Community discussions

MikroTik App

Search found 1514 matches

by k6ccc
Mon Mar 18, 2024 6:03 am
Forum: General
Topic: 24v PSU failure
Replies: 7
Views: 1506

Re: 24v PSU failure

I have not had any failures - for whatever that's worth. I'm not trying to power anything from any of my hAPs however.

Have you actually measured the current draw - as opposed to just reading specs?
by k6ccc
Sat Mar 16, 2024 2:17 am
Forum: Beginner Basics
Topic: port forwarding problem
Replies: 9
Views: 511

Re: port forwarding problem

Please note when you post the config, please include your config in a code block. The code block is the 7th icon on the row of icons above the text entry box. It looks like a square with a blob in the middle. When your press that, it will produce a beginning and ending code block. Past your config t...
by k6ccc
Sun Mar 10, 2024 12:03 am
Forum: General
Topic: RB4011 VLAN traffic getting dropped
Replies: 4
Views: 360

Re: RB4011 VLAN traffic getting dropped

+1 on NOT using VLAN 1. Although the Mikrotik will handle it fine, LOTS of other devices treat VLAN 1 as something special - often unpredictably.
by k6ccc
Wed Mar 06, 2024 3:06 am
Forum: SwOS
Topic: 10G link CRS305-1G-4S+ with CSS610-8G-2S+ [SOLVED]
Replies: 7
Views: 1714

Re: 10G link CRS305-1G-4S+ with CSS610-8G-2S+ [SOLVED]

Interesting on the Chinese SFPs. I am also using non-Mikrotik 10G optical SFPs in my CSS326 switches, and they are working great - and were A LOT less expensive then the Mikrotik SFPs. It is well known that the electrical SFPs get hot. I think that the 10G optical SFPs are running cooler than the 1G...
by k6ccc
Mon Mar 04, 2024 4:15 am
Forum: Beginner Basics
Topic: WAN side switch configuration
Replies: 4
Views: 262

Re: WAN side switch configuration

but how would I restrict management to one port in switchos? Or I guess how would I limit management to a vlan in switchos? On the System tab, there is a row of checkboxes for "Allow from ports". That is the ports of the switch from which switch management is allowed. Below that is "...
by k6ccc
Sun Mar 03, 2024 11:48 pm
Forum: Beginner Basics
Topic: WAN side switch configuration
Replies: 4
Views: 262

Re: WAN side switch configuration

Confirm if you are doing this under RouterOS or SwitchOS? I ask because of your statement that if it was a router, it would be trivial. If you are using RouterOS, it would still be trivial. If you are using SwitchOS, the way I would do it is to create two VLANs. One would be your VLAN 200 Management...
by k6ccc
Sat Mar 02, 2024 2:56 am
Forum: Beginner Basics
Topic: 2 MIKROTIKs and 2 isolated LANs
Replies: 5
Views: 463

Re: 2 MIKROTIKs and 2 isolated LANs

Did you really mean that LAN B should have no access to LAN B? Did you really mean no access B to A? If I understand what you are trying to do, it is possible, but without your configurations, we would be guessing. Please post both configurations. To export and paste your configuration (and I'm assu...
by k6ccc
Thu Feb 29, 2024 5:50 am
Forum: General
Topic: Problems with assign static IP to specific mac in mikrotik
Replies: 2
Views: 227

Re: Problems with assign static IP to specific mac in mikrotik

Or reboot the client. Or disconnect the LAN cable to the client and then re-connect it. Or wait a while.

Changing the IP to static or changing that IP address on the server does NOT force an immediate IP change on the client. The IP will change next time the client requests an address.
by k6ccc
Wed Feb 28, 2024 7:09 pm
Forum: Announcements
Topic: SwOS version 2.16 released!
Replies: 44
Views: 21697

Re: SwOS version 2.16 released!

I was able to recreate the issue by just adding the management vlan, that is if I try the upgrade from vlan tagged network it will fail... That's interesting. All five of my switches are accessed via a Management VLAN that is one of the VLANs on a trunk port. All originally were 2.13 and upgraded w...
by k6ccc
Wed Feb 28, 2024 5:04 am
Forum: General
Topic: RB 4011 ports 1-5 occasionally fail after upgrade to 7.
Replies: 8
Views: 1801

Re: RB 4011 ports 1-5 occasionally fail after upgrade to 7.

Watching this thread. I am still running 6.49.8 on my RB4011iGS+, but expecting to move to ROS 7 one of these days...
by k6ccc
Mon Feb 26, 2024 11:44 pm
Forum: Beginner Basics
Topic: log files limited to 2 on my RB4011 [SOLVED]
Replies: 6
Views: 719

Re: log files limited to 2 on my RB4011 [SOLVED]

This is copied from WinBox because in my opinion it's easier to read than an export. If you want the export version, just ask. The first part creates the backup, export and version files. Next is to send some of those files via E-Mail. Last is to use ftp to transfer the files to my file server. My s...
by k6ccc
Sat Feb 24, 2024 8:41 pm
Forum: Announcements
Topic: SwOS version 2.16 released!
Replies: 44
Views: 21697

Re: SwOS version 2.16 released!

As a followup, I upgraded all three CSS326-24G-2S switches from 2.13 to 2.16 about 14 hours ago and the upgrades went smooth and no issues seen since. I am holding off on updating the CRS326-24G-2S for a while because it's at a remote radio site that I can't physically get to because I recently had ...
by k6ccc
Fri Feb 23, 2024 11:36 pm
Forum: Beginner Basics
Topic: DHCP Starting IP from 192.168.88.2
Replies: 12
Views: 1084

Re: DHCP Starting IP from 192.168.88.2

My RB4011 with a small DHCP pool (10 or 20 IPs) for each LAN and a large number of static reservations, assigns from the top of the pool (on the rare occasions that an unknown device connects). All regularly known devices have static reservations.
by k6ccc
Fri Feb 23, 2024 11:07 pm
Forum: Announcements
Topic: SwOS version 2.16 released!
Replies: 44
Views: 21697

Re: SwOS version 2.16 released!

Upgraded my CSS106-5G-1S and CSS106-1G-4P-1S without issue. Both are fairly non-critical. I will wait a while and then update the three CSS326-24G-2S+ and the CRS326-24G-2S+.
by k6ccc
Tue Jan 30, 2024 12:47 am
Forum: General
Topic: Can't reach site hosted on the same AS
Replies: 4
Views: 351

Re: Can't reach site hosted on the same AS

You need a HairPin NAT.
https://help.mikrotik.com/docs/display/ROS/NAT (about a quarter of the way down the page)

Edit: I misread the question (that's what I get for doing it FAST), so this answer is not likely what you need... sorry.
by k6ccc
Tue Jan 30, 2024 12:45 am
Forum: General
Topic: Allow remote-logging input on ROS [SOLVED]
Replies: 12
Views: 1007

Re: Allow remote-logging input on ROS [SOLVED]

If I get what you're asking, it doesn't. You need something that will function as a Syslog Server. Lots of them available from very simple to very complex.
by k6ccc
Tue Jan 30, 2024 12:35 am
Forum: SwOS
Topic: SwOS lite 2.17 - Violation of broadcast domain isolation with DHCP Option-82 "Add Information Option" [SOLVED]
Replies: 2
Views: 907

Re: SwOS lite 2.17 - violation of broadcast domain isolation? [SOLVED]

Post a screen capture of the VLAN and VLANs tabs on the switch.
by k6ccc
Sun Jan 28, 2024 1:41 am
Forum: Beginner Basics
Topic: VLAN question
Replies: 12
Views: 1079

Re: VLAN question

In one of untagged ports I have switch (just bridge over all ports, nothing else). Do I need to setup vlan also on this switch, or it will work, since port is untagged? It does not work in my case, but I want to know theory first, to be able to better find cause (wrong router configuration or switc...
by k6ccc
Fri Jan 26, 2024 5:50 pm
Forum: Beginner Basics
Topic: log files limited to 2 on my RB4011 [SOLVED]
Replies: 6
Views: 719

Re: log files limited to 2 on my RB4011 [SOLVED]

I agree with Jotne. In my case, every night, I have a script that ftp the log files to my file server (along with the config export and backup files).
One of these days I will work on Splunk...
by k6ccc
Tue Jan 16, 2024 4:46 pm
Forum: Beginner Basics
Topic: Wifi Extender setup on boat
Replies: 3
Views: 553

Re: Wifi Extender setup on boat

It's a simple manner to change the IP range on the Mikrotik so there is no conflict. As gigabyte091 said, please post your configurations. Since you are new, I will tell you how to do that. To export and paste your configuration (and I'm assuming you are using WebFig or Winbox), open a terminal wind...
by k6ccc
Tue Jan 16, 2024 12:55 am
Forum: General
Topic: User poll about using Winbox
Replies: 97
Views: 53280

Re: User poll about using Winbox

1) Once in a while - usually just use <Own>
2) Loads a saved layout after Winox connects.
3) No opinion
4) It's OK.
5) Nothing yet.
by k6ccc
Sun Jan 14, 2024 1:49 am
Forum: Beginner Basics
Topic: Which dstIP to use in f/w rule for dstNAT packet? [SOLVED]
Replies: 6
Views: 1049

Re: Which dstIP to use in f/w rule for dstNAT packet? [SOLVED]

Thanks mkx. Although I have seen that before, I figured it was a good one to bookmark.
by k6ccc
Fri Jan 12, 2024 4:49 pm
Forum: Beginner Basics
Topic: Issue getting IP Address
Replies: 3
Views: 660

Re: Issue getting IP Address

To export and paste your configuration (and I'm assuming you are using WebFig or Winbox), open a terminal window, and type (without the quotes) "/export hide-sensitive file=any-filename-you-wish". Then open the files section and right click on the filename you created and select download i...
by k6ccc
Fri Jan 05, 2024 6:52 pm
Forum: Beginner Basics
Topic: Home web address goes to router.
Replies: 2
Views: 927

Re: Home web address goes to router.

