Community discussions

MikroTik App

Search found 2422 matches

  • 1
  • 2
  • 3
  • 4
  • 5
  • 9
by erlinden
Thu Sep 19, 2024 1:16 pm
Forum: Wireless Networking
Topic: iOS 18 Wi-Fi connectivity issue
Replies: 56
Views: 1974

Re: iOS 18 Wi-Fi connectivity issue

Same iPhone, upgraded to iOS 18; nothing changed with WiFi on ax^3.
Then it might be helpfull to share your (wireless) config :D
/interface wifi export
Remove serial and any other private info.
by erlinden
Thu Sep 19, 2024 11:56 am
Forum: General
Topic: Samsung TV - wifi working, ethernet does not [SOLVED]
Replies: 5
Views: 287

Re: Samsung TV - wifi working, ethernet does not [SOLVED]

Does the TV get an IP address? Is the light of the port on?

The config would be helpfull:
/export file=anynameyoulike
Remove serial and any other private info.
by erlinden
Thu Sep 19, 2024 10:49 am
Forum: Wireless Networking
Topic: iOS 18 Wi-Fi connectivity issue
Replies: 56
Views: 1974

Re: iOS 18 Wi-Fi connectivity issue

I remember some Apple devices (at least in the past) could have issues with mixed languages on APs within the same SSID domain.
What do you mean with mixed languages?
by erlinden
Thu Sep 19, 2024 9:36 am
Forum: Beginner Basics
Topic: only 1 lan device via wireguard
Replies: 2
Views: 171

Re: only 1 lan device via wireguard

Have you added the wireguard interface to the LAN interface list?
Made any changes to the firewall (forward chain)?
by erlinden
Thu Sep 19, 2024 9:29 am
Forum: Wireless Networking
Topic: Wifi wave 2 capsman not working lik old capsman
Replies: 1
Views: 99

Re: Wifi wave 2 capsman not working lik old capsman

If you are referring to CAPsMAN forwarding mode, you are correct. From the documentation: "WifiWave2 CAPsMAN only passes wireless configuration to the CAP, all forwarding decisions are left to the CAP itself - there is no CAPsMAN forwarding mode." and "WiFi CAPsMAN only passes wireles...
by erlinden
Thu Sep 19, 2024 9:25 am
Forum: Wireless Networking
Topic: iOS 18 Wi-Fi connectivity issue
Replies: 56
Views: 1974

Re: iOS 18 Wi-Fi connectivity issue

I have had lots of problems when setting encryption to everything except TKIP (Android and Windows). Can you give it a try (assuming you use Winbox) by unselecting everything, and collaps the encryption part?
by erlinden
Wed Sep 18, 2024 4:49 pm
Forum: Wireless Networking
Topic: iOS 18 Wi-Fi connectivity issue
Replies: 56
Views: 1974

Re: iOS 18 Wi-Fi connectivity issue

Can someone point me to instructions for enabling wireless debug logging?
/system logging rules
Add Topics :debug & wireless, Actions: memory.

That's it.

Can you share the wireless part of the config? Just to check current settings.
by erlinden
Wed Sep 18, 2024 2:56 pm
Forum: Beginner Basics
Topic: Lost permisions on router
Replies: 11
Views: 447

Re: Lost permisions on router

Make an export if possible, that will help you reconfigure after netinstall.
by erlinden
Wed Sep 18, 2024 2:07 pm
Forum: Wireless Networking
Topic: CAPsMAN & CAP-AX Wireless issues
Replies: 10
Views: 420

Re: CAPsMAN & CAP-AX Wireless issues

Use fixed channels and lower their transmission power on the 2.4GHz radios .
Second best, add reselect-interval to let the radios periodically scan for best frequencies.
by erlinden
Wed Sep 18, 2024 9:38 am
Forum: Beginner Basics
Topic: Upgrading router, Wireguard not working
Replies: 4
Views: 241

Re: Upgrading router, Wireguard not working

The keys are useless in regards to the problem, but very usefull for unethical stuff.
by erlinden
Tue Sep 17, 2024 11:12 pm
Forum: Wireless Networking
Topic: CAPsMAN & CAP-AX Wireless issues
Replies: 10
Views: 420

Re: CAPsMAN & CAP-AX Wireless issues

Decrease to a max of 4 SSID's per radio.
by erlinden
Tue Sep 17, 2024 6:31 pm
Forum: Wireless Networking
Topic: CAPsMAN specific time connection [SOLVED]
Replies: 5
Views: 269

Re: CAPsMAN specific time connection [SOLVED]

No problem:

Use /system scheduler for the scheduling part and /sysstem/script for enabling/disabling the wifi interface.
by erlinden
Tue Sep 17, 2024 6:28 pm
Forum: General
Topic: Development of Wifi (qcom-ac) over Wireless
Replies: 9
Views: 434

Re: Development of Wifi (qcom-ac) over Wireless

Without a doubt...use the wifi-qcom-ac driver. I have zero problems with Android and FT (as well as WPA3, I just disabled WPA3 for the time being). It all comes to configuration, you might want to give us the opportunity to help you get it to work. /export show-sensitive file=anynameyoulike Remove s...
by erlinden
Tue Sep 17, 2024 11:02 am
Forum: Wireless Networking
Topic: Guide: CAPsMAN configuration with management VLAN (RouterOS 7.14.3)
Replies: 14
Views: 4330

Re: Guide: CAPsMAN configuration with management VLAN (RouterOS 7.14.3)

Thanks for this post! I switched my hybrid ports to trunk ports on all devices (router/switches/accesspoints). Ran into the problem that from time to time management IP addresses were assigned to mobile devices. Hope this improves my situation.
by erlinden
Mon Sep 16, 2024 11:48 am
Forum: Wireless Networking
Topic: Capsman loosing connection when connected through switch
Replies: 25
Views: 977

Re: Capsman loosing connection when connected through switch

Could it be roaming related? Do you have RSTP configured?
by erlinden
Mon Sep 16, 2024 11:31 am
Forum: Wireless Networking
Topic: Capsman loosing connection when connected through switch
Replies: 25
Views: 977

Re: Capsman loosing connection when connected through switch

One VLAN? What is the purpose of having a single VLAN?
Can you share the config?
/export file=anynameyoulike
Remove serial and any other private info and post between code tags by using the </> button.
by erlinden
Sun Sep 15, 2024 4:50 pm
Forum: Wireless Networking
Topic: capsman roaming
Replies: 1
Views: 238

Re: capsman roaming

Running both 5GHz radios on the same frequency is terrible for roaming. As well your 2.4GHz radios might transmit on the same frquency...

Next, accesslist rules I prefer to order as filter rules: specify what is accepted, block (reject) what isn't on the end of the chain.
by erlinden
Fri Sep 13, 2024 10:17 am
Forum: Wireless Networking
Topic: Queue Capsman
Replies: 3
Views: 263

Re: Queue Capsman

Get the export:
/export file=anynameyoulike
Remove serial and any other private info, post in between code tags by using the </> button.
by erlinden
Fri Sep 13, 2024 8:44 am
Forum: RouterBOARD hardware
Topic: RB5009 Port Lockup
Replies: 4
Views: 435

Re: RB5009 Port Lockup

The things I noticed is that you have two bridges, please remove bridge1-Public, it serves no purpose. Are you sure you want to have all ports on the same bridge? Could there be a loop in the network? Could you provide a network diagram? My first guess would be introducing spanning tree protocol: ht...
by erlinden
Thu Sep 12, 2024 5:42 pm
Forum: RouterBOARD hardware
Topic: RB5009 Port Lockup
Replies: 4
Views: 435

Re: RB5009 Port Lockup

Can you share the config, just to rule out anything on that part?
/export file=anynameyoulike
Remove serial and any other private info and post in between code tags by using the </> button.
by erlinden
Thu Sep 12, 2024 3:12 pm
Forum: General
Topic: VLANs unable to do DNS lookup [SOLVED]
Replies: 5
Views: 416

Re: VLANs unable to do DNS lookup [SOLVED]

You might want to change this: add action=drop chain=input comment="defconf: drop all not coming from LAN" in-interface-list=!LAN into: add action=accept chain=input comment="allow access from LAN" in-interface-list=LAN add action=accept chain=input comment="DNS from VLAN&qu...
by erlinden
Wed Sep 11, 2024 10:03 am
Forum: General
Topic: Adding a second /24 network troubles
Replies: 7
Views: 412

Re: Adding a second /24 network troubles

Any reason why you are not using 10.172.12.0/23 ?
by erlinden
Wed Sep 11, 2024 8:41 am
Forum: Beginner Basics
Topic: Connecting hAP ac3 and cAP ax - Setup Help Needed [SOLVED]
Replies: 2
Views: 301

Re: Connecting hAP ac3 and cAP ax - Setup Help Needed [SOLVED]

I would use CAPsMAN, that will give you the option to manage the network with one device. There are some thing to make it work great: Use latest stable, currently 7.15.3 Install wifi-qcom-ac on the hAP ac3 (instead of wireless package) Set the cAP ax into CAPS Mode Resources on this topic: https://m...
by erlinden
Wed Sep 11, 2024 8:29 am
Forum: General
Topic: Fixed IP for Switch Port
Replies: 2
Views: 258

Re: Fixed IP for Switch Port

Perhaps having a DHCP scope consisting of a single IP address can do this for you? Bind the DHCP server to this interface (port) and set a short lease time.
by erlinden
Tue Sep 10, 2024 6:06 pm
Forum: Beginner Basics
Topic: HAP AC3 as CapsMan for 2x HAP AX2
Replies: 5
Views: 344

Re: HAP AC3 as CapsMan for 2x HAP AX2

There is only one correct CAPsMAN version managing ax (wifi-qom) devices. This is part of RouterOS version 7.13 and up.
No need to install anything additional (like wifi-qcom-ac or wireless) for having CAPsMAN.
by erlinden
Tue Sep 10, 2024 2:42 pm
Forum: Beginner Basics
Topic: HAP AC3 as CapsMan for 2x HAP AX2
Replies: 5
Views: 344

Re: HAP AC3 as CapsMan for 2x HAP AX2

Very good combination, the wifi-qcom-ac is only beneficial if you need wireless on your hAP ac3. Otherwise, @infabo mentioned, you can uninstall it.
by erlinden
Tue Sep 10, 2024 11:36 am
Forum: General
Topic: How to stop/block pinging from outsider
Replies: 3
Views: 316

Re: How to stop/block pinging from outsider

If I recall correctly however, ping (ICMP) is allowed inbound by default. I prefer to block this via firewall rule.
Actually, ICMP traffic is accepted. It is used for more then ping only.
by erlinden
Tue Sep 10, 2024 10:22 am
Forum: General
Topic: IOT devices won't connect using VLAN [SOLVED]
Replies: 4
Views: 558

Re: IOT devices won't connect using VLAN [SOLVED]

I have found this: /interface bridge vlan add bridge=bridge comment=Gasten tagged=bridge vlan-ids=30 add bridge=bridge comment=IOT tagged=bridge vlan-ids=20 I would expect to see VLAN filtering on the port(s) as well. Currently the VLAN config is incomplete. Is there a trunk/hybrid port to the switc...
by erlinden
Tue Sep 10, 2024 8:57 am
Forum: Wireless Networking
Topic: Wifi core and repeaters config - Setup issue
Replies: 10
Views: 672

Re: Wifi core and repeaters config - Setup issue

For feedback or help, the config is required:
/export file=anynameyoulike
Remove serial and any other private info.

