Community discussions

MikroTik App

Search found 75 matches

by xt22
Thu Apr 27, 2023 1:17 am
Forum: General
Topic: ROS7 destroying ovpn server - TLS failed?
Replies: 6
Views: 2861

Re: ROS7 destroying ovpn server - TLS failed?

yes. I really hate Mikrotik at these moments and want to give all the hundreds of our tiks to my kids as toy bricks :-/ I'd love to go back to ROS6, I really like it and I'll keep it on our devices as long as possible, especially when I see the quality of ROS7 (8 or how many years was not enough for...
by xt22
Thu Apr 13, 2023 2:30 am
Forum: General
Topic: ROS7 destroying ovpn server - TLS failed?
Replies: 6
Views: 2861

ROS7 destroying ovpn server - TLS failed?

Hello, I have issues with ovpn server running on Mikrotik - like tons of other people here as I saw, but here it was a perfectly working ovpn server for years, while running ROS6 up to 6.48.6. Unfortunately I thought it was safe to upgrade now and I have updated it to ROS 7.8 a few days ago - well, ...
by xt22
Wed Oct 12, 2022 3:18 pm
Forum: General
Topic: ltAP modem R11e-LTE6 upgrade firmware to V034 failed ?
Replies: 12
Views: 2653

Re: ltAP modem R11e-LTE6 upgrade firmware to V034 failed ?

it definitely was possible before, I have many 6.48.6 with R11e-LTE6 upgraded do 034. I hope Mikrotik didn't inspire themselves in big techs "we force you to upgrade to out great new product without a reason" policy.. So now, if I buy R11e-LTE6 with something old like 027 and want to upgra...
by xt22
Fri Jul 01, 2022 4:46 pm
Forum: Wireless Networking
Topic: radar detected problems
Replies: 85
Views: 73072

Re: radar detected problems

Agreed. I don't know, what is the law ordering vendors to do and if it is technically specific or lets vendors just fulfill what it says by their solution, but I definitely know it should not work like this and I'm nearly certain there are not radars on all available frequencies (the nearest one is ...
by xt22
Fri Jul 01, 2022 12:25 pm
Forum: Wireless Networking
Topic: radar detected problems
Replies: 85
Views: 73072

Re: radar detected problems

Or maybe just older versions. I'm using longterm on all devices except chateaus, currently 6.48.6. i remember there was an option to use "No country set" in some really old longterm version (6.37.10?), then there was a possibility to select different country (russia) later that worked, bu...
by xt22
Fri Jul 01, 2022 12:56 am
Forum: Wireless Networking
Topic: radar detected problems
Replies: 85
Views: 73072

Re: radar detected problems

erlinden: I will try, I could not experiment much as there was a meeting running, it was just a very unpleasant surprise on a indoor ap with integrated low-gain antennas, I have never seen this on a RBcAP bpwl: yes, it is indoor ap running on indoor freqs, this one https://mikrotik.com/product/cap_a...
by xt22
Thu Jun 30, 2022 5:16 pm
Forum: Wireless Networking
Topic: radar detected problems
Replies: 85
Views: 73072

Re: radar detected problems

damn.. I hate this stupid behavior, but I could somehow live with the fact that this happens on my p2p outdoor links and use other vendors, we have only a few of those. But now, this stupid radar detection started on my indoor RBcAP using indoor channel 5260 too :-/ The nearest radar is 100km from h...
by xt22
Sun Nov 14, 2021 11:09 pm
Forum: General
Topic: Mikrotik router Hacked!!!
Replies: 140
Views: 55053

Re: Mikrotik router Hacked!!!

I AM complaining.. I hate this chance to get my ~$1000 1036s, 354s and all these expensive devices bricked and scrapped because some damn ISPs are whining about people stealing their $35 antennas. If someone stole from you, sue him. I have always thought netinstall is the last fallback, that will wo...
by xt22
Sun Nov 14, 2021 8:24 pm
Forum: General
Topic: Mikrotik router Hacked!!!
Replies: 140
Views: 55053

Re: Mikrotik router Hacked!!!

well, nobody thought ROS would serve the users credentials file to any unauthenticated remote attacker too.. fortunately this time it was tied to Winbox, so all quality setups had it disabled, but this is no Mikrotik's credit, it is just luck this time. Because no matter what, they made one of the h...
by xt22
Fri Nov 12, 2021 3:03 pm
Forum: General
Topic: Mikrotik router Hacked!!!
Replies: 140
Views: 55053

Re: Mikrotik router Hacked!!!