The Hairpin is used so that you can access the server from your local LAN using the public IP address or URL. To get port 80 to forward to the server you need a Destination NAT add action=dst-nat chain=dstnat comment="Web Server on Jupiter." \ dst-port=80 in-interface=E10_Fiber_Internet pr...
by k6ccc
Fri Jan 05, 2024 5:09 am
Forum: Beginner Basics
Topic: forward not mark
Replies: 17
Views: 1748

Re: forward not mark

You gave us almost no information to go on. Start off by exporting and posting your config. To export and paste your configuration (and I'm assuming you are using WebFig or Winbox), open a terminal window, and type (without the quotes) "/export hide-sensitive file=any-filename-you-wish". T...
by k6ccc
Fri Dec 29, 2023 5:38 pm
Forum: General
Topic: Firewall
Replies: 3
Views: 633

Re: Firewall

The rule as shown is in the Input chain. Needs to be in the Forward chain.
by k6ccc
Wed Dec 27, 2023 4:50 pm
Forum: General
Topic: Port knocking in random order
Replies: 10
Views: 1260

Re: Port knocking in random order

One could easily replace the port knocking with my cell phone connecting to wireguard ( logged ) and script uses that for WOL. :-) Food for thought. Assuming you has already thought of that but its not so easy maybe.... Not with S6. Although my two "secondary purpose" routers are 7.13, th...
by k6ccc
Wed Dec 27, 2023 4:23 pm
Forum: General
Topic: IP Firewall/NAT Input and Output Chain
Replies: 16
Views: 1328

Re: IP Firewall/NAT Input and Output Chain

@k6ccc

we know the theory behind of input/output give us e.g. for that, so we can see it
Read post #2. I gave examples of each.
by k6ccc
Wed Dec 27, 2023 8:08 am
Forum: General
Topic: Port knocking in random order
Replies: 10
Views: 1260

Re: Port knocking in random order

How does a port knocking affect a wake on LAN for PCs....... not sure how I see that would work. The port knock completion writes an entry in the log. A script checks for that log entry every minute. When it sees the correct text in the log, it executes the WOL. Took a while to come up with that on...
by k6ccc
Wed Dec 27, 2023 2:36 am
Forum: General
Topic: Port knocking in random order
Replies: 10
Views: 1260

Re: Port knocking in random order

what is the right number of ports 3,456?? The answer to that likely depends on how import that security is. I have several port knock sequences that vary from 2 step to 6 step. Some of them are pretty low importance - for example, two of them trigger a Wake On LAN in order to boot up one of two com...
by k6ccc
Tue Dec 26, 2023 7:50 pm
Forum: General
Topic: Winbox is deleting my Addresses
Replies: 1
Views: 388

Re: Winbox is deleting my Addresses

Let's start off with what router, what router software version, and confirm you mean in IP > Addresses? If that is the case, no - never seen that problem. Are the addresses in question static or dynamically assigned? If we get very far, you will need to post your configuration, so to avoid the rush,...
by k6ccc
Tue Dec 26, 2023 6:55 pm
Forum: General
Topic: IP Firewall/NAT Input and Output Chain
Replies: 16
Views: 1328

Re: IP Firewall/NAT Input and Output Chain

If you don't need anything pacific you can just use action, input , accept to allow everything. Actually, at the end of any chain in the router, there is an implied accept. In other words, if there are no rules in a chain, that chain will accept every packet. One general rule of thumb is to specify...
by k6ccc
Tue Dec 26, 2023 6:37 pm
Forum: General
Topic: IP Firewall/NAT Input and Output Chain
Replies: 16
Views: 1328

Re: IP Firewall/NAT Input and Output Chain

The common three chains are: Input: Packets that are destined to the router itself. For example your packets to a Winbox or terminal session; or someone pinging you. Output: Packets that originate from the router itself. For example the packets that Winbox generates back to you; or responses to the ...
by k6ccc
Tue Dec 26, 2023 6:21 pm
Forum: Beginner Basics
Topic: How to block specific Youtube url ?
Replies: 5
Views: 936

Re: How to block specific Youtube url ?

No. Not happening.
by k6ccc
Mon Dec 18, 2023 2:54 am
Forum: SwOS
Topic: How to add a VLAN tag on the WAN egress, RB260GS
Replies: 4
Views: 2760

Re: How to add a VLAN tag on the WAN egress, RB260GS

Make sure that the laptop that can't be pinged has it's Windows Firewall set to allow ICMP traffic. Default is to not allow ICMP traffic.
by k6ccc
Sun Dec 17, 2023 8:27 pm
Forum: SwOS
Topic: How to add a VLAN tag on the WAN egress, RB260GS
Replies: 4
Views: 2760

Re: How to add a VLAN tag on the WAN egress, RB260GS

Agree with mkx. Here are the VLAN and VLANs tabs for one of my CSS106-5G-1S (RB260GS) switches. Note that I do not use Optional, but rather "Strict" on the VLAN mode and "Only tagged" or "Only Untagged" on the VLAN Receive mode - UNLESS it is a Hybrid port (as the two O...
by k6ccc
Fri Dec 15, 2023 11:55 pm
Forum: Beginner Basics
Topic: Help with running a script... [SOLVED]
Replies: 20
Views: 3366

Re: Help with running a script... [SOLVED]

But speaking of rebooting, is it a good practice to reboot the router periodically, say, once a week?
You should not need to. The only time I reboot any of mine is when they get a firmware update. I just looked, my primary home router has an uptime of 159 days 16 hours.
by k6ccc
Fri Dec 15, 2023 12:58 am
Forum: General
Topic: FTP client blocked
Replies: 5
Views: 1771

Re: FTP client blocked

Yes, that is better. The original problem is that your NAT rule was forwarding ALL port 21 traffic to your own FTP server. Kind of a problem when you were trying to reach some external FTP server.
by k6ccc
Fri Dec 15, 2023 12:24 am
Forum: Beginner Basics
Topic: Noob needs help...
Replies: 8
Views: 1464

Re: Noob needs help...

Lots of devices (not just Mikrotik) do strange things with VLAN 1. Best to NEVER use VLAN 1 unless you have a specific use case that requires it (I do). That's worth knowing. What kind of strange things? Treat it as a management VLAN (often without telling you that). Treat it as a VLAN that you hav...
by k6ccc
Thu Dec 14, 2023 2:59 am
Forum: Beginner Basics
Topic: Help with running a script... [SOLVED]
Replies: 20
Views: 3366

Re: Help with running a script... [SOLVED]

I will be the first person to tell you that I am terrible a RouterOS scripts. Most of the ones I have originated from someone elses script that I modified a bit to meet my purposes. However when I have needed to troubleshoot a script, a couple things that can help. Start by adding a bunch of info lo...
by k6ccc
Thu Dec 14, 2023 2:51 am
Forum: Beginner Basics
Topic: Firewall filter rules - performance impact
Replies: 8
Views: 1435

Re: Firewall filter rules - performance impact

Not number of filters themselves would account for resource hunger, but their "weight" - amount of parameters to check inside each As I understand it, that is a very good summary. Personally I use a number of jumps to some other chain. For example I have four Raspberry Pis that each can b...
by k6ccc
Thu Dec 14, 2023 2:39 am
Forum: Beginner Basics
Topic: Noob needs help...
Replies: 8
Views: 1464

Re: Noob needs help...

Lots of devices (not just Mikrotik) do strange things with VLAN 1. Best to NEVER use VLAN 1 unless you have a specific use case that requires it (I do).
by k6ccc
Thu Dec 14, 2023 2:33 am
Forum: SwOS
Topic: SwOS on CRS309-1G-8S+
Replies: 1
Views: 1613

Re: SwOS on CRS309-1G-8S+

Go into your browser and set an exemption to allow non-secured access on the IP for your switch.
by k6ccc
Mon Dec 11, 2023 2:15 am
Forum: SwOS
Topic: Host learned on Trunk port instead of physical one
Replies: 4
Views: 2557

Re: Host learned on Trunk port instead of physical one

Let me do this in my best Rod Serling voice: Little did you know that you were living in the Twilight Zone....
by k6ccc
Sat Dec 09, 2023 12:41 am
Forum: General
Topic: interface is slave
Replies: 5
Views: 6917

Re: interface is slave

The port is a slave because it is a member of the Bridge. To make it not a slave (of the Bridge), remove the port from the Bridge.
by k6ccc
Thu Dec 07, 2023 8:18 pm
Forum: General
Topic: switch filter: can a single rule be used for the same TCP and UDP dst-port?
Replies: 7
Views: 1551

Re: switch filter: can a single rule be used for the same TCP and UDP dst-port?

Noted. I don't do anything in switching or bridging in any of my routers - just routing. All switch function is done in separate switches.
by k6ccc
Thu Dec 07, 2023 7:55 pm
Forum: General
Topic: switch filter: can a single rule be used for the same TCP and UDP dst-port?
Replies: 7
Views: 1551

Re: switch filter: can a single rule be used for the same TCP and UDP dst-port?

Said in another way: if I need to block port X for both TCP and UDP, I need to use two rules or can I simply use one rule without specifying the protocol? Yes, you need to specify the protocol for each. However, as a general rule of thumb, a better way to set up your firewall rules is to explicitly...
by k6ccc
Wed Dec 06, 2023 4:41 pm
Forum: Beginner Basics
Topic: Turned off NAT, now can't get into WebFig
Replies: 13
Views: 1976

Re: Turned off NAT, now can't get into WebFig

Can you explain what you mean by "Make sure your computer has an IP address on that network"?
I mean, make sure your computer has an IP in the 192.168.88.0/24 address range.
by k6ccc
Wed Dec 06, 2023 1:51 am
Forum: Beginner Basics
Topic: Turned off NAT, now can't get into WebFig
Replies: 13
Views: 1976

Re: Turned off NAT, now can't get into WebFig

First of all, once the router is set up, NEVER EVER use Quick Setup again. Most likely the router is back to the default IP address of 192.168.88.1. Make sure your computer has an IP address on that network. You mentioned double NAT. Sounds like there is other devices involved. Please describe your ...
by k6ccc
Tue Dec 05, 2023 6:55 am
Forum: SwOS
Topic: Host learned on Trunk port instead of physical one
Replies: 4
Views: 2557

Re: Host learned on Trunk port instead of physical one

Never seen that one...
I don't normally have a LAG on any of my CSS326 switches, but when I have had one, the connected devices correctly showed up in the hosts table on the correct ports.
What version of SwitchOS?
by k6ccc
Wed Nov 29, 2023 6:40 pm
Forum: Beginner Basics
Topic: Beginner setup opinion
Replies: 2
Views: 1142

Re: Beginner setup opinion

How many devices?
any special capabilities needed.
by k6ccc
Wed Nov 29, 2023 6:38 pm
Forum: Beginner Basics
Topic: one ip range for lan, other for wifi
Replies: 18
Views: 2649

Re: one ip range for lan, other for wifi

Too busy to look in detail. Maybe someone else can give some insight.
by k6ccc
Wed Nov 29, 2023 8:09 am
Forum: General
Topic: How can Mikrotik/RouterOS send emails using Gmail?
Replies: 12
Views: 2392

Re: How can Mikrotik/RouterOS send emails using Gmail?

Just FYI, the code examples I gave earlier are from a router running 6.49.10.
by k6ccc
Tue Nov 28, 2023 8:33 pm
Forum: General
Topic: How can Mikrotik/RouterOS send emails using Gmail?
Replies: 12
Views: 2392

Re: How can Mikrotik/RouterOS send emails using Gmail?

Another doubt. In addition to the ".backup" file, can you email an encrypted ".rsc" export file? I E-Mail a backup, Export and a Version text file every night. I addition messages extracted from the log when someone logs in or out, or a port knock sequence completes. Additionall...
by k6ccc
Tue Nov 28, 2023 5:56 pm
Forum: SwOS
Topic: Which VLAN setup guide is correct?
Replies: 9
Views: 2404

Re: Which VLAN setup guide is correct?

OK, I took a quick look at the two Mikrotik references. My guess was correct, one is for the older RB260 and the other is the newer RB260 (aka CSS106-5G-1S).
by k6ccc
Tue Nov 28, 2023 5:46 pm
Forum: SwOS
Topic: Which VLAN setup guide is correct?
Replies: 9
Views: 2404

Re: Which VLAN setup guide is correct?

