Community discussions

Search found 1013 matches

  • 1
  • 2
  • 3
  • 4
  • 5
  • 21
by msatter
Sun Mar 24, 2019 11:33 pm
Forum: Announcements
Topic: v6.45beta [testing] is released!
Replies: 64
Views: 10919

Re: v6.45beta [testing] is released!

Thanks for adding ECDSA certificates!
by msatter
Wed Mar 20, 2019 1:07 pm
Forum: Announcements
Topic: Tik App, MikroTik android utility ALPHA test
Replies: 394
Views: 128045

Re: Tik App, MikroTik android utility ALPHA test

Neither of the two apps are in Beta anymore. Delete them, and install them again from the regular stores, if you still see the beta. I uninstalled the APP and installed it again but is still stating beta on the APP page and shows up in my beta list in the Play Store. Got it. I have first to leave t...
by msatter
Wed Mar 20, 2019 12:17 pm
Forum: Announcements
Topic: Tik App, MikroTik android utility ALPHA test
Replies: 394
Views: 128045

Re: Tik App, MikroTik android utility ALPHA test

My post has nothing to do with getting the APP. It has everything to do with making sure the APP is up to date and informing MT users which is the latest app version. For example my APP was on version 0.24. I was fat dumb and happy. NO INDICATIONS were provided UNLIKE other apps, that my app was ou...
by msatter
Tue Mar 19, 2019 7:08 pm
Forum: Announcements
Topic: Tik App, MikroTik android utility ALPHA test
Replies: 394
Views: 128045

Re: Tik App, MikroTik android utility ALPHA test

I AM NOT DEAF I ONLY CAN'T READ.
by msatter
Mon Mar 18, 2019 9:01 pm
Forum: General
Topic: Putty updated to 0.71
Replies: 12
Views: 503

Re: Putty updated to 0.71

RB760iGS (hEX S) with the SFP being cooled. @msatter pray tell how do you cool the SFP on your hEXs ... got a pic? Yes, and I have now only the one between the power cable and the SFP and used a round file to make slight indentation so that not to much force is put on the power connector. When it i...
by msatter
Mon Mar 18, 2019 3:07 pm
Forum: General
Topic: Putty updated to 0.71
Replies: 12
Views: 503

Re: Putty updated to 0.71

Or a coffee LOL.
Remember: sleeping is poor substitute for caffeine.
Sleep helps me to solve problems and caffeine makes me run in circles around it and not solving the problem. Some problem can't be solved and the you have learn with them.
by msatter
Mon Mar 18, 2019 3:04 pm
Forum: General
Topic: Putty updated to 0.71
Replies: 12
Views: 503

Re: Putty updated to 0.71

Which is my point. Post it in the phucking putty forum. Do you want me to start effing posting everytime there is a windows update, a linux update, a macos update, an avast update, etc etc etc............ I might as well post everytime I pop a zit, and pluck a nose hair. ;-) And yes, I have been he...
by msatter
Mon Mar 18, 2019 2:15 am
Forum: General
Topic: Putty updated to 0.71
Replies: 12
Views: 503

Putty updated to 0.71

Our trusty Putty has been updated to version 0.71. A time ago a vulnerability was discovered and through the EU-funded bounty program a few more were shared. The latest version can be downloaded from: https://www.chiark.greenend.org.uk/~sgtatham/putty/latest.html Change log: https://www.chiark.green...
by msatter
Sun Mar 17, 2019 1:47 pm
Forum: Beginner Basics
Topic: Recommend way to block Ads with Mikrotik
Replies: 9
Views: 368

Re: Recommend way to block Ads with Mikrotik

No, I am using Pi-hole.
by msatter
Sun Mar 17, 2019 12:58 pm
Forum: Scripting
Topic: Bypass mobile phones to different dhcp pool
Replies: 4
Views: 189

Re: Bypass mobile phones to different dhcp pool

Beta 6.45

*) dhcpv4-server - added "vendor-class-id" matcher (CLI only);
by msatter
Thu Mar 14, 2019 2:35 pm
Forum: Scripting
Topic: How to really make backups (by script) ?
Replies: 15
Views: 534

Re: How to really make backups (by script) ?