Don't blame MikroTik for your own (or the network administrators) negligence. The only devices that don't have features like this are supermarket routers. Any "enterprise" / bussiness grade decent device has security features in order to protect it from beeing reset/log into it, even when...
by xt22
Fri Nov 12, 2021 2:11 am
Forum: General
Topic: Mikrotik router Hacked!!!
Replies: 140
Views: 55053

Re: Mikrotik router Hacked!!!

damn... this is exactly the reason why it is so stupid idea trying to force manufacturers to create backdoors by goverments.. whatever seems like a good idea/intention first, is always abused. This is a really bad function, i hope those crying ISPs will regret that after getting $2000 CCRs remotely ...
by xt22
Fri Nov 12, 2021 12:48 am
Forum: Wireless Networking
Topic: radar detected problems
Replies: 85
Views: 73072

Re: radar detected problems

ok, so I had to move the SXT 20km from the location it was - I still thought it was a problem of that location. Well, it wasn't. I have updated to 6.48.5, updated the setup and... yes, stupid radar detections every 2-5 mins resulting to disconnections. So I have to go Russian again, before I get the...
by xt22
Fri Nov 12, 2021 12:39 am
Forum: General
Topic: "antenna gain" missing in 6.46.8?
Replies: 83
Views: 29816

Re: "antenna gain" missing in 6.46.8?

reasonable answer is what say @Paternot: add a damn dropdown list for power reduction factor. ... and that is exactly what this thread was about :-) Whether it is called Antenna gain, Antenna gain reduction, Power reduction.. doesn't matter. Neither do the values - whether it is dbm, 0-100%, 1/10-1...
by xt22
Tue Jun 22, 2021 1:14 pm
Forum: Wireless Networking
Topic: radar detected problems
Replies: 85
Views: 73072

Re: radar detected problems

tried to change channel width to 5 and 10MHz, this radar-detection crap is going crazy today :-/ Small powerbridge M5 works well here, I became Russian for a while and problems instantly stopped.. 03:23:30 wireless,info wlan1: radar detected on 5575000 03:23:42 wireless,info wlan1: radar detected on...
by xt22
Mon Jun 07, 2021 1:14 am
Forum: General
Topic: New WiFi Vulnerabilities - Frag Attacks
Replies: 19
Views: 6088

Re: New WiFi Vulnerabilities - Frag Attacks

In beginning of May 2021, a security research group from Belgium published a set of vulnerabilities they call "Frag Attacks" (from Fragmentation Attack), which affect all modern security protocols of Wi-Fi. Not all the published issues affect MikroTik products, but those that were found to...
by xt22
Mon Apr 05, 2021 10:27 pm
Forum: General
Topic: "antenna gain" missing in 6.46.8?
Replies: 83
Views: 29816

Re: "antenna gain" missing in 6.46.8?

using less power than maximum allowed is not illegal. Furthermore, it is a good practice to use only as little power as needed for a stable link. Besides, I wrote this already a few posts back, routeros does not let you set too low antenna gain and throws an error (minimal antenna gain for this coun...
by xt22
Mon Apr 05, 2021 6:33 pm
Forum: Wireless Networking
Topic: LTE CAT6 modem disconnecting every 2-3 minutes
Replies: 44
Views: 24392

Re: LTE CAT6 modem disconnecting every 2-3 minutes

Tech support Mikrotik recommended me to stick tape on the back of the SIM card. So-so solution, did not try. With the SIM card of another operator, there were no breaks, the thickness is the same. Mikrotik is right, although this usually works only for a while. I had to use these https://i.ibb.co/g...
by xt22
Fri Jan 08, 2021 2:51 am
Forum: General
Topic: "antenna gain" missing in 6.46.8?
Replies: 83
Views: 29816

Re: "antenna gain" missing in 6.46.8?