I have not looked at your collection of links in the first post (not taken the time), but I have several RB260 switches using a SFP as a trunk port. Is this on one of the "old" RB260s that are limited to SwitchOS 1.x or one of the "new" ones also known as a CSS106-5G-1S that uses...
by k6ccc
Tue Nov 28, 2023 4:42 pm
Forum: Beginner Basics
Topic: one ip range for lan, other for wifi
Replies: 18
Views: 2649

Re: one ip range for lan, other for wifi

Post your configuration. To export and paste your configuration (and I'm assuming you are using WebFig or Winbox), open a terminal window, and type (without the quotes) "/export hide-sensitive file=any-filename-you-wish". Then open the files section and right click on the filename you crea...
by k6ccc
Tue Nov 28, 2023 12:50 pm
Forum: Beginner Basics
Topic: one ip range for lan, other for wifi
Replies: 18
Views: 2649

Re: one ip range for lan, other for wifi

Subnet mask most likely should be 255.255.255.0 - or if you prefer /24. See Networks tab.
by k6ccc
Mon Nov 27, 2023 8:43 pm
Forum: Beginner Basics
Topic: one ip range for lan, other for wifi
Replies: 18
Views: 2649

Re: one ip range for lan, other for wifi

Posting screen captures or WebFig or WinBox is a DREADFUL way of showing configurations. Learn how to at lest basicly read and enter commands. However here it is in WinBox (very similar to WebFig)
Image
by k6ccc
Mon Nov 27, 2023 8:17 pm
Forum: General
Topic: How can Mikrotik/RouterOS send emails using Gmail?
Replies: 12
Views: 2392

Re: How can Mikrotik/RouterOS send emails using Gmail?

Each of my routers sends multiple E-Mails per day via G-Mail. Here is my E-mail setup: /tool e-mail set address=smtp.gmail.com from="RB4011iGS+ Router" password=mypasswordhere \ port=587 start-tls=yes user=userid@gmail.com And here is an extract from a script that uses the E-Mail to send a...
by k6ccc
Mon Nov 27, 2023 8:01 pm
Forum: Beginner Basics
Topic: one ip range for lan, other for wifi
Replies: 18
Views: 2649

Re: one ip range for lan, other for wifi

Add a new IP Pool and assign that new pool to the new DHCP server. For example here are two of my networks. .101 has a physical interface on the router, whereas the .102 is on a VLAN out of the router. /ip pool add name=".101 DHCP pool" ranges=192.168.101.201-192.168.101.219 add name="...
by k6ccc
Mon Nov 27, 2023 8:31 am
Forum: General
Topic: Winbox export whitespace bug
Replies: 8
Views: 2544

Re: Winbox export whitespace bug

@helipos Are you talking about what I circled in red?

Image

If that's he case, note that every command that is longer than one line has everything except the first line indented 4 characters. Makes it a hell of a lot easier to read.
by k6ccc
Sun Nov 26, 2023 11:12 pm
Forum: Beginner Basics
Topic: Firewall doesn't work properly.
Replies: 14
Views: 1762

Re: Firewall doesn't work properly.

On the VLAN tab in SwitchOS, here is the way I do it for VLAN tagged trunks (assuming no need for untagged traffic). VLAN mode = Strict, VLAN Receive = Tagged only, and Default VLAN ID = some unused number ( I normally use 970 + the port number ). If the port needs to also have untagged traffic, the...
by k6ccc
Tue Nov 21, 2023 9:08 pm
Forum: General
Topic: Questions about (basic) firewall
Replies: 9
Views: 1977

Re: Questions about (basic) firewall

Re #2. I end ALL chains with a drop everything rule. The one before it is not needed.
by k6ccc
Fri Nov 17, 2023 10:53 pm
Forum: SwOS
Topic: CenturyLink/Quantum VLAN 201 not forwarding on CSS610
Replies: 4
Views: 1861

Re: CenturyLink/Quantum VLAN 201 not forwarding on CSS610

I don't see any major issues with your configuration. I do have an old recollection about LAGs having issues in some situations with VLANs. As a test, drop one of the connections in the LACP and see if that changes anything - you may need to remove the LACP, not just kill one of the ports.
.
by k6ccc
Fri Nov 17, 2023 8:56 pm
Forum: General
Topic: Small Feature request
Replies: 2
Views: 821

Re: Small Feature request

Let me make sure I understand your problem. You have a router that has multiple IP addresses, The router NTP client is sending NTP requests either from some address that does not belong to the router or more likely from the wrong address based on what interface the packet is going out on. I just loo...
by k6ccc
Fri Nov 17, 2023 7:38 pm
Forum: SwOS
Topic: CenturyLink/Quantum VLAN 201 not forwarding on CSS610
Replies: 4
Views: 1861

Re: CenturyLink/Quantum VLAN 201 not forwarding on CSS610

Confirming that the ONT is expecting that all traffic between it and whatever connected device is VLAN tagged with VLAN 201. Also confirm that the VLAN 200 is simply a dummy number that does not exist anywhere (except SwitchOS requires you to put SOMETHING there). I do that on ports that are VLAN tr...
by k6ccc
Thu Nov 09, 2023 11:20 pm
Forum: General
Topic: Is mikrotik update site working ? [SOLVED]
Replies: 5
Views: 919

Re: Is mikrotik update site working ? [SOLVED]

One more note. I just checked on my RB750Gr3 and it updated from 6.49.8 to 7.12
So, yes, the update site is working...
by k6ccc
Thu Nov 09, 2023 11:06 pm
Forum: General
Topic: What is going on with Mikrotik?
Replies: 10
Views: 1960

Re: What is going on with Mikrotik?

Agreed. Mikrotik wireless is not their strong suit. Routers and to a slightly less extent switches is where they shine.
Personally I have a bunch of Mikrotik routers and switches at home, but the WiFi is Meraki.
by k6ccc
Thu Nov 09, 2023 10:59 pm
Forum: General
Topic: Is mikrotik update site working ? [SOLVED]
Replies: 5
Views: 919

Re: Is mikrotik update site working ? [SOLVED]

In response to your query, I happen to be connected to one of my routers (an RB750r2), so I did a check for updates. It immediately found that that there was an update (stable channel) from 6.49.8 to 6.49.10. The router was able to download the update just fine.
by k6ccc
Wed Nov 08, 2023 8:38 pm
Forum: Beginner Basics
Topic: Weird routing behavior with another CIDR
Replies: 4
Views: 940

Re: Weird routing behavior with another CIDR

Does the Client 2 computer know that 192.168.10.2 is it's gateway?
by k6ccc
Wed Nov 08, 2023 4:43 pm
Forum: SwOS
Topic: Router's wan and lan link to same switch via vlan, but packets get lost. [SOLVED]
Replies: 4
Views: 3006

Re: Router's wan and lan link to same switch via vlan, but packets get lost. [SOLVED]

I found that css610 does not supports "independent vlan learning", so when router connect wan an lan to the same switch, there are two ports using same mac address.Eventhough they are in separated vlans, but sharing the same table which leads the communication issues. I changed the ax6000...
by k6ccc
Wed Nov 08, 2023 1:53 am
Forum: Beginner Basics
Topic: Attempting to configure routeros
Replies: 5
Views: 1016

Re: Attempting to configure routeros

What device and RouterOS version to start with?
by k6ccc
Tue Nov 07, 2023 12:33 am
Forum: General
Topic: Possibly weird behavior?
Replies: 2
Views: 613

Re: Possibly weird behavior?

Also, find your Shift key and give it some love. It's lonely.
Love it!
by k6ccc
Mon Nov 06, 2023 11:04 pm
Forum: Beginner Basics
Topic: Routing between 2 Devices
Replies: 15
Views: 1651

Re: Routing between 2 Devices

Your first drawing and posted configuration do not match (IP addresses). Getting one to work should be very simple. As long as the PC knows that the router is it's gateway, it will just work. Remember, it's a router - it routes unless you tell it not to. Getting three devices with the same IP to wor...
by k6ccc
Mon Nov 06, 2023 6:38 pm
Forum: SwOS
Topic: Router's wan and lan link to same switch via vlan, but packets get lost. [SOLVED]
Replies: 4
Views: 3006

Re: Router's wan and lan link to same switch via vlan, but packets get lost. [SOLVED]

I am doing similar at home. All ports on the router connect to different VLANs on the same switch. Works fine. Couple comments. First is I HIGHLY recommend NOT using VLAN 1. Although SwitchOS has no issues with it, a lot of devices treat VLAN 1 as "special". Often with undocumented or poor...
by k6ccc
Mon Nov 06, 2023 6:14 pm
Forum: SwOS
Topic: Get DHCP IP via trunk port
Replies: 2
Views: 1839

Re: Get DHCP IP via trunk port

I don't recall that you can. I have always set static IPs on network elements.
by k6ccc
Mon Nov 06, 2023 5:58 am
Forum: General
Topic: Unable to Ping Gateway
Replies: 3
Views: 842

Re: Unable to Ping Gateway

Post your config. Otherwise we are just guessing. To export and paste your configuration (and I'm assuming you are using WebFig or Winbox), open a terminal window, and type (without the quotes) "/export hide-sensitive file=any-filename-you-wish". Then open the files section and right click...
by k6ccc
Mon Nov 06, 2023 5:51 am
Forum: Beginner Basics
Topic: Bug/Improvement suggestion - Lost connection to Winbox
Replies: 11
Views: 1835

Re: Bug/Improvement suggestion - Lost connection to Winbox

Agreed. QuickSet should never be used on anything except a brand new device and once touched, never used again.
by k6ccc
Fri Nov 03, 2023 5:00 pm
Forum: Beginner Basics
Topic: Simple VLAN / AP setup question has me stumped
Replies: 16
Views: 1872

Re: Simple VLAN / AP setup question has me stumped

I don't do any WiFi on Mikrotik, so not much help there, but as a general rule of thumb avoid using VLAN 1 unless absolutely required. Too many devices treat VLAN 1 as "special" and often don't behave as you might expect.
by k6ccc
Tue Oct 31, 2023 4:18 pm
Forum: General
Topic: Static routing does not work without NAT
Replies: 7
Views: 1145

Re: Static routing does not work without NAT

Yes, because 217.147.160.48/28 is an internal subnet with 217.147.160.63 being a broadcast address. Why would you be using a public address range for your internal subnet? Far better to use one of the private lan spaces: Class A: 10.0. 0.0 to 10.255. 255.255. Class B: 172.16. 0.0 to 172.31. 255.255...
by k6ccc
Mon Oct 30, 2023 7:14 pm
Forum: General
Topic: /tools/graphing totally unreliable
Replies: 3
Views: 799

Re: /tools/graphing totally unreliable

On Saturday, I rebooted my RB5009 after months of continuous usage - and now all my graphing data is gone :-(
I can't get it - why is this happening?
As I recall, the usage data is all in volatile storage. So it is lost on reboot - as you observed.
by k6ccc
Mon Oct 30, 2023 7:09 pm
Forum: Beginner Basics
Topic: Would VLANS be the right approach here
Replies: 4
Views: 975

Re: Would VLANS be the right approach here

Yes, VLANs are a very good solution to what you are trying to do. I am doing exactly the same at home. VLAN 201 - 192.168.201.0/24 "Normal" home LAN. Wired devices only. VLAN 202 - 192.168.202.0.24 Guest WiFi. Internet access only. VLAN 203 - 192.168.203.0.24 "Private" WiFi. Know...
by k6ccc
Mon Oct 30, 2023 6:52 pm
Forum: SwOS
Topic: WAN on switch
Replies: 7
Views: 4156

Re: WAN on switch

What is the point of the switch - as opposed to just running the ISP connection into the router? Now, I am doing something similar however. My router (RB4011) is in my garage data cabinet. My fiber ISP drops into the garage data cabinet and there is a Ethernet connection directly from the ONT into t...
by k6ccc
Sun Oct 29, 2023 6:26 pm
Forum: SwOS
Topic: Which Switch?
Replies: 1
Views: 1942

Re: Which Switch?

