Community discussions

Search found 70 matches

  • 1
  • 2
by grusu
Thu Aug 09, 2018 11:02 am
Forum: Scripting
Topic: Blacklist Filter (Development Topic)
Replies: 61
Views: 2730

Re: Blacklist Filter (Development Topic)

Dave, Have you considered using external to your network honeypots as source of offending IPs? I use as the first frontier such RAW drop rules and all the time there are some IPs on the list of attackers. add action=add-src-to-address-list address-list=RAWATTACK2 address-list-timeout=127m chain=pre...
by grusu
Tue Aug 07, 2018 3:30 pm
Forum: Scripting
Topic: Blacklist Filter (Development Topic)
Replies: 61
Views: 2730

Re: Blacklist Filter (Development Topic)

Hi Dave,

In first list first address is 255.255.255.255 . Is that right?

Thanks,
Geo
by grusu
Tue Aug 07, 2018 8:22 am
Forum: Announcements
Topic: Winbox vulnerability: please upgrade
Replies: 108
Views: 10879

Re: Winbox vulnerability: please upgrade

As far as I can see in the first picture, the sys user can log only from IP 127.0.0.1 so you can only try from the serial port.
by grusu
Fri Aug 03, 2018 10:46 am
Forum: Announcements
Topic: v6.43rc [release candidate] is released!
Replies: 491
Views: 64669

Re: v6.43rc [release candidate] is released!

Hi,

Something is wrong with the Hash Algorithms in Peer Proposal setting in v6.43.51:
Peer Proposal mismatch.PNG
If I have to set the SHA1 algorithm, in WinBox I have to set md5.
by grusu
Tue May 29, 2018 11:01 am
Forum: Wireless Networking
Topic: RB962UiGS-5HacT2HnT hAP ac capacity problem
Replies: 23
Views: 790

Re: RB962UiGS-5HacT2HnT hAP ac capacity problem

Ok but I can do about 5 pm. I have default configuration wifi 20/40/80 MHz Ceee. I don't know why is this problem. This model Mikrotik will be no problem 200-300 Mbit/s 5GHz yes? 2 meters to router. If you did the test between your computer and a WAN site you are limited by the 100 Mbps WAN connect...
by grusu
Thu May 17, 2018 1:15 pm
Forum: RouterBOARD hardware
Topic: New : RB760IGS - HEX-S
Replies: 36
Views: 6211

Re: New : RB760IGS - HEX-S

How about RM(rackmount) version of Hex?
Better a frame in which to put up to 3 pieces.

Something like that:
IMG_20180517_131251.jpg
by grusu
Mon Apr 23, 2018 2:43 pm
Forum: Announcements
Topic: Advisory: Vulnerability exploiting the Winbox port [SOLVED]
Replies: 204
Views: 94055

Re: Advisory: Vulnerability exploiting the Winbox port

What do do : 1) Firewall the Winbox port from the public interface, and from untrusted networks. It is best, if you only allow known IP addresses to connect to your router to any services, not just Winbox. We suggest this to become common practice. As an alternative, possibly easier, use the "IP ->...
by grusu
Tue Apr 03, 2018 8:38 pm
Forum: The User Manager
Topic: User Managger now available MMIPS, ARM HEX devices? [SOLVED]
Replies: 2
Views: 305

Re: User Managger now available MMIPS, ARM HEX devices? [SOLVED]

User Manager is available in 6.42rc RouterOS version.
by grusu
Mon Mar 26, 2018 8:47 am
Forum: RouterBOARD hardware
Topic: Mode button on devices
Replies: 2
Views: 437

Re: Mode button on devices

Hi, I have a question what is the mode button on the routers (for example at top of RB 941) - foto in attachment When I press the button, there is no action (default and empty configuration). Thank you in advance for your help I have tested on cAP AC in 6.42 RouterOS version and it works: /system r...
by grusu
Sat Mar 24, 2018 9:18 am
Forum: Announcements
Topic: v6.41.3 [current]
Replies: 139
Views: 20751

