Community discussions

Search found 123 matches

by nerdtron
Thu May 01, 2014 3:24 pm
Forum: General
Topic: How to redirect to Hotspot login page
Replies: 5
Views: 1798

Re: How to redirect to Hotspot login page

You should setup wifi Hotspot in Mikoritk.
Then it would be possible to change/edit the default login.html page of mikrotik. It would also be possible to redirect the external login page to a remote server.
Please read: http://wiki.mikrotik.com/wiki/HotSpot_e ... login_page
by nerdtron
Tue Apr 29, 2014 3:12 pm
Forum: General
Topic: After running hotspot ,xp users can not see workgroup!
Replies: 2
Views: 694

Re: After running hotspot ,xp users can not see workgroup!

If you think nat is the problem, you can still run hotspot without the nat. Just make sure that the hotspot interface is the one giving dhcp addresses. Then you be able to see you local network.
by nerdtron
Sat Apr 26, 2014 6:19 pm
Forum: General
Topic: Freeradius Port-Limit simultaneous-use
Replies: 3
Views: 1607

Re: Freeradius Port-Limit simultaneous-use

My problem too. I hope somebody has a solution.
by nerdtron
Wed Apr 23, 2014 7:35 am
Forum: General
Topic: Multiple WAN --- basic configuration.
Replies: 5
Views: 10090

Re: Multiple WAN --- basic configuration.

You can't ping both by default since you can't have 2 default gateways at the same time.

Try adding src-address from your ping.
ping [gateway wan1] src-address=[ip of interface wan1]
by nerdtron
Tue Apr 22, 2014 3:31 am
Forum: General
Topic: Multiple WAN --- basic configuration.
Replies: 5
Views: 10090

Re: Multiple WAN --- basic configuration.

This one is very good. Basically, you segment the LAN into two networks, each having their own gateways.
http://wiki.mikrotik.com/wiki/Load_Bala ... e_Gateways
by nerdtron
Wed Apr 16, 2014 9:58 am
Forum: General
Topic: Easiest Way to have Netwatch Ping More than Once
Replies: 25
Views: 4660

Re: Easiest Way to have Netwatch Ping More than Once

I tried. Once you get over 9 it doesn't work. Is there a special way to enter 24 seconds? Also, does this bog down any resources and slow down the router? Thanks. That's why don't put it on the netwatch. Put the script on System>Scripts and create a scheduler for it to run every 2 minutes. You defi...
by nerdtron
Wed Apr 16, 2014 8:34 am
Forum: General
Topic: Easiest Way to have Netwatch Ping More than Once
Replies: 25
Views: 4660

Re: Easiest Way to have Netwatch Ping More than Once

Change the interval in 24 seconds and change the "10" to 5, this will spread the 5 pings in 2 minutes.
by nerdtron
Wed Apr 16, 2014 7:37 am
Forum: General
Topic: Easiest Way to have Netwatch Ping More than Once
Replies: 25
Views: 4660

Re: Easiest Way to have Netwatch Ping More than Once

You guys are confusing me. Can I put these scripts in the up and down area of netwatch, or do they need to go somewhere else? It would be better if you put the script on the System>Script Then create a System>Scheduler for it where you can also tweak on how it start during boot up. On the Scheduler...
by nerdtron
Wed Apr 16, 2014 4:58 am
Forum: General
Topic: Easiest Way to have Netwatch Ping More than Once
Replies: 25
Views: 4660

Re: Easiest Way to have Netwatch Ping More than Once

OK that settles it. :lol:
by nerdtron
Wed Apr 16, 2014 4:48 am
Forum: General
Topic: Easiest Way to have Netwatch Ping More than Once
Replies: 25
Views: 4660

Re: Easiest Way to have Netwatch Ping More than Once

Why does this have to be so hard. :D Script to check for if the main link is down. This will perform the commands you specified once only when the check fails. :local i 0; {:do {:set i ($i + 1)} while (($i < 10) && ([/ping 192.x.x.x interval=3 count=1]=0))}; :if ($i=10 && [/ip route get 0 disabled]=...
by nerdtron
Wed Apr 16, 2014 4:20 am
Forum: General
Topic: Easiest Way to have Netwatch Ping More than Once
Replies: 25
Views: 4660

Re: Easiest Way to have Netwatch Ping More than Once

When it goes up, just write another similar script. Notice the slight difference.
:local i 0; {:do {:set i ($i + 1)} while (($i < 10) && ([/ping 192.x.x.x interval=3 count=1]=1))};
:if ($i=10) do={:log info "Warning: 10 successful pings to IP 192.x.x.x";
/set your command here.}
by nerdtron
Wed Apr 16, 2014 4:17 am
Forum: General
Topic: Easiest Way to have Netwatch Ping More than Once
Replies: 25
Views: 4660

Re: Easiest Way to have Netwatch Ping More than Once

Script to ping 10 times with an interval of 3 seconds, then execute commands if all pings are unsuccessful. :local i 0; {:do {:set i ($i + 1)} while (($i < 10) && ([/ping 192.x.x.x interval=3 count=1]=0))}; :if ($i=10) do={:log info "Warning: 10 unsuccessful pings to IP 192.x.x.x"; /set your command...
by nerdtron
Thu Apr 10, 2014 10:15 am
Forum: General
Topic: Sierra Wireless LTE Card on Rogers Network in Canada
Replies: 5
Views: 1393

Re: Sierra Wireless LTE Card on Rogers Network in Canada

He probably means "this is not a complain" which means his post is not about a problem he is having.
by nerdtron
Thu Apr 10, 2014 10:13 am
Forum: General
Topic: [WINBOX] MultiTab
Replies: 19
Views: 3629

Re: [WINBOX] MultiTab

Reconnect button when connection is lost would be something!
^THIS!
It's not just something, this is a big improvement.
by nerdtron
Thu Apr 10, 2014 6:03 am
Forum: General
Topic: RB951Ui-2HnD, 6.11, bootloop?
Replies: 5
Views: 1518

Re: RB951Ui-2HnD, 6.11, bootloop?

