
https://help.mikrotik.com/docs/display/ROS/WiFi
by erlinden
Sat Jul 20, 2024 8:29 pm
Forum: Wireless Networking
Topic: The most arduous access point ever: hAP ax³
Replies: 48
Views: 2616

Re: The most arduous access point ever: hAP ax³

Use wpa2-aes only for the time being. And only ccmp. And turn on debug logging on wifi to get some more insights.
by erlinden
Sun Jul 14, 2024 10:52 am
Forum: Wireless Networking
Topic: wifi-qcom-ac package for wAP ac (mipsbe) [SOLVED]
Replies: 2
Views: 1764

Re: wifi-qcom-ac package for wAP ac (mipsbe) [SOLVED]

Wifi-qcom-ac is only supported on ARM devices.
by erlinden
Thu Jul 11, 2024 1:29 pm
Forum: Scripting
Topic: Routing rules for dynamic IP addresses
Replies: 16
Views: 3802

Re: Routing rules for dynamic IP addresses

I use address list, create a list (i.e. WAN-IP) and add the address (blahblah.sn.mynetname.net).
Then you can refer to the address list (with its name).
by erlinden
Thu Jul 11, 2024 10:52 am
Forum: General
Topic: Could not resolve dns name [SOLVED]
Replies: 5
Views: 1630

Re: Could not resolve dns name [SOLVED]

Does the switch have an IP address, gateway and access to the Internet?
Can you ping router/public DNS server?
by erlinden
Wed Jul 10, 2024 6:04 pm
Forum: The User Manager
Topic: cannot login to user manager
Replies: 3
Views: 714

Re: cannot login to user manager

Are there any files that remained on the filesystem? You might need to delete them manually.
Or better...netinstall it with the latest v6 LTS (currently 6.49.13)
by erlinden
Wed Jul 10, 2024 5:33 pm
Forum: Beginner Basics
Topic: Am I being port scanned?
Replies: 9
Views: 785

Re: Am I being port scanned?

If you are worried with security, you might want to reconsider this:
/ip upnp
set enabled=yes
/ip upnp interfaces
add interface=ether1 type=external
Ports are scanned, up to you if you want to have it logged...or not.
by erlinden
Wed Jul 10, 2024 5:13 pm
Forum: Beginner Basics
Topic: Am I being port scanned?
Replies: 9
Views: 785

Re: Am I being port scanned?

Also wanted to know why (default mikrotik rules) drop all not incoming from LAN supersede drop from wan not dstnated? It does not matter what order are they in, drop not dstnated is just not working. I also have hairpin NAT, might that be a problem? There is a difference between the input chain (ac...
by erlinden
Wed Jul 10, 2024 9:37 am
Forum: General
Topic: cache full, not storing since 7.14
Replies: 28
Views: 9033

Re: cache full, not storing since 7.14

Cache size is configurable, you might want to increase the memory (if you haven't tried already?):
/ip dns
set cache-size=20480KiB
by erlinden
Tue Jul 09, 2024 9:41 am
Forum: Announcements
Topic: v7.15.3 [stable] is released!
Replies: 644
Views: 219272

Re: v7.15.2 [stable] is released!

Something is wrong with the initial scan for 5 GHz. Every time at boot, the frequency is set to 5500 on all APs. This does not happen for 2.4 GHz where APs receive different frequencies. That is something that is bothering me as well. This frequency is checked for 1 min before used, hence this situ...
by erlinden
Tue Jul 09, 2024 9:37 am
Forum: Wireless Networking
Topic: wlan1: failed to select channel
Replies: 3
Views: 967

Re: wlan1: failed to select channel

/interface wireless security-profiles set [ find default=yes ] supplicant-identity=MikroTik add authentication-types=wpa-psk,wpa2-psk,wpa-eap,wpa2-eap eap-methods="" \ group-ciphers=tkip,aes-ccm management-protection=allowed mode=dynamic-keys \ name=kokoriko supplicant-identity="&quo...
by erlinden
Mon Jul 08, 2024 5:40 pm
Forum: Wireless Networking
Topic: Capsman: AP Behavior on very basic config
Replies: 7
Views: 729

Re: Capsman: AP Behavior on very basic config

/caps-man channel add band=2ghz-b/g/n name=2g4 Does the above really make sense to you? All you do here is set the band, not the channels. Ie, you wnat to set: frequency=2412,2437,2462 I never use auto, I want to decide which frequency gets used. How do you handle this, a config per radio? How do y...
by erlinden
Mon Jul 08, 2024 2:41 pm
Forum: Wireless Networking
Topic: cap ax3 unable to connect to cap manager on RB751G
Replies: 8
Views: 699

Re: cap ax3 unable to connect to cap manager on RB751G

can wifi capsman be run on a mipsbe device?
Sure (comes with 7.13 and up), but it won't be able to manage its own wireless interfaces.
by erlinden
Sat Jul 06, 2024 10:04 am
Forum: Wireless Networking
Topic: Roaming not working
Replies: 4
Views: 651

Re: Roaming not working

Good that you have found the forum! More interesting information can be found on YouTube (though there is a lot of garbage on it as well). Make sure to follow MikorTik and have a lok at this video:

https://www.youtube.com/watch?v=37aff6d14Xk
by erlinden
Fri Jul 05, 2024 4:25 pm
Forum: General
Topic: Internet suddenly stopped working for inner network - [SOLVED]
Replies: 11
Views: 2129

Re: Internet suddenly stopped working for inner network - [SOLVED]

I think in the end that is most important.

