Community discussions

MUM Europe 2020

Search found 41 matches

by hrober
Mon Jan 23, 2012 8:18 pm
Forum: Forwarding Protocols
Topic: OSPF filter
Replies: 1
Views: 786

OSPF filter

Hi guys, I'm trying to filter some external routes using out-ospf chain but it isnt working. My scenario is: [RTR_1] -----[OSPF]----[Core Router]----[OSPF]----[Border Router] RTR_1 has a OSPF session's with Core Router and this one has a session with Border Router . I would like to filter advertisme...
by hrober
Fri May 27, 2011 8:01 pm
Forum: General
Topic: RouterOS v5.4 released
Replies: 118
Views: 31880

Re: RouterOS v5.4 released

may you tell us more about this problem ???

After upgrade to 5.2 I´m having some issues with auto-negotiation.
*) RB4xx ether1 port flapping fixed;
by hrober
Sat Mar 26, 2011 3:11 am
Forum: General
Topic: v5rc11 is out!
Replies: 68
Views: 14403

Re: v5rc11 is out!

I'm having some problems after the upgrade from version 4.13 (RB 433AH) to v5rc11. With v5rc11 wireless card (R52) stop working sometimes. The clients remain registered in AP, but there is no traffic on the card. To get things working again I need to disable and then enable the interface. This type ...
by hrober
Sat Dec 25, 2010 9:59 pm
Forum: Wireless Networking
Topic: Network topology
Replies: 1
Views: 582

Network topology

Maybe anothers network engineers may exchange yours experinece and help me to find a better network topology for my issue. Lets explain current scenario. We have bassically 3 networks in our enviroment. - The core network - The distribution network - The access network / last mile The question is re...
by hrober
Wed Sep 29, 2010 6:32 am
Forum: Wireless Networking
Topic: 802.1x on wired
Replies: 6
Views: 6949

Re: 802.1x on wired

It is not supported by RouterOS on wired or wireless interfaces. Of course the router also will not interfere with traffic between a supplicant, authenticator and authentication server unless you tell it to - it just cannot be any of the three itself. So, for example, if you're looking to deploy sw...
by hrober
Tue Sep 21, 2010 3:30 am
Forum: Wireless Networking
Topic: 802.1x on wired
Replies: 6
Views: 6949

Re: 802.1x on wired

nothig ?
by hrober
Tue Jun 29, 2010 11:29 pm
Forum: General
Topic: Feature Request: IEEE802.1X for Ethernet ports
Replies: 5
Views: 2152

Re: Feature Request: IEEE802.1X for Ethernet ports

planned for... ?
by hrober
Mon Feb 15, 2010 2:56 am
Forum: General
Topic: Feature Request: IEEE802.1X for Ethernet ports
Replies: 5
Views: 2152

Re: Feature Request: IEEE802.1X for Ethernet ports

Really... this feature would be wonderful!

We would use RB 493 like a kind of low cost managed switch for outdoors environments (lampposts) ...
by hrober
Wed Jan 06, 2010 4:59 pm
Forum: General
Topic: graphs using pppoe server
Replies: 6
Views: 3741

Re: graphs using pppoe server

Freman,

Thanks a lot. It's really a very nice script.
by hrober
Fri Jun 05, 2009 10:36 pm
Forum: Beginner Basics
Topic: Winbox Source Code
Replies: 14
Views: 7431

Re: Winbox Source Code

there is no way to get access to source code....

but you could say us what the gui tool kit and what the programming language is used ?
by hrober
Mon Sep 08, 2008 9:15 pm
Forum: General
Topic: Radius PPPoE - Change queues dynamically
Replies: 8
Views: 3503

Re: Radius PPPoE - Change queues dynamically

Hi, I can't answer to your question, but I'm interesting why do you like to do this. I use freeradius + mt for pppoe, and if any changes (for example anybody forget to paid), I send a "kill" signal to the mt from radius server. So what is the problem with log out and re-log in? I use session timeou...
by hrober
Mon Sep 08, 2008 9:01 pm
Forum: General
Topic: Radius PPPoE - Change queues dynamically
Replies: 8
Views: 3503

