Community discussions

MikroTik App

Search found 839 matches

by nichky
Mon Nov 29, 2021 12:04 pm
Forum: Forwarding Protocols
Topic: How to put dynamic interfaces to specific VRF
Replies: 18
Views: 6181

Re: How to put dynamic interfaces to specific VRF

Also the one of the picture showing interface as blue.
not sure what does it mean, but i got your point. Clear enough
by nichky
Mon Nov 29, 2021 1:47 am
Forum: Forwarding Protocols
Topic: How to put dynamic interfaces to specific VRF
Replies: 18
Views: 6181

Re: How to put dynamic interfaces to specific VRF

This is false, removed interface is never replaced with another one, instead of the old name internal ID is displayed. I'm talking about v6. So if i put dynamic (ppp-server) interfaces into vrf. Once that interface bounces, will disappeared from the VRF list, which is understandable, but it will po...
by nichky
Sat Nov 27, 2021 1:20 am
Forum: Forwarding Protocols
Topic: How to put dynamic interfaces to specific VRF
Replies: 18
Views: 6181

Re: How to put dynamic interfaces to specific VRF

It is not possible at the moment, you need to add static pppoe entries in server list and then add them manually to vrf the problem is special with dynamic interfaces,when they are getting disconnected, automatically disappearing from VRF table (which is understandable). And its adding another inte...
by nichky
Fri Nov 26, 2021 12:33 am
Forum: General
Topic: ASK [CGNAT-port forwarding]
Replies: 9
Views: 690

Re: ASK [CGNAT-port forwarding]

it seem like that i found solution.

- CGNAT -
add action=dst-nat chain=dstnat dst-address=public-ip dst-port=89 protocol=tcp to-addresses=CPE-ip to-ports=80

- CPE -
add action=dst-nat chain=dstnat dst-address=CPE-ip src-address=public-ip to-addresses=server-ip

NAT is amazing!
by nichky
Thu Nov 25, 2021 10:56 am
Forum: General
Topic: ASK [CGNAT-port forwarding]
Replies: 9
Views: 690

Re: ASK [CGNAT-port forwarding]

It means there was some error in one of the dst-nat rules, or in some filter rules. im using different ports that is not an issue. The issue is from CGNAT i can't ping the server ip-ad (192.168.1.x) which is logical. That why i can make it work. This is basik e.g. add action=dst-nat chain=dstnat ds...
by nichky
Thu Nov 25, 2021 7:20 am
Forum: General
Topic: ASK [CGNAT-port forwarding]
Replies: 9
Views: 690

Re: ASK [CGNAT-port forwarding]

"I did not understand what you mean by "involving the server". that was bad explanation. I was trying to say that i want to be able to do port forwarding to the Server. On the router with public address, there must be a action=dst-nat rule with to-address=the.cgnat.address.of.custome...
by nichky
Wed Nov 24, 2021 9:55 pm
Forum: General
Topic: Why tool traceroute limited to 14 hops?
Replies: 10
Views: 561

Re: Why tool traceroute limited to 14 hops?

you can play with max-hops=x
by nichky
Wed Nov 24, 2021 10:37 am
Forum: General
Topic: ASK [CGNAT-port forwarding]
Replies: 9
Views: 690

Re: ASK [CGNAT-port forwarding]

give me an example.
How the rule should look like?
I cna do PF to the CPE01 , if i conf that rule on CGNAT-router.
My goal is how to involve the server on that
by nichky
Tue Nov 23, 2021 10:24 pm
Forum: General
Topic: ASK [CGNAT-port forwarding]
Replies: 9
Views: 690

Re: ASK [CGNAT-port forwarding]

im not saying that. let say CGNAT is R2 which is connected to the gateway router (R1), and i have assigned only one public ip-address (R1==>R2) for some customers (i'm sharing the public ip-address,that is the purpose of cgnat). Everything works fine, just im wondering whether i can do port forwardi...
by nichky
Tue Nov 23, 2021 7:40 am
Forum: General
Topic: Windows 7 Ikev2 Split Include
Replies: 5
Views: 608

Re: Windows 7 Ikev2 Split Include

i think any windows doesn't support the Split Include option.
For windows i'm using open vpn, that allows you to do that
by nichky
Tue Nov 23, 2021 2:41 am
Forum: The User Manager
Topic: slow connection speed
Replies: 2
Views: 510

Re: slow connection speed

So you got 1gbps network speed from an ISP.
And you watching youtube videos how to set it up?
I'm assuming that you are you are not going to deliver internet to the customers
by nichky
Tue Nov 23, 2021 12:37 am
Forum: Announcements
Topic: v6.49.1 [stable] is released!
Replies: 129
Views: 19019

Re: v6.49.1 [stable] is released!

in regarding to Device-mode,i'm not really understand what flagged does. wiki saying: "If the system has detected unauthorized access to RouterOS, the status "flagged" is set to yes. If "flagged" is set to yes, for your safety, certain limitations are put in place. See below...
by nichky
Mon Nov 22, 2021 1:58 am
Forum: General
Topic: ASK [CGNAT-port forwarding]
Replies: 9
Views: 690

ASK [CGNAT-port forwarding]

In my case i'm using CGNAT, which is working well! I'm sharing only one public ip-address for my clinets. What im trying to do now is, port forwarding for the server (client). E.g. is simple, CPE01 is the end user and they have some server , and they what to use port forwarding fot that. Any tip how...
by nichky
Sat Nov 20, 2021 8:53 am
Forum: General
Topic: OpenVPN server and duplicate packets
Replies: 35
Views: 62773

Re: OpenVPN server and duplicate packets

please help, i have the same problem
Can you get OVPN working?
by nichky
Fri Nov 19, 2021 10:12 am
Forum: General
Topic: nothing
Replies: 7
Views: 599

Re: I want some answers for some questions

I'm not sure that this makes any sense.
Put this why, the child are borrowing bandwidth from the parent.
If you dont have them, from where they will get ?
limit at works only for the child.
The order is important for that.
by nichky
Fri Nov 19, 2021 9:28 am
Forum: General
Topic: nothing
Replies: 7
Views: 599

Re: I want some answers for some questions

wow asl pls
by nichky
Fri Nov 19, 2021 3:05 am
Forum: General
Topic: IPsec ignores connection-mark
Replies: 11
Views: 681

Re: IPsec ignores connection-mark

that makes lot of sense.

Thanks a lot
by nichky
Thu Nov 18, 2021 11:25 am
Forum: General
Topic: IPsec ignores connection-mark
Replies: 11
Views: 681

Re: IPsec ignores connection-mark

same as here
by nichky
Thu Nov 18, 2021 11:22 am
Forum: General
Topic: IPsec ignores connection-mark
Replies: 11
Views: 681

Re: IPsec ignores connection-mark

fala puno

maybe is not good idea for me to jump here. Because you have replayed on my one. This router is behind NAT, and im using in only for VPN
by nichky
Thu Nov 18, 2021 5:45 am
Forum: Beginner Basics
Topic: What wrong with queue?
Replies: 4
Views: 674

Re: What wrong with queue?

Did you try another "Queue Type" like default or default-small insteed of ethernet-default? of course. every queue type dropping thousands of packets. have you got "use ip firewall" enabled? if you meaning "ip firewall" from bridge settings - no, its disabled. enable i...
by nichky
Thu Nov 18, 2021 5:39 am
Forum: Announcements
Topic: v6.49.1 [stable] is released!
Replies: 129
Views: 19019

Re: v6.49.1 [stable] is released!

interesting, /sys shutdown, doesn't affect device-mode, which is greater!
by nichky
Thu Nov 18, 2021 5:04 am
Forum: General
Topic: IPsec ignores connection-mark
Replies: 11
Views: 681

Re: IPsec ignores connection-mark

in my case i can't see ESP in the connection tracking , not sure why
by nichky
Wed Nov 17, 2021 2:26 am
Forum: Forwarding Protocols
Topic: IS-IS
Replies: 54
Views: 22108

Re: IS-IS

@mrz

I'm 100% sure that IS-IS would be better solution than RIP.
As you mentioned above "OSPF which is also coooool protocol :)".
So why RIP is still existing?
by nichky
Wed Nov 17, 2021 2:02 am
Forum: Beginner Basics
Topic: What wrong with queue?
Replies: 4
Views: 674

Re: What wrong with queue?

have you got "use ip firewall" enabled?
by nichky
Mon Nov 15, 2021 11:23 pm
Forum: General
Topic: VPN P2P + L2TP clients.
Replies: 8
Views: 1024

Re: VPN P2P + L2TP clients.

put this way, you should have static/dynamic route to be able to reach other site.(as long as they have different range).
If they have same , that is different story (you need to play with NAT).

I'm saying by theory how should be.
I didn't see your config to tell you where you making mistake
by nichky
Fri Nov 12, 2021 4:56 pm
Forum: General
Topic: VPN P2P + L2TP clients.
Replies: 8
Views: 1024

Re: VPN P2P + L2TP clients.

you need to add static route, or play with dynamic roughing protocol like RIP & OSPF
by nichky
Fri Nov 12, 2021 5:04 am
Forum: General
Topic: ASK [ script-help]
Replies: 0
Views: 472

ASK [ script-help]

i got this script working,

:if ([/routing bgp peer find name=peer-R3 disabled]) do={/ip route disable [find where dst-address~"10.10.10.1"]}

but im not sure who to do, i want the static route to be ebalner when bgp sesion back online?
by nichky
Thu Nov 11, 2021 12:20 am
Forum: General
Topic: Block torrent downloads
Replies: 10
Views: 1017

Re: Block torrent downloads

Hi nichy,
What is the reference for 192.168.50.0/24 is that supposed to represent a private LAN behind the router that you want to control torrent access too??
yes , that is correct.
by nichky
Wed Nov 10, 2021 11:50 pm
Forum: General
Topic: Block torrent downloads
Replies: 10
Views: 1017

Re: Block torrent downloads

try this : layer7-bittorrent-exp: ^(\x13bittorrent protocol|azver\x01$|get /scrape\?info_hash=get /announce\?info_hash=|get /client/bitcomet/|GET /data\?fid=)|d1:ad2:id20:|\x08'7P\)[RP] /ip firewall filter add action=add-src-to-address-list address-list=Torrent-Conn address-list-timeout=2m chain=for...
by nichky
Fri Nov 05, 2021 9:46 pm
Forum: Forwarding Protocols
Topic: QinQ vlan bridging
Replies: 3
Views: 726

Re: QinQ vlan bridging

the easy way would be do vlan-filtering on those routers.
Then you can use tunneling method by ticking "use service tag"
by nichky
Thu Nov 04, 2021 11:21 am
Forum: Wireless Networking
Topic: wireless, problem, android
Replies: 18
Views: 2467

Re: wireless, problem, android

/interface wireless set [ find default-name=wlan1 ] adaptive-noise-immunity=none allow-sharedkey=false preamble-mode=both set [ find ] security-profile=default wmm-support=disabled i really what to know what this does [allow-sharedkey] Can you please add more. /interface wireless security-profiles ...
by nichky
Tue Nov 02, 2021 10:01 pm
Forum: General
Topic: Site-to-site IPsec with VRFs
Replies: 2
Views: 1029

Re: Site-to-site IPsec with VRFs

you should be using Route Leaking.
That is the basic e.g.