Re: v6.41.3 [current]

Hi, just bricked two of my three RB962UiGS-5HacT2HnT by upgrading from 6.41.2 to 6.41.3. I did the following steps - as I did with the last update: 1. uploaded routeros-mipsbe-6.41.3.npk 2. reboot 3. uploaded active modules - advanced-tools-6.41.3-mipsbe.npk - dhcp-6.41.3-mipsbe.npk - ipv6-6.41.3-m...
by grusu
Wed Mar 14, 2018 9:25 pm
Forum: Wireless Networking
Topic: What it means "Channel Width 20/40/80MHz XXXX"
Replies: 3
Views: 1135

Re: What it means "Channel Width 20/40/80MHz XXXX"

I am referring to this:
xxxx.PNG
xx_xxx.PNG
by grusu
Wed Mar 14, 2018 9:14 am
Forum: Wireless Networking
Topic: What it means "Channel Width 20/40/80MHz XXXX"
Replies: 3
Views: 1135

What it means "Channel Width 20/40/80MHz XXXX"

I have found this feature in RouterOS v. 6.42rc41 on cAP AC.

Thanks!
by grusu
Wed Mar 14, 2018 8:47 am
Forum: RouterBOARD hardware
Topic: CAP ac bad Antenna design?
Replies: 95
Views: 12950

Re: CAP ac bad Antenna design?

Distance is already set "indoors" and, if I try to set Tx Power to "manual" or "card rates" does not work. Only the "all rates fixed" option seems to work. I have better performance but only in 2.4GHz if I disable the 5GHz interface. For 5GHz I have no improvement even if I set Tx Power at 17dBm. In...
by grusu
Tue Mar 13, 2018 3:55 pm
Forum: RouterBOARD hardware
Topic: When will MikroTik hAP ac2 be released?
Replies: 20
Views: 1483

Re: When will MikroTik hAP ac2 be released?

You can use localy available power supply instead of the packed one. You can also request your local dealer to solve the problem if the plug type doesn't correspond to your local regulations. I haven't thought of buying a locally available power supply, but that could work. However, I think buying ...
by grusu
Tue Mar 13, 2018 10:26 am
Forum: RouterBOARD hardware
Topic: CAP ac bad Antenna design?
Replies: 95
Views: 12950

Re: CAP ac bad Antenna design?

For all you have trouble with wireless throughput please check if have both chains checked on wifi interfaces.
I found when I configured cAP AC set as follows:
cAP AC.PNG
However, with the two chains checked, the speed is smaller than it should. I hope this will improve in future RouterOS versions.
by grusu
Tue Feb 27, 2018 10:21 am
Forum: RouterBOARD hardware
Topic: CRS328-24P-4S+RM Max Power consumption [SOLVED]
Replies: 1
Views: 298

Re: CRS328-24P-4S+RM Max Power consumption [SOLVED]

CRS328-24P-4S+RM is POE Out switch. Is the maximum power consumption of the switch with all ports active and POE Out ON (but no POE devices connected).

POE OUT consumption can be up to 450W in accordance with Quick Guide:
https://i.mt.lv/routerboard/files/15196 ... lus-qg.pdf
by grusu
Fri Sep 08, 2017 9:02 am
Forum: General
Topic: Files erased from Flash after reboot
Replies: 4
Views: 1079

Re: Files erased from Flash after reboot

This type of equipment has only 16MB of flash. Everything you save in "/" is actually saved in RAM in fact. If you want to keep files save them in "/flash" but be careful that the space is limited.
Or add a USB stick and save it there.
by grusu
Sat Jul 22, 2017 12:17 pm
Forum: Wireless Networking
Topic: radar detected problems
Replies: 42
Views: 7975

Re: radar detected problems

I have a client to whom I have built wireles solution with APs from Mikrotik. With new RouterOS versions it was not possible to make a setup that works. The company is in a hall next to which is a tower full of apartments and so many wireless networks. Mikrotik AOsalways detects radars and trying to...
by grusu
Fri Jul 14, 2017 1:31 pm
Forum: Announcements
Topic: SwOS version 2.4 released!
Replies: 3
Views: 2104

Re: SwOS version 2.4 released!

