Community discussions

MUM Europe 2020

Search found 25 matches

by Nova
Thu Feb 11, 2016 1:09 pm
Forum: Announcements
Topic: v6.34.1 [current] is released!
Replies: 59
Views: 17062

Re: v6.34.1 [current] is released!

I don't know since when this bug exists but I noticed it today, when I add an IPSEC Peer with ip enc-algorithm=aes-256 from the terminal it creates it as aes-128. http://image.noelshack.com/fichiers/2016/06/1455188915-bug.jpg Can someone else try? I tried it in 2 diferents mikrotiks, but both of the...
by Nova
Tue Sep 01, 2015 4:01 pm
Forum: Announcements
Topic: v6.32 released [version temporarily removed]
Replies: 116
Views: 31374

Re: v6.32 released

What confuses me is if this version 6.32, has the bug fixes of 6.30.4, or the only way to get that bugs fixed is to stay in 6.30.4 and never ever more update.
by Nova
Wed Jul 29, 2015 11:34 am
Forum: Beginner Basics
Topic: Can someone check this script for errors ?
Replies: 2
Views: 435

Re: Can someone check this script for errors ?

You should check the wiki: http://wiki.mikrotik.com/wiki/Manual:PCC /ip firewall mangle add chain=input in-interface=WAN1 action=mark-connection new-connection-mark=WAN1_conn add chain=input in-interface=WAN2 action=mark-connection new-connection-mark=WAN2_conn I would do: /ip firewall mangle add ch...
by Nova
Tue Jul 28, 2015 2:07 pm
Forum: Forwarding Protocols
Topic: IPSEC phases 1 and 2 successful, but no traffic is forwarded
Replies: 6
Views: 7949

Re: IPSEC phases 1 and 2 successful, but no traffic is forwarded

did you add the firewall rules in the filter? filter: add chain=input action=accept protocol=ipsec-esp add chain=input action=accept protocol=udp in-interface=(WAN Interface) dst-port=500 add chain=forward action=accept src-address=(Local LAN) dst-address=(Remote LAN) add chain=forward action=accept...
by Nova
Thu Jul 23, 2015 1:01 pm
Forum: Beginner Basics
Topic: Problem to do a VPN Ipsec between Watchguard XTM330 and Mikrotik RB2011
Replies: 8
Views: 12764

Re: Problem to do a VPN Ipsec between Watchguard XTM330 and Mikrotik RB2011

did you add the firewall rules(filter and nat)? filter: chain=input action=accept protocol=ipsec-esp chain=input action=accept protocol=udp in-interface=pppoe-out1 dst-port=500 chain=forward action=accept src-address=(Local LAN) dst-address=(Remote LAN) chain=forward action=accept src-address=(Remot...
by Nova
Wed Jul 01, 2015 11:08 am
Forum: Scripting
Topic: API + C# + Firewall Filter
Replies: 0
Views: 821

API + C# + Firewall Filter

Good day, One of the function of the program I`m doing is to add an specific rule X after another specific rule Y. That is easy when all the firewall rules are static and Y is always the same number. For example the rule Y is always in number 37 so I simply add: mikrotik.Send("/ip/firewall/filter/ad...
by Nova
Wed Jul 01, 2015 10:33 am
Forum: Beginner Basics
Topic: Netwatch + VPN
Replies: 2
Views: 711

Re: Netwatch + VPN

Thanks, I'll check it out.
by Nova
Wed Jun 24, 2015 1:28 pm
Forum: Beginner Basics
Topic: IPsec Site 2 Site not working
Replies: 2
Views: 834

Re: IPsec Site 2 Site not working

I guess this is a mistake from you writting it here, check the router just in case: NAT: Place 1: srcnat, Src: 192.168.20.0/24, Dest: 192.168.10 0 .0/24, accept, on top of list. also in firewall I have added this rules: /ip firewall filter add chain=input action=accept protocol=ipsec-esp IPSEC - IKE...
by Nova
Wed Jun 24, 2015 11:04 am
Forum: Beginner Basics
Topic: Netwatch + VPN
Replies: 2
Views: 711

Netwatch + VPN

Good day, First of all, sorry if this was already answered but I didn't find anything with the search. Actually to check my VPN connections I use an script that makes a ping to the Remote LAN through my LAN-Interface. It doesn't work with WAN-Interface. I know it works fine with the scripts, but I w...
by Nova
Tue Jan 27, 2015 3:50 pm
Forum: General
Topic: Winbox 3 RC
Replies: 639
Views: 129392

Re: Winbox 3 RC

Winbox closes suddenly If I press a menu button after saving session.

RouterOS 6.24, Win XP SP3.

Name of the session doesn't has any strange character, only alphabetical characters.
I was going to say exactly the same...
by Nova
Mon Jan 19, 2015 11:04 am
Forum: Scripting
Topic: ISP router MAC address check
Replies: 3
Views: 1850

Re: ISP router MAC address check

Hello, I'm also starting to learn how to script, so I'm not an expert, but try this one, might work: :local currentMAC [/ip arp get [/ip arp find address=1.1.1.1] mac-address]; :local resolvedMAC [/ip arp get [/ip arp find address=10.225.6.13] mac-address]; :if ($resolvedMAC != $currentMAC) do={ /ip...
by Nova
Mon Jan 19, 2015 10:40 am
Forum: Scripting
Topic: variable with the MAC
Replies: 3
Views: 832

Re: variable with the MAC

together:
:local macaddress [/interface get ether1 mac-address]; :put $macaddress
by Nova
Fri Jan 16, 2015 12:34 pm
Forum: Scripting
Topic: variable with the MAC
Replies: 3
Views: 832