Can a switch running Router OS be used as an L2 Switch and what is the difference between SwitchOS and SwitchOS Lite? On he first part, yes. That what a Bridge in RouterOS does (simple answer) For the second part, some of the hardware uses SwitchOS and some uses the lite version. Can't be mixed. Sw...
by k6ccc
Sat Oct 28, 2023 12:02 am
Forum: Beginner Basics
Topic: Code example
Replies: 6
Views: 1276

Re: Code example

Interesting concept. I use WinBox almost exclusively for configuration of my routers. On more than one occasion, I have looked at my daily exports in order to figure out the CLI structure for some change that I did the day before (the router creates backup and export files every night).
by k6ccc
Fri Oct 27, 2023 6:22 pm
Forum: SwOS
Topic: CSS326 Hosts disappear and missing after VLAN config
Replies: 3
Views: 2349

Re: CSS326 Hosts disappear and missing after VLAN config

I had missed that you have IVL turned on. That's another one of those to leave off unless you really understand what it does. Glad you caught it. Not really sure why IVL would have caused what you were seeing however...
by k6ccc
Thu Oct 26, 2023 11:31 pm
Forum: SwOS
Topic: CSS326 Hosts disappear and missing after VLAN config
Replies: 3
Views: 2349

Re: CSS326 Hosts disappear and missing after VLAN config

What version of SwitchOS? I can tell you that it's not likely a SwitchOS bug - the hosts tab works fine for me with lots of VLANs. Your config looks OK, except on the VLANs tab I would turn off Port Isolation unless you really understand what that does ON THAT TAB. Normally in my case on untagged po...
by k6ccc
Wed Oct 25, 2023 5:15 pm
Forum: General
Topic: Simple Web Server to Host Simple Files [SOLVED]
Replies: 15
Views: 3995

Re: Simple Web Server to Host Simple Files [SOLVED]

You can also add a simple web server on a computer (your preferred flavor of OS), or even a RaspBerry Pi on the LAN and port forward via NAT so it can be reached from the Internet.
by k6ccc
Wed Oct 25, 2023 1:58 am
Forum: General
Topic: Mysterious connections from Internet to LAN [SOLVED]
Replies: 11
Views: 1584

Re: Mysterious connections from Internet to LAN [SOLVED]

Hey @k6ccc, stop talking BS. All information was already given, you just lack to read it.
Apply some logic instead of brute-force idiocy.
Only in your mind. Damn near no useful information was given.

I'm done with you.
by k6ccc
Wed Oct 25, 2023 1:43 am
Forum: General
Topic: Mysterious connections from Internet to LAN [SOLVED]
Replies: 11
Views: 1584

Re: Mysterious connections from Internet to LAN [SOLVED]

And a tiny piece of information leaks out - that there is an upstream router. We're not mind readers. We can only go on the information that YOU supply. We still don't know what kind of router you have, what version of RouterOS you are using, or any network layout (other than now there is a FritzBox...
by k6ccc
Wed Oct 25, 2023 12:14 am
Forum: General
Topic: Mysterious connections from Internet to LAN [SOLVED]
Replies: 11
Views: 1584

Re: Mysterious connections from Internet to LAN [SOLVED]

Yes, it could be something starting from a device on your LAN. However until you post your configuration, we are only guessing.
by k6ccc
Tue Oct 24, 2023 11:21 pm
Forum: General
Topic: Mysterious connections from Internet to LAN [SOLVED]
Replies: 11
Views: 1584

Re: Mysterious connections from Internet to LAN [SOLVED]

First guess is that you have something you don't think you have. Export your config and post it. To export and paste your configuration (and I'm assuming you are using WebFig or Winbox), open a terminal window, and type (without the quotes) "/export hide-sensitive file=any-filename-you-wish&quo...
by k6ccc
Tue Oct 24, 2023 11:02 pm
Forum: SwOS
Topic: RB2011iL Bridge problem
Replies: 1
Views: 2086

Re: RB2011iL Bridge problem

You did not specify, but from your description, it sounds like you are using RouterOS - not SwitchOS. You would do better to post this in the General or Beginner Basics sections of this forum. This section of the forum is specifically intended for SwitchOS use. Far better chance that someone will an...
by k6ccc
Tue Oct 24, 2023 10:58 pm
Forum: SwOS
Topic: SwOS temperate peaks at 78 degrees at peak.
Replies: 2
Views: 2128

Re: SwOS temperate peaks at 78 degrees at peak.

If that's a non-air conditioned room, that is pretty normal. I just looked at mine (same switch type) and they vary from about 50 (in an air conditioned data cabinet) up to 72 (in my not air conditioned family room - currently 27C). Also varies a little depending on what SFPs you have plugged in. Th...
by k6ccc
Sun Oct 22, 2023 1:04 am
Forum: SwOS
Topic: SwOS help for a trunk port
Replies: 17
Views: 3867

Re: SwOS help for a trunk port

Glad you got ti working. I have been using SwitchOS for years and every switch has VLAN trunks (between switches or between a router and a switch), and most also have hybrid ports for my managed WiFi access points that use untagged traffic for management and different VLANs for each WiFi SSID. Any o...
by k6ccc
Thu Oct 19, 2023 11:36 pm
Forum: SwOS
Topic: SwOS help for a trunk port
Replies: 17
Views: 3867

Re: SwOS help for a trunk port

Can you post the System tab. The secret to why you get locked out is likely there. Get the lockout issue resolved BEFORE you do the rest or else you will likely get locked out again. On the VLAN tab, I would change all the untagged ports to either disabled or strict and set them to untagged only. On...
by k6ccc
Thu Oct 19, 2023 5:18 am
Forum: General
Topic: nRay affected by Rain
Replies: 2
Views: 654

Re: nRay affected by Rain

60 GHz is highly affected by rain. Can you split the path into two shorter paths?
by k6ccc
Wed Oct 18, 2023 6:00 am
Forum: SwOS
Topic: SwOS help for a trunk port
Replies: 17
Views: 3867

Re: SwOS help for a trunk port

Your network drawing and screen captures look fine. The only thing I would do different is uncheck "Port Isolation" on all ports - unless you really understand what that does on that page.
by k6ccc
Sat Oct 14, 2023 7:43 am
Forum: Beginner Basics
Topic: DNS usage in url
Replies: 4
Views: 1290

Re: DNS usage in url

A lot more information please. Are you trying to access from an internal LAN, or the Internet? Is xyz.xyz.com.pl your domain? What router and software version? You will likely need to post your configuration To export and paste your configuration (and I'm assuming you are using WebFig or Winbox), op...
by k6ccc
Mon Oct 09, 2023 4:23 am
Forum: SwOS
Topic: Why does SwOS exist?
Replies: 7
Views: 3551

Re: Why does SwOS exist?

For switches, I MUCH Prefer SwitchOS. The cost difference has essentially nothing to do with my purchase decision.
by k6ccc
Tue Oct 03, 2023 1:16 am
Forum: Beginner Basics
Topic: Need help for port forward
Replies: 10
Views: 9355

Re: Need help for port forward

you can consider to use the passthrough so that the LHG is used only as modem and the public IP is assigned directly to the WAN interface of the HEX. In this way you avoid double NAT. Great idea. I don't use Mikrotik RF devices at all, so did not know they could do that. Learn something new every d...
by k6ccc
Sun Oct 01, 2023 10:53 pm
Forum: Beginner Basics
Topic: Need help for port forward
Replies: 10
Views: 9355

Re: Need help for port forward

Just to make sure I am clear on the concept, you have two routers involved. First is your microwave radio LHG and then that is feeding the RB750. That means your NAT needs to be NATTed in both routers. Instead of screen captures (which only give partial information, please export your configuration ...
by k6ccc
Sat Sep 30, 2023 8:54 pm
Forum: SwOS
Topic: lost access to switchos
Replies: 3
Views: 2289

Re: lost access to switchos

It's easy to do - done it myself. I generally leave the management pretty unrestricted until I have a switch completely set up and the save a backup to the PC before restricting access. That way if I mess it up and lock myself out, there is a backup from just before I locked myself out. Generally re...
by k6ccc
Sat Sep 30, 2023 8:09 pm
Forum: SwOS
Topic: [Feature request] human readable full configuration export from SwOS
Replies: 3
Views: 2371

Re: [Feature request] human readable full configuration export from SwOS

Yes, it would be nice to have a human readable export from SwitchOS.
by k6ccc
Sat Sep 30, 2023 8:06 pm
Forum: SwOS
Topic: how do you get 2nd Switch to receive WOL Packets?
Replies: 15
Views: 3146

Re: how do you get 2nd Switch to receive WOL Packets?

I am doing exactly what the original poster is trying to do - except in my case my R4011 is generating the WoL packets. From there via untagged LAN to CSS326 then tagged VLAN trunk (VLAN 201) to another CSS326 and then untagged LAN to the family room PC. Works perfect every time. Does not matter if ...
by k6ccc
Fri Sep 29, 2023 3:12 pm
Forum: Beginner Basics
Topic: Failing to open a port [SOLVED]
Replies: 9
Views: 1867

Re: Failing to open a port [SOLVED]

In order toaccess it from your LAN via the public IP, you need to have a hairpin NAT set up. TONS of forum posts about that here.
See what happens when your your friend tries it.
by k6ccc
Fri Sep 29, 2023 7:47 am
Forum: Beginner Basics
Topic: Failing to open a port [SOLVED]
Replies: 9
Views: 1867

Re: Failing to open a port [SOLVED]

Assuming you corrected: add action=dst-nat chain=dstnat comment=Minecraft dst-port=25565 \ in-interface=bridge protocol=tcp to-addresses=192.168.88.31 to-ports=\ 25565 to: add action=dst-nat chain=dstnat comment=Minecraft dst-port=25565 \ in-interface=ether1 protocol=tcp to-addresses=192.168.88.31 t...
by k6ccc
Wed Sep 27, 2023 2:14 am
Forum: SwOS
Topic: Need Help On Connecting Two CSS610s over VLAN
Replies: 13
Views: 2981

Re: Need Help On Connecting Two CSS610s over VLAN

Yes, it works fine. Because your RB4011 cooperates as it's flexible enough to take necessary config without womiting. Not all routers are as flexible. Or are flexible but configured in a non-compatible way (by ISP). Hence my question about ability to configure the "black box" router on di...
by k6ccc
Tue Sep 26, 2023 7:26 pm
Forum: SwOS
Topic: Need Help On Connecting Two CSS610s over VLAN
Replies: 13
Views: 2981

Re: Need Help On Connecting Two CSS610s over VLAN

What he is doing is in a way similar to what I am doing. My cable internet terminates in my family room and connects to a CSS326 switch (where it gets encapsulated on VLAN 100). That CSS326 has a trunk to another CSS326 in my garage data cabinet. One port of the garage CSS326 is VLAN 100 (untagged) ...
by k6ccc
Tue Sep 26, 2023 7:14 pm
Forum: SwOS
Topic: SwOS Lite v2.17 packet loss issue
Replies: 15
Views: 3597

Re: SwOS Lite v2.17 packet loss issue

I am gathering that both switches are configured exactly the same (except presumably they have a different IP address). I am also gathering that the unnamed device on the left is the router. Since laptop to laptop is working properly, I'm not sure this is a switch problem, but rather a router proble...
by k6ccc
Sun Sep 24, 2023 9:04 pm
Forum: SwOS
Topic: CRS326-24S - As TOR and VLAN help ?
Replies: 3
Views: 2326

Re: CRS326-24S - As TOR and VLAN help ?