So no one got anything? Is anyone successfully running 6.11 on 951Ui-2HnD? Firmware version? Exactly the same device here. I tried upgrading to 6.11, remove default configuration, then configured Same scenario as yours and the router works properly. Tried to unplug and replug a few times and bootup...
by nerdtron
Thu Apr 10, 2014 5:09 am
Forum: General
Topic: netwatch ping recommendation
Replies: 4
Views: 867

Re: netwatch ping recommendation

Not a problem at all since ping packets are very small and have low priority.
by nerdtron
Thu Apr 10, 2014 5:05 am
Forum: General
Topic: 2 WANs and port forwarding
Replies: 2
Views: 910

Re: 2 WANs and port forwarding

Unfortunately reaching their web interface is possible only when using the currently active WAN Yup, that would be correct since you don't mark inbound packets, therefore they will be directed to the currently active default route with no routing marks. The solution is to also mark the inbound traf...
by nerdtron
Wed Apr 09, 2014 2:51 pm
Forum: General
Topic: Dual WAN bonding works ... sorta
Replies: 3
Views: 2991

Re: Dual WAN bonding works ... sorta

Yes, I think you'll have a problem using VOIP, RDP and VPN since they need a fixed connection while PCC will tend to shoot the packets on different wan paths. You can try to change the you per-connection-classifier to source address only or destination address only. Or you can also create dedicated ...
by nerdtron
Mon Apr 07, 2014 6:06 am
Forum: General
Topic: Load balance
Replies: 6
Views: 1705

Re: Load balance

PCC can sometimes be difficult to control and sometimes breaks secure https sites.
I recommend creating two lan or subnets and assign them their own gateway wan.
http://wiki.mikrotik.com/wiki/Load_Bala ... e_Gateways
by nerdtron
Mon Apr 07, 2014 5:43 am
Forum: General
Topic: Hotspot login page that does not require password?
Replies: 1
Views: 989

Re: Hotspot login page that does not require password?

I am setting up my first hotspot for a local coffee shop and I was wondering if there is a way to make the login page show some terms and conditions and then the user only needs to click an Accept button to continue to the internet. I have been combing the forum but have been unable to find a post ...
by nerdtron
Fri Apr 04, 2014 10:26 am
Forum: General
Topic: copy and edit settings to import in other device
Replies: 5
Views: 1003

Re: copy and edit settings to import in other device

/export
Then copy and paste to notepad.
Remove info such as MAC addresses as they will be automatically added.
Paste again on next router.
Done.
by nerdtron
Fri Apr 04, 2014 3:55 am
Forum: General
Topic: Load Balancing + Hotspot
Replies: 5
Views: 1553

Re: Load Balancing + Hotspot

This what I followed http://wiki.mikrotik.com/wiki/Load_Bala ... e_Gateways
Basically, you'll have two LANs each with its own ISP.
by nerdtron
Thu Apr 03, 2014 11:45 am
Forum: General
Topic: 2 wan
Replies: 2
Views: 1137

Re: 2 wan

hay all i have rb951 6.7 i use hotspot (username & pass) my wan1 ip is 192.168.0.1 i got a new internet line wan2 ip is 192.168.1.1 how to use both this lines in my RB?? can i work with wan1 192.168.0.1 wan2 192.168.0.2 ???? thanks I wouldn't recommend PCC and hotspot combination. It's not very muc...
by nerdtron
Thu Apr 03, 2014 4:54 am
Forum: General
Topic: Load_balancing local network is unreachable
Replies: 3
Views: 656

Re: Load_balancing local network is unreachable

I have made load balancing with the help of this instruction http://wiki.mikrotik.com/wiki/Load_Balancing_over_Multiple_Gateways Balancing works fine but I cant access any of LAN devices What is the way out? Remember the part on adding mangle rules for GroupA and GroupB? Chain prerouting and Src. A...
by nerdtron
Thu Apr 03, 2014 4:43 am
Forum: General
Topic: change startup page in mikrotik
Replies: 6
Views: 3368

Re: change startup page in mikrotik

On the login html page, if you find this line: <input type="hidden" name="dst" value="$(link-orig)" /> Change to something like: <input type="hidden" name="dst" value="http://google.com" /> This will hardcode google.com as the redirect page. After they login successfully, they will be redirected to ...
by nerdtron
Sat Mar 29, 2014 3:54 am
Forum: General
Topic: Need Help Load Balancing 1100 AHX2
Replies: 12
Views: 1654

Re: Need Help Load Balancing 1100 AHX2

I don't really recommend PCC plus hotspot setup, but I guess why not just segment the network into two seperate LANs.
Say 70% of all users will be directed to WAN1 and the other 30% of users will be directed to WAN2. It would be more stable and reliable.
by nerdtron
Sat Mar 29, 2014 3:51 am
Forum: General
Topic: Real life experience stopping DDOS
Replies: 9
Views: 2865

Re: Real life experience stopping DDOS

Real life experience from this thread http://forum.mikrotik.com/viewtopic.php?t=54607 Anyway, use cloud core routers for production environments and you don't have to worry for compatibility issues on x86 machines. Plus, router have more ports. Are your routers going to face the public internet to m...
by nerdtron
Sat Mar 29, 2014 3:47 am
Forum: General
Topic: Hotspot bypass temporaly
Replies: 9
Views: 2530

Re: Hotspot bypass temporaly

Make sure also that "keep-alive" on the user profile is set to 3 days. So that even when the user disconnects on wifi, it will take 3 days before he is removed on the active queue.
Of course, he will be logged out once he request log-out or when radius servers says that the user should be logged out.
by nerdtron
Fri Mar 28, 2014 11:06 am
Forum: General
Topic: I Can't figure out how to setup this ! any help?
Replies: 6
Views: 1695

Re: I Can't figure out how to setup this ! any help?