The problem with unrestricted antenna gain settings is that it is possible to set it lower than actual value and the resulting EIRP is higher than allowed. So hardcoding antenna gain for "permanently attached" antennae is the correct way of doing it, the only problem is the resulting awkw...
by xt22
Mon Dec 07, 2020 11:17 pm
Forum: General
Topic: "antenna gain" missing in 6.46.8?
Replies: 83
Views: 29816

Re: "antenna gain" missing in 6.46.8?

now it gets interesting.. 6.46.8 on cAP (arm) - no antenna gain - the reason this topic was created. Now I looked at 6.46.8 RB912UAG-2HPnD (mipsbe) and... guess what? Antenna gain is there. So I tried RB2011 6.46.8 - no antenna gain. What is the logic in this? It was removed on devices with integrat...
by xt22
Sat Dec 05, 2020 1:59 am
Forum: General
Topic: "antenna gain" missing in 6.46.8?
Replies: 83
Views: 29816

Re: "antenna gain" missing in 6.46.8?

Seeing current antenna-gain value ? Use CLI: / interface wireless export verbose / interface wireless print advanced wow - i have hundreds of various RBs, but this is the first time I see the advanced option, I thought detail was for this.. thanks bpwl, man never stops learning :-) I use antenna-ga...
by xt22
Fri Dec 04, 2020 12:01 am
Forum: General
Topic: "antenna gain" missing in 6.46.8?
Replies: 83
Views: 29816

Re: "antenna gain" missing in 6.46.8?

antenna-gain is now a CLI-only parameter.
that's unfortunate :-/ How do I display it? detail does not show it, I didn't find it anywhere
by xt22
Thu Dec 03, 2020 5:31 pm
Forum: General
Topic: "antenna gain" missing in 6.46.8?
Replies: 83
Views: 29816

"antenna gain" missing in 6.46.8?

Hello,

anyone knows what happened to antenna-gain in 6.46.8 or how to make it work again? It was working in 6.45.8 and most probably in 6.45.9,
it is not in 6.46.8, the option is missing totally - both in winbox and terminal.

Image

thanks
by xt22
Tue Sep 01, 2020 10:41 pm
Forum: Wireless Networking
Topic: radar detected problems
Replies: 85
Views: 73072

Re: radar detected problems

any luck with this topic? according to Mikrotik SXT, Duga is probably back online, as I have "radars" on all available frequencies :-/ aug/31 04:04:52 wireless,info wlan1: radar detected on 5580000 aug/31 06:03:58 wireless,info wlan1: radar detected on 5640000 aug/31 06:05:00 wireless,info...
by xt22
Tue Oct 15, 2019 3:33 pm
Forum: General
Topic: Anyone has working IKEv2 vpn server on Mikrotik with ROS 6.40+?
Replies: 1
Views: 1936

Anyone has working IKEv2 vpn server on Mikrotik with ROS 6.40+?

Hello, does anyone have working IKEv2 vpn server running on ROS 6.40+, working with windows and mac? If yes, can you please post your config and ROS version? EAP is not possible for server, only for client (6.45.6, throws error "Only EAP client supported"). Certificates don't work or have ...
by xt22
Fri Aug 09, 2019 12:51 am
Forum: Announcements
Topic: v6.44.5 [long-term] is released!
Replies: 100
Views: 84794

Re: v6.44.5 [long-term] is released!

has anyone had any wireless problems with cAP (RBcAPGi-5acD2nD) and 6.44.5? After upgrading from the great 6.43.16 (I didn't know about the devices for like a year) to 6.44.5, I started to receive complaints from users. I don't see anything in logs or monitoring, but users say internet drops for a w...
by xt22
Wed Jul 24, 2019 12:22 am
Forum: General
Topic: Airprint (multicast?) problems in network
Replies: 1
Views: 1644

Airprint (multicast?) problems in network

Hello, my network is growing bigger and bigger, and I am starting to have weird problems with Airprint and sometimes even winbox connecting to mac addresses. Situation: CCR1036 router/gw/fw, connected with 10Gb SFP cable to CRS317 (all ports in bridge, works like a SFP switch), and from CRS317 two S...
by xt22
Tue Jul 23, 2019 11:50 pm
Forum: General
Topic: VLAN problem with another network [SOLVED]
Replies: 2
Views: 1308

Re: VLAN problem with another network [SOLVED]

thank you sindy. yes, I am much more familiar with tunnels of any kind (and don't like vlans in more than one switch), so I did exactly that and it works like a charm, without bothering about any other switches on the way etc. thank you
by xt22
Sun Jul 14, 2019 3:02 pm
Forum: General
Topic: VLAN problem with another network [SOLVED]
Replies: 2
Views: 1308

VLAN problem with another network [SOLVED]