/ip route rule
add routing-mark=vrf src-address=local-ip table=main
add dst-address=local-ip table=vrf
by nichky
Tue Nov 02, 2021 5:30 am
Forum: General
Topic: ASK [Love-Vlans :)]
Replies: 8
Views: 712

Re: ASK [Love-Vlans :)]

i was worry about whether is a proper way to use hybrid port.
As far as i can understand , we come to conclusion that i can use it.
Mikrotik allows that for vlan filtering.
So the rest of would be easy, for me to fix everything up
by nichky
Mon Nov 01, 2021 9:56 pm
Forum: General
Topic: ASK [Love-Vlans :)]
Replies: 8
Views: 712

Re: ASK [Love-Vlans :)]

So the topology where is simple,
Basicly 10.0.2.2 is the switch, then i got another router and another wireless link.

So vl-22 is /28 (means, got more wireless antennas)

vl-2 is the management vlan(at all routers i ll be using vlan filtering)
vl -200 and 201 would be for pppoe
by nichky
Mon Nov 01, 2021 9:05 pm
Forum: General
Topic: ASK [Love-Vlans :)]
Replies: 8
Views: 712

Re: ASK [Love-Vlans :)]

Thanks @anav imagine that is all MT, even with the ubiquiti would be the same story. I want to be hybrid port because i want to untag at the wireless equipments (all of them). The antennas will be only bridge i don't want to assign any vlan on them With the taget port i will to diveret diferent serv...
by nichky
Mon Nov 01, 2021 6:36 am
Forum: General
Topic: ASK [Love-Vlans :)]
Replies: 8
Views: 712

ASK [Love-Vlans :)]

i got simple config. My question is whether is the right way to do tag/untag one single interface. I'm delivering vlans over the wireless link and i want to be untag-21 vlan at the AP---St and tag vlan-2 at the equipments connected to the Station. I got this working, just i'm wondering whether is th...
by nichky
Sat Oct 30, 2021 1:21 pm
Forum: RouterBOARD hardware
Topic: Can you load config between routers?
Replies: 4
Views: 1005

Re: Can you load config between routers?

This is more advanced.
I have tested. Works well

https://github.com/svlsResearch/ha-mikrotik
by nichky
Thu Oct 28, 2021 11:23 pm
Forum: General
Topic: IPSEC performance problem
Replies: 17
Views: 4072

Re: IPSEC performance problem

(147.700.000 Mbits/s / 12.170 packets/s) / 8 bits/byte = 1517 bytes/packet, which means that the fragmentation is not the issue here - if it was, the result would be around 800 bytes/packet.
sorry @sindy quick one
from where 8 bits/byte comming from?
by nichky
Thu Oct 28, 2021 11:54 am
Forum: General
Topic: IPSEC performance problem
Replies: 17
Views: 4072

Re: IPSEC performance problem

for ipsec i'm using hEX S on both sites.

@WojtusW5 given me an idea ,im not sure whether is possible or not.

So hEX S it self has 4 CPU Count.
Im wondering it is possible to resevated 2 CPU Count for 19 crypto.
Even if it is possible, should i expect any improvement?
by nichky
Mon Oct 25, 2021 1:03 pm
Forum: General
Topic: ASK [IPsec-ESP]
Replies: 0
Views: 405

ASK [IPsec-ESP]

i got ipsec which is working fine.

Im wondering one thing.
Why im not able to see ESP in the connection tracking [/ ip firewall connection print where protocol~"esp"]?
See the following attached files
by nichky
Mon Oct 25, 2021 3:11 am
Forum: General
Topic: 2 public ip in mikrotik !!!!
Replies: 6
Views: 599

Re: 2 public ip in mikrotik !!!!

@bpwl advice exactly what you need to do.
Just copy/paste (i'm assuming that you have done correctly)

just im wondering where is your LAN ip?
Regarding your last picture, i'm not able to see it
by nichky
Sat Oct 23, 2021 8:14 am
Forum: General
Topic: src address
Replies: 2
Views: 435

Re: src address

also tracert is required.
/tool traceroute address=1.1.1.1
and with src-address.
I'm assuming that this router is behind NAT
by nichky
Sun Oct 17, 2021 2:11 pm
Forum: General
Topic: System -> Profile -> SPI?
Replies: 1
Views: 305

Re: System -> Profile -> SPI?

by nichky
Fri Oct 15, 2021 2:00 pm
Forum: General
Topic: valn1 offering lease 172.11.x.xx for 38:30:F9:xx:xx:xx without success
Replies: 8
Views: 946

Re: valn1 offering lease 172.11.x.xx for 38:30:F9:xx:xx:xx without success

Always Broadcast respond to requests with a broadcast instead of unicast.
This can be helpful to diagnostics, and dhcp snooping. Though I've found that many devices don't. accept broadcast responses, AND it causes more "noise" on the LAN.
- IntrusDave -

is that what you after?
by nichky
Fri Oct 15, 2021 5:24 am
Forum: General
Topic: [ASK] PPPoE vlan filtering
Replies: 2
Views: 412

Re: [ASK] PPPoE vlan filtering

i did try that, see what i have missed:


/interface bridge vlan add bridge=br-vl tagged=ether3,br-vl vlan-ids=20

Thanks!
by nichky
Fri Oct 15, 2021 1:54 am
Forum: General
Topic: [ASK] PPPoE vlan filtering
Replies: 2
Views: 412

[ASK] PPPoE vlan filtering

I got simple scenario where i want to deliver pppoe to the clients by using vlan-filtering. The config that im posting is from my MAIN router, Plese note everything works. What im asking is , whether this right way to go /interface bridge add name=br-ppp add name=br-vl vlan-filtering=yes /interface ...
by nichky
Wed Oct 13, 2021 5:24 am
Forum: General
Topic: How to create multiple EoIP tunnels ?
Replies: 32
Views: 13086

Re: How to create multiple EoIP tunnels ?

@sindy

correct if i'm working.
Split horizon works only between virtual interfaces

/interface bridge add name=A
/interface bridge port add bridge=A interface=A1toA2 horizon=1
/interface bridge port add bridge=A interface=A1toA3 horizon=1
by nichky
Mon Oct 11, 2021 12:00 pm
Forum: General
Topic: MTU issue on VLAN
Replies: 1
Views: 318

Re: MTU issue on VLAN

take a look this e.g.

/interface ethernet
set [ find default-name=etherx ] l2mtu=1800

/interface vlan
add interface=etherx mtu=1700 name=vlan1 vlan-id=x
by nichky
Sun Oct 10, 2021 7:14 am
Forum: General
Topic: Facebook Photos are not loading
Replies: 4
Views: 1396

Re: Facebook Photos are not loading

to me sounds like mtu issues.
Packet sniffer will help us to diagnostic the issues
by nichky
Fri Oct 08, 2021 3:14 am
Forum: Announcements
Topic: v6.49 [stable] is released!
Replies: 240
Views: 49991

Re: v6.49 [stable] is released!

what "fec-mode" does?
by nichky
Sat Oct 02, 2021 10:22 am
Forum: General
Topic: ASK [caps-manager]
Replies: 10
Views: 904

Re: ASK [caps-manager]

@Guntis

can you update the wiki, saying that this features does not work for local forwarding
by nichky
Sat Oct 02, 2021 10:12 am
Forum: General
Topic: ASK [caps-manager]
Replies: 10
Views: 904

Re: ASK [caps-manager]

Thanks a lot sindy.
i got this working.

One noted here, my devices are getting ip-add, but i can't see it on lease, is that how it works?

jebote, kako detalno objasvis (ovi koi su staf,nemoze tako da urade ) svaka chas majstore, puno volim to sta radis!!
by nichky
Sat Oct 02, 2021 12:20 am
Forum: General
Topic: ASK [caps-manager]
Replies: 10
Views: 904

Re: ASK [caps-manager]

i'm scared that will not fit i'm ny config. i got vlans between all devices. And i got local-forwarding for some reason.
That is most for bridged configuration. I'll play around
by nichky
Fri Oct 01, 2021 2:01 am
Forum: General
Topic: ASK [caps-manager]
Replies: 10
Views: 904

Re: ASK [caps-manager]

hi sindy What you saying, that completely sense. What i'm getting confusion is: - by using local-forwarding, any single CAP has vlan-id and that vlan has dhcp-server. - im assuming that caps-man-addresses: 192.168.250.1 is the gateway ip of the CAPsMAN. According to the i don't need to do dhcp-serve...
by nichky
Thu Sep 30, 2021 1:08 pm
Forum: General
Topic: ASK [caps-manager]
Replies: 10
Views: 904

Re: ASK [caps-manager]

no, sorry i think the other way around
by nichky
Thu Sep 30, 2021 1:02 pm
Forum: General
Topic: ASK [caps-manager]
Replies: 10
Views: 904

Re: ASK [caps-manager]

i think that make more sense for local-forwarding
by nichky
Thu Sep 30, 2021 6:47 am
Forum: General
Topic: ASK [caps-manager]
Replies: 10
Views: 904

ASK [caps-manager]

Anyone know what caps-manager does?
Im using a CAPsMAN a lot. So maybe i'll find useful once i got idea what really this does
by nichky
Thu Sep 30, 2021 3:06 am
Forum: General
Topic: HW offload bridging
Replies: 24
Views: 1763

Re: HW offload bridging

on mt wiki regarding Tag Stacking, there is no clear explanation, i mean the e.g. itself.

https://wiki.mikrotik.com/wiki/Manual:B ... g_Stacking
by nichky
Sat Sep 25, 2021 11:21 am
Forum: General
Topic: Slow EOIP tunnel in one direction
Replies: 24
Views: 2184