I am going to post three screen captures of one of my CSS326 switches. This will likely answer most of your questions. I'm noticing that this is a really old capture, and I'm not sure why I cut the VLAN and Links tabs off after port 21... I'm going to point our a few specific ports that have various...
by k6ccc
Fri Sep 22, 2023 10:22 pm
Forum: SwOS
Topic: CRS326-24S - As TOR and VLAN help ?
Replies: 3
Views: 2326

Re: CRS326-24S - As TOR and VLAN help ?

Sounds like a fairly simple setup. SwitchOS works very well for switch functions. I use SwitchOS for all of my switches here at the house and am very happy with it. I have been using SwitchOS for years, so if you have any questions, feel free to ask. And yes, you will likely get people commenting th...
by k6ccc
Tue Sep 19, 2023 7:56 pm
Forum: SwOS
Topic: Switch RB260GS, VLANs, DHCP not working
Replies: 4
Views: 2446

Re: Switch RB260GS, VLANs, DHCP not working

I have a half dozen SwitchOS devices and DHCP on VLANs works just fine, so you have something amiss. I am not able to connect to my switches right now, but when I get back to the home network, I will poke around. In the mean time, there screen captures might help you get started: These are all from ...
by k6ccc
Sat Sep 16, 2023 8:19 am
Forum: Forwarding Protocols
Topic: Hide my real IP in ICMP.
Replies: 1
Views: 1587

Re: Hide my real IP in ICMP.

If I understand your question, no. As I understand your question, if someone pings your domain that will get to your RouterBoard, you want a fake IP address returned. The initial IP shown in the ping command is based on the DNS lookup and is before ever sending a ping to you. In the ping command sho...
by k6ccc
Wed Sep 13, 2023 8:57 pm
Forum: Beginner Basics
Topic: Goodwe inverter disconnects regularly
Replies: 2
Views: 1180

Re: Goodwe inverter disconnects regularly

Never heard of Goodwe. How are the inverter and router connected to each other (example, USB, wired IP, WiFi, smoke signals)?
by k6ccc
Wed Sep 13, 2023 8:53 pm
Forum: Beginner Basics
Topic: Setting up 2 VLANs and Inter-VLAN Routing
Replies: 7
Views: 1438

Re: Setting up 2 VLANs and Inter-VLAN Routing

I know it's recommended to not use vlan-id=1, but this is a lab not a real setup in which the instructions said to do so. The recommendation is not so much about production environment, it's about sink holes planted inside ROS if one wants to use VID 1 ... I'm not saying it's not possible, but one ...
by k6ccc
Sun Sep 10, 2023 6:55 am
Forum: Beginner Basics
Topic: Random Websites Will Not Load, Reset requiered
Replies: 4
Views: 1653

Re: Random Websites Will Not Load, Reset requiered

Without knowing your configuration, we are guessing. Please post a network drawing (or at least a GOOD description of what it connected to what), and a configuration export. To export and paste your configuration (and I'm assuming you are using WebFig or Winbox), open a terminal window, and type (wi...
by k6ccc
Mon Sep 04, 2023 9:17 pm
Forum: Beginner Basics
Topic: My device not stable after update
Replies: 5
Views: 1496

Re: My device not stable after update

Also, what version of WinBox? Older versions of WinBox won't work right with newer versions of RouterOS.
by k6ccc
Sat Sep 02, 2023 8:14 pm
Forum: Beginner Basics
Topic: Directly accessing SVG real-time traffic graphs?
Replies: 5
Views: 2906

Re: Directly accessing SVG real-time traffic graphs?

You might want to take a look at this thread regarding using Splunk for this purpose:
viewtopic.php?t=179960
by k6ccc
Fri Sep 01, 2023 8:04 pm
Forum: Beginner Basics
Topic: first configuration
Replies: 4
Views: 1390

Re: first configuration

That is what I'm doing with my RB4011. Router only performs routing / DHCP functions. All switching is done in separate managed switches (CSS326 in my case). No bridge in the router.
by k6ccc
Wed Aug 30, 2023 10:53 pm
Forum: Beginner Basics
Topic: when to upgrade ROS (7.xx)
Replies: 24
Views: 3553

Re: when to upgrade ROS (7.xx)

@en1gm4 I'm kind of in the same boat. My main router here at home is a RB4011iGS+ that is running 6.49.8. I have been watching ROS 7 for about a year, but currently have no real NEED to upgrade to it. I also would like to play with WireGuard, but it's not a need for me. I will be off work for the ne...
by k6ccc
Wed Aug 23, 2023 11:56 pm
Forum: Beginner Basics
Topic: Practical redundancy on devices with PoE port + adapter?
Replies: 26
Views: 2909

Re: Practical redundancy on devices with PoE port + adapter?

Finally getting back to this thread. Had fairly major surgery 8 days ago and have not really been doing much on the computer. Sort of getting there. Somewhat humorous Amm0 that you had a power outage. We had the end of Hurricane Hilary come though here over the weekend. Not really much of a problem ...
by k6ccc
Sun Aug 20, 2023 7:57 pm
Forum: Beginner Basics
Topic: Unnable to ping lan devices
Replies: 2
Views: 1037

Re: Unnable to ping lan devices

Your router has no clue how to find the192.168.88.nnn network. It has no addresses on that network, and no route statement to know how to reach it. Second - and I know only enough about bridges in ROS to be dangerous so take this with caution. You have one IP address assigned to one of the ports on ...
by k6ccc
Sun Aug 20, 2023 3:11 am
Forum: General
Topic: Mikrotik website about ipv6 throughput?
Replies: 47
Views: 4787

Re: Mikrotik website lying about throughput?

In 2023, IPv6 is the norm, IPv4 the exception, telling a RB5009, release this year, can route 10Gb/s of traffic is a lie.
I don't know how true that statement is. I have both fiber and cable based internet here in the Los Angeles metro area, and neither of my ISPs is making IPv6 available.
by k6ccc
Sat Aug 19, 2023 11:47 pm
Forum: Beginner Basics
Topic: DHCP untrusted error
Replies: 11
Views: 1724

Re: DHCP untrusted error

OK, so you don't follow instructions. You did not include a network drawing or at least a good detailed description of the network. You did not post your complete configuration (minus sensitive data), and you did not post it within code blocks as instructed. Lastly you state that you're not wanting ...
by k6ccc
Sat Aug 19, 2023 10:14 pm
Forum: Beginner Basics
Topic: Rule to remove from address list
Replies: 9
Views: 1530

Re: Rule to remove from address list

test-connection takes about 15 seconds to time out on each ping, and there's no way to control that. So I set the timeout to 30 to leave a little wiggle room. You don't have to wait for the test connection to time out (unless whatever you are using to generate the knock is too stupid). I have some ...
by k6ccc
Sat Aug 19, 2023 9:55 pm
Forum: Beginner Basics
Topic: DHCP untrusted error
Replies: 11
Views: 1724

Re: DHCP untrusted error

There are so many issues here, let me see what I can start with. 1) Get rid of the cable between ports 13 & 15 - that is NOT how to get two diverse networks to communicate! That is the router's job. 2) Since you are trying to run two networks from the CCR to site B, you have two choices. Either ...
by k6ccc
Sat Aug 19, 2023 9:42 pm
Forum: Beginner Basics
Topic: Ping by routerName.local instead of by IP [SOLVED]
Replies: 4
Views: 1354

Re: Ping by routerName.local instead of by IP [SOLVED]

Not really sure what you are asking or telling us. You gave us no information on equipment, software, or configuration. But yes, the Mikrotik router may or may not be able to provide local DNS service - depending mostly on configuration. ssh routerName.local:21 Why are you trying to ssh to the ftp p...
by k6ccc
Sat Aug 19, 2023 8:42 pm
Forum: Beginner Basics
Topic: Router/bridge at same time
Replies: 11
Views: 1810

Re: Router/bridge at same time

Start off with posting a network drawing so we know what you are trying to do. Next is post your configuration. To export and paste your configuration (and I'm assuming you are using WebFig or Winbox), open a terminal window, and type (without the quotes) "/export hide-sensitive file=any-filena...
by k6ccc
Sat Aug 19, 2023 8:38 pm
Forum: Beginner Basics
Topic: HAP AC2 Wired conection
Replies: 5
Views: 1161

Re: HAP AC2 Wired conection

To export and paste your configuration (and I'm assuming you are using WebFig or Winbox), open a terminal window, and type (without the quotes) "/export hide-sensitive file=any-filename-you-wish". Then open the files section and right click on the filename you created and select download i...
by k6ccc
Sat Aug 19, 2023 8:36 pm
Forum: SwOS
Topic: CSS610-8G VLAN config
Replies: 3
Views: 3129

Re: CSS610-8G VLAN config

Do not use VLAN 1 for anything - unless there is a specific requirement to do so for some attached device. Too many devices that treat VLAN 1 "special" - and most will not tell you that.
by k6ccc
Sat Aug 19, 2023 8:34 pm
Forum: SwOS
Topic: Is SwOS dead?
Replies: 6
Views: 5332

Re: Is SwOS dead?

It's obvious that SwitchOS is a low priority for Mikrotik. Even SwOS lite for the couple of switches it uses keeps getting updates, but full SwitchOS seems to be getting ignored. As far as moving to RouterOS, I personally find that for pure switch functions, SwitchOS is FAR easier to use. I also hav...
by k6ccc
Sun Aug 13, 2023 2:05 am
Forum: Beginner Basics
Topic: Many open filtered ports in nmap
Replies: 5
Views: 1345

Re: Many open filtered ports in nmap

For starters, your input chain is essentially wide open. So is your forward chain. Generally recommended procedure is to specifically allow what you want and then have a drop everything rule at the end of the chain (which you don't have). You want this for both the input and forward chains - maybe o...
by k6ccc
Sat Aug 12, 2023 8:37 pm
Forum: Beginner Basics
Topic: so i connected two lans together why is firewall dropping as invalid
Replies: 6
Views: 1361

Re: so i connected two lans together why is firewall dropping as invalid

Start off with a network description - or better yet and network drawing.
by k6ccc
Sat Aug 12, 2023 8:35 pm
Forum: Beginner Basics
Topic: Many open filtered ports in nmap
Replies: 5
Views: 1345

Re: Many open filtered ports in nmap

Are you are testing from the Internet or testing from a computer on your LAN? A Google search will generally tell you what things use those ports. Sounds like you have some things open that you are not expecting. Without your configuration, we would be guessing. Post your configuration please. To ex...
by k6ccc
Fri Aug 11, 2023 11:11 pm
Forum: Beginner Basics
Topic: VLAN DHDP-Relay
Replies: 12
Views: 2673

Re: VLAN DHDP-Relay

Your description and minimal config does not really give enough useful information. Please post a network drawing and export your configuration. To export and paste your configuration (and I'm assuming you are using WebFig or Winbox), open a terminal window, and type (without the quotes) "/expo...
by k6ccc
Fri Aug 11, 2023 11:04 pm
Forum: Wireless Networking
Topic: LTE in vehicle: worth it to get antenna outside car?
Replies: 3
Views: 1696

Re: LTE in vehicle: worth it to get antenna outside car?

