Community discussions

Search found 102 matches

by inteq
Wed Oct 09, 2019 8:00 pm
Forum: General
Topic: Slow connection via mikrotik
Replies: 17
Views: 2096

Re: Slow connection via mikrotik

The 1st device, the one from your ISP is set to bridge or routing?
Put it in bridge mode.

Any Mikrotik device, even if drunk, on fire and beaten with a club (all at the same time) can handle 8 Mbps.
by inteq
Wed Aug 14, 2019 1:02 pm
Forum: General
Topic: RB100AHx4 - High speed torrent freezing browsing
Replies: 1
Views: 423

Re: RB100AHx4 - High speed torrent freezing browsing

It seems it is indeed caused by a router on the ISP side, because every website and service hosted inside the ISP network is working just fine when "the freezing" happens. Even direct peering/cdn like youtube and gmail work just fine. Anything that has to exit the ISP network is busted tho for ~2 mi...
by inteq
Tue Aug 13, 2019 3:44 pm
Forum: RouterBOARD hardware
Topic: S+RJ10 Revisions
Replies: 15
Views: 2491

Re: S+RJ10 Revisions

2 x 2.07 revision modules in a CSS326 used as pass-through for testing @ 1 Gbps until the 10 Gbps nics arrive. Without active cooling, the darn things get to 70 Celsius fast. Can barely touch them. With active cooling, a small 40x20mm Noctua fan right on top of the modules blowing down and another 4...
by inteq
Mon Aug 12, 2019 10:08 am
Forum: Scripting
Topic: Add PPPOE Client IP-Address to Address List
Replies: 1
Views: 309

Re: Add PPPOE Client IP-Address to Address List

IP/Cloud
Enable DDNS
Add that DDNS to a dynamic address list entry with fqdn not IP.
When the IP changes, the address list entry will update to the new IP automatically.
by inteq
Mon Aug 12, 2019 10:02 am
Forum: General
Topic: Netwatch Problem
Replies: 3
Views: 485

Re: Netwatch Problem

Increase timeout in netwatch.
I am monitoring some IPSec tunnels with netwatch and daily I get false alarms. Then again, my timeout is 1000 ms (normal reply of tunnels is 2-5ms)
by inteq
Fri Aug 09, 2019 5:44 pm
Forum: General
Topic: RB100AHx4 - High speed torrent freezing browsing
Replies: 1
Views: 423

RB100AHx4 - High speed torrent freezing browsing

Hello, Been having this problem for some time now. Using Mikrotik's RB1100AHx4 Dude Edtition with a PPPoE connection. It happens randomly when downloading a torrent with many seeds close to 1 Gbps and can last about 2 minutes after the download has finished. And by random I mean I just tested downlo...
by inteq
Thu Aug 01, 2019 10:15 pm
Forum: Wireless Networking
Topic: Station - Connect to best AP
Replies: 1
Views: 290

Re: Station - Connect to best AP

viewtopic.php?t=80905 might get you going. Haven't tested.
by inteq
Wed Jul 24, 2019 9:21 pm
Forum: RouterBOARD hardware
Topic: RB1100Ahx4 Dude Edition - Slow SATA speeds
Replies: 1
Views: 668

Re: RB1100Ahx4 Dude Edition - Slow SATA speeds

In case anyone else is looking for an answer to this, Mikrotik responded with: Hello, For now, reading/writing to storage is a single-core process in RouterOS and, as the CPU resource screenshots show, they are reaching the maximum load. Unfortunately, our research has revealed that currently, it is...
by inteq
Wed Jul 24, 2019 9:17 pm
Forum: General
Topic: pppoe-1 not reconnecting
Replies: 9
Views: 623

Re: pppoe-1 not reconnecting

Then change
if ($WanStat = "disconnected")
with
if ($WanStat = "terminating... - peer is not responding")
by inteq
Wed Jul 24, 2019 3:54 pm
Forum: General
Topic: pppoe-1 not reconnecting
Replies: 9
Views: 623

Re: pppoe-1 not reconnecting

Disconnect the cable again. The one from the phone line to ADSL modem, not the one between ADSL modem and MIkrotik.
On Winbox, open the terminal and paste:
/interface pppoe-client monitor PPPoE1

Change PPPoE1 with your value
What is the Status value when the cable is unplugged?
by inteq
Wed Jul 24, 2019 12:36 pm
Forum: Wireless Networking
Topic: CAPsMAN 5GHz data rates problem
Replies: 2
Views: 487

Re: CAPsMAN 5GHz data rates problem

I would only keep one 5Ghz channel, like 36 for example.(for one AP setups) add band=5ghz-onlyac control-channel-width=20mhz extension-channel=eCee frequency=5200 \ name=CH40 tx-power=3 Remove control-channel-width=20mhz extension-channel=eCee and tx-power=3 add authentication-types=wpa-psk,wpa2-psk...
by inteq
Wed Jul 24, 2019 12:28 pm
Forum: Wireless Networking
Topic: Wifi Latency issue
Replies: 2
Views: 461

Re: Wifi Latency issue

Some sort of chipset power saving is my 1st option also for high latency on mobile phones while idle.
My Samsung Galaxy S9+ acts the same.
by inteq
Tue Jul 23, 2019 10:04 pm
Forum: Wireless Networking
Topic: Throughput Issues RouterBoard RBwAPG-5HacT2HnD-US
Replies: 11
Views: 1268