Re: Slow EOIP tunnel in one direction

have you tried other tunnels?
if you really need to be bridged,then you can play with BCP,and compare the result
by nichky
Tue Sep 21, 2021 1:53 am
Forum: General
Topic: Slow EOIP tunnel in one direction
Replies: 24
Views: 2184

Re: Slow EOIP tunnel in one direction

@sindy

i wish if i can get all your suggestion regarding troubleshoot for the tunnels & VPNs into website.
So i can easily read through
by nichky
Sun Sep 19, 2021 9:24 am
Forum: Forwarding Protocols
Topic: Multi-Homed BGP over two Edge Routers
Replies: 4
Views: 1446

Re: Multi-Homed BGP over two Edge Routers

can you show us how the routing table looks like on RA&RB
by nichky
Sat Sep 18, 2021 5:45 am
Forum: Beginner Basics
Topic: Deep Dive MT Switching
Replies: 5
Views: 902

Re: Deep Dive MT Switching

i'm not sure why MikroTik wants to make "ingress filtering" disabled by default.
That will not allow us to use tunnel between two sites by using "user service tag"
by nichky
Fri Sep 17, 2021 5:16 am
Forum: General
Topic: Redundant or at least failover IPSec VPN Tunnels [SOLVED]
Replies: 6
Views: 747

Re: Redundant or at least failover IPSec VPN Tunnels [SOLVED]

or what you can do here is, use mode config, then once the site get an ip-address you can run ipip tunnel.
That would be more advanced.
by nichky
Wed Sep 15, 2021 10:22 am
Forum: General
Topic: L2TP Caller ID empty
Replies: 2
Views: 530

Re: L2TP Caller ID empty

can you extend Caller ID on your MT, and alos can we get expot on
secret , profile letp-server and pptp server
by nichky
Wed Sep 15, 2021 9:21 am
Forum: Forwarding Protocols
Topic: OSPF Out Filter
Replies: 6
Views: 1283

Re: OSPF Out Filter

read above what mrz said, he gave you the answer.
He pointed out on backbone are.
If you want to filter other LSAs , than you need to use none-backbone area
by nichky
Tue Sep 14, 2021 8:31 am
Forum: General
Topic: Constant Reboots
Replies: 3
Views: 434

Re: Constant Reboots

what Mr.profile saying?
by nichky
Tue Sep 14, 2021 2:32 am
Forum: Forwarding Protocols
Topic: OSPF Out Filter
Replies: 6
Views: 1283

Re: OSPF Out Filter

that is from my experience,
maye Guru will say something different than i did above
by nichky
Tue Sep 14, 2021 2:11 am
Forum: Forwarding Protocols
Topic: OSPF Out Filter
Replies: 6
Views: 1283

Re: OSPF Out Filter

is that on backbone area?
As far as i know filters doesn't work on that area
by nichky
Sun Sep 12, 2021 11:07 am
Forum: General
Topic: Mangle + NAT + Policy Routing
Replies: 11
Views: 4493

Re: Mangle + NAT + Policy Routing

wow, hvala brate I didn't need to touch this one "/interface ovpn-server server set default-profile=ovpn-profile". As fas as i know /ppp profile has priority than /interface xxx-server, is that corect? ne znam od koju dizavu si tachno,ali kad idem na balkanu pozvachute, svaka chas majstore!!
by nichky
Sun Sep 12, 2021 2:29 am
Forum: General
Topic: Mangle + NAT + Policy Routing
Replies: 11
Views: 4493

Re: Mangle + NAT + Policy Routing

hi sindy, The MT that has this rules is OVPN -Server. What is my goal here: by using this rules i want to masq the traffic going to the ovpn clients, so i what that to allow me to get access to them, without adding any routes from the client perspective. Currently i'm using this rule which it does w...
by nichky
Sat Sep 11, 2021 1:07 pm
Forum: General
Topic: Mangle + NAT + Policy Routing
Replies: 11
Views: 4493

Re: Mangle + NAT + Policy Routing

still it doesne work, i need that for OpenVPN, cant make it work [quote]/ip firewall mangle add action=mark-connection chain=prerouting comment=OpenVPN in-interface=ether9 new-connection-mark=ovpn.conn passthrough=yes protocol=tcp src-port=1198 /ip firewall nat add action=masquerade chain=srcnat con...
by nichky
Fri Sep 10, 2021 4:48 am
Forum: Announcements
Topic: WinBox v3.30 released!
Replies: 59
Views: 8104

Re: WinBox v3.30 released!

on bgp , show columns doesn't work for in and out filter, one always missing
by nichky
Wed Sep 08, 2021 7:52 am
Forum: General
Topic: VPN speed issue (How to change the router MAC address) [SOLVED]
Replies: 51
Views: 2753

Re: VPN speed issue (How to change the router MAC address) [SOLVED]

@SiB

i thing we can get this work by using 2 eoip tunnels + bonding rr.
BCP was bad scenario
by nichky
Wed Sep 08, 2021 7:28 am
Forum: General
Topic: VPN speed issue (How to change the router MAC address) [SOLVED]
Replies: 51
Views: 2753

Re: VPN speed issue (How to change the router MAC address) [SOLVED]

nichky write: intresting. I'm assuming you combine l2tp with ipsec Clear L2TP what is done between both MikroTik. Two location have CRS125 (1xCPU 600Mhz without IPSec acceleration) and Site A ISP Orange 300/100 Site B ISP ATMan 100/100 I cannot reach stable 80/80 between them at any VPN I configure...
by nichky
Tue Sep 07, 2021 1:46 pm
Forum: General
Topic: VPN speed issue (How to change the router MAC address) [SOLVED]
Replies: 51
Views: 2753

Re: VPN speed issue (How to change the router MAC address) [SOLVED]

Solution was at #26 by disable fasttrack-connection and this #26 should be marked as SOLVED tag.. About limit 40Mbps I discover it at all RB who not have a IPSec acceleration. PPTP and L2TP etc have limit ~40Mbps per one vpn connection. I do a both type vpn and use them in route as ECMP. I can reac...
by nichky
Sun Sep 05, 2021 1:52 pm
Forum: General
Topic: VPN speed issue (How to change the router MAC address) [SOLVED]
Replies: 51
Views: 2753

Re: VPN speed issue (How to change the router MAC address) [SOLVED]

@rextended

you saying (MT wiki) that if we change the TTL on the LTI we would be able to get more bandwidth, why is that?
Cant find any logical explanation
by nichky
Fri Aug 27, 2021 12:51 am
Forum: Forwarding Protocols
Topic: PPPoE Server over BGP VPLS signaling
Replies: 5
Views: 1621

Re: PPPoE Server over BGP VPLS signaling

from R2 where pppoe terminate, can you ping the remote ip -address.
Then do traceroute to google and see where is stopping

For me it seems like thet layer 2 is fine, you need to check something on R1 where you internet is.
by nichky
Thu Aug 26, 2021 12:20 pm
Forum: Forwarding Protocols
Topic: PPPoE Server over BGP VPLS signaling
Replies: 5
Views: 1621

Re: PPPoE Server over BGP VPLS signaling

of course, vpls is down
by nichky
Thu Aug 26, 2021 7:55 am
Forum: Forwarding Protocols
Topic: PPPoE Server over BGP VPLS signaling
Replies: 5
Views: 1621

Re: PPPoE Server over BGP VPLS signaling

what have you bridget in to vpls-bridge.
Can't see that you put anything in there
by nichky
Tue Aug 24, 2021 9:44 am
Forum: RouterOS v7 BETA
Topic: Layer-3 MPLS VPN
Replies: 8
Views: 2884

Re: Layer-3 MPLS VPN

I will not run any of those protocol on v7.
Not for now.
I had case where i wasn't able to establish ospf between vlans.
So i learned the lesson :)
by nichky
Tue Aug 24, 2021 12:26 am
Forum: Announcements
Topic: v6.48.4 [stable] is released!
Replies: 76
Views: 41115

Re: v6.48.4 [stable] is released!

i really what to know in which cases can i use
*) winbox - added "interworking-profile" parameter under "Wireless" menu;
by nichky
Mon Aug 23, 2021 4:54 am
Forum: General
Topic: ASK [QoS pcq]
Replies: 3
Views: 576

Re: ASK [QoS pcq]

is there any basic diagram , i mean any recommendation how we can play with queue size?
by nichky
Fri Aug 20, 2021 12:30 am
Forum: General
Topic: ASK [QoS pcq]
Replies: 3
Views: 576

ASK [QoS pcq]

how can i properly calculate total queue size for pcq.

queue size= 100 (number of clients)
total queue size=? ( i got 200mbs available)
by nichky
Mon Aug 16, 2021 11:46 pm
Forum: Beginner Basics
Topic: use-local-address ip>cloud
Replies: 7
Views: 2545

Re: use-local-address ip>cloud

@msatter

that is fine, you don't need "use-local-address" to be able to do this
by nichky
Mon Aug 16, 2021 1:04 pm
Forum: Beginner Basics
Topic: use-local-address ip>cloud
Replies: 7
Views: 2545

Re: use-local-address ip>cloud

still not sure what this does and where can we use that
by nichky
Sat Aug 14, 2021 11:58 pm
Forum: General
Topic: RDP and other services over VPN
Replies: 9
Views: 833

Re: RDP and other services over VPN

@MickeyT i think you didn't get me. I don't worry about the config , i got ovpn running on my router behind NAT, and the rule that im using is (on my main rb) NAT add action=dst-nat chain=dstnat comment=OpenVPN dst-port=1194 in-interface-list=WAN protocol=tcp to-addresses=local_ovpn what im asking i...
by nichky
Sat Aug 14, 2021 1:16 pm
Forum: General
Topic: RDP and other services over VPN
Replies: 9
Views: 833

Re: RDP and other services over VPN

@MickeyT for e.g. what? how easy can i test this rule. Also i'm using ovpn , it allows me to do everything as well. I'm trying to get deep and dive in to your rule. Im asking for some basic examples basic e.g. if i add on nat add action=masquerade chain=srcnat out-interface=ovpn-client. i can get ac...
by nichky
Sat Aug 07, 2021 2:21 am
Forum: Forwarding Protocols
Topic: BGP is not sending default routed
Replies: 4
Views: 1598

Re: BGP is not sending default routed

you got five peers. on which one it doesn't send the default route?
by nichky
Wed Aug 04, 2021 6:32 am
Forum: General
Topic: ASK [cap-virtual interfaces]
Replies: 0
Views: 545

ASK [cap-virtual interfaces]

