Community discussions

MUM Europe 2020

Search found 29 matches

by Cougar281
Tue Jul 11, 2017 3:15 pm
Forum: General
Topic: Site to Site IPSec VPN stops passing traffic
Replies: 3
Views: 975

Re: Site to Site IPSec VPN stops passing traffic

No one has any thoughts as to what is causing the VPN from the Mikrotik to stop passing traffic randomly until I kill the connections?
by Cougar281
Thu Jul 06, 2017 3:54 am
Forum: General
Topic: Site to Site IPSec VPN stops passing traffic
Replies: 3
Views: 975

Site to Site IPSec VPN stops passing traffic

A quick overview of my network. I have a main location at my home where I have a Watchguard XTM525 firewall. From here, I have three Sit to Site VPNs. One goes to a Watchguard 26w, another goes to a virtual pfSense firewall, and the third goes to a Mikrotik RB951G-2HnD (6.38.5). The VPNs to the 26w ...
by Cougar281
Tue Jun 23, 2015 8:06 pm
Forum: General
Topic: Mikrotik Site to Site VPN issue
Replies: 2
Views: 927

Re: Mikrotik Site to Site VPN issue

Well, I haven't been able to get any useful logging out of the Mikrotik, despite adding a few parameters (debug, firewall, ipsec, route) and changing most of the defaults to action 'echo', but ont he Watchguard, I can see in the realtime log where ICMP packets from the remote network come into the W...
by Cougar281
Tue Jun 23, 2015 12:20 am
Forum: General
Topic: Mikrotik Site to Site VPN issue
Replies: 2
Views: 927

Mikrotik Site to Site VPN issue

I just got a RB951G-2HnD to set up for a home environment, and I'm having trouble with the site to site VPN. I used a config from a bunch of 951-2n units that I had configured to sit at end users home ofices that have dynamic addresses and were meant only to initiate a VPN tunnel back to the main of...
by Cougar281
Wed Apr 23, 2014 9:30 pm
Forum: General
Topic: Heartbleed
Replies: 18
Views: 18738

Re: Heartbleed

Not sure how you are claiming that Mikrotik wins over Cisco with regards to heartbleed - yes, Cisco has affected products - just about everyone does, but if you want to compare apples to apples (or firewall or firewall to firewall), then it's a tie - the Cisco ASAs are unaffected. Switches are unaff...
by Cougar281
Sat Feb 15, 2014 2:07 am
Forum: General
Topic: v6.10 released
Replies: 248
Views: 84547

Re: v6.10 released

RB951-2n - VPNs are still broken. Wireless remains to be seen. With Wireless in B/G/N mode, forget it. Couldn't hold a connection. in B/G, it SEEMS reasonably stable. With regards to the VPNS - if ROS considers a 'sa-src-address' of 0.0.0.0 to be invalid, how do you propose to use a MikroTik router ...
by Cougar281
Fri Feb 14, 2014 8:49 pm
Forum: RouterBOARD hardware
Topic: 48V POE
Replies: 10
Views: 5281

Re: 48V POE


zener diode is the simplest over voltage protection
Did not know that - thanks.
by Cougar281
Thu Feb 13, 2014 10:35 pm
Forum: General
Topic: ipsec tunnel is lying mikrotik-mikrotik 6.9
Replies: 5
Views: 1615

Re: ipsec tunnel is lying mikrotik-mikrotik 6.9

What are you trying to do? A site to site VPN over the internet or something else? If you're trying to do a site to site over the internet, unless you've changed the IPs to something other than your actual addresses for security, the sa-src-address and sa-dst-address addresses are wrong. The sa-src-...
by Cougar281
Thu Feb 13, 2014 9:40 pm
Forum: General
Topic: attack
Replies: 7
Views: 1419

Re: attack

you could also set a rule to only allow connections from specific IPs, assuming you don't need access from everywhere.
by Cougar281
Thu Feb 13, 2014 6:38 pm
Forum: General
Topic: 951-2n Wireless issues (ROS6.7)
Replies: 1
Views: 618

Re: 951-2n Wireless issues (ROS6.7)

Well, in doing MORE reading and searching, there are people seeing the same exact issues I'm seeing going back at least two years - I spent some time reading several pages about the same issues on the RB751's, which uses a similar wireless card. It would seem that while the devices perform quite wel...
by Cougar281
Thu Feb 13, 2014 4:31 pm
Forum: RouterBOARD hardware
Topic: 48V POE
Replies: 10
Views: 5281