In regards to doing wrong...your firewall config has some space for improvement. Being polite on this.
In addition, are you sure you want to have port 22 available publically?
Who manages this router? This due to the fact it is running 7.6.
by erlinden
Fri Jul 05, 2024 1:49 pm
Forum: General
Topic: General ISP IP question.. [SOLVED]
Replies: 2
Views: 1203

Re: General ISP IP question.. [SOLVED]

The answer is either 42 or NAT.
by erlinden
Thu Jul 04, 2024 12:47 pm
Forum: Beginner Basics
Topic: New dns addlist functionality and it doesn't work - I'm not even mad.
Replies: 9
Views: 2221

Re: New dns addlist functionality and it doesn't work - I'm not even mad.

Hmm, methinks someone is upset Italy crashed out of the EuroCup! ;-) Canada wasn't part of it in the first place :lol: Too bad my RB760iGS isn't able to download the file due to too little flash memory. Does anyone have a solution to that? Apart from downloading it as file and load it from file, as...
by erlinden
Thu Jul 04, 2024 9:50 am
Forum: Wireless Networking
Topic: WiFi-qcom 7.15.2 auth-config not fully implemented
Replies: 1
Views: 563

Re: WiFi-qcom 7.15.2 auth-config not fully implemented

Can you share your (relevant part of the) config in a working and non working situation?

Something like:
/interface/wifi export
by erlinden
Wed Jul 03, 2024 4:10 pm
Forum: General
Topic: Configuring cAP AX connected to CRS328 [SOLVED]
Replies: 5
Views: 1393

Re: Configuring cAP AX connected to CRS328 [SOLVED]

Well, as long as the bridge doesn't have VLAN filtering enabled, this won't work.
Have a look at this great topic for all your VLAN questions (and answers):

viewtopic.php?t=143620
by erlinden
Wed Jul 03, 2024 4:03 pm
Forum: Wireless Networking
Topic: Trying to configure capsman for wifi 6 devices
Replies: 24
Views: 2371

Re: Trying to configure capsman for wifi 6 devices

Can you check wether both routeros and wifi-qcom packages are installed (/system/packages) on both cAP AX's?
If they are...can you share the export of both cAP AX's?
by erlinden
Wed Jul 03, 2024 2:09 pm
Forum: Beginner Basics
Topic: ISP provided static IP, how to setup?
Replies: 4
Views: 554

Re: ISP provided static IP, how to setup?

In that case, please share your current config. Then we can do a quick check. Especially the firewall would be interesting.
/export file=anynameyoulike
Remove serial and any other private info.
by erlinden
Wed Jul 03, 2024 11:36 am
Forum: Beginner Basics
Topic: Setup additional Mikrotik as Ap and Switch
Replies: 4
Views: 573

Re: Setup additional Mikrotik as Ap and Switch

I think by resetting B to CAPS Mode your problem will be solved.

If you post the current B config, we can know for sure:
/export file=anynameyoulike
Remove serial and any other private info.
by erlinden
Wed Jul 03, 2024 10:40 am
Forum: Beginner Basics
Topic: Using the router as DNS for the guest network
Replies: 23
Views: 1282

Re: Using the router as DNS for the guest network

Can you share your current config?
/export file=anynameyoulike
Remove serial and any other private info.
by erlinden
Tue Jul 02, 2024 2:29 pm
Forum: Beginner Basics
Topic: How to open ports?
Replies: 12
Views: 1329

Re: How to open ports?

And less expensive (but more time consuming):
https://help.mikrotik.com/docs/display/ ... forwarding

If that doesn't work, port your complete config without serial and any other priivate info and post it here:
/export file=anynameyoulike
by erlinden
Mon Jul 01, 2024 9:15 pm
Forum: Wireless Networking
Topic: CAPsMAN AP disconnect
Replies: 6
Views: 644

Re: CAPsMAN AP disconnect

Never mix country, in your case France and United States. Why did you specify two (instead of four) channels? Is there no interference? On a slave configuration you can't specify Country and Tx-Power, this is only set on the master radio/interface. @meiki, if you want to have fixed channels, there i...
by erlinden
Mon Jul 01, 2024 2:49 pm
Forum: Wireless Networking
Topic: sector client bandwidth test - fast upload - miserable download
Replies: 10
Views: 956

Re: sector client bandwidth test - fast upload - miserable download

How do you do bandwidth test? When using the builtin test, it will consume cpu power (and hence loose performance). In that case, better to use a tool like iPerf.

In regards to the antenna gain...just use the antenna gain. This will make sure that you remain within regulations.
by erlinden
Thu Jun 27, 2024 9:53 am
Forum: Announcements
Topic: v7.16beta [testing] is released!
Replies: 288
Views: 115928

Re: v7.16beta [testing] is released!

Thanks @holvoetn, will try this later today.

