Community discussions

MikroTik App

Search found 46 matches

by martinclaro
Tue Apr 14, 2020 10:38 pm
Forum: Beginner Basics
Topic: to instal backup to another router
Replies: 12
Views: 2429

Re: to instal backup to another router

to: ingdaka. thx for your answer
If I understand well I start New terminal from menu and after that I write instruction: "export". Is it the correct way?
Just run the following command and download the file from the Files section:
/export file=backup-export.rsc
by martinclaro
Sun Apr 12, 2020 5:30 am
Forum: RouterBOARD hardware
Topic: Need new hardware switch (based on RB260GS but do not need SFP/PoE)
Replies: 34
Views: 4519

Re: Need new hardware switch (based on hEX)

hEX is a router! I do not need to make a switch from the router! I need gigabit switch (as Gigabit Ethernet Repeater "GPeR" but on 5 ports) - without PoE - without USB - without microSD - without CPU MT7621A (enough QCA8511) Its price should be much less! What is the point of buying an hEX router a...
by martinclaro
Sat Apr 11, 2020 5:46 pm
Forum: RouterBOARD hardware
Topic: Need new hardware switch (based on RB260GS but do not need SFP/PoE)
Replies: 34
Views: 4519

Re: Need new hardware switch (based on hEX)

Is the hEX too expensive to work as a switch? I don’t know what your topology looks like but it could help you to implement OSPF and avoid bridging. Anyways, it can work as a switch too.
by martinclaro
Sun Mar 15, 2020 11:28 pm
Forum: Scripting
Topic: tool fetch and new line break
Replies: 2
Views: 2168

Re: tool fetch and new line break

You can use %0A to send url-encoded line breaks.
by martinclaro
Thu Mar 12, 2020 10:35 pm
Forum: General
Topic: CRS354-48G-4S+2Q+ unable to switch to switchos
Replies: 4
Views: 1409

Re: CRS354-48G-4S+2Q+ unable to switch to switchos

Did you try with the following command?
  /system routerboard settings set boot-os=swos
by martinclaro
Sun Mar 08, 2020 6:01 pm
Forum: General
Topic: Unifi AP and VLANs
Replies: 2
Views: 1526

Re: Unifi AP and VLANs

AFAIK UniFi controller doesn’t have management VLAN settings. They all expect to be untagged, so you can set PVID on all access ports and use trunk ports for UniFi AP and controller.
by martinclaro
Wed Feb 26, 2020 1:17 pm
Forum: Beginner Basics
Topic: FTTH very slow download speed (upload ok)
Replies: 15
Views: 3600

Re: FTTH very slow download speed (upload ok)

Is this setting really necessary?.
/interface bridge settings
set use-ip-firewall=yes use-ip-firewall-for-pppoe=yes
I think no. Try disabling both and check the speed
by martinclaro
Sun Feb 02, 2020 3:35 pm
Forum: Wireless Networking
Topic: Wireless Wire wAP60G
Replies: 6
Views: 2291

Re: Wireless Wire wAP60G

I forgot to mention that you could also use the following command to get more stats on both ends (master and slave-side):
/interface w60g print stats interval=1
by martinclaro
Sun Feb 02, 2020 5:13 am
Forum: General
Topic: Connection problems with iPhone when using fixed DHCP lease
Replies: 1
Views: 534

Re: Connection problems with iPhone when using fixed DHCP lease

Network tab is there to set DHCP some of the values sent by DHCP server inside DHCP offer/ack packets.

To set a static IP address, you need to go to DHCP Server > Leases tab.