I'd like to re-purpose the "shark-fin" style antenna enclosure that's already on the roof of the car if I can. That way I don't have to come up with another antenna mounting locaiton. If you don't mind spending some money, you can get custom (or semi-custom) antennas that replace the fact...
by k6ccc
Fri Aug 11, 2023 8:43 pm
Forum: Wireless Networking
Topic: LTE in vehicle: worth it to get antenna outside car?
Replies: 3
Views: 1696

Re: LTE in vehicle: worth it to get antenna outside car?

I work in a city radio shop. We have hundreds of vehicles with various radio services - GPS, Wifi, cellular, and of course the two way radios. I can absolutely assure you that getting the antenna outside the steel box known as your car will SUBSTANTIALLY improve radio performance. Best bet is an ant...
by k6ccc
Fri Aug 11, 2023 7:22 pm
Forum: Beginner Basics
Topic: Practical redundancy on devices with PoE port + adapter?
Replies: 26
Views: 2909

Re: Practical redundancy on devices with PoE port + adapter?

I sometimes use 24V battery packs on either PoE injector or as the DC IN, with the battery charge always plugged in to the grid. No AC/DC conversion and Mikrotik's don't really use all that much power, so $50-100 battery pack is often longer lasting/cheaper than APC-like AC UPS. The 24V lithium pac...
by k6ccc
Fri Aug 11, 2023 6:27 pm
Forum: Beginner Basics
Topic: Practical redundancy on devices with PoE port + adapter?
Replies: 26
Views: 2909

Re: Practical redundancy on devices with PoE port + adapter?

Thanks. These monitoring tips are great. For me the most important one would be the temperature - sometimes AC units fail in server rooms and then things can get toasty. You're welcome. Yep, temperature and power issues are high on the monitoring priority list. I was maybe thinking building my own,...
by k6ccc
Thu Aug 10, 2023 11:35 pm
Forum: Beginner Basics
Topic: Best way of setting Static IP for WAN when connecting remotely
Replies: 5
Views: 1290

Re: Best way of setting Static IP for WAN when connecting remotely

About 25% need the WAN set statically. We remote in (Teamviewer); log into Router and go to set WAN IP and then we get disconnected (We need to set DNS next I assume?) I'm curious how you are getting to it via TeamViewer (which I use regularly and am very familiar with). I assume you remote into a ...
by k6ccc
Thu Aug 10, 2023 7:30 pm
Forum: Beginner Basics
Topic: Practical redundancy on devices with PoE port + adapter?
Replies: 26
Views: 2909

Re: Practical redundancy on devices with PoE port + adapter?

Thanks for info. Out of curiosity, how do you solve monitoring and reporting of MIkroTik systems and external sensors/batteries and such? There are a couple things that I am doing. For environmental monitoring, I have a box called a Watchdog 1000 from IT Watchdogs (now owned by Vertiv). It has mult...
by k6ccc
Thu Aug 10, 2023 5:08 pm
Forum: Beginner Basics
Topic: VLAN SwOS CRS326-24G-2S+ [SOLVED]
Replies: 6
Views: 1284

Re: VLAN SwOS CRS326-24G-2S+ [SOLVED]

Let me know if you have any more questions. I'm one of the people here that uses and really likes SwitchOS (I have seven switches that I manage).
by k6ccc
Wed Aug 09, 2023 11:19 pm
Forum: Beginner Basics
Topic: Practical redundancy on devices with PoE port + adapter?
Replies: 26
Views: 2909

Re: Practical redundancy on devices with PoE port + adapter?

#2 Jesus. ... Don't you think that s a bit of an overkill? Only a little. Think of it as public safety grade. I run a large regional public safety 2-way radio system for a living. We operate with the understanding that under the wrong set of circumstances, failure of the radio system can result in ...
by k6ccc
Wed Aug 09, 2023 7:20 pm
Forum: Beginner Basics
Topic: Practical redundancy on devices with PoE port + adapter?
Replies: 26
Views: 2909

Re: Practical redundancy on devices with PoE port + adapter?

So you chose an option to have external dedicated poe backup. Correct I am thinking about this too, in a way that I would have a separate injector and an adapter for each device if I wont find a way to configure excess PoE switch ports to be redundancies. I don't have POE switches, so that is not a...
by k6ccc
Wed Aug 09, 2023 5:08 pm
Forum: Beginner Basics
Topic: Practical redundancy on devices with PoE port + adapter?
Replies: 26
Views: 2909

Re: Practical redundancy on devices with PoE port + adapter?

I am doing exactly what you are wanting to do on a RB4011, RB750Gr3, and RB750r2 routers, and two CSS326 switches in my data cabinet. It works very well. All of these devices use passive (or dumb) POE input on port 1. In the case of the RB4011 it is getting 48V POE and the others are getting 24V POE...
by k6ccc
Wed Aug 09, 2023 4:54 pm
Forum: Beginner Basics
Topic: VLAN SwOS CRS326-24G-2S+ [SOLVED]
Replies: 6
Views: 1284

Re: VLAN SwOS CRS326-24G-2S+ [SOLVED]

OK Cube4d, welcome to the forum. A couple of comments. Assuming that port 2 is being used as a VLAN trunk (as opposed to a Hybrid mode). All of your devices EXCEPT the router connection on port 2 are NOT VLAN aware (or at least not operating as a VLAN connection). 1) DO NOT use VLAN 1. Any other num...
by k6ccc
Tue Aug 08, 2023 11:40 pm
Forum: Beginner Basics
Topic: VLANs access port - not restricted
Replies: 2
Views: 933

Re: VLANs access port - not restricted

Routing between networks is what a router does. You have no firewall rules to prevent routing between LANs so that is exactly what it will do. Remember in RouterOS, at the end of a firewall chain there is am implied accept. So the general plan is to specifically accept what you want to allow and the...
by k6ccc
Sun Aug 06, 2023 6:04 am
Forum: Beginner Basics
Topic: Meaning of "Client ID" in a DHCP Server Lease [SOLVED]
Replies: 2
Views: 1546

Re: Meaning of "Client ID" in a DHCP Server Lease [SOLVED]

Can't do this with a dynamic address, but with DHCP reservations (what Mikrotik calls static), but put a comment on the item.

Image
by k6ccc
Fri Aug 04, 2023 7:20 pm
Forum: Beginner Basics
Topic: vlan interoperability issues
Replies: 8
Views: 1354

Re: vlan interoperability issues

In an almost default configuration the VLANs should communicate just fine - that's what a router does. Beyond that, please post your configuration so we're not guessing. To export and paste your configuration (and I'm assuming you are using WebFig or Winbox), open a terminal window, and type (withou...
by k6ccc
Wed Aug 02, 2023 7:34 am
Forum: Beginner Basics
Topic: Migrating RADIUS data to another RADIUS server
Replies: 2
Views: 904

Re: Migrating RADIUS data to another RADIUS server

What Radius server are you using?
by k6ccc
Mon Jul 31, 2023 5:46 pm
Forum: SwOS
Topic: Need help to convert RouterOS to SwitchOS
Replies: 9
Views: 3769

Re: Need help to convert RouterOS to SwitchOS

The screen captures above are from the Family room switch. Port 1 is the trunk between the Family room switch and the Garage switch. You can see in the VLANs tab that essentially every VLAN is included on that trunk. That allows everything to be able to flow between the two switches. As far as keepi...
by k6ccc
Mon Jul 31, 2023 4:59 pm
Forum: Beginner Basics
Topic: Connectivity Issues with Amazon Echo Alexa and Fire TV on MikroTik RouterOS
Replies: 10
Views: 2376

Re: Connectivity Issues with Amazon Echo Alexa and Fire TV on MikroTik RouterOS

Without knowing your configuration, we would only be guessing. Please export and post your configuration. To export and paste your configuration (and I'm assuming you are using WebFig or Winbox), open a terminal window, and type (without the quotes) "/export hide-sensitive file=any-filename-you...
by k6ccc
Fri Jul 28, 2023 6:54 pm
Forum: Announcements
Topic: CVE-2023-30799
Replies: 14
Views: 29276

Re: CVE-2023-30799

Interesting, but pretty much a non-issue since it requires the actor to be logged in with full admin privilege anyway...
by k6ccc
Thu Jul 27, 2023 4:55 pm
Forum: Beginner Basics
Topic: NAT for Axis Cameras
Replies: 1
Views: 778

Re: NAT for Axis Cameras

It sounds like you are in a double NAT situation. From the Internet, the Draytek needs to NAT the required ports from it WAN to it's LAN. This sounds like it is working (although needs to be edited to point the NAT destination to the Mikrotik rather than the individual cameras. Then in the Mikrotik ...
by k6ccc
Wed Jul 26, 2023 8:35 pm
Forum: General
Topic: Bridge Layer 2 and LAN DHCP going stuck
Replies: 8
Views: 830

Re: Bridge Layer 2 and LAN DHCP going stuck

I have Cisco SG500,
(Mistakenly I wrote SA500)
Sorry
I did not catch the difference in the screen capture either...

In any case, from the screen capture, it DOES appear that your SG500 is a VLAN aware managed switch. So go back to my earlier post with suggestions.
by k6ccc
Wed Jul 26, 2023 5:38 pm
Forum: General
Topic: Bridge Layer 2 and LAN DHCP going stuck
Replies: 8
Views: 830

Re: Bridge Layer 2 and LAN DHCP going stuck

Your description says that the Cisco SA-500 is unmanaged, but the drawing and screen capture shows that the SA-500 is a managed switch. I don't speak Cisco, and it's not my intent to look it up for you. So I am going to with the SA-500 being a managed switch. Run a single VLAN trunk between the MT r...
by k6ccc
Wed Jul 26, 2023 5:21 pm
Forum: SwOS
Topic: SWos Devices IP Addressing
Replies: 4
Views: 2736

Re: SWos Devices IP Addressing

I don't use a VPN to access my switches, but every time I access any of them it is from a different LAN and therefore is routed. Works fine. Nothing special required in the router.
by k6ccc
Sat Jul 22, 2023 11:08 pm
Forum: SwOS
Topic: CSS-610 management ports and topology dreams.
Replies: 7
Views: 3139

Re: CSS-610 management ports and topology dreams.

There's MSTP which does know about VLANs and you should be using it. I don't have any SwOS drvice so I don't know if SwOS supports MSTP or not.
No, SwitchOS does not support MSTP. I was just setting up an RSTP link last night in SwitchOS, so STP capability is fresh in my mind...
by k6ccc
Sat Jul 22, 2023 10:50 pm
Forum: General
Topic: What dynamic DNS are you using and why? (Free or not)
Replies: 12
Views: 5782

Re: What dynamic DNS are you using and why? (Free or not)

I am using https://www.dynu.com/ and am happy with their free service. Been using them for only a few months. Prior to that I was using a DSL with static IPs. Moved to cable based internet with a dynamic IP address. I am using a Windows application that I run on my server, but they also have a scri...
by k6ccc
Fri Jul 21, 2023 6:28 pm
Forum: Beginner Basics
Topic: Winbox shows empty config and keeps dissconecting
Replies: 4
Views: 2132

Re: Winbox shows empty config and keeps dissconecting

Where is the PC that you are using connected to? By that I mean are you connected to a LAN on Router 1, Router 2, something else? If you physically plug into the router that you can't access (rather than accessing across the tunnel), does it work? What version of WinBox are you using? Are you trying...
by k6ccc
Fri Jul 21, 2023 5:43 pm
Forum: SwOS
Topic: CSS-610 management ports and topology dreams.
Replies: 7
Views: 3139

Re: CSS-610 management ports and topology dreams.

