Community discussions

Search found 75 matches

by Joni
Sat Sep 07, 2019 5:26 pm
Forum: General
Topic: v7 Linux Kernel version ?
Replies: 6
Views: 2195

Re: v7 Linux Kernel version ?

AFAIK. Because Tile(ra) architecture (CCR) support is dropped after kernel v4.14.x
by Joni
Sat Aug 17, 2019 4:06 pm
Forum: General
Topic: I'm sure Mikrotik has a legit response to this...
Replies: 14
Views: 1619

Re: I'm sure Mikrotik has a legit response to this...

The response that Normis gave is equivalent to saying, "I don't have AIDS" when he should be able to be saying, "I don't have AIDS and I always wear a condom too." We don't just want Mikrotik to be looking for and fixing vulnerabilities, we also want modern development and design practices that pre...
by Joni
Sat Aug 17, 2019 8:58 am
Forum: General
Topic: I'm sure Mikrotik has a legit response to this...
Replies: 14
Views: 1619

Re: I'm sure Mikrotik has a legit response to this...

How many of these vulnerabilities though are still present when a competent person configures the router? Most persons configuring things in this world are not competent, including you and me, that is why we ask these questions. If your WAN is entirely firewalled against incoming connections (inclu...
by Joni
Thu Aug 15, 2019 6:59 am
Forum: General
Topic: I'm sure Mikrotik has a legit response to this...
Replies: 14
Views: 1619

I'm sure Mikrotik has a legit response to this...

These are the seatbelts and airbags of the software world. These numbers are unheard of in operating systems or (Web) browsers. Its just a sign that they’re not trying, https://www.reddit.com/r/mikrotik/comments/cqksvr/these_are_the_seatbelts_and_airbags_of_the/ How it is a all a misunderstanding, ...
by Joni
Mon Jul 22, 2019 8:18 pm
Forum: Forwarding Protocols
Topic: Problem with L2TP / IPSEC AND WINDOWS CLIENT
Replies: 2
Views: 2864

Re: Problem with L2TP / IPSEC AND WINDOWS CLIENT

It turns out that windows 10 was broken. I had to delete ALL WAN MINI PORTs in device manager and let windows reinstall them and now my vpn works fine. This <3 What made it confusing was that the same bug (windows updates) was affecting multiple (all) computers. (Remove in Windows / Device Manager ...
by Joni
Fri May 24, 2019 5:51 am
Forum: General
Topic: DNS Flag Day
Replies: 3
Views: 591

Re: DNS Flag Day

Just some follow up on the subject in general https://www.zdnet.com/article/dns-flag-day-2020-dns-servers-must-support-both-udp-and-tcp-queries/ accompanied by a quote from Mikrotik Wiki : A MikroTik router with DNS feature enabled can be set as a DNS server for any DNS-compliant client. Moreover, M...
by Joni
Tue Apr 16, 2019 11:11 pm
Forum: General
Topic: DHCP Option 51 (Apple, IP address lease time)
Replies: 0
Views: 302

DHCP Option 51 (Apple, IP address lease time)

This was an interesting read, any field experiences?

https://jimswirelessworld.wordpress.com ... option-51/

TLDR:
"Apple devices didn’t like having short lease times for its DHCP, Apple products will always request for 90 days."
by Joni
Wed Apr 10, 2019 1:00 pm
Forum: General
Topic: Mikrotik "Internet detect" problem
Replies: 18
Views: 5487

Re: Mikrotik "Internet detect" problem

Still not working on v6.43.13, WAN is never upgraded to Internet. [admin@GW]> /interface detect-internet state print terse 0 name=ether1-gateway state=no-link state-change-time=apr/10/2019 12:12:22 1 name=ether2-master-local state=lan state-change-time=apr/10/2019 12:12:22 2 name=ether3-slave-local ...
by Joni
Sat Apr 06, 2019 7:01 pm
Forum: General
Topic: Holy grail for Failover 2 Wans NO SCRIPTING
Replies: 14
Views: 2715

