Community discussions

MikroTik App

Search found 90 matches

by Kraken2k
Mon Jan 08, 2024 4:18 pm
Forum: General
Topic: 7.13 wireless package split question
Replies: 78
Views: 19708

Re: 7.13 wireless package split question

It's not obsolete at all. It's your choice to use the wave2 package with its limitations or not. If all other currently sold top-tier devices support it and one model support is dropped for "new" drivers and if you want the feature that all others have, you have to use "legacy" ...
by Kraken2k
Fri Dec 29, 2023 12:15 pm
Forum: General
Topic: 7.13 wireless package split question
Replies: 78
Views: 19708

Re: 7.13 wireless package split question

Easy, like manual says RB4011iGS+5HacQ2HnD-IN (no support for the 2.4GHz interface). Installing the new driver will remove 2GHz, only 5GHz will work I checked the product page: https://mikrotik.com/product/rb4011igs_5hacq2hnd_in and the manuals there have no mention of this limitation. It would be ...
by Kraken2k
Fri Oct 06, 2023 5:06 pm
Forum: Forwarding Protocols
Topic: SSTP Client is connected reachable in Main Router terminal not reachable on desktop
Replies: 8
Views: 2957

Re: SSTP Client is connected reachable in Main Router terminal not reachable on desktop

I assume that "not reachable from LAN" means, that you cannot ping R2 or R3 from a workstation connected to R1 and (probably) this workstation shares the same network range with R2 and R3. If that's the case, you probably forgot to set the "proxy-arp" on the local LAN interface o...
by Kraken2k
Thu Sep 14, 2023 1:34 pm
Forum: General
Topic: Feature requests
Replies: 1740
Views: 631780

Re: Feature requests

Please add sstp - authentication process using EC digital signature
Also updating ciphers available for MT SSTP server would be a good idea, because the only ones offered now are TLS_RSA_WITH_RC4_128_SHA and TLS_RSA_WITH_AES_256_CBC_SHA
by Kraken2k
Thu Sep 14, 2023 1:20 pm
Forum: General
Topic: Feature requests
Replies: 1740
Views: 631780

Re: Feature requests

I understand the need to restart interfaces/processes/policies/etc. on change, but it is possible to exclude Comments field from this rule? They does not affect the actual configuration of the item in any way. It's a bit annoying if I want to change a comment for IPsec Policy or Netwatch Host and th...
by Kraken2k
Tue Sep 12, 2023 12:02 pm
Forum: Announcements
Topic: v7.11.2 [stable] is released!
Replies: 348
Views: 161974

Re: v7.11.2 [stable] is released!

On more constructive note regarding the new version: I understand the need to restart interfaces/processes/policies/etc. on change, but can we please exclude comments from this rule? It's a bit annoying if I want to change the comment for IPsec Policy or Netwatch Host and this item turns off and on ...
by Kraken2k
Tue Sep 12, 2023 11:58 am
Forum: Announcements
Topic: v7.11.2 [stable] is released!
Replies: 348
Views: 161974

Re: v7.11, 7.11.1 and more [stable] are released!

... and then there are (probably) thousands of us using RouterOS on dozens of devices from home applications to medium size enterprises and did not encounter any serious issue for years, so we are perfectly fine with calling it "stable" :) RouterOS has so many features, most of the interc...
by Kraken2k
Tue Sep 12, 2023 11:43 am
Forum: Announcements
Topic: v7.11.2 [stable] is released!
Replies: 348
Views: 161974

Re: v7.11, 7.11.1 and more [stable] are released!

... and then there are (probably) thousands of us using RouterOS on dozens of devices from home applications to medium size enterprises and did not encounter any serious issue for years, so we are perfectly fine with calling it "stable" :) Again (100th time): "stable" in the cha...
by Kraken2k
Mon Sep 11, 2023 1:43 pm
Forum: Announcements
Topic: v7.11.2 [stable] is released!
Replies: 348
Views: 161974

Re: v7.11, 7.11.1 and more [stable] are released!

The solution is simple: "stable" channel should be renamed to Beta (as it is actually beta, regardless of what mikrotik marketing team says). ... and then there are (probably) thousands of us using RouterOS on dozens of devices from home applications to medium size enterprises and did not...
by Kraken2k
Tue Aug 15, 2023 6:30 pm
Forum: Announcements
Topic: v7.11.2 [stable] is released!
Replies: 348
Views: 161974

Re: v7.11 [stable] is released!

RB4011iGS+5HacQ2HnD updated without any issues so far :)

Thanks!
by Kraken2k
Tue Aug 08, 2023 11:38 am
Forum: Beginner Basics
Topic: legacy mode in mikrotik
Replies: 5
Views: 6866

Re: legacy mode in mikrotik

This can also be because of configuration issue (in my case overlapping networks and OSPF) - I got this error when the route was available only to the destination router and not back to the place from where you try to connect. Try traceroute to the destination network and then from a device on the o...
by Kraken2k
Mon Apr 24, 2023 1:59 pm
Forum: Announcements
Topic: v7.9rc is released!
Replies: 253
Views: 75757

Re: v7.9rc is released!