There is no option to run wired? Wireless backhaul is consuming a lot (at least halve) of your wireless bandwidth.
by erlinden
Mon Sep 09, 2024 4:24 pm
Forum: Wireless Networking
Topic: Capsman beginner help
Replies: 2
Views: 231

Re: Capsman beginner help

If you run the wifi-qcom-ac package on the cAP ac (instead of the wireless package) you should be fine. Here you can find the documentation: https://help.mikrotik.com/docs/display/ROS/WiFi#WiFi-CAPsMAN-CAPsimpleconfigurationexample: Could you add the ouput of this command as well? /interface/wifi ex...
by erlinden
Mon Sep 09, 2024 12:53 pm
Forum: Wireless Networking
Topic: CAPsMAN - Problem unable to see Radios
Replies: 3
Views: 419

Re: CAPsMAN - Problem unable to see Radios

I would like to advise you to reset the CAP to CAPS Mode:
https://help.mikrotik.com/docs/display/UM/cAP+XL+ac
by erlinden
Mon Sep 09, 2024 11:29 am
Forum: Beginner Basics
Topic: how to forward port for wireguard tunnel
Replies: 1
Views: 197

Re: how to forward port for wireguard tunnel

This explenation, which is part of the official MikroTik documentation, will explain exactely how to configure this setup:
https://help.mikrotik.com/docs/display/ ... uardtunnel
by erlinden
Thu Sep 05, 2024 3:57 pm
Forum: General
Topic: IOT devices won't connect using VLAN [SOLVED]
Replies: 4
Views: 558

Re: IOT devices won't connect using VLAN [SOLVED]

Can you share the config?
/export file=anynameyoulike
Remove serial and any other private info and post between code tags by using the </> button.
by erlinden
Wed Sep 04, 2024 5:17 pm
Forum: General
Topic: Mikrotik Vlan
Replies: 2
Views: 274

Re: Mikrotik Vlan

Can you share the config:
/export file=anynameyoulike
Remove serial and post between code tags by using the </> button.

Also, here is a great reference when it comes to VLAN:
viewtopic.php?t=143620
by erlinden
Wed Sep 04, 2024 4:05 pm
Forum: Wireless Networking
Topic: Slow WiFi [SOLVED]
Replies: 31
Views: 2353

Re: Slow WiFi [SOLVED]

If no VLAN's are involved, the D-Link will do just fine (assuming it has gigabit ports). The cAP ac does handle the wifi-qcom-ac pretty well (in my experience), though I red someone having out of memory problems (therefor a daily reboot was introduced). Haven't seen that problem myself (uptime over ...
by erlinden
Wed Sep 04, 2024 11:28 am
Forum: Wireless Networking
Topic: Legacy and new CAPsMan on the same x86 device
Replies: 6
Views: 846

Re: Legacy and new CAPsMan on the same x86 device

Can someone help?
Depends on how you want it to work exactly. Fyi, legacy supports CAPsMAN forwarding, wifi-qcom(-ac) doesn't.
by erlinden
Wed Sep 04, 2024 9:24 am
Forum: Beginner Basics
Topic: Email Spams problem due to malware in some device in the network
Replies: 3
Views: 375

Re: Email Spams problem due to malware in some device in the network

And how can i disable the port for everyone else
Add a drop rule on the forward chain that drops everything else:
add action=drop chain=forward
Make sure this rule is at the end of your rules.

I prefer the "allow specific traffic and drop everything else" way of thinking.
by erlinden
Tue Sep 03, 2024 5:38 pm
Forum: Beginner Basics
Topic: Email Spams problem due to malware in some device in the network
Replies: 3
Views: 375

Re: Email Spams problem due to malware in some device in the network

Allow on Source Address List, with dst port 587, protocol 6 (tcp), on the forward chain. This should be sufficient information...
by erlinden
Tue Sep 03, 2024 4:13 pm
Forum: Beginner Basics
Topic: Stuck in new setup
Replies: 6
Views: 781

Re: Stuck in new setup

Now I see...you don't want to have your IP address of the accesspoint in the same range as the office IP. Normally (I assumed because of the VLAN ID) you would have a management VLAN where you do the IP assignement of all hardware involved. To get it to work you can set the BAS_VLAN to ID 100. Not s...
by erlinden
Tue Sep 03, 2024 3:25 pm
Forum: Beginner Basics
Topic: Stuck in new setup
Replies: 6
Views: 781

Re: Stuck in new setup

Looks like MGT and CORP VLAN are messed up. I.e. the different network ranges are incorrect. Start with a basic setup and follow the topic by the letter. Then make changes as desired.

In regards to no access, are you using Winbox? Does it show up on discovery?
by erlinden
Tue Sep 03, 2024 8:44 am
Forum: General
Topic: netinstall ethernet port of hap ax3?
Replies: 4
Views: 416

Re: netinstall ethernet port of hap ax3?

Did you follow this wiki step by step?
https://wiki.mikrotik.com/wiki/Manual:Netinstall

As far as I know all ax devices are v7. Any reason for wanting to run v6?
by erlinden
Tue Sep 03, 2024 8:03 am
Forum: General
Topic: Which firmware is better, V6 or V7
Replies: 4
Views: 565

Re: Which firmware is better, V6 or V7

Gentlemen, what is the difference between firmware V6 and V7, which is better?
better?
by erlinden
Mon Sep 02, 2024 10:13 pm
Forum: General
Topic: hap ax3 random wireless disconnects
Replies: 75
Views: 7610

Re: hap ax3 random wireless disconnects

Yes, I know. And I'll tell my corporate laptop it should disconnect more often :D
by erlinden
Mon Sep 02, 2024 10:09 pm
Forum: Scripting
Topic: DuckDNS on Mikrotik
Replies: 1
Views: 386

Re: DuckDNS on Mikrotik

If you post an export of your config, we can have a look:
/export file=anynameyoulike
Post the content here without serial and any other private info en place it in between code tags by using the </> button.
by erlinden
Mon Sep 02, 2024 10:01 pm
Forum: General
Topic: hap ax3 random wireless disconnects
Replies: 75
Views: 7610

Re: hap ax3 random wireless disconnects

Would be beneficial if all people with problems share their config (at least the /interface/wifi part) to validate settings. Additional tip: when going up and down in versions you might run into some strange problems. Actually, I did...hence some steps that might be of use. I would advise (in case y...
by erlinden
Mon Sep 02, 2024 9:55 pm
Forum: Beginner Basics
Topic: capsman stops working after 7.14 upgrade [SOLVED]
Replies: 4
Views: 1786

Re: capsman stops working after 7.14 upgrade [SOLVED]

And in addition to @holvoetn complete answer: when upgrading through CAPsMAN, all packages are required (and installed). Manual upgrade is, as far as I know, the only way to miss packages.
by erlinden
Mon Sep 02, 2024 4:30 pm
Forum: SwOS
Topic: RB260GS login shows error after reset
Replies: 2
Views: 1298

Re: RB260GS login shows error after reset

Could it be a cache problem? Have you tried using an InPrivate session?
by erlinden
Fri Aug 30, 2024 11:48 am
Forum: General
Topic: CAPsMAN, RB4011-RB960PGS-cAP AX/wAP ac [SOLVED]
Replies: 16
Views: 1292

Re: CAPsMAN, RB4011-RB960PGS-cAP AX/wAP ac [SOLVED]

Removing and adding the slave interfaces did the trick...working as expected and befor.
Will stick to MikroTik longer.
by erlinden
Fri Aug 30, 2024 11:26 am
Forum: General
Topic: Wifi Interface with no channel
Replies: 6
Views: 435

Re: Wifi Interface with no channel

It is indeed, hence you should install the wireless-7.xx.x-mipsbe.npk package (which is located in the \MIPSBE\Extra packages file.
by erlinden
Fri Aug 30, 2024 10:37 am
Forum: General
Topic: CAPsMAN, RB4011-RB960PGS-cAP AX/wAP ac [SOLVED]
Replies: 16
Views: 1292

Re: CAPsMAN, RB4011-RB960PGS-cAP AX/wAP ac [SOLVED]

I did configure it with VLAN on the bridge, and the HOME network is working perfectly with VLAN ID 50, GUEST on VLAN ID 51 isn't (actually, it created interfaces dynamically with VLAN ID 1 for the GUEST network, hence there were MGT VLAN IP addresses assigned, as that is the untagged VLAN on eth0 of...
by erlinden
Thu Aug 29, 2024 8:14 pm
Forum: General
Topic: CAPsMAN, RB4011-RB960PGS-cAP AX/wAP ac [SOLVED]
Replies: 16
Views: 1292

Re: CAPsMAN, RB4011-RB960PGS-cAP AX/wAP ac [SOLVED]

Thanks as well, @mkx. Really appreciate your help! This is my current config: /interface bridge add admin-mac=xxxxxxxxxxxx auto-mac=no name=bridge-lan /interface ethernet set [ find default-name=ether1 ] name=ether1-trunk set [ find default-name=ether2 ] name=ether2-camera-rechts set [ find default-...
by erlinden
Thu Aug 29, 2024 5:39 pm
Forum: General
Topic: CAPsMAN, RB4011-RB960PGS-cAP AX/wAP ac [SOLVED]
Replies: 16
Views: 1292

Re: CAPsMAN, RB4011-RB960PGS-cAP AX/wAP ac [SOLVED]

Ok, I have adjusted as you configured it and removed the learning part.
Will monitor if this is of any help...thanks!
by erlinden
Thu Aug 29, 2024 5:16 pm
Forum: Beginner Basics
Topic: Default SOHO Firewall Rules
Replies: 10
Views: 770

Re: Default SOHO Firewall Rules

The default rules are enough for protection. Because your picture is no showing (better post /ip/firewall export), it is hard to say what you did. And I'm not going to read some website.
by erlinden
Thu Aug 29, 2024 3:33 pm
Forum: General
Topic: CAPsMAN, RB4011-RB960PGS-cAP AX/wAP ac [SOLVED]
Replies: 16
Views: 1292

Re: CAPsMAN, RB4011-RB960PGS-cAP AX/wAP ac [SOLVED]

The only thing I see in your config that jumps out at me is the independent-learning value.
Thanks gotsprings !

Another difference I notice is that you have switch1-cpu added to all your /interface ethernet switch vlan
May I ask what is the purpose of that?
by erlinden
Thu Aug 29, 2024 1:43 pm
Forum: Wireless Networking
Topic: Recommendations for replacement for Ubiquiti Picostation
Replies: 13
Views: 901

Re: Recommendations for replacement for Ubiquiti Picostation

Can you please add the requirements (apart from being outside and handling 20 caravans)?
by erlinden
Thu Aug 29, 2024 1:02 pm
Forum: General
Topic: CAPsMAN, RB4011-RB960PGS-cAP AX/wAP ac [SOLVED]
Replies: 16
Views: 1292

Re: CAPsMAN, RB4011-RB960PGS-cAP AX/wAP ac [SOLVED]

Bringing this topic back to live. I made all the adjustments to get rid of the VLAN ID = 1 necessity. All is working well, except for wireless and VLAN. For some reason I see in ARP and DHCP (leases) that wireless clients do sometimes get both IP addresses from the HOME or Guest VLAN AND the MGT VLA...
by erlinden
Thu Aug 29, 2024 9:23 am
Forum: General
Topic: CRS3X Switches and storm control/LoopProtect
Replies: 2
Views: 347

Re: CRS3X Switches and storm control/LoopProtect

This could very well be a user problem. Could you share the switch's config?
/export file=anynameyoulike
Remove serial and any other private info and place in between code tags by using the </> button.
by erlinden
Thu Aug 29, 2024 9:21 am
Forum: Beginner Basics
Topic: Need assistance with VLAN Firewall and NAT rules
Replies: 5
Views: 464

Re: Need assistance with VLAN Firewall and NAT rules

Your life would be much easier if you choose to go VLAN all the way. Lots of (correct) and great examples can be found in this topic: https://forum.mikrotik.com/viewtopic.php?t=143620 In regards to the firewall, you could consider allowing explicitely and dropping everything else. Just make sure tha...
by erlinden
Thu Aug 29, 2024 9:17 am
Forum: General
Topic: CapXL simple VLAN tagging [SOLVED]
Replies: 15
Views: 974

Re: CapXL simple VLAN tagging [SOLVED]

Sorry for missing the link. And thanks @jadaz!