You don't have to complicate things. Just have two separate lan for each network. Then mark each connection and create a default gateway for each routing mark.
http://wiki.mikrotik.com/wiki/Load_Bala ... e_Gateways
by nerdtron
Wed Mar 26, 2014 3:17 am
Forum: General
Topic: How to leave a free subnet in hotspot
Replies: 5
Views: 1550

Re: How to leave a free subnet in hotspot

You can also add the IP block on the walled Garden IP list so that hotspot users can access the IPs without logging in.
by nerdtron
Tue Mar 25, 2014 11:45 am
Forum: General
Topic: can't move files to mikrotik board
Replies: 6
Views: 1536

Re: can't move files to mikrotik board

Try uploading the files using FileZilla.
Remember to use port 21 when you connect to the router.
by nerdtron
Tue Mar 25, 2014 11:40 am
Forum: General
Topic: Load Balancing + Hotspot
Replies: 5
Views: 1553

Re: Load Balancing + Hotspot

What type of load balancing would you do? If PCC, it is possible, but a bit difficult, not to mention the using multiple gateways can disrupt some https website. It would be better if you create 2 lans, then make gateway 1 as the default route for lan 1, then gateway 2 as the default route route for...
by nerdtron
Fri Mar 21, 2014 6:48 pm
Forum: General
Topic: ZTE MF631
Replies: 2
Views: 758

Re: ZTE MF631

try to use different info/data channel.
How many combinations should I try?
0,0
0,1
0,3
1,0
etc...

So any more ideas?
by nerdtron
Fri Mar 21, 2014 12:17 pm
Forum: General
Topic: ZTE MF631
Replies: 2
Views: 758

ZTE MF631

I have ZTE MF631. PPP interface show that the device is detected, however even after inputting the correct apn and dial settings, it still can't connect. Does Mikrotik support this modem? If so, why is the logs showing "could not acquire serial port"? Please help as we to confirm this immediately as...
by nerdtron
Tue Mar 18, 2014 12:20 pm
Forum: General
Topic: dhcp client doesn't work with cisco since RouterOS v. 6.7
Replies: 18
Views: 2893

Re: dhcp client doesn't work with cisco since RouterOS v. 6.

Upgrade to 6.11 and if still not working put "/export compact" command result on the forum (remove sensilble data first) before eventually downgrade. http://www.mikrotik.com/download/share/routeros-mipsbe-6.11.npk [thanks Normis for the link on other thread] Is this the official release? Just check...
by nerdtron
Tue Mar 18, 2014 12:17 pm
Forum: General
Topic: winbox in linux mint
Replies: 8
Views: 6051

Re: winbox in linux mint

@nerdtron What do you mean exactly? In windows, if your computer has IP 192.168.1.2 and the port you are connected on mikrotik has IP address 192.168.88.1, you won't be able to connect using MAC. Try settings your computer IP to 192.168.88.2 and you'll be able to connect. I know it defeats the purp...
by nerdtron
Tue Mar 18, 2014 12:02 pm
Forum: General
Topic: Supported USB dongles
Replies: 1
Views: 482

Supported USB dongles

Hi all, I'm too lazy to edit the WIKI but here's the list of dongles I have tested on RB951Ui-2Hnd and RouterOS 6.10 Huawei E1553 Huawei E357 Huawei E173 Alcatel One Touch X230M All are working, although each of them has their own Info Channel and Data Channel. But everything will be detected once y...
by nerdtron
Tue Mar 18, 2014 11:54 am
Forum: General
Topic: winbox in linux mint
Replies: 8
Views: 6051

Re: winbox in linux mint

On last ubuntu, just download & run winbox (by "Wine 1.4") and all is working...
13.10? How's the terminal font on yours?
by nerdtron
Tue Mar 18, 2014 11:52 am
Forum: General
Topic: Downgrade - could I lose configuration?
Replies: 2
Views: 603

Re: Downgrade - could I lose configuration?

Read change log from the 6.7 to 6.10. On my tests, none was lost so far. But I guess it all depends which features are you using that is dependent on the router os version. On my setup, here's what I have used so far and no config was lost. Hotspot Policy routing for 2 gateways PPP client for the US...
by nerdtron
Tue Mar 18, 2014 11:45 am
Forum: General
Topic: winbox in linux mint
Replies: 8
Views: 6051

Re: winbox in linux mint

It does work fine on mine, but I didn't installed wine using the default installation. I customized a lot of settings on wine. Anyway, I am successful on using the default wine install to use winbox by setting the IP address of the computer on the same subnet of the mikrotik router. Then try connect...
by nerdtron
Mon Mar 17, 2014 7:13 am
Forum: General
Topic: multi WAN NAT for different LANs
Replies: 5
Views: 1854

Re: multi WAN NAT for different LANs

You don't have to complicate things, just mark routing will do the job for you.
Here's the link: http://wiki.mikrotik.com/wiki/Load_Bala ... e_Gateways
by nerdtron
Sun Mar 16, 2014 2:56 am
Forum: General
Topic: pptp vpn
Replies: 3
Views: 783

Re: pptp vpn

Doesn't VPN creates it own interface on the router?
Make this interface your default gateway, and add nat masquerade on that interface. All traffic on your lan will be directed the VPN tunnel and not the DSL.
by nerdtron
Sun Mar 16, 2014 2:53 am
Forum: General
Topic: Hotspot problem...
Replies: 3
Views: 689

Re: Hotspot problem...

I'm not quite sure, but I think this has something to do with the lease time of the ip/mac bindings that the dhcp server hands out. I think the default is 3 days, try lowering the value.
by nerdtron
Wed Mar 12, 2014 3:13 pm
Forum: General
Topic: RouterOS version 6.10
Replies: 7
Views: 1416

Re: RouterOS version 6.10

No problem!
610.jpg
Finally! Thanks!
I overlooked that part
by nerdtron
Tue Mar 11, 2014 3:25 pm
Forum: General
Topic: RouterOS version 6.10
Replies: 7
Views: 1416

Re: RouterOS version 6.10

Screenshot 2014-03-11 15.08.45.png 100 times login ... ;-)). Next update the same procedure ... I would setup TheDude, upload the Image to the Dude and make upgrades with the dude. First time it takes longer as you've to enter password for each device. But next and following updates are done with a...
by nerdtron
Tue Mar 11, 2014 3:24 pm
Forum: General
Topic: RouterOS version 6.10
Replies: 7
Views: 1416

Re: RouterOS version 6.10

Screenshot 2014-03-11 15.08.45.png
Donwload 10MB on each mikrotik? I'd prefer to download it and then upload it on each device.
by nerdtron
Tue Mar 11, 2014 2:46 pm
Forum: General
Topic: RouterOS version 6.10
Replies: 7
Views: 1416

RouterOS version 6.10

I have about 100 RB951Ui routers and all are on version 6.5.
I want to upgrade them to version 6.10, but i don't know where to get it.
I can download the version 6.9 npk file and do the upgrade, but I can't find the version 6.10
by nerdtron
Tue Mar 11, 2014 3:36 am
Forum: General
Topic: open a range of ports... Like all of them.
Replies: 5
Views: 3367

Re: open a range of ports... Like all of them.

