Community discussions

MikroTik App

Search found 38 matches

by tonny
Thu May 28, 2020 12:16 pm
Forum: General
Topic: implicit firewal rules
Replies: 4
Views: 659

Re: implicit firewal rules

I don't think so. To my knowledge, it's best practice to have the first rule to be allow access from you management network. The firewall is statefull, so once logged-in you can work on your FW rules without issues or losing contact (you can even turn on safe mode). Just open a second session to tes...
by tonny
Thu May 28, 2020 11:55 am
Forum: General
Topic: implicit firewal rules
Replies: 4
Views: 659

implicit firewal rules

Hi, When having a routeros without any firewall rules at all, there is an implicit allow, which I think is okay. But, IF one create an firewall rule to allow specific traffic, the implicit allow does not turn itself into an implicit drop. So, unless there is a "drop all" at the end, none of the fire...
by tonny
Sun Nov 24, 2019 12:43 pm
Forum: Forwarding Protocols
Topic: ospf filter public nets [SOLVED]
Replies: 2
Views: 2212

Re: ospf filter public nets [SOLVED]

Thnx, Think I missed prefix-length as a range

will be testing tomorrow ;)

update: now I know i missed specifying the prefix as a range. Works perfectly now.
by tonny
Mon Nov 18, 2019 9:39 pm
Forum: The Dude
Topic: error: missing packages
Replies: 1
Views: 1980

error: missing packages

Hi, When I try to upgrade router(s) from the dude, I get an error on missing packages https://i85.photobucket.com/albums/k53/944317/it%20forum/error_zpsnflznno1.jpg comparing the installed packages (router) and available (dude) it matches https://i85.photobucket.com/albums/k53/944317/it%20forum/file...
by tonny
Fri Nov 15, 2019 4:40 pm
Forum: Forwarding Protocols
Topic: ospf filter public nets [SOLVED]
Replies: 2
Views: 2212

ospf filter public nets [SOLVED]

Hi, We use OSPF to distribute connected and static routes, which works pretty well. All networks varies between /22 and /27 and are both, public and private nets. I't nice to distribute connected nets, because it greatly cuts down maintenance. The thing is .... we don't want the public nets be be di...
by tonny
Thu Oct 31, 2019 4:45 pm
Forum: Forwarding Protocols
Topic: manipulate ospf equal cost multi-path
Replies: 3
Views: 1966

Re: manipulate ospf equal cost multi-path

Thnx for the suggestion. By coincidence, I found another solution that does work too

/routing ospf instance add metric-other-ospf=21 
    
by tonny
Thu Oct 31, 2019 3:23 pm
Forum: Forwarding Protocols
Topic: manipulate ospf equal cost multi-path
Replies: 3
Views: 1966

manipulate ospf equal cost multi-path

Hi, I have a setup with multiple routers in two OSPF area's, which basicly runs fine. Simplified it looks like this : +---------+ | +---+ rtr-B1 +----+ +---------+ | +---------+ | Net-A -------+ rtr-A +-----+ | +---------+ | +---------+ | +---+ rtr-B2 +----+ +---------+ | | +---------+ +----+ rtr-C1...
by tonny
Thu Oct 17, 2019 7:29 pm
Forum: Forwarding Protocols
Topic: Reversed route injection
Replies: 0
Views: 1553

Reversed route injection

Hi, We have a number of routers which are interconnected and share routing info over OSPF which works great. Most -if not all- take vpn tunnels over IPSEC. Some routers are Cisco ASA's and even thought I hate to say it, they have one great feature: "Reversed route injection". That makes sure the sub...
by tonny
Thu Aug 22, 2019 1:54 pm
Forum: General
Topic: Trafficflow & FW drops
Replies: 0
Views: 434

Trafficflow & FW drops

Hi,
I configured traficflow and it all works well. However, one thing I'd like to see in there too, are de FW drops.
Yes....it's contradictory, when it's dropped there is no flow to report. Any ideas to make drops visible in netflow analyzers?
Thnx.
Tonny
by tonny
Thu Sep 20, 2018 3:37 pm
Forum: General
Topic: multiple DHCP client
Replies: 3
Views: 558

Re: multiple DHCP client

Thnx!! I like that trick .... it does it nicely and each vrrp instance is in interface so all one can wish for :D
by tonny
Wed Sep 19, 2018 4:38 pm
Forum: General
Topic: multiple DHCP client
Replies: 3
Views: 558

multiple DHCP client

Hi, My ISP gives me up to 5 (public) IP's, but all based upon DHCP. I want to use at least 3 inbound (using DDNS), outbound office and outbound guests. Off course you can have only one dhcp client on an interface. Any other idea's then using multiple interfaces? (Yes, i tried vlan 1 attached to the ...
by tonny
Sun Sep 02, 2018 1:36 pm
Forum: General
Topic: abort on existing packages
Replies: 1
Views: 271

abort on existing packages

I upgraded my 2011UiAS-2HnD to 6.42.7 Afterwards i wanted to add extra packages. I just dragged the lot into winbox and rebooted. After reboot, not all packages where installed. Log says omitting dhcp package since it exist. After i deleted the dhcp package file out of the files folder and rebooted,...
by tonny
Thu May 31, 2018 9:43 am
Forum: General
Topic: SMS without data subscription
Replies: 3
Views: 721

