Community discussions

Search found 236 matches

by ik3umt
Sat Aug 10, 2019 6:33 pm
Forum: General
Topic: Flooding a cascade css326 , an issue ?
Replies: 2
Views: 364

Re: Flooding a cascade css326 , an issue ?

Found flood ping increases quickly SFP+ Rx MAC and RX FCS errors counters on switch target devices are connected to.....
Opened a request @support.....

No one with CSS326 10Gbps issues ???
by ik3umt
Fri Aug 09, 2019 9:06 pm
Forum: General
Topic: Flooding a cascade css326 , an issue ?
Replies: 2
Views: 364

Re: Flooding a cascade css326 , an issue ?

Further tests: a linux machine with ping -f to machines at the other switch ends gives : ping -f 192.168.1.253 PING 192.168.1.253 (192.168.1.253) 56(84) bytes of data. .......................................................................................................................................
by ik3umt
Tue Aug 06, 2019 6:13 pm
Forum: General
Topic: hAP lite update
Replies: 0
Views: 185

hAP lite update

still on 6.45.1 with few hAP lite

6.45.3 : *) smips - reduced RouterOS main package size (disabled LTE modem, dot1x and SwOS support);

Should I netinstall them anyway to fix failing updates (thus on-site operation) ?
by ik3umt
Fri Aug 02, 2019 5:21 pm
Forum: Announcements
Topic: v6.45.3 [stable] is released!
Replies: 89
Views: 21516

Re: v6.45.3 [stable] is released!

UMarcus: are you sure Hap lite has been updated ??

I've tried also to update via /system packages and manually via file upload, it seems it still fails....

npk file is displayed on files section , winbox reports 16MB of16MB used, maybe no more space allowed for updating process....
by ik3umt
Fri Aug 02, 2019 5:06 pm
Forum: General
Topic: Again on Hotspot HTTPS redirection
Replies: 18
Views: 1267

Re: Again on Hotspot HTTPS redirection

Yes, testing deeper (for what my knowledge permits) I've found iphone looking for captive.apple.com once new wifi network has been connected, while windows10 machines trigger msftconnecttest.com/redirect, both probably http sites as they make hotspot login page to appear. Older devices/OS would prob...
by ik3umt
Fri Aug 02, 2019 12:52 pm
Forum: Wireless Networking
Topic: Automatic login to HotSpot in Trial mode
Replies: 3
Views: 2672

Re: Automatic login to HotSpot in Trial mode

For me it works this way: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html> <head> <meta http-equiv="refresh" content="0; url=http://10.0.0.1/login?username=T-$(mac-esc)" /> </head> </html> If needed, alogin.html will pro...
by ik3umt
Fri Aug 02, 2019 12:11 pm
Forum: General
Topic: Again on Hotspot HTTPS redirection
Replies: 18
Views: 1267

Re: Again on Hotspot HTTPS redirection

Ok, it is something the user's browser should do, but we are not sure any device does , or does it the right way.
Do you mean they should already behave this way , or is it just a plan about the way all devices should work in future as a standard ?
by ik3umt
Fri Aug 02, 2019 10:42 am
Forum: General
Topic: Flooding a cascade css326 , an issue ?
Replies: 2
Views: 364

Flooding a cascade css326 , an issue ?

RB3011---1G_eth----CSS326_1------10G_fiber------CSS326_2 from rb3011: /tool flood-ping <CSS326_1 address> sent: 500 received: 500 min-rtt: 0 avg-rtt: 0 max-rtt: 1 (it takes two seconds to finish operation) /tool flood-ping <CSS326_2 address> sent: 500 received: 467 min-rtt: 0 avg-rtt: 0 max-rtt: 2 (...
by ik3umt
Fri Aug 02, 2019 10:22 am
Forum: General
Topic: Again on Hotspot HTTPS redirection
Replies: 18
Views: 1267

Re: Again on Hotspot HTTPS redirection

Not really sure about this "fetching random URLs over http" thing.... can you explain ?
by ik3umt
Thu Aug 01, 2019 6:33 pm
Forum: General
Topic: Again on Hotspot HTTPS redirection
Replies: 18
Views: 1267