Re: Holy grail for Failover 2 Wans NO SCRIPTING

I really don't care about re-establishing the same connection on failover. That seems pie in the sky thinking. The old connection is gone caput, dead, I would expect to have to restart all my activity. The idea of failover is minimal disruption to service plus as the admin I dont have to intervene....
by Joni
Sat Apr 06, 2019 6:09 pm
Forum: General
Topic: Holy grail for Failover 2 Wans NO SCRIPTING
Replies: 14
Views: 2715

Re: Holy grail for Failover 2 Wans NO SCRIPTING

Overly complex Failover. Simple recursive routes (choose 1 or 2 public DNS) is just as effective, no mangling required. Nope. Established sessions (like VPN) never return to the primary connection. This is a recurring problem for Mikrotik that there doesn't exist vetted solutions which either funct...
by Joni
Fri Apr 05, 2019 7:14 pm
Forum: General
Topic: Holy grail for Failover 2 Wans NO SCRIPTING
Replies: 14
Views: 2715

Re: Holy grail for Failover 2 Wans NO SCRIPTING

Your definition holy grail would imply dhcp support for wan, this is nothing new.
by Joni
Mon Mar 25, 2019 9:43 pm
Forum: General
Topic: Remotely access Mikrotik router
Replies: 11
Views: 911

Re: Remotely access Mikrotik router

There is a much simpler way... dynamic whitelisting 1) Get a DynDNS client (or URL) on your client device (hint: could also be another Mikrotik device on the same client network https://wiki.mikrotik.com/wiki/Manual:IP/Cloud ) 2) Add that DynDNS name (not IP address) to Firewall address list in the ...
by Joni
Mon Mar 25, 2019 9:23 pm
Forum: General
Topic: Mikrotik and FreeRadius (DaloRADIUS)
Replies: 3
Views: 2341

Re: Mikrotik and FreeRadius (DaloRADIUS)

Just my five cents worth... a non-vetted review without running the product. I would instead highly recommend something in the lines of pfSense or OPNsense which are secure, modern, tested, vetted for "generations": https://turbofuture.com/internet/How-to-Set-Up-a-Radius-Server-on-pfSense-Using-the-...
by Joni
Mon Dec 31, 2018 3:11 pm
Forum: General
Topic: PWR-Line AP - problem with cominicate
Replies: 9
Views: 1641

Re: PWR-Line AP - problem with cominicate

I test a pair of these APs, but can't find a description. What is the maximum distance to work etc. https://mikrotik.com/product/pwr_line_ap says the PLC chipset is https://www.qualcomm.com/products/ar7420 which says Ethernet Standards: Home Plug 1.0, Home Plug AV, IEEE 802.3, IEEE 1900 Ethernet Ne...
by Joni
Sat Dec 29, 2018 11:30 am
Forum: General
Topic: PWR-Line AP - problem with cominicate
Replies: 9
Views: 1641

Re: PWR-Line AP - problem with cominicate

Typical Mikrotik, making a device with six leds and two buttons but not documenting more than one led in one state... reminds me of cAP Lite (RBcAPL-2nD-307)...
by Joni
Sat Dec 29, 2018 10:53 am
Forum: General
Topic: PWR-Line AP - problem with cominicate
Replies: 9
Views: 1641

Re: PWR-Line AP - problem with cominicate

Begin by trying to pair them on the same extension cord, side by side.
by Joni
Sat Dec 29, 2018 10:43 am
Forum: Wireless Networking
Topic: wAP LTE Kit International APN problem [SOLVED]
Replies: 24
Views: 5952

Re: wAP LTE Kit International APN problem [SOLVED]

YMMV! Check currently running R11e-LTE version ("MikroTik_CP_2.160.000_v006"): /interface lte info lte1 once Issue R11e-LTE "firmware update mode": /interface lte at-chat lte1 input="at+mififlag=1" Trigger update download, ~5MB (R11e-LTE has to be online, download is fetched via R11e-LTE connection,...
by Joni
Thu Dec 27, 2018 10:32 pm
Forum: Wireless Networking
Topic: wAP LTE Kit International APN problem [SOLVED]
Replies: 24
Views: 5952

