MikroTik

Pea

Other option would be to setup different SSID for 5GHz. And never connect phone to your 2.4GHz

Pea

redirect - replaces destination port of an IP packet to one specified by to-ports parameter and destination address to one of the router's local addresses

Pea

The 802.11n prohibits using high throughput with WEP or TKIP as the unicast cipher. If you use these encryption methods (for example, WEP, WPA-TKIP), your data rate will drop to 54 Mbps.
Use only WPA2-AES for full 802.11n speed.

Pea

For standard home use you can remove safely all files and folders from File List
(flash folder cannot be removed but all sub folders yes)

Pea

There should be <1ms for ping even over wifi. What are you getting?

Pea

try to reboot first to clean some memory...

Pea

When processing a chain, rules are taken from the chain in the order they are listed there from top to bottom. If a packet matches the criteria of the rule, then the specified action is performed on it, and no more rules are processed in that chain (the exception is the passthrough action). If a pac...

Pea

Separate configs are for various devices you want to manage from CAPsMAN. Then you push the correct config to the device. E.g. 2,4GHz only config to older 2,4GHz only CAP.
If all your CAP devices support the same standards you can have only one config.

Pea

Hi, this file should answer your questions about CAPsMAN VirtualAP Setup, Dual Band CAP, CAPsMAN and CAP in one board:
https://mum.mikrotik.com/presentations/BR14/Uldis.pdf
(little outdated, November 2014, but still nice explaining)

Pea

Use latest version of RouterOS.
The wireless-fp was long time ago replaced by standard wireless package which is included.

Pea

Use Long term or Stable:
https://wiki.mikrotik.com/wiki/Manual:U ... _numbering

Pea

Yes but this is likely not going to happen for home use

Therefore it is IMHO useless at the end.

Pea

This is not the best example.
Why those rules open udp port 69 (TFTP)?
Also there is defined address list which won't be used later (the rule is after general drop)...

Pea

This simplification should explain the difference: Reject : someone comes to your address and try to open door of your house, but you tell him that it is well locked Drop : someone comes to your address but there is no house or door to open and he gives up after while (timeout) It is up to you what ...

Pea

I am surprised that there was no default firewall. I really thought you removed it

I am sorry.
And I am happy that you fixed it for your needs.

Pea

But you can dual boot to RouterOS on this CRS and this should have default firewall. If not then it would be good idea to add it

Pea

it scared the hell out of me!!!

Yes, you do inappropriate configuration changes. Scary.
Study some basics about firewall and fix it.
If you don't want to study then reset your router to default to get firewall back.

Pea

If this is a mobile device on your hotspot then this is rather normal, isn't it? Just a battery savings and therefore wifi switch off temporary on the mobile device.
Why do you think this is a problem?

Pea

As mentioned by Normis they sell them as single units.
You can buy one or two or... 8 or... 1000 or even more

Pea

There is better way than drop selectively not used ports:
1) accept only what you need
2) reject/drop everything else
That's it.

Pea

Disable DHCP server, put all ports to bridge, add DHCP client on bridge, modify firewall and nat.
It should work then.

Pea

You re mixing RouteOS update and Firmware upgrade. These are 2 different things.
Press the Download&Install button in Check For Updates window to update RouterOS.
After reboot you can press Upgrade button in Routerboard window to upgrade also the firmware.

Pea

This is what I do. If you use Mikrotik DHCP server just make static DHCP lease for MAC address of iPad from Santa, then dstnat its DNS queries to e.g. OpenDNS FamilyShield: /ip dhcp-server lease add address=10.0.0.123 mac-address=AA:BB:CC:DD:EE:FF /ip firewall nat add action=dst-nat chain=dstnat dst...

Pea

There will be RouterOS so many possibilities for setup are expected. It should be possible to simply disable wifi interface if not needed.

Pea

Not available yet, search for PL7411-2nD: The PWR-LINE AP is a wireless access point with a single Ethernet port , a built-in 802.11b/g/n WiFi radio and capability to connect to other PWR-LINE devices through the electrical lines in your premises. Details and pictures: https://i.mt.lv/cdn/rb_files/P...

Pea

I will also share positive update results:
hAP ac, hAP ac lite, hAP ac², hAP lite, RB951
All fine, no problem.

Pea

Is your SSID unique?
Or do you use something common as "Internet" or "wifi"? Then many devices will try to connect when they know this SSID.