Re: Radius PPPoE - Change queues dynamically

What's the radius type? Freeradius? If yes, freeradius don't support COA (Change of Authorization). You need COA for this function. I'm using freeradius as AAA server here. So, when I enable radius incoming on RouterOS, I can send some request to do some actions on RouterOS, right ? I can disconnec...
by hrober
Thu Sep 04, 2008 5:57 pm
Forum: General
Topic: Cpu Usage Vs encryption
Replies: 5
Views: 1843

Re: Cpu Usage Vs encryption

marceloru, In the last January I have started a migration process from almost two thousand of Wi-Fi costumers. The old Wi-Fi infrastructure were opened, no encryption must required and IP Addressing were fixed. Nowadays, we are using WPA2/AES with PSK, stored on radius server and tunneling our costu...
by hrober
Thu Sep 04, 2008 5:30 pm
Forum: General
Topic: Radius PPPoE - Change queues dynamically
Replies: 8
Views: 3503

Radius PPPoE - Change queues dynamically

Hi, Using PPPoE and Radius, can I change/update a queue without disconnect the PPPoE Tunnel ? something like remove it and re-read the queue attributes, or all radius replies packets. I know that is possible to write some scripts to remove queues, but my biggest problem is: RouterOS will read radius...
by hrober
Wed Jul 09, 2008 3:05 pm
Forum: General
Topic: PPPoE and Traffic Shaping
Replies: 1
Views: 735

PPPoE and Traffic Shaping

Hi Guys. Let me explain the scenario: 1. We are using PPPoE with radius server (AAA) 2. We have two kind of customers (PPPoE Clients), Home and Bussines 3. I need to find a solution to send 'home' users traffic for though specifics ¹ firewall rules is there some way to create dynamic firewall rules ...
by hrober
Wed Jun 25, 2008 4:52 pm
Forum: General
Topic: Auth WPA2/PSK agaist radius server
Replies: 12
Views: 7340

Re: Auth WPA2/PSK agaist radius server

Please update your Radius dictionary with new attribute
ATTRIBUTE       Mikrotik-Wireless-PSK               16       string
uldis,

Great! It works now!

I updated my Radius dictonary with this new attribute and added a new row in my radreply table.


Thanks
by hrober
Fri Jun 20, 2008 5:15 pm
Forum: General
Topic: Auth WPA2/PSK agaist radius server
Replies: 12
Views: 7340

Re: Auth WPA2/PSK agaist radius server

It is available from the beginning of version3.
I need to update my MkT Radius Dictionary to use this ? I'm trying here but radius says:
Failed to create the pair: Unknown attribute "Mikrotik-Wireless-Psk"
by hrober
Fri Jun 20, 2008 4:00 pm
Forum: General
Topic: Auth WPA2/PSK agaist radius server
Replies: 12
Views: 7340

Re: Auth WPA2/PSK agaist radius server

Use this attribute:
Mikrotik-Wireless-Psk
Will is avaiable on next release/beta version ?
by hrober
Mon Jun 09, 2008 3:38 pm
Forum: Wireless Networking
Topic: Deployment network issue
Replies: 2
Views: 990

Re: Deployment network issue

Why don’t you just access the access point using PPPoE client. My PPPoE Client does not a Access Point, most times, is a Desktop with Windows® XP Why not route instead of bridge? Because there are a lot of PPPoE clients behind it I need to access the bridge, not the client, access the PPPoE Client ...
by hrober
Mon Jun 02, 2008 10:44 pm
Forum: General
Topic: Auth WPA2/PSK agaist radius server
Replies: 12
Views: 7340

Re: Auth WPA2/PSK agaist radius server

It's a good ideia, but my wireless clients (the firmware) do not support EAP method.