Re: wAP LTE Kit International APN problem [SOLVED]

Bug is solved in newer wAPs because they come out with LTE firmware v8, you have v1. Ask support@mikrotik.com the guide to upgrade wAP's LTE firmware, and always upgrade wAPs to last stable version. You're referring to this? https://wiki.mikrotik.com/wiki/Manual:Interface/LTE#Modem_firmware_upgrade...
by Joni
Thu Dec 27, 2018 10:19 pm
Forum: Wireless Networking
Topic: wpa3
Replies: 5
Views: 1326

Re: wpa3

Just FYI... "Synology is the first manufacturer to produce WPA3 certified router, MR2200ac, WPA3-Personal, WPA3-Enterprise and Opportunistic Wireless Encryption (OWE), officially announced in October of 2018." https://www.modders-inc.com/synology-mr2200ac-mesh-router-review-first-wpa3-certified-wi-f...
by Joni
Tue Dec 18, 2018 9:06 pm
Forum: General
Topic: Enable TCP ECN for bandwidth efficiency
Replies: 9
Views: 4361

Re: Enable TCP ECN for bandwidth efficiency

It would be more interesting to know (as these are routers) which queue types, if any, support ECN
in MikroTik products.
https://wiki.mikrotik.com/wiki/Manual:I ... all/Filter
by Joni
Fri Nov 30, 2018 4:28 pm
Forum: Wireless Networking
Topic: Removing Mikrotik elements from beacons
Replies: 15
Views: 2471

Re: Removing Mikrotik elements from beacons

This is a vulnerability +1
by Joni
Mon Nov 12, 2018 2:06 pm
Forum: Wireless Networking
Topic: cAP ac /wAP ac: recommended TX power?
Replies: 3
Views: 1614

Re: cAP ac /wAP ac: recommended TX power?

It is much more safer to use the method I described that modifying the tx power directly. You risk damaging the wireless adapter if you accidentally adjust the tx power beyond the capacity of the card. Whereas, modifying the antenna gain allow the ROS to automatically adjust the tx power to ensure ...
by Joni
Wed Oct 31, 2018 9:20 am
Forum: General
Topic: Default config exports
Replies: 1
Views: 1507

Re: Default config exports

So executing "/system default-configuration print" on a "RB962UiGS-5HacT2HnT" (ie international hAP ac) running v6.42.7 (factory default) which is lost when upgrading to v6.42.9 (long-term, bugfix): script: :global ssid; #| RouterMode: #| * WAN port is protected by firewall and enabled DHCP client #...
by Joni
Thu Oct 25, 2018 12:54 pm
Forum: General
Topic: Feature request - DNSCrypt support...
Replies: 157
Views: 45824

Re: Feature request - DNSCrypt support...

DoH is incompatible with the basic architecture of the DNS because it moves control plane (signalling) messages to the data plane (message forwarding), and that's a no-no.
https://www.theregister.co.uk/2018/10/2 ... _standard/
by Joni
Thu Oct 18, 2018 2:59 pm
Forum: The Dude
Topic: The Dude scan kills network connectivity
Replies: 4
Views: 1219

Re: The Dude scan kills network connectivity

Mikrotik is notoriously famous for under performing MicroSD (compatibility?), and Dude uses a lot of I/O (in comparison to logging). Switch to USB and compare.
by Joni
Sat Oct 13, 2018 1:13 am
Forum: General
Topic: Forum (phpBB) functions missing / broken [SOLVED]
Replies: 1
Views: 375

Forum (phpBB) functions missing / broken [SOLVED]

How did you mark my post solved? I can't find any such feature? i the upper right corner of the post you will find 4 icons - one of them toggles solved/unsolved. well only yesterday i discovered the feature :-) 1) So I (apparently my account) have none of these, any OS any Browser, I only have "Rep...
by Joni
Fri Oct 12, 2018 11:52 pm
Forum: RouterBOARD hardware
Topic: SXT/LHG LTE KIT [SOLVED]
Replies: 4
Views: 1065

Re: SXT/LHG LTE KIT [SOLVED]