Re: 48V POE

i checked my post, i did not talk about 802.3af/at - so there is programmable PSU plugged directly into passive poe injector or jack. Ahh. I assumed you were referring to 802.3af POE since you referenced 48v. There's a BIG difference between a passive injector that pretty much amounts to hooking pa...
by Cougar281
Thu Feb 13, 2014 3:45 pm
Forum: General
Topic: ROS 6.7 handing out TFTP Server address?
Replies: 4
Views: 1201

Re: ROS 6.7 handing out TFTP Server address?

Could it be "Next server" you searching for???

http://forum.mikrotik.com/viewtopic.php ... 97#p364684
Pretty sure no - that doesn't appear anywhere in the config.
by Cougar281
Thu Feb 13, 2014 6:18 am
Forum: RouterBOARD hardware
Topic: 48V POE
Replies: 10
Views: 5281

Re: 48V POE

The reason nothing happens when you plug a RB into a 48v 802.3af POE switch is that in order for the switch to start sending power, there needs to be special circuitry in the receiving device that tells the switch that it's capable of receiving POE. Without this circuitry, it would try to send power...
by Cougar281
Thu Feb 13, 2014 2:08 am
Forum: General
Topic: 951-2n Wireless issues (ROS6.7)
Replies: 1
Views: 618

951-2n Wireless issues (ROS6.7)

I had posted about this before, when I first started playing with the 951 back in September or so and at the time, I was using the 'default' config. I thought I had it working, but really didn't use it much. I was just about to package up five of the six 951's that I have set up for home users, and ...
by Cougar281
Thu Feb 13, 2014 12:32 am
Forum: General
Topic: ROS 6.7 handing out TFTP Server address?
Replies: 4
Views: 1201

Re: ROS 6.7 handing out TFTP Server address?

Well, after a few more hours of searching and digging through posts, I got this sorted out to where I have the MikroTik handing out MCIPADD, MCPort and TFTPSRVR to the IP Phones. They use option code 176 for these settings. It WOULD still be nice if someone could tell me why the MikroTik was handing...
by Cougar281
Wed Feb 12, 2014 1:55 am
Forum: Beginner Basics
Topic: RB951-2n Prioritizing Avaya IP Phone traffic
Replies: 3
Views: 1658

Re: RB951-2n Prioritizing Avaya IP Phone traffic

Well, IDEALLY, it would be THE router. In my testing, I've found there to be about a 50/50 shot it'll actually work through a NAT router (Did work through a linksys, did not work through the uVerse HG NAT), so my preference will be for the users to replace whatever router they have with the Mikrotik...
by Cougar281
Mon Feb 10, 2014 11:29 pm
Forum: General
Topic: ROS 6.7 handing out TFTP Server address?
Replies: 4
Views: 1201

ROS 6.7 handing out TFTP Server address?

I have a rather simple setup that I will be deploying out to several end users to function as a VPN endpoint for our phone system. I have not configured any DHCP options in the Mikrotik router (other than a basic pool), but it is handing out its address to the IP Phones as a TFTP server address. I w...
by Cougar281
Mon Feb 10, 2014 11:15 pm
Forum: General
Topic: ROS 6.9 VPN bug?
Replies: 14
Views: 2535

Re: ROS 6.9 VPN bug?

I just set my client as dynamic. It got a new ip and connected to the server again and is working fine. Where are you trying to enter this 0.0.0.0? I see no src-address setting here. edit: but I think ipsec has a src-address setting. Is that what you mean? Yes, 'sa-src-address=' in '/ip ipsec polic...
by Cougar281
Sat Feb 08, 2014 12:16 am
Forum: General
Topic: ROS 6.9 VPN bug?
Replies: 14
Views: 2535

Re: ROS 6.9 VPN bug?

I think I see your challenge. Which end device is dynamic? The server or client? The client. At the server end I have a Cisco ASA 5510 with a /27 block of static IPs set up with a Dynamic L2L VPN in addition to the static ones. The plan for the Mikrotiks is to have them at the users Home Offices to...
by Cougar281
Fri Feb 07, 2014 11:58 pm
Forum: General
Topic: ROS 6.9 VPN bug?
Replies: 14
Views: 2535

Re: ROS 6.9 VPN bug?