Hi there,
whenever i disable/enable the cap mode on wireless, or let say capsman router get rebooted, disconnection or whatever , it's creating automatically virtual interfaces.
How can i stop that ?
see the picture below
by nichky
Sun Aug 01, 2021 12:03 pm
Forum: Wireless Networking
Topic: wmm in capsman
Replies: 5
Views: 837

Re: wmm in capsman

cap
by nichky
Fri Jul 30, 2021 1:07 pm
Forum: General
Topic: ASK [VPN-NAT]
Replies: 1
Views: 263

Re: ASK [VPN-NAT]

it seems that in-interface fixed
by nichky
Fri Jul 30, 2021 5:49 am
Forum: General
Topic: ASK [VPN-NAT]
Replies: 1
Views: 263

ASK [VPN-NAT]

i got this scenario i got VPN (l2tp+ipsec) router behind NAT - And on my MAIN router i got NAT helper for my VPN router nat add action=dst-nat chain=dstnat comment=vpn dst-port=500,4500 protocol=udp to-addresses=192.168.x.x add action=dst-nat chain=dstnat protocol=ipsec-esp to-addresses=192.168.x.x ...
by nichky
Tue Jul 27, 2021 12:38 pm
Forum: Beginner Basics
Topic: I need to know some basics
Replies: 3
Views: 566

Re: I need to know some basics

you just to make the Huawei as bridge mode, and pppoe connection will terminate into RB2011
That is all you need to do
by nichky
Thu Jul 22, 2021 8:23 am
Forum: General
Topic: ospf failure to receive valid multicast 224.0.0.5 Hello
Replies: 4
Views: 465

Re: ospf failure to receive valid multicast 224.0.0.5 Hello

@homerwsmith
probably you are running with default network type.
In your case don't need it.

@mrz
in this case does multicast-helper=full will help, even if he is running with unrecommended network-type?
by nichky
Tue Jul 20, 2021 4:17 am
Forum: General
Topic: CAPS Man & different WIFI channel config
Replies: 22
Views: 1435

Re: CAPS Man & different WIFI channel config

thanks @rextended for your #2post.

That makes a lot of sense, and can answer lot of questions
by nichky
Mon Jul 19, 2021 9:20 am
Forum: General
Topic: ASK [current tx power]
Replies: 2
Views: 443

Re: ASK [current tx power]

even spectral-scan for 5mhz is totally broken
by nichky
Sun Jul 18, 2021 1:33 pm
Forum: General
Topic: ASK [current tx power]
Replies: 2
Views: 443

ASK [current tx power]

why current tx power doesn't work any more?
That was so useful feature
by nichky
Sun Jul 18, 2021 1:26 pm
Forum: General
Topic: Simple Queue - Total?
Replies: 3
Views: 561

Re: Simple Queue - Total?

Just i did some testing. From what i can see total-max-limit has priority than max-limit ,i think that is all about. e.g. /queue simple add max-limit=5M/5M name=queue1 target=192.168.88.2 total-max-limit=2M Limitation would be on 2m, and its same for all parameters. Just use your imagination where a...
by nichky
Sun Jul 18, 2021 1:11 pm
Forum: General
Topic: Simple Queue - Total?
Replies: 3
Views: 561

Re: Simple Queue - Total?

have you played with that? on wiki sayang (i picked one of them) "total-limit-at (NUMBER/NUMBER): corresponds to limit-at" so try: /queue simple add limit-at=2m/1m total-limit-at=3m/2m or other way around. Of course, you have to fill the rest of max limit, burst if you want however, they s...
by nichky
Sat Jul 17, 2021 9:58 am
Forum: Beginner Basics
Topic: I am able to ping wireless router from winbox but cannot open in web browser
Replies: 7
Views: 763

Re: I am able to ping wireless router from winbox but cannot open in web browser

i need to see other site,
from what i can see here,the gateway is 1modem.

from this router can you ping out?

pls check this out
https://help.mikrotik.com/docs/display/ ... figuration
by nichky
Sat Jul 17, 2021 9:34 am
Forum: Beginner Basics
Topic: I am able to ping wireless router from winbox but cannot open in web browser
Replies: 7
Views: 763

Re: I am able to ping wireless router from winbox but cannot open in web browser

/export hide-sensitive
Do traceroute, see where does it stop

If you are totally now in MT world, would be tricky part.
We can try. Otherwise you can contact some of the consultants to help you out
by nichky
Sat Jul 17, 2021 9:08 am
Forum: Beginner Basics
Topic: I am able to ping wireless router from winbox but cannot open in web browser
Replies: 7
Views: 763

Re: I am able to ping wireless router from winbox but cannot open in web browser

We need to see the config, but according from what you have explained here, it seems like it's missing a route, you can achieve this by two ways:

1.add static a route or
2. use nat (not recommending)
by nichky
Wed Jul 14, 2021 9:47 am
Forum: Wireless Networking
Topic: CAPsMAN reconnections
Replies: 15
Views: 2214

Re: CAPsMAN reconnections

@szhura

how is your "Access List" looks like?
by nichky
Wed Jul 14, 2021 7:13 am
Forum: Forwarding Protocols
Topic: BGP ECMP (multipathing)
Replies: 55
Views: 22625

Re: BGP ECMP (multipathing)

@mrz

coming back to your first post

has anything changed since then?
https://wiki.mikrotik.com/wiki/Manual:B ... interfaces

I'm playing with multihop=yes and the target-scope that im receiving is 30 by default without any filter rule.
by nichky
Tue Jul 13, 2021 11:58 pm
Forum: General
Topic: ASK[CAPsMAN]
Replies: 13
Views: 1018

Re: ASK[CAPsMAN]

tx @rextended, solved
by nichky
Tue Jul 13, 2021 2:29 am
Forum: General
Topic: CAPS Man & different WIFI channel config
Replies: 22
Views: 1435

Re: CAPS Man & different WIFI channel config

what you getting at status where current channel is?
by nichky
Tue Jul 13, 2021 1:07 am
Forum: General
Topic: ASK[CAPsMAN]
Replies: 13
Views: 1018

Re: ASK[CAPsMAN]

Thanks sindy, that makes a lot of sense.

hvala puno,najbolji si!
by nichky
Sun Jul 11, 2021 1:02 pm
Forum: General
Topic: ASK[CAPsMAN]
Replies: 13
Views: 1018

Re: ASK[CAPsMAN]

i mean if you can give me some tip how properly can i use identity-regexp & common-name-regexp working.

i have spend lot of time with our result
by nichky
Sun Jul 11, 2021 11:51 am
Forum: General
Topic: ASK[CAPsMAN]
Replies: 13
Views: 1018

Re: ASK[CAPsMAN]

that make a lot of sane. so my assumption is wrong.
In this case im not sure what this does.

Much appreciated if you can explain here, or advice me how can i make it works the way you suggesting
by nichky
Sun Jul 11, 2021 10:46 am
Forum: General
Topic: ASK[CAPsMAN]
Replies: 13
Views: 1018

Re: ASK[CAPsMAN]

i got this one for testing purposes /caps-man provisioning add action=create-enabled hw-supported-modes=gn identity-regexp=GP-AP-.* master-configuration=test radio-mac=6C:3B:6B:xx:xx:xx slave-configurations=\ test What i'm expecting is, once i'll click on provisioning i should be saying on /caps-man...
by nichky
Sun Jul 11, 2021 7:19 am
Forum: General
Topic: ASK[CAPsMAN]
Replies: 13
Views: 1018

Re: ASK[CAPsMAN]

if i explore my config would be irelevant.
Whenever i fill that part for entity-regexp & common-name-regexp, and then when i do provisioning, i'm not getting any result according to what i have filled there
by nichky
Sun Jul 11, 2021 5:33 am
Forum: General
Topic: ASK[CAPsMAN]
Replies: 13
Views: 1018

ASK[CAPsMAN]

cant make identity-regexp & common-name-regexp working

@rextended, i really need your input here
by nichky
Sat Jul 10, 2021 10:19 am
Forum: Wireless Networking
Topic: Identity as SSID
Replies: 9
Views: 1305

Re: Identity as SSID

cant make identity-regexp & common-name-regexp working
by nichky
Sat Jul 10, 2021 9:35 am
Forum: General
Topic: Port Forwarding of a Moxa NPort 5150A Not Working
Replies: 17
Views: 1041

Re: Port Forwarding of a Moxa NPort 5150A Not Working

can you do telnet to the server from cmd?
by nichky
Wed Jul 07, 2021 1:54 pm
Forum: General
Topic: ASK [VRF-Mangle]
Replies: 3
Views: 471

Re: ASK [VRF-Mangle]

Sindy fixed!

/ip route rule
add routing-mark=vrf1 src-address=server_ip table=main
add dst-address=server_ip table=vrf1
i found easy in ip rule.

im wondering how the proper conf would be on Mangle?
by nichky
Wed Jul 07, 2021 12:27 pm
Forum: General
Topic: ASK [VRF-Mangle]
Replies: 3
Views: 471

Re: ASK [VRF-Mangle]

Hi sindy, the topology is really simple. The core device is gateway for the my LAN subnet at cpe site. On that subnet is sitting my server or anything that i can login remotely. At the moment im doing that by "web-profy", even with "port forwarding" i will get same result because...
by nichky
Wed Jul 07, 2021 10:24 am
Forum: General
Topic: ASK [VRF-Mangle]
Replies: 3
Views: 471

ASK [VRF-Mangle]

if my device that i want to log in (web) is in the VRF group.
What needs to be done to be able to get access?
i thing Mangle will help. any advice?