Any idea if Mikrotik will add support of TLS v1.3 to the SSTP server/client?!
I'm wondering about the same thing. Could supporting only old and obsolete cipher suites for SSTP be considered as a bug? Probably not :(
by Kraken2k
Tue Dec 27, 2022 3:06 pm
Forum: Announcements
Topic: WinBox v3.37 released!
Replies: 110
Views: 139946

Re: WinBox v3.37 released!

@AidanAus: Yes, there's default %APPDATA%\Mikrotik\Winbox\Addresses.cdb and it's initially unencrypted and everything in it is readable (it's a bit of binary mess, so not exactly user friendly, but not secure either). Once you set master password, the file gets immediatelly encrypted. And based on ...
by Kraken2k
Wed Aug 24, 2022 5:22 pm
Forum: Announcements
Topic: WinBox v3.37 released!
Replies: 110
Views: 139946

Re: WinBox v3.37 released!

I confirm, but I'm curious why you want move that column, just for find a bug?
It was an accident :) I wanted to move another column - so just a random find.
by Kraken2k
Fri Aug 05, 2022 3:42 pm
Forum: Announcements
Topic: WinBox v3.37 released!
Replies: 110
Views: 139946

Re: WinBox v3.37 released!

When I open the "IP - Firewall - Filter" window and try to move the "#" column (the one with order of the rules), Winbox throws the following error:
WinBox_error.png
by Kraken2k
Mon Jul 18, 2022 11:43 am
Forum: Announcements
Topic: v7.3 and v7.3.1 [stable] is released!
Replies: 269
Views: 80251

Re: v7.3 and v7.3.1 [stable] is released!

Hey is SSTP broken in version OS V7 ? As it works perfect in version 6 but not in version 7 Certs chain to root problem
It works for me on 7.3.1 without any issue.
by Kraken2k
Wed Jun 22, 2022 11:40 am
Forum: Announcements
Topic: v7.3 and v7.3.1 [stable] is released!
Replies: 269
Views: 80251

Re: v7.3 and v7.3.1 [stable] is released!

*) bridge - added more details for loop detection warning;
*) bridge - fixed TCP, UDP port parsing for loop detect warning;

This fixed the false positive "Transmit loop detected" for EoIP/IP-IP tunnels in bridges :)

Thanks, MikroTik crew!
by Kraken2k
Wed Jun 22, 2022 11:36 am
Forum: Beginner Basics
Topic: Transmit loop detected
Replies: 38
Views: 24132

Re: Transmit loop detected

I can confirm, that this issue is fixed in 7.3.1 - I've updated RoS yesterday and tested intensively since then. EoIP tunnels are stable.

Thanks!
by Kraken2k
Fri Jun 03, 2022 11:36 am
Forum: Announcements
Topic: v7.2.2 [stable] and v7.2.3 [stable] are released!
Replies: 401
Views: 80743

Re: v7.2.2 [stable] and v7.2.3 [stable] are released!

You have both IPIP and EoIP tunnels?
Then it will be very important to fully understand the matter and to configure things really carefully.
no, I have just EoIP now, but I tried both protocols (separately) and both failed with the same error.
by Kraken2k
Thu Jun 02, 2022 5:58 pm
Forum: Announcements
Topic: v7.2.2 [stable] and v7.2.3 [stable] are released!
Replies: 401
Views: 80743

Re: v7.2.2 [stable] and v7.2.3 [stable] are released!

Since upgrading from RoS v6.48.1 to v7 I have trouble with both IP-IP and EoIP tunnels (until then, they were working with the same configuration without any issue). Now I'm getting "eoip-tunnel-1 transmit loop detected, downing interface for 60 seconds" error all the time. On both sides, ...
by Kraken2k
Thu Jun 02, 2022 5:56 pm
Forum: Beginner Basics
Topic: Transmit loop detected
Replies: 38
Views: 24132

Re: Transmit loop detected

The issue still persists on 7.2.3
by Kraken2k
Thu Apr 07, 2022 11:59 am
Forum: Announcements
Topic: v7.2 is released!
Replies: 359
Views: 60963

Re: v7.2 is released!

Since the update to 7.2 I have "router was rebooted without proper shutdown" events every few hours. Installed April 5th at 22:50 hours local time. With firmware reboot at 22:54 hours. Now April 6th 16:05 hours and I have 22 connection failure events. 2 of them are the update. The other 2...
by Kraken2k
Mon Apr 04, 2022 4:53 pm
Forum: Announcements
Topic: WinBox v3.35 released!
Replies: 97
Views: 52165

Re: WinBox v3.35 released!

