Community discussions

Search found 45 matches

by jayd2k
Mon Sep 17, 2018 1:25 pm
Forum: General
Topic: CRS112-8P-4S Invalid VLAN v6.43 [SOLVED]
Replies: 4
Views: 704

Re: CRS112-8P-4S Invalid VLAN v6.43 [SOLVED]

Known bug. Duplicate of viewtopic.php?t=139148.
by jayd2k
Fri Nov 06, 2015 3:42 pm
Forum: RouterBOARD hardware
Topic: GPON networks with Mikrotik/Routerboard SFP ports
Replies: 86
Views: 55950

Re: GPON networks with Mikrotik/Routerboard SFP ports

The GPON module specs have just been revealed. Check out Newsletter 68 just posted by Normis viewtopic.php?f=21&t=101952&p=506377. The module isn't listed yet on routerboard.com though its specs are available here (link from the newsletter).
by jayd2k
Wed Nov 04, 2015 12:06 pm
Forum: Beginner Basics
Topic: Port Forward, Routing Mark Issue
Replies: 11
Views: 2412

Re: Port Forward, Routing Mark Issue

This is going way beyond the topic initially addressed in this post. You should request for general feedback on your setup by opening a new post. Make sure to provide all the proper details of your setup including a network diagram. However, if you're seeking professional advise feel free to send me...
by jayd2k
Wed Nov 04, 2015 11:06 am
Forum: Beginner Basics
Topic: Port Forward, Routing Mark Issue
Replies: 11
Views: 2412

Re: Port Forward, Routing Mark Issue

Depending on the situation you might want to create additional routing marks which ensure that traffic that comes in through a certain interface will leave through the same interface. Check out this post on how to do that. Eventually you'll have to add this for each wan-link to ensure that return tr...
by jayd2k
Wed Nov 04, 2015 10:47 am
Forum: Beginner Basics
Topic: Port Forward, Routing Mark Issue
Replies: 11
Views: 2412

Re: Port Forward, Routing Mark Issue

Can you provide a network diagram and the configuration of all the routers involved? Did you exclude private networks for the routing marks?
by jayd2k
Tue Nov 03, 2015 7:04 pm
Forum: Beginner Basics
Topic: Port Forward, Routing Mark Issue
Replies: 11
Views: 2412

Re: Port Forward, Routing Mark Issue

I'm attaching a GNS3 lab of a simple multi-wan setup that's almost identical to what you're trying to do. Here are the configs for further reference: R1 The wan subnets are private class networks hence source nat (masq) is applied to any traffic that's leaving towards the emulated upstream through i...
by jayd2k
Tue Nov 03, 2015 6:50 pm
Forum: Beginner Basics
Topic: Port Forward, Routing Mark Issue
Replies: 11
Views: 2412

Re: Port Forward, Routing Mark Issue

I thought that might be the case with in-interface but your 2nd example shows me another way - could I add two or more IP's in one rule though (dst-address=$TARGETIP instead of in-interface)? Yes, either by creating a separate rule for each additional ip address or by using an address list instead....
by jayd2k
Mon Nov 02, 2015 5:21 pm
Forum: Beginner Basics
Topic: Port Forward, Routing Mark Issue
Replies: 11
Views: 2412

Re: Port Forward, Routing Mark Issue

Hi there, add action=dst-nat chain=dstnat comment="RDP" dst-port=10000 protocol=tcp to-addresses=192.168.0.100 to-ports=10000 This gets me to my destination but if I use a different IP with the same port it still takes me here, what am I missing? if you don't want the rule to apply to any interface ...
by jayd2k
Sun May 10, 2015 8:38 pm
Forum: General
Topic: [BUG] fetch https problem
Replies: 6
Views: 1978

Re: [BUG] fetch https problem

Sorry for resurrecting this one but the problem still seems to exist. When fetching a script with 287KB in size from a remote web server using https the file is being truncated: [admin@router] > import openbl.rsc expected end of command (line 5014 column 20) When downloading the respective script fr...
by jayd2k
Sat Feb 14, 2015 4:36 pm
Forum: Scripting
Topic: [SOLVED] How to iterate only through interfaces that have a comment set?
Replies: 4
Views: 1441

[SOLVED] Re: How to iterate only through interfaces that have a comment set?

