Community discussions

MikroTik App

Search found 47 matches

by jrosetto
Thu Jun 06, 2019 4:52 pm
Forum: General
Topic: Mikrotik Console Port
Replies: 4
Views: 785

Re: Mikrotik Console Port

So disabling the baud rate on the serial port takes care of the issue. Knowing that I could possibly run into an issue in the future and need that port I am going to put a sticker over every one of them so the end user doesn't get any bright ideas...
by jrosetto
Wed Jun 05, 2019 5:09 pm
Forum: General
Topic: Mikrotik Console Port
Replies: 4
Views: 785

Mikrotik Console Port

Just had an interesting situation with a Mikrotik CRS328-24P-4S+RM. Customer called and stated that their network was down. We went on-site to find that someone had plugged a network cable into the console port of the switch that was running to another switch into the network port. The switch will h...
by jrosetto
Thu Feb 07, 2019 10:32 pm
Forum: General
Topic: Mikrotik OpenVPN Client to PFSense OpenVPN Server (Site-to-Site VPN)
Replies: 5
Views: 2861

Re: Mikrotik OpenVPN Client to PFSense OpenVPN Server (Site-to-Site VPN)

I just finished setting up an IPSEC connection from mikrotik to pfsense and it worked flawlessly. You may consider doing the same.
by jrosetto
Thu Feb 07, 2019 10:28 pm
Forum: General
Topic: Voice VLAN
Replies: 6
Views: 1926

Re: Voice VLAN

I'm assuming from the lack of replies that this is not possible?
by jrosetto
Wed Feb 06, 2019 5:19 pm
Forum: General
Topic: Voice VLAN
Replies: 6
Views: 1926

Re: Voice VLAN

See here . This is great for getting started. I managed to get the CRS3 to split the 24 ports into 3 segmented VLANs. From there I added all ports to each vlan bridge and setup a rule to assign a VLAN to by mac address and it worked as well. Thank you for that. Last question... for the source mac a...
by jrosetto
Tue Feb 05, 2019 9:44 pm
Forum: General
Topic: Voice VLAN
Replies: 6
Views: 1926

Re: Voice VLAN

Making some headway. I have everything working if I assign my vlan to Ether5 which is the port the switch is plugged into. It is my understanding that I should be able to assign the VLAN directly to the bridge and have it function on any port since the switch is doing the tagging. What am I missing ...
by jrosetto
Tue Feb 05, 2019 9:29 pm
Forum: General
Topic: Voice VLAN
Replies: 6
Views: 1926

Re: Voice VLAN

I would like to replace both of the switches in building 1 & 2 with a CRS MikroTik switch. Is there any way to setup Auto-Voice VLAN in MikroTik switches to function in the same manner as Cisco using Vendor MAC codes? Only use the CRS3xx series and use this approach. I am currently using a RB1100AH...
by jrosetto
Tue Feb 05, 2019 3:27 pm
Forum: General
Topic: Voice VLAN
Replies: 6
Views: 1926

Voice VLAN

We have just acquired a company that has Cisco switch with Auto Voice VLAN enabled on VLAN10. I was able to program a RB1100AHx4 to accept this VLAN configuration. Now I am working on the moving from the Cisco switches and replacing them with Mikrotik switches. Let me give you a quick rundown of the...
by jrosetto
Fri Sep 28, 2018 8:13 pm
Forum: General
Topic: Queue Tree Question
Replies: 0
Views: 332

Queue Tree Question

I have a commit of 24mbps with an ISP which means I can only use a max of 24mbps upload or download together.

How can I setup a queue that will trap download and upload in one tree so I can limit the total upload and download to 24?

Appreciate any help that is given,

Thanks.
by jrosetto
Fri Jun 29, 2018 8:57 pm
Forum: General
Topic: Scripting Help
Replies: 1
Views: 340

Re: Scripting Help

Was easier than I though.

:global variablename [/file get example.txt contents];

pass variable with

[$variablename]
by jrosetto
Fri Jun 29, 2018 7:28 pm
Forum: General
Topic: Scripting Help
Replies: 1
Views: 340

Scripting Help

I am tring to automate updating an IP address, username, and password for a PPTP client that I have. I have the files being parsed and and I have the router pulling them every hour. Currently I have 3 files which are ip.domain.com (inside the file I have the IP address with no spaces) un.domain.com ...
by jrosetto
Fri Jun 22, 2018 8:47 pm
Forum: General
Topic: OpenVPN Client Wont Connect
Replies: 8
Views: 3205

Re: OpenVPN Client Wont Connect

If anyone has managed to get this to work let me know. For right now I'm using their PPTP option. I know PPTP is insecure but at this point it is better than nothing for free.
by jrosetto
Wed Jun 20, 2018 3:18 pm
Forum: General
Topic: OpenVPN Client Wont Connect
Replies: 8
Views: 3205

