Community discussions

MikroTik App

Search found 14 matches

by dlynes
Mon Sep 21, 2020 5:58 am
Forum: General
Topic: SSH negotiation not completing in one direction over an EoIP tunnel
Replies: 2
Views: 177

Re: SSH negotiation not completing in one direction over an EoIP tunnel

Here's a detailed SSH log from when 10.10.30.254 is trying to connect to 10.10.30.253: tunneldevice any:any controlpersist no escapechar ~ ipqos lowdelay throughput rekeylimit 0 0 streamlocalbindmask 0177 root@officenas[~]# ssh -v 10.10.30.253 OpenSSH_7.5p1, OpenSSL 1.0.2s-freebsd 28 May 2019 debug1...
by dlynes
Mon Sep 21, 2020 5:56 am
Forum: General
Topic: SSH negotiation not completing in one direction over an EoIP tunnel
Replies: 2
Views: 177

SSH negotiation not completing in one direction over an EoIP tunnel

I have an EoIP tunnel overlaid on an L2TP/ipsec VPN. The L2TP/ipsec VPN connects from a hEX to an RB3011. The hEX is NAT'd behind an ADSL modem operating in PPPoE mode. The RB3011 has a static public IP address. The hEX is connecting to the L2TP server on the RB3011. The EoIP tunnel is then negotiat...
by dlynes
Sun Apr 05, 2020 6:10 am
Forum: General
Topic: WireGuard Released !
Replies: 41
Views: 24183

Re: WireGuard Released !

As of today, it was released into Linux 5.6 kernel to the general public.
by dlynes
Fri Dec 06, 2019 5:25 am
Forum: General
Topic: Fix for CVE-2019-14899?
Replies: 9
Views: 2222

Fix for CVE-2019-14899?

Is there a fix in the works for CVE-2019-14899? For more information, please see: https://linux.slashdot.org/story/19/12/05/2022205/new-linux-vulnerability-lets-attackers-hijack-vpn-connections and https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14899 and details of the exploit at: http://qn...
by dlynes
Mon Sep 09, 2019 7:49 am
Forum: Announcements
Topic: Newsletter #90
Replies: 55
Views: 25263

Re: Newsletter #90

We are working on something for you as well. New extreme performance devices are in the works, as well as v7 BGP speed improvements are still on track. Hello Normis, Does that mean QSFP288 (100GbE) support is in the works? I'm guessing that's one of the big reasons v7 hasn't come out yet is to make...
by dlynes
Fri Oct 05, 2018 12:50 pm
Forum: Wireless Networking
Topic: 802.11af
Replies: 3
Views: 1114

Re: 802.11af

Thank you Normis. As always you're helpful.
by dlynes
Fri Oct 05, 2018 6:35 am
Forum: Wireless Networking
Topic: 802.11af
Replies: 3
Views: 1114

802.11af

Hello All, Does MikroTik have any devices that support 802.11af wireless networking standard? I've tried doing a search, but all I end up with is a whole bunch of hits on people mistakenly using 802.11af (the WiFi standard) as the key phrase when they really mean 802.3af (the PoE standard). The reas...
by dlynes
Sat Jun 16, 2018 3:38 pm
Forum: Announcements
Topic: VPNfilter official statement
Replies: 191
Views: 95936

Re: VPNfilter official statement

I can confirm it was probably mailed out to everyone that was on the list. I had received it. I have not, however received any updates from MikroTik on the subsequent updates to VPNFilter status where essentially all devices running RouterOS were added to the original four cloud core router devices....
by dlynes
Thu May 31, 2018 7:09 pm
Forum: Announcements
Topic: VPNfilter official statement
Replies: 191
Views: 95936

Re: VPNfilter official statement

FWIW, I use the following related best practices when I set up a router that has a public-facing interface: reset all configuration settings, uncheck 'keep default settings' Disable all non-essential services: telnet http https ftp api secure api Create a whitelist of admin IP addresses/netmasks Add...
by dlynes
Mon Jan 29, 2018 7:16 am
Forum: Announcements
Topic: v6.39.3 [bugfix] is released!
Replies: 47
Views: 23000

Re: v6.39.3 [bugfix] is released!

I've come across a bug in the ssh rendering code for 6.39.3. This bug is happening in other areas of the terminal as well, but this is the first chance I've had to document it. As such, this particular area is /caps-man registration-table pr stats:

Image
by dlynes
Mon Nov 20, 2017 9:59 pm
Forum: The Dude
Topic: Wireless(CAPSMAN) monitoring
Replies: 3
Views: 1462

Re: Wireless(CAPSMAN) monitoring

Any chance of adding access to this either through the API, or through SNMP?

Currently the only way to access it is via scripted command line access which is less than ideal because the output is formatted for humans, not machines.
by dlynes
Thu Feb 02, 2017 5:56 am
Forum: General
Topic: RouterOS v7.0 beta1 - when?
Replies: 613
Views: 189891

Re: RouterOS v7.0 beta1 - when?

Easy solution - do not make any expectations :) We have already posted from time to time, that the biggest change is under the hood (minor kernel upgrade). There is no new GUI or anything. We are also working on a new routing engine. Actually we are making really cool stuff even in v6. Look at the ...
by dlynes
Mon Jun 06, 2016 5:19 pm
Forum: General
Topic: RouterOS v7.0 beta1 - when?
Replies: 613
Views: 189891

Re: RouterOS v7.0 beta1 - when?

I have heard that it is very hard to work on, and nobody likes it for that. But OpenVPN UDP support has been made in v7.
Awesome! I've always wondering why v6 didn't support UDP on OpenVPN...afaik, almost nobody uses TCP-based OpenVPN on Linux.
by dlynes
Tue Apr 12, 2016 9:12 pm
Forum: General
Topic: [Feature Request] Script After / Before PPPoE Connect / Disconnect
Replies: 11
Views: 3197

Re: [Feature Request] Script After / Before PPPoE Connect / Disconnect

I wish dhcp-client would trigger an event whenever it obtains/renews/releases a lease also. Then I wouldn't have to run my ddns-update script every 5 minutes. (I ---loathe--- scheduled scripts that do something that should just be event driven) The IP will not change w/o a lease being obtained. I d...