Community discussions

Search found 43 matches

by finalcutroot
Mon Apr 02, 2018 2:05 am
Forum: Announcements
Topic: Urgent security advisory
Replies: 110
Views: 88651

Re: Urgent security advisory

this will block the winbox bruteforce attempt add action=drop chain=input comment="drop winbox brute forcers" dst-port=8291 protocol=tcp src-address-list=winbox_blacklist add action=add-src-to-address-list address-list=winbox_blacklist address-list-timeout=1w3d chain=input connection-state=new dst-p...
by finalcutroot
Sun Mar 05, 2017 11:28 am
Forum: Beginner Basics
Topic: Site to Site VPN for multiple network
Replies: 0
Views: 426

Site to Site VPN for multiple network

Cisco ASA <static ip> ---[ipsec site to site] --- <static ip> Mikrotik-01 >>>-----IPsec s2s------< dynamic ip >Mikrotik-02 Lan 172.16.0.1 Lan 172.16.10.1 Lan 172.16.20.1 between Cisco ASA and Mikrotik-01 the tunnel is up and running between Mikrotik-01 & Mikritk-02 the tunnel is up and running i nee...
by finalcutroot
Wed Feb 15, 2017 2:52 pm
Forum: Beginner Basics
Topic: ftp connection droped
Replies: 1
Views: 307

ftp connection droped

i can connect to ftp server from pc behind mikrotik , but can not transfere files : got too many connection error
by finalcutroot
Fri Dec 23, 2016 8:46 pm
Forum: Beginner Basics
Topic: NAT internal address before passing to VPN
Replies: 7
Views: 637

Re: NAT internal address before passing to VPN

If you have accept rule in srcnat chain to exempt traffic from default masquerade, and this new rule before it, you won't see additional hits there. Rule with action=src-nat is enough as end result. But it should be ok, because neither default masquerade will catch the connection. If it doesn't wor...
by finalcutroot
Wed Dec 21, 2016 10:25 pm
Forum: Beginner Basics
Topic: NAT internal address before passing to VPN
Replies: 7
Views: 637

Re: NAT internal address before passing to VPN

but no traffic pass through the nat exempt
my nat exempt is
accept from 192.168.200.151 10.3.136.0 , but no hits
by finalcutroot
Wed Dec 21, 2016 9:30 pm
Forum: Beginner Basics
Topic: NAT internal address before passing to VPN
Replies: 7
Views: 637

Re: NAT internal address before passing to VPN

/ip firewall nat
add chain=srcnat src-address=172.16.3.151 dst-address=10.3.136.0 action=src-nat to-addresses=192.168.200.151

Many thanks bro, do i need to make static route as long this 192.168.200.151 is not listed on any of my router interface
your help is really appropriated
by finalcutroot
Tue Dec 20, 2016 1:47 pm
Forum: Beginner Basics
Topic: NAT internal address before passing to VPN
Replies: 7
Views: 637

NAT internal address before passing to VPN

i need to nat 172.16.3.151 into 192.168.200.151 before it pass the ipsec vpn tunnel Source Network Translated Network Remote Network 172.16.3.151 192.168.200.151 10.3.136.0 i need to know only how to translate 172.16.3.151 into 192.168.200.151 so if the 172.16.3.151 ping 10.3.136.0 the ping look lik...
by finalcutroot
Sat Oct 15, 2016 5:58 pm
Forum: General
Topic: PPTP iOS10
Replies: 59
Views: 23440

Re: PPTP iOS10

i have router with static ip and it has ipsec connections to another 7 routers with dynamic ip ( thats work fine) i have created another l2tp/ipsec connection to support iPhone IOS 10 , the new peer has another preshared key , this work up to 10 hours then the cpu get 100%, also the cpu get 100% whe...
by finalcutroot
Sat Jan 23, 2016 9:29 am
Forum: Beginner Basics
Topic: uaer manager and trial user
Replies: 0
Views: 394

uaer manager and trial user

can i authenticate hotspot trial user using usermanager
by finalcutroot
Fri Aug 14, 2015 8:08 pm
Forum: Announcements
Topic: 6.31 released
Replies: 227
Views: 47215

Re: 6.31 released

Thank You ,,

i wonder if there is any upcoming updates regarding to hotspot ?? in security specially like preventing Mac cloning
by finalcutroot
Wed Aug 05, 2015 5:35 pm
Forum: Beginner Basics
Topic: Arp/mac Spoofing
Replies: 1
Views: 813

Arp/mac Spoofing

how to block arp/mac spoofing mikrotik ccr1036
i'm using hotspot over bridge and the authentication using mac
by finalcutroot
Mon Jul 20, 2015 3:48 pm
Forum: Announcements
Topic: v6.30.x bugfix release
Replies: 136
Views: 33422

Re: v6.30.1 bugfix release

when i try to upgrade CCR1036-8G-2S+
Error Missing : wireless-6.30.1-tile.npk
CCR doesn't have wireless interfaces. Remove the wireless package.
Thank You ,, :D :D :D