Also, the network address has the wrong mask in your screenshot.
by martinclaro
Sun Feb 02, 2020 1:07 am
Forum: Wireless Networking
Topic: Wireless Wire wAP60G
Replies: 6
Views: 2291

Re: Wireless Wire wAP60G

You can monitor the error rate and MCS on the client-side (station) of the link by running the following command: /interface w60g monitor 0 connected: yes frequency: 58320 remote-address: 30:07:4D:XX:XX:XX tx-mcs: 8 tx-phy-rate: 2.3Gbps signal: 95 rssi: -50 tx-sector: 36 tx-sector-info: center dista...
by martinclaro
Thu Jan 30, 2020 1:51 pm
Forum: General
Topic: Audiophile Level(Low Noise Floor, Silent) Mikrotik vs Ubiquiti Unifi Network Switch
Replies: 31
Views: 4157

Re: Audiophile Level(Low Noise Floor, Silent) Mikrotik vs Ubiquite Unifi Network Switch

Hi, did you see this one?

https://mikrotik.com/product/CRS326-24G-2SplusRM

Completely silent, external power supply (very little one) and PoE-In support. Also bigger than the ones you found (is that an issue?).
by martinclaro
Thu Jan 23, 2020 4:56 pm
Forum: Beginner Basics
Topic: Wireless Wire Connectivity issues from device itself
Replies: 5
Views: 1359

Re: Wireless Wire Connectivity issues from device itself

Hi, I have a similar setup but it works great. Maybe you can post the output of the following command between [ CODE ] [ /CODE ] tags.
 /export hide-sensitive
by martinclaro
Thu Jan 23, 2020 3:11 am
Forum: General
Topic: My public IP is getting raped by port scanners - is that normal?
Replies: 24
Views: 3579

Re: My public IP is getting raped by port scanners - is that normal?

Maybe you can add a tarpit rule before the drop rule to make them busier and see the results.

Tarpit TCP, Drop UDP.
by martinclaro
Sat Nov 16, 2019 7:50 pm
Forum: General
Topic: Tapatalk + Mikrotik forum
Replies: 26
Views: 4629

Re: Tapatalk + Mikrotik forum

So can the trouble description be formulated more precisely as "Tapatalk (regardless whether free or pro) on iPhone does not work specifically with forum.mikrotik.com, while it does work just fine with at least one other forum"?
Precisely.
by martinclaro
Fri Nov 15, 2019 1:40 pm
Forum: General
Topic: Tapatalk + Mikrotik forum
Replies: 26
Views: 4629

Re: Tapatalk + Mikrotik forum

Same here. It doesn’t work on iPhone (since at least 2 years)
by martinclaro
Fri Oct 04, 2019 2:30 pm
Forum: General
Topic: hotspot users blocking a site
Replies: 4
Views: 1036

Re: hotspot users blocking a site

I think you can block the hotspot users to access those sites by adding them to the hotspot filtering rules: https://wiki.mikrotik.com/wiki/Manual:I ... led_Garden

Or you can add the same mangle and filter rules four output chain, so the proxied traffic will also match.
by martinclaro
Mon Sep 23, 2019 10:12 pm
Forum: RouterBOARD hardware
Topic: Recover from "No Default Configuration" System Reset
Replies: 17
Views: 3007

Re: Recover from "No Default Configuration" System Reset

Why not to use Winbox with MAC address?
Because the OP asks about Linux command to connect using mac-telnet. Obviously he can run WinBox in a VirtualBox guest.
by martinclaro
Wed Sep 18, 2019 3:01 pm
Forum: General
Topic: Ruted Network and Sonos Speakers
Replies: 4
Views: 904

Re: Ruted Network and Sonos Speakers

Most answers for that kind of setup is NO, because most network-connected speakers and media players (Sonos, Apple TV, HomePod, etc.) require the devices to be in the same broadcast domain (same subnet), and won’t work in a routed environment except for one case: using a mDNS/Bonjour proxy. You can ...
by martinclaro
Sun Sep 15, 2019 1:52 pm
Forum: General
Topic: How to block websites? [SOLVED]
Replies: 5
Views: 2615

Re: How to block websites? [SOLVED]

You have to move the tls-host and layer-7 rules before accepting related/established connections.
by martinclaro
Sun Sep 15, 2019 6:11 am
Forum: General
Topic: How to block websites? [SOLVED]
Replies: 5
Views: 2615

Re: How to block websites? [SOLVED]