Update: Yes, this is indeed solving the issue I had.
by erlinden
Thu Jun 27, 2024 9:18 am
Forum: General
Topic: RB4011 + GPON
Replies: 2
Views: 363

Re: RB4011 + GPON

It depends (as always...).

Does your ISP support this?
Does your ISP use AON or XGS-PON? Both are supported but the latter is more expensive.
by erlinden
Wed Jun 26, 2024 10:13 pm
Forum: Announcements
Topic: v7.16beta [testing] is released!
Replies: 288
Views: 115928

Re: v7.16beta [testing] is released!

I'm running into the "client was disconnected because could not assign vlan". Is this due to the fact I'm running hybrid (both wifi-qcom and wifi-qcom-ac? Didn't have this with an wifi-qcom-ac only environment. Yes, I'm using FT. Would setting ft-preserve-vlanid to yes make sense in this c...
by erlinden
Wed Jun 26, 2024 3:43 pm
Forum: General
Topic: Dynamic Isp dhcp address
Replies: 3
Views: 272

Re: Dynamic Isp dhcp address

Can you please share your config (hAP ax3):
/export file=anynameyoulike
Remove serial and any other private info and post in between code tags by using the </> button.
by erlinden
Wed Jun 26, 2024 11:41 am
Forum: General
Topic: Dynamic Isp dhcp address
Replies: 3
Views: 272

Re: Dynamic Isp dhcp address

This process should be automatic. Do you use a PPPoE connection, or is it standard DHCP?
Where is the RB connected to (and how)?
Are there any requirements from the ISP in regards to running your own router?
What ISP do you have?
by erlinden
Tue Jun 25, 2024 1:36 pm
Forum: Wireless Networking
Topic: Trouble Configuring CAPsMAN for Public Wi-Fi with VLAN on Mikrotik and Fortigate
Replies: 17
Views: 1513

Re: Trouble Configuring CAPsMAN for Public Wi-Fi with VLAN on Mikrotik and Fortigate

Just to summarize: Fortigate offers VLAN ID 3 for public Wi-Fi. Any other VLAN ID (or untagged) for anything else? That is offered to the RB5009, right? But there is no VLAN set on the WAN interface, right? You have to come up with a network diagram, showing all VLAN ID's and the Fortigate, RB5009 a...
by erlinden
Tue Jun 25, 2024 10:15 am
Forum: General
Topic: Weird Wifi connection
Replies: 4
Views: 383

Re: Weird Wifi connection

Can you also post the config of the cAP AX?
If you post it in between code tags (by using the </> button), it will become more readable.
by erlinden
Mon Jun 24, 2024 3:59 pm
Forum: Beginner Basics
Topic: Port Forwarding not working
Replies: 8
Views: 983

Re: Port Forwarding not working

add action=dst-nat chain=dstnat comment=NAT_To_Qbittorrent dst-address-list=PublicDNS dst-port=55111 log=yes protocol=tcp to-addresses=192.168.5.39 to-ports=8080 Is your PublicDNS indeed your public IP address? Which rule is logging the mentioned log entry? Is there anything responding on 192.168.5...
by erlinden
Mon Jun 24, 2024 1:19 pm
Forum: Beginner Basics
Topic: Port Forwarding not working
Replies: 8
Views: 983

Re: Port Forwarding not working

add action=drop chain=forward comment="defconf: drop all from WAN not DSTNATed" connection-nat-state=!dstnat connection-state=new in-interface=ether1 Because you are using a pppoe connection, your in-interface above is incorrect. Why was the connection-state added? It will probably work w...
by erlinden
Mon Jun 24, 2024 10:32 am
Forum: Wireless Networking
Topic: Trying to configure capsman for wifi 6 devices
Replies: 24
Views: 2371

Re: Trying to configure capsman for wifi 6 devices

In my opinion, the error(s) lies in the CAP. For example, it lacks configuration.manager=capsman on the wifi devices of the CAP. Please add it. Or, better, reset to CAP mode. Fully agree on this, reset the cAP ax's to CAPS Mode: https://help.mikrotik.com/docs/display/UM/cAP+ax or /system/reset conf...
by erlinden
Mon Jun 24, 2024 9:18 am
Forum: Wireless Networking
Topic: AX device won't show TX power in Wifi
Replies: 12
Views: 969

Re: AX device won't show TX power in Wifi

It is able with the new driver, have you added the Tx Power as column?
by erlinden
Fri Jun 21, 2024 8:43 am
Forum: General
Topic: cAPax - think and passion!
Replies: 24
Views: 1516

Re: cAPax - think and passion!

I don't know, but the conditions are the same, ~15m. distance and one wall. cAPac works at both frequencies better, achieving double and triple the data transfer!
Then I can make you a great offer: I'll trade my cAP ac's for your cAP AX's.
Everyone happy!

:-D
by erlinden
Fri Jun 21, 2024 8:25 am
Forum: Beginner Basics
Topic: Mikrotik Switch - How to bind to VLAN and make itself (e.g. webfig) accessible to devices connected to it? [SOLVED]
Replies: 4
Views: 1661

Re: Mikrotik Switch - How to bind to VLAN and make itself (e.g. webfig) accessible to devices connected to it? [SOLVED]

An export of the current attempt would be very helpfull:
/export file=anynameyoulike
Remove serial and any other private info.

