MikroTik

aboiles

You can try this and see if it helps, make changes as required. SITE B router /ip firewall nat add action=accept chain=srcnat comment="VPN to C" dst-address=172.21.0.0/16 src-address=192.168.20.0/24 /ip route add check-gateway=arp comment="VPN to C" distance=2 dst-address=172.21.0.0/16 gateway=bridg...

aboiles

Script is no longer functioning, no updates since last night.

aboiles

[admin@CHR-O] > /tool fetch mode=https dst-path=/disk1/filters.rsc url="https://bl .mikrotikfilters.com/fetch.phppriority=3"; status: failed failure: closing connection: <404 Not Found> 35.236.78.203:443 (4) [admin@CHR-O] > /tool fetch mode=https dst-path=/disk1/filters.rsc url="https://bl .mikrotik...

aboiles

what is the new password for a fresh install of chr.
admin- blank no longer works

aboiles

License error on prior chr versions with winbox 3.14rc1.
No issues with winbox 3.13

aboiles

Dave that sounds reasonable to me, could also be yearly subscriptions.
Say $50 yr 5 devices, $150 yr 15 devices.

aboiles

Tried to upgrade Hyper-V CHR from 6.42 to 6.43rc3 - FAILED No connection via winbox mac. Hyper-V terminal froze. Restored from backup, tied again - same result. Downloaded fresh CHR VHDX image. pasted configuration and nothing worked. started fresh, and the only issue I could find was the interfaces...

aboiles

For us it's usually SMB, we have had to return to 2.3.
We thought 2.7 had fixed the issues of 2.5 and 2.6, but 2.7 drops to back crawling without any rhyme or reason, so we had to go back to 2.3.

aboiles

That is a working vpn, can you post a traceroute from one end point to another.

aboiles

I didn't use wireless,bridges and master port.
You said a vpn between two RB951G-2HND.
How are interfaces 2-5 configured and is there anything plugged in to those ports.
And can you please use winbox and let us know if the route is flagged green or not.

aboiles

Check out post viewtopic.php?f=2&t=127198
near the bottom.

aboiles

From what you have posted, this configuration should work. But please verify the info is correct for your 10.1.1.10 router. Reverse the info for the other router. Though it looks like you have your wireless enabled, are you running in master/slave or bridge mode on your ports? If you are running in ...

aboiles

under ip route in winfig is the route flagged green?
and you still can't ping the other routers lan ip address from your local router?

this is my normal setting if I need to work router to router on a site to site vpn.

aboiles

When all else fails on a vpn. I add a route.
Try this and see.

10.1.1.20
/ip route
add check-gateway=arp comment="VPN to ?" distance=2 dst-address=192.168.22.0/24 gateway=ether2

10.1.1.10
/ip route
add check-gateway=arp comment="VPN to ?" distance=2 dst-address=192.168.44.0/24 gateway=ether2

aboiles

I was hoping for news of the CRS328-24P-4S+RM.
Any info on release date?

aboiles

I am interested in your modification, my CSS326 is usually running about 69-70c.
Please let me know your results.

aboiles

Scheduler issue with v6.40 rc18. Tested and confirmed only on CHR. If the entry is set to run at startup with a recurrence, it will NOT run at all. If the same entry is set to ONLY run at startup, it runs correctly. If the same entry is set for recurrence ONLY, it runs correctly. Change it to run bo...

aboiles

Thanks Dave,
Script works great on the CHR now!

aboiles

Don't know Dave, I think it may have something to do with the software-id. I'm getting a blank for software-id from the chr's. [admin@router] > :put [/system resource get board-name] CHR [admin@router] > :put [/system resource get version] 6.40rc15 (testing) [admin@router] > :put [/system resource g...

aboiles

slightly modified the script by removing the extra spaces in the local info section and now have it running on a 2011UiAS-2HnD, 951G-2HnD and a CRS125-24G-1S-2HnD.
still fails on a CHR with the same error-All fields are required. Please update your script. dynamic.rsc

aboiles

tried both the auto installer - script ver 2017.5.2a
and the code ver 2017.5.30c.
Am still getting the All fields are required. Please update your script. dynamic.rsc

aboiles

Hello Dave,
The script has the ?, when pasted in terminal it disappears.
The log only has an entry of-
script error: expected command name (line 1 column 1)
The downloaded dynamic.rsc only has one line-
All fields are required. Please update your script.

aboiles

Hello Dave, I am now getting an error when I run the script- url="https://mikrotikfilters.com/download.phpget=dynamic&model=$model&vers ion=$ver&memory=$memory&id=$name&ver=$scriptVer&softid=$softid"; status: failed failure: closing connection: <404 Not Found> 172.102.241.58:443 (4) The script worke...