Could you post the output of the following command so we can figure out what is not working on your setup?
/ip firewall export
by martinclaro
Sat Sep 14, 2019 5:23 pm
Forum: Beginner Basics
Topic: Add Adress List Users to Queue [SOLVED]
Replies: 5
Views: 1204

Re: Add Adress List Users to Queue [SOLVED]

Maybe a better approach is to mark those BitTorrent packets and put them in a queue with less priority (bigger number) so you can prioritize other traffic before BitTorrent. It’s easier and does not rely on a script to be run every minute.
by martinclaro
Sat Sep 14, 2019 4:05 pm
Forum: Beginner Basics
Topic: Add Adress List Users to Queue [SOLVED]
Replies: 5
Views: 1204

Re: Add Adress List Users to Queue [SOLVED]

Not at all... let's say you have an address-list named "acl-limited" with specific addresses (or set dynamically via dhcp-server leases), and your LAN address is 1.2.3.0/24: /ip firewall address-list add list=acl-limited address=1.2.3.4 add list=acl-limited address=1.2.3.5 add list=acl-limited addre...
by martinclaro
Sat Sep 14, 2019 2:34 pm
Forum: Beginner Basics
Topic: Add Adress List Users to Queue [SOLVED]
Replies: 5
Views: 1204

Re: Add Adress List Users to Queue [SOLVED]

You can add the mangle Rules to match src/dst-address-list and mark those packets.

Then, use the same mark at the simple queues or queue tree.
by martinclaro
Fri Sep 06, 2019 1:54 am
Forum: Beginner Basics
Topic: How to change source IP to destination network
Replies: 8
Views: 1562

Re: How to change source IP to destination network

---EDITED---
Try to put the srcnat rule before other srcnat/masquerade rules and do a traceroute to see what happens.
by martinclaro
Thu Sep 05, 2019 5:25 pm
Forum: Beginner Basics
Topic: How do i solve Error 0x8007274C in windows 7 when connecting vpn from windows 7 to mirotik hap lite router?
Replies: 18
Views: 2489

Re: How do i solve Error 0x8007274C in windows 7 when connecting vpn from windows 7 to mirotik hap lite router?

Well, that's because you are using a certificate created by yourself, not by a trusted entity. That's not a router issue. Maybe you can deal with the new issue by adding the CA certificate to your windows host. Also the common-name or the alt-name should match the hostname you are using to connect t...
by martinclaro
Thu Sep 05, 2019 4:44 pm
Forum: Beginner Basics
Topic: How do i solve Error 0x8007274C in windows 7 when connecting vpn from windows 7 to mirotik hap lite router?
Replies: 18
Views: 2489

Re: How do i solve Error 0x8007274C in windows 7 when connecting vpn from windows 7 to mirotik hap lite router?

[admin@MikroTik] > /ip service export hide-sensitive # sep/05/2019 16:26:29 by RouterOS 6.45.1 # software id = SEYH-HLMS # # model = RouterBOARD 941-2nD # serial number = 8AFE08FFCDCE [admin@MikroTik] > Ok, so you will need to desable the www-ssl service or change its port: To disable it: /ip servi...
by martinclaro
Thu Sep 05, 2019 3:20 pm
Forum: Beginner Basics
Topic: How do i solve Error 0x8007274C in windows 7 when connecting vpn from windows 7 to mirotik hap lite router?
Replies: 18
Views: 2489

Re: How do i solve Error 0x8007274C in windows 7 when connecting vpn from windows 7 to mirotik hap lite router?

[admin@MikroTik] > /interface sstp-server server export hide-sensitive # sep/05/2019 14:58:00 by RouterOS 6.45.1 # software id = SEYH-HLMS # # model = RouterBOARD 941-2nD # serial number = 8AFE08FFCDCE /interface sstp-server server set authentication=mschap2 certificate=server enabled=yes [admin@Mi...
by martinclaro
Thu Sep 05, 2019 3:15 pm
Forum: Beginner Basics
Topic: How do i solve Error 0x8007274C in windows 7 when connecting vpn from windows 7 to mirotik hap lite router?
Replies: 18
Views: 2489

Re: How do i solve Error 0x8007274C in windows 7 when connecting vpn from windows 7 to mirotik hap lite router?