Your description and drawing don't match so it's really hard to know what you are trying to do. You state that you don't want to use VLANs and then have VLANs running all over the place. Your dashed lines with "no contact" is meaning less. I assume you mean "out of band" for OOB....
by k6ccc
Thu Jul 20, 2023 11:52 pm
Forum: SwOS
Topic: CSS610 LAG VLAN confusion [SOLVED]
Replies: 2
Views: 3454

Re: CSS610 LAG VLAN confusion [SOLVED]

When I have run a LAG under SwitchOS (on a VLAN trunk), I have set the VLAN and VLANs tabs to match each other for the two ports that are part of the LAG - it worked that way. I have never tried any other way and there is no setting on either the LAG or VLAN tabs to reflect that a specific VLAN is o...
by k6ccc
Thu Jul 20, 2023 8:58 pm
Forum: General
Topic: How to set Mikrotik default IP
Replies: 3
Views: 659

Re: How to set Mikrotik default IP

Sounds like you have messed up something in the config. It absolutely SHOULD work 100% of the time (it does on my RB4011 with multiple WANs). Export and post your config. To export and paste your configuration (and I'm assuming you are using WebFig or Winbox), open a terminal window, and type (witho...
by k6ccc
Thu Jul 20, 2023 8:54 pm
Forum: General
Topic: traffic stops almost completely after a few bridge hops
Replies: 9
Views: 993

Re: traffic stops almost completely after a few bridge hops

Start with the configurations of each of the devices. Export and post each configuration and post them here so we have a clue what you have done to break it. To export and paste your configuration (and I'm assuming you are using WebFig or Winbox), open a terminal window, and type (without the quotes...
by k6ccc
Wed Jul 19, 2023 7:11 pm
Forum: Beginner Basics
Topic: VLAN Routing and General Review
Replies: 16
Views: 2145

Re: VLAN Routing and General Review

Yes it is possible that the Allen Bradley switches are intentionally dumbed down - of that I have no information. Mikrotik switches running SwitchOS also have no ability to specify a gateway, but they will just send packets back to whatever the switch received the packet from - whether that is a dir...
by k6ccc
Tue Jul 18, 2023 7:42 pm
Forum: Beginner Basics
Topic: Question regarding IP pools [SOLVED]
Replies: 24
Views: 2026

Re: Question regarding IP pools [SOLVED]

Here's one of mine. Lease time on this one is 3 hours.
/ip dhcp-server
add address-pool=".101 DHCP pool" authoritative=after-2sec-delay disabled=no \
    interface=E02-pB4_101 lease-time=3h name=".101 DHCP server"
by k6ccc
Tue Jul 18, 2023 7:40 pm
Forum: Beginner Basics
Topic: Question regarding IP pools [SOLVED]
Replies: 24
Views: 2026

Re: Question regarding IP pools [SOLVED]

While DHCP protocol does define way for client to release the address, it's seldomly (if ever) used. Some (a few) devices will initiate a release - I have observed some devices do so on my network. Trying to remember which devices will release a DHCP lease when shut down. Not sure, but it may be th...
by k6ccc
Tue Jul 18, 2023 7:36 pm
Forum: Beginner Basics
Topic: Question regarding IP pools [SOLVED]
Replies: 24
Views: 2026

Re: Question regarding IP pools [SOLVED]

Simply set a fairly short lease time in the DHCP server setting.
by k6ccc
Tue Jul 18, 2023 7:10 pm
Forum: Beginner Basics
Topic: Question regarding IP pools [SOLVED]
Replies: 24
Views: 2026

Re: Question regarding IP pools [SOLVED]

I have set up L2TP server with IP pool 10.8.0.2-10.8.0.254 . I see that when users connect , it starts assigning them IPs starting from 10.8.0.254 , 10.8.0.253 and etc... Correct. Mikrotik DHCP server starts at the high end of the range. My question is what happens after all the IPs are used ? I un...
by k6ccc
Tue Jul 18, 2023 7:00 pm
Forum: Beginner Basics
Topic: Block Traffic to Specific IP Ranges via Terminal
Replies: 3
Views: 853

Re: Block Traffic to Specific IP Ranges via Terminal

Are these enough to block all outgoing traffic (output & forward) from all sources to those IP ranges I mentioned ? /ip firewall filter add action=drop chain=output dst-address=141.101.78.0/23 add action=drop chain=output dst-address=173.245.48.0/20 add action=drop chain=forward dst-address=141...
by k6ccc
Tue Jul 18, 2023 12:45 am
Forum: Beginner Basics
Topic: Help me figure out where traffic is going through
Replies: 2
Views: 799

Re: Help me figure out where traffic is going through

I disabled all input rules and output in hoping that i won't be able to browse the internet but i am. Traffic passing through the router does not go through the Input nor Output chain. It goes through the Forward chain. The Input chain is for traffic that has the router as it's destination (your Wi...
by k6ccc
Tue Jul 18, 2023 12:40 am
Forum: Beginner Basics
Topic: Help me figure out where traffic is going through
Replies: 2
Views: 799

Re: Help me figure out where traffic is going through

Your image is unavailable to us. Also, without your configuration, we would be guessing. Please export and post your configuration. To export and paste your configuration (and I'm assuming you are using WebFig or Winbox), open a terminal window, and type (without the quotes) "/export hide-sensi...
by k6ccc
Mon Jul 17, 2023 11:53 pm
Forum: SwOS
Topic: SwOS Stacking
Replies: 16
Views: 6732

Re: SwOS Stacking

Or did you read my statement that there are 7 free (unused) ports to mean that I was connecting the two switches with 7 connections? Yes, that's what I understood from your post. I am not native English speaker so forgive me... :D I can assure you that your English is better than my ability to spea...
by k6ccc
Mon Jul 17, 2023 11:43 pm
Forum: SwOS
Topic: SwOS Stacking
Replies: 16
Views: 6732

Re: SwOS Stacking

Not an option for me since all three switches in this reference are CSS326. And for switches, I really prefer SwitchOS...
by k6ccc
Mon Jul 17, 2023 11:41 pm
Forum: Beginner Basics
Topic: Winbox Mikrotik configure it as AP for the LAN
Replies: 16
Views: 1632

Re: Winbox Mikrotik configure it as AP for the LAN

hAP ac lite is a nice device, but the WiFi is rather limited primarily due to only internal antennas. I have two of them (although they are running a ham radio software called AREDN).
Firmware updates on most of the Mikrotik devices is pretty reliable.
by k6ccc
Mon Jul 17, 2023 11:31 pm
Forum: Beginner Basics
Topic: LACP SwOS
Replies: 1
Views: 806

Re: LACP SwOS

Confirming when you are making these tests, you have the working LAG from the CRS-309 to the XG-7100, and the second LAG from the CRS-309 to the CRS-328 causes the storm (the CRS-305 is not yet into the picture). Also, confirm that there is no connection from the CRS-328 to the CRS-305? You did not ...
by k6ccc
Mon Jul 17, 2023 11:16 pm
Forum: Beginner Basics
Topic: Winbox Mikrotik configure it as AP for the LAN
Replies: 16
Views: 1632

Re: Winbox Mikrotik configure it as AP for the LAN

So the OP wants the Mikrotik to ONLY function as a WiFi access point. No "router" functions. That should be fairly straight forward (but I don't do WiFi in ROS so I'm no help there). And suntchi56, please tell us what hardware you have. Also, I would recommend updating the ROS version. 6.3...
by k6ccc
Mon Jul 17, 2023 7:30 pm
Forum: SwOS
Topic: SwOS Stacking
Replies: 16
Views: 6732

Re: SwOS Stacking

Despite all of that I still don't get why you didn't interconnect switches with at least 1 x 10 Gb twinax cable instead of 7 x 1 GbE interfaces... Where did you get the idea that I am connecting the two switches with 7 x 1 GbE connections? They are connected with a single 1 GigE connection - which ...
by k6ccc
Mon Jul 17, 2023 6:08 pm
Forum: SwOS
Topic: SwOS Stacking
Replies: 16
Views: 6732

Re: SwOS Stacking

Tying the two CSS326 switches together is easy. However they are still entirely treated as two separate switches from a management perspective. The other part is bigger. When there was just one switch in the data cabinet, it had a single 1GigE connection to another CSS326 in my family room. Eventual...
by k6ccc
Mon Jul 17, 2023 5:05 pm
Forum: SwOS
Topic: SwOS Stacking
Replies: 16
Views: 6732

Re: SwOS Stacking

I honestly cannot see many real uses for it, aside from ticking a box on a design spec. With the 100gb switch not listed in supported (maybe it does work and the document is old) you really limited on real throughput. My data cabinet at home now has two CSS326-24G-2S switches. I have two in there b...
by k6ccc
Mon Jul 17, 2023 5:38 am
Forum: Beginner Basics
Topic: Mediaserver and TV in different subnets
Replies: 2
Views: 987

Re: Mediaserver and TV in different subnets

Unless there is some compelling reason not to, put them on the same subnet.
Broadcasts stay local to the subnet.
by k6ccc
Sun Jul 16, 2023 7:37 pm
Forum: Beginner Basics
Topic: Domain Search List for MT devices
Replies: 4
Views: 1054

Re: Domain Search List for MT devices

I have no idea what fqdn means or how to use it?
Fully Qualified Domain Name
https://en.wikipedia.org/wiki/Fully_qua ... omain_name
by k6ccc
Sat Jul 15, 2023 5:29 am
Forum: SwOS
Topic: Need help to convert RouterOS to SwitchOS
Replies: 9
Views: 3769

Re: Need help to convert RouterOS to SwitchOS

Particularly becuase there are things that don't apply to switches but they still show up and are not grayed-out. Do you mean in RouterOS or SwitchOS? If the latter, please give examples. If the former, I largely agree. Has a lot to do with why I am using routers exclusively as routers and switches...
by k6ccc
Fri Jul 14, 2023 9:34 pm
Forum: General
Topic: Volume installation/preparation
Replies: 7
Views: 1098

Re: Volume installation/preparation

Holvoetn had exactly the same thought as I did - Nice writeup. Not anything that I have a need for, but interesting to read. Thanks for posting that. I'm sure it will be useful to some people...
by k6ccc
Fri Jul 14, 2023 9:19 pm
Forum: General
Topic: OS V7.8 BGP needs port 23 open
Replies: 3
Views: 385

Re: OS V7.8 BGP needs port 23 open

I have the 179 rule in and see traffic on it. The 23 rule does not have any traffic, but if I disable that rule (23) my BGP goes down. It's very strange.
Sounds like something is there that you are not expecting. Post your config and the answer likely will reveal itself.
by k6ccc
Fri Jul 14, 2023 7:50 pm
Forum: SwOS
Topic: Need help to convert RouterOS to SwitchOS
Replies: 9
Views: 3769

Re: Need help to convert RouterOS to SwitchOS

BTW, newer version of SwitchOS allow you to name the VLANs on the VLANs tab so it is easier to remember what is what. Also, the checkboxes are colored so they are easier to see. My screen captures were from several years ago and an earlier version of SwitchOS.
by k6ccc
Fri Jul 14, 2023 7:44 pm
Forum: Beginner Basics
Topic: VLAN Routing and General Review
Replies: 16
Views: 2145

Re: VLAN Routing and General Review

my plan is to ONLY use VLAN 1 for the management of the switches on the network.
Use something other than VLAN 1. VLAN 99 seems to be a commonly used on, but there is nothing magic about that number.
by k6ccc
Fri Jul 14, 2023 7:42 pm
Forum: Beginner Basics
Topic: Which MikroTik wifi Router
Replies: 13
Views: 1340

Re: Which MikroTik wifi Router

which fiber transceivers sound the best.