Also add model number and version of RouterOS.

Your (anyones) VLAN reference (which should be obliged to read):
viewtopic.php?t=143620
by erlinden
Thu Jun 20, 2024 3:53 pm
Forum: General
Topic: cAPax - think and passion!
Replies: 24
Views: 1516

Re: cAPax - think and passion!

In addition to holvoetn great respons:

Specifically on the 2.4GHz radio, you want to use frequencies 2412, 2437 and 2462 and a channelwidth of 20MHz.
This will prefent interference as much as possible, but still be present.
by erlinden
Thu Jun 20, 2024 1:33 pm
Forum: Wireless Networking
Topic: WIfiWave2 capAC
Replies: 2
Views: 620

Re: WIfiWave2 capAC

For those interested: Hello dear people, I have a mixed environment cap AC, cap AC XL and cap AX. My Capsman runs on an RB5009, currently as Capsmanv1 and a CapsmanV2. All AX are integrated in v2 and work there without any problems. The AC and AC XL are still running in v1 because I have big problem...
by erlinden
Thu Jun 20, 2024 1:21 pm
Forum: General
Topic: CSR310-8G+2S+IN dead on arrival?
Replies: 2
Views: 282

Re: CSR310-8G+2S+IN dead on arrival?

You pressed the reset button before power is applied? Hold this button during boot time until the user LED light starts flashing, and release the button to reset the RouterOS configuration. Keep holding the button for 5 more seconds or until the user LED turns off, then release it to make the Router...
by erlinden
Thu Jun 20, 2024 1:18 pm
Forum: Wireless Networking
Topic: WiFi repeater
Replies: 4
Views: 953

Re: WiFi repeater

Connect the two with cable and let CAPsMAN do its magic:
https://help.mikrotik.com/docs/display/ ... ionexample:

If the backbone has to be wireless, let one wifi interface work as station:
https://help.mikrotik.com/docs/display/ROS/WiFi (and search for station)
by erlinden
Thu Jun 20, 2024 9:47 am
Forum: General
Topic: cAPax - think and passion!
Replies: 24
Views: 1516

Re: cAPax - think and passion!

Seems there is a huge missmatch in experience between users.
Can you please show how you did configure the cAP AX, @JohnTRIVOLTA?
by erlinden
Wed Jun 19, 2024 6:11 pm
Forum: General
Topic: Too tight firewall rules? I'm lost!
Replies: 15
Views: 1517

Re: Too tight firewall rules? I'm lost!

Can you please post an export instead of a print?
/ip/firewall export
by erlinden
Wed Jun 19, 2024 6:09 pm
Forum: Wireless Networking
Topic: MikroTik hap ac lite slow wireless speed
Replies: 8
Views: 1052

Re: MikroTik hap ac lite slow wireless speed

Also set country code on both wifi interfaces.
by erlinden
Wed Jun 19, 2024 10:00 am
Forum: Wireless Networking
Topic: Capsman, ip from bridge before take from vlan
Replies: 7
Views: 1606

Re: Capsman, ip from bridge before take from vlan

Check the documentation and have a very good look at the "CAP using "wifi-qcom" package:" part: https://help.mikrotik.com/docs/display/ROS/WiFi#WiFi-CAPsMAN-CAPVLANconfigurationexample: /interface bridge add name=bridgeLocal /interface wifi datapath add bridge=bridgeLocal comment...
by erlinden
Wed Jun 19, 2024 9:58 am
Forum: Wireless Networking
Topic: CAPSMan with RB4011 and hAPax3
Replies: 2
Views: 527

Re: CAPSMan with RB4011 and hAPax3

No need for wireless package on the CAPsMAN. Make sure you are running 7.15.1 on all devices and configure through the wifi menu item. Make sure that the CAPses are in CAPS Mode (/system/reset configuration and check CAPS Mode). Here is the documentation: https://help.mikrotik.com/docs/display/ROS/W...
by erlinden
Wed Jun 19, 2024 9:54 am
Forum: Wireless Networking
Topic: WiFiWave2 Setup Help [SOLVED]
Replies: 2
Views: 1375

Re: WiFiWave2 Setup Help [SOLVED]

hAP ac lite is MIPSBE architecture. Indeed not possible to run wifiwave2.
by erlinden
Tue Jun 18, 2024 4:47 pm
Forum: Wireless Networking
Topic: WIFI Wave2 WPA2/WPA3
Replies: 11
Views: 9343

Re: WIFI Wave2 WPA2/WPA3

Turn on wireless debug logging, perhaps that will give you some insights.
by erlinden
Tue Jun 18, 2024 3:40 pm
Forum: Wireless Networking
Topic: Capsman, ip from bridge before take from vlan
Replies: 7
Views: 1606

Re: Capsman, ip from bridge before take from vlan

First thing I notice is that there is no VLAN filtering active on the CAPs bridge. Besides, there is a lot of non CAP config. What hardware do you use as CAP?
by erlinden
Tue Jun 18, 2024 12:24 pm
Forum: General
Topic: share wifi for mobile
Replies: 4
Views: 438