Hi becs,

When I try to upgrade CSS326-24G-2S+RM from the interface, the "Download & Upgrade" button is grayed out and Latest Available Version is 2.5rc2.

Best regards,
Geo
by grusu
Tue Feb 21, 2017 3:49 pm
Forum: General
Topic: Exclude MAC from DHCP
Replies: 6
Views: 452

Re: Exclude MAC from DHCP

And you can use option 121 to set default route and gateway for client.
by grusu
Tue Feb 21, 2017 3:37 pm
Forum: General
Topic: Exclude MAC from DHCP
Replies: 6
Views: 452

Re: Exclude MAC from DHCP

Make lease static for that MAC and set "Block Access".
by grusu
Thu Jan 26, 2017 9:44 pm
Forum: Wireless Networking
Topic: wAP AC
Replies: 1
Views: 447

Re: wAP AC

http://wiki.mikrotik.com/wiki/Manual:Configuration_Management "The configuration backup can be used for backing up MikroTik RouterOS configuration to a binary file, which can be stored on the router or downloaded from it using FTP for future use. The configuration restore can be used for restoring t...
by grusu
Mon Dec 19, 2016 2:05 pm
Forum: RouterBOARD hardware
Topic: HAP AC
Replies: 540
Views: 119898

Re: HAP AC

Hello everyone, i used Mikrotik devices over the last couple years and they have been very stable for me. My last configuration was my RB2011 as gateway and capsman in combination with a hAP Accesspoint. This configuration was stable but my neighbors seems to get a new wlan ap or printer every day ...
by grusu
Mon Dec 05, 2016 9:10 am
Forum: RouterBOARD hardware
Topic: Firmware version
Replies: 12
Views: 1224

Re: Firmware version

Hello, I don't know. I buy it to other person, maybe he could install RC.

Which is the stable firmware for this devices? Could I update it manually?

Best regards.

Which RouterOS version is on each SXT?
by grusu
Fri Oct 07, 2016 10:47 pm
Forum: RouterBOARD hardware
Topic: New CPU - new product RB750Gr3 - RB750G family - now mmips
Replies: 178
Views: 54018

Re: New CPU - new product RB750Gr3 - RB750G family - now mmips

It would be great! Can anyone from mikrotik confirm that?
You can see more clearly here:

http://www.roc-noc.com/images/D/rb750Gr3_l_1200px.png
by grusu
Fri Oct 07, 2016 8:43 pm
Forum: RouterBOARD hardware
Topic: New CPU - new product RB750Gr3 - RB750G family - now mmips
Replies: 178
Views: 54018

Re: New CPU - new product RB750Gr3 - RB750G family - now mmips

Exactly! 4g is best option for most people in Europe to get dual WAN failover. I can get 15gb for as low as 5€ /month.
I really can't understand lack of USB in 750 and 850gx2 (and sfp cage in this).

If you go back to the first post you will see a USB port in the photo.
by grusu
Tue Jul 26, 2016 9:28 am
Forum: SwOS
Topic: RB260GSP, but PoE options missing from web GUI
Replies: 15
Views: 5004

Re: RB260GSP, but PoE options missing from web GUI

Ps. Running OS 1.14.  I tried finding a download area to see if a newer firmware is available, but was unable to find it anywhere on your site.
http://www.mikrotik.com/download
You'll find below, in the SwitchOS section. Be sure to use right version.
by grusu
Wed Jul 20, 2016 1:03 pm
Forum: SwOS
Topic: Powering RB260GS from PoE
Replies: 1
Views: 655