How did you mark my post solved? I can't find any such feature?
by Joni
Fri Oct 05, 2018 11:29 am
Forum: General
Topic: Default config exports
Replies: 1
Views: 1507

Default config exports

In the spirit of this, having to downgrade, export, upgrade, etc... I've found a different factory reset behavior after upgrading to v6.42.9. In v6.40.9 the interfaces, DHCP server, and firewall policies were included by default. Now in v6.42.9, only a static IP address of 192.168.88.1 is configured...
by Joni
Wed Oct 03, 2018 1:12 pm
Forum: Wireless Networking
Topic: Capsman client to client forwarding in local forwarding mode [SOLVED]
Replies: 6
Views: 3391

Re: Capsman client to client forwarding in local forwarding mode [SOLVED]

It's *really* unclear in the manual but set Multicast Helper to Full when using multiple VLANs or VLAN override from one SSID.

https://wiki.mikrotik.com/wiki/Manual:I ... g_override
Thank you, works <3
by Joni
Mon Sep 24, 2018 3:54 pm
Forum: Wireless Networking
Topic: Capsman client to client forwarding in local forwarding mode [SOLVED]
Replies: 6
Views: 3391

Re: Capsman client to client forwarding in local forwarding mode [SOLVED]

There is no (inside AP) client-to-client communication happening, neither on same SSID or other, what so ever (any device, os, etc), unless AP configured manually (Cap disabled) with default-forward and everything works. Client-to-client communication only works between different APs clients if port...
by Joni
Mon Sep 24, 2018 1:57 pm
Forum: Beginner Basics
Topic: Mikrotik SXT LTE powering issue
Replies: 1
Views: 272

Re: Mikrotik SXT LTE powering issue

With the included Mikrotik POE injector, with the included Mikrotik power adapter, via a ethernet cable of supported length?
by Joni
Mon Sep 24, 2018 12:29 pm
Forum: Wireless Networking
Topic: Capsman client to client forwarding in local forwarding mode [SOLVED]
Replies: 6
Views: 3391

Capsman client to client forwarding in local forwarding mode [SOLVED]

I wonder why it is that when with Capsman using datapath.local-forwarding=yes (ie local forwarding mode, also known as wireless default-forwarding) then datapath.client-to-client-forwarding is ignored / not supported, resulting in that you can basically only enable client-to-client-forwarding with "...
by Joni
Sun Sep 16, 2018 8:12 pm
Forum: General
Topic: DNSSEC
Replies: 33
Views: 10337

Re: DNSSEC

by Joni
Sat Sep 15, 2018 9:14 pm
Forum: Forwarding Protocols
Topic: Public IP over a tunnel ( SOLVED )
Replies: 34
Views: 8020

Re: Public IP over a tunnel ( SOLVED )

I am using a Hetzner Cloud VPS and ive found using a single vCPU, you can get around 400MBits, which ant bad at all. Adding an additional CPU produces around 800Mits. It seems to be CPU limited due to encryption so im looking at tweaking it a bit and see if can get a bit more out of it. Does Hetzne...
by Joni
Thu Sep 06, 2018 9:24 am
Forum: Announcements
Topic: Future of LTE products, user feedback requested
Replies: 86
Views: 20040

Re: Future of LTE products, user feedback requested

How about first fixing the issues with current hardware search.php?keywords=R11e-LTE
by Joni
Sat Sep 01, 2018 10:51 am
Forum: General
Topic: Bare metal CHR on Hetzner Dedicated
Replies: 3
Views: 1055

Re: Bare metal CHR on Hetzner Dedicated

Exact same issue viewtopic.php?t=114844
and almost same, except I can't ping out... viewtopic.php?t=83196
by Joni
Sat Sep 01, 2018 8:37 am
Forum: General
Topic: Bare metal CHR on Hetzner Dedicated
Replies: 3
Views: 1055

Re: Bare metal CHR on Hetzner Dedicated

To be specific, even assigning a one additional IP to the ether1-WAN interface doesn't respond to ping, with Linux it works without anything more than
ip address add a.b.c.d/32 dev eth0
by Joni
Fri Aug 31, 2018 11:07 pm
Forum: Beginner Basics
Topic: 5GHz Channel
Replies: 4
Views: 2072