I'm not sure if this is what you wanted, but are you talking about DMZ?
http://forum.mikrotik.com/viewtopic.php?f=14&t=38916
by nerdtron
Tue Mar 11, 2014 3:32 am
Forum: General
Topic: Mikrotik + Freeradius Issue + MSSql (Platypus)
Replies: 4
Views: 1260

Re: Mikrotik + Freeradius Issue + MSSql (Platypus)

Sorry In which system? Mikrotik, Plat or Freeradius?
When the user fails to authenticate, what is the error on the mikrotik log?
If mikrotik sends the credentials to the radius server, what is the error on the freeradius server?
by nerdtron
Thu Mar 06, 2014 4:04 am
Forum: General
Topic: Help with Hotspot/RADIUS/Hotspot User Management
Replies: 2
Views: 1796

Re: Help with Hotspot/RADIUS/Hotspot User Management

Try FreeRadius with Daloradius web interface. It will enable you create users and set limit for each users with session-time and data limit.
http://blog.cygnaltech.net/2013/04/inst ... -2110.html
by nerdtron
Mon Mar 03, 2014 11:46 am
Forum: General
Topic: Interface rate limiting while on bridge
Replies: 2
Views: 1255

Re: Interface rate limiting while on bridge

My mikrotik accepted this config. /queue simple add max-limit=5M/5M name=queue1 target=bridge1 Haven't tested it yet but I think it will limit traffic of interface bridge1 with 5Mbps for upload and download. EDIT: Sorry I read it again you want to rate-limit a port that is a member of a bridge? /que...
by nerdtron
Wed Feb 26, 2014 4:01 am
Forum: General
Topic: Setup VPN Server over PPPoE using RADIUS multiple subnets?
Replies: 2
Views: 2903

Re: Setup VPN Server over PPPoE using RADIUS multiple subnet

I can ping the PPPoE interface, ether1 and ether2 from the VPN client, but I can't ping any hosts INSIDE the LAN This is the correct behavior if your mikrotik is the vpn client. You can't access anything inside the LAN behind the mikrotik since all of these LAN devices are behind NAT. The only way ...
by nerdtron
Tue Feb 25, 2014 5:14 am
Forum: General
Topic: winbox or webfig?
Replies: 8
Views: 1808

Re: winbox or webfig?

The major drawback for me in webfig is that you can't connect using MAC Address. If the router has no configured IP addresses, you can't connect through webfig.
by nerdtron
Tue Feb 25, 2014 4:27 am
Forum: General
Topic: NTP client using FQDN?
Replies: 10
Views: 3038

Re: NTP client using FQDN?

You can include 2 ntp pools for time sync. Isn't that enough? In creating scripts and schedules, go to System>Scripts. Click the plus sign to add an entry. Give it a name (ex: check-time) and then paste your whole script in the Sorce box.Click OK to save. Then go to System>Scheduler. Click the plus ...
by nerdtron
Mon Feb 24, 2014 2:59 pm
Forum: General
Topic: NTP client using FQDN?
Replies: 10
Views: 3038

Re: NTP client using FQDN?

Just input the FQDN in the /system ntp
The FQDN will be converted to IP addresses once the router does nslookup.
by nerdtron
Mon Feb 24, 2014 2:57 pm
Forum: General
Topic: Hotspot SSL Popups Warnings
Replies: 2
Views: 983

Re: Hotspot SSL Popups Warnings

When you intercept a https page, the browser will definitely show an SSL warning because the page you want to go is different on the login page. This is how https is designed to prevent man-in-the-middle attacks.
You can't have a workaround in this behavior.
by nerdtron
Sun Feb 23, 2014 4:14 pm
Forum: General
Topic: hotspot user disconnect after 5 min
Replies: 2
Views: 2963

Re: hotspot user disconnect after 5 min

What is your session timeout in freeradius?
Also just to make sure that there is no limit on the time, login a user and then view the Active tab on the IP>Hotpspot.
If you see it countdown, then you have a setting for session timeout.
by nerdtron
Sun Feb 23, 2014 4:08 pm
Forum: Beginner Basics
Topic: HOTSPOT - issues with secure web pages.
Replies: 22
Views: 12552

Re: HOTSPOT - issues with secure web pages.

I'm aware that I need to have an SSL certificate on my login page so that mikrotik can successfully redirect login pages. However, even installing the certificate on the website and now that the page is in https mode, users connecting via the hotspot are still getting SSL Error pages. Although once ...
by nerdtron
Fri Feb 21, 2014 7:57 am
Forum: General
Topic: hotspot https certificate
Replies: 0
Views: 663

hotspot https certificate

I have successfully followed the tutorial on this link: http://wiki.mikrotik.com/wiki/HotSpot_external_login_page Login page redirect on regular http sites. I'm aware that I need to have an SSL certificate on my login page so that mikrotik can successfully redirect login pages. However, even install...
by nerdtron
Fri Feb 21, 2014 6:26 am
Forum: Beginner Basics
Topic: HOTSPOT - issues with secure web pages.
Replies: 22
Views: 12552

Re: HOTSPOT - issues with secure web pages.

Hi,
I would like to know If you use an external login page?
I mean, the mikrotik login page redirects to an external https page?
I have a problem of https redirection, I already have an SSL for my external login page.
by nerdtron
Thu Feb 20, 2014 4:18 pm
Forum: General
Topic: Ovpn certificate expiry
Replies: 3
Views: 882

Re: Ovpn certificate expiry

Activated NTP for the correct time. Still certificates are shown to be valid for only 365 days.
by nerdtron
Thu Feb 20, 2014 3:25 am
Forum: General
Topic: PCC balancing issues
Replies: 6
Views: 1125

Re: PCC balancing issues

I'll make a compromise on this, especially if you need a reliable connection. (since PCC tend to just throw you on each link)
I'll make half of the LAN clients go to WAN1 and the other half of the LAN to WAN2.
See here: http://wiki.mikrotik.com/wiki/Load_Bala ... e_Gateways
by nerdtron
Thu Feb 20, 2014 3:21 am
Forum: General
Topic: hotspot login page works, mostly.
Replies: 3
Views: 704

Re: hotspot login page works, mostly.

