Community discussions

Search found 876 matches

  • 1
  • 2
  • 3
  • 4
  • 5
  • 18
by msatter
Sun Sep 23, 2018 1:04 am
Forum: General
Topic: restore back to identical devices never works :(
Replies: 28
Views: 813

Re: restore back to identical devices never works :(

In the backup the MAC are different then those in the restored to device. It could be so that restore always respect the devices MAC and use them.
by msatter
Wed Sep 19, 2018 2:15 pm
Forum: General
Topic: IPSec with preshared key security warning os. 6.43.1
Replies: 6
Views: 242

Re: IPSec with preshared key security warning os. 6.43.1

This is mainly used for VPN services and if we want to avoid this we could change to OpenVPN or IKE2 but that are not fully or not supported in RouterOS.

So we have to bear with these warnings for some time longer.
by msatter
Tue Sep 18, 2018 12:48 pm
Forum: Announcements
Topic: v6.44beta [testing] is released!
Replies: 73
Views: 8455

Re: v6.44beta [testing] is released!

Remember that in MikroTik RouterOS, backup file is for restoring past configuration on the same device, not a safeguard against a lost or damaged device, for restoring on other devices, you should be using "export" config files. Export config files is death for me. Tried everything what is mentione...
by msatter
Sat Sep 15, 2018 1:47 pm
Forum: General
Topic: DNS Server TTL problem
Replies: 14
Views: 500

Re: DNS Server TTL problem

Having problems with DNS resolves with zero or very short TTL then Mikrotik could enforce a minimal TTL applied to the cache in RouterOS. In this way address lists are limited in its frequency sending DNS requests. This can be set to a fixed time by Mikrotik or made user configurable and being disab...
by msatter
Fri Sep 14, 2018 9:35 pm
Forum: General
Topic: DNS Server TTL problem
Replies: 14
Views: 500

Re: DNS Server TTL problem

Mikrotik was beating my DNS server to death with constant requests for local domains which have a TTL of zero. I have now a separate DNS server to force DNS cache by Mikrotik, to comply by setting an longer TTL for those local domains. Why do people always expect MikroTik to fix other people's stup...
by msatter
Fri Sep 14, 2018 11:51 am
Forum: RouterBOARD hardware
Topic: SFP module is extremely hot
Replies: 25
Views: 3754

Re: SFP module is extremely hot

I got me a second RB760iGS and modified it differently. I made a heath conducting bridge between the SFP cage and the metal surrounding the network ports. This was not enough and I put again the heathsink between the power connector and the SFP module. The temperature stays below 50 degrees Celsius ...
by msatter
Fri Sep 14, 2018 11:45 am
Forum: Announcements
Topic: Security announcement blog
Replies: 90
Views: 11746

Re: Security announcement blog

Email list Now we're talking. I was subscribed to it until it stopped sending me emails, without me unsubscribing. Where can I find that list? That solves the complete issue. I just thought they've dropped the list. Is it this one? https://mikrotik.com/client/ecom_notify.php I got that link from my...
by msatter
Thu Sep 13, 2018 7:51 pm
Forum: General
Topic: DNS Server TTL problem
Replies: 14
Views: 500

Re: DNS Server TTL problem

It took me a year to convince Mikrotik that their current implementation of DNS cache is not workable. They have said that they are going to improve it but the is no TTL on that as always with Mikrotik. Mikrotik was beating my DNS server to death with constant requests for local domains which have a...
by msatter
Mon Sep 10, 2018 9:11 pm
Forum: Announcements
Topic: Winbox vulnerability: please upgrade
Replies: 224
Views: 24724

Re: Winbox vulnerability: please upgrade

@msatter: Is it joke or not?
https://www.rdw.nl/particulier/nieuws/2 ... -rijbewijs

The internet is full of news items about Rutte rijbewijs
by msatter
Mon Sep 10, 2018 1:01 pm
Forum: Announcements
Topic: Winbox vulnerability: please upgrade
Replies: 224
Views: 24724

Re: Winbox vulnerability: please upgrade

Our Dutch Prime Minister has also a driver license made in Poland on his name.

Darn the advertisement is removed.
by msatter
Thu Sep 06, 2018 4:21 am
Forum: Announcements
Topic: Winbox vulnerability: please upgrade
Replies: 224
Views: 24724

Re: Winbox vulnerability: please upgrade

How to warn user of Mikrotik products to update I made already constructive remarks and when they are up to it or are forced to be up to it it will happen. Let's start small and first get the correct information to the users and seeing today again lacking that in completeness and drive to have all t...
by msatter
Wed Sep 05, 2018 5:37 pm
Forum: Announcements
Topic: Winbox vulnerability: please upgrade
Replies: 224
Views: 24724

Re: Winbox vulnerability: please upgrade

I deeply disappointed by Heise to not investigated further for them selves and inquire with Mikrotik. I had high regarded for Heise as a reliable and trustworthy news source. That they neglected the bugfix version and declared any version below 6.42.x as unsafe. That Heise made this blunder is shock...
by msatter
Wed Sep 05, 2018 10:58 am
Forum: Announcements
Topic: Security announcement blog
Replies: 90
Views: 11746

Re: Security announcement blog

:-)
by msatter
Sat Sep 01, 2018 10:07 pm
Forum: RouterBOARD hardware
Topic: Mikrotik VDSL / DSL Modem?
Replies: 298
Views: 55369

Re: Mikrotik VDSL / DSL Modem?