It seems that the MAC address is programmed in the hardware which appears when you erase the restored MAC.

It is config backup and the setting you mention a for the same device or if you want to duplicste a device.
by msatter
Wed Mar 13, 2019 2:52 pm
Forum: Scripting
Topic: How to really make backups (by script) ?
Replies: 15
Views: 534

Re: How to really make backups (by script) ?

Copy and past your MAC reset script in the export.rsc file.
by msatter
Thu Mar 07, 2019 7:08 pm
Forum: General
Topic: hEX S shows activity on disabled SFP port without a link
Replies: 6
Views: 232

Re: hEX S shows activity on disabled SFP port without a link

Should be fixed in 6.44

*) ethernet - fixed packet forwarding when SFP interface is disabled on hEX S;
by msatter
Fri Feb 22, 2019 7:28 pm
Forum: Beginner Basics
Topic: Turn off system LED
Replies: 1
Views: 139

Re: Turn off system LED

Led me shine a bright beam of blue light to what you missed to see:

viewtopic.php?f=3&t=144860
by msatter
Fri Feb 22, 2019 2:32 pm
Forum: General
Topic: Security issue when Winbox exposed
Replies: 67
Views: 4073

Re: Security issue when Winbox exposed

It was fixed before Tenable made the issue public. MikroTik and Tenable gave users time to upgrade before making any announcements.
That is not a direct answer to my question however a indirect one, like this will do. :-)
by msatter
Fri Feb 22, 2019 1:31 pm
Forum: General
Topic: Security issue when Winbox exposed
Replies: 67
Views: 4073

Re: Security issue when Winbox exposed

Because the most common question is, when you will fix this. It's already fixed. So it was already fixed before Tenable contacted Mikrotik? I just noticed that my Dect phone was blinking red and it was the Mikrotik RSS feed that was updated about this. I still urge to state minimal safe patch level...
by msatter
Fri Feb 22, 2019 1:30 pm
Forum: General
Topic: Security issue when Winbox exposed
Replies: 67
Views: 4073

Re: Security issue when Winbox exposed

@msatter To me Tenable went public to soon. Absolutely agree, however, I wonder why would they do it... This is pure hypothesis : Maybe Tenable originally agreed to keep it secret for some period of time, but after they saw that the security fix was silently released as "improvement", they decided ...
by msatter
Fri Feb 22, 2019 1:20 pm
Forum: General
Topic: Security issue when Winbox exposed
Replies: 67
Views: 4073

Re: Security issue when Winbox exposed

Statement https://blog.mikrotik.com/security/cve-20193924-dude-agent-vulnerability.html I understand that Mikrotik wants to speak in a positive way about this but why include the in bold words? Tenable had previously contacted MikroTik about this issue, so a fix has already been released on Februar...
by msatter
Fri Feb 22, 2019 1:25 am
Forum: Announcements
Topic: v6.44rc [testing] is released!
Replies: 67
Views: 10217

Re: v6.44rc [testing] is released!

It takes a bit longer and if you don't have any response from support during this monday then send a reminder.
by msatter
Fri Feb 22, 2019 1:21 am
Forum: General
Topic: Security issue when Winbox exposed
Replies: 67
Views: 4073

Re: Security issue when Winbox exposed

State minimal safe RouterOS and let the bad boys guess what vulnerability is. Agree with the ones bringing the 'problem' under attention of Mikrotik to have a delay of 30 days after patching, before going public so that users can upgrade in that time. To me Tenable went public to soon. If Mikrotik t...
by msatter
Thu Feb 21, 2019 10:17 pm
Forum: General
Topic: Security issue when Winbox exposed
Replies: 67
Views: 4073

Re: Security issue when Winbox exposed

Would I see the day that Mikrotik just states current, minimal RouterOS version is x.xx in plain sight for us!?!?

We have now a security blog which not telling anything about this even not the current minimal version.