It is possible to redirect https traffic to the login page if you activate the https in the Login tab of the hotspot server profile. But you will need to have an ssl certificate installed on mikrotik.
by nerdtron
Thu Feb 20, 2014 3:15 am
Forum: General
Topic: Ovpn certificate expiry
Replies: 3
Views: 882

Ovpn certificate expiry

Hi all, I'm using openVPN with certificates on mikrotik devices. The server is an Ubuntu server. I generated the certificates on the server and uploaded them on mikrotik. When I generated the certificates, they are valid for 3650 days. I tried opening them on windows and it says certificate is valid...
by nerdtron
Wed Feb 19, 2014 4:02 am
Forum: General
Topic: dafault ping size
Replies: 0
Views: 370

dafault ping size

I noticed that whenever I use the ping command in mikrotik, the default packet is 56 bytes. [admin@client2] > ping 192.168.1.27 HOST SIZE TTL TIME STATUS 192.168.1.27 56 56 897ms 192.168.1.27 56 56 337ms 192.168.1.27 56 56 306ms Is there a way to set the default packet size to 32 bytes only?
by nerdtron
Wed Feb 19, 2014 3:37 am
Forum: General
Topic: can't rename imported certificate?
Replies: 10
Views: 2336

Re: can't rename imported certificate?

OpenVPN still works in 6.10 as I have tested. But renaming the certificates in winbox is not working.
by nerdtron
Wed Feb 19, 2014 3:18 am
Forum: General
Topic: PCC balancing issues
Replies: 6
Views: 1125

Re: PCC balancing issues

You won't see it in speed test because speed test traffic will only flow on one link.
Try downloading torrent and you'll see both link utilized.
Also what are you using as Per Connection Classifier?
both addresses?
both addresses and ports?
src addresses?
Try a different classifier.
by nerdtron
Tue Feb 18, 2014 11:34 am
Forum: General
Topic: V6.10 and openVPN
Replies: 4
Views: 1561

Re: V6.10 and openVPN

What particular settings are you having problems?
I'm using openvpn and routerOS version 6.10 with no issues so far. I'm using certificates too.

Also, try to look at the logs of your OpenVPN server.
by nerdtron
Tue Feb 18, 2014 3:54 am
Forum: General
Topic: Problem on WAN failover without scripting
Replies: 4
Views: 2027

Re: Problem on WAN failover without scripting

I prefer scripts like the netwatch II http://wiki.mikrotik.com/wiki/Improved_Netwatch_II
I also modified it to include a out interface on the ping command so that the ping will always check if connection on that interface is down.
by nerdtron
Mon Feb 17, 2014 3:50 pm
Forum: General
Topic: Non-Mikrotik based remote hotspot and billing server
Replies: 2
Views: 816

Re: Non-Mikrotik based remote hotspot and billing server

This will help you: http://wiki.mikrotik.com/wiki/HotSpot_external_login_page It is recommend to use a radius server for this. Define an external radius server in mikrotik. Then edit the login.html in mikrotik as the link suggest and then put the external login.php on the server your remote hotspot ...
by nerdtron
Mon Feb 17, 2014 3:44 pm
Forum: General
Topic: Hotspot: Accept Terms->WalledGarden->Login - advise needed
Replies: 2
Views: 1667

Re: Hotspot: Accept Terms->WalledGarden->Login - advise need

This will help you: http://wiki.mikrotik.com/wiki/HotSpot_external_login_page Basically solves almost all problems. (you should have a radius server for this, or users defined in mikrotik device) Problem 2 is easily done using walled garden IP list. Then here comes problem 1 and 3. When the user wan...
by nerdtron
Mon Feb 17, 2014 3:31 pm
Forum: General
Topic: Need help with a redirect loop
Replies: 6
Views: 1751

Re: Need help with a redirect loop

You should activate the Hotspot feature for mikrotik. It has an option to show and advertisement on a specified time. Say every 30 minutes users browsing the web will be redirected to an advertisement page you have entered on the config.
by nerdtron
Mon Feb 17, 2014 3:28 pm
Forum: General
Topic: Problem on WAN failover without scripting
Replies: 4
Views: 2027

Re: Problem on WAN failover without scripting

Its really less complicated than that. All you really need to do is add two default gateways. One will have a higher distance than the other. Both will have Check gateway by ping enabled. Then you will also need two NAT rules. That will work perfectly and without any problems. Yes you can do this i...
by nerdtron
Mon Feb 17, 2014 4:43 am
Forum: General
Topic: changing default route weird behavior (simple question)
Replies: 10
Views: 1667

Re: changing default route weird behavior (simple question)

Default on mine too is 10 secs. The problem is, on the mikrotik terminal, ping will still have replies when I change the default route. On the computer connected on the LAN, changing the default route will stop the ping replies. I need to issue another ping command to have replies. I'm looking to re...
by nerdtron
Mon Feb 17, 2014 3:44 am
Forum: General
Topic: changing default route weird behavior (simple question)
Replies: 10
Views: 1667

Re: changing default route weird behavior (simple question)

I think that's working as intended.
I don't know how's Cisco working, but you can do the same with MT.
Yes I'm trying to find out how to do it in mikrotik. Can you point which settings should I look at?
by nerdtron
Mon Feb 17, 2014 3:42 am
Forum: General
Topic: changing default route weird behavior (simple question)
Replies: 10
Views: 1667

Re: changing default route weird behavior (simple question)

Maybe connection tracking?
/ip firewall connection
I tried changing the timeouts to 10 seconds. It marks connections as timeouts but the behavior of continuous ping on the client computer still stops.
Can you elaborate on how to change settings here?
by nerdtron
Sat Feb 15, 2014 8:19 am
Forum: General
Topic: changing default route weird behavior (simple question)
Replies: 10
Views: 1667

Re: changing default route weird behavior (simple question)

Just a single LAN IP block on all lan ports, all lan ports are on a single bridge interface. I declared my lan on an address-list. /ip firewall address-list add address=192.168.1.0/24 list=lan-users Then declared NAT for each interface. /ip firewall nat add action=masquerade chain=srcnat out-interfa...
by nerdtron
Sat Feb 15, 2014 6:46 am
Forum: General
Topic: changing default route weird behavior (simple question)
Replies: 10
Views: 1667

changing default route weird behavior (simple question)