I'm accessing remotely by using web-proxy.
by nichky
Tue Jul 06, 2021 8:03 am
Forum: General
Topic: ASK [ PVLAN]
Replies: 6
Views: 594

Re: ASK [ PVLAN]

i was thing if to use "use service tag" by using vlan-filtering, but it seems that is not possible for now. Thanks @rextended that will do with EoIP. I can ping with size 1500, which is what i want. I wish if i can bridge other tunnels such as "ipip" and "gre", maybe th...
by nichky
Mon Jul 05, 2021 1:41 pm
Forum: General
Topic: ASK [ PVLAN]
Replies: 6
Views: 594

Re: ASK [ PVLAN]

i'm trying to establish layer 2 connectivity. So i can get this done by using "user service tag" on my device and customer that works fine because it can provide tunneling method, and i don't need to contact my upstrime provided to add more vlans, The upstrim provider is doing layer 2 conn...
by nichky
Mon Jul 05, 2021 5:33 am
Forum: General
Topic: ASK [ PVLAN]
Replies: 6
Views: 594

ASK [ PVLAN]

by using PVLAN how can i play with service tag?
I need that in my case.
without PVLAN works well!
by nichky
Thu Jul 01, 2021 11:32 pm
Forum: General
Topic: ASK [ port-isolation?]
Replies: 1
Views: 354

ASK [ port-isolation?]

have any one tested port-isolation?
https://wiki.mikrotik.com/wiki/Manual:S ... _isolation
in my case i got two routers terminate into one RB (Switch chips Atheros8227-PVLAN setups) . It seems like doesn't want to work for me
by nichky
Tue Jun 29, 2021 3:43 am
Forum: General
Topic: IPIP tunnel behind NAT
Replies: 4
Views: 620

Re: IPIP tunnel behind NAT

as long as they can ping each other, can't see any reason why you would be able to do
by nichky
Mon Jun 28, 2021 12:21 am
Forum: Beginner Basics
Topic: Questions of an IPSec-Noob
Replies: 13
Views: 1143

Re: Questions of an IPSec-Noob

@raboof678 coming back to your topic. "I know that the OpenVPN-support in Mikrotik is not good, so I want to go with IPSec." i really what to know where have you found this? What kind of device are you trying to connect? Let say you got windows machine. OpenVPN is the best scenario for tha...
by nichky
Sun Jun 20, 2021 4:18 am
Forum: General
Topic: ASK [ospf instance-id]
Replies: 0
Views: 513

ASK [ospf instance-id]

anyone can tell me what instance-id does, by default is 0
I wasn't able to find any info on mt wiki
by nichky
Wed Jun 09, 2021 9:05 am
Forum: General
Topic: Ovpn - verify server certificate issue [SOLVED]
Replies: 11
Views: 1240

Re: Ovpn - verify server certificate issue [SOLVED]

use this /certificate add name=ca-template common-name=myCa key-usage=key-cert-sign,crl-sign add name=server-template common-name=server add name=client1-template common-name=client1 add name=client2-template common-name=client2 /certificate sign ca-template ca-crl-host=1.2.3.4 name=myCa sign server...
by nichky
Tue Jun 08, 2021 9:42 am
Forum: General
Topic: TCP Established and Call of Duty disconnects
Replies: 6
Views: 765

Re: TCP Established and Call of Duty disconnects

just following up.
Is disabling fastpath/fasttrack helps
by nichky
Fri Jun 04, 2021 6:24 am
Forum: Scripting
Topic: Some Music
Replies: 21
Views: 30033

Re: Some Music

nice
by nichky
Sun May 30, 2021 2:59 am
Forum: Beginner Basics
Topic: OSPF over SSTP - works great but why?
Replies: 3
Views: 598

Re: OSPF over SSTP - works great but why?

@Chaosphere64

Does SSTP into ospf network? if yes, what you expecting?
by nichky
Sat May 29, 2021 2:34 pm
Forum: Forwarding Protocols
Topic: BGP problem with best route
Replies: 7
Views: 2340

Re: BGP problem with best route

that is for eBGP, or other option would be prepend
by nichky
Sat May 29, 2021 2:23 pm
Forum: Forwarding Protocols
Topic: BGP problem with best route
Replies: 7
Views: 2340

Re: BGP problem with best route

with eBGP you want to use local pref ?

follow this:

○ Local-Pref
• Mostly used in iBGP networks, higher Local-Pref is better
○ AS-Path
• Mostly used in eBGP networks, shorter as-path is better
by nichky
Sat May 29, 2021 2:17 am
Forum: General
Topic: Who has the biggest uptime ?
Replies: 22
Views: 3484

Re: Who has the biggest uptime ?

my one
by nichky
Fri May 28, 2021 2:26 am
Forum: Announcements
Topic: v6.48.3 [stable] is released!
Replies: 120
Views: 36705

Re: v6.48.3 [stable] is released!

From where can i see this?

*) system - improved resource allocation (improves several service stability e.g. HTTPS, PPPoE, VPN);
*) branding - added option to upload custom files (newly generated branding package required);
by nichky
Sun May 23, 2021 9:17 am
Forum: General
Topic: [ASK] ppp limit-bytes-in/out
Replies: 0
Views: 448

[ASK] ppp limit-bytes-in/out

is there any way when the clients reach the limit-bytes-in/out to get internet drop until i ll refresh the status of the script does for me.
Basically i don't want client to be able to use the ppp once they reach the limit.
by nichky
Sat May 22, 2021 3:30 pm
Forum: General
Topic: IP Cloud Update Problem.
Replies: 14
Views: 2546

Re: IP Cloud Update Problem.

does it look better now?
by nichky
Sat May 22, 2021 2:24 pm
Forum: General
Topic: IP Cloud Update Problem.
Replies: 14
Views: 2546

Re: IP Cloud Update Problem.

no,works well
by nichky
Sat May 22, 2021 2:04 pm
Forum: General
Topic: IP Cloud Update Problem.
Replies: 14
Views: 2546

Re: IP Cloud Update Problem.

im happy how random does. would you be able to give us an example about

use-local-addres
by nichky
Sat May 22, 2021 12:44 pm
Forum: General
Topic: IP Cloud Update Problem.
Replies: 14
Views: 2546

Re: IP Cloud Update Problem.

still is not clear for me:
use-local-addres
by nichky
Thu May 20, 2021 2:21 am
Forum: General
Topic: VRRP-VLANs
Replies: 7
Views: 841

Re: VRRP-VLANs

Completely make sense what @JelleM suggesting.
I was looking for more ethernet-vlans to achieve something which it seems like doesn't fit in this scenario, or i need to find other solution.

Thanks @JelleM @sindy
by nichky
Wed May 19, 2021 12:42 pm
Forum: General
Topic: VRRP-VLANs
Replies: 7
Views: 841

Re: VRRP-VLANs

and on other site, same thing.
Ive done this,but i cant remember what kind of issues i was getting.
Let me try one more time. l'll come back to you
by nichky
Wed May 19, 2021 11:08 am
Forum: General
Topic: VRRP-VLANs
Replies: 7
Views: 841

Re: VRRP-VLANs

i wish if i can use one, but i'm using VRRP load sharing.
Simple i'm using two VRRPs , and that why i need teo VLANs

https://wiki.mikrotik.com/wiki/Manual:V ... ad_sharing
by nichky
Wed May 19, 2021 6:09 am
Forum: General
Topic: VRRP-VLANs
Replies: 7
Views: 841

Re: VRRP-VLANs

i know where is the issus, but im not sure how can i fix it up /interface vrrp add interface=e2vl4078 name=vrrp-m-vl4078 priority=254 vrid=77--------->VRRP-Master add interface=e2vl4077 name=vrrp-s-vl4077 vrid=40--------------------------->VRRP-Slave /ip address add address=192.168.1.4/24 interface=...
by nichky
Mon May 17, 2021 2:02 pm
Forum: General
Topic: VRRP-VLANs
Replies: 7
Views: 841

VRRP-VLANs

any advice pls, im running VRRP-Load sharing and VLANS.
I can't make it work.It seems like i need to play with script.

Does anyone know how can i avoid using the script
by nichky
Thu Apr 01, 2021 6:53 am
Forum: Forwarding Protocols
Topic: Keep using firewall rules with VRRP
Replies: 5
Views: 1984

Re: Keep using firewall rules with VRRP

@Cablenut9



I'm not sure what mrz means by that,but
this is what you need:
https://github.com/svlsResearch/ha-mikrotik

i have done for my lab, works perfectly
by nichky
Sat Mar 13, 2021 11:54 am
Forum: General
Topic: ASK [option66 over vpls]
Replies: 2
Views: 448

Re: ASK [option66 over vpls]

we have pluget computer and run Wireshark ,and we wasn't able to detect option66. im doubt that we did properly VRF is same, im not playing with that one, just i have swopend to EoIP. /ip route vrf add interfaces=vpls1,vpls2,vpls3,eoip1-mark=phones, as you can see i have changed only the tunnel inte...
by nichky
Fri Mar 12, 2021 11:47 pm
Forum: General
Topic: ASK [option66 over vpls]
Replies: 2
Views: 448

ASK [option66 over vpls]

The topology is very simple, we have a vpls tunnel faicing to core device and a VRF for the phones only Issus: Phones (yealink) are not auto provisioning ,by using option66 after factory reset. So the intersting part is here: they are working well until someone factory resets them. Once they are res...
by nichky
Fri Mar 12, 2021 12:08 am
Forum: General
Topic: Debug slow L2TP/IPsec
Replies: 56
Views: 4091

Re: Debug slow L2TP/IPsec

@sindy

i have forgotten to mentioned one main thing here.
I got vpn ike2 from site A to site B by using certificate , then on top of it i got ipip tunnel +sha2-256

Now it pretty much clear
by nichky
Thu Mar 11, 2021 2:25 am
Forum: General
Topic: Debug slow L2TP/IPsec
Replies: 56
Views: 4091

Re: Debug slow L2TP/IPsec

Hi @sindy, sorry for delay about My ESP Sequence is arount 1011. i thought that is relaited to packet lost------>my mistake Im not sure whether im doint that right to get there--please if you can help with other words :) Regarding other part ,nothing much i can add here. Your calculation is greater....
by nichky
Mon Mar 08, 2021 1:17 am
Forum: General
Topic: Debug slow L2TP/IPsec
Replies: 56
Views: 4091

Re: Debug slow L2TP/IPsec

The reason been , just i want to check/compare my result with @hpet. My throughput between VPN is 20m/10m , that because other site has limited bandwidth. My ESP Sequence is arount 1011. And about packets shuffled or really lost, that @sindy mentioned. Im not able to see that graph, so it seems like...
by nichky
Sun Mar 07, 2021 1:17 am
Forum: General
Topic: Debug slow L2TP/IPsec
Replies: 56
Views: 4091

Re: Debug slow L2TP/IPsec

@sindy

zadnjo pitajne

kako da napravim pravilni sniffer, jas isto imam VPN ali moj je u tunnel-mode.
by nichky
Sat Mar 06, 2021 11:43 pm
Forum: General
Topic: Debug slow L2TP/IPsec
Replies: 56
Views: 4091

Re: Debug slow L2TP/IPsec

@hpet

jer moze ukratko, kako si reshio problem?
by nichky
Sat Mar 06, 2021 11:10 am
Forum: Forwarding Protocols
Topic: OSPF area NSSA LSA type 7 to type 5
Replies: 6
Views: 1544

Re: OSPF area NSSA LSA type 7 to type 5

im not sure,
try on R3

/routing ospf area
add area-id=0.0.0.1 default-cost=1 inject-summary-lsas=no name=area1 translator-role=translate-always type=nssa
by nichky
Sat Mar 06, 2021 7:15 am
Forum: Forwarding Protocols
Topic: OSPF area NSSA LSA type 7 to type 5
Replies: 6
Views: 1544

Re: OSPF area NSSA LSA type 7 to type 5

you can do email to support. They will give you maybe better answer.

