Community discussions

Search found 26 matches

by phaseform
Mon Mar 18, 2019 7:10 am
Forum: General
Topic: bridging a VLAN onto a DHCP server
Replies: 4
Views: 281

Re: bridging a VLAN onto a DHCP server

I might try untagging the VLAN on my switch port connected to the router. That would be much simpler...
would still require firewalling though
by phaseform
Sun Mar 17, 2019 11:47 pm
Forum: General
Topic: bridging a VLAN onto a DHCP server
Replies: 4
Views: 281

bridging a VLAN onto a DHCP server

If I have a DHCP server running on a LAN bridge interface. Can I create a VLAN interface (which I assume I would want to put on the physical port I want this to go on, rather than the LAN bridge) and bridge that onto my LAN bridge, so that I have a tagged VLAN on my physical port (LAN port) which wi...
by phaseform
Mon Jul 17, 2017 10:26 am
Forum: General
Topic: Routing internet through a GRE tunnel
Replies: 2
Views: 688

Re: Routing internet through a GRE tunnel

I think I've answered my question with a little tinkering
/ip route
add disabled=yes distance=1 gateway=192.168.200.1
Where 192.168.200.1 is the remote GRE tunnel IP
by phaseform
Mon Jul 17, 2017 6:05 am
Forum: General
Topic: Routing internet through a GRE tunnel
Replies: 2
Views: 688

Routing internet through a GRE tunnel

I have setup a routed GRE tunnel with IPSec as in the wiki. I'm wanting to share internet through this connection. I've tried setting my gateway as the remote router in windows to no avail. Is there a recommended way to do this?
by phaseform
Mon Jul 17, 2017 5:43 am
Forum: General
Topic: GRE/IPIP config not routing from LAN
Replies: 8
Views: 869

Re: GRE/IPIP config not routing from LAN

I solved this with the initial GRE config on the Mikrotik wiki, after resetting to default settings on all routers and building up fresh. I only did this after finding more routing errors..
by phaseform
Sat Jul 15, 2017 7:58 am
Forum: General
Topic: GRE/IPIP config not routing from LAN
Replies: 8
Views: 869

Re: GRE/IPIP config not routing from LAN

Ok yep I realize this config is very unpolished, but I'm not super familiar with the OS so its a bit of an exercise for me. No internet on 192.168.20.1 Accept rules are from an attempt to use IPSec only for VPN as in the mikrotik wiki. This was successful, but messy and didn't allow me to use the re...
by phaseform
Fri Jul 14, 2017 1:41 pm
Forum: General
Topic: GRE/IPIP config not routing from LAN
Replies: 8
Views: 869

Re: GRE/IPIP config not routing from LAN

Sure, Router 192.168.10.1 /interface> export # jul/14/2017 19:24:17 by RouterOS 6.37.5 # software id = 0W4T-E1VF # /interface bridge add name=bridge1-Lan /interface ethernet set [ find default-name=ether1 ] name=ether1-InternetPort set [ find default-name=ether2 ] name=ether2-UniFi set [ find defaul...
by phaseform
Fri Jul 14, 2017 6:32 am
Forum: General
Topic: GRE/IPIP config not routing from LAN
Replies: 8
Views: 869

Re: GRE/IPIP config not routing from LAN

No routing protocols as yet.. These are actual values for WAN IPs Router 192.168.20.1 /ip route export add distance=1 gateway=192.168.20.2 add distance=1 dst-address=10.0.0.0/8 gateway=10.122.4.65 add distance=1 dst-address=192.168.10.0/24 gateway=192.168.200.1 /ip address export add address=192.168...
by phaseform
Fri Jul 14, 2017 4:49 am
Forum: General
Topic: GRE/IPIP config not routing from LAN
Replies: 8
Views: 869

GRE/IPIP config not routing from LAN

EDIT: this appears to be a config error in one of my routers, works as expected after rebuilding from default config. I cannot seem to route through a tunnel I have created using either IPIP/GRE with an IPsec secret. I can ping hosts on the remote LAN from each router, but not from remote hosts. Th...
by phaseform
Thu Jul 13, 2017 8:45 am
Forum: Beginner Basics
Topic: Site to Site IpSec Tunnel
Replies: 23
Views: 28311

Re: Site to Site IpSec Tunnel

My advise: forget about direct IPsec tunnels and use this: https://wiki.mikrotik.com/wiki/Manual:Interface/Gre (note you can set the ipsec-secret and have IPsec below the GRE tunnel so it still is secure) Much simpler and easier to understand, no tricks with NAT required, easily extendible to more ...
by phaseform
Tue Jun 20, 2017 4:38 am
Forum: Beginner Basics
Topic: Site to Site IpSec Tunnel
Replies: 23
Views: 28311

Re: Site to Site IpSec Tunnel

I was able to get an IPsec tunnel of some sort working (I can access SMB shares on remote LAN :D ) as similar to the example in the first post, although it feels very duct taped together. It is working for the the current purpose, although I may wipe it and try for something different at some stage....
by phaseform
Thu Jun 15, 2017 3:58 pm
Forum: Beginner Basics
Topic: Site to Site IpSec Tunnel
Replies: 23
Views: 28311

