Interesting to say the least. We have quite a number of networks we have deployed IPv6 into. I always wish when things like this happened I knew more to be able to protect our clients - but of course that is the nature of the beast. Hoping Mikrotik can patch the issue. IPArchitects has a decent idea...
For a simple setup - I suggest you peek at Mikrotik's revamped "The DUDE" Keep in mind - it runs on the router OS itself - and DOES NOT use windows or linux workstations to perform its tasks. I personally like some other solutions - Good Old Nagios, I was using Observium but then read some...
YUP - kick but router ... but when I am working with enterprise customers who are demanding some options -I do not have a choice. On the other hand - when dealing with a large portion of our customer base - they get a Mikrotik EVERY time... not only because of cost - but because it is an easy system...
Joshaven has a great solution for some RBL's - i run locally to verify myself - and the above solution works -
Needs to get tweaked for v6 i think however
While you will need to tweak this to your liking - might try using the script below which pulls from the blocklister.gefoo.org lists Keep in mind... Thousands of entries in the firewall CAN create a slow internet experience if Every Packet has to go through it. To that end - might decide to edit the...
This thread (see the end ) has a decent script if your comfortable playing in that arena http://forum.mikrotik.com/viewtopic.php?t=87219 I personally like Queue Trees better - because the system (at least it was like this on version 5 of RouterOS not sure on RouterOS 6.x) goes through every simple q...
Few methods - easiest if you are unsure how to operate Queues is to simply assign Simple Queues This can be done a few ways - just limit how much bandwidth each system is given via DHCP - and then static your own and set your priority to be 1 where theirs would be placed at the back end - and given ...
Let me first say - IT WAS NOT the trainer. He actually stated he thought they were - but I figured let me ask. Butch Evans normally steers folks in the right direction... but I felt it was wise to ask just in case especially since we have more companies beginning to use our services daily to support...
One other note: you might want to check out the script from Joshaven. http://joshaven.com/resources/tricks/mikrotik-automatically-updated-address-list/ Blocking known bad guys from even getting THROUGH your router is a great start :-) We mirror the lists he wgets and creates as well http://connectiv...
I would suggest asking in the thread you posted - especially since it appears the author may be in the thread. I would also however suggest a much different approach. Allowing Access TO your router should Only happen if you know WHO IS COMING Allowing Access THROUGH Your Router on the other hand is ...
Few things to help us on the forums who volunteer to help you: 1. Mind posting your config? (and please remember to strip out External IP addresses as needed for security reasons) 2. This is an RB951 - how many users are connecting and running through the system? I am wondering if it is a limit due ...
found this as well: http://wiki.mikrotik.com/wiki/API_PHP_package#Ping_from_router <?php use PEAR2\Net\RouterOS; require_once 'PEAR2/Autoload.php'; if (isset($_GET['act'])) {//This is merely to ensure the form was submitted. //Adjust RouterOS IP, username and password accordingly. $client = new Rout...
The easiest way is to simply setup a shared file location on a webserver Then run /tool fetch url=http://yourdomain.com/files/data.txt[code] Every script I run also has the following at the top [code] # Printing local time for Log purposes ... :local CurrentTime [/system clock get time]; :log warnin...
What you could do is setup a script so when netwatch on the host finds it is down send an snmp trap to Zabbix. We stopped using Zabbix because of the lack of dependencies AND thinks like this (admit its been a few years) Just our usage case... Anyhow - You can setup a trigger prototype using the &qu...
Most likely the ONU is NOT passing this data upstream to the DHCP server. By definition a Layer 2 CPE does not have any Layer 3 capabilities (well depending upon your system it may allow communication with the captive portal for entering the Registration ID The issue is that your looking for the ONU...
Rather than retyping - this should help. In short - each location gets their own network. https://aacable.wordpress.com/2012/11/21/different-login-page-for-multiple-network-on-mikrotik-hotspot/ Does not matter if that interface is a Wireless or Wired @ that point. The option to allow or not allow wo...
If you add the port you wish to monitor to a bridge - and then add another port to the bridge the second port on the bridge will act like a mirrored port. I know its a bit clunky - however since there are NO SWITCH CHIPS in the Cloud Core Router series - this is the work around if you need something...
Hello - Sorry I think the community is a bit stuck trying to figure out what you are asking. So lets start by answering the question that we think you asked - and then if not - having you restate the question. To set a Mikrotik to utilize a Radius Server - you simply go to the Radius menu and enter ...
Forwarding labeled packets is quite different from forwarding IP packets in that not only is the IP lookup replaced with a lookup of the label in the label forwarding information base (LFIB) but different label operations are also possible. All IPv4 packets have one or more labels. This does imply t...