Re: Throughput Issues RouterBoard RBwAPG-5HacT2HnD-US

Retested with an Intel AC 8265 WiFi card in a Dell latitude laptop.
Funny thing: upload speed is lower than on my Samsung galaxy S9+ . About 150-200 Mbps lower.
Download speed is comparable.
The lesson here: not all wifi is equal, even if same standards.
Long live marketing and engineering deps.
by inteq
Tue Jul 23, 2019 6:59 am
Forum: General
Topic: pppoe-1 not reconnecting
Replies: 9
Views: 623

Re: pppoe-1 not reconnecting

We assume your PPPoE interface is named PPPoE1 and the interface your modem/ONT/GPON is connected to is ether1. Change as needed. Create script checkpppoe :local WanName "PPPoE1" :local WanStat /interface pppoe-client monitor $WanName once do={ :set WanStat $status} if ($WanStat = "disconnected") do...
by inteq
Sun Jul 14, 2019 6:44 am
Forum: Wireless Networking
Topic: Throughput Issues RouterBoard RBwAPG-5HacT2HnD-US
Replies: 11
Views: 1268

Re: Throughput Issues RouterBoard RBwAPG-5HacT2HnD-US

I would: 1. check that all interfaces are really connected at 1 Gbps. Maybe change the patch cable to be sure even if 1 Gbps reported. 2. change laptop. maybe use a smartphone with Network Tools from he.net. It has iperf3 3. remove all country, indoor/outdoor, rates, queues and such. 4. use channel ...
by inteq
Sun Jul 14, 2019 12:22 am
Forum: Wireless Networking
Topic: Throughput Issues RouterBoard RBwAPG-5HacT2HnD-US
Replies: 11
Views: 1268

Re: Throughput Issues RouterBoard RBwAPG-5HacT2HnD-US

I would love to see higher throughput also, but 150 Mbps on 5 Ghz tells me there is something wrong on your setup or you have some interference. My RBwAPG-5HacT2HnD (non US) with a Samsung Galaxy S9+ phone can do ~300 Mbps download (with peaks at 400-410 Mbps for a very short time) and 450-500 Mbps ...
by inteq
Mon Jul 08, 2019 3:28 am
Forum: General
Topic: How do I allow DNS traffic from one VLAN to another? [SOLVED]
Replies: 9
Views: 659

Re: How do I allow DNS traffic from one VLAN to another? [SOLVED]

I'm curious ... why would you implement DNS this way, vs just add PiHole to the IP > DNS? I am doing it this way because if I use the pi-hole as a DNS server directly and it ever goes offline, the whole DNS will be offline for the whole DHCP network. The way I described my setup, if the pi-hole goe...
by inteq
Sun Jul 07, 2019 6:07 pm
Forum: Beginner Basics
Topic: Cannot access Hikvision NVR remotely
Replies: 4
Views: 457

Re: Cannot access Hikvision NVR remotely

Maybe because the default port is 8000 and not 8080?
by inteq
Sun Jul 07, 2019 1:03 pm
Forum: General
Topic: How do I allow DNS traffic from one VLAN to another? [SOLVED]
Replies: 9
Views: 659

Re: How do I allow DNS traffic from one VLAN to another? [SOLVED]

My setup with pi-hole is: replace 192.168.100.4 with your pi-hole IP and 176.103.130.130,176.103.130.131 DNS servers with yours On IP\DNS, setup the DNS server as the Pi-Hole private IP. Only one entry. /ip dns set allow-remote-requests=yes cache-max-ttl=1d servers=192.168.100.4 On pi-hole, setup th...
by inteq
Fri Jul 05, 2019 9:38 pm
Forum: General
Topic: M.2 Drive not Found RB1100AHx4 [SOLVED]
Replies: 2
Views: 256

Re: M.2 Drive not Found RB1100AHx4 [SOLVED]

2x SATA 3 compatible (supports 2242, 2260 and 2280 sizes, M-key
Does not support nvme SSDs.
by inteq
Thu Jul 04, 2019 4:49 pm
Forum: General
Topic: One Router, Two separate networks/internet connections
Replies: 1
Views: 206

One Router, Two separate networks/internet connections

Hello, I currently have one internet PPPoE line and planning to get an extra line with a fixed IP and a routed subnet. My small rack can barely fit an extra router so I was thinking to use my current RB1100AHx4 Dude for both internet lines. Connection 1 will be a fixed public IP with a routed subnet...
by inteq
Sat Jun 15, 2019 9:21 am
Forum: General
Topic: DROPPED
Replies: 1
Views: 270

Re: DROPPED

Search... hard stuff.
viewtopic.php?t=49133
by inteq
Thu Jun 06, 2019 8:34 am
Forum: RouterBOARD hardware
Topic: wAP AC (RBwAPG-5HacT2HnD) - How to reduce temperature by 8-10 degrees
Replies: 2
Views: 581

Re: wAP AC (RBwAPG-5HacT2HnD) - How to reduce temperature by 8-10 degrees

Maybe I should share my own hack - remove whole cover and temperature will be reduced even more! (what a surprise, right? :D ) The surprise would be if you could still attach the unit to a wall without the case. This is not a desk unit. As for the little holes, that was the 1st thing I tried. Barel...
by inteq
Tue Jun 04, 2019 10:52 pm
Forum: RouterBOARD hardware
Topic: wAP AC (RBwAPG-5HacT2HnD) - How to reduce temperature by 8-10 degrees
Replies: 2
Views: 581

wAP AC (RBwAPG-5HacT2HnD) - How to reduce temperature by 8-10 degrees

This can be an ugly "hack" without proper tools. For my use, looks don't matter too much. Of course, the warranty is lost, water can get in (only for indoor use) and it might not look so nice. Device: https://mikrotik.com/product/RBwAPG-5HacT2HnD Room temperature: ~25 degrees Celsius Device temperat...
by inteq
Sat May 18, 2019 5:21 am
Forum: Beginner Basics
Topic: Plex Media Server Remote Access - Port Forwarding
Replies: 16
Views: 1336