Any new updates on HOTSPOT , after mac-cookies almost nothing new
by finalcutroot
Sun Jul 19, 2015 5:22 pm
Forum: Announcements
Topic: v6.30.x bugfix release
Replies: 136
Views: 33422

Re: v6.30.1 bugfix release

when i try to upgrade CCR1036-8G-2S+
Error Missing : wireless-6.30.1-tile.npk
by finalcutroot
Sat May 30, 2015 10:54 am
Forum: Beginner Basics
Topic: Show the comments as a column
Replies: 1
Views: 650

Show the comments as a column

in hotspot i made login using mac (only) so i add the mac address for the use in (ip>hotspot>user) in the user name i add the mac in the password i add the "password" then i add in the comment as"name for this user" in active tab under(ip hotspot active) i need to Show the comments as a column is th...
by finalcutroot
Sat Mar 14, 2015 11:00 pm
Forum: Announcements
Topic: RouterOS v6.27 released
Replies: 273
Views: 99657

Re: RouterOS v6.27 released

There is abug drive me crazy

when i add static ip address for int eth1 its gone after tow or three day

and when i add static ip address then goto quick set up , just click apply the added static rout also gone
by finalcutroot
Sun Mar 08, 2015 2:21 am
Forum: Announcements
Topic: RouterOS v6.27 released
Replies: 273
Views: 99657

Re: RouterOS v6.27 released

this script on (rb750 , os 6.27 , winbox Winbox 3.0rc5) with hotspot cause crash after a while the crash occur when you go to interface menu /system scheduler add interval=1d name=Start on-event=Start policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive start-date=dec/07/2014 start-time...
by finalcutroot
Tue Feb 24, 2015 9:39 pm
Forum: Announcements
Topic: RouterOS v6.27 released
Replies: 273
Views: 99657

Re: RouterOS v6.27 released

This is the third time
when i open winbox and goto the Interfaces
the router crash
i use simple script/scheduler to turn off interfaces on specific time
by finalcutroot
Thu Feb 05, 2015 11:27 pm
Forum: General
Topic: RouterOS v6.26!
Replies: 72
Views: 24148

Re: RouterOS v6.26!

finalcutroot More information please. What models? What previous firmware? What winbox version? What routerboard firmware version? Can you access now? What was the fix? Did you send MT a support file? I won't be upgrading until health information is fixed. We need this without exception. RB750G win...
by finalcutroot
Thu Feb 05, 2015 8:26 pm
Forum: General
Topic: RouterOS v6.26!
Replies: 72
Views: 24148

Re: RouterOS v6.26!

After I upgrade ,,, when i login to router using winbox suddenly the router crash and i no longer can access it !!!!!!!!!!!!!!!!????????
it happens on 3 router
by finalcutroot
Mon Feb 02, 2015 9:06 pm
Forum: Beginner Basics
Topic: CCR1036-1036-8G-2S+
Replies: 0
Views: 366

CCR1036-1036-8G-2S+

why i cant make slave interface in CCR1036-1036-8G-2S+
i need to use three interface as slave to hotspot
by finalcutroot
Sat Nov 29, 2014 8:42 am
Forum: Scripting
Topic: Hotspot users
Replies: 0
Views: 544

Hotspot users

i use hotspot for customer authentication by mac address each customer have one hour free internet per day the problem is when the RB750gl restart the user can gain another hour so the restriction broken by power-outage is their any way to keep there mac address on disk all the day to avoid that Tha...
by finalcutroot
Tue Nov 04, 2014 10:18 pm
Forum: General
Topic: v6.21.1 released
Replies: 112
Views: 27310

Re: v6.21.1 released

lte - changed device identification for devices which regenerate MAC address,
most likely this will loose device's configuration;

more detailes please
by finalcutroot
Fri Oct 03, 2014 9:00 am
Forum: General
Topic: v6.20 released!
Replies: 146
Views: 58466

Re: v6.20 released!

the latest update on hot spot was in version 6.0 the (login by mac cookies)
since then no updates

any way as i use MT for hotspot / update to 6.20 no problem

Thanks
by finalcutroot
Fri Sep 19, 2014 6:09 pm
Forum: General
Topic: winbox behind proxy
Replies: 1
Views: 1939

winbox behind proxy

i hope winbox start supporting proxy settings
or get proxy settings from IE proxy
by finalcutroot
Mon Sep 08, 2014 9:08 pm
Forum: Beginner Basics
Topic: any new in hotspot ??
Replies: 12
Views: 1813

Re: any new in hotspot ??

i said so because there is a whole lot of software in google market that change mac address "well known solution"

but with "combination solution" it would be harder at least on average users
by finalcutroot
Sun Sep 07, 2014 7:35 pm
Forum: Beginner Basics
Topic: any new in hotspot ??
Replies: 12
Views: 1813

Re: any new in hotspot ??

It depends if the client is willing to tell you other identification in the DHCP communication. You could try to use it. But client can change everything on his side if he knows how you make the detection. that's what am talking about if you notice in ip > dhcp server >> leases >> active hostname a...
by finalcutroot
Sun Sep 07, 2014 7:26 pm
Forum: Beginner Basics
Topic: any new in hotspot ??
Replies: 12
Views: 1813

Re: any new in hotspot ??

there is no way...