Re: share wifi for mobile

SXT 5 is a low cost, high transmit power 5GHz outdoor wireless device. SXT 5 can be used for point to point links or as a CPE for point to multipoint installations.
Think you are better of with an accesspoint:
https://mikrotik.com/products/group/wir ... and-office
by erlinden
Tue Jun 18, 2024 8:28 am
Forum: Wireless Networking
Topic: Capsman, ip from bridge before take from vlan
Replies: 7
Views: 1606

Re: Capsman, ip from bridge before take from vlan

By opening a new topic you did the first step.
Now, add some relevant information (export from CAPsMAN and CAP) to give us a clue:
/export file=anynameyoullike
Remove serial and any other private information.
by erlinden
Mon Jun 17, 2024 2:35 pm
Forum: General
Topic: Access to Mikrotik from wireguard peer
Replies: 6
Views: 435

Re: Access to Mikrotik from wireguard peer

Am I introducing any security issue with such solution?
That depends. Do you want all Wireguard peers to be able to connect to your router?
Why Wireguard not added to LAN by default?
Well...because that would be a very stupid default.
by erlinden
Mon Jun 17, 2024 1:19 pm
Forum: General
Topic: Multiple CAP radios causing problems for legacy devices?
Replies: 12
Views: 869

Re: Multiple CAP radios causing problems for legacy devices?

Are the radios using the same frequency?
by erlinden
Mon Jun 17, 2024 1:05 pm
Forum: General
Topic: Access to Mikrotik from wireguard peer
Replies: 6
Views: 435

Re: Access to Mikrotik from wireguard peer

Sounds like your firewall is blocking this traffic (which it should). Have you added the Wireguard interface to the LAN Interface List? Assuming you are using this Interface List in the firewall? Otherwise, please share your config: /export file=anynameyoulike Remove serial and any other private inf...
by erlinden
Mon Jun 17, 2024 10:29 am
Forum: General
Topic: Multiple CAP radios causing problems for legacy devices?
Replies: 12
Views: 869

Re: Multiple CAP radios causing problems for legacy devices?

I have both WPA2 PSK and WPA3 PSK enabled. What can be the problem here? Why? I ran into problems (with Apple) and decided to stick to WPA2-PSK only. I you enable wireless debug logging, you might get some additional information. Meanwhile, can you please share your config (/interface/wifi export)?
by erlinden
Sat Jun 15, 2024 9:29 am
Forum: Announcements
Topic: v7.15.3 [stable] is released!
Replies: 644
Views: 219272

Re: Upgrade Problems

Did anybody had a similar issue with this upgrade step?
Dude never worked for me (errors about incorrect files), upgrade through CAPsMAN works like a charm.

Sure that the path is correct and that the files are indeed in the correct folder?
by erlinden
Fri Jun 14, 2024 4:48 pm
Forum: Beginner Basics
Topic: Cap XL ac (no network) [SOLVED]
Replies: 16
Views: 2403

Re: Cap XL ac (no network) [SOLVED]

How did you power the cap?
by erlinden
Thu Jun 13, 2024 10:32 pm
Forum: General
Topic: Two Mikrotik wifi-lan sites in one subject
Replies: 2
Views: 308

Re: Two Mikrotik wifi-lan sites in one subject

Site-2-site VPN using i.e. Wireguard where all internet traffic is via VPN routed through one router. Something like that!?
by erlinden
Thu Jun 13, 2024 5:34 pm
Forum: Wireless Networking
Topic: Stuck with new wifi-"capsman"
Replies: 37
Views: 3426

Re: Stuck with new wifi-"capsman"

DHCP and Apple...could be lease time. Would help if you share the latest complete config of the device(s) running DHCP server and CAPsMAN.
Or combined WPA2-PSK and WPA3-PSK.

Yes...been there, done that.
by erlinden
Thu Jun 13, 2024 3:33 pm
Forum: General
Topic: Native vlan
Replies: 4
Views: 470

Re: Native vlan

You might want to consider not using VLAN ID 1.
Have a look at this topic with lots of explanation and examples:
viewtopic.php?t=143620
by erlinden
Thu Jun 13, 2024 3:10 pm
Forum: Wireless Networking
Topic: Stuck with new wifi-"capsman"
Replies: 37
Views: 3426

Re: Stuck with new wifi-"capsman"

really, this is not ready, mikrotik... I can assure you, based upon my experience, that it can be stable as rock. And that it has an incredible amount of options that can be (mis)configured. If you run into connection problems, there seems to be "something" that is interfering with your n...
by erlinden
Thu Jun 13, 2024 1:11 pm
Forum: Beginner Basics
Topic: ISP Bridge Mode cause issue on RB5009 [SOLVED]
Replies: 21
Views: 2510

Re: ISP Bridge Mode cause issue on RB5009 [SOLVED]

(to address or to port is mandatory for src-nat, so i couldn't apply this rule) That is new to me...the default rule is: /ip firewall nat add action=masquerade chain=srcnat out-interface-list=WAN Can you export a complete config? /export file=anynameyoulike Make sure to remove serial and any other ...
by erlinden
Thu Jun 13, 2024 11:32 am
Forum: General
Topic: Firewall doesn't drop new connections in forward (or did I do something wrong?)
Replies: 16
Views: 2367

Re: Firewall doesn't drop new connections in forward (or did I do something wrong?)