Copper perfectly suited to be used in closely build area's and over cable 1Gbit/s is already used and VDSL is also available in higher speeds. Fiber is well suited to cover long distances of 20+ km and here in the Netherlands it is more and more used for people living outside the cities. The people ...
by msatter
Sat Aug 25, 2018 4:06 pm
Forum: Announcements
Topic: v6.40.9 [bugfix] is released!
Replies: 51
Views: 8645

Re: v6.40.9 [bugfix] is released!

Request to make the security section accessible from the blog menu. Noticing that did raised my blood pressure significantly. ;-) Pressure has dropped by now to more normal levels. I now see that when you scroll down you will find a mention of software and security so it is there but I would love th...
by msatter
Sat Aug 25, 2018 4:01 pm
Forum: RouterOS v6 RC and v7 BETA
Topic: Suggestion for improved ROS update/upgrade process
Replies: 4
Views: 413

Re: Suggestion for improved ROS update/upgrade process

Before we did not all times had to update the firmware. If Mikrotikvonly increase the firmware version number if there has been a change to it in real you could spare yourself a load of second reboots.
by msatter
Fri Aug 24, 2018 8:27 pm
Forum: Announcements
Topic: v6.43rc [release candidate] is released!
Replies: 558
Views: 80876

Re: v6.43rc [release candidate] is released!

osc86 , we are aware of the issue. It will be fixed until 6.43 is released in current release channel. It would be nice if that would also be communicated in the changelog if something gets broken in the process and there is knowledge about that. Preferable also in red to warn. Saves downgrades for...
by msatter
Mon Aug 20, 2018 7:10 pm
Forum: Beginner Basics
Topic: Mikrotik DNS not working [SOLVED]
Replies: 3
Views: 289

Re: Mikrotik DNS not working [SOLVED]

Note: If allow-remote-requests is used make sure that you limit access to your server over TCP and UDP protocol.

To the outside.
by msatter
Thu Aug 16, 2018 11:27 am
Forum: General
Topic: VLAN on RB750Gr3
Replies: 7
Views: 426

Re: VLAN on RB750Gr3

That about vlan support in the future for the RB750Gr3/RB760iGS is to be found here:
viewtopic.php?t=113724&start=50#p567533
by msatter
Mon Aug 13, 2018 6:27 pm
Forum: Beginner Basics
Topic: google captcha after installing mikrotik
Replies: 4
Views: 319

Re: google captcha after installing mikrotik


In the captcha window, there is a link "Why did this happen?" Check there.

My guess is you have a public IP associated with malicious activity of some type.
So Google make you now also look as criminal...thanks.
by msatter
Mon Aug 13, 2018 12:28 pm
Forum: Beginner Basics
Topic: google captcha after installing mikrotik
Replies: 4
Views: 319

Re: google captcha after installing mikrotik

Google is just bugging you because they can.

Google does not like not to be able to know everything about you moving over the internet. This message is shown, when you are doing something right.

Better is to use duckduckgo.com to conduct your searches.
by msatter
Sun Aug 12, 2018 11:57 pm
Forum: RouterBOARD hardware
Topic: hAP ac² Amazon USA Price
Replies: 13
Views: 939

Re: hAP ac² Amazon USA Price

Don't buy Amazon. ;-)

Have a look who the reseller is and where he is situated. Could Eastern Europe so shipping costs.
by msatter
Thu Aug 09, 2018 12:42 am
Forum: Announcements
Topic: Security announcement blog
Replies: 90
Views: 11746

Re: Security announcement blog

I made a filter that act as a honeypot for port 8291 and I caught some fish and added that to my drop line in RAW and log when there is a revisit in that CIDR. I have the 146.185.222.0/24 (Barbarich Viacheslav Yuryevich) CDIR trying every 30 seconds to approach a port. It is still going it tried por...
by msatter
Wed Aug 08, 2018 2:45 pm
Forum: Announcements
Topic: v6.43rc [release candidate] is released!
Replies: 558
Views: 80876

Re: v6.43rc [release candidate] is released!