[admin@MikroTik] > /ip services export hide-sensitive
bad command name services (line 1 column 5
I'm sorry, the command is:
/ip service export hide-sensitive
by martinclaro
Thu Sep 05, 2019 3:13 pm
Forum: Beginner Basics
Topic: How do i solve Error 0x8007274C in windows 7 when connecting vpn from windows 7 to mirotik hap lite router?
Replies: 18
Views: 2489

Re: How do i solve Error 0x8007274C in windows 7 when connecting vpn from windows 7 to mirotik hap lite router?

Start by moving this rule: add action=accept chain=input comment="Permit SSTP" dst-port=443 protocol=tcp before this other rule: add action=drop chain=input comment="defconf: drop all not coming from LAN" in-interface-list=!LAN That's why the router is dropping the connections from WAN side (order m...
by martinclaro
Thu Sep 05, 2019 2:45 pm
Forum: Beginner Basics
Topic: How do i solve Error 0x8007274C in windows 7 when connecting vpn from windows 7 to mirotik hap lite router?
Replies: 18
Views: 2489

Re: How do i solve Error 0x8007274C in windows 7 when connecting vpn from windows 7 to mirotik hap lite router?

You only need yo allow traffic to port 443 (or the port you set on /interface sstp-server server) in the input chain. Do not add a nat rule for the port. Second, make sure you have disabled the www-ssl service on "/ip service" (or change the port at /ip service) so the port does not conflict with th...
by martinclaro
Thu Sep 05, 2019 2:02 pm
Forum: Beginner Basics
Topic: 1 interface, 2 vlans, prioritize Vlan2 95%
Replies: 8
Views: 1384

Re: 1 interface, 2 vlans, prioritize Vlan2 95%

VLANS are presented as interfaces by themselves, so you need to use the vlan interface name on the queues.

Again, the queues will not balance the traffic, just will limit it.

On simple queues, you can use the “dst” parameter to set the upstream interface (vlan in this case).
by martinclaro
Thu Sep 05, 2019 2:37 am
Forum: Beginner Basics
Topic: Unstopable DSTNAT
Replies: 17
Views: 3124

Re: Unstopable DSTNAT

Good to hear you resolved the issue.

For future reference, the traffic between 2 IP addresses belonging to the same bridge and same subnet does NOT go through the firewall as it is a Layer-3 firewall (unless you have enabled the use-ip-firewall option under /interface bridge settings).
by martinclaro
Thu Sep 05, 2019 2:09 am
Forum: Beginner Basics
Topic: Change DDNS name (Mikrotik cloud)
Replies: 11
Views: 2497

Re: Change DDNS name (Mikrotik cloud)

You can't change the name but, if you have your own domain, you can point a CNAME record in your domain's DNS to point to 529c0491d41c.sn.mynetname.net . ;; ANSWER SECTION: router.yourdomain.com. 179 IN CNAME 529c0491d41c.sn.mynetname.net. 529c0491d41c.sn.mynetname.net. 13 IN A 1.2.3.4
by martinclaro
Thu Sep 05, 2019 1:59 am
Forum: Beginner Basics
Topic: 1 interface, 2 vlans, prioritize Vlan2 95%
Replies: 8
Views: 1384

Re: 1 interface, 2 vlans, prioritize Vlan2 95%

To do that, you will need to do load-balancing + failover (search for PCC or ECMP). https://wiki.mikrotik.com/wiki/Load_Balancing https://wiki.mikrotik.com/wiki/ECMP_load_balancing_with_masquerade https://wiki.mikrotik.com/wiki/Manual:PCC Queues won't help with traffic distribution, but will put a l...
by martinclaro
Tue Sep 03, 2019 10:33 pm
Forum: Wireless Networking
Topic: Do I have to separate configurations within CAPsMan?
Replies: 4
Views: 859

Re: Do I have to separate configurations within CAPsMan?

