I had to replicate a config to two simular devices (cAP ac). In the exported config there is a command which causes error when trying to import: add disabled=no keepalive-frames=disabled \ master-interface=wlan1 multicast-buffering=disabled name=wlan3 \ security-profile=guest ssid=somessid wds-cost-...
Yeah if you enable "Allow Remote Connections" in /ip/dns, that will add the Mikrotik router as DNS. If that's disabled, it be only the dynamic DNS (or any static DNS servers set). Now I understand, thanks for clarification. Still remains the question whether it brings any advantage to hav...
Yes, but I noticed that even if I leave blank the first item in the DNS addresses supplied will be the DHCP server's own IP in any case e.g. a) left blank: 192.168.88.1 (the DHCP server's IP) 192.168.0.1 (forwarded from dynamic servers DNS entry in IP/DNS) b) filling with 192.168.88.1 192.168.88.1 S...
What is best praxis by setting up dhcp server's network?
a) leaving the DNS field blank -> clients get the DHCP server's own IP as DNS server AND the DNS servers given in the router's DNS setting or
b) supplying a single DNS - the DHCP server IP
I think I found the answer myself: DHCP server and client must exist on the same vlan. With vlan filtering turned off no PVID tagging on the ETH1 port (the port the ISP is connected to) is taking place hence the DHCP client on the bridge's vlan1 interface doesn't get reply to it's broadcasting from ...
Thanks, the second link contained a lot of useful info (I couldn't read it all yet). For me the essence is that my approach is right: I add the bridge port to the 'tagged' list of all vlan rows. What I still don't understand is why dhcp client on a vlan interface of a bridge only works with vlan fil...
:D Thanks, I experienced it, i had to reset I noticed also that if I don't add the bridge port to the ' tagged ' list of the respective vlan in the vlan table it not only stops working (ip services like dhcp server or client) but I also lose MAC access despite the respective VLAN was added to the MA...
Maybe a last question for the future: i shouldn´t really worry about not accessing the router because of missconfiguration of vlan filtering until i have mac address winbox acces to the device, should i?
Thanks for your effort.
In the mean time the problem has been solved
I was afraid to switch on vlan filtering because of losing connectivity.
After switching on everything started to work like charm
Yes exactly (except that the first mt router doesn´t have to have on some of its own ports the isp´s subnet but yes it has to pass both subnets to the second mt router)
No. I want to be able to get an ip from both the service provider˙s dhcp and the first mt routers˙s dhcp on two different port on the second mt. Actually it worked already with two bridges but now i want to learn vlan bridging and solve it with one multivlan bridge. In praxis the service provider˙s ...
I want to make available my router's WAN and LAN on a second router as well. I want to use a single vlan bridge for best performance. ETH1 is the WAN port, ETH3 is the trunk port to the next MT router. WAN traffic is VLAN100, LAN traffic is VLAN200 on the trunk. Both VLANS are defined on the bridge ...
Since RouterOS 13 there are separate routeros and wireless packages.
Wireless is automatically installed on hEX router as well despite it has no wireless.
Why?
Can I safely uninstall it?
Thanks
fragtion, Thanks for reply. Unless Mikrotik can implement a native inbuilt solution for this (maybe randomize source port for each connection attempt if the interface port isn't explicitly set, as this would be an ideal solution for such wg endpoints behind double nat) Someone from Mikrotik, are you...
Hi, I had a strange wg issue (actually with 7.12.1, but the behavior didn't change after upgrading to 7.14.1 either): Configuration: Peer A initiates a connection to peer B on peer B's given public address : port. Issue: There was a network reconfiguration by the service provider on site A. After th...
Question: Drivers for older wireless and 60GHz interfaces, as well as the wireless management system CAPsMAN, are now part of a separate "wireless" package instead of being a part of the bundle package. This package can be uninstalled if not needed. How do we know whether a package is need...
https://1drv.ms/i/s!Aukw5KCzXdEthpw4MTLTn3wqXMmLDQ?e=L6hcwG Rother mixed picture, dependency from pocket size. What do you think? Additional thoughts: As I just noticed, hAP AC2 is not much more expensive and outperforms both hEX and hAP AX Lite. I just don't like it because it's warming issue. Howe...
Thanks for reply. So, not that worse means worse? - I didn't find any info regarding this. If worse, in which parameter worse? My use case is simple wired router / firewall / Wireguard VPN. If hAP ax lite is not worse for that use case I'll buy that instead of hEX in the future - hence cheaper and B...
BTH doesn't support mips cpu.
At most of our premises we have hEX as the main router - which is not supported yet.
Is is a good idea to use hAP ax lite instead of hEX? Does it have the same throughput?
After the upgrade to v7.10 (stable). The ovpn client will no longer emerge into the the ip/address table. Also there will be a missing entry in the routing table, i.e. there is no gateway. Due to this, the router is no longer able to exchange ip packets between the network and the ovpn client. same...
There is a separate checkmark "No DNS" to remove the automatic DNS servers from the list of DNS servers distributed via DHCP. You can still distribute statically configured DNS servers. Thanks. I had a look at my other installations, and I recognized that that pushing received or set DNS ...
I mean, the behaviour can be overwritten by setting the DNS server explicitely: /ip dhcp-server network add address=192.168.128.0/24 dns-server=192.168.128.1 comment=defconf gateway=192.168.128.1 netmask=24 Yes, thanks, that works, but it is then just a workaround, I would like to unterstand the be...
"ovpn - added hardware acceleration support for IPQ4018/IPQ4019 and AL* series chipsets" Doesn't seem to work : I had to withdraw my statement about "HW encryption not working" I found out that even with cipher=null I have the same poor result compared that of the Windows Ovpn cl...
I think it is not possible to solve it with a simple bridge and no WAN interface. Source NAT is needed.
I have solved it with defining two separate bridges (one for WAN and one for LAN) and NAT-ing.
It works now.
Hi, I have a Mikrotik 951G-2HnD in Bridge mode (all 5 ports and the Wireless bridged) and want to use it as a switch, AP and as a VPN Internet gateway as well. I configured the OpenVPN the same way I used to do it in case of router mode, however - if connected remotely through OpenVPN - now I don't ...