Re: Plex Media Server Remote Access - Port Forwarding

Use https://www.grc.com/x/ne.dll?bh0bkyd2 to test your ports. Plex is drunk most of the time.Their devs even more so. If you search on their forums you will find plenty of other users with this problem. If you did the port forward and https://www.grc.com/x/ne.dll?bh0bkyd2 shows 32400 open, there is ...
by inteq
Fri May 17, 2019 10:17 pm
Forum: Scripting
Topic: Netwatch script for firewall
Replies: 1
Views: 402

Re: Netwatch script for firewall

Try a comment without spaces in it.
Works just fine.
by inteq
Fri May 17, 2019 7:32 pm
Forum: General
Topic: IPSec Broken after upgrade to 6.44.3
Replies: 5
Views: 570

Re: IPSec Broken after upgrade to 6.44.3

IPSec works just fine here with 6.44.3 on several routers/models. Did not see that error on any of them. The only only thing that might make a difference is that I went from 6.44.2 to 6.44.3 and not from 6.44.1 to 6.44.3. The only change I see in 6.44.3 since 6.44.1 is: *) ipsec - fixed freshly crea...
by inteq
Tue May 14, 2019 1:31 pm
Forum: Beginner Basics
Topic: VPN PPTP Passthrough Problem
Replies: 4
Views: 522

Re: VPN PPTP Passthrough Problem

Mikrotik has its own PPTP server. I would use that one instead of the one on the SBS. In case you have user accounts on SBS, setup a Radius server on SBS and authenticate from Mikrotik. In case you want to keep the PPTP server on SBS, make sure you do not have it active on Mikrotik as well. Would al...
by inteq
Mon May 13, 2019 3:14 pm
Forum: General
Topic: compared to the Internet speed
Replies: 2
Views: 405

Re: compared to the Internet speed

Some ISPs have different bandwidth restrictions for metropolitan/national and "the rest"
If at branch office you have 2 Mbps no matter the destination, you are out of luck. No VPN will help you.
At least this is what I understood you are asking.
by inteq
Mon May 13, 2019 10:16 am
Forum: Wireless Networking
Topic: Very slow 2.4Ghz Wifi
Replies: 3
Views: 581

Re: Very slow 2.4Ghz Wifi

A "general issue" based on?
I have never seen this issue on any of my Mikrotik APs.
This is a forum. When "But thankfully it has been resolved" is usually nice to say how it has been resolved, so the next person might find such info.
by inteq
Thu May 09, 2019 12:17 pm
Forum: Wireless Networking
Topic: Very slow 2.4Ghz Wifi
Replies: 3
Views: 581

Re: Very slow 2.4Ghz Wifi

Try and scan your location for other APs.
If you have Android, try https://play.google.com/store/apps/deta ... nt.usurvey
If it was fine until now, maybe some new AP is causing interference.
Change your channel to a less crowded one. Disable Extension Channel for 2.4 Ghz. Might help.
by inteq
Mon May 06, 2019 11:05 am
Forum: General
Topic: victim of attack PPPOE
Replies: 10
Views: 882

Re: victim of attack PPPOE

Might not be your case, but many users are having problems with pppoe-client looping.
Who knows, it might be the same in your case, a stuck in a loop mikrotik router trying to connect to your pppoe server.
See: viewtopic.php?f=2&t=121047 for example.
by inteq
Mon May 06, 2019 10:59 am
Forum: General
Topic: Resetting admin access
Replies: 6
Views: 457

Re: Resetting admin access

You cannot reset only the admin password, even if you have physical access to the hardware.
Only option: factory reset. (or wait for another WinBox security flaw and learn to exploit it :) )
by inteq
Mon May 06, 2019 1:37 am
Forum: General
Topic: Frequent PPPoE terminations
Replies: 11
Views: 1532

Re: Frequent PPPoE terminations

I only see it after a reboot/firmware update. It is also very random. One reboot it could work, the next one might not. Thus, I wrote a small script to disable the physical port (ether1 in my case) when the pppoe client has the status "disconnected" and enable it back after several seconds. It fixes...
by inteq
Fri May 03, 2019 12:17 pm
Forum: Scripting
Topic: Script to verify incoming IP address and block it in firewall (add to address list)
Replies: 4
Views: 627

Re: Script to verify incoming IP address and block it in firewall (add to address list)

Most Telco providers can assign static IPs for SIM cards (for an extra cost)
This is the way I am allowing SIP access for some mobile clients.
by inteq
Fri May 03, 2019 12:08 pm
Forum: Scripting
Topic: Interface Script on condition! [SOLVED]
Replies: 3
Views: 400

Re: Interface Script on condition! [SOLVED]

Easy way:
Assign each vpn client a static IP in PPP/Secrets/Remote Address
Go to Tools/Netwatch and add a rule for each IP you want.
In UP paste:
/interface set disabled=no ether2
In DOWN paste:
/interface set disabled=yes ether2
Set the timeout to 00:00:05 for 5 seconds or less.
by inteq
Fri May 03, 2019 11:58 am
Forum: General
Topic: Help: Allow only Facebook by domain
Replies: 10
Views: 697