Log output is probably broken for some types of action - this (no message about action, just the "by username") happens when I delete a static route:
WinBox_log_issue.png
by Kraken2k
Wed Mar 30, 2022 5:03 pm
Forum: Announcements
Topic: WinBox v3.35 released!
Replies: 97
Views: 52165

Re: WinBox v3.35 released!

When I try to move the "#" column (rule order) in the Firewall window (Filter or NAT) to another place on the right, I get the following error:
WinBoxError.png
by Kraken2k
Wed Mar 30, 2022 4:40 pm
Forum: Beginner Basics
Topic: Transmit loop detected
Replies: 38
Views: 24132

Re: Transmit loop detected

I started to experience the same behavior after upgrading from RoS v6.48.1 to 7.1.3 with both IP-IP and EoIP tunnels (until then, they were working with the same configuration without any issue). Now I'm getting "eoip-tunnel-1 transmit loop detected, downing interface for 60 seconds" error...
by Kraken2k
Wed Mar 09, 2022 6:20 pm
Forum: RouterOS beta
Topic: RDP Connection Dying
Replies: 57
Views: 31857

Re: RDP Connection Dying

I can confirm this issue is present in v7.1.2 too.

Also confirm, that Increasing the UDP time limit in Connections Tracking as suggested above, solves the problem.

Thanks, rafalgit!
by Kraken2k
Fri Sep 17, 2021 11:00 am
Forum: Announcements
Topic: WinBox v3.31 released!
Replies: 65
Views: 97931

Re: WinBox v3.31 released!

Thanks for the new version!

There is one thing I've found with the columns: if you open any settings window, then open the "choose the columns" window, close the original settings window and then try to apply column settings, it crashes the WinBox app.
by Kraken2k
Wed Apr 14, 2021 11:42 am
Forum: Announcements
Topic: v6.48.2 [stable] is released!
Replies: 141
Views: 61733

Re: v6.48.2 [stable] is released!

Upgraded my RB4011 - after almost one day of usual operation, no issues encountered.
by Kraken2k
Wed Nov 04, 2020 4:37 pm
Forum: Announcements
Topic: v6.47.7 [stable] is released!
Replies: 45
Views: 26676

Re: v6.47.7 [stable] is released!

Strange CPU overload after router attempts to connect to MikroTik cloud :( since then, "unclassified" process in Profile gets 60-65% all the time even if there is literally no traffic going through the RB1100AHx4 router. According to external SNMP monitoring tool and router output chain i...
by Kraken2k
Mon Oct 26, 2020 11:43 am
Forum: Announcements
Topic: v6.47.6 [stable] is released!
Replies: 39
Views: 24448

Re: v6.47.6 [stable] is released!

Strange CPU overload after router attempts to connect to MikroTik cloud :( since then, "unclassified" process in Profile gets 60-65% all the time even if there is literally no traffic going through the RB1100AHx4 router. According to external SNMP monitoring tool and router output chain in...
by Kraken2k
Fri Oct 23, 2020 2:44 pm
Forum: Announcements
Topic: v6.47.6 [stable] is released!
Replies: 39
Views: 24448

Re: v6.47.6 [stable] is released!

Updated RB1100AHx4 half a day ago - so far, everything is running without any problems.
by Kraken2k
Tue Oct 20, 2020 3:39 pm
Forum: Announcements
Topic: v6.47.4 [stable] is released!
Replies: 68
Views: 36735

Re: v6.47.4 [stable] is released!

After 25 days of uptime, my RB1100AHx4 started to overload one of it's CPU cores. With minimal traffic flow (less than 3Mb/s) through the whole router, "internet-detect" gets 15-20% of one CPU core all the time and I cannot open it's settings via CLI (it stops responding). Also "uncla...
by Kraken2k
Sun May 31, 2020 2:49 pm
Forum: Announcements
Topic: v6.46.6 [stable] is released!
Replies: 68
Views: 54282

Re: v6.46.6 [stable] is released!

I experience strange behavior with VLAN tied to Bonding interface (made of two eth ports; RB1100AHx4): When I change the bonding interface settings (this was Transmit Hash Policy from L2 to L2&L3), it restarts itself and also all tied elements went down (which is expected). The problem is that w...
by Kraken2k
Wed Apr 15, 2020 8:46 pm
Forum: Announcements
Topic: v6.46.5 [stable] is released!
Replies: 72
Views: 48859

Re: v6.46.5 [stable] is released!

Updated several RB2011, RB962 and RB1100AHx4 (IPSEC + OSPF included) and no problems encountered.

Thanks!
by Kraken2k
Tue Apr 07, 2020 12:38 pm
Forum: Announcements
Topic: Winbox v3.22 released!
Replies: 117
Views: 84520

Re: Winbox v3.22 released!

