Community discussions

Search found 54 matches

by agnostic
Sat Aug 10, 2019 1:43 am
Forum: General
Topic: lease-hostname lease script variable not working
Replies: 1
Views: 297

lease-hostname lease script variable not working

hello i put the following script to dhcp lease scripts according to this manual https://wiki.mikrotik.com/wiki/Manual:IP/DHCP_Server /tool fetch url=("http://10.10.10.1/add.php?clienthostname=$lease-hostname&mac=$leaseActMAC") which is working perfect from server side BUT this weird happens: at log ...
by agnostic
Tue Dec 04, 2018 9:50 am
Forum: Announcements
Topic: v6.42.10 [long-term] is released!
Replies: 25
Views: 10706

Re: v6.42.10 [long-term] is released!

but.... i did not upgraded directly to stable (6.43). i was on bugfix (6.42) and upgraded to long term when ddyns stopped working. without further actions of disabling cloud i then upgraded to stable and cloud came to life again.
by agnostic
Tue Dec 04, 2018 1:15 am
Forum: Announcements
Topic: v6.42.10 [long-term] is released!
Replies: 25
Views: 10706

Re: v6.42.10 [long-term] is released!

problem with this version on cloud system on rb750 and rb951. That sounds like typical issue which happens, when you upgrade/downgrade without disabling cloud first. since when? that has never happened to me from the time mikrotik implemented cloud system, accross ros updates. thats why it was so w...
by agnostic
Mon Dec 03, 2018 11:10 pm
Forum: Announcements
Topic: v6.42.10 [long-term] is released!
Replies: 25
Views: 10706

Re: v6.42.10 [long-term] is released!

problem with this version on cloud system on rb750 and rb951. after update both ros and firmware cloud system stuck to previous public ip not properly recognizing new public ip and could not update mikrotik dns!!! had to upgrade to stable (6.43.7) to make it work again. STAY AWAY from this version i...
by agnostic
Tue Jul 10, 2018 8:22 pm
Forum: General
Topic: pppoe problems
Replies: 1
Views: 283

Re: pppoe problems

nevermind... i found out that ISP limited pppoe connections to 1 per device and from that day problems occured to multiple pppoe from different routerboards with delayed connections or no connections at all. is there any way to make pppoe-out with different mac address to trick ISP that connects ano...
by agnostic
Tue Jul 10, 2018 7:16 pm
Forum: General
Topic: pptp not working
Replies: 3
Views: 371

Re: pptp not working

ditch pptp is very old and vulnerable. use sstp for win10 and server certificate or win 10 deny to connect. it is better protocol and has better connectivity tried pptp to bridge 2 routers and could not pass traffic due to packet fragmentation but with sstp worked out of the box like a charm.
by agnostic
Tue Jul 10, 2018 7:12 pm
Forum: General
Topic: pppoe problems
Replies: 1
Views: 283

pppoe problems

hello. i noticed some problems with pppoe-client discovery and connections through ether interfaces. either takes too long for service to be discovered or doesnt connect at all devices hap lite with software 6.40.8 the devices are connected to a modem with pppoe bridge enabled and never had any prob...
by agnostic
Mon Mar 12, 2018 8:06 pm
Forum: General
Topic: Routerboard pinging random addresses
Replies: 8
Views: 1018

Re: Routerboard pinging random addresses

you didnt tell us if you have any pc connected to routerboard. from what i see it seems like an infected with virus pc pinging an ip with random src address. if it wasnt for tx traffic it would probably be from outside but now it is from inside your network. at first disconnect every machine from ne...
by agnostic
Thu Feb 22, 2018 12:28 pm
Forum: General
Topic: Help!!! DDNS CRAZY
Replies: 3
Views: 428

Re: Help!!! DDNS CRAZY

yes you are right. that is indeed a private address i didnt noticed. so it is an ISP problem. i will contact my provider. Thank You. I think it is solved.
by agnostic
Thu Feb 22, 2018 10:59 am
Forum: General
Topic: Help!!! DDNS CRAZY
Replies: 3
Views: 428

Help!!! DDNS CRAZY

i recently purchased a hap lite mini (RouterBOARD 931-2nD) and tried to use cloud dns with a pppoe interface for cameras but there is a huge problem!!! see the picture below and you will understand. (ros 6.40.6 bugfix the same happens with previous one). to catch you up pppoe is the default route in...
by agnostic
Wed Feb 07, 2018 8:28 pm
Forum: General
Topic: hap mini cloud ddns problem
Replies: 0
Views: 294

hap mini cloud ddns problem

hello. today i just purchased for a first time a mikrotik hap mini to setup for cloud access for dvr but.... some weird problems appeared never seen before on other mikrotiks. 1) when router is with default configuration, internet from ether1 cloud dns points to public address from parent router and...
by agnostic
Tue Jun 06, 2017 9:54 am
Forum: General
Topic: Mikrotik Hap-Lite For Home Use
Replies: 1
Views: 339