Re: Help: Allow only Facebook by domain

Then allow internet access only to port 80 and 443 and drop the rest to limit p2p usage.
You can also limit your users by download size to save bandwidth.
by inteq
Thu May 02, 2019 8:29 pm
Forum: General
Topic: Dynamic address lists security hole
Replies: 5
Views: 464

Re: Dynamic address lists security hole

At the moment all routers are using new DNS servers that do not exhibit this problem. Will switch one router for testing and save details. I have not checked the entry in address-list but in DNS cache and it was showing 0.0.0.0/0. The machine I was connecting from had an IP that was not supposed to ...
by inteq
Thu May 02, 2019 11:26 am
Forum: General
Topic: Dynamic address lists security hole
Replies: 5
Views: 464

Re: Dynamic address lists security hole

Checking the DNS cache on routers still using the problematic DNS servers, it is 0.0.0.0/0
For the moment I switched DNS servers on all routers, but who knows, it might happen again in the future with other servers.
by inteq
Wed May 01, 2019 10:36 pm
Forum: General
Topic: CCR1072 vs Oem İ9-9900K
Replies: 13
Views: 1213

Re: CCR1072 vs Oem İ9-9900K

Efficient for me means best buck for best performance&features/watt.
If this means the same to you, get the Mikrotik.
For just routing and NAT, an i3 can handle 10 Gbps with lots of room to spare. An i9 9900k is just for show and to heat the room during winter.
by inteq
Wed May 01, 2019 11:18 am
Forum: General
Topic: RouterOS 6.44.x pppoe client issue
Replies: 8
Views: 704

Re: RouterOS 6.44.x pppoe client issue

Using PPPoE client at home with ROS 6.44.3.
Haven't seen any packet loss.
pppoe.png
by inteq
Tue Apr 30, 2019 1:27 pm
Forum: General
Topic: Dynamic address lists security hole
Replies: 5
Views: 464

Dynamic address lists security hole

Hello, Being having this problem for some time and looking for an alternative. Situation I have some entries in address lists for a few dynamic DNS entries. Based on those entries, some access is given. The problem Lately, the DNS servers for a big ISP I am using do not update the ddns when the IP c...
by inteq
Tue Apr 30, 2019 12:57 am
Forum: General
Topic: RB3011UiAS-RM short speed test 200Mb/s download
Replies: 1
Views: 224

Re: RB3011UiAS-RM short speed test 200Mb/s download

Congratulations.
I mean I am glad you are happy, but I am not seeing what you are seeing based on https://mikrotik.com/product/RB3011UiAS ... estresults
by inteq
Mon Apr 29, 2019 9:38 pm
Forum: General
Topic: clients disconnecting from the 5GHz network after several minutes
Replies: 2
Views: 264

Re: clients disconnecting from the 5GHz network after several minutes

I am thinking about some firewall rule that is misbehaving and dropping connections. Something like a DDoS filter that sees the client as a ddoser and blocks it?
Just a wild guess. No info about your setup as none was provided.
Try /export from terminal and edit out what is not needed.
by inteq
Mon Apr 29, 2019 12:35 am
Forum: General
Topic: [SOLVED] UPnP seems not working with PPPoE
Replies: 6
Views: 2687

Re: [SOLVED] UPnP seems not working with PPPoE

Thank you for the info @stunpix It is a bug indeed, because only by following your steps it started working for me. "I deleted all upnp internal/external interfaces, then I disabled upnp by unchecking it and finally I pushed Apply button in upnp dialog. Then I enabled upnp, pushed Apply button and o...
by inteq
Thu Apr 18, 2019 7:26 pm
Forum: RouterBOARD hardware
Topic: RB1100Ahx4 Dude Edition - Slow SATA speeds
Replies: 1
Views: 668

RB1100Ahx4 Dude Edition - Slow SATA speeds

Hello, Using a couple of RB1100AHx4 Dude Edition routers in several locations. The reason I bought the Dude Edition was mainly for proxy caching and in a few locations for simple centralized SMB storage. Not so much for the Dude itself. On the product page it states: The RB1100AHx4 Dude edition feat...
by inteq
Sat Mar 30, 2019 5:56 am
Forum: General
Topic: Feature Request: NUT Client
Replies: 24
Views: 6466

Re: Feature Request: NUT Client

+ for MT NUT client support
by inteq
Sat Mar 02, 2019 12:33 am
Forum: General
Topic: Frequent PPPoE terminations
Replies: 11
Views: 1532

Re: Frequent PPPoE terminations

This topic was the 1st result so posting here. In the same boat with my RB1100AHx4 Dude using PPPoE. Randomly, after a clean reboot or firmware upgrade, the PPPoE connection will loop forever. The only fix is to reboot again or disable/enable the interface connecting to the GPON. I have never experi...
by inteq
Tue Feb 19, 2019 6:35 pm
Forum: Scripting
Topic: Script to Disable Physical Interface in Mikrotik Router
Replies: 2
Views: 276

Re: Script to Disable Physical Interface in Mikrotik Router

And if WAN 1 comes back how would you check, if it is disabled? Search for another way. This is not it.
by inteq
Thu Feb 14, 2019 8:41 pm
Forum: Scripting
Topic: Running a script on PPP session up
Replies: 2
Views: 464

Re: Running a script on PPP session up

Create a profile for each user.
Run the script via the profile on up/down
Or maybe I did not understood your question?
by inteq
Tue Feb 12, 2019 10:03 am
Forum: General
Topic: Config Review - Security Conscience Home User
Replies: 19
Views: 1267

Re: Config Review - Security Conscience Home User

On the contrary, you want to have this drop at very beginning of forward (and input) chain so that trespassers get dropped also for services which otherwise are available to the public. If not, then there's no point in collecting addresses in the address list. Thank you for the correction. I guess ...
by inteq
Tue Feb 12, 2019 7:52 am
Forum: Announcements
Topic: v6.43.12 [stable] is released!
Replies: 49
Views: 12236

Re: v6.43.12 [stable] is released!