Correct, and the same applies to CAP interfaces.
by martinclaro
Tue Sep 03, 2019 9:27 pm
Forum: Wireless Networking
Topic: Do I have to separate configurations within CAPsMan?
Replies: 4
Views: 859

Re: Do I have to separate configurations within CAPsMan?

Indeed, you will find useful to configure the specific settings as the work like "profiles" you can override under interface tab. I usually create all the settings separately (channels, datapaths, security, rates, and all together into configuration), then I set the interfaces. If I want to override...
by martinclaro
Wed Aug 28, 2019 9:01 pm
Forum: Beginner Basics
Topic: RB4011iGS with more subnets
Replies: 11
Views: 1561

Re: RB4011iGS with more subnets

Ok, can you provide the output of the following commands?
/export hide-sensitive
/ip arp print
/ip address print
/ip route print
Just obfuscate the public IP addresses only.
by martinclaro
Wed Aug 28, 2019 6:13 pm
Forum: Beginner Basics
Topic: RB4011iGS with more subnets
Replies: 11
Views: 1561

Re: RB4011iGS with more subnets

You can start by removing the ether10 port from bridge, or assign the IP address to the bridge.
by martinclaro
Wed Jul 10, 2019 8:58 pm
Forum: Beginner Basics
Topic: mikrotik as router with dhcp doesn't see some devices with static adress manually entered on the device
Replies: 2
Views: 456

Re: mikrotik as router with dhcp doesn't see some devices with static adress manually entered on the device

Hi, can you post an export so we can help you? Looks like wrong settings for ARP under bridge or interface.
by martinclaro
Tue Feb 26, 2019 2:15 pm
Forum: Announcements
Topic: v6.44 [stable] is released!
Replies: 219
Views: 48369

Re: v6.44 [stable] is released!

Upgraded a RB851G (both RouterOS and RouterBOOT) from 6.42.12 today. I get errors every time I try to save a backup file (both local and cloud, same error). [admin@xxxx] > /system backup save Saving system configuration Configuration backup saved 08:54:42 echo: backup,critical error creating backup...
by martinclaro
Tue Feb 26, 2019 2:00 pm
Forum: Announcements
Topic: v6.44 [stable] is released!
Replies: 219
Views: 48369

Re: v6.44 [stable] is released!

Upgraded a RB851G (both RouterOS and RouterBOOT) from 6.42.12 today. I get errors every time I try to save a backup file (both local and cloud, same error). [admin@xxxx] > /system backup save Saving system configuration Configuration backup saved 08:54:42 echo: backup,critical error creating backup ...
by martinclaro
Mon Dec 17, 2018 11:17 pm
Forum: General
Topic: IP CLOUD is down
Replies: 62
Views: 13624

Re: IP CLOUD is down

@martinclaro It takes about 15 minutes for it to start working again once you upgrade @tricksol, as I said before, my routers and CHR were updated before this issue happened. I also rebooted some of my routers and nothing happened. As many other forum members said, it looks like connectivity or res...
by martinclaro
Mon Dec 17, 2018 5:41 pm
Forum: General
Topic: IP CLOUD is down
Replies: 62
Views: 13624

Re: IP CLOUD is down

Upgrading will make it work again + give some new features. Name will stay and nothing else will change. @normis I've been upgrading both RouterOS and Firmware to the latest current-channel version on all my devices and today the service is not working. Is there any process to follow to enable the ...
by martinclaro
Sat Sep 28, 2013 6:18 am
Forum: Beginner Basics
Topic: Layer 7 facebook block
Replies: 29
Views: 151058

Re: Layer 7 facebook block

Also you can update those rules by using whois in a linux/unix/mac box running the following commands: echo "/ip firewall filter" ; whois -h whois.radb.net -- '-i origin AS32934' | grep '^route:' | sort -n | uniq | awk '{print "add action=drop chain=forward comment=Facebook dst-address="$2}' echo "/...