From what i can see, i not sure what you want to achieve, but i think your topology is wrong. NSSA you can't use in this case.

Please see the folowing atachent to get an idea in which caisess you can play with NSSA
by nichky
Fri Mar 05, 2021 6:26 am
Forum: General
Topic: Debug slow L2TP/IPsec
Replies: 56
Views: 4091

Re: Debug slow L2TP/IPsec

it was hidden ..all good
by nichky
Fri Mar 05, 2021 6:18 am
Forum: General
Topic: Debug slow L2TP/IPsec
Replies: 56
Views: 4091

Re: Debug slow L2TP/IPsec

@sindy -molimte reci mi ovo:

i got router with hardware encryption, (hEX S RB760iGS)
and from /ip ipsec installed-sa print - i can see only E , can't see H. what im missing?
by nichky
Fri Mar 05, 2021 5:29 am
Forum: General
Topic: ASK [rule over mangle]
Replies: 3
Views: 474

Re: ASK [rule over mangle]

if you want me to post all config that would be a lot of things :) Basically is BGP with VRF

i found that route rule are pretty much similar to Mangle, and i'm thinking that i can make it work...
as i said it does work with ip route rule
by nichky
Fri Mar 05, 2021 4:51 am
Forum: General
Topic: ASK [rule over mangle]
Replies: 3
Views: 474

ASK [rule over mangle]

im getting stuck, /ip route rule add comment=R4 routing-mark=cus src-address=192.168.4.0/24 table=main add dst-address=192.168.4.0/24 table=cus how can i make it work over the Mangle? /ip firewall mangle add action=mark-routing chain=prerouting comment=R4 disabled=yes new-routing-mark=main passthrou...
by nichky
Wed Mar 03, 2021 7:24 am
Forum: General
Topic: ASK [vpls PW]
Replies: 8
Views: 830

Re: ASK [vpls PW]

Thanks CZfan

that's what i have been looking for.
Now i need to think how can i make e.g. of those two features
by nichky
Tue Mar 02, 2021 10:17 pm
Forum: General
Topic: ASK [vpls PW]
Replies: 8
Views: 830

Re: ASK [vpls PW]

thanks a lot sindy
by nichky
Tue Mar 02, 2021 10:53 am
Forum: General
Topic: ASK [vpls PW]
Replies: 8
Views: 830

Re: ASK [vpls PW]

sorry, i can't get you what you saying
by nichky
Tue Mar 02, 2021 7:28 am
Forum: General
Topic: ASK [vpls PW]
Replies: 8
Views: 830

ASK [vpls PW]

vpls PW type tagged ethernet

please need more info of this.
In which scenario i can use this. wiki saying Pseudowire type,
which i'm not sure what exactly is the mining of that
by nichky
Tue Mar 02, 2021 5:56 am
Forum: Beginner Basics
Topic: How do i enable usb sharing?????
Replies: 2
Views: 447

Re: How do i enable usb sharing?????

what type on Mikrotik do you have?
by nichky
Wed Feb 24, 2021 10:10 am
Forum: Beginner Basics
Topic: Internet / VPN Problem
Replies: 12
Views: 1331

Re: Internet / VPN Problem

about your experiencing drops out need to be monitored on real time, could be layer one issues, dont know. i will disable the followinf roule: /ip firewall filter add action=drop chain=forward comment="drop all else" log=yes log-prefix="Prohibido forward resto" about your vpn i w...
by nichky
Wed Feb 24, 2021 6:24 am
Forum: Beginner Basics
Topic: Internet / VPN Problem
Replies: 12
Views: 1331

Re: Internet / VPN Problem

DavidGB

/export file=conf hide-sensitive
by nichky
Wed Feb 17, 2021 3:07 am
Forum: General
Topic: ASK [allow-sharedkey]
Replies: 0
Views: 363

ASK [allow-sharedkey]

does anyone know in which cases can we use allow-sharedkey?

/interface wireless set allow-sharedkey=YES

i didn't get the point from the wiki
by nichky
Mon Feb 15, 2021 2:03 am
Forum: Scripting
Topic: ARP Watch Script
Replies: 6
Views: 4096

Re: ARP Watch Script

sorry, what this script does?
by nichky
Sun Feb 14, 2021 12:07 am
Forum: General
Topic: Problems with IPSec - only one device can connect
Replies: 3
Views: 551

Re: Problems with IPSec - only one device can connect

on apple phone you need to make use authentication to none
by nichky
Fri Feb 12, 2021 4:10 am
Forum: General
Topic: ssh + ssh-keys -> Problem to login from another machine
Replies: 4
Views: 555

Re: ssh + ssh-keys -> Problem to login from another machine

How you doing
/user ssh-keys import user=
by nichky
Wed Feb 10, 2021 1:59 am
Forum: Beginner Basics
Topic: EoIP Tunnel Clamp TPC MSS
Replies: 7
Views: 1289

Re: EoIP Tunnel Clamp TPC MSS

@CZFan

and what Clamp mss in EoIP does?
by nichky
Wed Feb 03, 2021 6:28 am
Forum: General
Topic: ASK [root port]
Replies: 0
Views: 390

ASK [root port]

in my case i have vlan configuration using /interface bridge> set numbers=0 vlan-filtering=yes. And i have noticed that i was able to see root port. (one site has priority 6000) Once i switced to vlans by using switch chip all interfaces in the bridge become designated port. Even if i play with prio...
by nichky
Mon Feb 01, 2021 5:59 am
Forum: Beginner Basics
Topic: Switch chip
Replies: 9
Views: 1300

Re: Switch chip

can anyone give us more info about vlans mode. i mean in which scenario can i use check and fallback
by nichky
Tue Jan 26, 2021 11:41 pm
Forum: General
Topic: Suggestion: Completely virtual router based on two physical routers
Replies: 185
Views: 42363

Re: Suggestion: Completely virtual router based on two physical routers

@Nathan1 i made it work, but ONE important thing. i was getting script error!!! You know when you adding on MASTER : $HAInstall interface="ether8" macA="[MAC_OF_A_ETHER8]" macB="[MAC_OF_B_ETHER_8]" password="[A RANDOM PASSWORD OF YOUR CHOOSING]" then it pops u...
by nichky
Fri Jan 22, 2021 11:49 pm
Forum: Wireless Networking
Topic: Why is nv2 so much slower than 802.11?
Replies: 17
Views: 4223

Re: Why is nv2 so much slower than 802.11?

Can anyone add some info here. According to MT wiki about Nv2 AP Synchronization "After Master AP is found the Slave AP will calculate the distance to the Master AP as it is possible that Master AP is located not on the same location". I got one Master-AP--ssid=test1, and one Slave-AP-ssid...
by nichky
Wed Jan 20, 2021 12:50 pm
Forum: General
Topic: ASK {switch chip}
Replies: 13
Views: 1308

Re: ASK {switch chip}

Thanks xvo, appreciate your help
by nichky
Tue Jan 19, 2021 10:26 pm
Forum: General
Topic: ASK {switch chip}
Replies: 13
Views: 1308

Re: ASK {switch chip}

@xvo i got this working now. quick one: what exactly switch1 cpu does? do i need to add always on tagged and untagged traffic. /interface ethernet switch port set 1 vlan-header=add-if-missing vlan-mode=secure set 2 vlan-header=add-if-missing vlan-mode=secure set 3 default-vlan-id=202 vlan-header=alw...
by nichky
Tue Jan 19, 2021 11:16 am
Forum: General
Topic: ASK {switch chip}
Replies: 13
Views: 1308

Re: ASK {switch chip}

@xvo don't worry about 8227 rb2011. i'm going to remove everything here, and i want to use 8327. Trunk port is ether1 on rb2011. what im missing here? vlan 99 cams from --951Ui-2HnD /interface ethernet switch port set 1 vlan-header=add-if-missing vlan-mode=secure /interface ethernet switch rule add ...
by nichky
Tue Jan 19, 2021 10:36 am
Forum: General
Topic: ASK {switch chip}
Replies: 13
Views: 1308

Re: ASK {switch chip}

that is how my config looks like on rb2011 /interface ethernet switch port set 6 vlan-header=add-if-missing vlan-mode=secure set 7 default-vlan-id=202 vlan-header=always-strip vlan-mode=secure set 10 vlan-header=add-if-missing vlan-mode=secure /interface ethernet switch rule add disabled=yes ports=e...
by nichky
Tue Jan 19, 2021 10:21 am
Forum: General
Topic: ASK {switch chip}
Replies: 13
Views: 1308

Re: ASK {switch chip}

@xvo

from your last can i get conclusion that we can't play around with different switch chips.
It must to be same, on both ends, and also how you mind differently?
by nichky
Tue Jan 19, 2021 5:15 am
Forum: General
Topic: ASK {switch chip}
Replies: 13
Views: 1308

Re: ASK {switch chip}

you didn't get my point. I'm not using both switches on same time. I'm using only one, and i found with Atheros 8227 i can implement vlan configuration (obviously becouse 951Ui-2HnD has the same) and using - Atheros 8327 2011UiAS-2HnD. sw1 i cant make it work. So my quastios is, are they all swich c...
by nichky
Tue Jan 19, 2021 1:35 am
Forum: General
Topic: ASK {switch chip}
Replies: 13
Views: 1308

ASK {switch chip}

my lab is basic setup using switch chip. So when i'm doing VLAN implementation using "Atheros 8227" (both devices supporting same switch chip ) everything works as it should. i found difical when one site supporthing Atheros 8227 951Ui-2HnD and other site has - Atheros 8327 2011UiAS-2HnD. ...
by nichky
Mon Jan 18, 2021 12:11 am
Forum: General
Topic: help
Replies: 7
Views: 867

Re: help

nothing in bonding
by nichky
Sun Jan 17, 2021 11:39 pm
Forum: General
Topic: help
Replies: 7
Views: 867

Re: help

just i want to know how can i solve that one.
I don't have nothing to bridge and it is showing that some of the ports are already in bridge
Even if it's like that i don't mind as long as will not make further issues I got vpn clients already connected
by nichky
Sun Jan 17, 2021 10:55 am
Forum: General
Topic: help
Replies: 7
Views: 867

Re: help

hmmm
i'm not going to that,because i'm running vpn.
Any other solution?
by nichky
Sun Jan 17, 2021 9:26 am
Forum: General
Topic: help
Replies: 7
Views: 867

help

i don't care whether is bug or not.
i want t fix that one , any idea pls

RB760iGS
v6.48
by nichky
Sun Jan 10, 2021 10:02 am
Forum: Beginner Basics
Topic: Setting a VLAN on a PPPOE connection.
Replies: 2
Views: 450

Re: Setting a VLAN on a PPPOE connection.

my isp provide me exactly same thing.
vlanx for pppoe
by nichky
Fri Jan 08, 2021 12:06 am
Forum: Beginner Basics
Topic: Split Tunnel routing interent via IPsec Tunnel
Replies: 4
Views: 701

Re: Split Tunnel routing interent via IPsec Tunnel

@Pozun

in my case to do that i'm using Mode Configs.
And i found that features works perfectly for apple and doesn't for windows. I haven't tested android yet.
by nichky
Sat Jan 02, 2021 8:40 am
Forum: General
Topic: Gre over ipsec
Replies: 10
Views: 1383

Re: Gre over ipsec

@mafiosa make your life easily, play specially with ipsec with same vendors devices. I had unestablished tunnels with mikrotik on different version. When i upgraded to later version bum everything works well. i found dynamic routhing protocol are much more easy (i'm avoiding as much as possible) for...
by nichky
Fri Jan 01, 2021 11:49 pm
Forum: Announcements
Topic: v6.48 [stable] is released!
Replies: 324
Views: 84647

Re: v6.48 [stable] is released!