Hello, I need to bridge another network within our hw, probably with VLAN, even though I have read the tutorials, wiki etc it is not very clear for me, all examples are about one router creating more VLANs. Situatuon: Our network - CCR router in main rack with CRS317 and some CRS326s, fiber uplinks ...
by xt22
Thu Jun 20, 2019 9:56 pm
Forum: General
Topic: CRS 326/328/317 two bridges HW [SOLVED]
Replies: 3
Views: 1842

Re: CRS 326/328/317 two bridges HW [SOLVED]

thank you - that's valuable information.
by xt22
Thu Jun 20, 2019 7:19 pm
Forum: General
Topic: CRS 326/328/317 two bridges HW [SOLVED]
Replies: 3
Views: 1842

CRS 326/328/317 two bridges HW [SOLVED]

Hello, I need to separate port groups in some of my switches, for example 1-16 network1, 17-24 network 2. Due to the concept of the switch, I can't create two bridges with HW offloading (I can do that on my CRS125 though). I can replace the last 8 ports with $30 cisco/linksys 8p switch running at wi...
by xt22
Fri May 31, 2019 6:14 pm
Forum: RouterBOARD hardware
Topic: CCR1036 memory upgrade question
Replies: 31
Views: 23308

Re: CCR1036 memory upgrade question

Going back to the memory upgrade question - be careful now and don't make the same mistake I did, there are no RAM slots in new revision, so no upgrade is possible without soldering. In my country I'd have to wait 2 weeks for the EM version, of course I needed the unit asap so I bought the 4GB one a...
by xt22
Sun May 12, 2019 3:26 pm
Forum: Scripting
Topic: read file size [SOLVED]
Replies: 9
Views: 4020

Re: read file size [SOLVED]

Well but I do netwatch logging all the time! /tool netwatch add down-script="/log warning message=\"x.x.x.x is down\"" host=x.x.x.x up-script="/log info message=\"x.x.x.x is up\"" This writes the message to the log with tags "script, warning" or &qu...
by xt22
Thu May 02, 2019 2:34 am
Forum: Scripting
Topic: read file size [SOLVED]
Replies: 9
Views: 4020

Re: read file size [SOLVED]

So this i a 100% closed network for some system that are not near any form for internet connection? It may be a solution to setup a server with two network card. One interface connected to the closed network and one to some internet. Then it may use resylog to forward syslog messages. But this many...
by xt22
Sun Apr 28, 2019 8:36 pm
Forum: Scripting
Topic: read file size [SOLVED]
Replies: 9
Views: 4020

Re: read file size [SOLVED]

jotne: hmm, even though not all of our routers are able to reach internet, it is very interesting project and I'll take a look at Splunk - I didn't even know something like this existed. pe1chl: I am not really fan of this word playing, I know how the variable limit works and that's why I wrote &quo...
by xt22
Sat Apr 27, 2019 1:31 am
Forum: Scripting
Topic: read file size [SOLVED]
Replies: 9
Views: 4020

read file size [SOLVED]

Hello, I have a netwatch script writing log to a file, and I often hit the prehistoric 4096B limit for file/variable. It seems there is no workaround for this, so I need to read the filesize and deal with it some other way (creating new file if filesize>4000, removing some entries at the beginning e...
by xt22
Sun Jan 20, 2019 6:59 pm
Forum: General
Topic: MIMO, chains
Replies: 3
Views: 1669

MIMO, chains

Hello, I have many mikrotik APs, mostly RB2011s, cAPs, RB912Uis. I have changed 802.11b/g to 802.11only-n, and I'm not sure what is the best MIMO setting for AP. I have read articles about MIMO, SIMO, MISO etc, 2x2, 3x3, I also want to buy the new RB4011 with 4x4... What is the best setup? Is it bet...
by xt22
Fri Nov 30, 2018 1:52 am
Forum: General
Topic: wifi showing OS version to scanner
Replies: 3
Views: 1314

Re: wifi showing OS version to scanner

hmm.. it is bad surprise that there is no option to disable this :-/
by xt22
Fri Nov 30, 2018 1:45 am
Forum: Wireless Networking
Topic: Removing Mikrotik elements from beacons
Replies: 15
Views: 6164