Can you use the export instead of print (to make it read friendly)?
/ip/firewall export
by erlinden
Thu Jun 13, 2024 11:29 am
Forum: Beginner Basics
Topic: ISP Bridge Mode cause issue on RB5009 [SOLVED]
Replies: 21
Views: 2510

Re: ISP Bridge Mode cause issue on RB5009 [SOLVED]

I would expect your client to use 10.0.0.1 as DNS server (as specified in /ip dhcp-server network). Why is it showing 9.9.9.9? Can you perform nslookup forum.mikrotik.com ? Can you post an ipconfig /all from this client? Can you also post a tracert 9.9.9.9 from this client? Assuming the client is a ...
by erlinden
Wed Jun 12, 2024 3:00 pm
Forum: Beginner Basics
Topic: ISP modem in bridge mode no internet coming from router
Replies: 5
Views: 742

Re: ISP modem in bridge mode no internet coming from router

I know that sometimes you have to wait some time befor you get an IP address behind a cable modem. What you can try is duplicate the MAC address of a working device to your MikroTik. Or just turn off the modem for 5 minutes, and (while the MikroTik is connected) turn the modem back on.
by erlinden
Wed Jun 12, 2024 2:04 pm
Forum: Wireless Networking
Topic: Upgrading CAP ax [SOLVED]
Replies: 5
Views: 1748

Re: Upgrading CAP ax [SOLVED]

Looks fine, might need to remove the backslash at the end:
/packages
by erlinden
Wed Jun 12, 2024 11:14 am
Forum: Wireless Networking
Topic: Stuck with new wifi-"capsman"
Replies: 37
Views: 3426

Re: Stuck with new wifi-"capsman"

HAP AX^3 Can you follow this link by the letter to see if you get it to work: https://youtu.be/37aff6d14Xk?feature=shared ok, so we can say, it doesn't make a difference if the capsman has its own wireless integrated, or, like my situation, the capsman is a vm with just 2 ethernetports and no own w...
by erlinden
Wed Jun 12, 2024 10:24 am
Forum: Wireless Networking
Topic: Stuck with new wifi-"capsman"
Replies: 37
Views: 3426

Re: Stuck with new wifi-"capsman"

Did you do this manually on the CAPsMAN?
/interface wifi
add name=cap-wifi1 radio-mac=D4:01:C3:94:99:A2
add name=cap-wifi2 radio-mac=D4:01:C3:94:99:A1
by erlinden
Wed Jun 12, 2024 10:04 am
Forum: Wireless Networking
Topic: Stuck with new wifi-"capsman"
Replies: 37
Views: 3426

Re: Stuck with new wifi-"capsman"

Can you please do a standard export instead of verbose?
by erlinden
Wed Jun 12, 2024 9:41 am
Forum: Beginner Basics
Topic: Config Thoughts?
Replies: 5
Views: 994

Re: Verify my Firewall Config

Hi anav, thanks for your reply, I've updated the OP with the details you requested, thank you.
If you can put code tags around the config, it is more readable. Use the </> button to establish in the editor.
by erlinden
Wed Jun 12, 2024 9:39 am
Forum: Wireless Networking
Topic: Stuck with new wifi-"capsman"
Replies: 37
Views: 3426

Re: Stuck with new wifi-"capsman"

Tha CAPs config isn't complete, did you remove anything from it? If not, please reset the device to CAPS Mode (/system/reset configuration). Otherwise, please post full config. In regards to your server, start from a bare minimum: #create a security profile /interface wifi security add authenticatio...
by erlinden
Wed Jun 12, 2024 9:27 am
Forum: Wireless Networking
Topic: Migrating from CapsMan to wifi-CapsMan
Replies: 13
Views: 1734

Re: Migrating from CapsMan to wifi-CapsMan

Any further hints what we can look for?
Think you did the right thing:
viewtopic.php?t=208360
by erlinden
Tue Jun 11, 2024 6:21 pm
Forum: General
Topic: v. 7.14.3 - 7.15RC3 - 7.15RC4 router was rebooted without proper shutdown, probably kernel failure
Replies: 29
Views: 2999

Re: v. 7.14.3 - 7.15RC3 - 7.15RC4 router was rebooted without proper shutdown, probably kernel failure

Did you use its powersupply? Or was the powersupply the only thing that remained the same.
by erlinden
Tue Jun 11, 2024 5:43 pm
Forum: General
Topic: hAP-AC2 convert to Legacy Wireless?
Replies: 6
Views: 862

Re: hAP-AC2 convert to Legacy Wireless?

Check what "Factory Firmware" version is shown at /system/routerboard.
If that starts with 6.4x you can just install the latest 6.x LTS (which is currently 6.49.13).

When done, you get identical menu.

