Community discussions

MUM Europe 2020

Search found 98 matches

by razavim
Fri Aug 24, 2018 11:36 pm
Forum: Announcements
Topic: v6.42.7 [current] is released!
Replies: 159
Views: 32494

Re: v6.42.7 [current] is released!

Just upgraded my 2011 and Hap AC Lite and (X86) all were so far so good.
by razavim
Mon Jan 15, 2018 9:36 am
Forum: Beginner Basics
Topic: Updating the wiki
Replies: 2
Views: 492

Re: Updating the wiki

You can email Mikrotik to request for an account on the wiki.
It is not possible anymore,
MikroTik it self will be the only official source who can update the wiki and the decision had been made exactly for this purpose,updating the material.

Sent from my SM-N920T using Tapatalk



by razavim
Sun Nov 26, 2017 7:53 am
Forum: General
Topic: NAT table not cleared correctly [SOLVED]
Replies: 77
Views: 7362

Re: NAT table not cleared correctly [SOLVED]

I saw that you have bridge interface try to check the /bridge setting use-ip-firewall

Please go to /ip setting and choose rp-filter to loose



Sent from my SM-N920T using Tapatalk
by razavim
Sun Nov 26, 2017 7:53 am
Forum: General
Topic: NAT table not cleared correctly [SOLVED]
Replies: 77
Views: 7362

Re: NAT table not cleared correctly [SOLVED]

I saw that you have bridge interface try to check the /bridge setting use-ip-firewall

Please go to /ip setting and choose rp-filter to loose



Sent from my SM-N920T using Tapatalk
by razavim
Thu May 04, 2017 12:38 am
Forum: RouterBOARD hardware
Topic: Qrt 2 dis-assemble
Replies: 1
Views: 410

Qrt 2 dis-assemble

I would like to open qrt 2 and use the board, but i want to know is there any mmcx to rp-sma connector to attach antenna or i have to do some soldering?

If anybody can provide picture would be a great help.

Any help is appreciated.

Sent from my SM-N920T using Tapatalk
by razavim
Sun Mar 12, 2017 11:45 pm
Forum: General
Topic: Will Huawei E3372 work on Hex(rb750gr3) usb port, anyone tried?
Replies: 4
Views: 1310

Re: RE: Will Huawei E3372 work on Hex(rb750gr3) usb port, anyone tried?

I bought hex so now im considering going on LTE, and adding lte in bridge is still not avalaible??? Share some info, thanks. Regards LeRadelle Yes, it does work on G3 But you may not select the "lte" interface into the bridge. By the way may I ask, why do you need to make the bridge? Sent from my S...
by razavim
Mon Mar 06, 2017 10:25 am
Forum: General
Topic: TCP inject attacks?
Replies: 1
Views: 430

Re: TCP inject attacks?

You might want to add additional rule
/ip firewall filter add chain=input connection-state=invalid action=drop

Sent from my SM-N920T using Tapatalk
by razavim
Tue Feb 28, 2017 1:21 am
Forum: General
Topic: web proxy
Replies: 1
Views: 357

Re: web proxy

Write me at razavim90@gmail.com

Sent from my SM-N920T using Tapatalk
by razavim
Sun Feb 19, 2017 11:29 am
Forum: General
Topic: Public IP Over Tunnel
Replies: 3
Views: 591

Re: Public IP Over Tunnel

Put Public ip'srange in pppoe profile for remote address

Sent from my SM-N920T using Tapatalk
by razavim
Sat Feb 11, 2017 7:15 pm
Forum: General
Topic: How to find a device (which Interface) with the MAC address.
Replies: 3
Views: 2140

Re: How to find a device (which Interface) with the MAC address.

Yes it is absolutely possible. You can achieve that bu going to
/ip neighbor and enable the bridge interface and in neibor tab you can see all connected and activated interface. Just double click on them and choose Mac-telnet.
Thats it

Sent from my SM-N920T using Tapatalk
by razavim
Fri Feb 10, 2017 2:00 pm
Forum: General
Topic: Best VPN
Replies: 23
Views: 13785

Re: Best VPN

So you mean you have private address on LTE side ? If yes you maye use script which is not defficult to find on google inorder to use DDNS address for the private address side such as LTE. but if you will dynamic address through LTE but it is public you can use the Mikrotik cloud Sent from my SM-N92...
by razavim
Thu Feb 09, 2017 6:56 pm
Forum: General
Topic: Best VPN
Replies: 23
Views: 13785

Re: Best VPN

Gre
Ipip
If security matter then "ipsec"

Sent from my SM-N920T using Tapatalk
by razavim
Tue Feb 07, 2017 11:20 pm
Forum: Forwarding Protocols
Topic: Routing over IPSEC VPN to remote network
Replies: 3
Views: 7031

Re: Routing over IPSEC VPN to remote network

so let me clarify. what you want to achieve here is that one subnet behind Mikrotik ise fortigate as a Next hop and vice versa?