After updating from .11 to .12, one RB1100AHx4 (the only one on PPPoE) would not connect via PPPoE at all. Kept looping Initializing, connecting, terminating, disconnected for more than 5 minutes.
One more reboot and it connected instantly.
by inteq
Tue Feb 12, 2019 7:44 am
Forum: General
Topic: Config Review - Security Conscience Home User
Replies: 19
Views: 1267

Re: Config Review - Security Conscience Home User

I would put add action=add-src-to-address-list address-list=\ "Black List (Port Scanner LAN)" address-list-timeout=4w2d chain=forward \ comment="Add TCP port scanner to Port Scanner (LAN) list." in-interface=\ ether1 log=yes log-prefix="Add_Black List (Port Scanner LAN)" protocol=\ tcp psd=21,3s,3,1...
by inteq
Sun Feb 10, 2019 8:40 pm
Forum: General
Topic: Duplicate packet drop error - OpenVPN
Replies: 7
Views: 2718

Re: Duplicate packet drop error - OpenVPN

Most people running ovpn on MT have this error. Nobody knows why or how to fix it. Only how to hide it in logs. So your setup is OK. I have it on all MT routers I am running or tested ovpn on. Please stop responding if you have no input on the matter just to say "i think, it's because your connectio...
by inteq
Sun Feb 10, 2019 10:32 am
Forum: General
Topic: ip phone and/or audio headset attached to Mikrotik
Replies: 6
Views: 864

Re: ip phone and/or audio headset attached to Mikrotik

I would setup a PBX like FreePBX on one site or anywhere you like really. On all others sites create rules on your MTs to only allow connections from a list of your sites to the PBX Use a VoIP phone that can be mounted vertically like https://www.cisco.com/c/en/us/products/collaboration-endpoints/sm...
by inteq
Sat Feb 09, 2019 7:32 pm
Forum: General
Topic: Proxy causes 100% load on only 30mbit bandwidth?
Replies: 1
Views: 502

Re: Proxy causes 100% load on only 30mbit bandwidth?

So to not start another thread on the same topic, I am also seeing this behavior, but with caching, on a RB1100AHx4. I download a file with wget via https to cache it in the 1st place. I download the same file via http and the speed is limited to max 40 MBps. CPU on MT is ~25% during the download. T...
by inteq
Mon Jan 14, 2019 2:17 am
Forum: General
Topic: Src. Address List - does not working
Replies: 3
Views: 309

Re: Src. Address List - does not working

I was afraid I skipped so many versions.
it is 6.43.8.
No problems with source lists
by inteq
Wed Sep 12, 2018 3:26 am
Forum: RouterBOARD hardware
Topic: [TUTORIAL] adding a fan to RB1100AHx4 Dude Edition router
Replies: 12
Views: 1821

Re: [TUTORIAL] adding a fan to RB1100AHx4 Dude Edition router

I don't know where you live, but in Europe at least, ambient office temperature is 25 deg. Celsius, of course with A.C. during Summer and Winter. ( we exclude people that think A.C is a government conspiracy to kill them or people that think A.C. is not safe for them. Let them roast in peace. ) Keep...
by inteq
Tue Sep 11, 2018 9:46 pm
Forum: RouterBOARD hardware
Topic: [TUTORIAL] adding a fan to RB1100AHx4 Dude Edition router
Replies: 12
Views: 1821

Re: [TUTORIAL] adding a fan to RB1100AHx4 Dude Edition router

Sometimes low temperatures increase failure rate. You can read papers about optimal HDDs temperatures. Actually going below 35 deg increases average failure rate of HDDs. https://en.wikibooks.org/wiki/Minimizing_Hard_Disk_Drive_Failure_and_Data_Loss/Environmental_Control I understand what you are s...
by inteq
Tue Sep 11, 2018 6:01 pm
Forum: RouterBOARD hardware
Topic: [TUTORIAL] adding a fan to RB1100AHx4 Dude Edition router
Replies: 12
Views: 1821

Re: [TUTORIAL] adding a fan to RB1100AHx4 Dude Edition router

I'm not sure whether quad core ARM 1.4 ghz requires such cooling tho... You could at least try to mount low profile fan on the inside to keep U1 size compliance lol A small fan like that would not do anything cooling wise. Placebos don't work for electronics. Some racks are housed in data centers, ...
by inteq
Tue Sep 11, 2018 8:03 am
Forum: RouterBOARD hardware
Topic: [TUTORIAL] adding a fan to RB1100AHx4 Dude Edition router
Replies: 12
Views: 1821

Re: [TUTORIAL] adding a fan to RB1100AHx4 Dude Edition router

Without reading the documentation and seeing the router has SATA, I thought it had 5V and 12V SATA. I was wrong. It only has 5V. Nevertheless, I bought 2 Noctua 120mm 12V fans, went and laser cut the case and this is the result: 20180904_132652.jpg 20180904_132621.jpg 20180830_220312.jpg 20180904_14...
by inteq
Thu Sep 06, 2018 3:47 am
Forum: General
Topic: MT PPTP+Radius on Synology [SOLVED]
Replies: 1
Views: 318

