Ok so maybe someone can answer me on what means of communication does CAPsMAN have, because I could not find that exact information ?
In services there is 5246,5247/udp. What about L2 communication ?

Hello. I want to limit interfaces on which CAPsMAN communicates. Is this configurable via CAPsMAN or should I set filters ? The problem now is that CAPsMAN can connect devices via WAN. I don't wan't that of course. How to limit management interfaces ? On the side - i'm wondering if wifi passwords ca...

I can confirm it working on 6.36.2 but not exactly straight. There is a bug in GUI that causes ca crl host to be empty after signing. When You sign a certificate there is a field for CRL host and it does nothing. Signing from terminal works fine and CRL host is set. Then the revocation of certificat...

Well,

it took some time. I've skipped the first case but lately I was faced with the same problem elsewhere. I am gladly reporting that those rules do what they are supposed to.
Thanks again for all of your help.

Hello. Is there a awy to assign priorities to virtual APs working on the same wireless interface ? I have main wlan, guest vap and service vap and would not like that the guest and service vaps take too much bandwidth and increase latency of main AP. My first guess is DSCPs and enabling WMM but righ...

Hello. I would like to configure : -an IPSec tunnel between 2 routers -first router is plain and simple - public IP and LAN (say WAN 80.1.1.1 LAN 10.0.0.0) -target IP range for the other end is a public range (say WAN 140.1.1.0/24), don't care about LAN -second router has IP within that range (ie 14...

I wish I had a more detailed post to direct you to, but check out this for now: http://forum.mikrotik.com/viewtopic.php?p=535450#p534818 Likely what you are seeing is an issue with the hardware encryption driver that causes problems with packet delivery. With TCP, this often results in poor single ...

Thanks for the explanation. Those sections were always quite a puzzle for me.
I'll drop a line when i'll be able to sniff out what's going on.

I think it replaces src IP with WAN IP of router. Here's an excerpt from log. I logged both rules and added forward logging in filter based on dst address TARGET_IP. It could be out of order due to way mikrotik logs things. I bolded a line from the forward filter, where You have WAN_IP->TARGET_IP. D...

Thanks for the reply. So two rules would be needed ? Dst-nat and src-nat after that ?

Hello. I have a rather unique situation. I have to forward port from WAN to LAN, but I have to assure the LAN host gets connection from LAN IP. The reason behind this is complicated and boils down to this, that the target host uses different route back to original internet IP. Please don't elaborate...

Hello.
Will there be an option to add comments to switch features ?
On CCS the switching can become quite complex with 24 ports and many VLANs that are set up in many places, I'm unable to add comments to them. Tried with Winbox 3RC12 and ROS 6.28.

About RoMON. I've added a gateway host - I can connect to it with plain winbox. I've enabled RoMON on a switch behind it and on the gateway. I can discover both from eachother. When I click "connect to RoMON" button, it connects, I can discover the switch. Now here is the problem: When I'm...

Hello. Tkanks Chechito for Your suggestion. You're right about DSCP being honored by Unifi APs and it being transported with the IP header throuought the network. I've used this approach and confirmed the field is set on packets bound to APs. I have yet to witness it's (the prioritization on wifi) e...

Hello, thanks for replying. Your solution sounds more like a dirty workaround. Looking at how qos is convoluted in crs, I would like not to do that :) Missing from my first post are : -A plea for help. Please help. -Overview of what I wan to accomplish, so that maybe someone can propose a different ...

Hello. I'm trying to make a PCP field to propagate through CRS-125-24G without success. PCP is set with bridge rule on CCR, then travels with VLAN to the CRS. I use mirroring to sniff out packets. I can see the PCP field set on packets entering the switch on port 1, then they leave with the field un...

Bump here.
Can't get this to work with remote peer set to 0.0.0.0/0. Log says "no configuration found for 0.0.0.0".
And if I instread use the IP that the other router has at this moment - works.
This is frustrating.

Hello. I would like to say that I'm quite dissapointed with how this works. I used beta 3 for a couple of days and went back to winbox2. Today I had to do something on a router from a different computer and quickly downloaded winbox from the website. So, I've launched w3 and : -tried to connect via ...

Hello. My observations : - Winbox3 has a tendency to eat all CPU it can. Right after it is started. Stops when minimized. In fact, CPU consumption is dependant on window size. - Please add an option to disable the leading rows for each new letter. For lists with a few hosts it actually hurts visibi...

Hello. My observations : - Winbox3 has a tendency to eat all CPU it can. Right after it is started. Stops when minimized. In fact, CPU consumption is dependant on window size. - Please add an option to disable the leading rows for each new letter. For lists with a few hosts it actually hurts visibil...

Hello. I'm puzzled with this because as I have read, global variables should be accessible from any script of a user. Meanwhile I can assign a global variable in script, read it from terminal, but cannot read it from another script. Also, the variable is not listed in system/script/environment, but ...