The explanation of any setting can be found here:
https://help.mikrotik.com/docs/display/ROS/WiFi
by erlinden
Wed Aug 28, 2024 4:14 pm
Forum: Beginner Basics
Topic: Wireguard Persistent keep alive, Responder
Replies: 5
Views: 513

Re: Wireguard Persistent keep alive, Responder

Keepalive should be set on the "client" peer (as well as the is-responder).
by erlinden
Wed Aug 28, 2024 1:04 pm
Forum: Beginner Basics
Topic: Wireguard Persistent keep alive, Responder
Replies: 5
Views: 513

Re: Wireguard Persistent keep alive, Responder

From the documentation: is-responder (yes | no; Default: no) Specifies if peer is intended to be connection initiator or only responder. Should be used on WireGuard devices that are used as "servers" for other devices as clients to connect to. Otherwise router will all repeatedly try to co...
by erlinden
Wed Aug 28, 2024 12:37 pm
Forum: Wireless Networking
Topic: Slow WiFi [SOLVED]
Replies: 31
Views: 2353

Re: Slow WiFi [SOLVED]

If a wired conneciton is fast, then it is not related to the routing part of the router. I also notice that the 2.4GHz radio is broadcasting on channels 1, 3 and 6. In an ideal world (funny in the 2.4GHz context) you would only use channels 1, 6 and 11. Might want to configure frequencies 2412, 2437...
by erlinden
Wed Aug 28, 2024 11:41 am
Forum: Wireless Networking
Topic: NV2 on AX
Replies: 6
Views: 1022

Re: NV2 on AX

Not only that, but the new capsman is not compatible with the older one. So if you have older devices and you buy a new one, you are SOL. Bit harsh, there are two paths you can walk in this use case: - if only ARM devices involved, upgrade them with the wifi-qcom-ac driver. - it is possible to run ...
by erlinden
Wed Aug 28, 2024 11:37 am
Forum: Wireless Networking
Topic: Ether: bridge port receiving packet with its own MAC address [SOLVED]
Replies: 19
Views: 1462

Re: Ether: bridge port receiving packet with its own MAC address [SOLVED]

Can you add both the logging and the config?
/export file=anynameyoulike
Remove serial and any other private info, post in between code tags by using the </> button.
by erlinden
Wed Aug 28, 2024 11:27 am
Forum: General
Topic: Dynamic DNS [SOLVED]
Replies: 12
Views: 811

Re: Dynamic DNS [SOLVED]

You have to come up with your requirements first. If you are aiming for 99.99% uptime, there might be better solutions.
I can tell you it is working perfectly for me, and that might give you the impression it is perfect for you too. But again, only you can tell.
by erlinden
Wed Aug 28, 2024 11:02 am
Forum: General
Topic: Dynamic DNS [SOLVED]
Replies: 12
Views: 811

Re: Dynamic DNS [SOLVED]

So, "down a couple of times" during a period of years can be considered acceptable, right?
Is it acceptable to you? That is all that matters.
by erlinden
Wed Aug 28, 2024 9:41 am
Forum: General
Topic: Dynamic DNS [SOLVED]
Replies: 12
Views: 811

Re: Dynamic DNS [SOLVED]

Have been using it for years. Setup is very easy (checkbox), I noticed that the service has been down a couple of times.
by erlinden
Wed Aug 28, 2024 9:14 am
Forum: General
Topic: CapXL simple VLAN tagging [SOLVED]
Replies: 15
Views: 974

Re: CapXL simple VLAN tagging [SOLVED]

You would need to implement VLAN filtering on the bridge.
If you read this topic, you can find the AccessPoint.rsc which contains an example. In this example, all wifi interfaces are VLAN filtered, you just have to make the guest wifi interfaces so called "access ports".
by erlinden
Tue Aug 27, 2024 6:05 pm
Forum: Wireless Networking
Topic: Big Campus Networking help
Replies: 2
Views: 345

Re: Big Campus Networking help

It depends, especially as these requirements are far from complete.

And where does the maximum number of accesspoints come from?
Why are you assigned with this task?
What is the budget?

Choosing hardware is the least difficult part of this job.
by erlinden
Tue Aug 27, 2024 5:39 pm
Forum: Wireless Networking
Topic: Slow WiFi [SOLVED]
Replies: 31
Views: 2353

Re: Slow WiFi [SOLVED]

Well, then start by describing the issue you need to resolve first.
The topic name might give an indication :D
But agreed, both problem description and the requirements are very welcome!
by erlinden
Tue Aug 27, 2024 5:19 pm
Forum: Wireless Networking
Topic: Slow WiFi [SOLVED]
Replies: 31
Views: 2353

Re: Slow WiFi [SOLVED]

Some feedback requires insights into the config:
/export file=anynameyoulike
Remove serial and any other private info and post here inbtween code tags by using the </> button.
by erlinden
Tue Aug 27, 2024 2:50 pm
Forum: General
Topic: VLAN and Passthrough
Replies: 3
Views: 446

Re: VLAN and Passthrough

A topic which is really going to help you:
viewtopic.php?t=143620
by erlinden
Mon Aug 26, 2024 7:43 pm
Forum: Wireless Networking
Topic: SA Query timeout
Replies: 88
Views: 22109

Re: SA Query timeout

Giving this a go! Disabled it on 5Ghz interface and switched back from WPA2/3 to WPA/WPA2.
Why use WPA (when you can use open)?
8)
by erlinden
Sun Aug 25, 2024 10:16 am
Forum: Beginner Basics
Topic: Stuck in new setup
Replies: 6
Views: 781

Re: Stuck in new setup

Better (best?) idea is using VLAN's. Please read this great topic to get loads of informations and examples:
viewtopic.php?t=143620
by erlinden
Sun Aug 25, 2024 12:30 am
Forum: Beginner Basics
Topic: New router but no 5GHz - broken?
Replies: 3
Views: 442

Re: New router but no 5GHz - broken?

Because the frequency isn't set, it could take up to 10 minutes until the 5GHz radio is broadcasting.
You can set the frequency to 5180 (channel 36) manually to avoid this situation.

Does the log give any info?
At what frequency is the radio broadcasting?
by erlinden
Sat Aug 24, 2024 5:59 pm
Forum: Wireless Networking
Topic: HAP AX2 no connection to CAPsMAN
Replies: 10
Views: 661

Re: HAP AX2 no connection to CAPsMAN

How do I enable the capsman server on one of the AX2? I dont see a Capman option to enable it and set certificate options.
https://help.mikrotik.com/docs/display/ ... ionexample:
by erlinden
Fri Aug 23, 2024 7:29 pm
Forum: Beginner Basics
Topic: New router but no 5GHz - broken?
Replies: 3
Views: 442

Re: New router but no 5GHz - broken?

Yeah...or misconfigured. You make it a bit challenging coming up with a reason with the little info you provide.
Can you post:
/export file=annameyoulike
Remove serial and any other private info.
by erlinden
Thu Aug 22, 2024 2:49 pm
Forum: Wireless Networking
Topic: Mikrotik or others on AX wifi access point
Replies: 160
Views: 7855

Re: Mikrotik or others on AX wifi access point

As I mentioned in the article above, I really don't understand it very well, but maybe I can write the config details here as soon as possible and get ideas from you. Thank you.
Sure, no problem. It would be really great to have the config of the cAP ac as well, just to compare.
by erlinden
Thu Aug 22, 2024 2:44 pm
Forum: Wireless Networking
Topic: Mikrotik or others on AX wifi access point
Replies: 160
Views: 7855

Re: Mikrotik or others on AX wifi access point

What makes you think it is better and what makes you think it is not. Might be interesting to lower transmission power to get better performance.
by erlinden
Thu Aug 22, 2024 11:32 am
Forum: General
Topic: Port 445 is open even though samba is disabled
Replies: 8
Views: 591

Re: Port 445 is open even though samba is disabled

Then it would be interesting to see your complete config:
/export file=anynameyoulike
Remove serial and any other private info.
by erlinden
Thu Aug 22, 2024 9:53 am
Forum: Announcements
Topic: v7.16rc [testing] is released!
Replies: 301
Views: 99641

Re: v7.16rc [testing] is released!

Standalone AP or using CAPsMan?
CAPsMAN:

RB4011, 2x RB960 (v6.49.13), 1x Powerbox Pro (v6.49.13), 2x cAP AX, 1x wAP ac
by erlinden
Wed Aug 21, 2024 4:37 pm
Forum: Announcements
Topic: v7.16rc [testing] is released!
Replies: 301
Views: 99641

Re: v7.16rc [testing] is released!

I ran into a problem with VLAN's: wireless clients got MGT VLAN addresses assigned as well as HOME VLAN addresses. Found out from looking at the DHCP leases and IP ARP entries. After downgrading to 7.15.3 the problem was solved.

Yes, all information was supplied to support.
by erlinden
Wed Aug 21, 2024 4:04 pm
Forum: General
Topic: CRS 317-1G-16S+ Inter-VLAN routing problems (Solved)
Replies: 3
Views: 627

Re: CRS 317-1G-16S+ Inter-VLAN routing problems

Don't use VLAN ID = 1 explicitely /interface vlan add comment="Core infrastructure/Management VLAN" interface=Bridge name=VLAN1 vlan-id=1 add comment="Servers' VLAN" interface=Bridge name=VLAN250 vlan-id=250 Also, I'm missing VLAN 3249 as part of the /interface vlan (while it is ...
by erlinden
Wed Aug 21, 2024 1:53 pm
Forum: General
Topic: VLAN considerations along with CapsMan
Replies: 20
Views: 1492

Re: VLAN considerations along with CapsMan

By using hybrid ports to the CAPs, one can leave them in defaults CAPS Mode. Only identity can be adjusted (if wanted).
by erlinden
Wed Aug 21, 2024 1:51 pm
Forum: General
Topic: manual winbox upgrade
Replies: 5
Views: 435

Re: manual winbox upgrade

Indeed, just replace the existing executable with the new one.
by erlinden
Wed Aug 21, 2024 1:34 pm
Forum: General
Topic: manual winbox upgrade
Replies: 5
Views: 435

Re: manual winbox upgrade

Winbox can be downloaded on the download page:
https://mikrotik.com/download

https://mt.lv/winbox64 (64 bit)
https://mt.lv/winbox (32 bit)
by erlinden
Wed Aug 21, 2024 12:13 pm
Forum: General
Topic: VLAN considerations along with CapsMan
Replies: 20
Views: 1492

Re: VLAN considerations along with CapsMan

One disadvantage of this config, @neki, is that you have to manually adjust the CAPs (as they expect to be able to reach the CAPsMAN untagged by default).
As far as I know, you can't enable bridge VLAN filtering on ax devices. Only on ac devices, using the wifi-qcom-ac driver, this is supported.
by erlinden
Wed Aug 21, 2024 11:30 am
Forum: Wireless Networking
Topic: Legacy and new CAPsMan on the same x86 device
Replies: 6
Views: 846

Re: Legacy and new CAPsMan on the same x96 device

From v7.13.x you get the "new" CAPsMAN (capable of managing ax devices) "for free". It is added in the menu under wifi. The documentation will give you some more insights: https://help.mikrotik.com/docs/display/ROS/WiFi#WiFi-WiFiCAPsMAN The "old" CAPsMAN is part of the ...
by erlinden
Tue Aug 20, 2024 5:46 pm
Forum: General
Topic: Router OS 7 on RBD52G-5HacD2HnD (hAP ac^2)
Replies: 3
Views: 636

Re: Router OS 7 on RBD52G-5HacD2HnD (hAP ac^2)

Downgrade is nearly as easy as upgrading: you have to manually copy the (current) packages to the router en press the downgrade button.
As always, make a complete export (/export file=anynameyoulike) that can be restored any time.
by erlinden
Tue Aug 20, 2024 2:30 pm
Forum: General
Topic: Canon network printing issues
Replies: 2
Views: 355

Re: Canon network printing issues

Bit of an assumption: connect everything to the MikroTik and you will be fine.
If not (possible), make a small network diagram including all clients.
by erlinden
Tue Aug 20, 2024 2:28 pm
Forum: Virtualization
Topic: BTH vpn
Replies: 3
Views: 527

Re: BTH vpn

Here you can find the official documentation including an example:
https://help.mikrotik.com/docs/display/ ... uardtunnel
by erlinden
Tue Aug 20, 2024 11:52 am
Forum: Beginner Basics
Topic: New to Mikrotik
Replies: 19
Views: 1329

Re: New to Mikrotik

Then I found out you have to install QCOM package. So might try updating again.
The disadvantage of upgrading manually is that you could miss an additional package.
You can add it later any time, just add package.

When upgrading automatically, this won't happen.
by erlinden
Mon Aug 19, 2024 5:22 pm
Forum: General
Topic: Low speed via CAPsMAN
Replies: 18
Views: 1267

Re: Low speed via CAPsMAN

It isn't...at least, it shouldn't be.
Please test with iPerf to get better insights on the wireless speed. Using speedtest does include a lot of (possible) influencing factors.