Re: 5GHz Channel

My guess is that this would give a hint about D and DP: Made some reconfigurations. Looks like it's because of Skip DFS setting. When Skip DFS Channels is not checked this messages appears in logs and wi-fi interface setup is delayed for one minute: capfive-MikroTik ST-hAP-AC-Lite3-1: do radar detec...
by Joni
Fri Aug 31, 2018 8:29 pm
Forum: Scripting
Topic: Blacklisting seems popular, honeypot made simple
Replies: 12
Views: 2284

Re: Blacklisting seems popular, honeypot made simple

Remember that most internet users will be able to feed your blacklist by sending spoofed TCP SYN packets (with source address that they want you to block). IP source address filtering (to allow only source addresses that you "own") is not widely deployed. This makes it easy to DDoS and it would be ...
by Joni
Fri Aug 31, 2018 8:23 pm
Forum: Virtualization
Topic: CHR on OVH VPS SSD
Replies: 22
Views: 8194

Re: CHR on OVH VPS SSD

by Joni
Fri Aug 31, 2018 8:20 pm
Forum: General
Topic: Bare metal CHR on Hetzner Dedicated
Replies: 3
Views: 1055

Bare metal CHR on Hetzner Dedicated

cd /root && curl -O https://download2.mikrotik.com/routeros/6.42.3/chr-6.42.3.img.zip && gunzip -S .zip chr-6.42.3.img.zip dd if=/root/chr-6.42.3.img of=/dev/sda Tried this on Hetzner dedicated (bare metal, EX series, I know bm isn't officially supported but I don't want the virtualization maintena...
by Joni
Fri Aug 31, 2018 4:21 pm
Forum: Virtualization
Topic: CHR on OVH VPS SSD
Replies: 22
Views: 8194

Re: CHR on OVH VPS SSD

cd /root && curl -O https://download2.mikrotik.com/routeros/6.42.3/chr-6.42.3.img.zip && gunzip -S .zip chr-6.42.3.img.zip dd if=/root/chr-6.42.3.img of=/dev/sda Tried this on Hetzner dedicated (bare metal, EX series, I know bm isn't officially supported) however everything except routing (public i...
by Joni
Sun Aug 26, 2018 3:50 pm
Forum: General
Topic: Simple queues didn't work
Replies: 5
Views: 586

Re: Simple queues didn't work

Disable https://wiki.mikrotik.com/wiki/Manual:IP/Fasttrack

Torching disables Fasttrack temporarily
by Joni
Mon Aug 20, 2018 8:41 pm
Forum: Scripting
Topic: Blacklisting seems popular, honeypot made simple
Replies: 12
Views: 2284

Re: Blacklisting seems popular, honeypot made simple

So please add the port 23 to the "popular" list. At least in my case there is nothing there, but people keeps trying it. I must admit the port list is straight from Artillery and for some reason they left port 23 (Telnet) out... however I can't figure out a specific reason for leaving it out. I'll ...
by Joni
Mon Aug 20, 2018 6:15 pm
Forum: Scripting
Topic: Blacklisting seems popular, honeypot made simple
Replies: 12
Views: 2284

Re: Blacklisting seems popular, honeypot made simple

I'll grab hold of this later and push it to a test router I have to see what it does or doesn't break. Basically the only thing it can break at its current state is blocking non-whitelisted ip-addresses if you for some reason would have incoming WAN traffic from trusted IPs trying to access non-exi...
by Joni
Mon Aug 20, 2018 1:55 pm
Forum: Scripting
Topic: Blacklisting seems popular, honeypot made simple
Replies: 12
Views: 2284

Re: Blacklisting seems popular, honeypot made simple

There are many thing you can do to improve this. 1. Use a find command to find outside interface so that you do not need to change it when pasting commands. There are many things you can do too, post a updated version improving it accordingly ;) 2. Use the "place-before" commands, so that its not p...
by Joni
Mon Aug 20, 2018 1:26 pm
Forum: Scripting
Topic: Blacklisting seems popular, honeypot made simple
Replies: 12
Views: 2284