I ask again,

why I cant auth PSK agaist radius ? are there technical problems that make it impossible ?
by hrober
Mon Jun 02, 2008 8:15 pm
Forum: General
Topic: Auth WPA2/PSK agaist radius server
Replies: 12
Views: 7340

Auth WPA2/PSK agaist radius server

Today I use 'Access List' to specify a different WPA2/PSK keys to my custumers, Its so hard. Is there way of the use radius to store the keys ?
by hrober
Mon May 12, 2008 11:33 pm
Forum: Wireless Networking
Topic: Deployment network issue
Replies: 2
Views: 990

Deployment network issue

Hi guys, Today I have a wireless network with PPPoE, It's work fine, no problems and great performance, using PPPoE + WPA2, That's okay. Let me explain my doubt, sometimes I install a unique antenna to a building, with a lot of custumers, then I active PPPoE-Relay on my bridge (wireless client) and ...
by hrober
Thu Mar 27, 2008 2:40 pm
Forum: Wireless Networking
Topic: WPA2/PSK performance
Replies: 2
Views: 1003

WPA2/PSK performance

Hi guys,

I am thinking to deploy a point-multi-point with WPA2/PSK. What can you say about performance ?

Anyone can share your (yours) success cases ?
by hrober
Thu Mar 20, 2008 8:36 pm
Forum: General
Topic: 3.6 problem with install
Replies: 0
Views: 477

3.6 problem with install

Hi guys I am trying install RouterOS 3.6 (3.4, 3.5, 3.4 too) in a motherboard VIA (A7V600/FS), but the boot process always stop after "Loading drivers" message. When I install RouterOS in another machine (same version, using same CD), and move the flash card to VIA motherboard, It works. anyone can ...
by hrober
Tue Mar 18, 2008 7:16 pm
Forum: Wireless Networking
Topic: Two or more PSK per profile
Replies: 4
Views: 1147

Re: Two or more PSK per profile

uldis,

can I use a radius server to store the keys ? instead the RouterOS AP looks to the 'Access List' It looks (request) to radius ?

Is it possible ?
by hrober
Fri Mar 14, 2008 10:06 pm
Forum: Wireless Networking
Topic: Two or more PSK per profile
Replies: 4
Views: 1147

Re: Two or more PSK per profile

uldis, Thanks for reply.

is there a way of the use "dynamic" PSK in acess-list ? because I dont want stay adding manual keys or other way using radius with PSK ? What do you suggest ?
by hrober
Thu Mar 13, 2008 8:22 pm
Forum: Wireless Networking
Topic: Two or more PSK per profile
Replies: 4
Views: 1147

Two or more PSK per profile

Hi guys, I would like to use a WPA/WPA2 with PSK or EAP authentication type, but at work we make excessive use from a kind of router that not suport the EAP with WPA, just suport (WPA/WPA2 with PSK), so, I need know if has a way to use one more PSK in the same profile, because I would not like the s...
by hrober
Mon Feb 11, 2008 1:42 pm
Forum: Wireless Networking
Topic: RouterOS V3.1 stops forwarding traffic on 2.4GHz interface
Replies: 28
Views: 2669

Re: RouterOS V3.1 stops forwarding traffic on 2.4GHz interface

Hi all,
I can report the same problem using intel based arch. In this tower, I'm using MkT 3.1 with 3 cards Atheros AR5213.

In 3.2 changelog, there is a fixed bug: "fixed wireless transmit lockup detection". What does it means ? are the same problem ?


regards
by hrober
Mon Nov 19, 2007 7:53 pm
Forum: General
Topic: freeradius and simultaneous logins
Replies: 5
Views: 6623

Re: freeradius and simultaneous logins

hey guys thanks for replies. I solved this problem fallowing this steps: I edited sql.conf. uncommented this line: simul_count_query = "SELECT COUNT(*) FROM ${acct_table1} WHERE UserName='%{SQL-User-Name}' AND AcctStopTime = 0" After, in radcheck: UserName attribute op value foo@foo.com.br Simultane...
by hrober
Fri Nov 16, 2007 8:48 pm
Forum: General
Topic: freeradius and simultaneous logins
Replies: 5
Views: 6623

freeradius and simultaneous logins

Hi guys,

I'd like know how make to allow only login simulaneous with freeradius and pppoe. I found Simultaneous-Use attribute, but I not found it in freeradius documentation and I not see it in freeradius dictionaries.

thank you.
by hrober
Wed Nov 14, 2007 7:20 pm
Forum: General
Topic: PPPoE and blocking customer
Replies: 7
Views: 1207