I have been using cisco devices in the past and I haven't faced this problem until I used mikrotik. Say I have: LAN: 192.168.1.0/24 WAN1 gateway: 10.10.10.1 (Distance = 1) WAN2 gateway: 11.11.11.1 (Distance = 2) I'm not using any policy routing, juts normal default routing. All lan traffic to intern...
by nerdtron
Fri Feb 14, 2014 3:51 am
Forum: General
Topic: https problem on hotspot
Replies: 97
Views: 90634

Re: https problem on hotspot

Hotspot does not redirect SSL 443 sites , unless you enable HTTPS redirection and run the hotspot on 443 on the Mikrotik. You will then substitute the lack of redirects for an HTTPS certification error. That is sad to hear. No known workaround yet without using https on hotspot? I think is better n...
by nerdtron
Mon Feb 10, 2014 5:30 am
Forum: General
Topic: https problem on hotspot
Replies: 97
Views: 90634

https problem on hotspot

Hi all, I have activate hotspot for wifi user on my RB951. Problem is when users type google.com, they are redirected to https://google.com and an SSL error appears. "Unable to make a secure connection to the server." This only happens when users try to access a https site. Normal http sites redirec...
by nerdtron
Thu Jan 30, 2014 7:13 am
Forum: General
Topic: Quick hotspot question
Replies: 3
Views: 413

Re: Quick hotspot question

No... Slave interfaces shouldn't have IP addresses, any DHCP/hotspot servers, etc. You should set them on the bridge interface (master). Can you elaborate more why you can't or you shouldn't do this? I have 2 SSID, the first one is the primary wireless interface and the second is a virtual IP. The ...
by nerdtron
Tue Jan 28, 2014 4:43 am
Forum: General
Topic: hostspot does not redirect on laptop
Replies: 4
Views: 1218

Re: hostspot does not redirect on laptop

Ah it works now! I must have clicked it sometime when I was testing.
Thanks!
by nerdtron
Mon Jan 27, 2014 12:29 pm
Forum: General
Topic: hostspot does not redirect on laptop
Replies: 4
Views: 1218

Re: hostspot does not redirect on laptop

Thanks for the tip on https:// Is there a way to redirect https sites too? Anyway, I tried to access a normal http site and still no good. Only a blank page. On the status bar of the browser it says Looking up local... Then changes to Waiting for www.local.com... It just loops between the two. Any i...
by nerdtron
Mon Jan 27, 2014 4:18 am
Forum: General
Topic: hostspot does not redirect on laptop
Replies: 4
Views: 1218

hostspot does not redirect on laptop

Hi all, I was following this tutorial to have an external login page for mikrotik hotspot. http://wiki.mikrotik.com/wiki/HotSpot_external_login_page So far it is working good, when a users wants to browse the web, they are redirected to the login page which is located on a another server. But this o...
by nerdtron
Mon Jan 27, 2014 4:12 am
Forum: General
Topic: Hotspot Login Page bypass only one link
Replies: 5
Views: 11914

Re: Hotspot Login Page bypass only one link

You can add the URL or IP address to the walled garden of your hotspot. This is more like a whitelist, which allows the users to access certain websites without the need to login. Then you can add a link on the hotspot page to that page. If users want to browse other websites that is not defined on ...
by nerdtron
Mon Jan 13, 2014 4:17 am
Forum: General
Topic: re: How to monitor the Upload/download rate of clients?
Replies: 7
Views: 7916

Re: re: How to monitor the Upload/download rate of clients?

If each client is connected on their own ethernet port on the mikrotik router, you can try limit upload/download limit per port.
by nerdtron
Thu Jan 09, 2014 3:08 am
Forum: General
Topic: Hotspot external page
Replies: 3
Views: 933

Re: Hotspot external page

by nerdtron
Tue Jan 07, 2014 11:52 am
Forum: General
Topic: cannot download full speed
Replies: 4
Views: 3698

Re: cannot download full speed

How did you *merge* the two wan? Like the above poster said, you can't connect to a server using two different ip (because you have 2 wan). Try torrentiing and you can see improved results. On normal browsing and file downloads, you can only use one connection at a time. Load balancing only works by...
by nerdtron
Tue Jan 07, 2014 3:13 am
Forum: General
Topic: hotspot specific settup
Replies: 1
Views: 438

Re: hotspot specific settup

Try bridging the wlan and the lan ports. I remember when I first tried hotspot on the default setting of the rb951ui, my lan computers were redirected to the login page of the hotspot.
by nerdtron
Tue Jan 07, 2014 3:10 am
Forum: General
Topic: Help! Auth users across multiple MTs RADIUS user-manger AAA
Replies: 3
Views: 896

Re: Help! Auth users across multiple MTs RADIUS user-manger

I use a freeRadius server with mikrotik clients. When I receive the errror "unknown address" usually is that the address of the mikrotik client is not allowed (or defined) on the server for authentication. What IP are the mikrotik client uses to communicate to the Radius server? I think you need to ...
by nerdtron
Sun Jan 05, 2014 12:29 pm
Forum: General
Topic: OpenVPN Access Server and Mikrotik ovpn client
Replies: 14
Views: 8508

Re: OpenVPN Access Server and Mikrotik ovpn client

Onn the openVPN server config file, you should have a line there for disabling TLS, Also, don't use compression and use TCP for connection.
by nerdtron
Sat Jan 04, 2014 2:41 pm
Forum: General
Topic: PPTP VPN Question
Replies: 2
Views: 680

Re: PPTP VPN Question

How do you configure your VPN server? you should "push routes" from server to clients so that even without the default gateway option, your client will know the routes from the VPN server.
by nerdtron
Sat Jan 04, 2014 5:58 am
Forum: General
Topic: Use external IPs on internal servers
Replies: 5
Views: 1306

Re: Use external IPs on internal servers

If it is /30, then it is just a point-to-point connection, one is your ISP and one is your WAN IP.
Or do you have more IP blocks?
by nerdtron
Thu Jan 02, 2014 12:59 pm
Forum: General
Topic: mikrotik+freeradius
Replies: 3
Views: 1045