Excellent that it was fixed that fast however we are left in the dark.
by msatter
Mon Feb 04, 2019 12:01 am
Forum: RouterBOARD hardware
Topic: For real, what is with these blinding power leds?
Replies: 11
Views: 949

Re: For real, what is with these blinding power leds?

I also use black tape to block those tiny flashlights from lighting up the whole room.
by msatter
Thu Jan 31, 2019 11:24 pm
Forum: Announcements
Topic: Tik App, MikroTik android utility ALPHA test
Replies: 394
Views: 128045

Re: Tik App, MikroTik android utility ALPHA test

Looks realy good and the addresslists works now and the APP does not crash anymore on reading the lists.
by msatter
Wed Jan 23, 2019 1:59 pm
Forum: General
Topic: UDP SIP INVITEs fragmenting through EoIP
Replies: 8
Views: 350

Re: UDP SIP INVITEs fragmenting through EoIP

Is connection tracking enabled? There is in mangle also a option to accept fragmentend (following) packages.

Matches fragmented packets. First (starting) fragment does not count. If connection tracking is enabled there will be no fragments as system automatically assembles every packet
by msatter
Tue Jan 22, 2019 12:44 pm
Forum: Announcements
Topic: v6.44beta [testing] is released!
Replies: 365
Views: 71171

Re: v6.44beta [testing] is released!

security by obscurity Anyway management interfaces, be it Winbox, APIs, ssh, web and whatnot should never be exposed without proper filtering. So the version display is harmless in my opinion. I agree. If the untrusted person can see your TELNET interface, you are in much bigger trouble than an exp...
by msatter
Mon Jan 21, 2019 11:35 pm
Forum: General
Topic: Mangle Dilemma: PassThrough Vs Jump
Replies: 3
Views: 236

Re: Mangle Dilemma: PassThrough Vs Jump

And then you have return that also stops the processing in not only the chain but also all the chains that page just like no passthrough.
by msatter
Sat Jan 19, 2019 1:17 pm
Forum: Announcements
Topic: v6.44beta [testing] is released!
Replies: 365
Views: 71171

Re: v6.44beta [testing] is released!

All software/interfaces by Mikrotik mention the software version before login, including the Android app.

Then this must be something Mikrotik wants to communicate up front. So you can think to have RouterOS not share the current version of it and state a null value.
by msatter
Mon Dec 31, 2018 6:23 pm
Forum: RouterOS v6 RC and v7 BETA
Topic: Feature Request: OpenVPN [ovpn] udp tunnels
Replies: 228
Views: 75956

Re: Feature Request: OpenVPN [ovpn] udp tunnels

NordVPN says no. RouterOS is getting outdated.
by msatter
Sun Dec 30, 2018 9:09 pm
Forum: General
Topic: NordVpn and mikrotik?
Replies: 11
Views: 1310

Re: NordVpn and mikrotik?

I just checked and it is not going to happen till ROS 7.

viewtopic.php?p=650295
by msatter
Sun Dec 30, 2018 7:52 pm
Forum: General
Topic: NordVpn and mikrotik?
Replies: 11
Views: 1310

Re: NordVpn and mikrotik?

Hmmmm, interesting. I thought IKEv2 client could not do this. Going test this on a later moment.
by msatter
Sun Dec 30, 2018 1:09 pm
Forum: General
Topic: NordVpn and mikrotik?
Replies: 11
Views: 1310

Re: NordVpn and mikrotik?

No go, as stated on that page.
by msatter
Fri Dec 28, 2018 12:57 pm
Forum: RouterBOARD hardware
Topic: RB750 Aluminum Electrolytic Capacitor SMD need replacement
Replies: 3
Views: 456

Re: RB750 Aluminum Electrolytic Capacitor SMD need replacement

Write an e-mail to support@mikrotik.com and hope they can give you specific info.
by msatter
Thu Dec 27, 2018 10:37 pm
Forum: General
Topic: Post Very good ... Thank you for that.
Replies: 3
Views: 322

Re: Post Very good ... Thank you for that.

Just keep reporting those posts.
Anyone can create an account and if they missbehave then they will be removed.
by msatter
Wed Dec 26, 2018 4:31 pm
Forum: General
Topic: Winbox port 8291 is invalid !
Replies: 7
Views: 750

Re: Winbox port 8291 is invalid !