Re: Mikrotik Hap-Lite For Home Use

hap lite is a cheap device that beats down very expensive equipment. i use hap lite for cafeterias and i have seen handling 100+ wireless users at once (it is dual chain wireless). you can use queues for managing traffic priorities per client or per ip etc.
by agnostic
Tue Jun 06, 2017 9:45 am
Forum: General
Topic: Half duplex 100 only and link duplex mismatch on hAP Lite and EPON
Replies: 22
Views: 3689

Re: Half duplex 100 only and link duplex mismatch on hAP Lite and EPON

you should go with a hap routerboard with gigabit ethernet because your isp to internet is approx 90 mbps as you said. keep in mind that 100mbps cable speed, on tcp protocol is approx 50-70 mbps. for ethernet link problems make sure you have a good cable, updated ros firmware (bugfix is good) and ch...
by agnostic
Thu Mar 09, 2017 8:31 pm
Forum: General
Topic: CIA exploits against Mikrotik hardware
Replies: 97
Views: 43960

Re: CIA exploits against Mikrotik hardware

The reason for such tools are inability to release properly patched versions in time. Cisco release cycle and bug fixing cycle takes years. MT just updated all their versions with a fix. Also nobody knows how compromised router actually looks like, so how can you create tool for that? Normis replie...
by agnostic
Thu Mar 09, 2017 6:02 pm
Forum: General
Topic: CIA exploits against Mikrotik hardware
Replies: 97
Views: 43960

Re: CIA exploits against Mikrotik hardware

web servers usually are most vulnerable to attacks. personally i dont use web interface and i lock winbox port of remote equipment via port triggering to avoid ip scanners. but wait a minute... could the hotspot web login interface be compromised too??
by agnostic
Sat Oct 22, 2016 10:07 am
Forum: General
Topic: 2 families, 2 ISPs and a shared network printer
Replies: 10
Views: 1533

Re: 2 families, 2 ISPs and a shared network printer

well, you could try to add 2 mangle rules: chain prerouting src address {your lan's 1 subnet (192.168.1.0/24)} dst address {your printer address (192.168.5.x)} action accept chain prerouting src address {your lan's 2 subnet (192.168.3.0/24)} dst address {your printer address (192.168.5.x)} action ac...
by agnostic
Fri Oct 21, 2016 6:09 pm
Forum: General
Topic: Protected RouterBOOT
Replies: 116
Views: 28417

Re: Protected RouterBOOT

why want a device that is impossible to reset to some standard and known settings? in case something goes bad you will have a dead router. it is prefered the router to work even in another provider. if you want to be ok to the idea that a client maybe use the device with other provider then charge t...
by agnostic
Fri Oct 21, 2016 5:52 pm
Forum: General
Topic: 2 families, 2 ISPs and a shared network printer
Replies: 10
Views: 1533

Re: 2 families, 2 ISPs and a shared network printer

tried hairpin nat or it gets dropped by your firewall rules??
by agnostic
Fri Oct 21, 2016 5:28 pm
Forum: General
Topic: Horrible experience with wireless. In need of a fix.
Replies: 10
Views: 1308

Re: Horrible experience with wireless. In need of a fix.

if your ap is a tplink maybe find a solution in the tplink forum. it is better to prefer the same manufacturer for long distance wireless bridges even of the same wireless chip because each manufacturer hardcodes some settings with different parameters and the most of them cannot be changed through ...
by agnostic
Fri Oct 21, 2016 5:15 pm
Forum: General
Topic: HTTPS URLs not working in hotspot walled garden
Replies: 11
Views: 4426

Re: HTTPS URLs not working in hotspot walled garden

have you got hotspot login https enabled? you also need to create a self signed certificate before that. try and check if it works.
by agnostic
Thu Oct 20, 2016 8:19 pm
Forum: General
Topic: Wildcard ssl
Replies: 2
Views: 514

Re: Wildcard ssl

theoretically you should be able to use the same ssl cert to multiple web servers if the are located in the same ip address but there is a problem... using a dns server for resolving example.domain.com VS example2.domain.com should point to same ip and port so there is the problem: cannot share same...
by agnostic
Thu Oct 20, 2016 12:43 pm
Forum: General
Topic: vlan isolation
Replies: 5
Views: 2360