Pea

According to this shop PL7411-2nD will come 12.12.2018: https://www.wifihw.cz/default.asp?cls=stoitem&stiid=4329 Product code: PL7411-2nD CPU: QCA9533 CPU: nominal frequency 650 MHz PLC chipset: AR7420 Size of RAM: 64 MB Memory: 16 MB Flash 10/100 Ethernet ports: 1 Wireless Built-in: 2.4 GHz 802.11b...

Pea

What is the correct and clean procedure to update from main package to separate packages?
Just upload needed separate packages only of higher version and reboot?

Pea

https://wiki.mikrotik.com/wiki/Manual:System/File Warning: If device has a directory named "flash" in its file list, then files which you want to be kept after system reboot/power cycle must be stored within it. As anything outside of it is kept within a RAM disk and will be lost upon reboot. Note: ...

Pea

Check the channel, some devices do not see 2.4g wifi channel 13 (e.g. Kindle Paperwhite)

Pea

Hi, did you noticed this warning? :) /system note set note="DEVICE HACKED - ACCOUNT admin HAD UNSAFE PASSWORD" and this is not your code, right? /system scheduler add interval=1d name=Auto113 on-event="/system reboot" policy=\ ftp,reboot,read,write,policy,test,password,sniff,sensitive start-date=\ o...

Pea

https://wiki.mikrotik.com/wiki/Manual:IP/Fasttrack Packet marking for fast processing. Warning: Queues (except Queue Trees parented to interfaces), firewall filter and mangle rules will not be applied for FastTracked traffic. Make exception in your Fasttrack firewall rule for the IP where you want t...

Pea

I am just curious why you still try to use "Use Peer NTP" from your ISP while you know it is not working?

And did you try to contact your ISP to fix his DHCP NTP address setup?

Pea

still cant change any user names.
introduced in 6.43.0

viewtopic.php?f=2&t=139091

Pea

This link may help you to find suitable emoji:
https://unicode.org/emoji/charts/emoji-list.html
https://unicode.org/emoji/charts/full-emoji-list.html

/interface wireless set [find] ssid="\F0\9F\92\A3\F0\9F\92\A9"

Pea

flynno: https://wiki.mikrotik.com/wiki/Manual:S ... our_Router

Pea

Just start reading!

[time=1535139686 user_id=118648]
how fix this please help me !
1. Please don't put questions not related to a specific release into the release topic, make new topic!
2. You are killing your router by Sector Writes, maybe logging on disc? Check your config, stop it!

Pea

how fix this please help me ! 1. Please don't put questions not related to a specific release into the release topic 2. You are killing your router by Sector Writes, maybe logging on disc? Check your config, stop it! :) 3. You can try netinstall, helped me to recover bad blocks, just give it a try

Pea

And this is how to use the button with scripting:
https://wiki.mikrotik.com/wiki/Manual:R ... ode_button

Pea

When will be available PWR-Line AP announced in April 2018?

Pea

The same here, but no complain

version: 6.42.6 (stable)
factory-software: 6.42.3
free-memory: 205.3MiB
total-memory: 233.2MiB

board-name: hAP ac^2
model: RBD52G-5HacD2HnD

Pea

Yes, this is all fine.
The firmware version increases (synchronize) now with ROS version. Even there is no update in the firmware.
(I do not know the reason why MikroTik made this change)

Pea

port 53

Search for DNS Amplification
And fix your firewall on input chain!

Pea

Currently you are running current-firmware 3.24.
You should upgrade to upgrade-firmware 6.42.6.

Pea

So what about version 6.40.8, is vulnerable or not? Could somebody from Mikrotik finally confirm it? Bugfix release tree Release 6.40.8 2018-04-24 What's new in 6.40.8 (2018-Apr-23 11:34): !) winbox - fixed vulnerability that allowed to gain access to an unsecured router; https://mikrotik.com/downl...

Pea

Yes, last bugfix 6.40.8 is fine (+ change your passwords after upgrading, restore your configuration and inspect it for unknown settings, implement a good firewall)

What's new in 6.40.8 (2018-Apr-23 11:34):
!) winbox - fixed vulnerability that allowed to gain access to an unsecured router

Pea

Did you change all your passwords after update?

Pea

You are running vulnerable version, so no surprise that someone can change your settings when they can get all your usernames and passwords.
It was mentioned in this topic, upgrade, change passwords, add firewall...
viewtopic.php?f=21&t=133533

Pea

This is what I do, working perfectly: Add static DHCP leases Create firewall FamilyShield list for required static IP addresses Add 2 dst-nat rules for the FamilyShield list to the OpenDNS address 8) /ip dhcp-server lease add address=10.0.0.xx comment="FamilyShield" mac-address=xx:xx:xx:xx:xx:xx ser...

Search found 132 matches