Just to add: once also before this time I couldn't login from the outside, and I found that the winbox service was "disabled" !
Define outside?
by msatter
Mon Dec 24, 2018 1:10 pm
Forum: Beginner Basics
Topic: Help with firewall settings
Replies: 3
Views: 282

Re: Help with firewall settings

It looks sound but then I am not a expert on that.
by msatter
Mon Dec 24, 2018 1:00 pm
Forum: General
Topic: Adblocking with address lists
Replies: 4
Views: 354

Re: Adblocking with address lists

Pi-hole is running in low power usage, and not that expensive devices. Pi-hole also features Regex so Facebook and Google can be caught and blocked. Youtube advertising is not blockable by DNS.
by msatter
Mon Dec 24, 2018 12:55 pm
Forum: General
Topic: Pihole Hairpin NAT
Replies: 4
Views: 401

Re: Pihole Hairpin NAT

My answer did mentioning two places (DNS and DHCP) to change setting towards Pi-hole. If you have done that and it seemed you did because either with or witout those two lines it worked.

Those two lines, still can be omited.
by msatter
Mon Dec 24, 2018 12:20 am
Forum: Beginner Basics
Topic: Help with firewall settings
Replies: 3
Views: 282

Re: Help with firewall settings

Look at your DNS servers and those are going to Google and Cloudflare. Better is to use the DNS from IPVanish.

https://support.ipvanish.com/hc/en-us/a ... -DNS-Leaks
by msatter
Sun Dec 23, 2018 11:42 pm
Forum: General
Topic: Pihole Hairpin NAT
Replies: 4
Views: 401

Re: Pihole Hairpin NAT

This is a catcher for traffic that want to passby the normal path. That are line one and two. First you are going to tell the clients in DHCP that they are going to use the pi-hole as DNS. If that works then you are pointing the DNS of the router itself to pi-hole. If that works then you are doing s...
by msatter
Wed Dec 19, 2018 8:54 pm
Forum: General
Topic: Add 160.000 statics dns entries
Replies: 7
Views: 553

Re: Add 160.000 statics dns entries

I put that in NAT and the only DNS traffic allowed out is from the Pi-hole. Any other traffic on port 53, 5353, 853 is forced to the Pi-hole. Lets hope it ignores fake DNS traffic that eas not intended for DNS servers. ;-)
by msatter
Wed Dec 19, 2018 12:30 pm
Forum: General
Topic: Add 160.000 statics dns entries
Replies: 7
Views: 553

Re: Add 160.000 statics dns entries

RouterOS converts domains to IP addresses and stores those. Not efficient to do it that way and better keep using Pi-hole like I do.
by msatter
Mon Dec 17, 2018 2:04 pm
Forum: General
Topic: firewall is pushing the cpu
Replies: 25
Views: 1331

Re: firewall is pushing the cpu

My firewall more made for domestic use and the tips from the last posting members where more appropiate for you. I can't go without connection tracking and I go do some tuning for myself.
by msatter
Sun Dec 16, 2018 1:51 pm
Forum: General
Topic: firewall is pushing the cpu
Replies: 25
Views: 1331

Re: firewall is pushing the cpu

"tune (=reduce) conn tracking timeouts" is only relevant if you want to do connection tracking. Do you? If yes: you could reduce the timeout timing, so that connections are cleaned up sooner. Ex: "TCP established timeout" /ip firewall connection tracking settings Further make sure FastTrack rule is...
by msatter
Fri Dec 14, 2018 12:38 pm
Forum: Announcements
Topic: Product comparison matrix
Replies: 29
Views: 2969

Re: Product comparison matrix

Great table and it would be awesome if products of interest can be selected and viewed/compared in a dedicated table.
by msatter
Fri Dec 14, 2018 12:31 pm
Forum: General
Topic: 2 NAT masquerade
Replies: 11
Views: 607

Re: 2 NAT masquerade

  • 1
  • 2
  • 3
  • 4
  • 5
  • 21