Blacklisting seems popular, honeypot made simple

Inspired by the now defunct Linux Portsentry (by Psionic, accuired by Cisco in 2002) revive by https://github.com/BinaryDefense/artillery (which unfortunately is still a bit rough around the edges) This is just a quick "oneliner" draft I'm running, YMMV, do not just blindly copy paste! You need to s...
by Joni
Tue Jun 26, 2018 12:14 pm
Forum: Wireless Networking
Topic: WPA3
Replies: 2
Views: 1465

Re: WPA3

by Joni
Thu May 03, 2018 4:08 pm
Forum: Announcements
Topic: v6.42.1 [current]
Replies: 272
Views: 45784

SNMP

SNMP: Looks like running Dude (on CCR1009-7G-1C-1S+, v6.42.1) and enabling IPv6 (in addition to IPv4) on it makes Dude unable to SNMP poll IPv4 agents (any make and model), however snmpwalk (from Dude) on same agent works (presumably uses / defaults to IPv4, which is obviously also wrong). Once you ...
by Joni
Wed Apr 18, 2018 3:36 pm
Forum: General
Topic: How to allow incomming ports from both isps
Replies: 2
Views: 326

Re: How to allow incomming ports from both isps

It's not about the incoming traffic, rather the returning traffic which takes the default route unless you use connection marking on the incoming traffic.

search.php?keywords=dual+wan

viewtopic.php?t=124993
by Joni
Tue Mar 20, 2018 8:58 am
Forum: General
Topic: Router OS default values - where to set them
Replies: 7
Views: 986

Re: Router OS default values - where to set them

Some values, when declared "default", inherit its values from the interface used. So, the "default" value isn't an arbitrary default. The real meaning is "use the already set value, to this interface, as the default for this connection". Guess what, we know what default means, guess what, we are ju...
by Joni
Mon Mar 19, 2018 7:26 pm
Forum: General
Topic: Router OS default values - where to set them
Replies: 7
Views: 986

Re: Router OS default values - where to set them

This, unfortunate ignorance of Mikrotik. I love the fact that someone has actually taken the time to write default = default in all value definitions in the wiki... However, many value defaults are listed in the wiki: change-tcp-mss (yes | no | default; Default: default) Modifies connection MSS sett...
by Joni
Tue Mar 13, 2018 9:48 am
Forum: Scripting
Topic: Built in function library
Replies: 55
Views: 14019

Re: Built in function library

You could also take into consideration the future possibility of executing scheduled remote scripts from The Dude on remote Device.
(ex collect backups from monitored devices)
by Joni
Fri Mar 09, 2018 9:02 am
Forum: Scripting
Topic: external editor syntax highlighting
Replies: 39
Views: 43073

Re: external editor syntax highlighting

How about contributing the package too... https://notepad-plus-plus.org/contribute/
by Joni
Fri Mar 09, 2018 8:52 am
Forum: Scripting
Topic: Built in function library
Replies: 55
Views: 14019

Re: Built in function library

If you want to really jumpstart the Mikrotik scripting community then you should probably review the php most common sought after functions. Also review scripts made for Mikrotik and the most commonly created functions there. Personally any and all validation functions (ip, dns, email, url, time, da...
by Joni
Mon Jan 08, 2018 1:05 pm
Forum: General
Topic: Feature request - DNSCrypt support...
Replies: 157
Views: 45824

Re: Feature request - DNSCrypt support...

Well that problem got resolved... funny how things turn out in completely unexcpected ways... wait, no... https://www.reddit.com/r/linux/comments ... abandoned/
by Joni
Fri Dec 29, 2017 2:18 pm
Forum: General
Topic: Feature Request: SAFE MODE time based
Replies: 16
Views: 1822

Re: Feature Request: SAFE MODE time based

Obvious requirement for a multitude of remote changes +1
by Joni
Tue Oct 24, 2017 7:45 pm
Forum: General
Topic: Feature request - DNSCrypt support...
Replies: 157
Views: 45824

Re: Feature request - DNSCrypt support...