To get best performance, please consider using the wifi-qcom-ac driver.
by erlinden
Mon Aug 19, 2024 4:33 pm
Forum: General
Topic: I have problem with microtick 750GL
Replies: 1
Views: 348

Re: I have problem with microtick 750GL

Might be a cashing thingy...have you tried reinstalling winbox?
What RouterOS and what Winbox version are you using?
by erlinden
Mon Aug 19, 2024 12:10 pm
Forum: Beginner Basics
Topic: Some ports on switches are slow
Replies: 6
Views: 520

Re: Some ports on switches are slow

Are you using RouterOS or SwOS?
Can you share the config of the switch?

Could there be any queue active on the port (or VLAN)?
by erlinden
Mon Aug 19, 2024 9:28 am
Forum: General
Topic: Problem with connecting new cap ax to the Capsman
Replies: 19
Views: 1923

Re: Problem with connecting new cap ax to the Capsman

Looks like your CAPsMAN has some errors: /interface wifi provisioning add action=create-dynamic-enabled disabled=no master-configuration=*4 \ slave-configurations=*3 supported-bands=5ghz-ac add action=create-dynamic-enabled disabled=yes identity-regexp=.*AC.* \ master-configuration=*3 name-format=2G...
by erlinden
Mon Aug 19, 2024 9:16 am
Forum: General
Topic: Allowing a VLAN to Access WAN(Internet)
Replies: 6
Views: 1105

Re: Allowing a VLAN to Access WAN(Internet)

A complete export of /ip/firewall would be very helpfull. Even better...a complete export:
/export file=anynameyoulike
Remove serial and any other private info.
by erlinden
Sat Aug 17, 2024 6:23 pm
Forum: General
Topic: Problem with connecting new cap ax to the Capsman
Replies: 19
Views: 1923

Re: Problem with connecting new cap ax to the Capsman

The wireless interfaces look disabled, can you enable them?
by erlinden
Sat Aug 17, 2024 9:17 am
Forum: Wireless Networking
Topic: Issue with roaming
Replies: 4
Views: 548

Re: Issue with roaming

Happy to hear, you can mark your topic as solved. Will probably give me some karma points 8)
by erlinden
Sat Aug 17, 2024 9:14 am
Forum: Beginner Basics
Topic: WireGuard or OpenVPN [SOLVED]
Replies: 32
Views: 3337

Re: WireGuard or OpenVPN [SOLVED]

If the IPS is blocking the ports , and even if you play with 443 that will not help to establish connections. Not sure why is that,
Are you stating that on the same port and with same protocol OpenVPN will work while Wireguard does (sometimes) not?
by erlinden
Fri Aug 16, 2024 2:20 pm
Forum: General
Topic: Firmware Upgrade
Replies: 4
Views: 569

Re: Firmware Upgrade

Have you checked the log?
by erlinden
Fri Aug 16, 2024 1:55 pm
Forum: General
Topic: Firmware Upgrade
Replies: 4
Views: 569

Re: Firmware Upgrade

Incorrect cpu architecture? Bit more info would be usefull...
by erlinden
Fri Aug 16, 2024 1:00 pm
Forum: Wireless Networking
Topic: Issue with roaming
Replies: 4
Views: 548

Re: Issue with roaming

You can add "fast transition", which should make it more easy for clients to roam: /interface wifi security add authentication-types=wpa2-psk ft=yes ft-over-ds=yes name=JUJUMAESIN-SEC passphrase=[whatever you use] What signal does the client have when connected to the CAP instead of the ro...
by erlinden
Fri Aug 16, 2024 12:35 pm
Forum: General
Topic: Low speed via CAPsMAN
Replies: 18
Views: 1267

Re: Low speed via CAPsMAN

Signal is okay! Frequency was my mistake, please try eiher 5180 or leave it empty (for automatic selection). The latter will choose based on a scan.
by erlinden
Fri Aug 16, 2024 11:23 am
Forum: General
Topic: Low speed via CAPsMAN
Replies: 18
Views: 1267

Re: Low speed via CAPsMAN

Seems a bit low(er) than possible. What is the signal value?
Could you change frequency to 5120 (channel 36)?
Did you perform a frequency scan? Any other wifi networks that could be interferring?
by erlinden
Fri Aug 16, 2024 8:39 am
Forum: General
Topic: Low speed via CAPsMAN
Replies: 18
Views: 1267

Re: Low speed via CAPsMAN

If that is the device you test with...yes.
This information can be found either on /interface/wifi/registration (are you using Winbox?) or on the laptop (are you using Windows?).
by erlinden
Fri Aug 16, 2024 8:30 am
Forum: Wireless Networking
Topic: New CAPsMAN, VLAN and error with provisioning "--- SSID not set"
Replies: 16
Views: 1795

Re: New CAPsMAN, VLAN and error with provisioning "--- SSID not set"

I have found out several topics as well in cookbook, but it seems that it will be not for my setup, so I have to read and find something else.
Here in the documentation you can find it:
https://help.mikrotik.com/docs/display/ ... %22package:
by erlinden
Thu Aug 15, 2024 6:05 pm
Forum: General
Topic: Low speed via CAPsMAN
Replies: 18
Views: 1267

Re: Low speed via CAPsMAN

Can you post at what connection rate the client is connected?
by erlinden
Thu Aug 15, 2024 4:55 pm
Forum: General
Topic: Low speed via CAPsMAN
Replies: 18
Views: 1267

Re: Low speed via CAPsMAN

Can you set local-forwarding to true:

/caps-man datapath
add bridge=bridge-guest name=guest local-forwarding=yes
by erlinden
Thu Aug 15, 2024 1:43 pm
Forum: Wireless Networking
Topic: Mikrotik or others on AX wifi access point
Replies: 160
Views: 7855

Re: Mikrotik or others on AX wifi access point

Within days/weeks the wAP AX will be introduced. Which, if I understood correct, will be smaller.

Accorindg to @Normis:
wAP ax will be a very small device and is coming very very soon (question of days or weeks)
by erlinden
Thu Aug 15, 2024 1:02 pm
Forum: Wireless Networking
Topic: Missing wAP ax successor to wAP ac, what are outdoor AX WiFi alternatives?
Replies: 29
Views: 2927

Re: Missing wAP ax successor to wAP ac, what are outdoor AX WiFi alternatives?

wAP ax will be a very small device and is coming very very soon (question of days or weeks)
:-D :-D :-D
by erlinden
Thu Aug 15, 2024 12:08 pm
Forum: Wireless Networking
Topic: Connecting v6 Device to CAPsMAN v7 [SOLVED]
Replies: 3
Views: 785

Re: Connecting v6 Device to CAPsMAN v7 [SOLVED]

The new CAPsMAN does only support wifi-qcom and wifi-qcom-ac devices. The latter is supported on ac devices, using the ARM processor. Unfortunately, the RB951 is a MIPSBE device, hence you can't find it. If you want it to be managed by your switch, you have to add the wireless package and run two in...
by erlinden
Thu Aug 15, 2024 11:51 am
Forum: General
Topic: Low speed via CAPsMAN
Replies: 18
Views: 1267

Re: Low speed via CAPsMAN

Set extension-channel to either Ce (40MHz) or Ceee (80MHz) on the 5GHz radio to get higher conenction rates. You might as well let the CAPsMAN (actually the CAP) choose a channel itself, as is configured on the hAP ac3.
by erlinden
Thu Aug 15, 2024 9:54 am
Forum: General
Topic: Low speed via CAPsMAN
Replies: 18
Views: 1267

Re: Low speed via CAPsMAN

Why did you set bandwidth to 20MHz on the 5GHz radio? This will probably make a huge difference, when set to 80MHz (Ceee). No need to set VLAN ID 1 on the datapath. Instead of using "2412,2422,2432,2442,2462", you better use 2412,2437,2462 for non overlapping channels. When setting transmi...
by erlinden
Thu Aug 15, 2024 9:15 am
Forum: Beginner Basics
Topic: VLAN on Wifi - Have Unifi AP w no Cloud Key - will it work ? [SOLVED]
Replies: 5
Views: 785

Re: VLAN on Wifi - Have Unifi AP w no Cloud Key - will it work ?

Please elaborate , why are you asking this question on a other vendors forum? Seems to me this is a good question for the UBI forum (or perhaps you already asked there?). Or just join the MikroTik community (as I did) and get proper support. 8) I would expect that the Windows Unifi Controller/Docker...
by erlinden
Wed Aug 14, 2024 8:51 pm
Forum: Wireless Networking
Topic: New CAPsMAN, VLAN and error with provisioning "--- SSID not set"
Replies: 16
Views: 1795

Re: New CAPsMAN, VLAN and error with provisioning "--- SSID not set"

Well... Start by removing this radio MAC address: /interface wifi provisioning add action=create-enabled common-name-regexp="" disabled=no identity-regexp=\ "" master-configuration=config_internal_users radio-mac=00:00:00:00:00:00 \ slave-configurations=config_guests This will pr...
by erlinden
Wed Aug 14, 2024 5:11 pm
Forum: Scripting
Topic: Mac no asignada a dhcp
Replies: 2
Views: 382

Re: Mac no asignada a dhcp

English translation (thanks to Google): Hello, I want to make a foreach based on a list of IPs to check if they are assigned in the dhcp and take action to be positive No answers here...you might get some (paid) support here: https://mikrotik.com/consultants OR What have you done so far. What is wor...
by erlinden
Wed Aug 14, 2024 4:49 pm
Forum: Beginner Basics
Topic: Switch IP address at VLAN [SOLVED]
Replies: 6
Views: 1085

Re: Switch IP address at VLAN [SOLVED]

Can you share the config?
/export file=anynameyoulike
Remove serial and any other private info.
by erlinden
Wed Aug 14, 2024 4:11 pm
Forum: Beginner Basics
Topic: Can't change network
Replies: 11
Views: 728

Re: Can't change network

Can you show exactely what IP addresses should be available for DHCP? You are aware that you can configure multiple pools? In addition, can you please share your (relevant part of the) config: /export hide-sensitive file=anynameyoulike Remove serial and any other private info and post here between c...
by erlinden
Wed Aug 14, 2024 3:57 pm
Forum: Announcements
Topic: v7.16rc [testing] is released!
Replies: 301
Views: 99641

Re: v7.16rc [testing] is released!

Do you have examples on what changes you have made that weren't provisioned?
by erlinden
Wed Aug 14, 2024 3:46 pm
Forum: Beginner Basics
Topic: Can't change network
Replies: 11
Views: 728

Re: Can't change network

Have you changed the IP pool? This is where you define the IP addresses that are available.
by erlinden
Wed Aug 14, 2024 3:25 pm
Forum: Wireless Networking
Topic: WIFI 6 AX
Replies: 1
Views: 462

Re: WIFI 6 AX

Could you also show the provisioning?
https://help.mikrotik.com/docs/display/ ... ovisioning
by erlinden
Wed Aug 14, 2024 1:20 pm
Forum: General
Topic: modes and wifi
Replies: 5
Views: 792

Re: modes and wifi

First step, forget Quickset (except for initial config...but then, still forget it). Do it manually, you will get so much more options (besides the knowledge you gain). As soon as I change anything in Winbox, the configuration is gone, I have to repeat everything over and over. This shouldn't be the...
by erlinden
Wed Aug 14, 2024 10:42 am
Forum: RouterBOARD hardware
Topic: CRS328-24P-4S+RM wirespeed switching?
Replies: 3
Views: 542

Re: CRS328-24P-4S+RM wirespeed switching?

Are you refering to the part where this switch is (ab)used as router?
by erlinden
Wed Aug 14, 2024 9:41 am
Forum: Wireless Networking
Topic: Is there a guid for setting up multiple CAP AX with 1 controller
Replies: 5
Views: 634

Re: Is there a guid for setting up multiple CAP AX with 1 controller

Just follow this help page: https://help.mikrotik.com/docs/display/ROS/WiFi#WiFi-WiFiCAPsMAN My tips: - use fixed channels for the 5GHz channels, 40MHz bandwidth (by creating a config/provision rule per CAPS filtered by MAC address) - when not using EAP, use wpa2-psk only with CCMP (only) as encrypt...
by erlinden
Wed Aug 14, 2024 9:26 am
Forum: General
Topic: enable switch chip.. more bandwidth in use?
Replies: 2
Views: 476

Re: enable switch chip.. more bandwidth in use?