Re: mikrotik+freeradius

I use freeradius as well with mysql database. I use DaloRadius web config to define users. Using this web GUI, I can define a session timeout for each user.
by nerdtron
Sat Dec 28, 2013 9:19 am
Forum: General
Topic: 2 ISP lines -> 2 networks -> 1 RB750
Replies: 2
Views: 1677

Re: 2 ISP lines -> 2 networks -> 1 RB750

The link above will be very helpful. I made some adjustments when I followed it.
Have you looked at my thread? http://forum.mikrotik.com/viewtopic.php?f=2&t=80027
by nerdtron
Thu Dec 26, 2013 10:21 am
Forum: General
Topic: Load balancing question
Replies: 3
Views: 603

Re: Load balancing question

You can't use a vpn channel on constantly changing/switching connection unless you have a way to have the same source address when you switch connection. So either you setup a failover setup or if you have two links, you can have one vpn tunnel each.
by nerdtron
Thu Dec 26, 2013 10:17 am
Forum: General
Topic: Bandwidth limit on Ethernet port
Replies: 5
Views: 16944

Re: Bandwidth limit on Ethernet port

If it is Ethernet port limiting, you can create a simple queue in winbox to limit the speed per port.
http://www.youtube.com/watch?v=wBVqzYYnAJ8
by nerdtron
Thu Dec 26, 2013 10:13 am
Forum: General
Topic: Email - error connecting to server
Replies: 14
Views: 3296

Re: Email - error connecting to server

What is the mail.log of the mail server when mikrotik tries to send email?
by nerdtron
Mon Dec 23, 2013 4:35 pm
Forum: General
Topic: How to simulate internet issues on a wifi interface?
Replies: 3
Views: 803

Re: How to simulate internet issues on a wifi interface?

Does your wifi has the same IP block as your LAN? Make specific NAT rules, let's say your lan start at 192.168.1.2-50, then wifi IPs are 192.168.51-254, then created a NAT rule that will only NAT LAN IPs. Define the scr-address-list in address lists. Or if your testing wifi from a single IP (say you...
by nerdtron
Fri Dec 20, 2013 3:05 pm
Forum: General
Topic: How to simulate internet issues on a wifi interface?
Replies: 3
Views: 803

Re: How to simulate internet issues on a wifi interface?

Many ways, if the device is just connected via wifi, just unplug the internet connection and the see what happens. The device is still connected to the wifi but no internet connection. Then plug the internet connection again. Another option would be to disable/enable the nat rules. Open up winbox an...
by nerdtron
Thu Dec 19, 2013 3:47 pm
Forum: General
Topic: Mikrotik
Replies: 2
Views: 595

Re: Mikrotik

Get a battery pack that has the same rating as the power adapter of mikrotik. Then either buy a cable or solder you own so that the power cable is the same that can be plug on the mikrotik.
by nerdtron
Thu Dec 19, 2013 11:51 am
Forum: General
Topic: hotspot does not redirect to login page
Replies: 1
Views: 2084

Re: hotspot does not redirect to login page

I think I solved it (I still need to confirm if packets are marked correctly), in case somebody will encounter same problem.

Add hotspot=auth on mangle rule for wifi and then add a nat line.
/ip firewall nat add chain=pre-hotspot dst-address-type=!local hotspot=auth
by nerdtron
Thu Dec 19, 2013 7:01 am
Forum: General
Topic: hotspot does not redirect to login page
Replies: 1
Views: 2084

hotspot does not redirect to login page

Hi all, I have the following config: The setup is lan network ports (192.168.14.0/24) will be routed to wan1 and wifi users (192.168.15.0/24) will be routed on wan2. It seems to be working as expected. Problem: When I activate the hotspot for wifi users, users are not redirected to the login page. T...
by nerdtron
Thu Dec 19, 2013 6:15 am
Forum: Scripting
Topic: hotspot does not redirect to login page
Replies: 0
Views: 974

hotspot does not redirect to login page

Hi all, I have the following config: The setup is lan network ports (192.168.14.0/24) will be routed to wan1 and wifi users (192.168.15.0/24) will be routed on wan2. It seems to be working as expected. Problem: When I activate the hotspot for wifi users, users are not redirected to the login page. T...
by nerdtron
Thu Dec 19, 2013 5:15 am
Forum: General
Topic: 2 LAN 2 gateways
Replies: 6
Views: 1883

Re: 2 LAN 2 gateways

OK, I think I made some progress, instead of just src-address in the mangle rules, I made it src-address-list and then added firewall address-list. /ip firewall address-list add address=192.168.14.0/24 list=lan-users add address=192.168.15.0/24 list=wifi-users /ip firewall mangle add action=mark-rou...
by nerdtron
Thu Dec 19, 2013 4:28 am
Forum: General
Topic: 2 LAN 2 gateways
Replies: 6
Views: 1883

Re: 2 LAN 2 gateways

Rudios, I am aware of that, thanks for the reminder. Here is my export: #lan1 is 192.168.14.0/24 network #wifi network is 192.168.15.0/24 #wan1 gateway is 192.168.20.1 #wan2 gateway is 192.168.46.1 Basically I want all wifi to pass on wan2, and I want all lan1 to pass on wan1 /interface ethernet set...
by nerdtron
Wed Dec 18, 2013 10:41 am
Forum: General
Topic: Require microtik hotspot login templet
Replies: 1
Views: 458

Re: Require microtik hotspot login templet

You mean the login.html from the mikrotik hotspot page?
Open Winbox, then click Files. You'll see a folder there named hotspot which contain all template files. Just drag the whole hotspot folder to your dekstop and everything will be copied.
by nerdtron
Wed Dec 18, 2013 10:36 am
Forum: General
Topic: 2 LAN 2 gateways
Replies: 6
Views: 1883

Re: 2 LAN 2 gateways

That is exactly what I followed before posting here. Almost the same setup, only difference on mine is lan1 is from the lan ports (3-5 interface) and lan2 is the wlan1 interface.