Found the problem and it was that I changed to an other DNS server that did not Round Robin by default.
by msatter
Tue Aug 07, 2018 12:37 pm
Forum: Announcements
Topic: v6.40.8 [bugfix] is released!
Replies: 37
Views: 10988

Re: v6.40.8 [bugfix] is released!

If 6.40.8 is safe in respect to latest rumors on miners https://www.bleepingcomputer.com/news/security/massive-coinhive-cryptojacking-campaign-touches-over-200-000-mikrotik-routers/ ? I keep hear that bugfix is not safe, but I'm not ready to mass-upgrade and reconfigure my park of routers to curren...
by msatter
Mon Aug 06, 2018 3:57 pm
Forum: Announcements
Topic: Winbox vulnerability: please upgrade
Replies: 224
Views: 24724

Re: Winbox vulnerability: please upgrade

It looks that an CVE has been created and I don't know enough about if it is done by the one who discovered this vulnerability of by Mikrotik self. The CVE number is: CVE-2018-14847
by msatter
Mon Aug 06, 2018 3:56 pm
Forum: Announcements
Topic: Winbox vulnerability: please upgrade
Replies: 224
Views: 24724

Re: Winbox vulnerability: please upgrade

We have added more details, so that it is more clear: https://blog.mikrotik.com/security/winbox-vulnerability.html thanks, it is much more clear now. Except that the 6.28 version is vulnerable too . I am able to read usernames/passwords from boards with this version using winbox vulnerability explo...
by msatter
Mon Aug 06, 2018 1:50 pm
Forum: The User Manager
Topic: Paypal
Replies: 24
Views: 1373

Re: Paypal

is it possible to downgrade 6.43rc45 (Release candidate) to a lower version?
why?
Why not?

It is possible but please the backup files you have to make, separate.

Restore the matching versions of RouterOS and backup file .
by msatter
Mon Aug 06, 2018 1:30 pm
Forum: Announcements
Topic: Winbox vulnerability: please upgrade
Replies: 224
Views: 24724

Re: Winbox vulnerability: please upgrade

Well, the linked blog does include this information Versions that include a fix: 6.40.8 [bugfix] or 6.42.1 [current] released on 25-mar-2018 We have added more details, so that it is more clear: https://blog.mikrotik.com/security/winbox-vulnerability.html I did write that the blog did contain that ...
by msatter
Mon Aug 06, 2018 11:14 am
Forum: Announcements
Topic: Winbox vulnerability: please upgrade
Replies: 224
Views: 24724

Re: Winbox vulnerability: please upgrade

According to changelog it is fixed What's new in 6.40.8 (2018-Apr-23 11:34): !) winbox - fixed vulnerability that allowed to gain access to an unsecured router; So why would they post this again if it was fixed in April? do you can read ? THEN, IS THIS CLEAR INFORMATION? All versions from 6.29 (rel...
by msatter
Mon Aug 06, 2018 9:43 am
Forum: Announcements
Topic: Winbox vulnerability: please upgrade
Replies: 224
Views: 24724

Re: Winbox vulnerability: please upgrade

It's disappointing that both the httpd vulnerability
We did fix and send on day one.
This is referring to this post: viewtopic.php?f=21&t=137572#p678156
by msatter
Mon Aug 06, 2018 1:14 am
Forum: General
Topic: Mikrotik in the news..bad news
Replies: 57
Views: 3292

Re: Mikrotik in the news..bad news

Thanks Bram for explaining this and the access data was indeed stored in the device and so not with Mikrotik. Was stored, this because the password is not stored in router anymore, if I remember that well?
by msatter
Sun Aug 05, 2018 5:39 pm
Forum: RouterOS v6 RC and v7 BETA
Topic: Ltap mini upgraded to RC and GPS dissapear [SOLVED]
Replies: 3
Views: 254

Re: Ltap mini upgraded to RC and GPS dissapear [SOLVED]

I think you have to request support by mailing to support@mikrotik.com
by msatter
Sun Aug 05, 2018 3:37 pm
Forum: Announcements
Topic: Winbox vulnerability: please upgrade
Replies: 224
Views: 24724

Re: Winbox vulnerability: please upgrade

Mikrotik has room improve also with the blog... Rhetorical question: Why people needs blogs, tweets or Facebook messages to feel beeing informed well? Because Twitter and Facebook are not wideley accepted ways to communicate. Facebook is evil and Twitter 'rate limits' me so of the visits I make onl...
by msatter
Sun Aug 05, 2018 3:26 pm
Forum: General
Topic: Firewall rules not working after 6.42.6 upgrade
Replies: 19
Views: 780

Re: Firewall rules not working after 6.42.6 upgrade

A RB750Gr3 and RB760iGS you can activate HW acceleration but still get local yo local traffic going through the processor. To partly avoid this, I notrack them in RAW. Despite I enable switch in the config it won't stick and only HW acceleration is steering is doing it the background but does not mi...
by msatter
Sun Aug 05, 2018 1:48 pm
Forum: General
Topic: Mikrotik in the news..bad news
Replies: 57
Views: 3292

Re: Mikrotik in the news..bad news

Since a few months we have now GDPR laws which regulated protection of private information.

