Community discussions

Search found 14 matches

by kburzyns
Mon Jun 01, 2015 8:45 am
Forum: Beginner Basics
Topic: IPsec tunnel doesn't come up
Replies: 10
Views: 1993

Re: IPsec tunnel doesn't come up

At the very beginning You should enable NAT Traversal. It uses UDP port 4500.
by kburzyns
Fri May 29, 2015 8:56 am
Forum: Beginner Basics
Topic: Serial console on RB450G
Replies: 6
Views: 2383

Re: Serial console on RB450G

To connect via console through Your USB -> COM cable You need additionally a Null modem cable. Have You tried a Mikrotik Netinstall?
by kburzyns
Tue May 26, 2015 9:07 am
Forum: Beginner Basics
Topic: Bridge Filter
Replies: 5
Views: 887

Re: Bridge Filter

To enable firewall on the Brige (Winbox) go to Bridge > Settings and mark 'Use IP Firewall'. If You need more help You should paste config or picture of Your network.
by kburzyns
Fri Apr 03, 2015 12:54 pm
Forum: Forwarding Protocols
Topic: Multihomed BGP configuration with VRRP?
Replies: 3
Views: 2271

Re: Multihomed BGP configuration with VRRP?

You can use Netwatch script to disable VRRP interface when ISP is down. Then You can remove iBGP cross link. This solution isn't perfect, but should works.
by kburzyns
Fri Apr 03, 2015 12:46 pm
Forum: Beginner Basics
Topic: Huawei E353Ws-2 and RB951
Replies: 5
Views: 1161

Re: Huawei E353Ws-2 and RB951

Your modem is not present on thist list:

http://wiki.mikrotik.com/wiki/Supported_Hardware

If You are desperated try to change Data Channel and Info Channel. Go to Interfece ppp, press Advance Mode button and get lucky.
by kburzyns
Tue Mar 31, 2015 9:09 am
Forum: Forwarding Protocols
Topic: Routing filter issue
Replies: 5
Views: 1231

Re: Routing filter issue

Now try one you WANT to work: 172.16.100.0/24 Rule 1: 172.16.100.0/24 IS a match, so invert that = FALSE - rule fails, proceed to rule 2 Rule 2: 172.16.100.0/24 does NOT match 172.16.101.0/24 - invert that -> TRUE - Action = Discard So, rule 2 drops the stuff rule 1 should keep, and rule 1 drops th...
by kburzyns
Wed Mar 25, 2015 9:13 am
Forum: Forwarding Protocols
Topic: Routing filter issue
Replies: 5
Views: 1231

Re: Routing filter issue

Thank You, everything is clear now. I have had no idea that routing filter works like the firewall. Your both propositions are understandable, but I will stay with my rule "add action=discard chain=only_local_out invert-match=yes locally-originated-bgp=yes" because it is not sensitive for adding new...
by kburzyns
Tue Mar 24, 2015 11:04 am
Forum: Beginner Basics
Topic: best way to limit public bandwidth
Replies: 2
Views: 1049

Re: best way to limit public bandwidth

If You use bridge, you may have similar issue:

http://forum.mikrotik.com/viewtopic.php?f=13&t=94876
by kburzyns
Fri Mar 20, 2015 9:18 am
Forum: Beginner Basics
Topic: best way to limit public bandwidth
Replies: 2
Views: 1049

Re: best way to limit public bandwidth

Below working example of PCQ - limit download stream to 1 Mbps, WAN interface is ether2. 1. Define a mangle to mark what traffic You want to limit: /ip firewall mangle add action=mark-packet chain=prerouting in-interface=ether2 new-packet-mark=client_download 2. Create queue type: /queue type add ki...
by kburzyns
Wed Mar 18, 2015 12:45 pm
Forum: General
Topic: Known issues and bugs - a list
Replies: 283
Views: 111681

Re: Known issues and bugs - a list

by kburzyns
Wed Mar 18, 2015 12:43 pm
Forum: Forwarding Protocols
Topic: VPN SITE TO SITE ON INTERNET BEHIND NATED NETWORK
Replies: 6
Views: 1483

Re: VPN SITE TO SITE ON INTERNET BEHIND NATED NETWORK

In my opinion You don't need to modify front_nat_network router. I have an example configuration made on Cisco devices. On Mikrotik it should be the same.
NAT-test.png
Routers configuration below.
by kburzyns
Mon Mar 16, 2015 9:33 am
Forum: Forwarding Protocols
Topic: VPN SITE TO SITE ON INTERNET BEHIND NATED NETWORK
Replies: 6
Views: 1483

Re: VPN SITE TO SITE ON INTERNET BEHIND NATED NETWORK

Try "NAT Traversal" in IPsec Peer configuration.
by kburzyns
Thu Mar 12, 2015 9:20 am
Forum: Forwarding Protocols
Topic: Routing filter issue
Replies: 5
Views: 1231

Routing filter issue

Hi, I have three routers: "11", "12" and "13" connected as in the picture, running eBGP. I do NOT want to redistribute routes from router "13" to "12". Pict1.png I have prepared routing filter: add action=discard chain=only_local_out invert-match=yes prefix=172.16.100.0/24 add action=discard chain=o...