Re: Again on Hotspot HTTPS redirection

Just tried https auth with an apple device, it warnings me twice (two web pages sequentially) before to access hotspot , then twice for hotspot authentication , a bit tedious... Will try to teach users to browse www.mysite.web (http) to gain access to login, at least for now... One could even ignore...
by ik3umt
Thu Aug 01, 2019 5:23 pm
Forum: General
Topic: Again on Hotspot HTTPS redirection
Replies: 18
Views: 1267

Re: Again on Hotspot HTTPS redirection

Thanks, pretty clearer now, it's really a browser (security) issue then... So what's our kindest solutions from user point of view, when he accesses our hotspot and something bans https sites from being visited ? It wouldn't be a great thing to teach them "please type this url in order to login and ...
by ik3umt
Thu Aug 01, 2019 4:25 pm
Forum: General
Topic: Need a clarification on hotspot trial user
Replies: 7
Views: 1581

Re: Need a clarification on hotspot trial user

So , we agree about kicking them off sometimes, to "refresh" all things.
Then what are the suggested combined values in: Http Cookie Lifetime, Trial Uptime Limit, Trial Uptime Reset and eventually dhcp lease time for a "pseudo-no-time-limit" user ?
by ik3umt
Thu Aug 01, 2019 4:07 pm
Forum: General
Topic: Again on Hotspot HTTPS redirection
Replies: 18
Views: 1267

Again on Hotspot HTTPS redirection

The user hitting hotspot for the first time with an https request will fail and receive the well known warning. Installing self-signed certificate , enabling www-ssl service and https login , redirection is possible with some warnings. When login by HTTP to an HTTP site is done without all the above...
by ik3umt
Thu Aug 01, 2019 11:13 am
Forum: General
Topic: CRS328-24P-4S+RM as wifi allinone
Replies: 3
Views: 419

Re: CRS328-24P-4S+RM as wifi allinone

CRS328 works perfectly as switch
But it has only 16MB storage :shock:
Any possible issue running in routerOS with next package updates if growing in size ?
by ik3umt
Fri Jul 26, 2019 5:09 pm
Forum: Beginner Basics
Topic: Per host queue
Replies: 2
Views: 291

Re: Per host queue

That was enough, single queue with pcq definition,quite easy !
Searching in my place would be greatly appreciated, I did it myself for now.... :lol:
by ik3umt
Fri Jul 26, 2019 11:24 am
Forum: Beginner Basics
Topic: Per host queue
Replies: 2
Views: 291

Per host queue

New to queues...

From what I understood, putting my lan subnet into a simple queue target with 10M, it allows 10M total to be shared between N lan users (i.e. 5M each between 2 users)
How instead allow i.e. 1M each user of the whole subnet without to create 254 queue entries ?
by ik3umt
Fri Jul 26, 2019 9:10 am
Forum: Wireless Networking
Topic: WiFi4EU
Replies: 6
Views: 1221

Re: WiFi4EU

I think MT has lost its train.......
Or it's not in their plans, maybe.
by ik3umt
Thu Jul 11, 2019 12:23 pm
Forum: Beginner Basics
Topic: Cloning device using backup and restore
Replies: 9
Views: 573

Re: Cloning device using backup and restore

It would be pretty nice if someone explains where and why restoring a backup to same model unit fails...
Is definitely "backup" intended to be restored on the same piece of hardware from where it has been generated ?
by ik3umt
Thu Jun 27, 2019 9:40 am
Forum: Wireless Networking
Topic: Running RDP over capsman system , connections hang
Replies: 5
Views: 697

Re: Running RDP over capsman system , connections hang

I'll try local forwarding.... Question: I'm using the same datapath for two different SSIDs in two different capsman configurations, can I use localforwarding YES and NO for the same datapath ? /caps-man configuration datapath=Office_Bridge mode=ap name=OfficeCfg security=security1 ssid=OfficeWIFI d...
by ik3umt
Wed Jun 26, 2019 5:17 pm
Forum: Wireless Networking
Topic: Running RDP over capsman system , connections hang
Replies: 5
Views: 697

Re: Running RDP over capsman system , connections hang

Just wondering why they don't hang while under ping from routerboard.....
something kept alive ? disconnect timing ?
why it doesn't happen when linked to a common AP wired to the switch ?
by ik3umt
Wed Jun 26, 2019 3:30 pm
Forum: Wireless Networking
Topic: Running RDP over capsman system , connections hang
Replies: 5
Views: 697