Re: SMS without data subscription

Thnx for a little background on how gsm works. I sent the question (and rif file) to support indeed.
by tonny
Tue May 29, 2018 11:09 am
Forum: General
Topic: Upgrade RB2011
Replies: 2
Views: 490

Re: Upgrade RB2011

I've had some issues if you want to connect this low-level with an RB while having a virtualbox network adapter enabled. So, if you have oracle virtualbox installed, disable them and retry
by tonny
Tue May 29, 2018 9:58 am
Forum: General
Topic: SMS without data subscription
Replies: 3
Views: 721

SMS without data subscription

Hi, We have an wAP-lte(kit) which we want to send out some alert SMS notifications. Since it's only intended to send SMS, they provided me with a simcard with only an SMS bundle on it. I tested it first in a cellphone, and that works well. In the wAP however, it will not. The log gives me : 08:41:42...
by tonny
Fri May 25, 2018 12:43 pm
Forum: General
Topic: Feature Request: TACACS/TACACS+
Replies: 40
Views: 12000

Re: Feature Request: TACACS/TACACS+

+1 for TACACS/TACACS+ support
by tonny
Mon Sep 18, 2017 3:45 pm
Forum: General
Topic: interface graph refresh
Replies: 0
Views: 482

interface graph refresh

Ho, can we get
<meta http-equiv="refresh" content="300">
in the graphings ( http://mydevice/graphs/iface/etherx ) ? we have a customer who likes to put it up on a wallboard

Kind regards
Tonny
by tonny
Tue Aug 29, 2017 8:27 pm
Forum: The Dude
Topic: Dude v6 - Feature request list
Replies: 76
Views: 31257

Re: Feature request list for Dude v6

scheduled device upgrades
scheduled config backups
by tonny
Fri Aug 18, 2017 4:59 pm
Forum: Wireless Networking
Topic: 1 WiFi Device as Station and AP Bridge
Replies: 9
Views: 3661

Re: 1 WiFi Device as Station and AP Bridge

Thanks for the suggestion but reversing it and do manual frequency etc is not the way i would like it to use or work. I'll stick to dual radio
Especially for my main application later on. I will be re-using an RB433 for which i have radios to spare.
by tonny
Fri Aug 18, 2017 10:32 am
Forum: Wireless Networking
Topic: 1 WiFi Device as Station and AP Bridge
Replies: 9
Views: 3661

Re: 1 WiFi Device as Station and AP Bridge

Got it all up and running nicly, but after some real usage i found a flaw in the design The connection list only works on the "real" wlan interface in station mode. The virtual wlan interface (in AP mode where i connect my devices to) will not work unless real wlan is running, which requires a valid...
by tonny
Wed Aug 16, 2017 11:41 am
Forum: The Dude
Topic: Dude v6 - Feature request list
Replies: 76
Views: 31257

Re: Feature request list for Dude v6

I'd like to have import/export between winbox ( Addresses.CDB / addresses.WBX ) and Dude. We have multiple engineers installing devices. Every once in a while we merge the winbox addresses so we all know each customer box(es). For firmware updates dude will be more effective. Also access to multiple...
by tonny
Mon Aug 14, 2017 9:32 pm
Forum: Scripting
Topic: security profile & connectionlist
Replies: 1
Views: 827

security profile & connectionlist

Hi, I am carrying an mAP as my personal ap which also builds a encrypted tunnel to my home router. For internet access the mAP is using a set of security profiles and a connectionlist to connect itself to a known available WiFi network. Every now and then i need to add a profile and connection. I wa...
by tonny
Thu Aug 03, 2017 9:19 pm
Forum: Wireless Networking
Topic: mAP auto connect to (known) available network
Replies: 3
Views: 780

Re: mAP auto connect to (known) available network

Thanks, that got me going.
Looks like it can't be done on a virtual wlan interface (found that the hard way)
by tonny
Tue Aug 01, 2017 9:10 pm
Forum: Wireless Networking
Topic: 1 WiFi Device as Station and AP Bridge
Replies: 9
Views: 3661

Re: 1 WiFi Device as Station and AP Bridge

do you mind sharing the config ?
by tonny
Tue Aug 01, 2017 8:41 pm
Forum: Wireless Networking
Topic: mAP auto connect to (known) available network
Replies: 3
Views: 780

mAP auto connect to (known) available network

Hi, I often have got an mAP with me. I make it connect to an available WiFi network, and have my devices connected via the two eth ports. However, i want to get rid of each time entering the ssid/psk. I would like to have a list of SSIS/psk pairs in the mAP and the mAP connect automatically to an av...
by tonny
Tue Mar 28, 2017 10:00 am
Forum: General
Topic: BW test tool
Replies: 3
Views: 1217

