Community discussions

Search found 132 matches

by Pea
Fri Jan 18, 2019 4:58 pm
Forum: Wireless Networking
Topic: android devices chooses 2.4Ghz over 5Ghz on hAP ac^2
Replies: 5
Views: 185

Re: android devices chooses 2.4Ghz over 5Ghz on hAP ac^2

Other option would be to setup different SSID for 5GHz. And never connect phone to your 2.4GHz :)
by Pea
Wed Jan 16, 2019 12:42 am
Forum: Beginner Basics
Topic: Recommended DNS Approach.
Replies: 4
Views: 195

Re: Recommended DNS Approach.

redirect - replaces destination port of an IP packet to one specified by to-ports parameter and destination address to one of the router's local addresses
by Pea
Mon Jan 14, 2019 9:30 pm
Forum: Wireless Networking
Topic: CAPsMAN issue's
Replies: 9
Views: 422

Re: CAPsMAN issue's

The 802.11n prohibits using high throughput with WEP or TKIP as the unicast cipher. If you use these encryption methods (for example, WEP, WPA-TKIP), your data rate will drop to 54 Mbps.
Use only WPA2-AES for full 802.11n speed.
by Pea
Fri Jan 11, 2019 2:10 pm
Forum: RouterBOARD hardware
Topic: hap lite not enough space for update [SOLVED]
Replies: 16
Views: 651

Re: hap lite not enough space for update [SOLVED]

For standard home use you can remove safely all files and folders from File List
(flash folder cannot be removed but all sub folders yes)
by Pea
Thu Jan 10, 2019 7:40 pm
Forum: Wireless Networking
Topic: High ping to router HAP AC2
Replies: 19
Views: 562

Re: High ping to router HAP AC2

There should be <1ms for ping even over wifi. What are you getting?
by Pea
Thu Jan 10, 2019 7:33 pm
Forum: RouterBOARD hardware
Topic: hap lite not enough space for update [SOLVED]
Replies: 16
Views: 651

Re: hap lite not enough space for update [SOLVED]

try to reboot first to clean some memory...
by Pea
Mon Jan 07, 2019 12:47 am
Forum: Beginner Basics
Topic: chain -> input action -> drop [SOLVED]
Replies: 6
Views: 264

Re: chain -> input action -> drop

When processing a chain, rules are taken from the chain in the order they are listed there from top to bottom. If a packet matches the criteria of the rule, then the specified action is performed on it, and no more rules are processed in that chain (the exception is the passthrough action). If a pac...
by Pea
Sun Jan 06, 2019 10:03 am
Forum: RouterBOARD hardware
Topic: RB951G-2HnD Already in use, got hap ac2, what now?
Replies: 11
Views: 392

Re: RB951G-2HnD Already in use, got hap ac2, what now?

Separate configs are for various devices you want to manage from CAPsMAN. Then you push the correct config to the device. E.g. 2,4GHz only config to older 2,4GHz only CAP.
If all your CAP devices support the same standards you can have only one config.
by Pea
Sat Jan 05, 2019 10:02 pm
Forum: RouterBOARD hardware
Topic: RB951G-2HnD Already in use, got hap ac2, what now?
Replies: 11
Views: 392

Re: RB951G-2HnD Already in use, got hap ac2, what now?

Hi, this file should answer your questions about CAPsMAN VirtualAP Setup, Dual Band CAP, CAPsMAN and CAP in one board:
https://mum.mikrotik.com/presentations/BR14/Uldis.pdf
(little outdated, November 2014, but still nice explaining)
by Pea
Sat Jan 05, 2019 10:25 am
Forum: Wireless Networking
Topic: how to download wireless-fp package?
Replies: 3
Views: 157

Re: how to download wireless-fp package?

Use latest version of RouterOS.
The wireless-fp was long time ago replaced by standard wireless package which is included.
by Pea
Wed Jan 02, 2019 12:25 am
Forum: General
Topic: Has this remote ROOT exploit been patched??
Replies: 22
Views: 985

Re: Has this remote ROOT exploit been patched??

Yes but this is likely not going to happen for home use :) Therefore it is IMHO useless at the end.
by Pea
Tue Jan 01, 2019 7:55 pm
Forum: General
Topic: Has this remote ROOT exploit been patched??
Replies: 22
Views: 985

Re: Has this remote ROOT exploit been patched??

This is not the best example.
Why those rules open udp port 69 (TFTP)?
Also there is defined address list which won't be used later (the rule is after general drop)...
by Pea
Mon Dec 31, 2018 5:32 pm
Forum: General
Topic: under attack in port 32231? - help
Replies: 25
Views: 1088

Re: under attack in port 32231? - help

This simplification should explain the difference: Reject : someone comes to your address and try to open door of your house, but you tell him that it is well locked Drop : someone comes to your address but there is no house or door to open and he gives up after while (timeout) It is up to you what ...
by Pea
Mon Dec 31, 2018 9:23 am
Forum: General
Topic: Has this remote ROOT exploit been patched??
Replies: 22
Views: 985

Re: Has this remote ROOT exploit been patched??