Re: PPPoE and blocking customer

I have to suspect that if they can't login to your network, they'll call and you can tell them the reason they're blocked that way. :) If you let them on your network, I'd recommend that you at least assign them an IP that you don't route to the Internet. Then route all traffic from that IP network...
by hrober
Tue Nov 13, 2007 9:00 pm
Forum: General
Topic: PPPoE and blocking customer
Replies: 7
Views: 1207

Re: PPPoE and blocking customer

If they're authenticating to your network via PPPoE, why don't you simply change their password to block them?
Because I need redirect all http traffic to my http-server warning the customers about the reason of block.

thank you
by hrober
Tue Nov 13, 2007 1:20 pm
Forum: General
Topic: PPPoE and blocking customer
Replies: 7
Views: 1207

Re: PPPoE and blocking customer

With PPPoE you can still give your users static ip. t3rm thx for reply, I know this feature, but in this way, I'll must create static firewall rules. I'd like to create rules dynamically. Something like it: "change radius attribute and user traffic go to block chain on the firewall" I found the Fil...
by hrober
Mon Nov 12, 2007 3:39 pm
Forum: General
Topic: PPPoE and blocking customer
Replies: 7
Views: 1207

PPPoE and blocking customer

Hi guys. I'm thinking to migrate my network to PPPoE, delivering ip automaticaly (pool of ips, not fixed). Today I block a customer with some firewall rules on the gateway (ip addressing is fixed today), redirecting all http request to page warning about the reason of block. With PPPoE, using randon...
by hrober
Fri May 11, 2007 5:51 am
Forum: General
Topic: Winbox - How Mac based connection works ?
Replies: 21
Views: 2508

My English is so bad ??? @_@

I'm speaking about Mac Address (Media Access Control) and not of MacOs (Operation system developed by Apple)
by hrober
Fri May 11, 2007 3:42 am
Forum: General
Topic: Winbox - How Mac based connection works ?
Replies: 21
Views: 2508

Winbox - How Mac based connection works ?

Hi guys,

I have a doubt about winbox mac based connection works.

What's the process that winbox perform to establish a "TCP/MAC" connection with device ?

Anyone can give more details about it ?
by hrober
Thu Apr 26, 2007 2:08 am
Forum: Wireless Networking
Topic: Mac Auth - more one
Replies: 1
Views: 641

Mac Auth - more one

Hi guys,

I'm more one doubt about mac authentication with radius.

Today, I using MT 2.9 with mac auth via freeradius, I would like know if possible delivery an ip address through radius after the customer be authenticated, It's possible ?
by hrober
Wed Apr 11, 2007 4:03 pm
Forum: Wireless Networking
Topic: Mac Auth
Replies: 4
Views: 1052

Yes, you can do that... FreeRadius example: 00:00:00:00:00:00 Auth-Type := Accept, User-Password == "", NAS-Port-Id == "CARD NAME" Service-Type = Framed-User, Framed-Protocol = PPP, Framed-MTU = 1500, Framed-Compression = Van-Jacobsen-TCP-IP, Ascend-Data-Rate = 256, (if want specify down rate) Asce...
by hrober
Fri Apr 06, 2007 4:29 pm
Forum: Wireless Networking
Topic: Mac Auth
Replies: 4
Views: 1052

Mac Auth

Hi guys. I'm using MT with three atheros card in ap-bridge mode, this cards sharing the same SSID and have distinct channel numbers. With access-list option, I can allow that one mac-address connect in a specify card only. My ask In Mac authentication, via Radius server, is possible specify the card...
by hrober
Sun Mar 25, 2007 5:30 pm
Forum: Wireless Networking
Topic: area property doubt
Replies: 0
Views: 465

area property doubt

Hi guys,

I'm with a doubt about area property work.

Mikrotik docs says that AP compare area-prefix sent for client to make decision wheter allow or not allow the client connect.

This feature just work when the client is one Mk station or simple PCIs cards work too ?
by hrober
Mon Nov 06, 2006 3:56 pm
Forum: Scripting
Topic: name[=value] - get value
Replies: 2
Views: 1410

name[=value] - get value

How get value of the name[=value] into script ?

IE.
{
/ip address add address=$ipaddress interface=ether1
}
The line command:
myscript ip=192.168.0.2
(sorry for bad english)