But fail, is that tutorial even working or I need to add more config that is not mentioned on the tutorial??
by nerdtron
Wed Dec 18, 2013 3:05 am
Forum: General
Topic: 2 LAN 2 gateways
Replies: 6
Views: 1883

2 LAN 2 gateways

So I have two seperate LAN, 192.168.1.0/24 (lan1) and 192.168.2.0/24 (lan2). I also have two gateway (internet) on port1 and port2 of the RB951.
I want to make all lan1 have a gateway to port1 and all lan2 have a gateway to port2?
How can I approach this?
by nerdtron
Tue Dec 17, 2013 3:32 am
Forum: General
Topic: Reset failed after following the wireless station guide.
Replies: 3
Views: 1113

Re: Reset failed after following the wireless station guide.

Download Winbox. http://download2.mikrotik.com/winbox.exe You can connect a PC directly to any LAN port, and then open winbox. Connect using the MAC Address of that port and the System>Reset configuration. This will erase all config and only the factory defaults will remain. Using the physical reset...
by nerdtron
Sun Dec 15, 2013 2:35 am
Forum: General
Topic: Incoming connection NAT
Replies: 2
Views: 700

Re: Incoming connection NAT

What is your /ip firewall nat export?
by nerdtron
Fri Dec 13, 2013 11:31 am
Forum: General
Topic: Script
Replies: 2
Views: 648

Re: Script

Add a comment to the wlan1 as "WIFI" ##netwatch script 1,check if internet on port 1 is down ## This will ping 8.8.8.8 on the internet, if it doesn't respond in 15 consecutive tries and if wifi is up, wlan1 interface will be disabled. :local i 0; {:do {:set i ($i + 1)} while (($i < 15) && ([/ping 8....
by nerdtron
Thu Dec 12, 2013 3:40 am
Forum: General
Topic: seperate hotspot login page
Replies: 2
Views: 622

Re: seperate hotspot login page

Great. Thanks a lot for this. I'll update if I have problems.

EDIT: Seems to be working! :) I'll need to take to the programmers on how to customize this further.
by nerdtron
Wed Dec 11, 2013 1:07 pm
Forum: General
Topic: seperate hotspot login page
Replies: 2
Views: 622

seperate hotspot login page

Has anyone tried this in the wiki? http://wiki.mikrotik.com/wiki/Manual:Customizing_Hotspot#Misc Scroll a bit down to see the "Making HotSpot to authenticate on a remote server" part. Basically, the concept is that the login page will be hosted on an external server. Then once you click submit on th...
by nerdtron
Mon Dec 09, 2013 3:27 am
Forum: General
Topic: Radius authentication
Replies: 3
Views: 652

Re: Radius authentication

Thanks. Yes I'm aware of these. But as far as I understood, you define the profile that the router assigns on a user is defined on the router. Is it possible to define the "session-timeout" of a user from the radius server? I mean, the radius server will push settings to the mikrotik router dependin...
by nerdtron
Sat Dec 07, 2013 11:03 am
Forum: General
Topic: Radius authentication
Replies: 3
Views: 652

Radius authentication

Hi all, I was setting up a Radius server today for use by the hotspot in mikrotik RB951Ui. It seems to be working as I was able to authenticate a few test users on the landing page of mikrotik hotspot. My questions is, after I authenticate the user, what is the default time before they need to authe...
by nerdtron
Fri Dec 06, 2013 4:45 am
Forum: General
Topic: failover not working if WAN1 is up
Replies: 1
Views: 509

failover not working if WAN1 is up

Hi all, I followed this guide http://wiki.mikrotik.com/wiki/Improved_Netwatch_II Script 1 pings a remote host using WAN1 and then if it fails, it set the default route to 3 which makes the WAN2 the default route. It works fine. However once the connection is back again on WAN1, it no longer detects ...
by nerdtron
Thu Dec 05, 2013 9:25 am
Forum: General
Topic: [TUTORIAL] Mikrotik OVPN Client as Gateway Interface
Replies: 6
Views: 4627

Re: [TUTORIAL] Mikrotik OVPN Client as Gateway Interface

Thanks for your replies. I read the config again. Seems like the default was to use UDP and Mikrotik doesn't support it. Changed the server config to TCp and its working now.

Now I can begin writing scripts for failover.
by nerdtron
Wed Dec 04, 2013 5:36 am
Forum: General
Topic: [TUTORIAL] Mikrotik OVPN Client as Gateway Interface
Replies: 6
Views: 4627

Re: [TUTORIAL] Mikrotik OVPN Client as Gateway Interface

I followed them all. We even have the same tutorial for the openvpn server. I'm sure it is working as I can connect a Linux computer or another router as a client to the vpn server. The server is working fine. How ever when I try to connect the mikrotik RB951Ui-2HnD, I can't connect to the server. T...
by nerdtron
Tue Dec 03, 2013 3:50 am
Forum: General
Topic: Help configuring interfaces WAN
Replies: 3
Views: 637

Re: Help configuring interfaces WAN

Great, thanks for your reply. I am now using winbox, but I still get disconnected when I disable port 2? I think it's because the master-local port and the other port are dependent on it? Can you explain the structure of these interfaces and how do I make them independent of each other? Thank you fo...
by nerdtron
Mon Dec 02, 2013 3:23 am
Forum: General
Topic: Help configuring interfaces WAN
Replies: 3
Views: 637

Help configuring interfaces WAN

Hi all, I have a Mikrotik RB951Ui with a total 5 LAN ports in which port 1 is the WAN port. It came with the default configuration. But I want to have dual wan setup so I want port 2 to act as WAN2 port. I can't seem to figure out how to start the configuration. I can only access the device using th...
by nerdtron
Sat Nov 30, 2013 7:56 am
Forum: General
Topic: dual wan rb951ui
Replies: 0
Views: 445

dual wan rb951ui

Hi all, We bought this router RB951Ui-2HnD routerboard. It's small and has 5 ports wherein port 1 is the default WAN port. I new to this router OS and the web GUI is quite overwhelming. However, here is were i get stuck. I want to make port 1 and port 2 as WAN port, and every time I change something...
by nerdtron
Sat Nov 30, 2013 7:55 am
Forum: General
Topic: dual wan rb951ui
Replies: 0
Views: 427

dual wan rb951ui

Hi all, We bought this router RB951Ui-2HnD routerboard. It's small and has 5 ports wherein port 1 is the default WAN port. I new to this router OS and the web GUI is quite overwhelming. However, here is were i get stuck. I want to make port 1 and port 2 as WAN port, and every time I change something...