I am surprised that there was no default firewall. I really thought you removed it :) I am sorry.
And I am happy that you fixed it for your needs.
by Pea
Mon Dec 31, 2018 12:13 am
Forum: General
Topic: Has this remote ROOT exploit been patched??
Replies: 22
Views: 985

Re: Has this remote ROOT exploit been patched??

But you can dual boot to RouterOS on this CRS and this should have default firewall. If not then it would be good idea to add it :)
by Pea
Sun Dec 30, 2018 1:10 pm
Forum: General
Topic: Has this remote ROOT exploit been patched??
Replies: 22
Views: 985

Re: Has this remote ROOT exploit been patched??

it scared the hell out of me!!!
Yes, you do inappropriate configuration changes. Scary.
Study some basics about firewall and fix it.
If you don't want to study then reset your router to default to get firewall back.
by Pea
Sat Dec 29, 2018 12:28 am
Forum: General
Topic: RB951Ui WiFi stations sending station leaving
Replies: 3
Views: 180

Re: RB951Ui WiFi stations sending station leaving

If this is a mobile device on your hotspot then this is rather normal, isn't it? Just a battery savings and therefore wifi switch off temporary on the mobile device.
Why do you think this is a problem?
by Pea
Fri Dec 28, 2018 6:40 pm
Forum: Wireless Networking
Topic: PWR-Line AP request for comment
Replies: 16
Views: 957

Re: PWR-Line AP request for comment

As mentioned by Normis they sell them as single units.
You can buy one or two or... 8 or... 1000 or even more :)
by Pea
Fri Dec 28, 2018 1:28 pm
Forum: General
Topic: under attack in port 32231? - help
Replies: 25
Views: 1088

Re: under attack in port 32231? - help

There is better way than drop selectively not used ports:
1) accept only what you need
2) reject/drop everything else
That's it.
by Pea
Tue Dec 25, 2018 6:14 pm
Forum: Beginner Basics
Topic: HapAC2 as simple access point
Replies: 7
Views: 429

Re: HapAC2 as simple access point

Disable DHCP server, put all ports to bridge, add DHCP client on bridge, modify firewall and nat.
It should work then.
by Pea
Fri Dec 21, 2018 6:19 pm
Forum: General
Topic: hAP Ac loops into no update. - UPDATE: bricked unit
Replies: 4
Views: 220

Re: hAP Ac loops into no update.

You re mixing RouteOS update and Firmware upgrade. These are 2 different things.
Press the Download&Install button in Check For Updates window to update RouterOS.
After reboot you can press Upgrade button in Routerboard window to upgrade also the firmware.
by Pea
Sat Dec 15, 2018 12:01 am
Forum: Beginner Basics
Topic: Web filter for Childs
Replies: 7
Views: 452

Re: Web filter for Childs

This is what I do. If you use Mikrotik DHCP server just make static DHCP lease for MAC address of iPad from Santa, then dstnat its DNS queries to e.g. OpenDNS FamilyShield: /ip dhcp-server lease add address=10.0.0.123 mac-address=AA:BB:CC:DD:EE:FF /ip firewall nat add action=dst-nat chain=dstnat dst...
by Pea
Wed Dec 12, 2018 8:23 am
Forum: General
Topic: PWR-Line AP
Replies: 31
Views: 4163

Re: PWR-Line AP

There will be RouterOS so many possibilities for setup are expected. It should be possible to simply disable wifi interface if not needed.
by Pea
Mon Dec 10, 2018 9:51 pm
Forum: Wireless Networking
Topic: PWR-Line AP request for comment
Replies: 16
Views: 957

Re: PWR-Line AP request for comment

Not available yet, search for PL7411-2nD: The PWR-LINE AP is a wireless access point with a single Ethernet port , a built-in 802.11b/g/n WiFi radio and capability to connect to other PWR-LINE devices through the electrical lines in your premises. Details and pictures: https://i.mt.lv/cdn/rb_files/P...
by Pea
Wed Dec 05, 2018 9:16 pm
Forum: Announcements
Topic: v6.43.7 [stable] is released!
Replies: 53
Views: 8601

Re: v6.43.7 [stable] is released!

