Sorry if this is redundant, but I wanted to post a possible bug regarding wireguard tunnels: Upgrading Routeros 7.13.4. to 7.14.1: working Wireguard tunnels (eg to NordVPN) fail to TX (no change in config). 0 bytes send/received, error # increasing. Downgraded → same problem Upgraded again → problem...

Due to my lack of knowledge and experience I am not that far to concern about performance - although I understand that it is a real big difference if you just use a software bridge or a switch chip :) so far my setup is far from beeing optimized but it "kinda starts acting like wanted"... ...

Thanks for the link - additionally I read through the docs again and so far it looks good now for the main router (hEXs) and its cAPs :) One small problem remains: I configured a second router (RB951) as a VLAN switch in order to break out some VLAN ports in another room. I followed the same princip...

It should be something on the devices themselves then, just like it was with NAS2 :) I just put 2 simple windows clients in there - both got DHCP, good looking routes but still no ping. As it works wired, I guess I messed up the way I bridged the caps and the vlan together ... I am going back over ...

@xvo: Unfortunately, the client 2 client forwarding as well as local forwarding is not the solution: still no connection within VLAN3 via wifi.

@jotne: Thanks for the link - I will go reading now!

Fine thanks - I still have a lot to learn about VLANs :) Now the 2 NAS are fine in VLAN2 living on physical ports and I have to find out why 2 devices in VLAN3 cannot talk to each other (both connected via CAP1-iot) before I can move on with stage 2 (getting another VLAN switch running on the trunk ...

You have your VLAN interfaces created on top of the bridge added to the same bridge as bridge ports. That's not right. Remove all VLAN interfaces from bridge ports. And then add the bridge itself as a tagged member of each VLAN that have a corresponding VLAN interface. I guess i mixed up old and ne...

Hi folks! I am trying to understand how VLAN filtering is working - therefore i set up a little test environment. involved hardware: Router 1: hEXs Router 2: RB951G (VLAN switch presenting some untagged ports - not yet productive) cAP: for wifi, managed by cAPsman on Router 1 Logic: VLAN1: 192.168.1...

OK I got it solved after upgrading from old 5.26 to 6.19! In the forum there were several hints that version below 5.5 had several bugs regarding that functionality!

Hi! It seems that I got a similar problem when trying to block ftp bruteforce. I had to alter the rules as the ftp server is not on the mikrotik itself but in the network behind and there is a nat rule existing. So i changed the chain to forward instead of input/ouput: add action=drop chain=forward ...