Can you show the config as well?
/export file=anynameyoulike
Remove serial and any other private info en post between code tags by using the </> button.
by erlinden
Wed Aug 14, 2024 9:25 am
Forum: Wireless Networking
Topic: WIFI connecting issues
Replies: 6
Views: 1008

Re: WIFI connecting issues

Can you give it a try with:

WPA2-PSK (only) and CCMP (as encryption)?
by erlinden
Tue Aug 13, 2024 1:46 pm
Forum: General
Topic: Frequent Crashes After Updates on MikroTik hAP ac3 – Seeking Solutions
Replies: 8
Views: 608

Re: Frequent Crashes After Updates on MikroTik hAP ac3 – Seeking Solutions

Really would like to have a peek at your config:
/export file=anynameyoulike
Remove serial and any other private info.
by erlinden
Tue Aug 13, 2024 10:55 am
Forum: Beginner Basics
Topic: CAPsMAN through Switch under VLAN [SOLVED]
Replies: 15
Views: 1975

Re: CAPsMAN through Switch under VLAN [SOLVED]

Are you running the CAP's in default CAPS Mode? Are the CAP's connected to a hybrid port (where MGT VLAN is untagged)? Would you be willing to share your config?

Thanks! :-D
by erlinden
Tue Aug 13, 2024 10:44 am
Forum: Beginner Basics
Topic: CAPsMAN through Switch under VLAN [SOLVED]
Replies: 15
Views: 1975

Re: CAPsMAN through Switch under VLAN [SOLVED]

I agree except I ran into the problem that clients also received MGT VLAN IP addresses when connecting with a wifi-qcom-ac CAP. Then I started over following the CAPsMAN VLAN description in the help pages (https://help.mikrotik.com/docs/display/ROS/WiFi#WiFi-CAPsMAN-CAPVLANconfigurationexample:). Th...
by erlinden
Tue Aug 13, 2024 10:26 am
Forum: Beginner Basics
Topic: CAPsMAN through Switch under VLAN [SOLVED]
Replies: 15
Views: 1975

Re: CAPsMAN through Switch under VLAN [SOLVED]

For me it works when adding VLAN ID 1 on the switch.
by erlinden
Mon Aug 12, 2024 4:45 pm
Forum: General
Topic: Can't get UPnP to work in RouterOS 7.14.1 (Worked in RouterOS 6.x)
Replies: 15
Views: 1366

Re: Can't get UPnP to work in RouterOS 7.14.1 (Worked in RouterOS 6.x)

Can you post the ouput of:
/ip/upnp print
/ip/upnp/interfaces print
by erlinden
Mon Aug 12, 2024 3:26 pm
Forum: General
Topic: Cap devices only: "Check for updates" error - timeouts
Replies: 5
Views: 507

Re: Cap devices only: "Check for updates" error - timeouts

When using CAPsMAN you can push upgrades. Set package-path and place the packages in that path.
See here:

https://www.youtube.com/watch?v=1Ct6aJXTE5g
by erlinden
Mon Aug 12, 2024 2:48 pm
Forum: General
Topic: How can I access remotely MT behind a modem?
Replies: 13
Views: 755

Re: How can I access remotely MT behind a modem?

Can you change this rule, where the to port is the default Winbox port?

And change this rule in the firewall as well:
/ip firewall filter
add action=accept chain=input dst-port=8291 in-interface=ether1 protocol=tcp
by erlinden
Mon Aug 12, 2024 2:33 pm
Forum: General
Topic: How can I access remotely MT behind a modem?
Replies: 13
Views: 755

Re: How can I access remotely MT behind a modem?

Yes it is behind NAT and does not have a public IP address.
Did you do port forwarding on the NAT device as well?
by erlinden
Mon Aug 12, 2024 1:12 pm
Forum: General
Topic: How can I access remotely MT behind a modem?
Replies: 13
Views: 755

Re: How can I access remotely MT behind a modem?

I would prefer through VPN over making a service available publically.
Is your MT behind NAT, or does it have a publically available IP address?
Who removed all filter rules that are part of the default?
by erlinden
Mon Aug 12, 2024 11:39 am
Forum: Beginner Basics
Topic: Struggling to hard reset and provision cAP-2nD
Replies: 2
Views: 418

Re: Struggling to hard reset and provision cAP-2nD

If you can't access it after a reset (sure the credentials are correct?) and it won't go into CAPS Mode, you could consider to perform a netinstall:
https://help.mikrotik.com/docs/display/ROS/Netinstall
by erlinden
Sun Aug 11, 2024 2:28 pm
Forum: General
Topic: site-site Wiregaurd Setup
Replies: 13
Views: 867

Re: site-site Wiregaurd Setup

As the wireguard interface isn't part of the LAN interface list AND doesn't have an accept rule on the input chain, it is blocked (hence you can't ping it). You can test this by either adding an additional rule: /ip firewall filter add action=accept chain=input comment="defconf: accept ICMP&quo...
by erlinden
Sun Aug 11, 2024 2:14 pm
Forum: Beginner Basics
Topic: Weird filtering issue on 7.15.3
Replies: 2
Views: 437

Re: Weird filtering issue on 7.15.3

Enable logging on the drop rule to get insights why this rule isn't working.

I would expect the double quotes are the problem.
by erlinden
Sun Aug 11, 2024 11:26 am
Forum: Beginner Basics
Topic: First time hAP ax3 setup with VLANs, no traffic going upstream
Replies: 5
Views: 571

Re: First time hAP ax3 setup with VLANs, no traffic going upstream

These are the default firewall rules, with some irrelevant ones removed. :? If you want this device to work as router, you want a masquerade rule. But there is a lot more that is missing. If you want to have it working as switch, please read this great topic: https://forum.mikrotik.com/viewtopic.ph...
by erlinden
Sun Aug 11, 2024 10:07 am
Forum: Beginner Basics
Topic: CAPsMAN through Switch under VLAN [SOLVED]
Replies: 15
Views: 1975

Re: CAPsMAN through Switch under VLAN [SOLVED]

Aah, thanks for the explanation. You are referring to the old version (which is part of the wireless package), while TS is using the new version. The new version lacks the forwarding options.
by erlinden
Sun Aug 11, 2024 10:04 am
Forum: Beginner Basics
Topic: First time hAP ax3 setup with VLANs, no traffic going upstream
Replies: 5
Views: 571

Re: First time hAP ax3 setup with VLANs, no traffic going upstream

Besides a lot of firewall rules....VLAN filtering isn't enabled on the bridge.
by erlinden
Sun Aug 11, 2024 9:57 am
Forum: Wireless Networking
Topic: Too many interfaces for radio (CAPsMAN)
Replies: 3
Views: 449

Re: Too many interfaces for radio (CAPsMAN)

Seems to me that there are more SSID/interfaces configured than can be handled. A quick peek on your config will give better insights, can you pleas share it? /interface/wifi export file=anynameyoulike Remove serial and any other private info and post in between code tags by using the </> button.
by erlinden
Sun Aug 11, 2024 9:54 am
Forum: Beginner Basics
Topic: hAP ax3 with issues after reset
Replies: 8
Views: 1150

Re: hAP ax3 with issues after reset

My tips:
Change power supply (just to be sure)
Netinstall the device:
https://help.mikrotik.com/docs/display/ROS/Netinstall
by erlinden
Sun Aug 11, 2024 9:52 am
Forum: Wireless Networking
Topic: cAPs name in CAPsMan
Replies: 2
Views: 388

Re: cAPs name in CAPsMan

I have: - set identity on the CAP - use %I in the Name Format (as part of the provisioning From the documentation : name-format (string) Base string to use when constructing names of provisioned interfaces. Each new interface will be created by taking the base string and appending a number to the en...
by erlinden
Sat Aug 10, 2024 11:17 pm
Forum: Beginner Basics
Topic: CAPsMAN through Switch under VLAN [SOLVED]
Replies: 15
Views: 1975

Re: CAPsMAN through Switch under VLAN [SOLVED]

Local forwarding should be enabled on the datapaths because the AP is not directly connected behind the CAPsMAN Not sure what exactely you are referring to, but from the wiki: WiFi CAPsMAN only passes wireless configuration to the CAP, all forwarding decisions are left to the CAP itself - there is ...
by erlinden
Sat Aug 10, 2024 7:01 pm
Forum: General
Topic: CAPsMAN, RB4011-RB960PGS-cAP AX/wAP ac [SOLVED]
Replies: 16
Views: 1292

Re: CAPsMAN, RB4011-RB960PGS-cAP AX/wAP ac [SOLVED]

Yeah...as it seams. Remains the question...why should I add the "independent-learning=yes" for VLAN 1 on the switch?

And thanks for the addition, I added this indeed.
by erlinden
Sat Aug 10, 2024 5:56 pm
Forum: General
Topic: site-site Wiregaurd Setup
Replies: 13
Views: 867

Re: site-site Wiregaurd Setup

Checked your conig (better to place it inbetween code tags by using the </> button): /ip address add address=192.168.10.1/24 interface=" WG-HQ" network=192.168.10.0 Should be: /ip address add address=192.168.10.1/32 interface=" WG-HQ" network=192.168.10.0 AND /ip address add addr...
by erlinden
Sat Aug 10, 2024 4:55 pm
Forum: General
Topic: site-site Wiregaurd Setup
Replies: 13
Views: 867

Re: site-site Wiregaurd Setup

Mikrotik has a great explanation: https://help.mikrotik.com/docs/display/ROS/WireGuard#WireGuard-SitetoSiteWireGuardtunnel Did you add this part to the firewall as well (don't mind the used IP addresses...)? Additionally, it is possible that the "forward" chain restricts the communication ...
by erlinden
Sat Aug 10, 2024 1:48 pm
Forum: General
Topic: CAPsMAN, RB4011-RB960PGS-cAP AX/wAP ac [SOLVED]
Replies: 16
Views: 1292

CAPsMAN, RB4011-RB960PGS-cAP AX/wAP ac [SOLVED]

I need some VLAN help. I run a router with 2 VLAN's: 50 (HOME) and 51 (Guests). I use CAPsMAN to manage my 2 cAP AX and 1 wAP ac. One cAP AX is connected to the RB4011 directly, the second (and the wAP ac) are conencted through the RB 960PGS. All devices are connected through trunk ports (VLAN 50 an...
by erlinden
Thu Aug 08, 2024 6:52 pm
Forum: Beginner Basics
Topic: Wi-Fi connection randomly drops, then reconnects in seconds [SOLVED]
Replies: 21
Views: 2381

Re: Wi-Fi connection randomly drops, then reconnects in seconds [SOLVED]

Can you try setting encryption to, mbach:
encryption=ccmp,gcmp,ccmp-256,gcmp-256
And use wpa2-psk only.

And enable debug, wifi logging to get some additional information.
by erlinden
Thu Aug 08, 2024 11:12 am
Forum: General
Topic: HAP AX2 dead
Replies: 7
Views: 905

Re: HAP AX2 dead

by erlinden
Mon Aug 05, 2024 5:48 pm
Forum: Beginner Basics
Topic: tagged and untagged in one vlan table
Replies: 10
Views: 767

Re: tagged and untagged in one vlan table

The VLAN bible of Mikrotik:
viewtopic.php?t=143620

Thanks snippan for the addition. I just wanted to add it...
by erlinden
Mon Aug 05, 2024 1:38 pm
Forum: General
Topic: DoH configured but apparently not working
Replies: 3
Views: 546

Re: DoH configured but apparently not working

Did you succesfully import the certificate that is used? Anything in the log that might give an indication? Does it work if you (temporarily) disable certificate check?
Can you also check if https://1.1.1.1/dns-query does work?
by erlinden
Sun Aug 04, 2024 11:13 am
Forum: Wireless Networking
Topic: 7.15.x CAPsMAN Setup
Replies: 32
Views: 3714

Re: 7.15.x CAPsMAN Setup

OK so if I'm reading this page right, I have to do specific config on -each- CAP in order for wifi to work on a VLAN. No, you don't. What is shown is a config if you want to do it manually from scratch. If you either reset it to CAPS Mode through the reset button or the menu option it will give you...
by erlinden
Sat Aug 03, 2024 6:52 pm
Forum: Beginner Basics
Topic: wifi-qcom/AX manual WiFi uplink
Replies: 4
Views: 1125

Re: wifi-qcom/AX manual WiFi uplink

If memory serves me well, it shows that there are no clients connected to the radio.