Re: OpenVPN Client Wont Connect

I'm starting to think you are right about the route not getting created correctly. How would i go about manually creating the routes without having access to the other side?
by jrosetto
Wed Jun 20, 2018 2:51 pm
Forum: General
Topic: OpenVPN Client Wont Connect
Replies: 8
Views: 3205

Re: OpenVPN Client Wont Connect

Compression is disabled, they have the option for both tcp and udp... I am using TCP. The routes seem to be getting created and they say reachable. Any way to crank the logging up so I can see more? I added ovpn to logging but it only shows me the handshake then shows connected for about a minute th...
by jrosetto
Tue Jun 19, 2018 11:04 pm
Forum: General
Topic: OpenVPN Client Wont Connect
Replies: 8
Views: 3205

OpenVPN Client Wont Connect

I am trying to get an OpenVPN client to function on Mikrotik but it doesn't want to work. I configured the same thing on a windows client and it works fine. Yes I am using TCP. https://freevpn.me/accounts/ They provide certificates and username/password. I imported the cert's, manually configured th...
by jrosetto
Tue Jun 19, 2018 7:24 pm
Forum: General
Topic: PPTP Client Queue question
Replies: 0
Views: 292

PPTP Client Queue question

SO I have mangle rules setup for my WAN and split into Download and Upload queues. I just implimented a PPTP VPN Client on the Mikrotik and for the life of me I can't manage to shape the traffic that is going over the VPN. Is there a way to pull this off or is the encryption of the VPN screwing ever...
by jrosetto
Tue Jun 19, 2018 6:09 pm
Forum: Wireless Networking
Topic: CAPSMAN + Dynamic Mesh?
Replies: 2
Views: 1055

Re: CAPSMAN Dynamic Mesh

click on one of the 3 Mesh circles and eventually one will turn white.
I'm not exactly sure what you are getting at here. Can you elaborate further please?
by jrosetto
Wed Jun 13, 2018 4:36 pm
Forum: Wireless Networking
Topic: CAPSMAN + Dynamic Mesh?
Replies: 2
Views: 1055

Re: CAPSMAN + Dynamic Mesh?

After doing more research it would appear HWMPplus is what I am looking for.

Anybody with experience that can confirm this?
by jrosetto
Wed Jun 13, 2018 4:11 pm
Forum: Wireless Networking
Topic: CAPSMAN + Dynamic Mesh?
Replies: 2
Views: 1055

CAPSMAN + Dynamic Mesh?

Question about running CAPSMAN as well as Dynamic Mesh. I am using cAP AC devices with duel radios. I am considering setting up CAPsMAN with 9 AP's, hardwiring them, and also configuring Dynamic Mesh on top of it for failover if the cable fails. I understand that with everything running on the same ...
by jrosetto
Fri Mar 16, 2018 5:08 pm
Forum: General
Topic: Android MikroTik Btest Compatible App
Replies: 4
Views: 2534

Re: Android MikroTik Btest Compatible App

I would pony up as well.
by jrosetto
Wed Mar 14, 2018 7:44 pm
Forum: General
Topic: BTest gone?
Replies: 1
Views: 1207

Re: BTest gone?

For anyone else looking the link is gone but the file is still there.

http://www.mikrotik.com/download/btest.exe
by jrosetto
Wed Mar 14, 2018 7:01 pm
Forum: General
Topic: BTest gone?
Replies: 1
Views: 1207

BTest gone?

So I just went to download the btest windows executable off the mikrotik downloads section and it is completely missing. Does anyone know where I can download it from?
by jrosetto
Mon Jan 22, 2018 7:57 pm
Forum: General
Topic: Mikrotik Queue using OpenVPN [SOLVED]
Replies: 4
Views: 1045

Re: Mikrotik Queue using OpenVPN [SOLVED]

Thanks for all the help. I already have a queue tree configured shaping other traffic so I will stick with that. To be honest I am really only worried about the outbound traffic... good ol' cable internet. You have the option to shape using Simple queues or queue tree attached to interface. Using si...
by jrosetto
Mon Jan 22, 2018 4:59 pm
Forum: General
Topic: Mikrotik Queue using OpenVPN [SOLVED]
Replies: 4
Views: 1045

Re: Mikrotik Queue using OpenVPN [SOLVED]

That makes sense. I need to split upload and download of the VPN connections to shape them properly. Is this possible with the encrypted connection or am I stuck throwing it all into one queue? OpenVPN on the router is a virtual interface: it's traffic will still leave over your regular WAN interfac...
by jrosetto
Fri Jan 19, 2018 9:25 pm
Forum: General
Topic: Mikrotik Queue using OpenVPN [SOLVED]
Replies: 4
Views: 1045