Re: vlan isolation

thank you.
i will try that on my rb750 (i believe the same applies to other mipsbe l4 boards)
by agnostic
Thu Oct 20, 2016 12:10 pm
Forum: General
Topic: vlan isolation
Replies: 5
Views: 2360

vlan isolation

hello i am looking for an approach on how to effectively isolate vlans and different dhcp interfaces. by default when making a vlan (or creating a hotspot) on an interface i can access and ping main (with default configuration) network subnet BUT NOT the opposite (from main to hotspot or vlan). this...
by agnostic
Thu Oct 20, 2016 11:52 am
Forum: General
Topic: router access to internet
Replies: 2
Views: 458

Re: router access to internet

yes already did that (marked chain output and added to route) although the counters begin to rise, again no internet and no internet from local interfaces. i will try to rebuild the whole configuration and return with results.
by agnostic
Wed Oct 19, 2016 5:32 am
Forum: General
Topic: router access to internet
Replies: 2
Views: 458

router access to internet

hello i made a setup of 4 different vlans which i need not to contact each other, added firewall rules, route rules, 2 different pppoe connections so 2 vlans get different public ip. so far ok but there is a problem. router cannot connect to internet itself to update clock and firmware. i have manua...
by agnostic
Fri Jul 22, 2016 10:30 am
Forum: General
Topic: MIKROTIK SMB with external HDD or USB drive
Replies: 14
Views: 52048

Re: MIKROTIK SMB with external HDD or USB drive

i use an old RB951-2n with usb mod for my file server (1TB disk) for almost 2 years. it doesnt have much speed (about 4megs/sec) but its ok. i had posted the mod http://forum.mikrotik.com/viewtopic.php?t=84684 if you want a fast and reliable file server buy a nas. mikrotik routers is for routing and...
by agnostic
Thu Jul 21, 2016 10:51 am
Forum: General
Topic: hap lite overclock
Replies: 4
Views: 1504

Re: hap lite overclock

thank you for your information. i will consider to change this setting only if cpu throttles to 100% for long time and check the result, cause i use hap lite to coffee shops where 100+ clients are simultaneously connected. incredible little device with tremendous power can hold too many clients when...
by agnostic
Wed Jul 20, 2016 8:41 pm
Forum: General
Topic: hap lite overclock
Replies: 4
Views: 1504

hap lite overclock

i noticed on hap lite that cpu frequency can go up to 750mhz.
1 - is it safe to oveclock it?
2 - can this setting damage the router somehow?
3 - will the router overheat if i set freq to 750mhz?
by agnostic
Wed Jul 20, 2016 2:28 pm
Forum: General
Topic: Microtik cloud ipv6
Replies: 0
Views: 521

Microtik cloud ipv6

hello as a mikrotik user and IT technician and network administrator i was using mikrotik cloud for remote network support and configuration to my clients. recently i converted my clients networks to dual stack (ipv4-ipv6 slaac) using servers public ipv6 for access from remote locations eliminating ...
by agnostic
Thu Jul 14, 2016 1:22 pm
Forum: General
Topic: Hotspot redirect does not work when using HTTPS
Replies: 5
Views: 2020

Re: Hotspot redirect does not work when using HTTPS

forgot to mention that login with http chap and MAC cookie combined is better because some smartphones or tablets wont work properly otherwise.
by agnostic
Thu Jul 14, 2016 1:19 pm
Forum: General
Topic: Hotspot redirect does not work when using HTTPS
Replies: 5
Views: 2020

Re: Hotspot redirect does not work when using HTTPS

unfortunately all browsers have hardened https mismatches and wont allow continue to sites. the best way is to disable https login and then redirect will only work without https prefix on browser. on windows 7 and newer connecting to hotspots will trigger a popup informing you that you must provide ...
by agnostic
Thu Jul 14, 2016 12:40 pm
Forum: General
Topic: Hotspot redirect does not work when using HTTPS
Replies: 5
Views: 2020

Re: Hotspot redirect does not work when using HTTPS

first of all you need create a self signed certificate from System->Certificates menu (search forum how to create) then you need to enable hotspot https login by Ip->Hotspot->Sever profiles->{your profile}-> Login and chech https and below select your self signed certificate you just made. Congratul...
by agnostic
Thu Jan 14, 2016 10:32 pm
Forum: Announcements
Topic: v6.33.5 [current] is released!
Replies: 120
Views: 34034

Re: v6.33.5 [current] is released!