Re: Removing Mikrotik elements from beacons

agree. +1
by xt22
Thu Nov 29, 2018 6:10 pm
Forum: General
Topic: wifi showing OS version to scanner
Replies: 3
Views: 1314

wifi showing OS version to scanner

Hello, today when I ran wireless scanner on my MT, I saw ROS versions on all my other MTs in range. I disabled in Mac Server and Neighbor discovery interfaces on those MTs, but ROS version is still showing. How do I disable this security hole? I don't want to broadcast any info to the air... https:/...
by xt22
Tue Nov 13, 2018 2:47 pm
Forum: General
Topic: PPPoE dsl bug 6.43.4, 6.40.9? Disconnecting every 3-5 mins [SOLVED]
Replies: 4
Views: 2959

Re: PPPoE dsl bug 6.43.4, 6.40.9? Disconnecting every 3-5 mins [SOLVED]

yes, I did. Although it is probably not related to MT after all, it seems our provider changed something that made vdsl modems in bridge mode reconnect every few minutes. When they are set to normal routing mode, they work fine - this is probably the reason why their stupid helpdesk swore it cannot ...
by xt22
Mon Oct 29, 2018 12:23 pm
Forum: General
Topic: Multiple CA Certificates for OpenVPN
Replies: 3
Views: 2097

Re: Multiple CA Certificates for OpenVPN

I wanted to ask the exactly same question now, so I'm rather bumping this up - is it possible to hawe two CAs? For the same reason - to slowly update from old MD5 certs to new ones?
by xt22
Thu Oct 25, 2018 2:50 pm
Forum: General
Topic: PPPoE dsl bug 6.43.4, 6.40.9? Disconnecting every 3-5 mins [SOLVED]
Replies: 4
Views: 2959

PPPoE dsl bug 6.43.4, 6.40.9? Disconnecting every 3-5 mins [SOLVED]

Hello, I have a problem with Mikrotiks over vdsl/adsl lines - it keeps disconnecting every 3-5 minutes. Modem is in bridge mode, mikrotik has set pppoe: 26 R name="pppoe-out1" type="pppoe-out" mtu=1480 actual-mtu=1480 fast-path=yes last-link-down-time=oct/25/2018 13:07:36 last-li...
by xt22
Fri Oct 19, 2018 12:36 pm
Forum: General
Topic: Feature Request: OpenVPN [ovpn] udp tunnels
Replies: 249
Views: 139046

Re: Feature Request: OpenVPN [ovpn] udp tunnels

Instead, pay them to implement the suggestion in message https://forum.mikrotik.com/viewtopic.php?p=692031#p692031 That will serve a lot of other purposes on CCR. Although I agree, I believe that would take some serious time. I don't get the point of not implementing already finished UDP support an...
by xt22
Thu Oct 18, 2018 4:58 pm
Forum: General
Topic: Feature Request: OpenVPN [ovpn] udp tunnels
Replies: 249
Views: 139046

Re: Feature Request: OpenVPN [ovpn] udp tunnels

+1 for UDP.

Damn, take 10% of my payments to you for routers and hire a programmer for 6 months to do this (he'll implement it in a few weeks and work for you for the remaining 5 months) :-/ It is so annoying to have CCRs with speed of RB750 running openvpn via TCP..
by xt22
Wed Oct 17, 2018 1:42 pm
Forum: General
Topic: Bandwidth test on public ip
Replies: 0
Views: 2505

Bandwidth test on public ip

Hello, I have two routers (both 6.40.8, I tried also 6.42.9) with two public ips, want to test bandwidth but I can't make the damn thing work, it keeps saying can't connect. No matter if I select TCP, UDP, with or without authentication.. Mikrotik does not say anything specific about ports to open i...
by xt22
Mon Jul 30, 2018 7:26 pm
Forum: General
Topic: LCD option missing in winbox for RB2011 r2
Replies: 1
Views: 1057

LCD option missing in winbox for RB2011 r2

I wrote it already to the 6.40.8 thread https://forum.mikrotik.com/viewtopic.php?f=21&t=133585&p=676233#p676233 , but with no response. I don't know if this problem is ROS or winbox related - has anyone seen/solved it too? ---------- There is probably a winbox (ROS?) bug in 3.11 and 3.16 wit...
by xt22
Wed Jul 25, 2018 8:38 pm
Forum: Announcements
Topic: v6.40.8 [bugfix] is released!
Replies: 35
Views: 37659

Re: v6.40.8 [bugfix] is released!