Sent from my SM-N910C using Tapatalk
by razavim
Sat Jan 28, 2017 11:47 pm
Forum: General
Topic: Block Streaming Video
Replies: 7
Views: 28517

Re: RE: Re: Block Streaming Video

Alright, after looking at your rules i finally managed to correct the ruls. so please follow each step as i have written here. therefore please bare in mind you are not able to block "https" urls like facebook and youtube because of encryption. first open new terminal from winbix and copy pate the ...
by razavim
Sat Jan 28, 2017 11:45 pm
Forum: General
Topic: Block Streaming Video
Replies: 7
Views: 28517

Re: Block Streaming Video

Alright, after looking at your rules i finally managed to correct the ruls. so please follow each step as i have written here. therefore please bare in mind you are not able to block "https" urls like facebook and youtube because of encryption. first open new terminal from winbix and copy pate the c...
by razavim
Sat Jan 28, 2017 9:28 pm
Forum: General
Topic: Block Streaming Video
Replies: 7
Views: 28517

Re: Block Streaming Video

Mikrotik strongly suggest to not filter any web content with firewall layer 7 filter and instead use web proxy feature. ofcourse it is very depend on what hardware you use and also it is resource(cpu) intensive but still it is better to use web proxy.



Sent from my SM-N910C using Tapatalk
by razavim
Sat Jan 28, 2017 9:03 pm
Forum: General
Topic: Block Streaming Video
Replies: 7
Views: 28517

Re: Block Streaming Video

is that all the rules you put to block streaming video? if yes then there is some inconsistancies. you made layer 7 firewall rule called Streaming but did nit drop them( as you mention in title to block but instead you limit the bandwidth). and also you made mangle rule for "http-vid" twice one with...
by razavim
Fri Jan 27, 2017 10:32 pm
Forum: Forwarding Protocols
Topic: RDP over IPSEC
Replies: 4
Views: 1784

Re: RE: Re: RDP over IPSEC

Ey! So i could figure out the problem. When i disabled all the firewall rules (except the one accepting ipsec protocol so i wouldnt loose connection) i still had problems with RDP. Then i tried disabling all NAT rules as well and there i found that the problem was the NAT rule for a remote desktop ...
by razavim
Tue Jan 17, 2017 10:52 am
Forum: RouterBOARD hardware
Topic: Basebox2
Replies: 4
Views: 756

Re: Basebox2

Thank you.

Sent from my SM-N910C using Tapatalk
by razavim
Tue Jan 17, 2017 8:00 am
Forum: RouterBOARD hardware
Topic: Basebox2
Replies: 4
Views: 756

Re: Basebox2

thanks,
but routerboard wesite mentioned that basebox2 needs 8-30 volts to function. so it means if i turn on the device with 12 volts i am not able to utilize the maximum antenna (1 wattage)?

Sent from my SM-N910C using Tapatalk
by razavim
Tue Jan 17, 2017 7:37 am
Forum: Forwarding Protocols
Topic: RDP over IPSEC
Replies: 4
Views: 1784

Re: RDP over IPSEC

First of all disable all of your firewall filter rule and try to connect through RDP.
Still, there is or are some inconsistansy(ies) in your firewall rules as there is no mangle rule to define "Sin-Internet"

Sent from my SM-N910C using Tapatalk
by razavim
Mon Jan 16, 2017 11:30 pm
Forum: RouterBOARD hardware
Topic: Basebox2
Replies: 4
Views: 756

Basebox2

Am i able to turn on the basebox2 through hex poe lite(RB750UPr2)?

i counld not find this model based on given discription on Mikrotik Wiki.

Thanks

Sent from my SM-N910C using Tapatalk
by razavim
Fri Jan 06, 2017 10:17 pm
Forum: General
Topic: Mangle rules
Replies: 5
Views: 1523

Re: Mangle rules

sorry for my typo "as"

Sent from my SM-N910C using Tapatalk
by razavim
Fri Jan 06, 2017 10:16 pm
Forum: General
Topic: Mangle rules
Replies: 5
Views: 1523

Re: Mangle rules

Actually, this export is meaning less untill you give more detail on your networking scenario or export other area of router such ass nat and rout as well. and please take a look at mikrotik wiki on load balancing it has a very good examples that you could do and implement it all by your self. Sent ...
by razavim
Fri Dec 30, 2016 1:00 am
Forum: General
Topic: countless / free traffic from a network for PPPoE users
Replies: 6
Views: 1271