Re: Site to Site IpSec Tunnel

I really just want reasonably secure routing between two subnets over a semi-private wireless WAN, GRE would be recommended? Was thinking I'd do a road warrior setup separately
by phaseform
Thu Jun 15, 2017 10:01 am
Forum: Beginner Basics
Topic: Set up hAP Lite as a switch with wifi
Replies: 5
Views: 2529

Re: Set up hAP Lite as a switch with wifi

don't need to change ports, could cause confusion in the future. Ports will only clash if they are on the same address
by phaseform
Thu Jun 15, 2017 8:36 am
Forum: Beginner Basics
Topic: Site to Site IpSec Tunnel
Replies: 23
Views: 28311

Re: Site to Site IpSec Tunnel

Thanks for your reply, in the example from the manual they put a prerouting rule the RAW firewall: add action=notrack chain=prerouting src-address=10.1.101.0/24 dst-address=10.1.202.0/24 Hopefully I have the LAN's around the correct way (src is Local, dst is remote)? I have added the rules you menti...
by phaseform
Wed Jun 14, 2017 3:54 pm
Forum: Beginner Basics
Topic: Site to Site IpSec Tunnel
Replies: 23
Views: 28311

Site to Site IpSec Tunnel

I've followed the example given here , my understanding is that this will allow packets to flow between the two LANs. I believe I have done this correctly, under Remote Peers in the IPsec window in winbox I have two entries showing my WAN IP's for the two sites. I'm not very familiar with IPsec at a...
by phaseform
Mon Apr 03, 2017 4:27 pm
Forum: General
Topic: Default password vulnerability
Replies: 6
Views: 2567

Re: Default password vulnerability

Cool thanks for the replies, I'll check it out when I'm Infront of my computer
by phaseform
Mon Apr 03, 2017 12:28 pm
Forum: General
Topic: Default password vulnerability
Replies: 6
Views: 2567

Re: Default password vulnerability

My point is why bother with a quickset if it fails to provide fundamental security? Just bugs me that people with specialised IT knowledge often say "lol amateur" rather than create solutions for beginners (specifically change login credentials on first login). -i used quickset and there were no suc...
by phaseform
Mon Apr 03, 2017 11:37 am
Forum: General
Topic: Default password vulnerability
Replies: 6
Views: 2567

Default password vulnerability

Being a beginner with router os, I configured my mikrotik routers internet connection using ppoe, and set my DSL modem to bridge mode. After opening a terminal I noticed a flood of login attempts. Only because I'd changed the login credentials first, basically by chance, did these login attempts fai...
by phaseform
Wed Aug 10, 2016 5:41 pm
Forum: General
Topic: Windows Network Name
Replies: 3
Views: 1488

Re: Windows Network Name

*Bump
wondering the same thing
by phaseform
Mon Aug 01, 2016 5:49 am
Forum: General
Topic: Mapped folder not resolving in windows
Replies: 6
Views: 741

Re: Mapped folder not resolving in windows

not using a VPN, just getting really flakey results
by phaseform
Mon Aug 01, 2016 4:27 am
Forum: General
Topic: Mapped folder not resolving in windows
Replies: 6
Views: 741

Mapped folder not resolving in windows

I have a basic workgroup LAN with a couple NAS folders mapped to my computer, trouble is I'm getting a "network path was not found" error when I try to open the mapped drive. The mapped drive has the address '\\hostname\folder' is there a way I can help this process using my Mikrotik gateway - rathe...
by phaseform
Sun Jul 31, 2016 8:36 pm
Forum: General
Topic: Suggestions
Replies: 9
Views: 2200

Re: Suggestions

@Cha0s Snap on the avatar, wasn't IPv4 made from maybe like lsd25 or something?
by phaseform
Sun Jul 31, 2016 8:32 pm
Forum: Beginner Basics
Topic: WAN open by default
Replies: 1
Views: 274

WAN open by default

Is that irresponsible of mikrotik for leaving admin access open to WAN by default using HomeAP mode in the quickset? I ssh'd in and saw 1800 login attempts luckily for me I'd only configured a pppoe bridge after changing my login
by phaseform
Sun Jul 31, 2016 5:22 pm
Forum: General
Topic: Suggestions
Replies: 9
Views: 2200

Re: Suggestions

I was just thinking that it's frustrating that the micro USB on my hAP lite is kinda temperamental, would be cool if it had the old B type USB, not as common but perhaps more reliable.
by phaseform
Sun Jul 31, 2016 5:18 pm
Forum: RouterBOARD hardware
Topic: MiniPCI-E 3G Antenna pinout
Replies: 2
Views: 716

Re: MiniPCI-E 3G Antenna pinout

Praise Jesus
by phaseform
Mon Nov 23, 2015 1:30 am
Forum: RouterBOARD hardware
Topic: MiniPCI-E 3G Antenna pinout
Replies: 2
Views: 716

MiniPCI-E 3G Antenna pinout

I have found a Dell 5520 MiniPCI-E 3G card which I intend to use with my RB411UAHR. http://www.ebay.com/itm/221941089128 Says this card is supported on the hardware page here: http://wiki.mikrotik.com/wiki/Supported_Hardware#3G_cards_and_modems I'm assuming the connectors on this card are u.FL conne...