Since recent versions, I think you need to use "any", i.e.
find where any comment
Yes, that works. Thanks! Seems like the scripting guide in the wiki could use a little updating.
by jayd2k
Sat Feb 14, 2015 8:56 am
Forum: Scripting
Topic: [SOLVED] How to iterate only through interfaces that have a comment set?
Replies: 4
Views: 1441

[SOLVED] How to iterate only through interfaces that have a comment set?

Hi, I need a little help here - how to iterate through the list of interfaces that have a comment set? Here's the list of interfaces I use for testing on an RB2011: [admin@MikroTik] > interface print Flags: D - dynamic, X - disabled, R - running, S - slave # NAME TYPE 0 ether1-gateway ether 1 RS ;;;...
by jayd2k
Sun Dec 07, 2014 9:26 am
Forum: RouterBOARD hardware
Topic: GPON networks with Mikrotik/Routerboard SFP ports
Replies: 86
Views: 55950

Re: GPON networks with Mikrotik/Routerboard SFP ports

As usual MikroTik is working on a lot of stuff at the same time. Perhaps GPON might come up early next year. They're definitely aware of it. I suggest everyone to lean back for the moment and enjoy the holidays. Things will work out eventually. Cheers :D
by jayd2k
Fri Sep 05, 2014 9:37 am
Forum: General
Topic: Winbox 3 beta
Replies: 243
Views: 120674

Re: Winbox 3

All display settings are lost between closing Winbox 3, and starting a new Winbox 3 session to the same device, regardless of the setting of "Load previous session".
Any estimate when this one's going to be fixed? The same issue persists with version 3.0beta3. Thanks.
by jayd2k
Fri Sep 05, 2014 9:30 am
Forum: General
Topic: WinBox 3.0beta2 doesn't load previous session
Replies: 5
Views: 1905

Re: WinBox 3.0beta2 doesn't load previous session

This is still happening with beta3 and this issue also wasn't adressed in the changelog.

Kinda annoying ...
by jayd2k
Thu Aug 28, 2014 7:30 am
Forum: General
Topic: v6.19 released
Replies: 256
Views: 93826

Re: v6.19 released

Back on July 5th I was reporting the following issue with MT support which, as of today, still persists. Can't assign any bandwidth greater than 4294Mbps (32 bit) to a 10GbE interface: [admin@DCCCR01.RT] /mpls traffic-eng interface> print Flags: X - disabled, I - invalid # INTERFACE BANDWIDTH TE-MET...
by jayd2k
Fri Aug 15, 2014 6:11 am
Forum: Beginner Basics
Topic: [SOLVED] Dual VLAN on WAN DHCP Client Issue
Replies: 6
Views: 2910

Re: [SOLVED] Dual VLAN on WAN DHCP Client Issue

Cool, thanks for sharing your solution and properly resolving your thread :)
by jayd2k
Wed Aug 13, 2014 6:50 am
Forum: Beginner Basics
Topic: Hotspot not directing https traffic
Replies: 3
Views: 1349

Re: Hotspot not directing https traffic

Thanks for your response,

[...]