Hope things are going well. Sadly we do not know how your hotspot is setup - SO it is a bit difficult to give you a clear answer. Andrew COX wrote a decent script for making sure users are limited to specific bandwidth settings. So might want to try this (of course edit to your needs) Andrew's is pa...
You need to redirect port80 for the PPPoE users to the web proxy - since the PPPoE users basically create a dynamic interface - this might be part of the issue. Instead of working on an interface I would much rather work from an IP range. This is especially true if you wish in the future to have som...
Without knowing your specific setup it is hard to say. What other jobs (if any) is the Mikrotik performing. Do you have any layer7 rules running, Firewall rules? etc Are the connections working as they should - (ie autonegotiate for interfaces working) If you have a 1/2 duplex or similar issue on a ...
Simple Queues are exactly that - Simple. You may need to expand a bit pass the simple Queues. Traffic is most likely (depending on your setup) still First In / First Out /ip firewall mangle add chain=prerouting action=mark-connection new-connection-mark=ICMP_PING passthrough=yes protocol=icmp add ch...
servers: 8.8.8.8 dynamic-servers: 10.90.5.1,8.8.8.8,78.136.107.50 allow-remote-requests: no That last line basically is making it so that the LOCAL system IS NOT answering requests for DNS You might need to enable that - and then create the firewall rules as needed. I will test in a lab tomorrowish ...
This most likely is FAR outside of the support of this forum.... especially because Installing the Dude Client WILL NOT wipe your hard drive. In any event - let's try helping you here: I would suggest first looking into the BIOS of the machine and seeing if there is an option to boot from the hard d...
Generally speaking the RB750 is a decent product - and it even supports MPLS as shown here: http://routerboard.com/RB750 Just the other night we had a customer call into our Mikrotik TAC complaining their systems were dropping and locking up (we blogged here about it: http://connectivity.engineer/ne...
Joshaven is TOP NOTCH. I have met him personally, done dinner etc with his family. He knows his stuff !!! I would however suggest you use his script BUT pull the data into / from your own source. WHY? because if his server ever were to go offline - simply said - your solution would STOP working If y...
You should be able to do this - as long as a few things are in place.
1. If your using 2 different networks and place one in HotSpot mode - than only that network would require the hotspot...
2. Is the Radius Server authentication working?
I am not using the Arbor Networks product any longer - however - might want to see what you have setup in RouterOS first. /snmp> print I know I needed to provide some MIBs back in the day - If needed - you might need to add the MIB as well You can grab the MIB from here http://download2.mikrotik.com...
Simple Firewall Rules for the VPN should work. I do not see your setup - so it is a bit difficult to figure out where the fault 100% is. Are you allowing Anyone to access your router and then use it ? (even by accident? ) Be happy to view your config if needed - chances are someone or something is u...
IS-IS I do not believe is supported even in the latest Kernel by default (i might be wrong on that one however)- At present this would require Mikrotik to do some very heavy lifting creating a ISO protocol stack - ISO addressing - CLNS etc. Here is a start - https://git.netdef.org/projects/OSR/repos...
I am not 100% sure however when you referenced the WAP is getting its management IP on a different network - it had me thinking. If both the sender and receiver for a multicast group are on the same local broadcast subnet, then the routers do not need to be involved in the process, and communication...
Mikrotik makes an excellent A Record DNS Server for simple entries - However - the Server still requires fully qualified domain names - Or at minimum NO SPACES http://wiki.mikrotik.com/wiki/Manual:IP/DNS#All_DNS_Entries In short they are following the RFC Specs outlined here: http://www.ietf.org/rfc...
Perhaps we do not have enough information to help you with the request... I do know in the past I personally had issues with a client after an upgrade. I ended up increasing the time outs and voila - worked like a champ. Quick ? Are you using sstp-server interface bindings on server's side, or do yo...
It might be a simple BIOS setting - might check and see if you have PNP or similar activated. Also - I noticed your using an older version of RouterOS 5.2 There are a large number of advantages to utilizing the later versions - Mind letting us know a bit more about your setup? What system / motherbo...
If you go to terminal please do the following /ip dns print It could be that DNS is timing out - OR your provider may be limiting the number of requests - It could also be that you have an invalid setup of sorts When this happens - you might also try to resolve domains on the Mikrotik itself /tools ...
There are various solutions for SIP clients behind NAT, some of them in client side (STUN, TURN, ICE), others in server side (Proxy RTP as RtpProxy,MediaProxy). Sadly - we are not sure how your SIP provider is providing the solution to your setup - SO - this information might need to be tweaked just...