Is the issue with SFP interfaces fixed in this release? Changelog suggests so but can anyone confirm? Hi All, My router issue described in this post https://forum.mikrotik.com/viewtopic.php?f=21&t=161887&p=799044&hilit=sfp#p799044 isn't resolved with upgrade to 6.47.1, still had to roll...

On my hAP ac I have a major issue with 6.47. I had to rollback to 6.46.6. On 6.47, my SFP module is no longer detected. It is a module ONT SERCOMM FGS202. It's my first regression whith Mikrotik :-) Same issue with CRS125-24G-1S-RM. ROS 6.47, SFP ONU GePON is not detected any more. Rollback to 6.46...

On my hAP ac I have a major issue with 6.47. I had to rollback to 6.46.6. On 6.47, my SFP module is no longer detected. It is a module ONT SERCOMM FGS202. It's my first regression whith Mikrotik :-) Same issue with CRS125-24G-1S-RM. ROS 6.47, SFP ONU GePON is not detected any more. Rollback to 6.46...

Regarding protocol 47. Tested on CHR 6.45.1 (stable) with no default configuration. Added the folowing 3 filters: /ip firewall filter add action=passthrough chain=input connection-state=invalid protocol=gre add action=passthrough chain=input connection-state=new protocol=gre add action=passthrough ...

I agree with sindy and pe1chl. To my mind "IP/Firewall/Connection tracking" in RoS is equivalent of RHEL 'conntrack-tool' which operate with raw network packets that get into firewall processing and try to bind each packet to 'new/established/related/untracked' connection state in terms of...

It is not possible to say which is the "correct" way because the firewall rules form up an inter-dependent system: if you have no firewall rules at all (which is by no means recommended, just to illustrate the case), any packet from anywhere, including the GRE ones, will be accepted, beca...

Can't you use HiLink mode? It works OK. Of course it has the disadvantage of an extra NAT layer.

I have extended my post, with highlights of direct IP assignment limitation in HiLink. Huawei's NAT usually causes different problems with IPSec even with DMZ feature enabled ;(

Mikrotik, hello from 2019 ;) e3372h + HAPac is still popular cheap solution to bring small offices online, or get fast occasional backup link at least in the east EU. Is there any plans to support stick e3372h firmware (21.XXX) in full speed modes like NCM, NDIS? HiLink firmware (22.XXX) is limited ...

Hi Colleagues, After reading the whole topic and testing using my own prod ;) ("CRS326-24G-2S+" < GRE over IKEv2 tunnel > "HAPac") site it is still unclear for Me which firewall configuration expected to be 'proper' since fixing CVE-2014-8160 in RoS 6.45.1 My observations after u...

Dear Sindy,
Thank you very much for such a prompt hint. It works like a charm!

Resolved.

Hi All, WAN network scheme is the following: RESPONDER: CRS326-24G-2S+ (RoS 6.44.3) connected via two separate ISPs, public IP addresses('Public_IP0', 'Public_IP1') assigned on RoS side, policy based routing is configured. INITIATOR: hAPac (RoS 6.44.3) connected via 3G modem, private IP address assi...

JFH: From [Ticket#2019050122001921] > Unfortunately, it seems that MAC-based VLAN setup is not possible when packets are forwarded to switch CPU port (bridge), > it works as expected when forwarding between switch ports. We will see if this could be improved in further RouterOS versions, but I canno...

Hi, I have tried to set 'pvid=1' for the access port from my example (eth24-mgmt) as suggested by guy from Russian mikrotik chat in Telegram, but it didn't change situation much, switch rule still ignored and override by port's pvid. I have also made several packets sniff over 'br0-local' bridge , w...

HI Guys, I have a problem with using MAC based VLAN feature on my CRS326-24G-2S+RM My setup is the following: 'dhcp-server5-guest' listens on 'vlan32-guest' VLAN interface (VLAN-ID=32) created on top of 'br0-local' bridge(PVID=30). Behind one of the access ports 'eth24-mgmt'(PVID=99), placed WIFI ro...

Hi, I have fixed this problem via replacing RS232 controller chip SPIEX SP3243 http://www.farnell.com/datasheets/71003.pdf Most probably it was broken by some ESD on RS232 connector when RB was detached from grounding. As a prevention measure I have set-up additional permanent grounding wire to the ...

Hi, My rb435g has stopped respond on key pressing in serial console session. I am using null-modem cable and "baud-rate=115200 data-bits=8 parity=none stop-bits=1 flow-control=none" port settings on RB and PC sides. Serial connection was working normally for ~1year using described settings...

Hi All, I have noticed that my RB435G(RouterOS 5.19) has 1723/ tcp port is opened by default. I am not using any pptp features now, and want to close it. ===== [$]> sudo nmap -P0 XXX.XXX.XXX.XXX Starting Nmap 6.00 ( http://nmap.org ) at 2013-07-18 21:34 EEST Nmap scan report for XXX.XXX.XXX.XXX Host...