Do you want to have feedback on your config?
/export file=anynameyoulike
Remove serial and any other private info.
by erlinden
Sat Aug 03, 2024 12:37 am
Forum: Wireless Networking
Topic: hAP ax3 wireless problem [SOLVED]
Replies: 174
Views: 36525

Re: hAP ax3 wireless problem [SOLVED]

What reasons could there be for the “Link downs” of a 5Ghz meter to trigger?
If you want some feedback, just share the config:
/export file=anynameyoulike
Remove serial and any other private info.
by erlinden
Fri Aug 02, 2024 11:23 pm
Forum: General
Topic: Hello, please help. DHCP Issues.
Replies: 1
Views: 513

Re: Hello, please help. DHCP Issues.

From your config: /interface wireless security-profiles set [ find default=yes ] supplicant-identity=MikroTik add authentication-types=wpa-psk,wpa2-psk management-protection=allowed mode=\ dynamic-keys name=profile1 supplicant-identity=MikroTik Either remove wpa-psk or don't set any security. /inter...
by erlinden
Fri Aug 02, 2024 11:06 am
Forum: Wireless Networking
Topic: CAPSMAN issues managing many existing configured CAP-AC
Replies: 1
Views: 494

Re: CAPSMAN issues managing many existing configured CAP-AC

Looks like VLAN filtering is not enabled on the bridge. From the documentation: https://help.mikrotik.com/docs/pages/viewpage.action?pageId=46759946#WifiWave2(7.12andolder)-CAPsMAN-CAPVLANconfigurationexample: Here there is a distinction between 2.4GHz and 5GHz. Can you try to do the same? Are the S...
by erlinden
Tue Jul 30, 2024 10:52 am
Forum: Wireless Networking
Topic: hAP ax3 wireless problem [SOLVED]
Replies: 174
Views: 36525

Re: hAP ax3 wireless problem [SOLVED]

I hope the manufacturer will be able to fix all the errors and shortcomings of hAP ax3 with updates.
That would involve the users as well 8)

If you want some feedback, just share the config:
/export file=anynameyoulike
Remove serial and any other private info.
by erlinden
Tue Jul 30, 2024 10:49 am
Forum: General
Topic: how to identify which ip is infected and being used for a DDoS? [SOLVED]
Replies: 16
Views: 2780

Re: how to identify which ip is infected and being used for a DDoS? [SOLVED]

Turn it off and see if you can open the /ip/firewall/connections tab. That should be a good indication.
by erlinden
Tue Jul 30, 2024 10:47 am
Forum: Beginner Basics
Topic: Wi-Fi connection randomly drops, then reconnects in seconds [SOLVED]
Replies: 21
Views: 2381

Re: Wi-Fi connection randomly drops, then reconnects in seconds [SOLVED]

so it's unlikely that I misconfigured something. What could be the problem? What are some ways to troubleshoot this issue? By default WPA2 and WPA3 are enabled. That gave me a lot of problems. To troubleshoot (together with you): What RouterOS version are you running? Can you share the config? /exp...
by erlinden
Mon Jul 29, 2024 5:39 pm
Forum: Beginner Basics
Topic: Just installed and having troubles with DNS
Replies: 2
Views: 715

Re: Just installed and having troubles with DNS

/ip pool add name=default-dhcp ranges=192.168.88.10-192.168.88.254 /ip address add address=192.168.1.11/24 comment=defconf interface=bridge network=192.168.1.0 /ip dhcp-server network add address=192.168.0.0/24 comment=defconf dns-server=192.168.0.99 gateway=192.168.0.99 netmask=24 Looks like three...
by erlinden
Sun Jul 28, 2024 10:21 am
Forum: Announcements
Topic: v7.16beta [testing] is released!
Replies: 288
Views: 117161

Re: v7.16beta [testing] is released!

if u want to get to the trouble, then use the new CapsMan
Can you eleborate this? I'm onto the beta in my home environment (I know, just a small network). Haven't had any strange CAPsMAN things, at least for me it is working not any less stable than the stable version.
by erlinden
Fri Jul 26, 2024 3:25 pm
Forum: Wireless Networking
Topic: Netbox 5 AX Frequency Settings
Replies: 4
Views: 650

Re: Netbox 5 AX Frequency Settings

To use all frequencies, just buy another 10 (or something) Netboxes. Or understand how wifi is working.
Furthermore, why don't you want to set a country?
by erlinden
Fri Jul 26, 2024 3:15 pm
Forum: Wireless Networking
Topic: disconnecting wifi clients
Replies: 4
Views: 592

Re: disconnecting wifi clients

Are there more clients suffering from this?

You could add wireless debug logging to get some additional information.
Besides, can you perhaps share your config:
/export file=anynameyoulike
Remove serial and any other private info.
by erlinden
Thu Jul 25, 2024 7:33 pm
Forum: General
Topic: DoH certificate handshake failed (Quad9)
Replies: 7
Views: 854

Re: DoH certificate handshake failed (Quad9)

Could it be that the imported certificate is expired or renewed?
by erlinden
Thu Jul 25, 2024 7:10 pm
Forum: General
Topic: DoH certificate handshake failed (Quad9)
Replies: 7
Views: 854

Re: DoH certificate handshake failed (Quad9)

If you want to check "Verify DoH Certificate" (which you obviously do), you hwave to make sure the MikroTik has the Root CA installed.

Check this blog that explains the steps to get it to work:
https://www.shellhacks.com/mikrotik-dns ... loudflare/
by erlinden
Tue Jul 23, 2024 7:46 pm
Forum: Wireless Networking
Topic: 7.15.x CAPsMAN Setup
Replies: 32
Views: 3714

Re: 7.15.x CAPsMAN Setup

At least reset the accesspoint to CAPS Mode. Do you see any radios on /wifi/radios (that is on the CAPsMAN)?

Currently on smartphone, going through the config isn't easy.
by erlinden
Mon Jul 22, 2024 11:41 am
Forum: Beginner Basics
Topic: Allow Outgoing UDP TCP connections
Replies: 1
Views: 369

Re: Allow Outgoing UDP TCP connections

In a default situation the router won't block this (any) traffic outgoing.
Can you share your config (at least the /ip/firewall part)?
/ip/firewall export

or

/export file=anynameyoulike
Are you using LTE? Could be that the provider is blocking the traffic.
by erlinden
Sun Jul 21, 2024 11:58 pm
Forum: Beginner Basics
Topic: DNS issue hAP ax3 [SOLVED]
Replies: 2
Views: 1708

Re: DNS issue hAP ax3 [SOLVED]

Looks like the DNS server is disabled. To turn it on:
/ip dns
set allow-remote-requests=yes
by erlinden
Sun Jul 21, 2024 6:10 pm
Forum: Announcements
Topic: v7.15.3 [stable] is released!
Replies: 654
Views: 250566

Re: v7.15 [stable] is released!

I was also getting the script error in my logs after upgrading to 7.15. "executing script from scheduler failed, please check it manually" The solution was to replace the word "system" with "routeros" Old - :set Var1 "$[/system package get system version]" Ne...
by erlinden
Sun Jul 21, 2024 6:02 pm
Forum: RouterBOARD hardware
Topic: wAP ac (RBwAPG-5HacT2HnD) rebooting every 10 seconds
Replies: 3
Views: 619

Re: wAP ac (RBwAPG-5HacT2HnD) rebooting every 10 seconds

Either get a new wAP ac or, if time wouldn't be of an issue, wait for a wAP ax.
by erlinden
Sun Jul 21, 2024 3:10 pm
Forum: General
Topic: MikroTik hAP ac2 cant login
Replies: 4
Views: 525

Re: MikroTik hAP ac2 cant login

Assuming you are using the wifi-qcom-ac driver:
https://help.mikrotik.com/docs/display/ROS/WiFi
by erlinden
Sat Jul 20, 2024 8:29 pm
Forum: Wireless Networking
Topic: The most arduous access point ever: hAP ax³
Replies: 48
Views: 2747

Re: The most arduous access point ever: hAP ax³

Use wpa2-aes only for the time being. And only ccmp. And turn on debug logging on wifi to get some more insights.
by erlinden
Sun Jul 14, 2024 10:52 am
Forum: Wireless Networking
Topic: wifi-qcom-ac package for wAP ac (mipsbe) [SOLVED]
Replies: 2
Views: 2150

Re: wifi-qcom-ac package for wAP ac (mipsbe) [SOLVED]

Wifi-qcom-ac is only supported on ARM devices.
by erlinden
Thu Jul 11, 2024 1:29 pm
Forum: Scripting
Topic: Routing rules for dynamic IP addresses
Replies: 16
Views: 3864

Re: Routing rules for dynamic IP addresses

I use address list, create a list (i.e. WAN-IP) and add the address (blahblah.sn.mynetname.net).
Then you can refer to the address list (with its name).
by erlinden
Thu Jul 11, 2024 10:52 am
Forum: General
Topic: Could not resolve dns name [SOLVED]
Replies: 5
Views: 1855

Re: Could not resolve dns name [SOLVED]

Does the switch have an IP address, gateway and access to the Internet?
Can you ping router/public DNS server?
by erlinden
Wed Jul 10, 2024 6:04 pm
Forum: The User Manager
Topic: cannot login to user manager
Replies: 3
Views: 751

Re: cannot login to user manager

Are there any files that remained on the filesystem? You might need to delete them manually.
Or better...netinstall it with the latest v6 LTS (currently 6.49.13)
by erlinden
Wed Jul 10, 2024 5:33 pm
Forum: Beginner Basics
Topic: Am I being port scanned?
Replies: 9
Views: 852

Re: Am I being port scanned?

If you are worried with security, you might want to reconsider this:
/ip upnp
set enabled=yes
/ip upnp interfaces
add interface=ether1 type=external
Ports are scanned, up to you if you want to have it logged...or not.
by erlinden
Wed Jul 10, 2024 5:13 pm
Forum: Beginner Basics
Topic: Am I being port scanned?
Replies: 9
Views: 852

Re: Am I being port scanned?

Also wanted to know why (default mikrotik rules) drop all not incoming from LAN supersede drop from wan not dstnated? It does not matter what order are they in, drop not dstnated is just not working. I also have hairpin NAT, might that be a problem? There is a difference between the input chain (ac...
by erlinden
Wed Jul 10, 2024 9:37 am
Forum: General
Topic: cache full, not storing since 7.14
Replies: 28
Views: 9526

Re: cache full, not storing since 7.14

Cache size is configurable, you might want to increase the memory (if you haven't tried already?):
/ip dns
set cache-size=20480KiB
by erlinden
Tue Jul 09, 2024 9:41 am
Forum: Announcements
Topic: v7.15.3 [stable] is released!
Replies: 654
Views: 250566

Re: v7.15.2 [stable] is released!