Just emphasizing as many presume one with the other.
Could you reference the intention? It's not a authentication protocol but an encryption protocol... hence the name... not that it could fix SNI but since you specified intentions...
by Joni
Tue Oct 24, 2017 12:19 pm
Forum: General
Topic: Feature request - DNSCrypt support...
Replies: 157
Views: 45824

Re: Feature request - DNSCrypt support...

Well this isn't about websites, considering the current "HTTPS everywhere" movement this sounds a bit more than "only" , as SNI is a TLS extension, not HTTP. (just to elaborate how the implementation of DNSCrypt or DNS over TLS (DNSS) itself isn't much of an advancement, especially in relation to a ...
by Joni
Tue Oct 24, 2017 10:58 am
Forum: General
Topic: Feature request - DNSCrypt support...
Replies: 157
Views: 45824

Re: Feature request - DNSCrypt support...

Excellent point, DNSCrypt vs DNS over TLS However doesn't it have the same "issue"? (being a different protocol, HTTP(S) vs DNS) AFAIK, overly simplified the only difference being "Instead of relying on trusted certificate authorities commonly found in web browsers, the client has to explicitly trus...
by Joni
Tue Oct 24, 2017 8:55 am
Forum: General
Topic: Feature request - DNSCrypt support...
Replies: 157
Views: 45824

Re: Feature request - DNSCrypt support...

Since it is not mentioned yet... "However, just enabling "DNS over TLS" feature would not prevent your ISP to know what websites you visit. Server Name Indication (SNI) — an extension of the TLS protocol — also indicates ISPs that which hostname is being contacted by the browser at the beginning of ...
by Joni
Mon Oct 16, 2017 3:10 pm
Forum: General
Topic: Why firewall rules are so important...
Replies: 1
Views: 454

Why firewall rules are so important...

A Google search for "misconfigured" Mikrotik products...

https://www.google.com/search?q=intitle ... on+page%22

Mikrotik should probably at least remove the version number from the login page....
by Joni
Sat Sep 02, 2017 5:01 pm
Forum: General
Topic: Eth1 poe port won't do gigabit
Replies: 11
Views: 1893

Re: Eth1 poe port won't do gigabit

Same issue. Sent mine for inspection (RMA).
by Joni
Tue Mar 21, 2017 9:43 am
Forum: Wireless Networking
Topic: WLAN crashes on RouterBOARD 962UiGS-5HacT2HnT
Replies: 3
Views: 744

Re: WLAN crashes on RouterBOARD 962UiGS-5HacT2HnT

I have the same issue with 962UiGS-5HacT2HnT (hAP ac) running v6.38.5 . (no netinstall yet)
by Joni
Fri Feb 24, 2017 3:15 pm
Forum: Announcements
Topic: v6.38.3 [current]
Replies: 63
Views: 14731

Re: v6.38.3 [current]

Upgrading from 6.38.1 to 6.38.3 somehow broke a CRS109-8G-1S-2HnD-IN (lost all connectivity)
by Joni
Fri Jan 06, 2017 1:41 pm
Forum: General
Topic: btest.exe v0.1 auth fails (at least with v6.38)
Replies: 0
Views: 856

btest.exe v0.1 auth fails (at least with v6.38)

Running btest server on ROS v6.38 (current, stable) and btest.exe v0.1 on Win10 (64-bit), wirelessly between Win client and ROS AP, causes ROS log entry "login failure for user admin via bandwidth-test". The admin account exists and works for everything else (winbox/http/etc). On the btest.exe clien...
by Joni
Fri Dec 04, 2015 9:04 am
Forum: General
Topic: WAN NAT + WAN bridge + Forwarding
Replies: 0
Views: 541

WAN NAT + WAN bridge + Forwarding

So I'm trying to tie this up at home out of curiosity, how does one do properly the following configuration (on RB750GL / RB951G-2HnD): To get the main question out of the way: Why? Because it's really convenient, what one could consider out of the box features for any IoT home, and technically not ...