The fast connection of winbox was part of a release where they improved and secured the connection. Might have been 6.43 release. I do not remember but I do remember a lot of happy people talking about how quick it is now 😊 So the connection of both faster and more secure now. Oh nice! Finally some...

Is "previous" version 6.43.12 or some other one?

Any previous version. Is there only myself who noticed that winbox connection became instant which it wasn't before?

You mean previous long-term? That should be 6.42.11 I think.

6.42.12

Is everything okay there with winbox-router communication? When I open winbox session on previous RouterOS versions it takes like 1-2 seconds to establish session, now with 6.43.13 it happens instantly. It feels like there could be broken encryption or something. So I wonder if bug or feature.

Ok now mikrotik just ignoring emails to support on this issue. Well, looks like we'll leave mikrotik only as router and wi-fi will go with other brand. This is ridiculous situation, shame on you mikrotik.

you need to have WPA2 w/ AES only in your security profiles and apple devices will work again. I have couple sites with "iphone problem" and some other sites that have apple products, but there is no problem, with the same hardware (wap or wap ac). The problem occurs randomly and present itself as ...

Hey guys! There is a new requirement for banking sector in Russia, therefore there's need for certificated hardware. AFAIK MikroTik have conformity certificates, but now we require that hardware should be listed in the state registry of certificated hardware for information security. Does anyone kno...

Hi guys! Just wanted to add a small piece of my recent experience, hopefully it'll save someone some time. Standard client's residence config: - core router - gigabit switch - caps (wap, hap ac2, 951, hap lite etc) Everything was on 6.40.8, multiport router's ports was bridged old-style master-slave...

Hey Uldis! Would you guys please consider replacing SIM port with something more decent? There's an awful cheap aluminum contacts and modern SIM with frames (nano, micro) cant get it and get out properly without disassembling the router. Put something plated and spring-click so it would sit good in ...

Support told me there could be IPSec problem which they struggling with, Try to create Simple Queue for IPSec after marking it in mangles, then processing will be put to 1 core and performance should increase. Also check your MTU values.

If you have a public IP on both devices, you can just set up an EoIP tunnel to make a layer 3 tunnel. The most bandwidth I have seen pushed over a VPN tunnel in mikrotik has been over EoIP. EoIP is layer 2 tunnel, also EoIP is GRE, so instead of using it in layer 3 you can use pure GRE tunneling. A...

This situation with IPSec tunnel does not happen! The PING response time does not change (or at least very little change) if the tunnel is busy or not. This is a common problem related to TCP meltdown. You shouldn't use TCP tunnels on a long distance nor many hops. Use L2TP or PPTP for it. We're  a...

I have pretty much similar problem with vpn. Bandwidth test between mikrotiks shows great speed, but when it comes to speed between 2 devices behind each of mikrotik - speed drops drastically. Emils from support was on this problem, did nothing, made couple strange suggestions and then promised to l...

VLAN hasn't solved the problem, so I guess its pointless. But I found a ticket history from a year ago with Martins and I remembered that it was all about bridge MTU after all. So now I'll check it again.

Hi everyone! This problem occurred a year ago and I had a conversation with support on it. I have upgraded then from 6.28 to 6.29 and suddenly several sites was unable to open in any browser. First advice from support was to play with MSS value, but then I downgraded back and found out that everythi...

2016 is up!
When?

Need Openvpn UDP NOW! Stop feeding promises, leave everything else and just do it! How the hell should we make stable and secure long-distance tonnels with TCP? Meltdown ruins it all. GRE is inconvinient and not supported with mobile clients, PPTP is unsecure, L2TP+IpSec is old and again, not well-s...

Hey guys! I want to ask some help and clarification. I use ovpn to connect RB2011-s at my users homes to the RB1100 in the office, just corporate VPN. After upgrading to 6.29 I cant reach from one vpn client to another. As I red here it must be related to the subnet mode. What should be changed in c...

No man, if you set "create dynamic enable" in your provisioning you don't have to click anywhere. I had discussion with Uldis from Mikrotik support, he said that it is not recommended to use CAP from the same machine where's capsman working, cause you can't properly use MAC connection there, and IP ...

Look to this http://mum.mikrotik.com/presentations/US14/uldis.pdf Thanks, but there's basic configuration and no explanation or solution to my problem. Again: capsman controls all the traffic from all CAPs, it automatically adding interfaces to the bridges that defined in configuration. Interfaces ...

Hi guys. ROS 6.20, MT 2011 & MT SXT, capsman deployed on 2011, his wlan1 connected as CAP, so does SXT. There's two configurations, for two SSIDs and 1 provision with master and slave configurations. Local forwarding is disabled, client to cliend fwd is enabled. Each configuration has its own bridge...

do you need to have a single TCP connection use all links? The idea is to get a thick and failsafe tonnel with any available protocols and then secure TCP\IP inside with ipsec. Can you draw a picture of your setup? I did it the most ugly way in paint :) http://i58.tinypic.com/mrpx5g.png EoIP interf...

Hey guys. So here's the deal: Three ISP channels, RB on each of them port forwarded to fourth RB (tried SSTP then OVPN, so there was 4443 and then 1194 ports) Remote RB initiating three vpn sessions, all connected. Then if it was sstp I couldn't add it to bond directly (why btw?) and had to add eoip...