Re: MT PPTP+Radius on Synology [SOLVED]

Found the missing " , " The PPP profile I setup for the PPTP server had "Use encryption" set to "default" It seems the Windows 10 VPN client can connect without encryption, while Windows 7 and the Android clients cannot (by default) To fix this, I setup "Use encryption" to "required". Error: [mschap...
by inteq
Thu Sep 06, 2018 3:27 am
Forum: General
Topic: MT PPTP+Radius on Synology [SOLVED]
Replies: 1
Views: 318

MT PPTP+Radius on Synology [SOLVED]

Hello, Been scratching my head for some time with this problem. PPTP server setup and working on a MT RB1100AHx4. All the user accounts are already setup on a Synology NAS, so I have installed and enabled the Radius package on Synology. Setup the Radius server information on MT. Now, on a remote Win...
by inteq
Thu Aug 09, 2018 2:32 am
Forum: RouterBOARD hardware
Topic: RB1100AHx4 Dude - missing temperature sensor
Replies: 0
Views: 320

RB1100AHx4 Dude - missing temperature sensor

I have two RB1100AHx4 Dudes for a deployment and I have noticed one of them is missing the temperature sensor, or at least is not displayed in WinBox.
I do not recall anything in settings I could have switched off/on by mistake to disable the sensor.
Any hints?
mt-sensor.png
by inteq
Tue Jul 24, 2018 10:05 am
Forum: General
Topic: Router compromised [SOLVED]
Replies: 21
Views: 4921

Re: Router compromised [SOLVED]

Got at least one MT hacked also from 95.154.216.151 and mikrotik.php (empty it seems) uploaded.
by inteq
Thu Jul 20, 2017 2:27 pm
Forum: Scripting
Topic: Blacklist Filter update script
Replies: 632
Views: 105646

Re: Blacklist Filter update script

Thank you for the script, but I have to say that, as least in my limited testing, I stumbled upon too many blocked gmail servers. I couldn't even send an email from my gmail account to my corporate address. The worst part is that gmail somehow didn't even alert me that the message did not go through...
by inteq
Mon Oct 24, 2016 7:55 am
Forum: Scripting
Topic: Script to convert dynamic to static address list
Replies: 6
Views: 2483

Re: Script to convert dynamic to static address list

Another way, for all lists: # Convert dynamic to static in address-lists so dynamic records do not get deleted after a router reboot. :local comment :local address :local list :local disabled :local found :set found 0; /ip firewall address-list :foreach a in=[find] do={ :if ([get $a dynamic] = true)...
by inteq
Tue Oct 18, 2016 10:06 am
Forum: General
Topic: Web Proxy
Replies: 4
Views: 741

Re: Web Proxy

If you want a decent proxy with good cache that also has a nice feature called Update Accelerator, try IPFire on an x86 machine with minimum two nics.
Update Accelerator simplifies cache management for Windows updates, Linux updates as well as several other programs.
IPFire is a router distro OS.
by inteq
Mon Oct 17, 2016 7:46 pm
Forum: General
Topic: New Ethernet port flap issue enquiery, PLS JOIN!
Replies: 247
Views: 85654

Re: New Ethernet port flap issue enquiery, PLS JOIN!

Will post here, so I won't start a new thread. Just started getting port flaps on my RB1100AHx2. So far, port 2. I noticed slow speeds on the server connected to port 2 so I ran a cli speed test. As soon as the download speed test started, the port went down. It came up shortly. Ran the test again a...
by inteq
Wed Apr 27, 2016 11:28 pm
Forum: General
Topic: Poor (ridiculously) performance on two CCR1072
Replies: 54
Views: 6899

Re: Poor (ridiculously) performance on two CCR1072

I had a similar situation with a MT router, but the problem was a missing "secret" update on Windows 7/2008 R2.
Only Windows machines were exhibiting the behavior, while Linux boxes were not.
So does not apply to you. Wish I had something to help you with.
by inteq
Wed Apr 27, 2016 9:35 pm
Forum: General
Topic: Poor (ridiculously) performance on two CCR1072
Replies: 54
Views: 6899

Re: Poor (ridiculously) performance on two CCR1072

Both test machines are running Linux/Unix?
by inteq
Mon Feb 22, 2016 5:47 am
Forum: General
Topic: Basic setup of CCR-1009-8G-1S router
Replies: 2
Views: 4261

Re: Basic setup of CCR-1009-8G-1S router

Have you read http://wiki.mikrotik.com/wiki/Manual:In ... figuration ?
"First RouterOS version: ccr1009" :)
by inteq
Mon Feb 22, 2016 5:39 am
Forum: General
Topic: How to fetch this url every 1 min.
Replies: 2
Views: 1121

Re: How to fetch this url every 1 min.