Re: countless / free traffic from a network for PPPoE users

mark the traffic and use fasttrack. it will not go through connection tracking therefore not being calculated. i think that could help

Sent from my SM-N910C using Tapatalk
by razavim
Sat Dec 24, 2016 11:01 am
Forum: General
Topic: Hotspot - Mobile
Replies: 1
Views: 357

Re: Hotspot - Mobile

remove dns it can help you

Sent from my SM-N910C using Tapatalk
by razavim
Tue Dec 20, 2016 7:27 am
Forum: General
Topic: IPSEC site-2-site: adding policy hangs the router
Replies: 5
Views: 704

Re: IPSEC site-2-site: adding policy hangs the router

then it is time to contact the support and report the issue. however i believe by upgrading your routerOS you may over come this problem.

Sent from my SM-N910C using Tapatalk
by razavim
Mon Dec 19, 2016 1:29 pm
Forum: Wireless Networking
Topic: Is it possible? Hotspot and regular wlan on the same device?
Replies: 1
Views: 371

Re: Is it possible? Hotspot and regular wlan on the same device?

yes, absolutely. just make virtual ap and treat it as another wlan interface( assign ip and run dhcp and hotspot)

Sent from my SM-N910C using Tapatalk
by razavim
Mon Dec 19, 2016 1:25 pm
Forum: Wireless Networking
Topic: Can you PLEASEE help me
Replies: 1
Views: 371

Re: Can you PLEASEE help me

export your config for better trouble shooting or supout file

Sent from my SM-N910C using Tapatalk
by razavim
Mon Dec 19, 2016 8:09 am
Forum: General
Topic: how to Exclude one Website bandwidth Limit
Replies: 7
Views: 1418

Re: how to Exclude one Website bandwidth Limit

In sumple queue you may not put domain name directly. there is a nice little feature in mikrotik firewall called Address List. try to put your domain name there and it is automatically resolve each and every ip address of that domain then with the help of mange mark the traafic for that address list...
by razavim
Mon Dec 19, 2016 12:42 am
Forum: General
Topic: Fasttrack & Queues
Replies: 2
Views: 708

Re: Fasttrack & Queues

http://wiki.mikrotik.com/wiki/Manual:IP ... n_tracking

Sent from my SM-N910C using Tapatalk
by razavim
Mon Dec 19, 2016 12:22 am
Forum: General
Topic: IPSEC site-2-site: adding policy hangs the router
Replies: 5
Views: 704

Re: IPSEC site-2-site: adding policy hangs the router

and also you made mistake by giving ip to ether2. you must set the ip in bridge interface cause ether 2 is already part of bridge and dhcp server is run on bridge as well.


Sent from my SM-N910C using Tapatalk
by razavim
Thu Dec 15, 2016 11:52 pm
Forum: General
Topic: Hotspot MAC Cookie vs HTTP Cookie
Replies: 3
Views: 4505

Re: Hotspot MAC Cookie vs HTTP Cookie

you are correct HTTP cookies are saved on clients device however with MAC cookie you have the possibility to save the cooki inside the router for as long as you like. but you have to turn it on in server profile in login tab and also in user profile in hot spot you must click on the checkmark for us...
by razavim
Thu Dec 15, 2016 4:44 pm
Forum: RouterBOARD hardware
Topic: Which switch to buy
Replies: 2
Views: 537

Re: Which switch to buy

but you must understand that Mikrotik is very young in Switching world so you must give them some time. but still CCR226 is very good option

Sent from my SM-N910C using Tapatalk
by razavim
Thu Dec 15, 2016 4:42 pm
Forum: RouterBOARD hardware
Topic: Which switch to buy
Replies: 2
Views: 537

Re: Which switch to buy

i would defenitly go for ccr226.
it is comparable with cisco 3750

Sent from my SM-N910C using Tapatalk
by razavim
Sat Dec 10, 2016 11:13 am
Forum: General
Topic: No audio on sip calls over VPN
Replies: 8
Views: 3336

Re: No audio on sip calls over VPN

NICE. although, remember those protocols in service ports are helpful if you want to write nat. basically they are called nat helpers.


Sent from my SM-N910C using Tapatalk
by razavim
Thu Dec 08, 2016 2:24 pm
Forum: Scripting
Topic: Hotspot - No more session allow -
Replies: 1
Views: 869

Re: Hotspot - No more session allow -

you have to use mac-cookie feature from server profile in login tab. and also you need to specify keep-alive time in user profile.

hope that would help

Sent from my SM-N910C using Tapatalk
by razavim
Thu Dec 08, 2016 2:17 pm
Forum: General
Topic: No audio on sip calls over VPN
Replies: 8
Views: 3336

Re: No audio on sip calls over VPN

Mikrotik has implemented service port for this reason. so i highly suggest make sure that in /ip firewall services you have enabled required (sip) protocol and you need to write your rules based on connection type in general tab in ip firewall filter. hope that would help. Sent from my SM-N910C usin...
by razavim
Mon Dec 05, 2016 12:27 am
Forum: Virtualization
Topic: Need a recommendation
Replies: 5
Views: 998

Re: Need a recommendation

Dear Friend, I am sure it is not well configured as CCR are much more effective. Would you send me your export config in orther to troubleshoot your your scenario?