Other option is to upgrade both devices to 7.12.1 and enjoy the new menu.
by erlinden
Tue Jun 11, 2024 5:36 pm
Forum: Beginner Basics
Topic: Web server not accessible with Wireguard
Replies: 2
Views: 1151

Re: Web server not accessible with Wireguard

Think the DNS name is resolved to its public IP address. Correct?

In that case you have to use hairpin nat/nat loopback:
https://help.mikrotik.com/docs/display/ ... HairpinNAT
While you are at it, also do a sanity check on your current firewall...it has some room for improvement!
by erlinden
Tue Jun 11, 2024 10:31 am
Forum: Wireless Networking
Topic: Migrating from CapsMan to wifi-CapsMan
Replies: 13
Views: 1734

Re: Migrating from CapsMan to wifi-CapsMan

I would suggest resetting your CAP to CAPS Mode (/System/Reset Configuration), there are a couple of unnecessary items which could interfere.
by erlinden
Mon Jun 10, 2024 8:14 pm
Forum: Beginner Basics
Topic: Mixed Capsman
Replies: 3
Views: 490

Re: Mixed Capsman

You would run two instances of CAPsMAN, both wireless and wifi.
by erlinden
Mon Jun 10, 2024 9:49 am
Forum: Wireless Networking
Topic: Extreme low TX Power for HAP AX3 2.4G Band
Replies: 5
Views: 861

Re: Extreme low TX Power for HAP AX3 2.4G Band

At least you have to have both radios use the same country code. What TX power are you expecting? Sure you want to use 40MHz bandwidth (which is decreasing the power that can be used in the frequency band you use? Isn't this the maximum due to regulations? I know there is a command that shows maximu...
by erlinden
Sat Jun 08, 2024 12:55 pm
Forum: General
Topic: Upgrading Switches using CAPSMAN
Replies: 3
Views: 647

Re: Upgrading Switches using CAPSMAN

Dude...use Dude :D
by erlinden
Sat Jun 08, 2024 9:14 am
Forum: Wireless Networking
Topic: Mesh vs. Separate APs (yet another handoff discussion) [SOLVED]
Replies: 5
Views: 2505

Re: Mesh vs. Separate APs (yet another handoff discussion) [SOLVED]

What hardware are you using? To get the 802.11 k/r/v, you need to run the wifi wave2 drivers. And use CAPsMAN.
by erlinden
Thu Jun 06, 2024 4:47 pm
Forum: SwOS
Topic: Can't access CSS106 connected through SFP
Replies: 1
Views: 698

Re: Can't access CSS106 connected through SFP

Set a fixed IP address (same network as the CSS) on the computer and connect with Winbox on the default IP address of the CSS.
by erlinden
Thu Jun 06, 2024 4:04 pm
Forum: General
Topic: hap ax3 random wireless disconnects
Replies: 75
Views: 7055

Re: hap ax3 random wireless disconnects

Winbox (and terminal) will show with what rates devices are connected. That will indicate the protocol used (866 for ac, 1200 for ax). Adding a new config is not much of work (you can disable current if you want). Then you can be sure all settings are correct. But setting it to default manually will...
by erlinden
Thu Jun 06, 2024 1:27 pm
Forum: General
Topic: hap ax3 random wireless disconnects
Replies: 75
Views: 7055

Re: hap ax3 random wireless disconnects

Strange, as the MikroTik is supplying and the laptop is capable. Have you checked with an app like Wifi Analyzer?
I also notice you use "disable-pmkid=yes", can you start again from the basic configuration (disable current /interface wifi configuration and add a new one)?
by erlinden
Thu Jun 06, 2024 12:41 pm
Forum: General
Topic: hap ax3 random wireless disconnects
Replies: 75
Views: 7055

Re: hap ax3 random wireless disconnects

What exact wireless card is in the laptop?
by erlinden
Thu Jun 06, 2024 12:16 pm
Forum: General
Topic: Microsoft Teams call doesn't work randomly.
Replies: 6
Views: 838

Re: Microsoft Teams call doesn't work randomly.

Think everyone is looking forward to your config :D
Can you please share:
/export file=anynameyoulike
Remove serial and any other private information
by erlinden
Thu Jun 06, 2024 12:09 pm
Forum: General
Topic: hap ax3 random wireless disconnects
Replies: 75
Views: 7055

Re: hap ax3 random wireless disconnects

The antenna gain is incorrect, it should be 5 or 6 (in the manual it shows 5.5). Don't know what the default is, at least it is not 0.
by erlinden
Thu Jun 06, 2024 11:37 am
Forum: Announcements
Topic: v7.15.3 [stable] is released!
Replies: 644
Views: 219272

Re: v7.15 [stable] is released!

Could you give 40MHz bandwidth a try, @Smoerrebroed. Specifically on the 5GHz radio.
I have had lots of different brands (Cisco, Netgear, Ubiquiti, Grandstream and others) and was only able to have a completely stable connection when using 40MHz bandwidth.
by erlinden
Thu Jun 06, 2024 10:57 am
Forum: General
Topic: HAP AX2 spotted in the wild
Replies: 4
Views: 422

Re: HAP AX2 spotted in the wild

Pics or It Didn't Happen 8)
by erlinden
Thu Jun 06, 2024 10:43 am
Forum: General
Topic: Wireguard not start
Replies: 9
Views: 773

Re: Wireguard not start

Can you share this info (just remove the keys and public IP):
/interface/wireguard
by erlinden
Thu Jun 06, 2024 9:42 am
Forum: General
Topic: The hAP ax3 router does not start after a power failure.
Replies: 1
Views: 296

Re: The hAP ax3 router does not start after a power failure.

