It's a bodge / work around. It does work, but Mikrotik should identify / fix the underlying issue.Try setting Multicast Helper to Full.
sleep 0
SetOption60
wmm-support
6.38 = Bugfix, proven to be stableOr I'm very silly and I do not understand anything.
We are with version 6.39.2 and get bugfix of 6.38.7
How does it apply to 6.39.2?
Normis has pointed out which area of forum I'm in.. apologiesI think it's assumed that if you've got the skills to use Linux you can figure out the CLI
You can't, but you can bridge an EoIP tunnel layered over it.You cannot bridge mode-station.
Please can you post a proper .pcap packet capture?
Run it line by line and see where it fails, or add some lines to indicate where if fails, e.g -I have try this script and indeed it don't work.
Who can help us?
:put "The script has made it this far [1]"
:put "The script has made it this far [2]"
/ ip ssh print
I'm curious about the config and topologyWhat do you want to know ?Is there any documentation on using the LNS function?
We have tested successfully with IOS & IOS-XE LAC.
/ ip firewall filter add action=accept connection-state=established
You can set the channel rather than the frequencyHave the frequencies pretyped like when setting a plain AP without capsman instead of a text box.
Sent from my Nexus 4 using Tapatalk
Do you have a source for this info?Till November, guys.
No it doesnt...It depends on what side should be dynamic...
Port Knocking is not the right approach. It's a nasty hacky bodge.Drop everything except whitelist is the right approach. If you need dynamic whitelist you would need to implement port knocking.
But UDP connections don't 'die' as such?Setup your masq rules separately, one for each out-interface? Then only NAT new connections? that way 'invalid' connections will die off on their own and start new ones?
/ip firewall connection remove [/ ip firewall connection find dst-address=111.222.333.444:5060]
YupSounds like some form of proxy-arp going on.
Fail2Ban won't catch everything. Be carefulI only have these 2 rules in place for outside access + I have Faill2Ban configured on freepbx to protect against authentication attacks.
These rules should be in the forward chain.add chain=input dst-port=5060 log=yes protocol=udp
add chain=input dst-port=10000-20000 log=yes protocol=udp
Complete bullshit. It can be a problem, but 9 out of 10 times it can be made to work.voip + nat = problem
This is incredibly vague, we need more info.it doesn't seem to work
If this happens unintentionally, you've made a mistake I'm your config.you can easily create an issue where trafic comes in the one interface and leaves the other.
I dont understand what you're saying, sorryIf that option existed you would very easily force cyclic data, Its better for the Tik to communicate back out the interface it receives the data especially for secure data.
Wow, I didn't know this. Is there a source / link ?Only on old Firmware Versions.
On newer Firmware only with verbose the Mac Address will be copied.
/interface wireless wps-push-button
The IPSEC server could generate a dynamic policy.basically you have a DynDNS style service for your remote site... run a script on your main site to grab the new IP and then update the IPSec policy, proposal, etc
Is this a joke?Therefore we need directly connectable daughter RB board with all ROS features and RPi as backend/frontend...
What issues are you having with scripting this?There are times when you want to flush/clear all connections and it is hard to do it, even with scripts.
This is a pretty broad statement. There is no built-in feature, but it may be possible to add scripts etc that make it possible.No. There is no such feature.
Yes it can. I'm using it in both KVM and QEMU.Dear,
Can the Cloud Hosted Router itself be a Virtual Router with KVM?
I suppose this will depend in the future on the hosted provider.
Thanks,
Patrick
Looks wise, the cAP would look a little nicer on the ceiling.It looks like the wAP can replace the cAP entirely? Dual chain instead of single, 802.3af/at instead of passive, and we can install outdoors. Are there any advantages to the cAP?
I suspect as per the hAP range, we should expect additional wAP announcements in the futurewAP : Single Band device in 2015? (
My thoughts exactlyPlease, at least do not put hAP ac in such case...
/ ip firewall service-port set sip disabled=no
/ Interface Ethernet Monitor
/ip firewall service-port set sip disabled=yes