*) ppp - store "last-caller-id" for PPP secrets;

how that one works?
by nichky
Tue Dec 22, 2020 9:08 pm
Forum: General
Topic: Undocumented ipsec mode config option split-dns ?
Replies: 3
Views: 1082

Re: Undocumented ipsec mode config option split-dns ?

just i want to add something here, if you want to use that features by using windows machine you would be not able to get , because windows doesn't support it
by nichky
Fri Dec 18, 2020 12:35 pm
Forum: RouterOS v7 BETA
Topic: VxLAN example configuration
Replies: 9
Views: 14067

Re: VxLAN example configuration

@IPANetEngineer

i was following your example and i wondering what exactly this does,because i'm able to ping remote site without adding this rules:

/interface vxlan vteps
add interface=VxLAN-VNI-100 remote-ip=100.127.1.2
add interface=VxLAN-VNI-100 remote-ip=100.127.1.3
by nichky
Wed Dec 09, 2020 9:53 pm
Forum: General
Topic: "antenna gain" missing in 6.46.8?
Replies: 78
Views: 12209

Re: "antenna gain" missing in 6.46.8?

@normis

but that feature works on both types of antenns.
when you saying non removable, you mean Internal antenna vs external antenna, is that correct?
by nichky
Fri Dec 04, 2020 12:15 am
Forum: General
Topic: "antenna gain" missing in 6.46.8?
Replies: 78
Views: 12209

Re: "antenna gain" missing in 6.46.8?

/interface wireless set antenna-gain=x


one more thing
i've been asking multiple times about Spectral scan, i want that features to be implemented on 5 mhz
by nichky
Mon Nov 30, 2020 5:08 am
Forum: General
Topic: ask [main/backup loader]
Replies: 6
Views: 805

Re: ask [main/backup loader]

@sindy i got MikroTik SXT Lite5.

Based on what have you concluded...
- no connection to LAN/WLAN
- no beeps

by default "force-backup-boot" is disabled.
I'm going to enable and reboot it, and see what is happened :)
by nichky
Sat Nov 28, 2020 7:36 am
Forum: General
Topic: ask [main/backup loader]
Replies: 6
Views: 805

Re: ask [main/backup loader]

Thanks msatter

that is in production, so i'm wondering shall i follow with my assuming, or shall i wait for someone to give more tips...
sindy , what you saying ? :)
by nichky
Fri Nov 27, 2020 1:15 am
Forum: General
Topic: ask [main/backup loader]
Replies: 6
Views: 805

Re: ask [main/backup loader]

i did check wiki, thats why im asking here, i can tick this box and..how can i check whether im running on main or backup.
it is switching to backup by reboothing..or how that works.
by nichky
Thu Nov 26, 2020 11:36 pm
Forum: Beginner Basics
Topic: PPTP Server won't work [SOLVED]
Replies: 21
Views: 2406

Re: PPTP Server won't work [SOLVED]

baxik, disable all firewall filters and try again.
by nichky
Thu Nov 26, 2020 10:43 pm
Forum: General
Topic: ask [main/backup loader]
Replies: 6
Views: 805

ask [main/backup loader]

is my concept correct:

i noted that my main booter is corrupted and i want to switch over to backup loader.

for this purpose , the only thing to do is
1.
/system routerboard settings set force-backup-booter=yes
2.
system reboot yes

and then will run on backup mode.

is that correct?
by nichky
Thu Nov 26, 2020 10:49 am
Forum: Announcements
Topic: v6.47.8 [stable] is released!
Replies: 56
Views: 18491

Re: v6.47.8 [stable] is released!

What exactly want to say here:

*) upgrade - do not try installing packages if download was not completed;
by nichky
Tue Nov 17, 2020 1:53 am
Forum: General
Topic: {ASK} LHG R-LTE
Replies: 10
Views: 1036

Re: {ASK} LHG R-LTE

RogerWilco

that is fine, just i'm trying to find out why i need to disable; enable LTE to bring it back to normal
by nichky
Mon Nov 16, 2020 11:52 pm
Forum: General
Topic: {ASK} LHG R-LTE
Replies: 10
Views: 1036

Re: {ASK} LHG R-LTE

SiB

it is running
firmware-upgrade lte1
installed: MikroTik_CP_2.160.000_v013
latest: MikroTik_CP_2.160.000_v018

do i need to update?
by nichky
Mon Nov 16, 2020 11:38 pm
Forum: General
Topic: {ASK} LHG R-LTE
Replies: 10
Views: 1036

Re: {ASK} LHG R-LTE

yes, issues is LTE itself,power-reset bus=X--solving the issus
i didn't put on my first post, my bad.


/interface lte firmware-upgrade lte1 upgrade=no show? -- im not sure what this does,and from where can i get the current resoult optios are yes/no,
by nichky
Mon Nov 16, 2020 10:31 pm
Forum: General
Topic: {ASK} LHG R-LTE
Replies: 10
Views: 1036

{ASK} LHG R-LTE

We are using mikrotik LHG R 6.45.8 (long-term). with LTE Everything works properly for a period of time, then internet connection become poor, and as soon as i reboot anntena it self everything back to normal. is there any tips and tricke how can i avoide reboothing that is the current LTE resoulte ...
by nichky
Sun Nov 15, 2020 11:36 am
Forum: Wireless Networking
Topic: Audience wireless speed
Replies: 14
Views: 1489

Re: Audience wireless speed

try with keepalive frames=enabled
by nichky
Tue Nov 10, 2020 12:30 am
Forum: Beginner Basics
Topic: DHCP
Replies: 5
Views: 807

Re: DHCP

i was about to ask same question
by nichky
Fri Oct 09, 2020 7:21 am
Forum: General
Topic: ASK [NV2]
Replies: 0
Views: 319

ASK [NV2]

Can anyone add some info here. According to MT wiki about Nv2 AP Synchronization "After Master AP is found the Slave AP will calculate the distance to the Master AP as it is possible that Master AP is located not on the same location". I got one Master-AP--ssid= test1 , and one Slave-AP-ss...
by nichky
Fri Oct 09, 2020 12:03 am
Forum: General
Topic: ASK [LTE-SMS]
Replies: 3
Views: 515

Re: ASK [LTE-SMS]

by nichky
Thu Oct 08, 2020 5:59 am
Forum: General
Topic: ASK [LTE-SMS]
Replies: 3
Views: 515

ASK [LTE-SMS]

i got LTE device plugged into my mt

im trying ti sent SMS which is unsuccessfully, any tips and tricks to solve this issue.

The error that i gething is "Modem unsupported"
by nichky
Wed Sep 16, 2020 2:59 am
Forum: Beginner Basics
Topic: 1 to 1 NAT Help
Replies: 3
Views: 476

Re: 1 to 1 NAT Help

would be better if you give us your topology
by nichky
Wed Sep 16, 2020 2:57 am
Forum: General
Topic: Ip Cloud
Replies: 1
Views: 359

Re: Ip Cloud

have you read wiki about that?

use-local-address:
By default, the DNS name will be assigned to the detected public address (from the UDP packet header). If you wish to send your "local" or "internal" IP address, then set this to yes
by nichky
Fri Sep 04, 2020 7:01 am
Forum: General
Topic: CAPsMAN doesn't support superchannel
Replies: 2
Views: 543

Re: CAPsMAN doesn't support superchannel

what you connecting?
what type of gadgets?
by nichky
Fri Sep 04, 2020 3:06 am
Forum: General
Topic: ASK [need link]
Replies: 1
Views: 370

ASK [need link]

can anyone give me the link,which usb dongle are compatible on MikroTik.
i can't find my self
by nichky
Thu Sep 03, 2020 1:45 pm
Forum: Announcements
Topic: v6.47.3 [stable] is released!
Replies: 50
Views: 16263

Re: v6.47.3 [stable] is released!

MikroTik is there any chance to add wireguard in v6?
by nichky
Thu Sep 03, 2020 5:54 am
Forum: RouterOS v7 BETA
Topic: WireGuard on DHCP WAN [SOLVED]
Replies: 2
Views: 1421

Re: WireGuard on DHCP WAN [SOLVED]

set this by comand line

/interface/wireguard> peers/set endpoint=ip+port (e.g.13231)
by nichky
Thu Aug 27, 2020 2:50 am
Forum: General
Topic: [ASK] l2tp-new feature
Replies: 0
Views: 380

[ASK] l2tp-new feature

since new features comes up on v6.47.0
l2tp-client
what is the difference between: (Use-peer-dns) yes , exclusively
by nichky
Fri Aug 21, 2020 2:57 am
Forum: Announcements
Topic: v6.47.2 [stable] is released!
Replies: 90
Views: 23758

Re: v6.47.2 [stable] is released!

Hi,
I am sorry but I am still having the same problem on this point :
*) l2tp - fixed multiple tunnel establishment from the same remote IP address (introduced in v6.47); any advice ?
need more info about this..can anyone add something
by nichky
Thu Aug 20, 2020 1:48 am
Forum: Announcements
Topic: v6.47.2 [stable] is released!
Replies: 90
Views: 23758

Re: v6.47.2 [stable] is released!