Coming up a month after 3.22 was released... any ETA on when the window resizing will be fixed. It is very annoying when you have a dozen windows open. yeah... every time you open the firewall rule edit window, it increases it's height until it fills the whole window. It drives my crazy after quite...
by Kraken2k
Thu Jan 09, 2020 6:59 pm
Forum: General
Topic: PPP SSTP Server with radius authentication
Replies: 4
Views: 4955

Re: PPP SSTP Server with radius authentication

Please post at least the error message you get from the MikroTik log - that helps troubleshooting. Also you can post the corresponding (last) log lines from RADIUS server (default log location for Windows NPS is c:\Windows\system32\LogFiles\ - look for newest IN<number>.log files). RouterOS fully su...
by Kraken2k
Fri Nov 29, 2019 11:36 am
Forum: Announcements
Topic: v6.45.7 [stable] is released!
Replies: 104
Views: 69883

Re: v6.45.7 [stable] is released!

RB1100AH4x 6.45.7 nothing special in my configuration. just few firewall rules. "Router was rebooted after proper shutdown" Happens now 2 times after 7 and 21 days of running Really long uptimes i only got with the 6.44.xx -faxxe Same device, similar time, same problem - my RB1100AH4x wit...
by Kraken2k
Wed Oct 30, 2019 3:02 pm
Forum: Announcements
Topic: v6.45.7 [stable] is released!
Replies: 104
Views: 69883

Re: v6.45.7 [stable] is released!

Upgraded RB2011, RB1100AHx4, hAP ac without any problems and running ok for few days already.

For hAP lite, I had to delete all extra files on router, including config backups to make the update work, but after that also no problems.
by Kraken2k
Fri Apr 12, 2019 2:39 pm
Forum: Announcements
Topic: v6.44.2 [stable] is released!
Replies: 67
Views: 36885

Re: v6.44.2 [stable] is released!

Updated several RB2011UiAS-2HnD-IN, RB1100AHx4 and hAP ac over a day ago. No issues detected so far. Nevertheless... one issue with IPsec still persist along many versions: after sending few TBs of traffic over site2site tunnels, the router just collapse and reboot itself without any warning - just ...
by Kraken2k
Mon Oct 29, 2018 11:25 am
Forum: Announcements
Topic: v6.43.4 [stable] is released!
Replies: 78
Views: 50775

Re: v6.43.4 [stable] is released!

RB2011 upgraded without problems, no issues so far.
Same here
by Kraken2k
Mon Oct 29, 2018 11:14 am
Forum: Announcements
Topic: Winbox vulnerability: please upgrade
Replies: 329
Views: 176611

Re: Winbox vulnerability: please upgrade

Automatic upgrade should be the default and is quickly becoming best practice. This is plain stupid! I could be fired on the spot if I don't issue warning about down time. Some environments depend on equipment which is 24/7/365 up. Not every one have Mikrotik in home or small office environment. If...
by Kraken2k
Mon Oct 22, 2018 12:26 pm
Forum: Announcements
Topic: Winbox vulnerability: please upgrade
Replies: 329
Views: 176611

Re: Winbox vulnerability: please upgrade

Automatic upgrade should be the default and is quickly becoming best practice. This is plain stupid! I could be fired on the spot if I don't issue warning about down time. Some environments depend on equipment which is 24/7/365 up. Not every one have Mikrotik in home or small office environment. If...
by Kraken2k
Wed Sep 26, 2018 8:59 pm
Forum: Announcements
Topic: v6.43.1 [stable] and v6.43.2 [stable] are released!
Replies: 186
Views: 85152

Re: v6.43.1 [stable] and v6.43.2 [stable] is released!

It seems that bridge gets it's MAC automatically from the first port connected to it - dynamically changing this whenever the config change is made.... This is actually a documented behavior... Yes, it is... I just had no idea, how two bridges managed to get the same MAC dynamically. Now I know - m...
by Kraken2k
Wed Sep 26, 2018 6:30 pm
Forum: Announcements
Topic: v6.43.1 [stable] and v6.43.2 [stable] are released!
Replies: 186
Views: 85152

Re: v6.43.1 [stable] and v6.43.2 [stable] is released!

I was hoping to see actual configuration ... better yet, post output of /inteface bridge print , /interface bridge port print and /interface ethernet print ... it would be interesting to see where MAC of both bridges comes from. It seems that bridge gets it's MAC automatically from the first port c...
by Kraken2k
Wed Sep 26, 2018 5:58 pm
Forum: Announcements
Topic: v6.43.1 [stable] and v6.43.2 [stable] are released!
Replies: 186
Views: 85152

Re: v6.43.1 [stable] and v6.43.2 [stable] is released!

I was hoping to see actual configuration ... better yet, post output of /inteface bridge print , /interface bridge port print and /interface ethernet print ... it would be interesting to see where MAC of both bridges comes from. Here - MACs seems to be originated from ether1 default MAC address: /i...
by Kraken2k
Wed Sep 26, 2018 4:04 pm
Forum: Announcements
Topic: v6.43.1 [stable] and v6.43.2 [stable] are released!
Replies: 186
Views: 85152

Re: v6.43.1 [stable] and v6.43.2 [stable] is released!