It's a bit scary that 6.9 was released in such a broken state... I have tried this supposed "fail" and I can't find where it is broken. My site-to-site vpn works with v6.9. I agree with karina in this post. http://forum.mikrotik.com/viewtopic.php?f=2&t=81514#p407972 That may be true.... BUT... in m...
by Cougar281
Fri Feb 07, 2014 8:29 pm
Forum: General
Topic: ROS 6.9 VPN bug?
Replies: 14
Views: 2535

Re: ROS 6.9 VPN bug?

It's a bit scary that 6.9 was released in such a broken state...
by Cougar281
Fri Feb 07, 2014 2:33 am
Forum: General
Topic: ROS 6.9 VPN bug?
Replies: 14
Views: 2535

ROS 6.9 VPN bug?

After working with my RB951-2n for the last two days getting the Site to Site VPN set up on it and experimenting with getting some kind of VoIP prioritization set up, I upgraded it from 6.7 to 6.9. Now, every time I reboot it, the policy for my VPN says 'Invalid' until I open it and click apply - th...
by Cougar281
Fri Feb 07, 2014 12:06 am
Forum: Beginner Basics
Topic: RB951-2n Prioritizing Avaya IP Phone traffic
Replies: 3
Views: 1658

RB951-2n Prioritizing Avaya IP Phone traffic

The Background: I originally got the RB951 to play with and most likely replace my current infrastructure (pfSense) with, but in trying to leafn ROS, I found that my needs are far too complex for me to figure out how to replace my firewalls with Routerboards - The chains have me totally lost in the ...
by Cougar281
Wed Oct 16, 2013 4:35 pm
Forum: General
Topic: RB951-2n Wireless issue
Replies: 7
Views: 1603

Re: RB951-2n Wireless issue

Yes, more or less. But there was something different about the default setup that didn't work, and the way I have it set now has been working after I set it up manually.
by Cougar281
Wed Oct 16, 2013 5:28 am
Forum: General
Topic: New to ROuterOS - suggestions for *good* learning material?
Replies: 7
Views: 2576

Re: New to ROuterOS - suggestions for *good* learning materi

Can someone please give me a rundown on how the chains work and apply? I kinda understand how they flow in a real simple config (such as the 951-2n I set up that will probably end up at my grandparents), but the next thing I need to set up, if I'm going to continue down the MikroTik path, is my home...
by Cougar281
Wed Oct 16, 2013 4:56 am
Forum: General
Topic: RB951-2n Wireless issue
Replies: 7
Views: 1603

Re: RB951-2n Wireless issue

Is there any way that I may have missed to enable email alerts when a thread is replied to? This one sat with no answers for enough time that I didn't think to check it.... Anyway, it would appear I got it working, since it seems to have been stable for a bit now. Apparently, the default config is b...
by Cougar281
Wed Oct 02, 2013 7:23 am
Forum: General
Topic: New to ROuterOS - suggestions for *good* learning material?
Replies: 7
Views: 2576

Re: New to ROuterOS - suggestions for *good* learning materi

nawshad, yes, I've looked through the wiki and so far it hasn't helped, and tiktube doesn't appear to have much relevant info. pcunite, Thanks for the info. I'll have to check out Gregs videos. I put in your default config in my Routerboard and oddly, I lost my connection to the web interface, but w...
by Cougar281
Mon Sep 23, 2013 5:00 am
Forum: General
Topic: New to ROuterOS - suggestions for *good* learning material?
Replies: 7
Views: 2576

New to ROuterOS - suggestions for *good* learning material?

As the title says, I'm new to RouterOS. I've been in IT for almost 15 years, and have a lot of time with Cisco PIX and ASA firewalls, Watchguard, some Sonicwall, all of the consumer routers, pfSense, IPCop and probably a few I can't think of... But RouterOS is unlike anything else I've worked with. ...
by Cougar281
Mon Sep 23, 2013 4:17 am
Forum: General
Topic: RB951-2n Wireless issue
Replies: 7
Views: 1603

RB951-2n Wireless issue

I purchased a RB951-2n about a week and a half ago, and haven't had much time to play with it. I started playing with it a bit today, and with the 'default' config, which hear as I can tell, should work for a very simple setup where the only need is a DHCP Server and access to the internet, the wire...