Running RDP over capsman system , connections hang

Samsung wifi tablets running RDP session to a microsoft server in local LAN by mean of capsman system. Capsman running in cap forwarding mode , chosen datapath is the same bridge LAN switch is connected to (thus MS server connected to same switch). I'm experiencing RDP session hangs (need to re-logi...
by ik3umt
Wed Jun 26, 2019 12:45 pm
Forum: Beginner Basics
Topic: single IP constantly trying to log to my Mikrotik
Replies: 57
Views: 3918

Re: single IP constantly trying to log to my Mikrotik

Imagine....if this wasn't the "Beginner Basics" section.......
by ik3umt
Fri Jun 21, 2019 11:06 am
Forum: General
Topic: connecting firewall through routerboard keeping public ip address
Replies: 17
Views: 791

Re: connecting firewall through routerboard keeping public ip address

In the meanwhile, I got it working with two separated routerboards each dst-natted from in-interface to the address of router behind it

Image

It works totally transparent, but the goal is to use , if possible, a single routerboard in the middle....
by ik3umt
Fri Jun 21, 2019 10:24 am
Forum: General
Topic: connecting firewall through routerboard keeping public ip address
Replies: 17
Views: 791

Re: connecting firewall through routerboard keeping public ip address

Thank you for patience, Arp table of firewall (actually a RB) sees both <ISP router ip address> and 10.10.10.10 with MT ether2 mac address Arp table of MT sees <firewall ip address> with <firewall mac address> on ether2 and <ISP router ip address> with <ISP router mac address> on ether1 If I ping <I...
by ik3umt
Tue Jun 18, 2019 4:43 pm
Forum: General
Topic: connecting firewall through routerboard keeping public ip address
Replies: 17
Views: 791

Re: connecting firewall through routerboard keeping public ip address

Noob question.... Is it possible a different approach, something like a double routing/nat inside the same RB ??

Image
by ik3umt
Tue Jun 18, 2019 9:20 am
Forum: Scripting
Topic: Perform an action after X times link loss
Replies: 1
Views: 241

Perform an action after X times link loss

How can I perform an action (an e-mail, a reboot etc.) after i.e. an ethernet link goes down for an amount of times ?
by ik3umt
Mon Jun 17, 2019 4:53 pm
Forum: General
Topic: connecting firewall through routerboard keeping public ip address
Replies: 17
Views: 791

Re: connecting firewall through routerboard keeping public ip address

Unfortunately on the real test it fails: ether1 facing dsl router ether2 facing firewall /interface ethernet set [ find default-name=ether1 ] arp=proxy-arp set [ find default-name=ether2 ] arp=proxy-arp /ip address add address=10.10.10.10 interface=ether1 network=<dslrouter_ip_address> /ip route add...
by ik3umt
Mon Jun 03, 2019 9:41 am
Forum: General
Topic: connecting firewall through routerboard keeping public ip address
Replies: 17
Views: 791

Re: connecting firewall through routerboard keeping public ip address

Ok, It works , connection from firewall to internet are ok, I haven't yet checked in real environment if a.b.c.6 (firewall public ip) is reachable transparently from internet , I'll keep you updated...
by ik3umt
Thu May 30, 2019 3:43 pm
Forum: General
Topic: connecting firewall through routerboard keeping public ip address
Replies: 17
Views: 791

Re: connecting firewall through routerboard keeping public ip address

Problem is missing default route on RB. You can try: /ip route add dst-address=0.0.0.0/0 gateway=10.0.0.1 Already tried, 10.0.0.1 gateway is "unreachable", also tried gateway=ether2 , same issue. About other dsls, i want to tie them together with working one to achieve more bandwidth and failover l...
by ik3umt
Thu May 30, 2019 12:53 pm
Forum: Beginner Basics
Topic: Managing two separate subnet with same class addresses
Replies: 9
Views: 488

Re: Managing two separate subnet with same class addresses

No, wait, I haven't undesrtood if two eth with the same ip address and class on the same routerboard is IMPOSSIBLE (don't work) or is WRONG (but works because of using interface names and routing marks).