DID YOU EVER NOTICE THAT ALL YOUR ANSWERS IS JUST "I DONT KNOW" but in other words ,,, DID YOU !!!
by finalcutroot
Sat Sep 06, 2014 8:05 am
Forum: Beginner Basics
Topic: any new in hotspot ??
Replies: 12
Views: 1813

Re: any new in hotspot ??

hope those issues fix in version 7

something like "combination between mac address and smartphone serial number" authentication
by finalcutroot
Sat Aug 30, 2014 7:19 pm
Forum: Beginner Basics
Topic: any new in hotspot ??
Replies: 12
Views: 1813

Re: any new in hotspot ??

is there is any other solution or technology can do that
by finalcutroot
Thu Aug 28, 2014 8:59 pm
Forum: Beginner Basics
Topic: any new in hotspot ??
Replies: 12
Views: 1813

any new in hotspot ??

i have hotspot that allow users to access internet only 2h per one day

how to prevent trial-user who change his mac address from login again and renew the 2 hour/day
how to allow trial-user to login automaticly without having to open page using browser (specialy user on smart phone)
by finalcutroot
Fri Apr 18, 2014 11:30 pm
Forum: Forwarding Protocols
Topic: OVERLAP NAT
Replies: 2
Views: 1090

Re: OVERLAP NAT

by finalcutroot
Fri Apr 18, 2014 11:07 pm
Forum: Forwarding Protocols
Topic: OVERLAP NAT
Replies: 2
Views: 1090

OVERLAP NAT

hot to create overlap nat between hotspot on one interface and another interface (connected to router)

so eth0 ip range 192.168.1.0/24
the hotspot range 192.168.1.0/24
by finalcutroot
Fri Apr 18, 2014 7:56 pm
Forum: Beginner Basics
Topic: HOTSPOT ip range
Replies: 5
Views: 912

Re: HOTSPOT ip range

You can modify the configuration.
if i modify the subnet of hotspot the gateway in (ip>rouets) will change from reachable from eth1 to eath4 and i lost the connection to 172.16.10.0/24 i cant event then able to ping the eth1 ip 172.16.10.2
by finalcutroot
Fri Apr 18, 2014 7:04 pm
Forum: Beginner Basics
Topic: HOTSPOT ip range
Replies: 5
Views: 912

Re: HOTSPOT ip range

How ?
by finalcutroot
Fri Apr 18, 2014 1:55 pm
Forum: Beginner Basics
Topic: HOTSPOT ip range
Replies: 5
Views: 912

HOTSPOT ip range

i have router------>mikrotik---------->NETGEAR Access Point router interface ip 172.16.10.0/24 this interface connected to mikrotik gateway interface in Mikrotik i create hotspot on interface 4 which is connected to WIFI AP Mikrotik interface 1 IP : 172.16.10.2 i need the hotspot to take ip range li...
by finalcutroot
Sun Apr 13, 2014 1:14 am
Forum: Beginner Basics
Topic: Hotspot trial user
Replies: 0
Views: 401

Hotspot trial user

can we store trial user info on disk , so i can keep there information when the RB750g restarted !!!!
by finalcutroot
Sat Mar 22, 2014 8:05 pm
Forum: Beginner Basics
Topic: winbox and proxy server
Replies: 1
Views: 793

winbox and proxy server

why winbox does not support connection behind proxy server

any future plane to change it to accept connection behind proxyserver .....!!!??
by finalcutroot
Sat Mar 22, 2014 7:58 pm
Forum: Beginner Basics
Topic: Power outage
Replies: 3
Views: 972

Re: Power outage

have you that script ?
by finalcutroot
Fri Mar 21, 2014 6:02 pm
Forum: General
Topic: v6.11 released
Replies: 260
Views: 79551

Re: v6.11 released

Thanks for your great efforts
by finalcutroot
Fri Mar 21, 2014 9:03 am
Forum: Beginner Basics
Topic: Power outage
Replies: 3
Views: 972

Power outage

:? when Rb750gl rebooted it lost information about free trail user and then they can log in again any way to store this info till the reset time come (truly i have a very bad help disk in remote office who use this way to gain more time ) and how to use more info than only mac address for login tria...
by finalcutroot
Thu Mar 13, 2014 12:53 am
Forum: Beginner Basics
Topic: Winbox behind firewall
Replies: 3
Views: 1124

Re: Winbox behind firewall

Here the topology (pFsense <> squid3) > my computer (where i use winbox to connect to remote 750gl routerbord) Sorry. That makes no sense. Do you mean: 750GL <--> Internet <--> pfsense <--> Squid3 <--> Computer If your only access to the Internet is through a squid proxy, then you won't be able to ...
by finalcutroot
Tue Mar 11, 2014 11:37 pm
Forum: Beginner Basics
Topic: Winbox behind firewall
Replies: 3
Views: 1124

Winbox behind firewall

Here the topology

(pFsense <> squid3) > my computer (where i use winbox to connect to remote 750gl routerbord)

the problem is i cant connect to public ip of routerborard using winbox behind (pfsense/squid3) :?


Please help