Re: Powering RB260GS from PoE

http://routerboard.com/RB260GS You can use 9 - 30V power supply on eth 1 port. And yes,  RBGPOE do the work. I suggest you to use power supply with larger allowable voltage value (24 - 30V) so cable losses to be as small as possible. Anyway, 12V power supply included is quite enough to be used with ...
by grusu
Mon Jul 04, 2016 8:20 pm
Forum: Beginner Basics
Topic: PPTP traffic not triggering firewall rule???
Replies: 4
Views: 542

Re: PPTP traffic not triggering firewall rule???

maara,

Trust me and try what I said. Your PPTP clients connect to 192.168.3.1 which is an internal address of the router.
Traffic does not pass through forward chain.  I checked on one of my routers.
by grusu
Mon Jul 04, 2016 4:04 pm
Forum: Beginner Basics
Topic: PPTP traffic not triggering firewall rule???
Replies: 4
Views: 542

Re: PPTP traffic not triggering firewall rule???

If you want to block this type of traffic I think you have to block on input chain.
by grusu
Wed Jun 29, 2016 11:52 pm
Forum: Forwarding Protocols
Topic: Blacklisting SPAM
Replies: 21
Views: 8007

Re: Blacklisting SPAM

Even mikrotik routers are connecting out silently without telling you. It's not useless to have firewall rules in output chain.
Hi Jarda,
I absolutely agree with you. I have referred strictly to this case.
by grusu
Wed Jun 29, 2016 8:22 pm
Forum: Forwarding Protocols
Topic: Blacklisting SPAM
Replies: 21
Views: 8007

Re: Blacklisting SPAM

My mistake ... easy to fix if someone is following this thread add chain=output protocol=tcp dst-port=25,110,465...and_other+ports... action=add-src-to-address-list comment="add src smtp" add chain=forward protocol=tcp dst-port=25,110,465...and_other+ports... action=add-src-to-address-list comment=...
by grusu
Wed Jun 29, 2016 4:39 pm
Forum: Forwarding Protocols
Topic: Blacklisting SPAM
Replies: 21
Views: 8007

Re: Blacklisting SPAM

And you can have one rule combined for all add chain=udp protocol=tcp dst-port=25,110,465...and_other+ports... action=add-src-to-address-list comment="add src smtp" "chain=udp" is wrong. You can try to block spammers with rules like these: [color=black][font=monospace, Courier]/ip firewall filter[/...
by grusu
Tue Jun 14, 2016 2:50 pm
Forum: RouterBOARD hardware
Topic: RB3011UiAS-RM
Replies: 101
Views: 45742

Re: RB3011UiAS-RM

With the latest software update 6.36rc28 my RB3011 doesn't see any usb devices. With current version it works fine.
I can confirm. I tried with several USB device and does not work on 6.36rc28. All works fine in 6.35.4
by grusu
Tue Jun 07, 2016 8:24 am
Forum: Beginner Basics
Topic: Port Scan Blocking Firewall Rule not Working
Replies: 8
Views: 11051

Re: Port Scan Blocking Firewall Rule not Working

add chain=input protocol=tcp psd=21,3s,3,1 action=add-src-to-address-list address-list="port scanners" address-list-timeout=2w comment="Port scanners to list " disabled=no above rule is not working, when i apply this rule , my router became reobooted automatically. why? For me works the following r...
by grusu
Wed Jun 01, 2016 6:50 am
Forum: RouterBOARD hardware
Topic: SFP Module Speed Support
Replies: 2
Views: 567

Re: SFP Module Speed Support

Hi,

I'm sure this is captured somewhere, but I can't find it ... :(

What (maximum) speed of SPF does the RB260GS support?

Thanks!
http://i.mt.lv/routerboard/files/RB260G ... 112240.pdf
by grusu
Wed May 25, 2016 7:25 am
Forum: Announcements
Topic: v6.36rc [release candidate] is released, wireless-fp package is discontinued!
Replies: 295
Views: 52616

Re: v6.36rc [release candidate] is released, wireless-fp package is discontinued!