experiencing continuous port flapping problems since upgrade on two rb951-2n and an rb750 in switching configuration with vlans. it floods the log with ether up/down (only interfaces from the switch group 2-5) and the leds from rb's951 ethernet turn off and on again. anyone experiencing the same??
by agnostic
Mon Nov 30, 2015 7:50 pm
Forum: General
Topic: hotspot https captive portal with icap
Replies: 3
Views: 1703

Re: hotspot https captive portal with icap

if i am not wrong if you buy an ssl certificate from a valid ssl authority you no longer have the warning on the browser so you could redirect to your https login ip address without any problems. valid only if your hotspot is on external server with public ip address (ssl works this way) so you coul...
by agnostic
Mon Nov 30, 2015 2:31 pm
Forum: General
Topic: mikrotik forward incoming traffic to another external server ip
Replies: 0
Views: 367

mikrotik forward incoming traffic to another external server ip

hello. i need for a specific configuration where the real external ip address of a server needs to be hidden, to forward incoming traffic to my router (mikrotik) to ports 80 and 443 to an external ip address where a server is running so clients connect to me and my router forward traffic to server a...
by agnostic
Tue Nov 10, 2015 12:21 am
Forum: General
Topic: Block Spam email, By reaching 4 email sent in a min
Replies: 6
Views: 1133

Re: Block Spam email, By reaching 4 email sent in a min

it is difficult to distinguish individual mails. mikrotik reads packets not mails.
by agnostic
Tue Nov 10, 2015 12:17 am
Forum: Announcements
Topic: 6.33 version released!
Replies: 140
Views: 34204

Re: 6.33 version released!

hello after upgrade to ros 6.33 on rb951 and rb750 not available to work with smb anymore...just try to navigate through files and folders and connection gets dropped with no messages on log...cannot even read a file...downgraded again to 6.32.3 and fixed it :)
by agnostic
Mon Nov 09, 2015 11:13 pm
Forum: General
Topic: ros 6.33 smb problem
Replies: 1
Views: 355

ros 6.33 smb problem

hello after upgrade to ros 6.33 on rb951 and rb750 not available to work with smb anymore...just try to navigate through files and folders and connection gets dropped with no messages on log...cannot even read a file...downgraded again to 6.32.3 and fixed it :)
by agnostic
Thu Oct 08, 2015 8:15 pm
Forum: General
Topic: ros 6.32.2 tftp problem!!!
Replies: 1
Views: 519

Re: ros 6.32.2 tftp problem!!!

Just forget it....i finally found allow-rollover option and changed it VIA COMMAND LINE... it does not exist via menu so i could not change it....somehow with this update turned tftp rollover off so files over 32mb could not transfer...
by agnostic
Wed Sep 23, 2015 7:17 pm
Forum: General
Topic: ros 6.32.2 tftp problem!!!
Replies: 1
Views: 519

ros 6.32.2 tftp problem!!!

hello i upgraded my rb951-2n to 6.32.2 from 6.32.1 because of bogus "excessive broadcast/multicast" log messages and i experienced another problem on tftp service... when tries to transfer files over a specific size breaks tftp with error messages on log (see attached jpg) tftp_prob.jpg tested with ...
by agnostic
Fri Sep 19, 2014 1:56 pm
Forum: General
Topic: policy based routing to one internal adress
Replies: 5
Views: 1153

Re: policy based routing to one internal adress

if you have set 2 different secrets (pptp users) on your pptp server you are ok, normaly your router's nat should distinguish the traffic and route each connection through different isp. the problem is to route outgoing traffic from client side to two isp's. you should experiment using the two publi...
by agnostic
Fri Sep 19, 2014 1:32 pm
Forum: General
Topic: SOLVED-Problem with VPN, traffic on certain SSL destinations
Replies: 5
Views: 1343

Re: Problem with VPN, traffic on certain SSL destinations

why dont you try with nat rules?
leave mangle as is (dynamic change mss) and try to nat with src address of your device to output interface of your vpn with action masquerade and see what happens.
by agnostic
Fri Sep 19, 2014 1:06 pm
Forum: General
Topic: SSL HotSpot Headache | Comodo SSL Cert/Pem Importing
Replies: 1
Views: 1284

Re: SSL HotSpot Headache | Comodo SSL Cert/Pem Importing

unfortunately you cannot certify hotspot with ssl... i tried too but ssl works with domain-ip assignment so when a user requests google.com with ssl (https) it needs to be redirected to hotspot but to be redirected without warning for invalid ssl certificate has to verify that google.com belongs to ...
by agnostic
Fri Sep 19, 2014 11:14 am
Forum: General
Topic: RB951-2n v6.19 wifi disconnects???
Replies: 1
Views: 613

Re: RB951-2n v6.19 wifi disconnects???