Sent from my SM-N910C using Tapatalk
by razavim
Thu Dec 01, 2016 8:10 pm
Forum: Virtualization
Topic: Need a recommendation
Replies: 5
Views: 998

Re: Need a recommendation

I believe having IPIP+ipsec is not a very wise choice. if your clients need to establish site to site tunnel protocol and at the same time you need encryption i wiuld definitly recomment using IPSEC only. therefore IPIP is very overhead intensivr as it will encapsulates the ip packet in a whole new ...
by razavim
Tue Nov 29, 2016 2:23 pm
Forum: General
Topic: Connect Two RB2011 via VPN tunnel. L2TP/IPSEC or SSTP?
Replies: 4
Views: 1008

Re: Connect Two RB2011 via VPN tunnel. L2TP/IPSEC or SSTP?

i am using site to site sstp for almost a year with out any problem.
although, SSTP is using more overhead than l2tp but again i did not face any problem.


Sent from my SM-N910C using Tapatalk
by razavim
Fri Nov 25, 2016 11:08 am
Forum: Virtualization
Topic: CHR and RoMon problem [SOLVED]
Replies: 4
Views: 2287

Re: CHR and RoMon problem [SOLVED]

try to run EoIP over L2TP

or if you have another router board or routerOS try to directly tunnel over EoIP

EoIP over pptp is not logical and is not advicable it will increase the ip packet overhead exponentially.

Sent from my SM-N910C using Tapatalk
by razavim
Thu Nov 24, 2016 12:52 pm
Forum: General
Topic: hotspot user can go the a file not in hotspot folder?
Replies: 2
Views: 674

Re: hotspot user can go the a file not in hotspot folder?

the wall garden feature is specifically designet for this purpose try to allow ftp connection to your router

Sent from my SM-N910C using Tapatalk
by razavim
Mon Nov 21, 2016 9:18 pm
Forum: RouterBOARD hardware
Topic: CCR1009-8G-1S-1S+ IPIP+IPSEC performance?
Replies: 2
Views: 721

Re: CCR1009-8G-1S-1S+ IPIP+IPSEC performance?

please clarify your testing environment

Sent from my SM-N910C using Tapatalk
by razavim
Sun Oct 09, 2016 3:01 pm
Forum: General
Topic: certificate search
Replies: 0
Views: 321

certificate search

After changing the Mikrotik website to the new one which is so increadible the ability to search the certificate is not functional and not shows anything.

is there any problem?

Sent from my SM-N910C using Tapatalk
by razavim
Sun Oct 09, 2016 12:24 pm
Forum: General
Topic: Adding UDP ON OPENVPN
Replies: 3
Views: 1748

Re: Adding UDP ON OPENVPN

Normis,
Thanks for replaying. i believe it was an mobile application issue. Anyway. Thanks for answering my request.

Sent from my SM-N910C using Tapatalk
by razavim
Tue Oct 04, 2016 2:18 pm
Forum: General
Topic: Adding UDP ON OPENVPN
Replies: 3
Views: 1748

Adding UDP ON OPENVPN

I would like to ask Mikrotik to add UDP support on OpenVPN.


Regards,

Sent from my SM-N910C using Tapatalk
by razavim
Mon Oct 03, 2016 12:39 pm
Forum: Scripting
Topic: Static Ip for IpSEC/L2TP Client Mikrotik possible?
Replies: 2
Views: 1661

Re: Static Ip for IpSEC/L2TP Client Mikrotik possible?

/ ip firewall nat chain forward src- add x.x.x.x/32 action=src-nat to-address: "static ip address"

Sent from my SM-N910C using Tapatalk
by razavim
Mon Oct 03, 2016 11:21 am
Forum: RouterBOARD hardware
Topic: What to use for main Router?
Replies: 2
Views: 634

Re: What to use for main Router?

Absolutely,

You can use it but one advice tey to minimize your filter rules and mangle rules to the minimum.
and also try to use policy routing whenever possible.