1.Using WinBox, create a script:
:log info "Updating DDNS";
/tool fetch url="https://yourddnsprovider.com/blablah";
name the script update-ddns

2.Using WinBox, create a schedule:
/system script run update-ddns
by inteq
Sat Feb 20, 2016 9:01 am
Forum: General
Topic: Winbox Question
Replies: 2
Views: 306

Re: Winbox Question

I don't have to save anything.
After a reboot or if I close and reopen WinBox, the last setup is always displayed.
Maybe WinBox cannot write it's settings in the folder you are running it?
by inteq
Sat Feb 20, 2016 8:16 am
Forum: General
Topic: RB1100AHx2 slowed to a crawl
Replies: 5
Views: 943

Re: RB1100AHx2 slowed to a crawl

Enable connection tracking and see what is doing what?
by inteq
Wed Feb 17, 2016 8:26 am
Forum: General
Topic: What's your router UPTIME?
Replies: 4
Views: 808

Re: What's your router UPTIME?

And security patches?
On MT, upgrades are very fast and easy to apply via WinBox.
I wouldn't trade 1 min loss of service for security. That is if that router actually has a public facing interface.
If used internally, by all means :)
by inteq
Sun Feb 14, 2016 8:48 pm
Forum: General
Topic: connection tracking cause packet loss!
Replies: 2
Views: 450

Re: connection tracking cause packet loss!

Tracking is set to Auto or Enabled?
I have it on Auto with ~100k connections and an older MT and I do not have this problem.
Do you have any firewall rules to limit icmp based on time/amount?
by inteq
Sun Feb 14, 2016 4:40 am
Forum: General
Topic: HTTP and HTTPS not working for a single host
Replies: 3
Views: 621

Re: HTTP and HTTPS not working for a single host

Maybe that website has some filters? Maybe it uses something like Fail2Ban and somehow your requests are seen as an attack and are getting blocked? On the other hand it seems they are using cloudfare. There might be some problem with cloudfare somehow blocking your access or not having the whole cac...
by inteq
Sun Feb 14, 2016 3:14 am
Forum: General
Topic: Accept some countries to connect
Replies: 2
Views: 708

Re: Accept some countries to connect

If you want to deny some contries: You should grab the zone(s) for the desired country from http://www.ipdeny.com/ipblocks/ Convert them to a Mikrotik format like: /ip firewall address-list add list=blacklist address=1.2.3.4 comment=BadCountry Setup a script on MT to import the file(s) from a http/f...
by inteq
Sun Feb 14, 2016 2:19 am
Forum: General
Topic: RB493G Performance Issue
Replies: 4
Views: 1237

Re: RB493G Performance Issue

I am sorry i cannot help you with your specific problem, but just a friendly reminder MBps is not Mbps.
Getting those two mixed can get confusing.
by inteq
Sat Feb 13, 2016 7:38 am
Forum: General
Topic: RB493G Performance Issue
Replies: 4
Views: 1237

Re: RB493G Performance Issue

Maybe try http://forum.mikrotik.com/viewtopic.php?f=2&t=104555
I had the same problem.
PS: There will come a day when we will be able to do 250 MBps but not just now.
by inteq
Tue Feb 09, 2016 7:08 am
Forum: General
Topic: SMTP mass mailing interception
Replies: 2
Views: 560

Re: SMTP mass mailing interception

The client has his own Mail Server? Or he uses the ISP one? If he has his own, just block all outgoing on tcp 25, 587 to all other destinations but his SMTP Server IP and filter/tarpit from there. You can also monitor outgoing connections on 25 and 587 and if more than x connections in 1 minute, add...
by inteq
Sun Feb 07, 2016 6:37 pm
Forum: General
Topic: [SOLVED] Slow HTTP download
Replies: 7
Views: 5683

Re: Slow HTTP download

I am happy to report that I found the reason for slow HTTP downloads in Windows 7 (Windows 2008 server also seems to be affected) Straight from the horse's mouth: https://support.microsoft.com/en-us/kb/2675785 In plain english: If between location A and location B you have very good latency (1-8 ms)...
by inteq
Sat Feb 06, 2016 9:47 pm
Forum: General
Topic: [SOLVED] Slow HTTP download
Replies: 7
Views: 5683

Re: Slow HTTP download

Hello, Thank you for the replies and ideas. Will try them and get back with details. Believe me or not, I spent all day today trying to get to the bottom of this. Long story short: using Ubuntu 14, or 15 Desktop, HTTP downloads are always full speed. By full speed I mean ~90-100 MBps, depending on s...
by inteq
Fri Feb 05, 2016 2:58 pm
Forum: General
Topic: [SOLVED] Slow HTTP download
Replies: 7
Views: 5683

[SOLVED] Slow HTTP download

Hello, See http://forum.mikrotik.com/viewtopic.php?f=2&t=104555#p520164 for solution Using RB1100AHx2 with RoS 3.34. No NAT, just routing with public IPs. Problem. Downloads from a server behind a RB1100AHx2 using HTTP on port 80 to another host on the outside are limited to ~15MBps. Testing is done...
by inteq
Thu Oct 01, 2015 11:00 pm
Forum: General
Topic: SMTP connection limiting not working
Replies: 0
Views: 534

SMTP connection limiting not working

Hello, Using RoS 3.32.2. Before I switched to MikroTik. in the past I had some nasty problems with infected machines sending large number of spam messages in a short time frame via stolen accounts on the server. To be on the safe side, now I want to implement some counter measures in advance. Readin...
by inteq
Tue Sep 29, 2015 6:37 pm
Forum: RouterBOARD hardware
Topic: How often can I write to MT flash?
Replies: 1
Views: 568

How often can I write to MT flash?

Hello, I am in the process of developing my own aggregated blacklist gathered from several MikroTik routers. As far as I know, writing to the router's flash/storage too often is not a good thing for it's longevity. The question is: how often is too often? At the moment I am thinking of aggregating t...
by inteq
Tue Sep 29, 2015 1:56 am
Forum: Scripting
Topic: limit export to one or two address-list?
Replies: 3
Views: 1495

Re: limit export to one or two address-list?