There is probably a winbox (ROS?) bug in 3.11 and 3.16 with the new RB2011UiAS-2HnD r2 - LCD option is missing. ROS 6.40.8, Winbox 3.11 & 3.16. RB2011UiAS-2HnD does have the option, the new RB2011UiAS-2HnD r2 does not. LCD setting in terminal works, LCD itself too. https://i.imgur.com/f0H7MCm.png
by xt22
Mon Jun 18, 2018 11:47 pm
Forum: General
Topic: ipsec tunnel working in 6.37.5, not working in 6.40.8
Replies: 12
Views: 5419

Re: ipsec tunnel working in 6.37.5, not working in 6.40.8

Hi Pasarelli, yes, it has public ip, so it indeed has FILTER and NAT set. But the remote ip is completely allowed, the rule is right after accept related-established and drop-invalid. filter: 5 chain=input action=accept connection-state=established in-interface=ether1 log-prefix="" 6 chain...
by xt22
Mon Jun 18, 2018 11:14 pm
Forum: General
Topic: ipsec tunnel working in 6.37.5, not working in 6.40.8
Replies: 12
Views: 5419

Re: ipsec tunnel working in 6.37.5, not working in 6.40.8

well, I probably can do that, I have enough CCRs and tons of RB2011s I can use for testing. I can create a working tunnel with two 6.37.5, and then upgrade on of them and see - i probably can even indentify the first version that broke this by upgrading to all the versions between 6.37.5 -- 6.40.8. ...
by xt22
Mon Jun 18, 2018 6:45 pm
Forum: General
Topic: ipsec tunnel working in 6.37.5, not working in 6.40.8
Replies: 12
Views: 5419

Re: ipsec tunnel working in 6.37.5, not working in 6.40.8

the default proposal is disabled, I would have removed it but I can't - it says something like "cannot remove ipsec policy (default)". I have already tried to set and enable the default proposal (sha1, aes-256 cbc like the used proposal), but it has no effect (it is in the last part of my ...
by xt22
Mon Jun 18, 2018 1:44 am
Forum: General
Topic: ipsec tunnel working in 6.37.5, not working in 6.40.8
Replies: 12
Views: 5419

Re: ipsec tunnel working in 6.37.5, not working in 6.40.8

Hello Sindy, thank you for a very complex debug post. I made a test machine from one of my RB2011, compared the ipsec settings and it seems the ah-esp parameter is the only important thing changed. Differences between configs i found so far: /ip ipsec 6.40.8 (compared to working 6.37.5) ip ipsec pee...
by xt22
Thu Jun 14, 2018 6:08 pm
Forum: General
Topic: ipsec tunnel working in 6.37.5, not working in 6.40.8
Replies: 12
Views: 5419

ipsec tunnel working in 6.37.5, not working in 6.40.8

Hello, I have RB1200 in a company connecting to another location via ipsec tunnel, working well. After the vpnfilter etc bugs, I decided to upgrade to last bugfix release 6.40.8, and it completely broke the tunnel - although I am pretty sure I saw something like "established" in ipsec - re...
by xt22
Tue Mar 20, 2018 2:50 pm
Forum: General
Topic: OpenVPN SHA256 + UDP
Replies: 67
Views: 48179

Re: OpenVPN SHA256 + UDP

+1 for SHA256 :( And UDP also, tcp openvpn from california to rb in europe is slow and laggy, good old l2tp/ipsec on the same machines is more than 10x faster //edit - After the new openvpn TLSv1.2 update - what TLS does mikrotik openvpn server use? Is it possible to force usage of TLSv1.2 only? (--...
by xt22
Wed Feb 21, 2018 3:23 pm
Forum: General
Topic: Bandwidth limiting - working limit-at
Replies: 7
Views: 7973

Re: Bandwidth limiting - working limit-at

ok, so I took four RB2011 and did some more bandwidth testing, it gets interesting. I changed the chain to prerouting with no effect, speeds are still like 176/6, 150/40 - far from 100/100. But the CPU usage was >90%, so I tested it with max-limit 50M and limit-at 25M - it seems working much better,...
by xt22
Wed Feb 21, 2018 2:17 pm
Forum: General
Topic: Bandwidth limiting - working limit-at
Replies: 7
Views: 7973

Re: Bandwidth limiting - working limit-at

I know it should work this way, I tried it and even posted this config in my post, but it does not. The cuplrit may be the the forward chain in my mangle rules (instead of prerouting) - I don't know how big influence can this have, in the packet flow diagram all chains are before HTB, so it should w...
by xt22
Tue Feb 20, 2018 2:06 pm
Forum: General
Topic: Bandwidth limiting - working limit-at
Replies: 7
Views: 7973