Re: variable with the MAC

hello,

for example:
:local macaddress [/interface get ether1 mac-address]
by Nova
Fri Jan 16, 2015 11:16 am
Forum: Scripting
Topic: Request for Load Balancing Script
Replies: 1
Views: 1101

Re: Request for Load Balancing Script

Hello, you can do it without script: http://mum.mikrotik.com/presentations/US12/steve.pdf http://wiki.mikrotik.com/wiki/How_PCC_works_%28beginner%29 http://wiki.mikrotik.com/wiki/Manual:PCC https://aacable.wordpress.com/2011/06/04/mikrotik-4-wan-load-balance-pcc-complete-script-by-zaib/ http://mum.m...
by Nova
Wed Jan 14, 2015 11:03 am
Forum: Beginner Basics
Topic: Question about ipsec tunnel once established
Replies: 1
Views: 586

Question about ipsec tunnel once established

Good day, I would like to know, why sometimes when I create an Ipsec tunnel it creates two or more tunnels with the same ips, sometimes after few seconds sometimes after few hours. For example in this case it create first the 1-3 tunnel, then the 2-4, (and the 2 with both algorithm none ???) http://...
by Nova
Mon Dec 01, 2014 3:56 pm
Forum: General
Topic: Cannot log into router via winbox or http
Replies: 12
Views: 3122

Re: Cannot log into router via winbox or http

I think you need to add the filter on the firewall:

something like this:
chain=input action=accept protocol=tcp in-interface=ether2-WAN-2 dst-port=8291 log=no log-prefix="" 
by Nova
Fri Nov 21, 2014 4:04 pm
Forum: Beginner Basics
Topic: Need help to setup VPN between two sites
Replies: 7
Views: 2369

Re: Need help to setup VPN between two sites

If I'm not wrong for Dynamic WAN you need to run an script to check the ip every x mins.

http://wiki.mikrotik.com/wiki/IPSec_Policy_Dynamic

maybe this website also helps you:

https://aacable.wordpress.com/2012/03/3 ... ynamicdns/
by Nova
Thu Nov 20, 2014 12:23 pm
Forum: Beginner Basics
Topic: Revoke certificates doesn't work?
Replies: 0
Views: 1054

Revoke certificates doesn't work?

Good day, I'm trying to do the next scenario for testing purposes (all inside LAN, without going out internet) using Mikrotik and Shrew VPN: http://i58.tinypic.com/2d19wex.jpg After a long fight I was able to connect using RSA Signatures, I created the certificates in mikrotik as follow here: http:/...
by Nova
Thu Nov 13, 2014 2:13 pm
Forum: Beginner Basics
Topic: Questions about RoadWarriors/XAuth/VPN/Certificates
Replies: 0
Views: 614

Questions about RoadWarriors/XAuth/VPN/Certificates

Good day, I'm sorry if all of this was answer before, I didn't find anything about this in the forum or internet (I think internet lacks information about this) At the moment we have some clients with VPN using PSK, we want to change it to use certificates, but we still have some questions that I ho...
by Nova
Thu Oct 09, 2014 10:05 am
Forum: Beginner Basics
Topic: Port forwarding question
Replies: 7
Views: 2607

Re: Port forwarding question

Thank you very much for the answers. We will try it. Still have some questions, Would be possible to do forwarding based on the source URL? https://www.url1.de/Path1 -> Forward to Server1:443 https://www.url1.de/Path2 -> Forward to Server2:443 Or if not, do forwarding based on the subdomain? https:/...
by Nova
Wed Oct 08, 2014 3:35 pm
Forum: Beginner Basics
Topic: Port forwarding question
Replies: 7
Views: 2607

Port forwarding question

Hello, I would like to know, if this scenario is possible: Server 1 runs a web application in Port 443. Let's say OWA Server 2 runs another web applicaciont also in port 443. Let's say RDweb or something else. Now we want to access both with only one public IP. Can we set rules in the router like th...
by Nova
Thu Sep 18, 2014 10:14 am
Forum: General
Topic: Questions about L2TP/IPSEC.
Replies: 3
Views: 911

Re: Questions about L2TP/IPSEC.

Thank you for the answer, but I can't stay every x mins looking at the log.
Would be nice if l2tp only runs when ipsec is active, and if ipsec fails, l2tp stops. But I don't know if it is possible.
by Nova
Wed Sep 17, 2014 12:32 pm
Forum: General
Topic: Questions about L2TP/IPSEC.
Replies: 3
Views: 911

Questions about L2TP/IPSEC.

Good day, I'm running Mikrotik v6.19 at the moment, and I need to configure some IPSEC/L2TP, but I have a few questions that I couldn't find any answer. - There is a way to only allow L2TP traffic if a corresponding IPSec tunnel is up and working? Because I've read somewhere in the forum that if IPS...
by Nova
Thu Aug 07, 2014 3:08 pm
Forum: Beginner Basics
Topic: Help connecting 2 Mikrotiks WAN to WAN
Replies: 3
Views: 894

Re: Help connecting 2 Mikrotiks WAN to WAN

Thank you very much for your answer.

Indeed it was that, I've changed both ip WAN and put them in the same subnet and now it works perfectly.

I also succeed creating IPSec and IPSec+ L2TP tunnels.

Thanks again.
by Nova
Mon Aug 04, 2014 4:29 pm
Forum: Beginner Basics
Topic: Help connecting 2 Mikrotiks WAN to WAN
Replies: 3
Views: 894

Help connecting 2 Mikrotiks WAN to WAN

Hello. First of all... I'm not native english, so forgive me for any errors with the language. I want to configure a VPN with mikrotiks routers using IPSEC/L2TP. But before that I'm testing to connect two routers mikrotik (RB2011UAS-2HND-IN) without any VPN tunnel created. The idea is to connect two...