Unless I require a ssl cert in order to even redirect an https request?
Srange behaviour. Kindly attach your config.
by jayd2k
Fri Aug 08, 2014 2:35 am
Forum: Beginner Basics
Topic: VLAN Question
Replies: 6
Views: 1415

Re: VLAN Question

It is actually a bit different than I described. Right now I'm using the 88.x subnet on the wireless link only because the HDHomeRun is something I need on my local 88.x LAN broadcast domain. I also provide internet to those remote sites, right now on 88.x, but I'd prefer to put them on my "guest" ...
by jayd2k
Thu Aug 07, 2014 1:50 pm
Forum: Beginner Basics
Topic: Some switch purchasing assistance please
Replies: 4
Views: 877

Re: Some switch purchasing assistance please

Put a router in front of the switch (e.g. RB2011). If you can deal with only eight gigabit ports then go for a CCR eliminating the need for a CRS. As mentioned by mpreissner - the CRS aren't intended to be used for routing. Did you test the performance in regards to switching? E.g. file transfer bet...
by jayd2k
Thu Aug 07, 2014 9:33 am
Forum: Beginner Basics
Topic: Provider changed / switching from PPPoE to DHCP dynamic IP
Replies: 1
Views: 738

Re: Provider changed / switching from PPPoE to DHCP dynamic

Essentially you'll have to remove the PPPoE client interface and create a DHCP client for the physical interface that's connected to your WAN modem (ether1). But it depends on how your firewall is configured - I think that at least the SNAT/MASQ has to be changed as well. Post your entire config and...
by jayd2k
Thu Aug 07, 2014 9:17 am
Forum: Beginner Basics
Topic: NAT Filter
Replies: 4
Views: 1354

Re: NAT Filter

This thread is pretty old already - if the problem still exists, perhaps you could post your config?
by jayd2k
Thu Aug 07, 2014 9:09 am
Forum: Beginner Basics
Topic: trying to run hotspot server on VLAN interface
Replies: 1
Views: 1304

Re: trying to run hotspot server on VLAN interface

Hello. I'm trying to figure out how to run Hotspot server on VLAN intend of physical interface or bridge. At this moment we have bridge wheres connected 7 PtP UBNT NB5M (WDS) going to 7 relay towers around the zone and around 6k clients connected. At the end i have plenty of drops on bridge, broadc...
by jayd2k
Thu Aug 07, 2014 6:36 am
Forum: Beginner Basics
Topic: Daily interval
Replies: 1
Views: 787

Re: Daily interval

You'll need a radius server with an attached database to take care of the accounting. You can either use the MikroTik User Manager (separate package to ROS) which runs on top of your routerboard or simply use an external radius server running FreeRadius + MySQL/MariaDB/PostgreSQL. A word of advice -...
by jayd2k
Thu Aug 07, 2014 5:57 am
Forum: Beginner Basics
Topic: Reach to modem
Replies: 1
Views: 567

Re: Reach to modem

Could you post your router config?
by jayd2k
Thu Aug 07, 2014 5:49 am
Forum: Beginner Basics
Topic: Hotspot not directing https traffic
Replies: 3
Views: 1349

Re: Hotspot not directing https traffic

What's the error you're getting? "SSL error: self signed certificate in certificate chain"? You'll need to obtain a valid security certificate that was issued by a global certificate authority - CA (e.g. VeriSign, Thawte, Comodo, Startcom). It consists of a private key and the public certificate iss...
by jayd2k
Thu Aug 07, 2014 4:00 am
Forum: Forwarding Protocols
Topic: [WORKAROUND] VPLS-LDP/RSVP-TE tunnels simultaneously?
Replies: 1
Views: 1454

Re: Operating VPLS-LDP and RSVP-TE tunnels simultaneously?

Guess I'll have to work around things then. Well, establishing TE tunnels between different pairs of transport/loopback addresses is working. I had a twist on my lab gear that as I figured last night. In regards to VPLS - the workaround is to establish VPLS tunnels using the main loopback addresses ...
by jayd2k
Thu Aug 07, 2014 3:30 am
Forum: Beginner Basics
Topic: VLAN Question
Replies: 6
Views: 1415