Bandwidth limiting - working limit-at

Hello, I want to setup bandwidth limiting with working limit-ats, not wasting usable bandwidth etc, but it never works for me as expected. I have read the articles at the wiki, pcq, htb examples etc, but I just can't get it working. I use mangle and queue trees to set bandwidth for ips or ranges, it...
by xt22
Tue Nov 14, 2017 1:08 pm
Forum: General
Topic: How to export firewall stats [SOLVED]
Replies: 3
Views: 1715

Re: How to export firewall stats [SOLVED]

damn, I am dumb :-) thank you mrz
by xt22
Mon Nov 13, 2017 6:56 pm
Forum: General
Topic: How to export firewall stats [SOLVED]
Replies: 3
Views: 1715

How to export firewall stats [SOLVED]

Hello, how do I export firewall filter statistics? /ip firewall filter print stats - prints stats /ip firewall filter export file=xx - exports filter rules but how do I export the stats? None of these work /ip firewall filter stats export file=xx /ip firewall filter export stats file=xx /ip firewall...
by xt22
Mon Sep 25, 2017 6:15 pm
Forum: General
Topic: queue tree - how to split bandwidth and enable borrows and lends of unused bandwidth
Replies: 1
Views: 1265

queue tree - how to split bandwidth and enable borrows and lends of unused bandwidth

Hello, I am using queue trees (marking packets via mangle), and it works like a charm, shaping works well and accurate. But now, I wand to enable using the unused bandwidth - I believe mikrotik calls this borrows and lends here https://wiki.mikrotik.com/wiki/Manual:Queue : borrows (read-only/read-on...
by xt22
Fri Aug 04, 2017 1:30 pm
Forum: Announcements
Topic: v6.38.7 [bugfix] is released!
Replies: 24
Views: 27067

Re: v6.38.7 [bugfix] is released!

Hello, in 6.38.7, my pcie LTE Huawei ME909u-521 stopped working. I get public ip from the LTE interface, dynamic route gets created with providers gateway, but I can ping neither it, nor google at 8.8.8.8. 6.36.4, 6.38.5, 6.39.1 are all ok (on the same RB). Tested on two RB912UAG-2HPnD, latest fw. A...
by xt22
Sun Dec 04, 2016 9:57 pm
Forum: General
Topic: Excessive memory usage - ovpn server
Replies: 2
Views: 1247

Re: Excessive memory usage - ovpn server

either 300 or 1000 lines.

But the RB is probably frozen and not replying any more - probably the watchdog restart wasn't fast enough.

Unfortunately it is not in my office, so I need to ride all the way to the place and restart it :-/

Hopefully I'll get there this week
by xt22
Fri Dec 02, 2016 1:14 pm
Forum: General
Topic: Excessive memory usage - ovpn server
Replies: 2
Views: 1247

Excessive memory usage - ovpn server

Hello, I have a problem with one of my RB2011 - something is constantly eating up RAM, rb crashes and forces a restart. It has plenty of RAM (128 MB), and it acts only as OpenVPN server, for approx. 20 connections. There is no shaping, mangle etc, very low traffic.. I have like 40 of RB2011s, some r...
by xt22
Mon Dec 21, 2015 5:55 pm
Forum: General
Topic: Remote access to ROS withous public ip
Replies: 13
Views: 2646

Re: Remote access to ROS withous public ip

ZeroByte> man, you rule!! I had almost everything set the way you do (except small differences like the pool instead of fixed ips, etc), but the problem was probably the route on clients.. I'd swear I tried this route... strange, maybe I tried it on the server side.. Again, big thanks! It works, I'l...
by xt22
Fri Dec 18, 2015 6:46 pm
Forum: General
Topic: Remote access to ROS withous public ip
Replies: 13
Views: 2646

Re: Remote access to ROS withous public ip

on the openvpn server, I have a bridge - local eth + wifi, and when I add to it my computer with vpn client and all the RB's openvpn clients (so they all are in one bridge), I can connect via ssh or winbox to any of them. When i switch it on both sides to tun (called ip in RBs), I can't connect to a...
by xt22
Fri Dec 18, 2015 4:57 pm
Forum: General
Topic: Remote access to ROS withous public ip
Replies: 13
Views: 2646

Re: Remote access to ROS withous public ip

I have finally measured the data, I'm posting it so the post is more accurate and finally with the data - for anyone reading it later. RBs, connected to another RB with public ip, using openvpn, rsa 1024 bit. tap - approx. 160 kB/10 minutes - 960 kB per hour tun - approx. 10 kB/10 minutes - 60 kB pe...
by xt22
Mon Oct 19, 2015 12:20 pm
Forum: General
Topic: Counter for transferred data per user
Replies: 8
Views: 2166

Re: Counter for transferred data per user

no, I don't want any logins - there are printers on the network etc - the device must work even when I'm not available.