Are you guys serious? The second update, in the last couple of months, with problems you don't expect at all. One core is constantly 100% loaded with something incomprehensible.
Image

i can't properly see your picture, can you make bigger for us
by nichky
Wed Aug 12, 2020 2:24 pm
Forum: General
Topic: ASK [RBD53G]
Replies: 3
Views: 1092

Re: ASK [RBD53G]

lucky i didn't try to downgrade :)

please give me more info about 2 x SMA external antenna.
is that for 2.4 or 5?
Device opraithing with chain 0 and i add external antennas can play with chan 1?

is im correct?
by nichky
Wed Aug 12, 2020 2:06 pm
Forum: General
Topic: ASK [RBD53G]
Replies: 3
Views: 1092

ASK [RBD53G]

RBD53G-5HacD2HnD-TC&EG12-EA

Does it work only with v7.0 and above?
by nichky
Fri Aug 07, 2020 12:44 pm
Forum: General
Topic: ASK [VPLS-tunnel drops]
Replies: 0
Views: 503

ASK [VPLS-tunnel drops]

My topology looks like that

i got R1------R2-------R3-------R4
ospf,mpls and VPLS between:
R1 and R2
R1 and R3
R1 and R4
when i disable VPLS between R1 and R2 all of them drops down.


My quastion is does anyone have similar issus?
if somone whant me to share my configuration im willing to do it
by nichky
Fri Aug 07, 2020 9:44 am
Forum: Scripting
Topic: script address list timeout get value
Replies: 2
Views: 960

Re: script address list timeout get value

++1
by nichky
Thu Aug 06, 2020 2:43 am
Forum: General
Topic: ASK [Happy New Year -beeper-melody-script]
Replies: 0
Views: 556

ASK [Happy New Year -beeper-melody-script]

does anyone have Happy New Year -beeper-melody-script? ;)
by nichky
Mon Aug 03, 2020 11:02 pm
Forum: General
Topic: send all traffic through l2tp VPN
Replies: 8
Views: 3940

Re: send all traffic through l2tp VPN

try to increase the distance of 0.1
by nichky
Mon Aug 03, 2020 3:55 am
Forum: General
Topic: WOL not working on subnet [SOLVED]
Replies: 10
Views: 2991

Re: WOL not working on subnet [SOLVED]

with that i have issues for the last 6 years.
WOL it working well until you unplug/plug the cable.
One you do that WOL stops to work
by nichky
Wed Jul 29, 2020 2:06 pm
Forum: Beginner Basics
Topic: how to tag lan and wifi on the same vlan [SOLVED]
Replies: 9
Views: 2542

Re: how to tag lan and wifi on the same vlan [SOLVED]

use this:

/interface vlan set name=w1.vl100 interface=wlan1 vlan-id=100
/interface wireless set vlan-mode=use-tag vlan-id=100
by nichky
Tue Jul 28, 2020 12:44 am
Forum: Wireless Networking
Topic: Wireless problem with Apple devices
Replies: 16
Views: 3769

Re: Wireless problem with Apple devices

one more recommendation

/interface wireless set preamble-mode=long
by nichky
Mon Jul 27, 2020 11:48 am
Forum: Scripting
Topic: ASK [random wifi password generator]
Replies: 41
Views: 11941

Re: ASK [random wifi password generator]

has been implemented
we will see the result
by nichky
Mon Jul 27, 2020 9:37 am
Forum: Scripting
Topic: ASK [random wifi password generator]
Replies: 41
Views: 11941

Re: ASK [random wifi password generator]

see what im getting.
but also that pass want to be sent to email
by nichky
Mon Jul 27, 2020 12:30 am
Forum: Scripting
Topic: ASK [random wifi password generator]
Replies: 41
Views: 11941

Re: ASK [random wifi password generator]

how can i combine that in my case?
by nichky
Sun Jul 26, 2020 10:50 am
Forum: Scripting
Topic: ASK [random wifi password generator]
Replies: 41
Views: 11941

Re: ASK [random wifi password generator]

Hi Jotne

one thing i found..interesting
When im activating the script by clicking manually the system/script it does work perfectly.

The problem is when i need to do by system/scheduler, then script sending same pasword..always and always.

i have no idea why..it does that?
by nichky
Fri Jul 24, 2020 4:31 am
Forum: Wireless Networking
Topic: Apple devices won't connect
Replies: 56
Views: 51208

Re: Apple devices won't connect

i got issues with my nintendo-switch when im playing online.
somehow i'm getting disconnected, but i can't see disconnection happens from the router-itself.
by nichky
Mon Jul 20, 2020 1:12 pm
Forum: General
Topic: [ASK] package-path
Replies: 0
Views: 495

[ASK] package-path

i got CAPsMAN and i want to use package-path to upgrade my CAP. I can do upgrade to other cap from RB951Ui-2HnD no problem, but i can't do from RB760iGS im doing on same way but i notice the only differences is hEX doesn't have /pub i have created manually but still i can do upgrade to other cap, an...
by nichky
Sat Jul 11, 2020 12:04 am
Forum: Announcements
Topic: v6.47.1 [stable] is released!
Replies: 147
Views: 70908

Re: v6.47.1 [stable] is released!

Impossible to update in Hap Lite. smips.JPG please do /system resource print have you seen the issues? you got 6.8MiB free memory, and the new version itself has 11.4MiB What have you got in file? it seems like you have to remove something from there. Make sure you got enough free memory.
by nichky
Fri Jul 10, 2020 2:40 pm
Forum: Announcements
Topic: v6.47.1 [stable] is released!
Replies: 147
Views: 70908

Re: v6.47.1 [stable] is released!

Impossible to update in Hap Lite.
smips.JPG


please do /system resource print
by nichky
Tue Jul 07, 2020 1:12 am
Forum: General
Topic: ASK [reset-button]
Replies: 8
Views: 2162

Re: ASK [reset-button]

that i was looking for
by nichky
Mon Jul 06, 2020 1:39 pm
Forum: General
Topic: ASK [reset-button]
Replies: 8
Views: 2162

Re: ASK [reset-button]

yess,would be able to correct that one :global ModeButton { [/caps-man interface get [find name="cap1"] disabled]; :if (gueststate = yes) do={ :log info "enabled" /caps-man interface disable [ find name=cap1 ]; :log info "disabled" /caps-man interface enable [ find name...
by nichky
Mon Jul 06, 2020 8:48 am
Forum: General
Topic: ASK [reset-button]
Replies: 8
Views: 2162

Re: ASK [reset-button]

i want to enable/disable interface on CAPsMAN interface using /system routerboard reset-button.
@eworm is there any further help about this?
by nichky
Sat Jul 04, 2020 12:43 pm
Forum: Beginner Basics
Topic: Am I protected with this settings?
Replies: 34
Views: 6878

Re: Am I protected with this settings?

/ip firewall filter export
by nichky
Wed Jul 01, 2020 1:50 am
Forum: General
Topic: ASK [reset-button]
Replies: 8
Views: 2162

ASK [reset-button]

i got hEX S
im wondering does anyone have any useful script for

/system routerboard reset-button ?
by nichky
Tue Jun 30, 2020 5:44 am
Forum: Scripting
Topic: IP cloud public address into variable
Replies: 3
Views: 1386

Re: IP cloud public address into variable

@vecernik87

What does it do?

/ip cloud advanced set use-local-address=yes

can you give us an example, and on which causes can we use?
by nichky
Mon Jun 29, 2020 1:05 am
Forum: Scripting
Topic: ASK [random wifi password generator]
Replies: 41
Views: 11941

Re: ASK [random wifi password generator]

can we modificate the previous scripts to sent password weekly?
using website it seems like that will work temporary.
by nichky
Sun Jun 28, 2020 2:44 pm
Forum: Scripting
Topic: ASK [random wifi password generator]
Replies: 41
Views: 11941

Re: ASK [random wifi password generator]

even like that im getting:

failure: closing connection: <503 Service Temporarily Unavailable> 104.20.45.7:443 (4)
by nichky
Sun Jun 28, 2020 10:08 am
Forum: Scripting
Topic: ASK [random wifi password generator]
Replies: 41
Views: 11941

Re: ASK [random wifi password generator]

im using 6.44.6 (long-term)

everything was fine until this morning..is not the version issus for sure
by nichky
Sun Jun 28, 2020 9:57 am
Forum: Scripting
Topic: ASK [random wifi password generator]
Replies: 41
Views: 11941

Re: ASK [random wifi password generator]

see what im getting...
by nichky
Sun Jun 28, 2020 9:34 am
Forum: Scripting
Topic: ASK [random wifi password generator]
Replies: 41
Views: 11941

Re: ASK [random wifi password generator]

Hi Jotne


after a while that script it stoops to work.
Currently it doesn't work at all.

im getting error :

<503 Service Temporarily Unavailable>

Why is so hard to tha script to send out email and change the sec-pass?
even the previous scripts..
by nichky
Wed Jun 24, 2020 12:43 am
Forum: Announcements
Topic: v6.47 [stable] is released!
Replies: 349
Views: 126341

Re: v6.47 [stable] is released!

*) ipsec - allow specifying two peers for a single policy for failover;
Oh wow, that's a killer feature I've been waiting for years!
give us more info about that
by nichky
Tue Jun 23, 2020 2:24 am
Forum: Beginner Basics
Topic: MikroTik CPU 100%
Replies: 2
Views: 839

Re: MikroTik CPU 100%

@lemeshuk92, when you get again cpu 100%
export us what you getting on tool/profile
by nichky
Thu Jun 11, 2020 9:19 am
Forum: General
Topic: [QoS-global]-ASK
Replies: 0
Views: 510

[QoS-global]-ASK

Is global in QoS still working?
I got two vlans in separated bridge. Setting up QoS i have to do two Parents, i mean two-bridge interfaces

anyone experiencing same as me?
by nichky
Sun Jun 07, 2020 9:06 am
Forum: Scripting
Topic: ASK [random wifi password generator]
Replies: 41
Views: 11941

Re: ASK [random wifi password generator]

Thanks a lot Jotne does work.well done
by nichky
Sat Jun 06, 2020 9:30 am
Forum: Announcements
Topic: v6.47 [stable] is released!
Replies: 349
Views: 126341

Re: v6.47 [stable] is released!

need more info about:

*) ipsec - allow specifying two peers for a single policy for failover;
*) ipsec - added "use-responder-dns" parameter support;
*) ipsec - added "split-dns" parameter support for mode configuration;