Found the solution! http://forum.mikrotik.com/viewtopic.php?t=16411#p160122
/ip firewall address-list print file=SomeFileName where list="SomeAddressListName"
by inteq
Mon Sep 28, 2015 7:18 pm
Forum: Scripting
Topic: limit export to one or two address-list?
Replies: 3
Views: 1495

Re: limit export to one or two address-list?

Any news on this?
I too would like to be able to export only a particular address-list for automation.(without copy paste)
I managed to convert all dynamic records to static on a schedule so this is not a problem.
Still no luck?
by inteq
Wed Sep 16, 2015 6:47 pm
Forum: Scripting
Topic: [SOLVED] Update address-list record for dynamic IP
Replies: 0
Views: 897

[SOLVED] Update address-list record for dynamic IP

Hello, What I am trying to achieve Allow incoming connections at location A from an IP that is dynamic at location B, using address-list. Every 5-10 minutes, run a script that pings hostname.no-ip.org and updates the address-list record with the new IP if it is changed. What I have so far The host b...
by inteq
Fri Jul 31, 2015 9:43 am
Forum: General
Topic: RB1100AHx2 - slow upload
Replies: 2
Views: 652

Re: RB1100AHx2 - slow upload

Thank you for the reply and idea.
My router does not crash (yet)
Just configured debug logging to memory.
by inteq
Sun Jul 26, 2015 8:32 am
Forum: General
Topic: RB1100AHx2 - slow upload
Replies: 2
Views: 652

RB1100AHx2 - slow upload

Hello, Being using RB1100AHx2 for several months and just started to have some problems. Since RoS 6.30 I am seeing very slow speeds while uploading to a device behind RB1100AHx2 from an external host. Both locations on gigabit. When the slowdown occurs, I can barely get 5-6 MB/s. To temporary fix t...
by inteq
Tue Mar 10, 2015 9:49 pm
Forum: RouterBOARD hardware
Topic: 1100AHX2 fans
Replies: 7
Views: 2121

Re: 1100AHX2 fans

Thank you for the clarification. Indeed, I missed the part about fans in the manual. Nevertheless, I think it is not the best choice, given that one fan at full speed will fail faster than two fans at moderate speed. Not to mention the noise. Then again, I am not a hardware designer/engineer, so I c...
by inteq
Tue Mar 10, 2015 5:09 am
Forum: RouterBOARD hardware
Topic: Two fans simultaneously on CCR1016 series?
Replies: 18
Views: 3382

Re: Two fans simultaneously on CCR1016 series?

Same problem with 1100AHX2.
I joined the two fans with a cable and plugged it into main.
Now both works in the same time.
Just wondering if this is intended or a malfunction.
by inteq
Tue Mar 10, 2015 5:04 am
Forum: RouterBOARD hardware
Topic: 1100AHX2 fans
Replies: 7
Views: 2121

Re: 1100AHX2 fans

So, judging by the lack of replies, I am the only one in this boat?
by inteq
Wed Mar 04, 2015 8:42 am
Forum: Beginner Basics
Topic: Transparent proxy for SIP
Replies: 4
Views: 1485

Re: Transparent proxy for SIP

Wouldn't be much easier to setup a VPN on MikroTik and connect to it?
That way you will have an IP from your country.
by inteq
Sun Mar 01, 2015 5:37 pm
Forum: Beginner Basics
Topic: traceroute weirdeness
Replies: 0
Views: 552

traceroute weirdeness

Hello, Using RB1100AHX2, ROS 6.27. One direct connected IP and a /29 subnet. No NAT, No firewall, No QoS, No extra routes, No BGP or similiar. Problem From any linux machine on the /29 subnet behind the router, traceroute behaves weird. Meaning: ~# traceroute google.com traceroute to google.com (82....
by inteq
Fri Feb 27, 2015 5:18 am
Forum: RouterBOARD hardware
Topic: 1100AHX2 fans
Replies: 7
Views: 2121

1100AHX2 fans

Hello, Quick question regarding the two fans on 1100AHX2. I have noticed that only one fan is working at any given time so I opened the case to investigate (brand new unit) I see two fans, each with it's own plug on the router board. If I unplug one fan, after one second the other fan will start. If...
by inteq
Thu Feb 26, 2015 7:31 pm
Forum: Beginner Basics
Topic: RB1100AHx2 - Routing performance
Replies: 2
Views: 1143

Re: RB1100AHx2 - Routing performance

Just got the unit and did a some basic tests at home, on a residential internet, until I get to work. Setup the unit with P1 as WAN and P6 as LAN with NAT and DHCP on P6 Network basic diagram FO Converter @ 1 Gbps ---> Asus RT-AC68U 1 Gpbs (PPPoE account on WAN) --- > MikroTik RB1100AHx2 (P1) @ 1 Gb...
by inteq
Wed Feb 25, 2015 8:30 pm
Forum: Beginner Basics
Topic: RB1100AHx2 - Routing performance
Replies: 2
Views: 1143

RB1100AHx2 - Routing performance

Hello everyone, I am a new member in the Mikrotik family, so please, help me out with a question I am asking myself. I have 5 Public IPs, currently routed by the ISP My ISP keeps changing the IPs so I am thinking to purchase a small subnet of 8 IPs and route them with a RB1100AHx2 (http://routerboar...