Each LAN has it own gateway (not the routerboard).
by ik3umt
Thu May 30, 2019 12:25 pm
Forum: General
Topic: connecting firewall through routerboard keeping public ip address
Replies: 17
Views: 791

Re: connecting firewall through routerboard keeping public ip address

I've tested it with a PC instead of firewall: https://ibin.co/4irKWZWiSd0N.jpg I can ping 10.0.0.1 from 10.0.0.9 and vice-versa PC arp table says 10.0.0.1 is B8:69:F4:BC:BB:32 (routerboard ether3) Dsl router arp table says 10.0.0.9 is B8:69:F4:BC:BB:31 (routerboard ether2) On PC , default gateway an...
by ik3umt
Thu May 30, 2019 9:59 am
Forum: General
Topic: connecting firewall through routerboard keeping public ip address
Replies: 17
Views: 791

Re: connecting firewall through routerboard keeping public ip address

Yes, firewall already does srcnat so routerboar would see all traffic coming only from a.b.c.6 address. Some incoming services hitting a.b.c.6 are dst-natted by firewall to some lan machines Maybe a vpn can be established from internet client to a.b.c.6 No need for incoming services on other two rou...
by ik3umt
Thu May 30, 2019 2:31 am
Forum: Beginner Basics
Topic: Managing two separate subnet with same class addresses
Replies: 9
Views: 488

Re: Managing two separate subnet with same class addresses

I didn't know more interfaces can be configured with the same ip address and subnet , I thought this would mess up things. It happens, rarely, but happens, you find a place having the same addressing i.e. for PC and for ip cameras or ip telephony, completely separated , each with its own switch (som...
by ik3umt
Thu May 30, 2019 2:15 am
Forum: General
Topic: connecting firewall through routerboard keeping public ip address
Replies: 17
Views: 791

Re: connecting firewall through routerboard keeping public ip address

Nice to know.... with PCC I let firewall (thus machines behind it) to use all three DSL line to achieve more bandwidth and failover like I'm actually doing in few systems (but without firewall in the middle). Honestly, I don't know if : lan_machines----routerboard_pcc------three_wans lan_machines---...
by ik3umt
Thu May 30, 2019 1:06 am
Forum: General
Topic: connecting firewall through routerboard keeping public ip address
Replies: 17
Views: 791

Re: connecting firewall through routerboard keeping public ip address

But , from firewall point of view, is it like routerboard didn't exist ??
I would have to set up pcc/loadbalancing like eth facing wirewall was LAN and other eth as WANs.
Would any internet packet destinated to a.b.c.6 hit the firewall ?
by ik3umt
Wed May 29, 2019 11:43 am
Forum: Beginner Basics
Topic: Managing two separate subnet with same class addresses
Replies: 9
Views: 488

Re: Managing two separate subnet with same class addresses

Sob, How can I define a virtual subnet to the real one and routing through the right interface ?
I suppose each ethernet has not to be configured with an ip address...
by ik3umt
Wed May 29, 2019 10:56 am
Forum: General
Topic: connecting firewall through routerboard keeping public ip address
Replies: 17
Views: 791

connecting firewall through routerboard keeping public ip address

An existing firewall is directly connected to a dsl router with a /29 subnet public ip address
I have to interpose a routerboard used as a loadbalancer/failover with other two dsl routers.
Is there a way to keep the public ip address coming from original router ?

Image
by ik3umt
Wed May 29, 2019 10:12 am
Forum: Beginner Basics
Topic: Managing two separate subnet with same class addresses
Replies: 9
Views: 488

Managing two separate subnet with same class addresses

Is it possible to manage two LAN having each the same IP subnet both containing machines with same ip address ? https://ibin.co/4ijhOkZ00Avj.jpg I would say NO, but I'm not aware if Ros has some obscure feature...... I could use netmap to addressing two different subnet , but how to know on wich tar...
by ik3umt
Wed May 15, 2019 9:25 am
Forum: General
Topic: hotspot + userman : how avoid to reach webfig ?
Replies: 5
Views: 348

Re: hotspot + userman : how avoid to reach webfig ?

Already tried, changing www port affects both userman and webfig, it would be easy if a port could be set for separate www services.

Any other idea to allow/deny userman rather than webfig at firewall level ?
by ik3umt
Tue May 14, 2019 5:44 pm
Forum: General
Topic: hotspot + userman : how avoid to reach webfig ?
Replies: 5
Views: 348

Re: hotspot + userman : how avoid to reach webfig ?