Nevermind my mistake. i need to change login setting from server profile (disable cookies and enable mac cookies for smartphones).
Mikrotik Rocks!!!
by agnostic
Fri Sep 19, 2014 9:44 am
Forum: General
Topic: RB951-2n v6.19 wifi disconnects???
Replies: 1
Views: 613

RB951-2n v6.19 wifi disconnects???

hello i installed an RB951-2n to a client a week ago updating it to ROS v6.19 and creating a simple hotspot on wifi. client complains about regular disconnects from smartphones. it has medium to full signal strength and suddenly losses the network for 3-4 secs and reconnects again. i tested using my...
by agnostic
Wed May 28, 2014 1:59 pm
Forum: General
Topic: "Secure" SSID association?
Replies: 2
Views: 753

Re: "Secure" SSID association?

i havent expressed my thoughts exactly as i imagine them yet. i will make a detailed plan and i will post a reply about that. the basic idea is that the client during association to some unencrypted wifi will exchange some keys (as https does) to verify that the ssid is legitimate but to know that i...
by agnostic
Tue May 27, 2014 1:07 pm
Forum: General
Topic: "Secure" SSID association?
Replies: 2
Views: 753

"Secure" SSID association?

through my experience with wireless networks and having faced problems like rogue access points with spoofed mac addresses and ssid as the legitimate ones i wonder if could be implemented a new feature of secure ssid with public (client) and private (access point) key for open hotspot networks. of c...
by agnostic
Tue May 06, 2014 6:36 pm
Forum: General
Topic: RB951-2n USB modification!!
Replies: 5
Views: 7878

Re: RB951-2n USB modification!!

in my specific configuration i use the original 12v wall power supply.
you can of course add a different regulator of 5v output.
i have seen regulators of variable voltage input and static output 5v of same dimensions but i ordered the 12v to 5v very cheap (i got 2 for 1.4 euros).
by agnostic
Mon May 05, 2014 8:45 pm
Forum: General
Topic: RB951-2n USB modification!!
Replies: 5
Views: 7878

RB951-2n USB modification!!

i own a couple of RB951-2n for my home-lab network and i needed ftp server and smb and tftp for pxe boot. the internal routerboard memory seems inadequate to cover my needs. i decided to open the router to see what's inside and i found that i may be able to attach a usb jack to connect an external u...
by agnostic
Wed Apr 30, 2014 9:34 am
Forum: General
Topic: Mikrotik RB951-2n pptp server issue
Replies: 2
Views: 1208

Re: Mikrotik RB951-2n pptp server issue

I read about capsman. very interesting. like unify system from ubiquity. if it works as expected i am about to migrate my customers hotspots from ubiquity to mikrotik. However adding the package to root file list and rebooting router does not install it. Do i need to upgrade ROS to 6.13 to install t...
by agnostic
Tue Apr 29, 2014 9:24 am
Forum: General
Topic: Mikrotik RB951-2n pptp server issue
Replies: 2
Views: 1208

Mikrotik RB951-2n pptp server issue

Goodmorning to all. I use RB951-2n for home network with pptp server enabled. Everything is ok i can connect to vpn from internet (have open port 1723 to firewall, internet access is via pppoe over bridge modem, i connect from win xp machine with vpn connection) have set same ip pool to local networ...
by agnostic
Fri Apr 04, 2014 6:46 pm
Forum: General
Topic: Mikrotik pppoe with bridge adsl modem dropouts
Replies: 2
Views: 851

Re: Mikrotik pppoe with bridge adsl modem dropouts

actually ur right...the problem is the shitty OEM modem equipment from ISP changed SOLVED thanxs...
by agnostic
Fri Apr 04, 2014 1:49 pm
Forum: General
Topic: Mikrotik pppoe with bridge adsl modem dropouts
Replies: 2
Views: 851

Mikrotik pppoe with bridge adsl modem dropouts

hello i use RB951-2n with latest routeros (6.11) as a dialup pppoe client for dsl connection and i have some connection issues and dropouts with periodic pattern (every n=12-15 seconds at which connection e.g.downloads pauses and pings times out). this lasts for 2-3 seconds then everything ok again....
by agnostic
Fri Mar 21, 2014 8:44 pm
Forum: Beginner Basics
Topic: pppoe-out dsl client *weird* issue?
Replies: 1
Views: 683

pppoe-out dsl client *weird* issue?

i use RB951-2n as a ppp client with bridge modem for dsl internet and there is a strange issue: assuming i have pppoe-out on ether1 and i have changed nat rules to ppp interface everything works but some web sites cannot be opened dunno why BUT when i change default drop filter rule and add in inter...