I found a strange behavior about bridges - might be only WinBox issue but still... Can you post output of command /interface bridge export ? Just to check if there's something weird. Here is the output - bridge1 was only created to demonstrate this, and there is only one interface included atm. Yes...
by Kraken2k
Wed Sep 26, 2018 12:36 pm
Forum: Announcements
Topic: v6.43.1 [stable] and v6.43.2 [stable] are released!
Replies: 186
Views: 85152

Re: v6.43.1 [stable] and v6.43.2 [stable] is released!

I found a strange behavior about bridges - might be only WinBox issue but still... I have two bridges in my config - when I create bridge, MAC address is automatically assigned (I never use administrative MACs, or create bridges by Copy) and these are unique. But since the moment, when I assign a po...
by Kraken2k
Wed Sep 26, 2018 12:08 pm
Forum: General
Topic: L2TP & Unsafe Config
Replies: 3
Views: 5300

Re: L2TP & Unsafe Config

As there are quite limited options to automate certificate operations at MikroTik (be it Let's Encrypt or other) I would like to ask, what is so unsafe with IPsec using PSK in case the key is >64 characters long, both sides have static IP, ipsec mode works in main mode (also ipsec connections from u...
by Kraken2k
Tue Sep 18, 2018 4:21 pm
Forum: Announcements
Topic: Winbox v3.18 released!
Replies: 49
Views: 205679

Re: Winbox v3.18 released!

Looks like the "Reconnect" problem (viewtopic.php?f=21&t=134940&start=50#p665710) has been fixed in this release :)

Thanks!
by Kraken2k
Tue Sep 18, 2018 2:15 pm
Forum: Announcements
Topic: v6.43.1 [stable] and v6.43.2 [stable] are released!
Replies: 186
Views: 85152

Re: v6.43.1 [stable] is released!

Maybe 6.43.1 was retracted or not available for automatic download yet/now.
I just installed over automatic download and this happen. its a simple error maybe :=)
Updated RB2011 the same way - this did not happen in my case (RouterOS versions are reported correctly)
by Kraken2k
Wed Aug 22, 2018 11:16 am
Forum: Announcements
Topic: v6.42.7 [current] is released!
Replies: 159
Views: 69855

Re: v6.42.7 [current] is released!

Upgraded RB2011, no issues so far.
FYI, my nick name is based on a well known product from Czech Republic
Yeah... your avatar is pretty self-explaining.
by Kraken2k
Fri Aug 17, 2018 12:24 pm
Forum: Announcements
Topic: Winbox v3.17 released!
Replies: 17
Views: 28293

Re: Winbox v3.17 released!

I still get it every time. If I use the other winbox window and press connect it connects. When I press the reconnect the last thing I see is logging in... then it fades out. Sometimes it returns to reconnect but still doesn't connect or not show up at all Same problem, same behavior... since v3.14...
by Kraken2k
Tue Jul 10, 2018 2:54 pm
Forum: Announcements
Topic: Winbox v3.16 released!
Replies: 62
Views: 60043

Re: Winbox v3.16 released!

The problem with "Click Reconnect, then Winbox window disappears and after exactly 30 seconds automatically disconnect from device with Connection lost window appearing again" still persist (first time spotted in v3.14 https://forum.mikrotik.com/viewtopic.php?f=21&t=134940&start=50...
by Kraken2k
Wed Jun 20, 2018 4:20 pm
Forum: Announcements
Topic: Winbox v3.15 released!
Replies: 20
Views: 22861

Re: Winbox v3.15 released!

Does reconnection to router after recent disconnection work? It seems that it doesn't work in 3.14 for me reliably.
Yes, the problem still persist since last version, same behavior as described here: viewtopic.php?f=21&t=134940&start=50#p665710)
by Kraken2k
Mon Jun 04, 2018 12:55 pm
Forum: General
Topic: Netwatch deprecated ? [SOLVED]
Replies: 70
Views: 30728

Re: Netwatch deprecated ? [SOLVED]

Now, when Netwatch can't access global variables, is there any way to pass a value to launched script? I have few dozens of devices checked by Netwatch and one script for checking if the host is down or up for good or not - the main reason is that in case of any change I change it just once, not fif...
by Kraken2k
Fri Jun 01, 2018 11:39 am
Forum: Announcements
Topic: Winbox 3.14 released!
Replies: 77
Views: 58575

Re: Winbox 3.14 released!

I have problem with "Reconnect" button after the connection was lost: after clicking it, the Winbox window disappear. According to log, login to router was successful, but automatically disconnected after 30 seconds. (never happened in 3.13)
by Kraken2k
Wed Apr 25, 2018 2:43 pm
Forum: Announcements
Topic: v6.42.1 [current]
Replies: 272
Views: 98646

Re: v6.42.1 [current]

Just a small thing: when you change Comment of an item, it is really necessary to "disable and enable" ("device changed" message is logged) the commented item? For example when I change comment to IPsec policy or wireless interface, it gets restarted which is annoying, because cl...
by Kraken2k
Tue Apr 24, 2018 12:48 am
Forum: Announcements
Topic: v6.42.1 [current]
Replies: 272
Views: 98646

Re: v6.42.1 [current]

Updated several RB2011UiAS-2HnD, RB1100Dx4 and hAP ac (also lite version) and so far everything looks ok.