Re: VLAN Question

jayd2k: Thanks for the suggestion. I'll try it. (Nice diagram, by the way. Exactly correct.) Thinking about it, you're currently operating multiple ip subnets on top of the same broadcast domain. Without having a transparent firewall in-place everyone may just switch to 192.168.88.0/24 by changing ...
by jayd2k
Wed Aug 06, 2014 9:28 am
Forum: Beginner Basics
Topic: VLAN Question
Replies: 6
Views: 1415

Re: VLAN Question

Question: If I place a RB750 (or a WRT54GS running DD-WRT) at the STX3 location, can I successfully configure this network to add a VLAN to the network so that the 89.x network continues to work as it does now (untagged LAN for clients at both STX2 and STX3) while transporting a VLAN over the Nstre...
by jayd2k
Wed Aug 06, 2014 7:55 am
Forum: Beginner Basics
Topic: [SOLVED] Dual VLAN on WAN DHCP Client Issue
Replies: 6
Views: 2910

Re: Dual VLAN on WAN DHCP Client Issue

That sounds pretty much like a routing issue.

Check your routing table before and after enabling the dhcp client on VLAN4 and see if the default route changes once the other link comes up.

Checking the routing table via CLI:

ros code

ip route print detail
You also might want to share your config with us.
by jayd2k
Wed Aug 06, 2014 7:52 am
Forum: Beginner Basics
Topic: 802.1X Authentication
Replies: 1
Views: 672

Re: 802.1X Authentication

AFAIK RouterOS doesn't support authenticating itself on physical ports. But I might be mistaken.
by jayd2k
Wed Aug 06, 2014 7:44 am
Forum: Beginner Basics
Topic: Mikrotik Grove A-52HPn don't connect to my ISP?
Replies: 1
Views: 591

Re: Mikrotik Grove A-52HPn don't connect to my ISP?

Perhaps you can provide a basic drawing/diagram of what you're trying to accomplish?
by jayd2k
Wed Aug 06, 2014 7:41 am
Forum: Beginner Basics
Topic: L2TP - encryption got out of sync
Replies: 2
Views: 1251

Re: L2TP - encryption got out of sync

What's the latency on the WiFi link? Is the time on all devices synchronized e.g. using SNTP?
by jayd2k
Wed Aug 06, 2014 7:36 am
Forum: Beginner Basics
Topic: New User - Handed down project
Replies: 1
Views: 415

Re: New User - Handed down project

Can't tell exact model of MicroTik based on how the unit is installed in a vehicle (yes, this is in a vehicle for a remote camera). Is there a way for me to find out the exact model? Looks like some of these devices are made by ordering a housing and then the board so curious as to what I really ha...
by jayd2k
Wed Aug 06, 2014 7:24 am
Forum: Beginner Basics
Topic: how to logging ntp server
Replies: 4
Views: 1146

Re: how to logging ntp server

Hi, note from the documentation: NOTE: the above logging rules work only with the built-in SNTP client, the separate NTP package doesn't have any logging facilities. In regards to the sntp client take a look at the wiki: Background on how to configure logging http://wiki.mikrotik.com/wiki/Manual:Sys...
by jayd2k
Wed Aug 06, 2014 7:10 am
Forum: Beginner Basics
Topic: Help connecting 2 Mikrotiks WAN to WAN
Replies: 3
Views: 855

Re: Help connecting 2 Mikrotiks WAN to WAN

I assume that on both routers you've already configured the respective name (identity)? E.g. identity "R1" and "R2". You can do this either via WebFig or WinBox using System -> Identity . The identity is reflected on the command line making it easier to identity the router a command was executed on....
by jayd2k
Tue Aug 05, 2014 10:09 am
Forum: Forwarding Protocols
Topic: [WORKAROUND] VPLS-LDP/RSVP-TE tunnels simultaneously?
Replies: 1
Views: 1454

[WORKAROUND] VPLS-LDP/RSVP-TE tunnels simultaneously?