aboiles

CHR v6.39rc45 update error, the interfaces are missing.
console error- info failed: std failure: timeout (13)
system reboots at 16% when trying to run supout.

restored from backup (6.39rc41) and retried the package update, same results.

aboiles

Since you have not posted at least you config, it makes it hard to help you. it could be your issues are firewall related, try these and see if they help. /ip firewall address-list add address=172.20.14.0/24 list=ipsec /ip firewall filter add action=fasttrack-connection chain=forward comment=FastTra...

aboiles

nexthop should have been 172.20.14.1, not your gateway.
please post both sides of the vpn if possible.

aboiles

can you post the output of-

/ip ipsec remote-peer print

/ip route check xxx.xxx.xxx.xxx (valid ip of a system on the the destination lan)

aboiles

/ip firewall nat add action=accept chain=srcnat comment="VPN" dst-address=172.20.14.0/24 src-address=192.168.217.0/24 /ip route add check-gateway=arp comment="VPN" distance=2 dst-address=172.20.14.0/24 gateway= bridge (replace with your nomenclature) If it's configured correctly on the other end, it...

aboiles

I am currently blocking the private scopes via blackhole routes.
I just found out our ISP (Frontier FIOS) is routing some of the private scopes.
I am wondering if there is a correct way to implement these on a Mikrotik router.

aboiles

They should not be the same network-

This XXX:XX:XXX in "XXX:XX:XXX" in 2001:XXX:XX:XXX::1 should be "XXX:XY:XXX" in 2001:XXX:XY:XXX::1

see the manual- http://wiki.mikrotik.com/wiki/Manual:My ... v6_Network

aboiles

I am no longer able to update the CHR, /system license> print system-id: - level: p1 limited-upgrades:yes next-renewal-at: feb/21/2016 19:03:55 deadline-at: feb/16/2016 21:59:59 update purchased license, renewed from winbox and rebooted. system upgraded to 6.35rc11

aboiles

I am no longer able to update the CHR,

/system license> print
system-id: -
level: p1
limited-upgrades:yes
next-renewal-at: feb/21/2016 19:03:55
deadline-at: feb/16/2016 21:59:59

aboiles

Server 2012R2 CHR as VM Router OS c6.35rc2 Microsoft-Windows-Hyper-V-VmSwitch EventID 27 Networking driver in chr loaded but has a different version from the server. Server version 5.0 Client version 3.2 (Virtual machine ID 59ECB3F6-B990-41F1-9013-786895557B5C). The device will work, but this is an ...

aboiles

RB2011UiAS-2HnD upgrade from 6.34rc12 to 6.34rc16 resulted in endless reboot. RB951G-2HnD upgrade from 6.34rc12 to 6.34rc16 worked correctly UPDATE-- RouterBOOT booter 3.24 RouterBoard 2011UiAS-2HnD CPU frequency: 600 MHz Memory speed: 200 MHz Memory size: 128 MiB NAND size: 128 MiB Press any key wi...

aboiles

6.34rc5 shows in the tracker page, but is not accessible.
Download still shows 6.34rc3 as the latest.

aboiles

try https://www.mikrotik.com/download/route ... 33.torrent
but so far no seeders

Search found 36 matches

Re: IPSEC VPN Between 3 Sites [SOLVED]

Re: Blacklist Filter (Development Topic)

Re: Blacklist Filter (Development Topic)

Re: v6.43rc [release candidate] is released!

Re: v6.43rc [release candidate] is released!

Re: Blacklist Filter update script

Re: v6.43rc [release candidate] is released!

Re: CSS326 slow SFP+ speed

Re: Another one IPSEC topic

Re: Another one IPSEC topic

Re: Another one IPSEC topic

Re: Another one IPSEC topic

Re: Another one IPSEC topic

Re: Another one IPSEC topic

Re: Newsletter 76

Re: CSS326-24G-2S+ & active cooling

Re: v6.40rc [release candidate] is released!

Re: Blacklist Filter update script

Re: Blacklist Filter update script

Re: Blacklist Filter update script

Re: Blacklist Filter update script

Re: Blacklist Filter update script

Re: Blacklist Filter update script

Re: v6.39rc [release candidate] is released

Re: IPSec connection established but network is not reachable

Re: IPSec connection established but network is not reachable

Re: IPSec connection established but network is not reachable

Re: IPSec connection established but network is not reachable

Correct implementation of RFC 1918 and/or RFC 3330

Re: IPV6 internal configuration

Re: Cloud Hosted Router

Re: Cloud Hosted Router

Re: Cloud Hosted Router

Re: 6.34 release candidate version topic!

Re: 6.34 release candidate version topic!

Re: 6.33 version released!