In addition to previous messages in this thread, while updating firmware, all RBs wrote "Firmware updated, please reboot to take effect!" message in log.
by Kraken2k
Thu Mar 29, 2018 3:19 pm
Forum: Announcements
Topic: v6.41.3 [current]
Replies: 139
Views: 57288

Re: v6.41.3 [current]

Updated my RB1100AHx4 a week ago - so far no problem, but today morning rebooted unexpectedly with "router rebooted because some critical program crashed" error.

Report sent, Ticket#2018032922004596
by Kraken2k
Wed Feb 14, 2018 4:37 pm
Forum: General
Topic: IPSec Tunnel, pingable router but no access
Replies: 9
Views: 1997

Re: IPSec Tunnel, pingable router but no access

...
add action=masquerade chain=srcnat comment="masq. vpn traffic" src-address=0.89.168.192-255.89.168.192
Isn't this address just written in reverse order? Also the following NAT rule is disabled.
by Kraken2k
Thu Dec 14, 2017 4:36 pm
Forum: General
Topic: Change default NAT-T port for IPsec tunnel?
Replies: 1
Views: 2102

Re: Change default NAT-T port for IPsec tunnel?

Also it seems that RouterOS is unable to forward UDP 500 traffic using firewall-NAT-dstnat to another IP address. The following rule add action=dst-nat chain=dstnat comment="test" dst-port=500 protocol=udp to-addresses=192.168.1.63 just does not do anything and all UDP 500 traffic ends in ...
by Kraken2k
Wed Dec 13, 2017 6:52 pm
Forum: General
Topic: Change default NAT-T port for IPsec tunnel?
Replies: 1
Views: 2102

Change default NAT-T port for IPsec tunnel?

Default port for remote IPsec peer (500) can be changed. Is it possible to change the destination port for NAT traversal? The situation: there is a Lancom router between two RB that already uses ports 500 and 4500 for it's own clients (it's a customer device, so I cannot change that behavior) : RB1 ...
by Kraken2k
Mon Dec 04, 2017 2:43 pm
Forum: Announcements
Topic: v6.40.5 [current]
Replies: 82
Views: 42504

Re: v6.40.5 [current]

Updated 2011UiAS-2HnD from 6.40.4 (firmware 3.41) to 6.40.5 - so far no problems.
by Kraken2k
Wed Nov 08, 2017 12:50 pm
Forum: General
Topic: Winbox not Saving Sessions
Replies: 5
Views: 9532

Re: Winbox not Saving Sessions

I had the same problem since last update of Windows 10 - moving Winbox.exe from C:\Program Files (x86)\Winbox to %USERPROFILE%\AppData\Roaming\Mikrotik\Winbox\ folder actually solved the problem for me. It also worked when I launched Winbox as an administrator (which is not the same as launching it ...
by Kraken2k
Tue Oct 03, 2017 4:32 pm
Forum: General
Topic: PPP Firewalling
Replies: 9
Views: 4839

Re: PPP Firewalling

Just a small note on ppp firewalling topic for everyone who tried to find how it works: 1) start with adding this rule (which at the beginning does not make much sense): (place after your established, related, etc) /ip firewall filter add chain=forward action=jump jump-target=ppp comment="PPP c...
by Kraken2k
Mon Oct 02, 2017 6:11 pm
Forum: Announcements
Topic: v6.40.3 [current]
Replies: 95
Views: 43485

Re: v6.40.3 [current]

EoIP and IPsec tunnels - saga continues :) at least I hope I'm not making any basic mistake. If so please tell me: I encounter problems using the combination of above (IPsec site-to-site tunnel, using policies and EoIP tunnel inside this one). When EoIP tunnel (using IPs of LAN interfaces in both si...
by Kraken2k
Tue Jul 11, 2017 11:16 am
Forum: Announcements
Topic: v6.39.2 [current]
Replies: 122
Views: 57626

Re: v6.39.2 [current]

[*] Go buy another device.[/list] Well, thank you very much for that but, since it is clear that this is not my fault, I am not going to throw 100 eur in the garbage. I just clicked "Upgrade" button and nothing else. Meaning: you should try steps above before buying a replacement. Nothing...
by Kraken2k
Thu Jun 29, 2017 12:05 pm
Forum: Announcements
Topic: v6.39.2 [current]
Replies: 122
Views: 57626

Re: v6.39.2 [current]

Upgraded RB1100AHx2 from 6.37.5 to 6.39.2 and encountered problems with IPsec tunnels: I have site2site tunnels (other side are also mostly RB2011UAS-2HnD with RoS 6.39.2, that were upgraded from the same version at the same moment). I made no config changes and tunnels worked for a really long time...
by Kraken2k
Thu Jun 02, 2016 5:08 pm
Forum: Announcements
Topic: v6.34.5 [bugfix] is released!
Replies: 23
Views: 14864

Re: v6.34.5 [bugfix] is released!

