Community discussions

Search found 11 matches

by mavin
Thu Nov 19, 2015 5:26 pm
Forum: General
Topic: CCR as NetFlow Generator
Replies: 5
Views: 992

Re: CCR as NetFlow Generator

The switch where the port mirror is configured is not the problem. This switch forwards all traffic (that I need) to the CCR. The CCR also receives the traffic (which one can see on the Rx counters). But because the packets have a different dest-mac the interface on the CCR drops them. Of course is ...
by mavin
Thu Nov 19, 2015 4:29 pm
Forum: General
Topic: CCR as NetFlow Generator
Replies: 5
Views: 992

Re: CCR as NetFlow Generator

Thanks for your answer. You verify what I suspected. A colleague had a temp fix with forwarding the traffic out to another physical port. That seems to work somehow. But that also limits the bandwidth since I only have 2 10GbE ports and would need 3 for that (1-input from port mirror, 2-forward out,...
by mavin
Thu Nov 19, 2015 11:56 am
Forum: General
Topic: CCR as NetFlow Generator
Replies: 5
Views: 992

CCR as NetFlow Generator

Hi, I've been search for this for a while now. What I'd like to do is use a CCR to receive traffic from a port mirror (on a different switch) to generate NetFlows and send them to a server to analyze them. I can see the CCR receiving traffic (on the interfaces menu) but no flows are being created. M...
by mavin
Wed Mar 18, 2015 10:41 am
Forum: Beginner Basics
Topic: LOG file showing "got CRL with bad signature" ?
Replies: 3
Views: 4006

Re: LOG file showing "got CRL with bad signature" ?

I withdraw my recent post b/c of my inability to read ...

The certificate in question was indeed not the root cert, it just had a very similar name and properties. A closer look showed that the root cert was missing.

After importing it i'm getting successful CRL updates.
by mavin
Wed Mar 18, 2015 9:59 am
Forum: Beginner Basics
Topic: LOG file showing "got CRL with bad signature" ?
Replies: 3
Views: 4006

Re: LOG file showing "got CRL with bad signature" ?

+1 on this one. I'm running v6.27 and am seeing the same error, with a different certificate. (this is a new installation so I don't know the behaviour with earlier software versions) certificate,info got CRL with bad signature, issued by Deutsche Telekom Root CA 2::DE:Deutsche Telekom AG:T-TeleSec ...
by mavin
Mon Mar 02, 2015 9:36 am
Forum: RouterBOARD hardware
Topic: RB2011UiAS Reset Issue
Replies: 3
Views: 756

Re: RB2011UiAS Reset Issue

Thanks for the reply. I've got it working after some try and error.

just out of curiosity: how would i use a led to load the default configuration?
by mavin
Thu Feb 05, 2015 1:22 pm
Forum: RouterBOARD hardware
Topic: RB2011UiAS Reset Issue
Replies: 3
Views: 756

Re: RB2011UiAS Reset Issue

One little update:

If I plug in a cable in eth1 while it is in "ether boot" the boot process finishes and the old configuration is loaded :/
by mavin
Thu Feb 05, 2015 1:07 pm
Forum: RouterBOARD hardware
Topic: RB2011UiAS Reset Issue
Replies: 3
Views: 756

RB2011UiAS Reset Issue

Hi, today I've locked myself out of my rb2011 during some firewall configuration :/ Well, happens. So I tried to reset to factory default using the reset button on the back and it doesn't seem to work. If I push the reset button right after I turn on power, it will get stuck in a "ether boot" mode. ...
by mavin
Fri Jan 23, 2015 2:10 pm
Forum: General
Topic: Create CSR on RB750GL v6.25
Replies: 0
Views: 435

Create CSR on RB750GL v6.25

Hi, I'm setting up a VPN Gateway on a RB750GL with the current ROS version (6.25). Everything is working fine so far and now I want to exchange my self-signed certificates for some 'real' ones. To create to certificate signing request CSR I created a certificate-template and called /certificate crea...
by mavin
Fri Dec 19, 2014 9:54 am
Forum: General
Topic: Feature request for v7.x
Replies: 269
Views: 63712

Re: Feature request for v7.x

thanks mrz for the info.
I will give that a try. Since I won't have time this year I will give it a look next year.

What I currently need this (SHA2) for is for VPN connections (sstp, pptp, openvpn). Since October my CA only hands out SHA2 certificates.
by mavin
Tue Dec 16, 2014 2:53 pm
Forum: General
Topic: Feature request for v7.x
Replies: 269
Views: 63712

Re: Feature request for v7.x

- Support for SHA2 Hashs. CAs starting to only hand out SHA2 certificates and browsers will drop SHA1 soon. I'm kinda wondering why this hasn't already been brought up... - Openflow 1.3 This might be a bigger problem, but it would really be a big advantage being able to integrate RouterOS in SDN env...