Thank you grusu. You managed to answer before us and answer is completely correct.
Until now I have used a script to resolve the dynamic IP address from where I manage routers. Now it is much easier.
Thank you!
by grusu
Tue May 24, 2016 7:47 pm
Forum: Announcements
Topic: v6.36rc [release candidate] is released, wireless-fp package is discontinued!
Replies: 295
Views: 52616

Re: v6.36rc [release candidate] is released, wireless-fp package is discontinued!



How often is updated?
My question exactly :)
That's what I would like to know as well.
I will try to answer the question myself: I think the address is resolved at boot and when DNS TTL reaches 0 and is renew in cache.
by grusu
Tue May 24, 2016 11:30 am
Forum: Announcements
Topic: v6.36rc [release candidate] is released, wireless-fp package is discontinued!
Replies: 295
Views: 52616

Re: v6.36rc [release candidate] is released, wireless-fp package is discontinued!

Version 6.36rc16 has been released.
*) firewall - allow to add domain name to address-lists (dynamic entries for resolved addresses will be added to specified list);
Nice!!!

How often is updated?
by grusu
Fri May 13, 2016 8:14 pm
Forum: Beginner Basics
Topic: No internet Access on LAN
Replies: 3
Views: 594

Re: No internet Access on LAN

On command prompt on your pc run "ipconfig /all" and come back with network settings.
by grusu
Tue May 03, 2016 10:57 am
Forum: Announcements
Topic: v6.36rc [release candidate] is released, wireless-fp package is discontinued!
Replies: 295
Views: 52616

Re: v6.36rc [release candidate] is released, wireless-fp package is discontinued!

notToNew - This is not LCD configuration but try to delete init-delay configuration and import afterwards. Does device on which you test import support init-delay and actually has firmware version with init-delay support? Starting with which firmware version supports init-delay? RouterBOOT_changelo...
by grusu
Mon Mar 28, 2016 9:05 am
Forum: Announcements
Topic: v6.34.3 [current] is released!
Replies: 58
Views: 13134

Re: v6.34.3 [current] is released!

On 2011UAS v6.34.3:

[admin@MikroTik-VF] > /system health print
voltage: 1106.5V

Same value in winbox.
Same after reboot.
by grusu
Sun Mar 27, 2016 11:37 pm
Forum: Scripting
Topic: Fun with fan.
Replies: 8
Views: 1036

Re: Fun with fan.

Seems to be permanent. I can't reboot just now to see if this solve the problem.
by grusu
Sun Mar 27, 2016 10:49 pm
Forum: Scripting
Topic: Fun with fan.
Replies: 8
Views: 1036

Re: Fun with fan.

On 2011UAS v6.34.3:

[admin@MikroTik-VF] > /system health print
voltage: 1106.5V
by grusu
Fri Feb 26, 2016 8:29 am
Forum: Announcements
Topic: MUM EUROPE 2016
Replies: 33
Views: 8350

Re: MUM EUROPE 2016

Yes, but not all.
by grusu
Fri Feb 26, 2016 8:20 am
Forum: Announcements
Topic: MUM EUROPE 2016
Replies: 33
Views: 8350

Re: MUM EUROPE 2016

Hi Normis,

If is possible, please put all the presentations online.

Thanks,
Geo
by grusu
Fri Feb 19, 2016 4:59 pm
Forum: Beginner Basics
Topic: MikroTik Graphing-Restrict LAN users from viewing!!!
Replies: 9
Views: 697

Re: MikroTik Graphing-Restrict LAN users from viewing!!!

There are two options. 1. change www server port in ip--> services , from winbox 2. drop from firewall access subnet to ip of mikrotik on port 80 but allow your ip Thanks for your advice. But my issue is I myself is a LAN user at home connected via PPPoE to my network. How can i view the graphs at ...
  • 1
  • 2