Something is wrong with the initial scan for 5 GHz. Every time at boot, the frequency is set to 5500 on all APs. This does not happen for 2.4 GHz where APs receive different frequencies. That is something that is bothering me as well. This frequency is checked for 1 min before used, hence this situ...
by erlinden
Tue Jul 09, 2024 9:37 am
Forum: Wireless Networking
Topic: wlan1: failed to select channel
Replies: 3
Views: 986

Re: wlan1: failed to select channel

/interface wireless security-profiles set [ find default=yes ] supplicant-identity=MikroTik add authentication-types=wpa-psk,wpa2-psk,wpa-eap,wpa2-eap eap-methods="" \ group-ciphers=tkip,aes-ccm management-protection=allowed mode=dynamic-keys \ name=kokoriko supplicant-identity="&quo...
by erlinden
Mon Jul 08, 2024 5:40 pm
Forum: Wireless Networking
Topic: Capsman: AP Behavior on very basic config
Replies: 7
Views: 757

Re: Capsman: AP Behavior on very basic config

/caps-man channel add band=2ghz-b/g/n name=2g4 Does the above really make sense to you? All you do here is set the band, not the channels. Ie, you wnat to set: frequency=2412,2437,2462 I never use auto, I want to decide which frequency gets used. How do you handle this, a config per radio? How do y...
by erlinden
Mon Jul 08, 2024 2:41 pm
Forum: Wireless Networking
Topic: cap ax3 unable to connect to cap manager on RB751G
Replies: 8
Views: 723

Re: cap ax3 unable to connect to cap manager on RB751G

can wifi capsman be run on a mipsbe device?
Sure (comes with 7.13 and up), but it won't be able to manage its own wireless interfaces.
by erlinden
Sat Jul 06, 2024 10:04 am
Forum: Wireless Networking
Topic: Roaming not working
Replies: 4
Views: 685

Re: Roaming not working

Good that you have found the forum! More interesting information can be found on YouTube (though there is a lot of garbage on it as well). Make sure to follow MikorTik and have a lok at this video:

https://www.youtube.com/watch?v=37aff6d14Xk
by erlinden
Fri Jul 05, 2024 4:25 pm
Forum: General
Topic: Internet suddenly stopped working for inner network - [SOLVED]
Replies: 11
Views: 2355

Re: Internet suddenly stopped working for inner network - [SOLVED]

I think in the end that is most important.

In regards to doing wrong...your firewall config has some space for improvement. Being polite on this.
In addition, are you sure you want to have port 22 available publically?
Who manages this router? This due to the fact it is running 7.6.
by erlinden
Fri Jul 05, 2024 1:49 pm
Forum: General
Topic: General ISP IP question.. [SOLVED]
Replies: 2
Views: 1304

Re: General ISP IP question.. [SOLVED]

The answer is either 42 or NAT.
by erlinden
Thu Jul 04, 2024 12:47 pm
Forum: Beginner Basics
Topic: New dns addlist functionality and it doesn't work - I'm not even mad.
Replies: 9
Views: 2394

Re: New dns addlist functionality and it doesn't work - I'm not even mad.

Hmm, methinks someone is upset Italy crashed out of the EuroCup! ;-) Canada wasn't part of it in the first place :lol: Too bad my RB760iGS isn't able to download the file due to too little flash memory. Does anyone have a solution to that? Apart from downloading it as file and load it from file, as...
by erlinden
Thu Jul 04, 2024 9:50 am
Forum: Wireless Networking
Topic: WiFi-qcom 7.15.2 auth-config not fully implemented
Replies: 1
Views: 581

Re: WiFi-qcom 7.15.2 auth-config not fully implemented

Can you share your (relevant part of the) config in a working and non working situation?

Something like:
/interface/wifi export
by erlinden
Wed Jul 03, 2024 4:10 pm
Forum: General
Topic: Configuring cAP AX connected to CRS328 [SOLVED]
Replies: 5
Views: 1520

Re: Configuring cAP AX connected to CRS328 [SOLVED]

Well, as long as the bridge doesn't have VLAN filtering enabled, this won't work.
Have a look at this great topic for all your VLAN questions (and answers):

viewtopic.php?t=143620
by erlinden
Wed Jul 03, 2024 4:03 pm
Forum: Wireless Networking
Topic: Trying to configure capsman for wifi 6 devices
Replies: 24
Views: 2471

Re: Trying to configure capsman for wifi 6 devices

Can you check wether both routeros and wifi-qcom packages are installed (/system/packages) on both cAP AX's?
If they are...can you share the export of both cAP AX's?
by erlinden
Wed Jul 03, 2024 2:09 pm
Forum: Beginner Basics
Topic: ISP provided static IP, how to setup?
Replies: 4
Views: 599

Re: ISP provided static IP, how to setup?

In that case, please share your current config. Then we can do a quick check. Especially the firewall would be interesting.
/export file=anynameyoulike
Remove serial and any other private info.
by erlinden
Wed Jul 03, 2024 11:36 am
Forum: Beginner Basics
Topic: Setup additional Mikrotik as Ap and Switch
Replies: 4
Views: 629

Re: Setup additional Mikrotik as Ap and Switch

I think by resetting B to CAPS Mode your problem will be solved.

If you post the current B config, we can know for sure:
/export file=anynameyoulike
Remove serial and any other private info.
by erlinden
Wed Jul 03, 2024 10:40 am
Forum: Beginner Basics
Topic: Using the router as DNS for the guest network
Replies: 23
Views: 1366

Re: Using the router as DNS for the guest network

Can you share your current config?
/export file=anynameyoulike
Remove serial and any other private info.
by erlinden
Tue Jul 02, 2024 2:29 pm
Forum: Beginner Basics
Topic: How to open ports?
Replies: 12
Views: 1403

Re: How to open ports?

And less expensive (but more time consuming):
https://help.mikrotik.com/docs/display/ ... forwarding

If that doesn't work, port your complete config without serial and any other priivate info and post it here:
/export file=anynameyoulike
by erlinden
Mon Jul 01, 2024 9:15 pm
Forum: Wireless Networking
Topic: CAPsMAN AP disconnect
Replies: 6
Views: 668

Re: CAPsMAN AP disconnect

Never mix country, in your case France and United States. Why did you specify two (instead of four) channels? Is there no interference? On a slave configuration you can't specify Country and Tx-Power, this is only set on the master radio/interface. @meiki, if you want to have fixed channels, there i...
by erlinden
Mon Jul 01, 2024 2:49 pm
Forum: Wireless Networking
Topic: sector client bandwidth test - fast upload - miserable download
Replies: 10
Views: 996

Re: sector client bandwidth test - fast upload - miserable download

How do you do bandwidth test? When using the builtin test, it will consume cpu power (and hence loose performance). In that case, better to use a tool like iPerf.

In regards to the antenna gain...just use the antenna gain. This will make sure that you remain within regulations.
by erlinden
Thu Jun 27, 2024 9:53 am
Forum: Announcements
Topic: v7.16beta [testing] is released!
Replies: 288
Views: 117161

Re: v7.16beta [testing] is released!

Thanks @holvoetn, will try this later today.

Update: Yes, this is indeed solving the issue I had.
by erlinden
Thu Jun 27, 2024 9:18 am
Forum: General
Topic: RB4011 + GPON
Replies: 2
Views: 379

Re: RB4011 + GPON

It depends (as always...).

Does your ISP support this?
Does your ISP use AON or XGS-PON? Both are supported but the latter is more expensive.
by erlinden
Wed Jun 26, 2024 10:13 pm
Forum: Announcements
Topic: v7.16beta [testing] is released!
Replies: 288
Views: 117161

Re: v7.16beta [testing] is released!

I'm running into the "client was disconnected because could not assign vlan". Is this due to the fact I'm running hybrid (both wifi-qcom and wifi-qcom-ac? Didn't have this with an wifi-qcom-ac only environment. Yes, I'm using FT. Would setting ft-preserve-vlanid to yes make sense in this c...
by erlinden
Wed Jun 26, 2024 3:43 pm
Forum: General
Topic: Dynamic Isp dhcp address
Replies: 3
Views: 280

Re: Dynamic Isp dhcp address

Can you please share your config (hAP ax3):
/export file=anynameyoulike
Remove serial and any other private info and post in between code tags by using the </> button.
by erlinden
Wed Jun 26, 2024 11:41 am
Forum: General
Topic: Dynamic Isp dhcp address
Replies: 3
Views: 280

Re: Dynamic Isp dhcp address

This process should be automatic. Do you use a PPPoE connection, or is it standard DHCP?
Where is the RB connected to (and how)?
Are there any requirements from the ISP in regards to running your own router?
What ISP do you have?
by erlinden
Tue Jun 25, 2024 1:36 pm
Forum: Wireless Networking
Topic: Trouble Configuring CAPsMAN for Public Wi-Fi with VLAN on Mikrotik and Fortigate
Replies: 17
Views: 1553

Re: Trouble Configuring CAPsMAN for Public Wi-Fi with VLAN on Mikrotik and Fortigate

Just to summarize: Fortigate offers VLAN ID 3 for public Wi-Fi. Any other VLAN ID (or untagged) for anything else? That is offered to the RB5009, right? But there is no VLAN set on the WAN interface, right? You have to come up with a network diagram, showing all VLAN ID's and the Fortigate, RB5009 a...
by erlinden
Tue Jun 25, 2024 10:15 am
Forum: General
Topic: Weird Wifi connection
Replies: 4
Views: 392

Re: Weird Wifi connection

Can you also post the config of the cAP AX?
If you post it in between code tags (by using the </> button), it will become more readable.
by erlinden
Mon Jun 24, 2024 3:59 pm
Forum: Beginner Basics
Topic: Port Forwarding not working
Replies: 8
Views: 1064

Re: Port Forwarding not working

add action=dst-nat chain=dstnat comment=NAT_To_Qbittorrent dst-address-list=PublicDNS dst-port=55111 log=yes protocol=tcp to-addresses=192.168.5.39 to-ports=8080 Is your PublicDNS indeed your public IP address? Which rule is logging the mentioned log entry? Is there anything responding on 192.168.5...
by erlinden
Mon Jun 24, 2024 1:19 pm
Forum: Beginner Basics
Topic: Port Forwarding not working
Replies: 8
Views: 1064

Re: Port Forwarding not working

add action=drop chain=forward comment="defconf: drop all from WAN not DSTNATed" connection-nat-state=!dstnat connection-state=new in-interface=ether1 Because you are using a pppoe connection, your in-interface above is incorrect. Why was the connection-state added? It will probably work w...
by erlinden
Mon Jun 24, 2024 10:32 am
Forum: Wireless Networking
Topic: Trying to configure capsman for wifi 6 devices
Replies: 24
Views: 2471

Re: Trying to configure capsman for wifi 6 devices

In my opinion, the error(s) lies in the CAP. For example, it lacks configuration.manager=capsman on the wifi devices of the CAP. Please add it. Or, better, reset to CAP mode. Fully agree on this, reset the cAP ax's to CAPS Mode: https://help.mikrotik.com/docs/display/UM/cAP+ax or /system/reset conf...
by erlinden
Mon Jun 24, 2024 9:18 am
Forum: Wireless Networking
Topic: AX device won't show TX power in Wifi
Replies: 12
Views: 1016

Re: AX device won't show TX power in Wifi

It is able with the new driver, have you added the Tx Power as column?
by erlinden
Fri Jun 21, 2024 8:43 am
Forum: General
Topic: cAPax - think and passion!
Replies: 24
Views: 1575

Re: cAPax - think and passion!

I don't know, but the conditions are the same, ~15m. distance and one wall. cAPac works at both frequencies better, achieving double and triple the data transfer!
Then I can make you a great offer: I'll trade my cAP ac's for your cAP AX's.
Everyone happy!

:-D
by erlinden
Fri Jun 21, 2024 8:25 am
Forum: Beginner Basics
Topic: Mikrotik Switch - How to bind to VLAN and make itself (e.g. webfig) accessible to devices connected to it? [SOLVED]
Replies: 4
Views: 1887

Re: Mikrotik Switch - How to bind to VLAN and make itself (e.g. webfig) accessible to devices connected to it? [SOLVED]

An export of the current attempt would be very helpfull:
/export file=anynameyoulike
Remove serial and any other private info.

Also add model number and version of RouterOS.

Your (anyones) VLAN reference (which should be obliged to read):
viewtopic.php?t=143620
by erlinden
Thu Jun 20, 2024 3:53 pm
Forum: General
Topic: cAPax - think and passion!
Replies: 24
Views: 1575

Re: cAPax - think and passion!

In addition to holvoetn great respons:

Specifically on the 2.4GHz radio, you want to use frequencies 2412, 2437 and 2462 and a channelwidth of 20MHz.
This will prefent interference as much as possible, but still be present.
by erlinden
Thu Jun 20, 2024 1:33 pm
Forum: Wireless Networking
Topic: WIfiWave2 capAC
Replies: 2
Views: 652

Re: WIfiWave2 capAC

For those interested: Hello dear people, I have a mixed environment cap AC, cap AC XL and cap AX. My Capsman runs on an RB5009, currently as Capsmanv1 and a CapsmanV2. All AX are integrated in v2 and work there without any problems. The AC and AC XL are still running in v1 because I have big problem...
by erlinden
Thu Jun 20, 2024 1:21 pm
Forum: General
Topic: CSR310-8G+2S+IN dead on arrival?
Replies: 2
Views: 288

Re: CSR310-8G+2S+IN dead on arrival?