Re: BW test tool

Thnx, maybe that explains why i never get above 2Gb ..... i'll try traffic-gen
by tonny
Mon Mar 27, 2017 10:38 am
Forum: General
Topic: BW test tool
Replies: 3
Views: 1217

BW test tool

Hi, we have got 2 CCR1009-8G-1S-1S+ connected with 10Gb fiber modules. We reset the routers and only put an IP on each SFP+ interface.
UDP bandwithtest never gets above 2Gb. Any suggestions on how to test Bw up to 10Gb ??
by tonny
Thu Mar 09, 2017 10:12 am
Forum: Scripting
Topic: joblist fills with scheduled job
Replies: 0
Views: 430

joblist fills with scheduled job

Hi, I have a script that cycles the sniffer every 10 minutes which looks like this : /system scheduler add interval=10m name=Dumpcap on-event=":local timestamp [/system clock get date] \r\ \n:local DAY [ :pick \$timestamp 4 6 ]\r\ \n:local timestamp [/system clock get time] \r\ \n:local HR [ :pick \...
by tonny
Wed Feb 01, 2017 1:26 pm
Forum: The Dude
Topic: Passing configuration from dude to Mikrotik devices
Replies: 1
Views: 537

Re: Passing configuration from dude to Mikrotik devices

i've just logged in to look for exact the same thing. I've managed the software updates which is nice, but indeed, i would like to use the dude for config changes as well. Going over 108 devices for each and every change is not funny, and instead of writing scripts that simulates console login and t...
by tonny
Wed Dec 21, 2016 10:15 am
Forum: General
Topic: VRRP adresses
Replies: 3
Views: 574

Re: VRRP adresses

after some testing ..... the value running does not represent the fact the vrrp is enabled, but represents master (1) of backup (0)
by tonny
Wed Dec 21, 2016 9:53 am
Forum: General
Topic: VRRP adresses
Replies: 3
Views: 574

Re: VRRP adresses

@Sob, thanks, indeed it works.

Does anybody know by chance how to test the VRRP state in mikrotik script language ? I would like to doe something like :
if "vrrp_1_state = backup" then {
if "vrrp_2_state = master" then {
}
}
by tonny
Mon Dec 19, 2016 9:06 pm
Forum: General
Topic: winbox for ubuntu
Replies: 37
Views: 41549

Re: winbox for ubuntu

native winbox for Ubuntu/linux
+1
by tonny
Mon Dec 19, 2016 8:46 pm
Forum: General
Topic: VRRP adresses
Replies: 3
Views: 574

VRRP adresses

Hi, In all VRRP examples you see the VRRP address in the same subnet as the routers individual IP address. But is that mandatory ? For the connection to an external party, a /30 subnet is used, so i don't have addresses to do so. Is the config below a valid solution to get around that ? [Router 1] /...
by tonny
Mon Jul 11, 2016 10:33 am
Forum: General
Topic: new nic on i386
Replies: 0
Views: 430

new nic on i386

Hi,

We have installed the i386 router o/s (lic. level 4) as virtual machine which works fine. However, we added new networkcards, but they don't show up in winbox not even after reboot

Any suggestions ?
Thnx, Tonny
by tonny
Fri Mar 25, 2016 3:45 pm
Forum: General
Topic: win10 mac-telnet
Replies: 4
Views: 1038

Re: win10 mac-telnet

a bit of fiddling with the bindings (ethernet as first card), disable virtualbox and tab network cards ....
can get it to work when really needed but still has me puzzled
by tonny
Sun Jan 24, 2016 5:35 pm
Forum: General
Topic: win10 mac-telnet
Replies: 4
Views: 1038

win10 mac-telnet

Hi,
After "upgrade" to win10 it seems i can no longer use the mac-telnet to mikrotik. I asked someone else who recently switched to win10 and he has the same issue. Any sugesstions ho to fix that ?
( I would expect something you need to tweak in powershell :? )
Thnx,
by tonny
Mon Oct 19, 2015 10:28 am
Forum: Forwarding Protocols
Topic: RIP route consolidation
Replies: 7
Views: 1966

Re: RIP route consolidation

Thanks, i thought along the same lines, and I tried is again with your suggestions, but ..... nope still no route summary as i would like to see it :?
by tonny
Fri Oct 09, 2015 11:03 am
Forum: Forwarding Protocols
Topic: RIP route consolidation
Replies: 7
Views: 1966

RIP route consolidation

Hi, We've created a network of 50 (and growing) Mikrotik routers. Each router has 3 local networks with subnets 10.x.10.y /24 10.x.60.y /24 10.x.80.y /24 where x represents the location number and y is assigned by dhcp in the mikrotik. All mikrotik's can see each other via the wan interface using 17...