I'll try the simple queues and see, hope my RB912 doesn't burn :)
by xt22
Sun Oct 18, 2015 8:47 pm
Forum: General
Topic: Remote access to ROS withous public ip
Replies: 13
Views: 2646

Re: Remote access to ROS withous public ip

thanks, both of you. I just wasn't sure about keeping the vpn all the time running, but I'll give it a try and write here the results for anybody's future reference.

good point with the SSTP and 443 pukkita
by xt22
Sun Oct 18, 2015 6:36 pm
Forum: General
Topic: Remote access to ROS withous public ip
Replies: 13
Views: 2646

Re: Remote access to ROS withous public ip

I can and I will have to, although I'd like to hear other people's experience, this doesn't seem to me like a very uncommon task, many people must have dealt with something similar to this
by xt22
Sun Oct 18, 2015 6:28 pm
Forum: General
Topic: Counter for transferred data per user
Replies: 8
Views: 2166

Re: Counter for transferred data per user

too bad, although it looked very promising :( I made the hotspot with one admin user, ant set-up walled garden. Users can connect without password, surf the internet, and I can see their MAC and ip addresses under the hosts column, even with their TX/RX and Bytes-in, Bytes-Out.. great!! Unfortunatel...
by xt22
Sun Oct 18, 2015 5:05 pm
Forum: General
Topic: Counter for transferred data per user
Replies: 8
Views: 2166

Re: Counter for transferred data per user

Jarda: good point.. although it means to create 200 simple queues (for the whole dhcp range), although the real number of clients will be max 50. Should I expect any performance problems on RB912UAG with 200x simple queue + graphs? chechito: I am unable to connect to the router, so I need to get the...
by xt22
Fri Oct 16, 2015 5:19 pm
Forum: General
Topic: Remote access to ROS withous public ip
Replies: 13
Views: 2646

Re: Remote access to ROS withous public ip

the connection may drop to gprs, there is a limit for monthly transferred data.. I don't know what is the vpn overhead traffic consumption for the tunnel itself - keepalive packets etc.. it probably is not much, but the device may be online 24hrs/day for the whole month... It won't really be a tunne...
by xt22
Fri Oct 16, 2015 4:47 pm
Forum: General
Topic: Counter for transferred data per user
Replies: 8
Views: 2166

Counter for transferred data per user

Hello, I would like to know how much data was transferred by every user (per ip, MAC, etc) - is it possible to have some counter like this? Traffic flow is great, but it is realtime, I'd like something like the counter for interfaces, etc. I know that when i mangle packets, I can see the transferred...
by xt22
Fri Oct 16, 2015 4:38 pm
Forum: General
Topic: Remote access to ROS withous public ip
Replies: 13
Views: 2646

Remote access to ROS withous public ip

Hello, I have some mikrotiks used for internet backups via LTE, but I'd like to be able to connect to them somehow remotely and see the traffic etc - we have problems with dumb users eating bandwidth when using HD youtube as a radio fot the whole day etc, and even for some re-settings I'd love to do...
by xt22
Thu Jul 16, 2015 5:41 pm
Forum: Beginner Basics
Topic: How to type question mark?
Replies: 1
Views: 1355

How to type question mark?

Hello, sorry for this pretty stupid question, but I tried almost everything and I didn't find any info.. How can I type question mark ( ? ) in winbox? Some help window always jumps out instead of typing ?, I thought it is some winbox thing, but it's the same even with ssh.. It seems to me that it wo...
by xt22
Tue Jul 14, 2015 1:57 pm
Forum: General
Topic: Known issues and bugs - a list
Replies: 284
Views: 170935

Re: Known issues and bugs - a list

Issue: LTE interface - when anything is entered in modem-init, it cannot be set to empty/unset Description : tested on: RB912UAG-2HPnD + Huawei ME909s-120 Versions affected: 6.30 (tested on this) How to reproduce: on factory resetted system, with lte1 in interfaces: - enter anything to modem-init (...