MikroTik

A. What if forum moderators hardly speak Spanish? Should we accept post in eg. Katakana or Hindi or Hebrew alphabets? B. Moderators do "complain" about non English posts. C. If English is not your "best friend" then you can always use translator or write/ask on non English forum. D. This forum has s...

What are NAT rules and Firewall?
Connections shows that there is some traffic from LAN to WAN ... do you have DNS properly configured?

It is log for 25 days since reboot so this router drops circa 15k connections per day. Most of them are for 22,23,8291 ports.

MM.PNG

Have you looked at firewall settings? Do they use 192.168.1.x instead a.b.88.x?

Time for "Best before sticker" :-( I have client which sells car components. We wondered why eg. spark plugs have "Best before date" info and "Production date" as there is nothing what could be expected to detoriate when they are waiting on a shelf packed/sealed/protected by manufacturer. Now I know...

Try to lower MTU for WAN interface.

Have you netinstalled?

Have you checked https://blog.mikrotik.com/security/wpa2 ... ttack.html ?

It was already discussed. Who do call customers? End users or admins? End users? ... most of them do not even know that they have Mikrotik device installed as gateway to Internet. Forget them. Admins? ... real admins reading Mikrotik's site or forum should be/are aware of these problems but the main...

Why do you think that it is router problem?
Do you think that js:Miner-AL[pup] is installed in your router?
Are you shure that your computer or any other local one are not infected with js:Miner-AL[pup]?

Docmarius .. thank you for explanation but what USB U3 has common with ROS? What does he want to beta test with U3?

This change makes router more secure as it is not possible to connect to WinBox service with standard port.

You cannot RDP from WAN lan or LOCAL lan?

Read this: https://wiki.mikrotik.com/wiki/Manual:IP/Firewall/NAT

Use this https://mikrotik.com/product/RBmAPL-2nD.

Tenable story is different ... they mounted ROS filesystem system to other Linux, made changes to files and then explored RouterOS. You have to have physical access to such system you want to break in. All Linuxes without encrypted filesystem are volunerable ... you can just mount root partition, re...

Congratulations to Tenable !!! They should also send list of affected routers. - it is SARCASM.

IMHO it is totally irresponsible.

You can.

A. You can filter connections for SMTP ports
B. Make Torch buffer time longer than 3 sec.

or

C. Make firewals rules adding src address to SMTPsenders list for PC's starting traffic to any SMTP port

Do not use WebFig ... use Winbox instead. It's proper tool.

Check computers, servers etc. behind your router if they are sending emails. Just observe connections in the firewall or torch WAN interface.

disconnect router from Internet
review configuration
export configuration to file
netinstall
set new admin password
add new user with admin privileges
remove admin
import configuration
connect to Internet

https://wiki.mikrotik.com/wiki/Manual:S ... our_Router

https://blog.mikrotik.com/security/winb ... ility.html
viewtopic.php?f=21&t=119308#p587512

search.php?keywords=radius+6.43

Please add:

MAC address lists
Port lists in Firewall

Id like to find out about helping with the Beta test on this...Ive used the big program for many years now, and have been on the Beta list for quite some time. I just started using PE, as Ive changed employers, and my new job wont allow me to install anything on my computer there, but I can use USB...

If you configured local LAN as 194.168.1.0/24 instead of 192.168.1.0/24 then DNS name of your gateway is resolved to external name.
You didn't show your configuration so it is just a guess.

Try to change channel width.

viewtopic.php?f=7&t=96472&p=544170&hili ... tp#p544170

The only way is to ask support@mikrotik.com for help.

What do you want to say? Have you example of hacked 6.42.7 or are you just guessing and making noise?

Have you ever tried Serach function ?

search.php?keywords=PMKID+

Have you tried to try http://lmgtfy.com/?q=mikrotik+email+backup

@msatter: Is it joke or not?

https://mikrotik.com/product/rb4011igs_5hacq2hnd_in

What about
https://mikrotik.com/product/rbm33g
+
https://mikrotik.com/product/CA433U
+
https://mikrotik.com/product/r11e_lte

Start from here: https://wiki.mikrotik.com/wiki/Manual:S ... g#Keywords

You need to read WPA2 property with "get". Property is not a traditional variable.
Setting property is also not so simple as you tried .. look here for example viewtopic.php?f=9&t=138893

Have you tried search function of this forum?

search.php?keywords=Winbox+keeps+disconnecting

It seems not to be so hard .... here you are: http://bfy.tw/JlQ6

Start from here
https://wiki.mikrotik.com/wiki/Manual:I ... nation_NAT

Do you mean taht you have Mikrotik's ROS x86 installed on this PC? We are not mentalists to know what do you want to say.

IMHO if you do not set then Mikrotik do not know that antenna gains output signal with 24dB and therefore total emitted power of Mikrotik + antenna could not meet regulatory limits.

But how your problem is connected with Mikrotik?

The problem is JUMP form 6.3.1 to 6.42.7

There is FORMIDABLE change in the ROS viewtopic.php?t=128915

Try to downgrade to 6.40.9 bugfix which is the last version which is compatibile with 6.3.x line

Check for loops in your lan ...

EDIT:

... and for proxy-arps which pass packets from one subnet to another and "eat" DHCP IPs.

CAPSMAN is a fragment of wireless package. Enable this package and you shoul see CAPSMAN menu even if the router has no WiFi interfaces.

... This article respectively the new vulnerability CVE-2018-14847 makes me afraid of using any mikrotik product anymore I have looked here https://tools.cisco.com/security/center/publicationListing.x and I'm wondering who use these products? And you are lucky if you have software upgrade plan acti...

Have you considered using two HexLites mounted on opposite walls? Just reuse one cable from existing infrastructure and extend it with 3 more cables as needed. OR buy any WHITE & CHEAP 8-port switch, install it and all the logic configure in propper router/switch/device installed outside apartments ...

Not a problem ... just thinking. A. Why do you need full featured router? B. Isn't switch with 8 ports sufficient ... like this one https://mikrotik.com/product/CRS112-8G-4S-IN C. CRS112 has SFP ports to connect user with FTTH D. Why white is so important? Mayby we need black ones? Nowadays gray is ...

And one port should be placed on bootom side to be pluggable directly from the wall with 5 cm hidden cable. This port should be PoE In to power device. and ports should be colored to let users easy find one ... I am almost listening to technician saying "look for purple port and connect cable to it ...

IP/Services /WWW ... set available only from LAN subnet.

Search found 1580 matches