Sent from my SM-N910C using Tapatalk
by razavim
Sat Oct 01, 2016 5:47 pm
Forum: Forwarding Protocols
Topic: VPN L2TP / IPsec on Windows 2008 Server (now trying Mikrotik)
Replies: 8
Views: 1560

Re: VPN L2TP / IPsec on Windows 2008 Server

the file you have shared it is not readable by other 3rd parties. you have to send this file to mikrotik and mikrotik it self is able to open that. otherwise as i have mentioned earlier send your ipsec config through typing this command in CLI /ip ipsec export file="give it a name" and find it in Fi...
by razavim
Sat Oct 01, 2016 3:21 pm
Forum: Forwarding Protocols
Topic: VPN L2TP / IPsec on Windows 2008 Server (now trying Mikrotik)
Replies: 8
Views: 1560

Re: VPN L2TP / IPsec on Windows 2008 Server

yes it is very needed if you dont use NAT for your ipsec

Sent from my SM-N910C using Tapatalk
by razavim
Sat Oct 01, 2016 3:20 pm
Forum: Forwarding Protocols
Topic: VPN L2TP / IPsec on Windows 2008 Server (now trying Mikrotik)
Replies: 8
Views: 1560

Re: VPN L2TP / IPsec on Windows 2008 Server

it seems to me you have packet size problem try to to go the ppp profile and go to the appropriate profile and in general tab change TCP MSS to yes.
otherwise send your export here for further inspection

Sent from my SM-N910C using Tapatalk
by razavim
Sat Oct 01, 2016 10:32 am
Forum: General
Topic: Feature Request - Log Action for Static DNS Entries.
Replies: 1
Views: 620

Re: Feature Request - Log Action for Static DNS Entries.

agreed

Sent from my SM-N910C using Tapatalk
by razavim
Fri Sep 30, 2016 10:28 pm
Forum: Forwarding Protocols
Topic: VPN L2TP / IPsec on Windows 2008 Server (now trying Mikrotik)
Replies: 8
Views: 1560

Re: VPN L2TP / IPsec on Windows 2008 Server

L2TP runs on 500, 4500,1701 UDP and IP-ESP protocol 50( protocol 50 not port 50)

Sent from my SM-N910C using Tapatalk
by razavim
Fri Sep 30, 2016 10:24 pm
Forum: General
Topic: CUP Load 100% :( :( :( :( please help me some one
Replies: 8
Views: 1203

Re: CUP Load 100% :( :( :( :( please help me some one

I highly recommend send your export from queue and mangle

Sent from my SM-N910C using Tapatalk
by razavim
Fri Sep 30, 2016 3:16 pm
Forum: General
Topic: Networking
Replies: 5
Views: 583

Re: RE: Re: Networking

Maybe an study about traffic distribution/patterns? i.e. which % of traffic is https, which http, which VPNs, email related (SMTP/IMAP/POP)... And what do you think if I choose the material about VPN for TV Streaming? I dont think VPN on TV streaming is possible. Until, the TV it self has the possi...
by razavim
Wed Sep 28, 2016 12:38 pm
Forum: Wireless Networking
Topic: two Omni directional anntena
Replies: 11
Views: 1213

Re: two Omni directional anntena

Ok thanks,
i will share my result as soon as i conduct my research on that

Sent from my SM-N910C using Tapatalk
by razavim
Wed Sep 28, 2016 11:39 am
Forum: General
Topic: Winbox 3.5 bug?
Replies: 3
Views: 575

Re: Winbox 3.5 bug?

i had the same issue. and i have sent the mail to support team they said that it is winbox problem and it is fixed in v3.6 however i could not wait and find solution for that. Although, you want to make CAP and not the manager. but do this trick and it will work like a charm go to CAPsMAN and create...
by razavim
Wed Sep 28, 2016 2:20 am
Forum: Wireless Networking
Topic: Wds network
Replies: 10
Views: 920

Re: RE: Re: Wds network

This is correct network topology, your design should work fine. Your terminology is incorrect! This is not WDS or Mesh... In WDS/Mesh you would remove the PtP links and the NetMetals would communicate directly to one another as well as the clients. Or remove the NetMetals and have the DynaDishes co...
by razavim
Wed Sep 28, 2016 2:18 am
Forum: Wireless Networking
Topic: mesh networking
Replies: 0
Views: 310

mesh networking

what is the best RouterBoard to have to provide 5ghz as backhaul and 2.4ghz for mobile clients . the distance is 4km. important things to know: -client must not disconnect so they must roam -there is no interference. -bandwidth should be around 40Mbps. should i use wds+rstp or HWMP+? thanks Sent fro...
by razavim
Tue Sep 27, 2016 7:01 pm
Forum: Wireless Networking
Topic: Wds network
Replies: 10
Views: 920

Re: Wds network

the problem is i want to send data from car to RBMETAL through 2.4 GHz and send the same data through DYNADISH to main building