The problem is if any user try to access http://10.50.50.50 he goes straight into webfig page without being asked for credentials ! In laboratory test environment I forgot to set the admin password ......... :? :? Anyway, the real question could be: once an interface (i.e. bridge) is created, is it...
by ik3umt
Tue May 14, 2019 4:24 pm
Forum: General
Topic: hotspot + userman : how avoid to reach webfig ?
Replies: 5
Views: 348

hotspot + userman : how avoid to reach webfig ?

I have set up hotspot together with userman to allow auto-signup this way: hotspot running in a 10.0.0.0/24 subnet made a new bridge with address 10.50.50.50/32 enabled radius for hotspot service on this address added a router with same ip and credentials to user manager edited hotspot login.html wi...
by ik3umt
Fri Apr 19, 2019 6:14 pm
Forum: Beginner Basics
Topic: HotSpot with userman as login page
Replies: 9
Views: 748

Re: HotSpot with userman as login page

I'll take a look....
It seems , however, once signup is done, you are immediately redirected to http://routerip/user that is a page you cannot find (to be edited) among files .... (am I wrong ?)
by ik3umt
Thu Apr 18, 2019 4:53 pm
Forum: Beginner Basics
Topic: HotSpot with userman as login page
Replies: 9
Views: 748

Re: HotSpot with userman as login page

Not so important to manage user input data for now, self-signup is enough, so: Hotspot first login obviously works, I've added a link to userman self-signup page (signup enabled on userman settings) then self-signup of users via userman works. Entering credentials generated by userman into hotspot p...
by ik3umt
Thu Apr 18, 2019 10:43 am
Forum: Beginner Basics
Topic: HotSpot with userman as login page
Replies: 9
Views: 748

Re: HotSpot with userman as login page

Ok, but it would be nice to do it all inside the same routerboard machine. Perhaps a possible workaround: Add to hotspot login page a "click here to signup" link to /routerip/user/signup (easy) Redirect user (I don't know if possible, and how) after signup form is filled, back to hotspot login page,...
by ik3umt
Thu Apr 18, 2019 10:36 am
Forum: General
Topic: Capturing email address in Hotspot login
Replies: 7
Views: 2170

Re: Capturing email address in Hotspot login

Funny, 2009, 2013, 2016, 2017 Now I have this need in 2019 :? :? No answers yet, I can't believe there isn't a solution in such a powerful OS Just a trial login after email field is filled and email value saved somewhere ..... Any suggestion for the inexperienced people ?? Thanks a lot !!!
by ik3umt
Wed Apr 17, 2019 9:37 am
Forum: Beginner Basics
Topic: HotSpot with userman as login page
Replies: 9
Views: 748

Re: HotSpot with userman as login page

Too difficult or too stupid question ? :shock:
by ik3umt
Tue Apr 16, 2019 5:35 pm
Forum: Beginner Basics
Topic: HotSpot with userman as login page
Replies: 9
Views: 748

HotSpot with userman as login page

What I'm trying to do: give a wireless user a HotSpot login page that is http://routerboard_ip/user/signup , allowing user to self-register to system once signup form is filled with e-mail, phone, user, pass etc. How to achieve this ? Hotspot automatically bring you to /hotspot/login.html Any hint p...
by ik3umt
Mon Apr 01, 2019 11:51 am
Forum: General
Topic: Windows 10 and netinstall
Replies: 19
Views: 14905

Re: Windows 10 and netinstall

I found that I had to run it under Windows 7 compatibility mode.
Me too, same issue, had it work selecting "run as administrator" and " run compatibility mode win7"
by ik3umt
Mon Apr 01, 2019 10:41 am
Forum: General
Topic: ROS into watchguard XTM5, what performance ?
Replies: 0
Views: 207

ROS into watchguard XTM5, what performance ?

Planning to install licensed routerOS into a watchguard XTM5 hardware (celeron400 or core2 duo E8500 / 2Gb RAM)
What performance comparision should be expected with Hardware Routerboards ? What model could be comparable with such a system ?
Thanks
by ik3umt
Fri Mar 22, 2019 9:34 am
Forum: General
Topic: What tunnel method for dynamic ip wan ?
Replies: 1
Views: 240

What tunnel method for dynamic ip wan ?

Both VPN server and client are MT machines. Client side have a dynamic public ip address and is behind ISP router NAT (MT and ISP router connected together with 192.168 class, public IP transparently natted) What's the method for site to site VPN , giving less headache as possible because of NAT pre...