I will also share positive update results:
hAP ac, hAP ac lite, hAP ac², hAP lite, RB951
All fine, no problem.
by Pea
Wed Dec 05, 2018 1:39 am
Forum: Wireless Networking
Topic: hAPac2 wifi issue [SOLVED]
Replies: 6
Views: 552

Re: hAPac2 wifi issue [SOLVED]

Is your SSID unique?
Or do you use something common as "Internet" or "wifi"? Then many devices will try to connect when they know this SSID.
by Pea
Sat Dec 01, 2018 1:35 am
Forum: General
Topic: PWR-Line AP
Replies: 31
Views: 4163

Re: PWR-Line AP

According to this shop PL7411-2nD will come 12.12.2018: https://www.wifihw.cz/default.asp?cls=stoitem&stiid=4329 Product code: PL7411-2nD CPU: QCA9533 CPU: nominal frequency 650 MHz PLC chipset: AR7420 Size of RAM: 64 MB Memory: 16 MB Flash 10/100 Ethernet ports: 1 Wireless Built-in: 2.4 GHz 802.11b...
by Pea
Tue Nov 27, 2018 9:32 pm
Forum: Beginner Basics
Topic: How to update to separate packages? [SOLVED]
Replies: 2
Views: 214

How to update to separate packages? [SOLVED]

What is the correct and clean procedure to update from main package to separate packages?
Just upload needed separate packages only of higher version and reboot?
by Pea
Tue Nov 27, 2018 9:23 pm
Forum: General
Topic: Backups disappear from router
Replies: 3
Views: 180

Re: Backups disappear from router

https://wiki.mikrotik.com/wiki/Manual:System/File Warning: If device has a directory named "flash" in its file list, then files which you want to be kept after system reboot/power cycle must be stored within it. As anything outside of it is kept within a RAM disk and will be lost upon reboot. Note: ...
by Pea
Wed Nov 21, 2018 9:33 pm
Forum: Wireless Networking
Topic: Devices does not see the wifi [SOLVED]
Replies: 12
Views: 659

Re: Devices does not see the wifi [SOLVED]

Check the channel, some devices do not see 2.4g wifi channel 13 (e.g. Kindle Paperwhite)
by Pea
Fri Nov 16, 2018 9:27 pm
Forum: Beginner Basics
Topic: rookie Port Forward for PS4 [SOLVED]
Replies: 15
Views: 840

Re: rookie Port Forward for PS4 [SOLVED]

Hi, did you noticed this warning? :) /system note set note="DEVICE HACKED - ACCOUNT admin HAD UNSAFE PASSWORD" and this is not your code, right? /system scheduler add interval=1d name=Auto113 on-event="/system reboot" policy=\ ftp,reboot,read,write,policy,test,password,sniff,sensitive start-date=\ o...
by Pea
Sun Nov 11, 2018 9:54 am
Forum: Beginner Basics
Topic: How to Limit Internet Speed per IP? [SOLVED]
Replies: 3
Views: 357

Re: How to Limit Internet Speed per IP? [SOLVED]

https://wiki.mikrotik.com/wiki/Manual:IP/Fasttrack Packet marking for fast processing. Warning: Queues (except Queue Trees parented to interfaces), firewall filter and mangle rules will not be applied for FastTracked traffic. Make exception in your Fasttrack firewall rule for the IP where you want t...
by Pea
Sun Sep 30, 2018 11:02 am
Forum: General
Topic: NTP client bug
Replies: 12
Views: 2731

Re: NTP client bug

I am just curious why you still try to use "Use Peer NTP" from your ISP while you know it is not working? :)
And did you try to contact your ISP to fix his DHCP NTP address setup?
by Pea
Thu Sep 20, 2018 8:14 am
Forum: Announcements
Topic: v6.43.1 [stable] and v6.43.2 [stable] are released!
Replies: 186
Views: 29374

Re: v6.43.1 [stable] is released!

still cant change any user names.
introduced in 6.43.0
viewtopic.php?f=2&t=139091
by Pea
Thu Sep 13, 2018 12:51 am
Forum: General
Topic: Add emoji to the ssid name
Replies: 8
Views: 552

Re: Add emoji to the ssid name

This link may help you to find suitable emoji:
https://unicode.org/emoji/charts/emoji-list.html
https://unicode.org/emoji/charts/full-emoji-list.html
/interface wireless set [find] ssid="\F0\9F\92\A3\F0\9F\92\A9"
😈
by Pea
Tue Aug 28, 2018 1:38 am
Forum: Announcements
Topic: v6.42.7 [current] is released!
Replies: 159
Views: 24415

Re: v6.42.7 [current] is released!