Sent from my SM-N910C using Tapatalk
by razavim
Tue Sep 27, 2016 4:00 pm
Forum: Wireless Networking
Topic: Wds network
Replies: 10
Views: 920

Re: Wds network

i am.still looking for an proper solution so please i will be greatful if anyone can help.

thanks

Sent from my SM-N910C using Tapatalk
by razavim
Tue Sep 27, 2016 2:08 am
Forum: General
Topic: Domains in logs and Firewall connections
Replies: 10
Views: 1504

Re: Domains in logs and Firewall connections

you have two options. 1-web-proxy 2- go to tools sniff,choose what traffic to filter(send) nad give the ip address of a pc in you network and run Wireshark then in program choose to reaolve Ip. it will show you donain name as well. as other iser mentioned the netflow is also viable in your case Sent...
by razavim
Mon Sep 26, 2016 5:26 pm
Forum: General
Topic: Trunk + Access Ports same RB
Replies: 11
Views: 1671

Re: Trunk + Access Ports same RB

whats is the configuration of 2nd device?

please export that as well

Sent from my SM-N910C using Tapatalk
by razavim
Mon Sep 26, 2016 9:07 am
Forum: Wireless Networking
Topic: Wds network
Replies: 10
Views: 920

Re: Wds network

any more suggestio?
i just want to make sure is it possible or not?

Sent from my SM-N910C using Tapatalk
by razavim
Sun Sep 25, 2016 10:10 pm
Forum: Wireless Networking
Topic: Wds network
Replies: 10
Views: 920

Re: Wds network

i just want to know is it possible or not? if not what other options do i have? there is no onterference in the area. we need the car to be able to connect through its omni dorectional anntena to other RBMETAL with omni anntena with in 2km distance

Sent from my SM-N910C using Tapatalk
by razavim
Sun Sep 25, 2016 10:05 pm
Forum: Wireless Networking
Topic: Wds network
Replies: 10
Views: 920

Re: Wds network

absolutely not correct. let me tell you exactly whats the plan. we have 4 towers which each contain 2 Dyna dish which is connected in 5Ghz band and we have again 4 RBMETAL with omni directional anntena which is again using the Dynadish to transfer the data to main building. there is a car with RBMET...
by razavim
Sun Sep 25, 2016 4:15 pm
Forum: Wireless Networking
Topic: Wds network
Replies: 10
Views: 920

Re: Wds network

there is mobile vehicle which move in that soecific teritory. so he is connected through metal with omni directional anntena. that is why i need wds because i dont want the lind drop

Sent from my SM-N910C using Tapatalk
by razavim
Sun Sep 25, 2016 3:00 pm
Forum: Wireless Networking
Topic: Wds network
Replies: 10
Views: 920

Wds network

Please look at the following picture and tell me whether or not it is possible to implement this network topology. please bear in mind that each mast has a switch and provide two vlans one for dynadish wds network and other for metal. i want to create wds backhaul network on 5 Ghz on DynaDiah and 2....
by razavim
Sun Sep 25, 2016 1:19 pm
Forum: General
Topic: Cannot access IP camera from lan but from outside
Replies: 3
Views: 718

Re: Cannot access IP camera from lan but from outside

use the same port. if your camera is working on 88
put dst-port=88 as well if it doesnt help try to add firewall rule
/add action= accept chain=forward src-address=192.168.2.0/24

then try again

Sent from my SM-N910C using Tapatalk
by razavim
Sun Sep 25, 2016 10:40 am
Forum: General
Topic: Cannot access IP camera from lan but from outside
Replies: 3
Views: 718

Re: Cannot access IP camera from lan but from outside

since this issue is depend on so many factors, Specially your firewall confog. i highly recommend to send your export config for better troubleshooting ,but if your camera is in different subnet than your wireless then do the same NAT for your internal network as well Sent from my SM-N910C using Tap...
by razavim
Fri Sep 23, 2016 11:42 pm
Forum: General
Topic: HotSpot SplashPage
Replies: 3
Views: 591

Re: HotSpot SplashPage

i believe you can. as long as you will run them on different interface

Sent from my SM-N910C using Tapatalk
by razavim
Fri Sep 23, 2016 11:03 am
Forum: Wireless Networking
Topic: AC band with WDS
Replies: 2
Views: 523

Re: AC band with WDS

Thanks for clarification, but what i said was based on Mikrotik Wireless menu option.

So it is possible to make wds mesh with AC?