How is the hAP powered?
What do you mean by pins 4-5?
by erlinden
Wed Jun 05, 2024 3:24 pm
Forum: Wireless Networking
Topic: Capsman and iPhone 15 problem
Replies: 9
Views: 1123

Re: Capsman and iPhone 15 problem

Understood. Please advise which settings will work correctly with the iPhone 15,
Default will do just fine.
Have you seen my other comments?
by erlinden
Wed Jun 05, 2024 3:05 pm
Forum: Wireless Networking
Topic: Capsman and iPhone 15 problem
Replies: 9
Views: 1123

Re: Capsman and iPhone 15 problem

As far as I understand, I need to remove control-channel-width and see if it helps?
Actually, this is the extension-channel setting.
https://wiki.mikrotik.com/wiki/Manual:C ... n_Profiles
by erlinden
Wed Jun 05, 2024 9:53 am
Forum: Wireless Networking
Topic: Capsman and iPhone 15 problem
Replies: 9
Views: 1123

Re: Capsman and iPhone 15 problem

Assuming you have more than one CAP: make sure all CAPs have non overlapping frequencies. On 2GHz radio you should never (there are exceptions) use extension channels. Best is to stick to 20MHz bandwidth (instead of 40MHz currently). At last, turn on wireless debug logging to get some more insights ...
by erlinden
Wed Jun 05, 2024 9:46 am
Forum: Wireless Networking
Topic: Extensive data loss on both 2.4 and 5Ghz HAP AC Lite
Replies: 3
Views: 2329

Re: Extensive data loss on both 2.4 and 5Ghz HAP AC Lite

You might want to set bandwidth explicitly. Can you perform a wifi scan?

Perhaps you can set the channel explicitly on the 5GHz radio?
Has the frequency set on the 2.4GHz radio the least interference?
by erlinden
Tue Jun 04, 2024 9:17 am
Forum: Wireless Networking
Topic: Wireless AX
Replies: 6
Views: 1006

Re: Wireless AX

Because other clients do work, it seems to have something to do with this specific computer. Can you remove the device from device manager (assuming you use Windows) and reinstall it? In addition, you might want to turn on wireless debug logging to see if any relevant messages are there. And, at las...
by erlinden
Mon Jun 03, 2024 5:36 pm
Forum: General
Topic: Wireguard DNS Not Working as Expected
Replies: 22
Views: 2573

Re: Wireguard DNS Not Working as Expected

In such a situation I tend to activate logging on my firewall (rules) to find out which is hit. Have you already checked the log?
by erlinden
Mon Jun 03, 2024 5:18 pm
Forum: Announcements
Topic: v7.15.3 [stable] is released!
Replies: 644
Views: 219272

Re: v7.15 [stable] is released!

I'm using this version since the rc came out...never had any problems with the DFS channels. Can you share your config, @Smoerrebroed?
by erlinden
Mon Jun 03, 2024 1:45 pm
Forum: Announcements
Topic: v7.15.3 [stable] is released!
Replies: 644
Views: 219272

Re: v7.15 [stable] is released!

Think your config is a bit messy, but not that strange @VadiKO. What you can try: - set encryption=ccmp on the for5G security settings - set authentication-types to wpa2-psk only (had some strange stuff going on with combined wpa2-psk and wpa3-psk) - set dtim-period (part of the configuration) to 3 ...
by erlinden
Mon Jun 03, 2024 10:58 am
Forum: Announcements
Topic: v7.15.3 [stable] is released!
Replies: 644
Views: 219272

Re: v7.15 [stable] is released!

Can you share your config (if you haven't done already), @VadiKO?
by erlinden
Sun May 26, 2024 12:05 pm
Forum: Wireless Networking
Topic: CAPsMAN create dynamic interface that can't be managed [SOLVED]
Replies: 4
Views: 1816

Re: CAPsMAN create dynamic interface that can't be managed [SOLVED]

Do you have two SSID's? How many interfaces are created on the other CAPs? What happens when you delete them and perform a reprovision?
by erlinden
Sun May 26, 2024 12:23 am
Forum: Wireless Networking
Topic: Cap XL
Replies: 4
Views: 816

Re: Cap XL

Set frequency manually
Give wifi-qcom-ac a try, that requires 7.13 and up.
by erlinden
Sat May 25, 2024 2:10 pm
Forum: Wireless Networking
Topic: Capsman Config for static frequency setting
Replies: 5
Views: 910

Re: Capsman Config for static frequency setting

Indeed, 3 provision rules with mac address filtering. Unfortunately CAPsMAN is, when it comes to frequency choosing, not real smart. All CAPs will choose after provisioning, at the same time. Hence choosing the same frequencies. I also come from Ubiquiti (and Grandstream) and will never return. Love...
  • 1
  • 2
  • 3
  • 4
  • 5
  • 8