Mikrotik Queue using OpenVPN [SOLVED]

I have enabled OpenVPN on the router and have it functioning on a few computers and remote SIP phones. Any suggestions on setting up mangle rules for the VPN connections so I can place them in my traffic queue I have already created. I have mangle rules setup and functional for servers in my network...
by jrosetto
Fri Oct 27, 2017 4:09 pm
Forum: Wireless Networking
Topic: wAP AC CAPSMAN Question
Replies: 3
Views: 1054

Re: wAP AC CAPSMAN Question

We dont See this issue with 6.40.4 Basically I pull the wAP AC out of the box, plug in power and hold the reset button for 10 seconds to place it into caps mode. Once the device provisions it is forced to update to the latest version. I have no idea what version it is on when it comes out of the bo...
by jrosetto
Thu Oct 26, 2017 4:40 pm
Forum: Wireless Networking
Topic: wAP AC CAPSMAN Question
Replies: 3
Views: 1054

wAP AC CAPSMAN Question

I am trying to mass deploy wAP AC access points using CAPSMAN configured on the router. When I hold the reset button on the wAP AC for 10 seconds to put the device into CAP mode it only selects WLAN1 to be assigned. Is there a way to make it select the WLAN2 as well without having to login to every ...
by jrosetto
Fri May 19, 2017 2:04 pm
Forum: General
Topic: SRC-NAT Question
Replies: 5
Views: 1652

Re: SRC-NAT Question

Also I have been unable to ping any IP except the first in my block of 5 from outside the network with either setup. Is this normal? We have used the SRC-NAT setup with other providers without issue so I am a little lost. Thanks again for your time. In my experience, proxy arp is only unreliable if...
by jrosetto
Wed May 17, 2017 2:17 pm
Forum: General
Topic: SRC-NAT Question
Replies: 5
Views: 1652

Re: SRC-NAT Question

Your srcnat chain should look something like this: out-interface=wan src-address=ip.of.lan.a/24 action=src-nat to-address=a.a.a.a (use the correct LAN netmask if /24 is not correct, and a.a.a.a = public IP for LAN A) out-interface=wan src-address=ip.of.lan.b/24 action=src-nat to-address=b.b.b.b out...
by jrosetto
Tue May 16, 2017 11:05 pm
Forum: General
Topic: SRC-NAT Question
Replies: 5
Views: 1652

SRC-NAT Question

I have two lans separated by two bridges and a block of 5 public IP's. Whenever I add my src-nat to forward all outgoing traffic to another IP for the second lan I start to get packet loss from the router. Any suggestions on how to diagnose what is going on? I have ready every tutorial on the intern...
by jrosetto
Mon Oct 24, 2016 6:33 pm
Forum: General
Topic: DHCP issue when router goes offline
Replies: 3
Views: 659

Re: DHCP issue when router goes offline

You your server to get dhcp to client. Or yous from your switch or your acces points. Sent from my iPhone using Tapatalk I want to use Mikrotik for the DHCP. I'm not worried about new computer requesting IP's from the DHCP, I am only concerned about the computers that have already been issued an IP...
by jrosetto
Mon Oct 24, 2016 3:17 pm
Forum: General
Topic: DHCP issue when router goes offline
Replies: 3
Views: 659

DHCP issue when router goes offline

In the past with previous routers when it is unplugged or goes offline the client computers retain their IPs and are still able to function with a local server. With Mikrotik I've noticed that within seconds of unplugging the router they lose their IP and go to a private 169 address. How to I stop t...
by jrosetto
Mon Aug 22, 2016 3:43 pm
Forum: General
Topic: WAN Failover Question
Replies: 5
Views: 766

Re: WAN Failover Question

Have you taken a look at this.... http://wiki.mikrotik.com/wiki/Advanced_Routing_Failover_without_Scripting "But what if your modem is up, and telephone line is down?" This is the script that is confusing to me. I'm confused about the virtual routes. Is this what I use for my public pingable server...
by jrosetto
Mon Aug 22, 2016 3:40 pm
Forum: General
Topic: IPSec Issue
Replies: 10
Views: 1130

Re: IPSec Issue

Between the last two posts I was able to solve the problem. Thanks for the help.
by jrosetto
Mon Aug 22, 2016 3:23 pm
Forum: General
Topic: WAN Failover Question
Replies: 5
Views: 766

WAN Failover Question

I have a working failover with two internet providers using routes and distances. I had a situation where the primary internet was down but the gateway was still pingable so the internet didn't failover. Is there a way to monitor an external IP instead of the gateway to create the failover with the ...
by jrosetto
Tue Jun 28, 2016 2:06 pm
Forum: General
Topic: IPSec Issue
Replies: 10
Views: 1130