Sent from my SM-N910C using Tapatalk
by razavim
Thu Sep 22, 2016 4:57 pm
Forum: Wireless Networking
Topic: AC band with WDS
Replies: 2
Views: 523

AC band with WDS

Hi,

Can i use AC band on my Dyna dish with WDS(bridge or mesh)?

if yes, does it effect on my total bandwidth?


thank you

Sent from my SM-N910C using Tapatalk
by razavim
Thu Sep 22, 2016 12:32 pm
Forum: General
Topic: src nat based on connection mark
Replies: 1
Views: 408

Re: src nat based on connection mark

if i were you. i would introduce two different local ip addresses and for two different gateway. and i would use two gateway on mh router and with help of mangle i could mark route the packet and then use them in 1st or second gateway. with this you can generate different ppp secret and automaticall...
by razavim
Wed Sep 21, 2016 11:49 am
Forum: Wireless Networking
Topic: two Omni directional anntena
Replies: 11
Views: 1213

Re: two Omni directional anntena

Thank you for making my question understandable.

Sent from my SM-N910C using Tapatalk
by razavim
Wed Sep 21, 2016 11:37 am
Forum: Wireless Networking
Topic: two Omni directional anntena
Replies: 11
Views: 1213

Re: two Omni directional anntena

Thank you very much for your response.
That is exactly i was expecting to hear.
actually the bandwidth is not an issue for us. latency and link stability is playing major role in our scenario.

Sent from my SM-N910C using Tapatalk
by razavim
Wed Sep 21, 2016 11:14 am
Forum: Wireless Networking
Topic: two Omni directional anntena
Replies: 11
Views: 1213

Re: two Omni directional anntena

one RB-METAL is at static position and the other RB-METAL is in movement and nothingin between causing obstruction and there is also no interference at all. Cause, it is not in urban are. so both omni directional can see wach other no matter what

Sent from my SM-N910C using Tapatalk
by razavim
Wed Sep 21, 2016 9:21 am
Forum: Wireless Networking
Topic: two Omni directional anntena
Replies: 11
Views: 1213

Re: two Omni directional anntena

I believe i have mis-represent my question as whole.
I have to RB-METAL which each of them has one omni directional (6db) anntena. what is the maximum range or distance for this two devices?


Thank you in Advance

Sent from my SM-N910C using Tapatalk
by razavim
Tue Sep 20, 2016 9:10 pm
Forum: Wireless Networking
Topic: two Omni directional anntena
Replies: 11
Views: 1213

two Omni directional anntena

I would like to implement a wireless network in rural are where there is no object between the AP and the client and the client is in the constant movement(mobile) 1-what is the maximum distance range if i use two omni directional anntena? 2-which frequency (2.4 or 5) can be used? i can sacrifice th...
by razavim
Sat Sep 17, 2016 11:39 pm
Forum: General
Topic: IPsec/L2TP - opening a 2nd connection kills 1st one
Replies: 7
Views: 4660

Re: IPsec/L2TP - opening a 2nd connection kills 1st one

if you see dynamically created policy then click copy and hit apply and then it will be static

Sent from my SM-N910C using Tapatalk
by razavim
Sat Sep 17, 2016 12:41 am
Forum: General
Topic: Session Time is blank question
Replies: 2
Views: 410

Re: Session Time is blank question

are you using Mikrotik Usermanager as your radius server or something else? in case of something else you have to give bandwidth and duration or it can be something similar like Active hours or days. if you put the respective value then when users are logged-in you may see session time count down as...
by razavim
Fri Sep 16, 2016 7:21 pm
Forum: RouterBOARD hardware
Topic: wAP config tutorial ?
Replies: 16
Views: 6502

Re: RE: Re: wAP config tutorial ?

That is because the software on all devices is the same but keep in mind that not all devices are made for routing and firewalling because of the internal power. For good routing and firealling you need a CCR and not a wAP. The CPU is good in the wAP, one of our best actually. It is capable of near...
by razavim
Fri Sep 16, 2016 2:48 am
Forum: General
Topic: MARK ESTABLISHED,RELATED Packets HTTPS/HTTP
Replies: 10
Views: 2014

Re: MARK ESTABLISHED,RELATED Packets HTTPS/HTTP

i highly suggest to use mark-packet instead of mark-connection

Sent from my SM-N910C using Tapatalk
by razavim
Wed Sep 14, 2016 1:10 pm
Forum: General
Topic: Guru needed for paid remote support
Replies: 7
Views: 903

Re: Guru needed for paid remote support

if you could provide some more detail ot would be great
by razavim
Wed Sep 14, 2016 8:30 am
Forum: Wireless Networking
Topic: VPN Travel Router
Replies: 4
Views: 1158

Re: VPN Travel Router

I have already done the same thing with my RBmAP2ND
beside you can broadcast 128 different ssid which, each of them can be connected to different VPN and departments.