I think that I can state that password falls also under the GDPR and that would have the impact that Mikrotik did not do enough, to protect their customers under the GPDR.
by msatter
Sun Aug 05, 2018 1:22 pm
Forum: Announcements
Topic: Winbox vulnerability: please upgrade
Replies: 224
Views: 24724

Re: Winbox vulnerability: please upgrade

Course I know where announcements a located, I am not stupid. I am calling for doing that bit extra to inform all and keep an important notice im the picture.Creating the notice in announcements hope al is going being right from there is not working as is proven now. Mikrotik has room improve also w...
by msatter
Sun Aug 05, 2018 10:28 am
Forum: Announcements
Topic: Winbox vulnerability: please upgrade
Replies: 224
Views: 24724

Re: Winbox vulnerability: please upgrade

43north ... you are using our forum ... you are posting ... why have you not upgraded your router earlier even you have had (I suppose) knowledge of the problem? Honestly I had never read the announcements section of the forum, I do now...... and will from here on out. My ignorance cost me, I know....
by msatter
Sat Aug 04, 2018 8:29 pm
Forum: General
Topic: Mikrotik in the news..bad news
Replies: 57
Views: 3292

Re: Mikrotik in the news..bad news

Hands up who is daily following CVE news? I have bookmarked for Mikrotik and AVM now. AVM had a good run after the last containment of the VOIP vulnerability. ISP often offer also VOIP and the had to compensate customers for the expenseive calls made due to this vulnerability. Version 7 by AVM is r...
by msatter
Sat Aug 04, 2018 6:17 pm
Forum: General
Topic: Mikrotik in the news..bad news
Replies: 57
Views: 3292

Re: Mikrotik in the news..bad news

The warning e-mails by Mirkotik are sent out a day after news. I hope next week we will be informed why informing resellers and users that were on the mailing list were not informed earlier about the risk. If creating a CVE would have reduced the number of routers being infected to spread bad softwa...
by msatter
Sat Aug 04, 2018 1:17 am
Forum: Beginner Basics
Topic: Ethernet over power and PPPOE
Replies: 3
Views: 194

Re: Ethernet over power and PPPOE

Hi guys need some help. I have fibre connection to Ethernet over power net next device plugged into Mikrotik on ETH1 for PPPOE getting connection from other Ethernet over power thats connected to ISP. Works great no issue. But now I have other ETH over power device in other room but it does not get...
by msatter
Fri Aug 03, 2018 11:34 pm
Forum: Announcements
Topic: Winbox v3.16 released!
Replies: 63
Views: 9010

Re: Winbox v3.16 released!

OK I was thinking of the communication between routers and the Master Password is about saving the configs in a file on your computer so you can transfer to an other instance of Winbox. I was wrong! So looking at what it is and how it works and the options. Looking at the password interface I can on...
by msatter
Fri Aug 03, 2018 10:16 pm
Forum: General
Topic: Firewall rules not working after 6.42.6 upgrade
Replies: 19
Views: 780

Re: Firewall rules not working after 6.42.6 upgrade

That conversion is mandatory from 6.41 and Master port is replaced by bridge.

viewtopic.php?f=21&t=128915
by msatter
Fri Aug 03, 2018 9:09 pm
Forum: Announcements
Topic: Winbox vulnerability: please upgrade
Replies: 224
Views: 24724

Re: Winbox vulnerability: please upgrade

The MAC addressing is used inside the network (L2) and sometimes on the first hop to your ISP router/switch. MAC can't be blocked as discussed in other threads.

viewtopic.php?f=21&t=133533&p=656925&hi ... 51#p656925
by msatter
Fri Aug 03, 2018 9:00 pm
Forum: RouterBOARD hardware
Topic: SFP module is extremely hot
Replies: 25
Views: 3754

Re: SFP module is extremely hot

I have Mikrotik in the utility close to the outside wall so it gets warm and toasty especially these sunny days. The heat generated the optical devices seems more moderate than purely electrical SFP modules. And those sqaure copper heatsinks looks to me to be very efficient but I don't enough extrud...
by msatter
Fri Aug 03, 2018 6:04 pm
Forum: General
Topic: IP Addresses list that access to google
Replies: 4
Views: 251

Re: IP Addresses list that access to google

The addresses depends on which ISP you use.

If you want it from Google self then ask their DNS at IP 8.8.8.8 and IP 8.8.4.4
  • 1
  • 2
  • 3
  • 4
  • 5
  • 18