You pressed the reset button before power is applied? Hold this button during boot time until the user LED light starts flashing, and release the button to reset the RouterOS configuration. Keep holding the button for 5 more seconds or until the user LED turns off, then release it to make the Router...
by erlinden
Thu Jun 20, 2024 1:18 pm
Forum: Wireless Networking
Topic: WiFi repeater
Replies: 4
Views: 999

Re: WiFi repeater

Connect the two with cable and let CAPsMAN do its magic:
https://help.mikrotik.com/docs/display/ ... ionexample:

If the backbone has to be wireless, let one wifi interface work as station:
https://help.mikrotik.com/docs/display/ROS/WiFi (and search for station)
by erlinden
Thu Jun 20, 2024 9:47 am
Forum: General
Topic: cAPax - think and passion!
Replies: 24
Views: 1575

Re: cAPax - think and passion!

Seems there is a huge missmatch in experience between users.
Can you please show how you did configure the cAP AX, @JohnTRIVOLTA?
by erlinden
Wed Jun 19, 2024 6:11 pm
Forum: General
Topic: Too tight firewall rules? I'm lost!
Replies: 15
Views: 1556

Re: Too tight firewall rules? I'm lost!

Can you please post an export instead of a print?
/ip/firewall export
by erlinden
Wed Jun 19, 2024 6:09 pm
Forum: Wireless Networking
Topic: MikroTik hap ac lite slow wireless speed
Replies: 8
Views: 1101

Re: MikroTik hap ac lite slow wireless speed

Also set country code on both wifi interfaces.
by erlinden
Wed Jun 19, 2024 10:00 am
Forum: Wireless Networking
Topic: Capsman, ip from bridge before take from vlan
Replies: 7
Views: 1638

Re: Capsman, ip from bridge before take from vlan

Check the documentation and have a very good look at the "CAP using "wifi-qcom" package:" part: https://help.mikrotik.com/docs/display/ROS/WiFi#WiFi-CAPsMAN-CAPVLANconfigurationexample: /interface bridge add name=bridgeLocal /interface wifi datapath add bridge=bridgeLocal comment...
by erlinden
Wed Jun 19, 2024 9:58 am
Forum: Wireless Networking
Topic: CAPSMan with RB4011 and hAPax3
Replies: 2
Views: 567

Re: CAPSMan with RB4011 and hAPax3

No need for wireless package on the CAPsMAN. Make sure you are running 7.15.1 on all devices and configure through the wifi menu item. Make sure that the CAPses are in CAPS Mode (/system/reset configuration and check CAPS Mode). Here is the documentation: https://help.mikrotik.com/docs/display/ROS/W...
by erlinden
Wed Jun 19, 2024 9:54 am
Forum: Wireless Networking
Topic: WiFiWave2 Setup Help [SOLVED]
Replies: 2
Views: 1651

Re: WiFiWave2 Setup Help [SOLVED]

hAP ac lite is MIPSBE architecture. Indeed not possible to run wifiwave2.
by erlinden
Tue Jun 18, 2024 4:47 pm
Forum: Wireless Networking
Topic: WIFI Wave2 WPA2/WPA3
Replies: 11
Views: 9441

Re: WIFI Wave2 WPA2/WPA3

Turn on wireless debug logging, perhaps that will give you some insights.
by erlinden
Tue Jun 18, 2024 3:40 pm
Forum: Wireless Networking
Topic: Capsman, ip from bridge before take from vlan
Replies: 7
Views: 1638

Re: Capsman, ip from bridge before take from vlan

First thing I notice is that there is no VLAN filtering active on the CAPs bridge. Besides, there is a lot of non CAP config. What hardware do you use as CAP?
by erlinden
Tue Jun 18, 2024 12:24 pm
Forum: General
Topic: share wifi for mobile
Replies: 4
Views: 447

Re: share wifi for mobile

SXT 5 is a low cost, high transmit power 5GHz outdoor wireless device. SXT 5 can be used for point to point links or as a CPE for point to multipoint installations.
Think you are better of with an accesspoint:
https://mikrotik.com/products/group/wir ... and-office
by erlinden
Tue Jun 18, 2024 8:28 am
Forum: Wireless Networking
Topic: Capsman, ip from bridge before take from vlan
Replies: 7
Views: 1638

Re: Capsman, ip from bridge before take from vlan

By opening a new topic you did the first step.
Now, add some relevant information (export from CAPsMAN and CAP) to give us a clue:
/export file=anynameyoullike
Remove serial and any other private information.
by erlinden
Mon Jun 17, 2024 2:35 pm
Forum: General
Topic: Access to Mikrotik from wireguard peer
Replies: 6
Views: 470

Re: Access to Mikrotik from wireguard peer

Am I introducing any security issue with such solution?
That depends. Do you want all Wireguard peers to be able to connect to your router?
Why Wireguard not added to LAN by default?
Well...because that would be a very stupid default.
by erlinden
Mon Jun 17, 2024 1:19 pm
Forum: General
Topic: Multiple CAP radios causing problems for legacy devices?
Replies: 12
Views: 889

Re: Multiple CAP radios causing problems for legacy devices?

Are the radios using the same frequency?
by erlinden
Mon Jun 17, 2024 1:05 pm
Forum: General
Topic: Access to Mikrotik from wireguard peer
Replies: 6
Views: 470

Re: Access to Mikrotik from wireguard peer

Sounds like your firewall is blocking this traffic (which it should). Have you added the Wireguard interface to the LAN Interface List? Assuming you are using this Interface List in the firewall? Otherwise, please share your config: /export file=anynameyoulike Remove serial and any other private inf...
by erlinden
Mon Jun 17, 2024 10:29 am
Forum: General
Topic: Multiple CAP radios causing problems for legacy devices?
Replies: 12
Views: 889

Re: Multiple CAP radios causing problems for legacy devices?

I have both WPA2 PSK and WPA3 PSK enabled. What can be the problem here? Why? I ran into problems (with Apple) and decided to stick to WPA2-PSK only. I you enable wireless debug logging, you might get some additional information. Meanwhile, can you please share your config (/interface/wifi export)?
by erlinden
Sat Jun 15, 2024 9:29 am
Forum: Announcements
Topic: v7.15.3 [stable] is released!
Replies: 654
Views: 250566

Re: Upgrade Problems

Did anybody had a similar issue with this upgrade step?
Dude never worked for me (errors about incorrect files), upgrade through CAPsMAN works like a charm.

Sure that the path is correct and that the files are indeed in the correct folder?
by erlinden
Fri Jun 14, 2024 4:48 pm
Forum: Beginner Basics
Topic: Cap XL ac (no network) [SOLVED]
Replies: 16
Views: 2700

Re: Cap XL ac (no network) [SOLVED]

How did you power the cap?
by erlinden
Thu Jun 13, 2024 10:32 pm
Forum: General
Topic: Two Mikrotik wifi-lan sites in one subject
Replies: 2
Views: 319

Re: Two Mikrotik wifi-lan sites in one subject

Site-2-site VPN using i.e. Wireguard where all internet traffic is via VPN routed through one router. Something like that!?
by erlinden
Thu Jun 13, 2024 5:34 pm
Forum: Wireless Networking
Topic: Stuck with new wifi-"capsman"
Replies: 37
Views: 3555

Re: Stuck with new wifi-"capsman"

DHCP and Apple...could be lease time. Would help if you share the latest complete config of the device(s) running DHCP server and CAPsMAN.
Or combined WPA2-PSK and WPA3-PSK.

Yes...been there, done that.
by erlinden
Thu Jun 13, 2024 3:33 pm
Forum: General
Topic: Native vlan
Replies: 4
Views: 491

Re: Native vlan

You might want to consider not using VLAN ID 1.
Have a look at this topic with lots of explanation and examples:
viewtopic.php?t=143620
by erlinden
Thu Jun 13, 2024 3:10 pm
Forum: Wireless Networking
Topic: Stuck with new wifi-"capsman"
Replies: 37
Views: 3555

Re: Stuck with new wifi-"capsman"

really, this is not ready, mikrotik... I can assure you, based upon my experience, that it can be stable as rock. And that it has an incredible amount of options that can be (mis)configured. If you run into connection problems, there seems to be "something" that is interfering with your n...
by erlinden
Thu Jun 13, 2024 1:11 pm
Forum: Beginner Basics
Topic: ISP Bridge Mode cause issue on RB5009 [SOLVED]
Replies: 21
Views: 2786

Re: ISP Bridge Mode cause issue on RB5009 [SOLVED]

(to address or to port is mandatory for src-nat, so i couldn't apply this rule) That is new to me...the default rule is: /ip firewall nat add action=masquerade chain=srcnat out-interface-list=WAN Can you export a complete config? /export file=anynameyoulike Make sure to remove serial and any other ...
by erlinden
Thu Jun 13, 2024 11:32 am
Forum: General
Topic: Firewall doesn't drop new connections in forward (or did I do something wrong?)
Replies: 16
Views: 2430

Re: Firewall doesn't drop new connections in forward (or did I do something wrong?)

Can you use the export instead of print (to make it read friendly)?
/ip/firewall export
by erlinden
Thu Jun 13, 2024 11:29 am
Forum: Beginner Basics
Topic: ISP Bridge Mode cause issue on RB5009 [SOLVED]
Replies: 21
Views: 2786

Re: ISP Bridge Mode cause issue on RB5009 [SOLVED]

I would expect your client to use 10.0.0.1 as DNS server (as specified in /ip dhcp-server network). Why is it showing 9.9.9.9? Can you perform nslookup forum.mikrotik.com ? Can you post an ipconfig /all from this client? Can you also post a tracert 9.9.9.9 from this client? Assuming the client is a ...
by erlinden
Wed Jun 12, 2024 3:00 pm
Forum: Beginner Basics
Topic: ISP modem in bridge mode no internet coming from router
Replies: 5
Views: 772

Re: ISP modem in bridge mode no internet coming from router

I know that sometimes you have to wait some time befor you get an IP address behind a cable modem. What you can try is duplicate the MAC address of a working device to your MikroTik. Or just turn off the modem for 5 minutes, and (while the MikroTik is connected) turn the modem back on.
by erlinden
Wed Jun 12, 2024 2:04 pm
Forum: Wireless Networking
Topic: Upgrading CAP ax [SOLVED]
Replies: 5
Views: 2015

Re: Upgrading CAP ax [SOLVED]

Looks fine, might need to remove the backslash at the end:
/packages
by erlinden
Wed Jun 12, 2024 11:14 am
Forum: Wireless Networking
Topic: Stuck with new wifi-"capsman"
Replies: 37
Views: 3555

Re: Stuck with new wifi-"capsman"

HAP AX^3 Can you follow this link by the letter to see if you get it to work: https://youtu.be/37aff6d14Xk?feature=shared ok, so we can say, it doesn't make a difference if the capsman has its own wireless integrated, or, like my situation, the capsman is a vm with just 2 ethernetports and no own w...
by erlinden
Wed Jun 12, 2024 10:24 am
Forum: Wireless Networking
Topic: Stuck with new wifi-"capsman"
Replies: 37
Views: 3555

Re: Stuck with new wifi-"capsman"

Did you do this manually on the CAPsMAN?
/interface wifi
add name=cap-wifi1 radio-mac=D4:01:C3:94:99:A2
add name=cap-wifi2 radio-mac=D4:01:C3:94:99:A1
by erlinden
Wed Jun 12, 2024 10:04 am
Forum: Wireless Networking
Topic: Stuck with new wifi-"capsman"
Replies: 37
Views: 3555

Re: Stuck with new wifi-"capsman"

Can you please do a standard export instead of verbose?
by erlinden
Wed Jun 12, 2024 9:41 am
Forum: Beginner Basics
Topic: Config Thoughts?
Replies: 5
Views: 1007

Re: Verify my Firewall Config

Hi anav, thanks for your reply, I've updated the OP with the details you requested, thank you.
If you can put code tags around the config, it is more readable. Use the </> button to establish in the editor.
  • 1
  • 2
  • 3
  • 4
  • 5
  • 9