Just start reading!
[time=1535139686 user_id=118648]
how fix this please help me !
1. Please don't put questions not related to a specific release into the release topic, make new topic!
2. You are killing your router by Sector Writes, maybe logging on disc? Check your config, stop it! :)
by Pea
Fri Aug 24, 2018 11:38 pm
Forum: Announcements
Topic: v6.42.7 [current] is released!
Replies: 159
Views: 24415

Re: v6.42.7 [current] is released!

how fix this please help me ! 1. Please don't put questions not related to a specific release into the release topic 2. You are killing your router by Sector Writes, maybe logging on disc? Check your config, stop it! :) 3. You can try netinstall, helped me to recover bad blocks, just give it a try
by Pea
Thu Aug 23, 2018 8:52 am
Forum: Scripting
Topic: script for buttom mikrotik
Replies: 3
Views: 307

Re: script for buttom mikrotik

And this is how to use the button with scripting:
https://wiki.mikrotik.com/wiki/Manual:R ... ode_button
by Pea
Sat Aug 11, 2018 10:56 am
Forum: RouterBOARD hardware
Topic: PWR-Line AP - when will be available?
Replies: 0
Views: 332

PWR-Line AP - when will be available?

When will be available PWR-Line AP announced in April 2018?
by Pea
Tue Aug 07, 2018 10:14 pm
Forum: General
Topic: Hap AC2 RAM [SOLVED]
Replies: 13
Views: 813

Re: Hap AC2 RAM [SOLVED]

The same here, but no complain :)

version: 6.42.6 (stable)
factory-software: 6.42.3
free-memory: 205.3MiB
total-memory: 233.2MiB

board-name: hAP ac^2
model: RBD52G-5HacD2HnD
by Pea
Tue Aug 07, 2018 8:41 am
Forum: RouterBOARD hardware
Topic: Advise on Mikrotik Routerboard Firmware
Replies: 4
Views: 532

Re: Advise on Mikrotik Routerboard Firmware

Yes, this is all fine.
The firmware version increases (synchronize) now with ROS version. Even there is no update in the firmware.
(I do not know the reason why MikroTik made this change)
by Pea
Mon Aug 06, 2018 8:11 pm
Forum: General
Topic: How to block massive UDP traffic?
Replies: 1
Views: 147

Re: How to block massive UDP traffic?

port 53 :)
Search for DNS Amplification
And fix your firewall on input chain!
by Pea
Mon Aug 06, 2018 8:33 am
Forum: RouterBOARD hardware
Topic: Advise on Mikrotik Routerboard Firmware
Replies: 4
Views: 532

Re: Advise on Mikrotik Routerboard Firmware

Currently you are running current-firmware 3.24.
You should upgrade to upgrade-firmware 6.42.6.
by Pea
Fri Aug 03, 2018 11:20 pm
Forum: Announcements
Topic: Winbox vulnerability: please upgrade
Replies: 294
Views: 48286

Re: Winbox vulnerability: please upgrade

So what about version 6.40.8, is vulnerable or not? Could somebody from Mikrotik finally confirm it? Bugfix release tree Release 6.40.8 2018-04-24 What's new in 6.40.8 (2018-Apr-23 11:34): !) winbox - fixed vulnerability that allowed to gain access to an unsecured router; https://mikrotik.com/downl...
by Pea
Fri Aug 03, 2018 12:58 am
Forum: General
Topic: Mikrotik in the news..bad news
Replies: 57
Views: 5249

Re: Mikrotik in the news..bad news

Yes, last bugfix 6.40.8 is fine (+ change your passwords after upgrading, restore your configuration and inspect it for unknown settings, implement a good firewall)
What's new in 6.40.8 (2018-Apr-23 11:34):
!) winbox - fixed vulnerability that allowed to gain access to an unsecured router
by Pea
Sun Jul 15, 2018 8:25 pm
Forum: General
Topic: DNS server changed automatically [SOLVED]
Replies: 14
Views: 2891

Re: DNS server changed automatically [SOLVED]

Did you change all your passwords after update?
by Pea
Sun Jul 15, 2018 9:40 am
Forum: General
Topic: DNS server changed automatically [SOLVED]
Replies: 14
Views: 2891

Re: DNS server changed automatically [SOLVED]

You are running vulnerable version, so no surprise that someone can change your settings when they can get all your usernames and passwords.
It was mentioned in this topic, upgrade, change passwords, add firewall...
viewtopic.php?f=21&t=133533
by Pea
Thu Jul 12, 2018 11:20 pm
Forum: Beginner Basics
Topic: SSID for kids Zone with OpenDNS
Replies: 14
Views: 944

Re: SSID for kids Zone with OpenDNS

This is what I do, working perfectly: Add static DHCP leases Create firewall FamilyShield list for required static IP addresses Add 2 dst-nat rules for the FamilyShield list to the OpenDNS address 8) /ip dhcp-server lease add address=10.0.0.xx comment="FamilyShield" mac-address=xx:xx:xx:xx:xx:xx ser...