Hi *, I'm having some trouble understanding how to operate VPLS and TE tunnels in parallel between a pair of routers. I'd like to operate multiple TE and VPLS tunnels in parallel between a pair of routers. Right now when creating a VPLS tunnel, a pair of TE tunnels is automatically generated for bi-...
by jayd2k
Sun Jul 27, 2014 4:56 pm
Forum: Forwarding Protocols
Topic: MPLS / VPLS and TE Tunnels
Replies: 7
Views: 3635

Re: MPLS / VPLS and TE Tunnels

Here's some additional information on R1 and R3. I'm aware of the fact that VPLS tunnels aren't part of this configuration. First goal should be to get the TE tunnels up and running. [admin@R1] > /mpls traffic-eng interface print detail Flags: X - disabled, I - invalid 0 interface=ether10 bandwidth=...
by jayd2k
Sun Jul 27, 2014 4:38 pm
Forum: Forwarding Protocols
Topic: MPLS / VPLS and TE Tunnels
Replies: 7
Views: 3635

Re: MPLS / VPLS and TE Tunnels

There's definitely a great need for clarification here. How to identify the TE tunnel(s) being used by a respective VPLS tunnel? Establishing TE tunnels (RSVP-TE) between other ip addresses than the "main loopback" addresses doesn't work I'm attaching a lab diagram covering the use case of having tw...
by jayd2k
Tue Mar 11, 2014 11:20 am
Forum: General
Topic: PBR - Ensure traffic leaves the same interface it arrives on
Replies: 10
Views: 4128

Re: PBR - Ensure traffic leaves the same interface it arrive

Well, take a look again at what I said: Create a second rule that applies a new routing mark to packets marked with the connection mark and coming from the DMZ. Right now you are switching inbound traffic to a routing table that no longer has the destination it is supposed to reach. Got you, it's w...
by jayd2k
Tue Mar 11, 2014 10:52 am
Forum: General
Topic: PBR - Ensure traffic leaves the same interface it arrives on
Replies: 10
Views: 4128

Re: PBR - Ensure traffic leaves the same interface it arrive

This should be quite easy using two mangle rules. Create a first rule that marks connections coming from the VPN tunnel and not having a mark already. Create a second rule that applies a new routing mark to packets marked with the connection mark and coming from the DMZ. Add a new routing table wit...
by jayd2k
Sun Mar 09, 2014 6:51 pm
Forum: General
Topic: PBR - Ensure traffic leaves the same interface it arrives on
Replies: 10
Views: 4128

Re: PBR - Ensure traffic leaves the same interface it arrive

I had a similar issue using a VPN. It took a routing mark to get the routing correct. http://forum.mikrotik.com/viewtopic.php?f=2&t=82462#p412455 Well, yes, it would help with this but from my understanding placing a routing mark as with your post will basically match all traffic that's coming from...
by jayd2k
Sun Mar 09, 2014 6:11 pm
Forum: General
Topic: PBR - Ensure traffic leaves the same interface it arrives on
Replies: 10
Views: 4128

PBR - Ensure traffic leaves the same interface it arrives on

Hi *, I'm attaching a sketch of a problem that I believe is related to policy based routing. Whenever the mobile client tries to access the web server located in the DMZ behind the CPE using the port forwarding (DNAT) through the vpn appliance, traffic goes through. However, since the mobile client'...
by jayd2k
Wed Sep 11, 2013 3:22 am
Forum: General
Topic: 6.3 No default config after upgrade to 6.3 on 951G 2HnD
Replies: 7
Views: 1620

Re: 6.3 No default config after upgrade to 6.3 on 951G 2HnD

v6.4 has it fixed, release this week.
Yupp, already got your response via OTRS ;)

Thanks.
by jayd2k
Tue Sep 10, 2013 7:51 am
Forum: General
Topic: 6.3 No default config after upgrade to 6.3 on 951G 2HnD
Replies: 7
Views: 1620

Re: 6.3 No default config after upgrade to 6.3 on 951G 2HnD

I've been running into the same issue and addressed it with the support just a minute ago.