Sent from my SM-N910C using Tapatalk
by razavim
Tue Sep 13, 2016 2:35 pm
Forum: General
Topic: Youtube Traffic Routing
Replies: 1
Views: 487

Re: Youtube Traffic Routing

send your config here

Sent from my SM-N910C using Tapatalk
by razavim
Mon Sep 12, 2016 10:26 am
Forum: General
Topic: Addresses per MAC vs Shared Users
Replies: 2
Views: 1534

Re: Addresses per MAC vs Shared Users

you can connect with 3 clients. the difference is that whatever you put in user profile is going to be effective after the successfully authenticate the user. However, address-per-mac is used to allow number of ip addresses to be binded with mac address which clearly means, when multiple hotspot cli...
by razavim
Sun Sep 11, 2016 4:33 pm
Forum: General
Topic: MARK ESTABLISHED,RELATED Packets HTTPS/HTTP
Replies: 10
Views: 2014

Re: MARK ESTABLISHED,RELATED Packets HTTPS/HTTP

there is a new feature in RouterOS. you have to update your routeros to fully implement that to version 6.36.3 the feature is to add domain name in address list without the address being resolved. so it will create automatically dynamic address list and you can permit or drop specific domain name wi...
by razavim
Sun Sep 11, 2016 4:13 pm
Forum: General
Topic: MARK ESTABLISHED,RELATED Packets HTTPS/HTTP
Replies: 10
Views: 2014

Re: MARK ESTABLISHED,RELATED Packets HTTPS/HTTP

try to update your router to 6.36.3 there is feature in firewall address which you can put the domain name in address list without being resolved and it will create a dynamic address list automatically. from there you may be able to drop or permit specific domain name without being known each and ev...
by razavim
Sun Sep 11, 2016 8:15 am
Forum: General
Topic: MIkrotik Hotspot and TendaW308R WirelessWan problem multiple client can login to a single shared hotspot user
Replies: 6
Views: 858

Re: MIkrotik Hotspot and TendaW308R WirelessWan problem multiple client can login to a single shared hotspot user

1-first of all disable DHCP in tenda. 2-let mikrotik provide ip 3- if mikrotik provide internet to the network so make it AP and connect Tenda station. otherwise make your Mikrotik station bridge. however you must make your Mikrotik to give ip and Dns so try to bridge the tenda as well. there are 4 ...
by razavim
Sat Sep 10, 2016 2:38 pm
Forum: General
Topic: MIkrotik Hotspot and TendaW308R WirelessWan problem multiple client can login to a single shared hotspot user
Replies: 6
Views: 858

Re: MIkrotik Hotspot and TendaW308R WirelessWan problem multiple client can login to a single shared hotspot user

you have to bridge your tenda wireless so who ever tries to connect to your tenda wireless ssid the will be redirected to Mikrotik. i believ you have already masquered the ip of your tenda address and that is why every client is able to connect to your tenda. so : 1-make your tenda bridge to your mi...
by razavim
Fri Sep 09, 2016 8:33 am
Forum: General
Topic: Static Wan Help
Replies: 4
Views: 534

Re: Static Wan Help

I believe thats pretty much the simple conectivity without any firewall (which it must be).

Sent from my SM-N910C using Tapatalk
by razavim
Thu Sep 08, 2016 1:27 am
Forum: General
Topic: Is fasttrack active?
Replies: 9
Views: 2300

Re: Is fasttrack active?

I believe fast track is not functional on 7th series

check MUM 2016 USA you may find a good presentation about fast track on youtube.

Sent from my SM-N910C using Tapatalk
by razavim
Tue Sep 06, 2016 1:13 am
Forum: The User Manager
Topic: Hotspot doesnt want me......
Replies: 2
Views: 1136

Re: RE: Hotspot doesnt want me......

Hello guys, im on rb951-2n under load balancing pppoe client and wlan and i have the problem i will describe...... after finishing the hotspot setup, suddenly i disconnected from winbox and after that, nothing happens, no internet cannot access MT via winbox, absolutely nothing works. Can someone h...
by razavim
Tue Sep 06, 2016 12:59 am
Forum: The User Manager
Topic: Configured hotspot & webproxy but browsing error
Replies: 1
Views: 703

Re: Configured hotspot & webproxy but browsing error

It is the firewall nat problem. which port have you implemented the web proxy? if it is the same as 80 you may have to change that with regards to dynamic hotspot rules which has been created in firewall nat There is a small chance that you may have to create another nat rule and forward tcp 80 port...
by razavim
Mon Aug 29, 2016 7:51 pm
Forum: RouterBOARD hardware
Topic: Huawei E3372s support
Replies: 5
Views: 2054

Re: Huawei E3372s support

i had the same issue with RB2011UIAS and have managed to resolve the issue by replacing the power input adaptor.
by default it is 24v and 0.8A there is another adapter with same voltage but 1.2A.
Now, I can connect any usb device like E3372 without any problem