Upgraded to 6.34.5 from previous bugfix version (6.32.4) and all VRRP interfaces are gone :( the same problem as v6.35.1 have...
by Kraken2k
Thu Jan 07, 2016 1:12 pm
Forum: RouterBOARD hardware
Topic: RB2011UAS-2HnD stops responding spontaneously
Replies: 42
Views: 18823

Re: RB2011UAS-2HnD stops responding spontaneously

Solved this issue finally! (tested on version 6.32.1) I had these problems since upgrade from 6.25 to newest version (last incident it was 6.30.2) on RB1100AHx2 - after few days, the router stopped to respond - still running, reacts to cable connect/disconnect but no response on ethernet ports. I wa...
by Kraken2k
Thu Jan 07, 2016 1:04 pm
Forum: Announcements
Topic: 6.32.2 released
Replies: 57
Views: 31004

Re: 6.32.2 released

Problem with router cache owerflow caused by sending traffic over IPsec tunnels (even if the router cache is turned off in the settings) still persists in this release :? Ticket number #2015081766000633 Just for the record - I finally managed to resolve this issue on router with ~20 IPsec tunnels (...
by Kraken2k
Tue Dec 08, 2015 12:29 pm
Forum: Announcements
Topic: 6.32.2 released
Replies: 57
Views: 31004

Re: 6.32.2 released

*) vrrp - fix arp=reply-only;
*) vrrp - do not warn about version mismatch if VRID does not match;
*) vrrp - allow VRRP to work behind firewall and NAT rules;
How this feature actually works?
by Kraken2k
Fri Nov 27, 2015 1:59 pm
Forum: Announcements
Topic: Winbox3.0 released!
Replies: 45
Views: 28176

Re: Winbox3.0 released!

I like to use this one :) good work! Found only one small thing: if you have one instance of Winbox and connected to multiple devices through "Open in new Window", then if the connection is lost to multiple devices, you have multiple "Router <ip> has been disconnected <time> ago"...
by Kraken2k
Wed Nov 11, 2015 5:19 pm
Forum: Announcements
Topic: 6.33 version released!
Replies: 139
Views: 56321

Re: 6.33 version released!

Updated 3 days ago... I really hoped that route cache overflow issue will be solved by this update but... no :( the issue was reported more than 4 years ago , not just once and repeatedly with no fix, workaround or even finding the source of this issue. If you put it together: there is a "featu...
by Kraken2k
Thu Nov 05, 2015 2:16 pm
Forum: General
Topic: 6.32.3 version released!
Replies: 47
Views: 20800

Re: 6.32.3 [CURRENT] version released!

Problem with router cache owerflow caused by sending traffic over IPsec tunnels still persists in this release, despite the fact the Router Cache feature is turned off. Ticket number #2015081766000633 In which constelation? Pleain IPSec or in combination with L2TP maybe? We do not use L2TP, so plai...
by Kraken2k
Wed Nov 04, 2015 1:50 pm
Forum: General
Topic: 6.32.3 version released!
Replies: 47
Views: 20800

Re: 6.32.3 [CURRENT] version released!

Problem with router cache owerflow caused by sending traffic over IPsec tunnels still persists in this release, despite the fact the Router Cache feature is turned off.

Ticket number #2015081766000633
by Kraken2k
Fri Oct 23, 2015 11:03 am
Forum: General
Topic: OpenVPN server and duplicate packets
Replies: 42
Views: 87030

Re: OpenVPN server and duplicate packets

The OpenVPN settings for MikroTik is described on wiki page. It's not exactly easy to understand all steps, but in fact the settings itself is not that complicated.

IMHO the biggest problem with OpenVPN settings is handling keys and certificates, because the concept of this is often misunderstood.
by Kraken2k
Thu Oct 15, 2015 6:52 pm
Forum: General
Topic: OpenVPN server and duplicate packets
Replies: 42
Views: 87030

Re: OpenVPN server and duplicate packets

After days of testing... I made it working! The problem was not in the MikroTIK configuration, but on the Synology NAS ... and the "duplicate packet" error was not the blocking issue. So how to find out what's wrong... Enabled SSH on Synology logging in as a user root (with tha same passwo...
by Kraken2k
Mon Oct 05, 2015 2:16 pm
Forum: Announcements
Topic: 6.32.2 released
Replies: 57
Views: 31004

Re: 6.32.2 released

Problem with router cache owerflow caused by sending traffic over IPsec tunnels (even if the router cache is turned off in the settings) still persists in this release :?