Re: IPSec Issue

Try to bypass nat for remote net /ip firewall nat chain=srcnat dst-address=192.168.3.0/24 action=accept place-before=0 Have a good day! Thanks for the suggestion but that didn't help.  I already had this /ip firewall nat chain=srcnat src-address=192.168.2.0/24 dst-address=192.168.3.0/24 action=acce...
by jrosetto
Mon Jun 27, 2016 9:31 pm
Forum: General
Topic: IPSec Issue
Replies: 10
Views: 1130

Re: IPSec Issue

Make sure your firewall is configured properly. More information would really be helpful.  I am aware the firewall needs some tweaks.  Here is my config /ip firewall filter add chain=input dst-port=500,4500 protocol=udp src-address=2.2.2.2 add chain=input protocol=ipsec-esp src-address=2.2.2.2 add ...
by jrosetto
Mon Jun 27, 2016 8:47 pm
Forum: General
Topic: IPSec Issue
Replies: 10
Views: 1130

Re: IPSec Issue

OK, this rule seems to be causing the issue over IPSec.

/ip firewall filter
add action=drop chain=forward comment="defconf:  drop all from WAN not DSTNATed" connection-nat-state=!dstnat connection-state=new disabled=yes in-interface=ether1

Is it safe to leave this disabled?
by jrosetto
Mon Jun 27, 2016 7:28 pm
Forum: General
Topic: IPSec Issue
Replies: 10
Views: 1130

Re: IPSec Issue

I assumed I needed to add something to my Routes to get it working but I am shooting blanks. Classic (policy-based) IPsec does not take routing into account at all. Please post your current configuration alone with some further clarification of what traffic is expected to be tunneled. I would like ...
by jrosetto
Mon Jun 27, 2016 7:03 pm
Forum: General
Topic: IPSec Issue
Replies: 10
Views: 1130

IPSec Issue

I have an IPSec setup between two sites and I can ping the router from both sides.  However I cannot ping or get any traffic to pass through the IPSec other than to the routers from the remote sides.  I assumed I needed to add something to my Routes to get it working but I am shooting blanks.  Any s...
by jrosetto
Wed Mar 02, 2016 9:28 pm
Forum: Beginner Basics
Topic: Issue when Queue's are active.
Replies: 1
Views: 391

Re: Issue when Queue's are active.

BTW this is a RB3011UiAS which should be fully capable of this.
by jrosetto
Wed Mar 02, 2016 9:27 pm
Forum: Beginner Basics
Topic: Issue when Queue's are active.
Replies: 1
Views: 391

Issue when Queue's are active.

I use Zabbix to ping multiple hosts to verify that they are up and functional. When I set my queue's up the client's appear to get packet loss. I've attached a picture with an arrow showing when I enabled my mangle rules as well as queue's. Here's my configuration. /ip firewall mangle add action=mar...
by jrosetto
Tue Feb 23, 2016 3:04 pm
Forum: Beginner Basics
Topic: VOIP QOS Issue
Replies: 7
Views: 1129

Re: VOIP QOS Issue

Thanks for all the help, it is greatly appreciated.
by jrosetto
Mon Feb 22, 2016 7:57 pm
Forum: Beginner Basics
Topic: VOIP QOS Issue
Replies: 7
Views: 1129

Re: VOIP QOS Issue

If you have a fasttrack-connection rule in your forward chain, try disabling that. It expedites the packets through the router without checking queues and so forth.
Nailed it that time. Disabled the rule and now my Queues are working. Will this impact anything else leaving this disabled?
by jrosetto
Mon Feb 22, 2016 2:58 pm
Forum: Beginner Basics
Topic: VOIP QOS Issue
Replies: 7
Views: 1129

Re: VOIP QOS Issue

For the fun of it I set a simple queue to limit 1M in both directions and even that won't limit bandwidth on my connection. What am I missing here?
by jrosetto
Mon Feb 22, 2016 2:39 pm
Forum: Beginner Basics
Topic: VOIP QOS Issue
Replies: 7
Views: 1129

Re: VOIP QOS Issue

Use the prerouting chain instead of the forward chain. It seems like forward should work, but I've had strange things like yours just work better when using prerouting. Your rules look like they would work. You might try it like this if switching them to prerouting doesn't work: /ip firewall mangle...
by jrosetto
Fri Feb 19, 2016 9:20 pm
Forum: Beginner Basics
Topic: VOIP QOS Issue
Replies: 7
Views: 1129

VOIP QOS Issue

I am running the latest stable RouterOS and I'm having some issues getting QOS to work properly. I am mangling the packets and I can see that the VOIP is getting detected but the other mangle rule for all traffic doesn't seem to catch anything. I've google different ways to do this to death and at t...