Ticket number #2015081766000633
by Kraken2k
Mon Sep 14, 2015 12:21 pm
Forum: General
Topic: OpenVPN server and duplicate packets
Replies: 42
Views: 87030

OpenVPN server and duplicate packets

I try to setup OpenVPN server at RB1100AHx2 with RouterOS v 6.32.1 (with public IPv4 address). I followed the wiki tutorial , but it still disconnects the client - on the other side, there is Synology NAS RS812. Certificates imported, trusted and all the stuff, but RB keep dropping the connection be...
by Kraken2k
Wed Sep 09, 2015 10:39 am
Forum: Announcements
Topic: v6.32.1 released
Replies: 76
Views: 31248

Re: v6.32.1 released

my RB450G has below warning, is it normal or bug? ether2-master-local excessive broadcasts/multicasts, probably a loop Snap1.jpg previous v6.30.4 doesnt have such problem. pls help to solve it. thanks you disable ip/neighbors in all devices connected to ether2-master-local I see no sense doing this...
by Kraken2k
Tue Aug 25, 2015 12:23 pm
Forum: Announcements
Topic: v6.30.2 bugfix release
Replies: 147
Views: 58928

Re: v6.30.2 bugfix release

Kraken2k did you get a ticket number as a response? Normally you would just email support@mikrotik.com, the form is just a shortcut to the same. Sent it from your email and see if you get a ticket number. Hi, yes - I sent an e-mail with and got the ticket number #2015081766000633 As advised, I disa...
by Kraken2k
Fri Aug 14, 2015 3:18 pm
Forum: Announcements
Topic: v6.30.2 bugfix release
Replies: 147
Views: 58928

Re: v6.30.2 bugfix release

I had problems since upgrade from 6.25 to newest version (at last incident it was 6.30.2) on RB1100AHx2 - after few days, the router stopped to respond - still running, reacts to cable connect/disconnect but no response on ethernet ports. Yesterday I was able to connect to connect using serial port...
by Kraken2k
Thu Aug 06, 2015 4:28 pm
Forum: Announcements
Topic: v6.30.2 bugfix release
Replies: 147
Views: 58928

Re: v6.30.2 bugfix release

I downgraded from 6.30.2 back to 6.25 I wonder if you managed to make a supout.rif before downgrading. There are so many of us complaining about bug here, and so little actually supplying Mikrotik engineers with enough information to reproduce and fix those bugs... +1 This is a very important point...
by Kraken2k
Thu Aug 06, 2015 11:20 am
Forum: Announcements
Topic: v6.30.2 bugfix release
Replies: 147
Views: 58928

Re: v6.30.2 bugfix release

I had problems since upgrade from 6.25 to newest version (at last incident it was 6.30.2) on RB1100AHx2 - after few days, the router stopped to respond - still running, reacts to cable connect/disconnect but no response on ethernet ports. Yesterday I was able to connect to connect using serial port ...
by Kraken2k
Wed Jul 08, 2015 2:05 pm
Forum: Announcements
Topic: v6.29 released
Replies: 191
Views: 76233

Re: v6.29 released

Upgraded two RB1100AHx2 (powerpc) from 6.24 to 6.29.1 and since then I have problem with Simple Queues respectively... half of it: Simple example from wiki - limit LAN traffic (identified by IP address range) to WAN (identified by interface eth11 to ISP; there is src-nat to public IP address on VRR...
by Kraken2k
Mon Jun 22, 2015 5:34 pm
Forum: Announcements
Topic: v6.29 released
Replies: 191
Views: 76233

Re: v6.29 released

Upgraded two RB1100AHx2 (powerpc) from 6.24 to 6.29.1 and since then I have problem with Simple Queues respectively... half of it: Simple example from wiki - limit LAN traffic (identified by IP address range) to WAN (identified by interface eth11 to ISP; there is src-nat to public IP address on VRRP...
by Kraken2k
Mon Jun 22, 2015 3:00 pm
Forum: Announcements
Topic: v6.29 released
Replies: 191
Views: 76233

Re: v6.29 released

As I understand the current processing of IPSec encrypted traffic, the traffic passes the firewall input chain, is then decrypted and the decrypted traffic is then again handled by the firewall e.g. the forward chain. When the firewall processes the decrypted traffic it will be shown as coming from...
by Kraken2k
Fri Feb 06, 2015 1:03 pm
Forum: General
Topic: Winbox 3 RC
Replies: 636
Views: 207096

Re: Winbox 3 RC

they are saved. do NOT click the save button unless you want to make a new session. current session is saved automatically. I guess we need to make this more clear in some way. The reports are for the inline settings button. When you clicked the button in a previous session and reopen, the button i...
by Kraken2k
Tue Feb 03, 2015 3:03 pm
Forum: General
Topic: Winbox 3 RC
Replies: 636
Views: 207096

Re: Winbox 3 RC

Sorting log is quite complicated one - I can imagine - but would it be possible to be able to copy lines from log window? Just like from terminal. Also... has anyone encountered problems with "Copy" (interface/firewall rule...) button? It happened to me several times randomly: 1) create ob...