It’s the ones with the oxygen-free copper traces…
You did say that you were this guy here demonstrating the Retro Encabulator? https://www.youtube.com/watch?v=RgaKjVXK0KA
by k6ccc
Fri Jul 14, 2023 7:35 pm
Forum: SwOS
Topic: Need help to convert RouterOS to SwitchOS
Replies: 9
Views: 3769

Re: Need help to convert RouterOS to SwitchOS

Easiest way to do this is include two screen captures of one of my CSS326 switches. BTW, in my collection of Mikrotik devices I have a CRS326 that I have running in SwitchOS. Most of everything you will do will be on the VLAN and VLANs tabs. First is the VLAN tab. I will point out a few lines. Port ...
by k6ccc
Fri Jul 14, 2023 5:26 pm
Forum: Beginner Basics
Topic: VLAN Routing and General Review
Replies: 16
Views: 2145

Re: VLAN Routing and General Review

Unless you REALLY have to, avoid VLAN 1. Many devices handle VLAN 1 strangely. You may find traffic on that VLAN that you did not intend.
And yes, there are some devices that do not give you a choice (I have a couple).
by k6ccc
Fri Jul 14, 2023 5:21 pm
Forum: Beginner Basics
Topic: Which MikroTik wifi Router
Replies: 13
Views: 1340

Re: Which MikroTik wifi Router

Part two is a single WiFi access point for a 2500 square foot home is likely going to be pushing it. Might work, but likely will have some dead/marginal spots. I would be looking at multiple wired access points.
by k6ccc
Fri Jul 14, 2023 5:16 pm
Forum: Beginner Basics
Topic: Which MikroTik wifi Router
Replies: 13
Views: 1340

Re: Which MikroTik wifi Router

In your proposed drawing, you are intending to use fiber from the Mikrotik to a media converter, only to turn it back to a wired 1G ethernet connection. Why not just run a wired Ethernet connection from the router to the DAC? Unless your house dimensions are measured in acres, you are not likely goi...
by k6ccc
Fri Jul 14, 2023 4:47 pm
Forum: Beginner Basics
Topic: Port Forwarding only works from external network
Replies: 4
Views: 1486

Re: Port Forwarding only works from external network

One quick note since you used QuickSet. Once you make ANY other change to the router config, NEVER EVER use QuickSet again. Doing so will blow away any other changes that you make.
by k6ccc
Wed Jul 12, 2023 9:16 pm
Forum: General
Topic: redirect a subdomain to a private ip in the local network
Replies: 7
Views: 884

Re: redirect a subdomain to a private ip in the local network

<snip>
very limited capabilities beyond L4 (i.e. handling UDP/TCP packets). And "redirecting a subdomain" is an L7

What? You mean that whole OSI 7 layers thing actually means something? :D

Amazing how many people don't understand that...
by k6ccc
Wed Jul 12, 2023 7:26 pm
Forum: Beginner Basics
Topic: How to ping Mikrotik router behind ISP Router
Replies: 8
Views: 1446

Re: How to ping Mikrotik router behind ISP Router

The question to ask your ISP is if they can put their modem into bridge mode. Some will and some will not. If the ISP will put their device into bridge mode, that means your router will be truly public IP facing, so it gets (or you assign) the public IP addresses. For what it's worth, I have two int...
by k6ccc
Wed Jul 12, 2023 1:08 am
Forum: Beginner Basics
Topic: Port Forwarding: proper way to do "DMZ" + UPnP? [SOLVED]
Replies: 11
Views: 6416

Re: Port Forwarding: proper way to do "DMZ" + UPnP? [SOLVED]

i used /ip firewall nat add action=dst-nat chain=dstnat in-interface-list=WAN to-addresses=192.168.1.99 and it creates a perfect dmz but now i am locked out of winbox that uses port 8291 how can i exempt port 8291 from above rule? That should only be a problem if you are attempting to access WinBox...
by k6ccc
Tue Jul 11, 2023 6:41 am
Forum: General
Topic: ip firewall filter time is not working only 1d
Replies: 3
Views: 640

Re: ip firewall filter time is not working only 1d

Was it between 11:35 and 11:40 at the time? Any other time it will show as inactive time.
by k6ccc
Fri Jul 07, 2023 10:19 pm
Forum: Beginner Basics
Topic: Display garbled Chinese characters for Winbox settings comments on webfig
Replies: 3
Views: 1598

Re: Display garbled Chinese characters for Winbox settings comments on webfig

No useful information. What hardware? What software version? What WinBox version? Screen capture of what you're talking about. And this should have been in the "Beginner Basics" section of the forum. Maybe a moderator can move it. Edit - Thanks to whichever moderator moved this to the Begi...
by k6ccc
Thu Jul 06, 2023 10:00 pm
Forum: General
Topic: ip firewall filter time is not working only 1d
Replies: 3
Views: 640

Re: ip firewall filter time is not working only 1d

I have never created a time of day based firewall rule, so I tried a simple one. This rule only operates from 11:35:00 - 11:40:40 every day, and is a passthrough rule so it's just a packet counter - counting packets on my fiber internet connection. Worked fine. add action=passthrough chain=forward c...
by k6ccc
Thu Jul 06, 2023 6:47 pm
Forum: Beginner Basics
Topic: DHCP to Static IP on mAP
Replies: 8
Views: 1518

Re: DHCP to Static IP on mAP

Certainly. Set ETH1 as a DHCP client, and if you will not be using DHCP at all on your local LAN, you can delete (or disable) the router's DHCP server.
by k6ccc
Thu Jul 06, 2023 5:23 am
Forum: Beginner Basics
Topic: hAP ac^3
Replies: 1
Views: 834

Re: hAP ac^3

You're going to have to explain what you are trying to do better. A network drawing would help.
by k6ccc
Fri Jun 30, 2023 11:40 pm
Forum: Beginner Basics
Topic: Disable Webfig Username autofill
Replies: 7
Views: 1874

Re: Disable Webfig Username autofill

...especially since I'd say its a "best practice" to NOT use "admin" as a login name, but it being default only encourages it ;). Agreed. I don't use "admin" or "administrator" (with or without a capital A) as an admin UserID on anything where I have a choice...
by k6ccc
Fri Jun 30, 2023 9:31 pm
Forum: Beginner Basics
Topic: Disable Webfig Username autofill
Replies: 7
Views: 1874

Re: Disable Webfig Username autofill

So much for my educated guess....
by k6ccc
Fri Jun 30, 2023 5:09 pm
Forum: General
Topic: Maximum number of NAT users / sessions
Replies: 45
Views: 22645

Re: Maximum number of NAT users / sessions

Port from 0 to 32767 and 65535 are reserved or not used.
is this still true today ? about the only ports being used for nat are 32767 ?

No. That was a nine year old post.

You can use any port you like from 1 to 65534 for a NAT.
by k6ccc
Fri Jun 30, 2023 5:03 pm
Forum: Beginner Basics
Topic: Disable Webfig Username autofill
Replies: 7
Views: 1874

Re: Disable Webfig Username autofill

That is most likely happening in your browser, not in WebFig.
Just an educated guess as I never use WebFig.
by k6ccc
Thu Jun 29, 2023 2:10 am
Forum: General
Topic: PTP connection to switch for admin
Replies: 3
Views: 470

Re: PTP connection to switch for admin

Really hard to follow what you are saying. Please provide a network drawing and your configuration. Otherwise, we're guessing. To export and paste your configuration (and I'm assuming you are using WebFig or Winbox), open a terminal window, and type (without the quotes) "/export file=any-filena...
by k6ccc
Thu Jun 29, 2023 1:33 am
Forum: Beginner Basics
Topic: Conection from a router to another in the same DHCP
Replies: 3
Views: 757

Re: Conection from a router to another in the same DHCP

As tangent said, you gave us almost nothing to go on. Tell us what is connected to what - or better yet, a network drawing. And export your configuration. To export and paste your configuration (and I'm assuming you are using WebFig or Winbox), open a terminal window, and type (without the quotes) &...
by k6ccc
Thu Jun 29, 2023 1:22 am
Forum: Beginner Basics
Topic: Really a beginner [SOLVED]
Replies: 7
Views: 1484

Re: Really a beginner [SOLVED]

I have not poked through your config, but I can tell you that on my RB4011 that has ROS 6.49.6, the System > Clock display is correct, as is the Dashboard Date & Time in WinBox. Also, log entries are showing correct date and time. In my case, I am using my own Stratum-1 time server. I don't norm...
by k6ccc
Mon Jun 26, 2023 7:04 pm
Forum: Beginner Basics
Topic: How to unlimit bandwidth? (not limit but unlimit)
Replies: 2
Views: 842

Re: How to unlimit bandwidth? (not limit but unlimit)

Please supply a drawing that shows what is connected to what. Also export the config for the Mikrotik router and post it here. To export and paste your configuration (and I'm assuming you are using WebFig or Winbox), open a terminal window, and type (without the quotes) "/export hide-sensitive ...
by k6ccc
Fri Jun 23, 2023 6:02 pm
Forum: General
Topic: Why Windows 10 and 11 cannot connect to the Mikrotik PPTP server?
Replies: 22
Views: 3262

Re: Why Windows 10 and 11 cannot connect to the Mikrotik PPTP server?

did you do any windows update before this happened?

Yes, a Windows 10 update did come out some time or another in the past week. I don't remember exactly when, but every one of my Win 10 computers and my Server 2019 had updates recently. I don't have anything running Windows 11.
by k6ccc
Fri Jun 23, 2023 5:44 pm
Forum: General
Topic: "Couldn't change Switch Port <ether3> - storm rate not supported (6)" when attempting to mirror port 3
Replies: 9
Views: 1121

Re: "Couldn't change Switch Port <ether3> - storm rate not supported (6)" when attempting to mirror port 3

Not an expert in this field, but my initial thought is if ports 3 and 8 are in the same bridge. Off hand, I would think that having both the mirrored port and mirror target in a bridge would cause essentially a feedback loop.
by k6ccc
Fri Jun 23, 2023 5:40 pm
Forum: General
Topic: USB Not Detected RB2011
Replies: 2
Views: 354

Re: USB Not Detected RB2011

Step 1 - eliminate the USB-C adapter to make sure that is not the problem.
by k6ccc
Fri Jun 23, 2023 5:13 am
Forum: Beginner Basics
Topic: INFO: MikroTik new default device password practice
Replies: 23
Views: 3124

Re: INFO: MikroTik new default device password practice

It has been massively discussed here on the forum.

Short answer is: document the password and make sure you know where you retain the information.
by k6ccc
Thu Jun 22, 2023 11:12 pm
Forum: General
Topic: Can someone give me the command line, to delete pppoe-out1
Replies: 16
Views: 1396

Re: Can someone give me the command line, to delete pppoe-out1

Is there a reason you can't just select "Remove" from the screen you are on?
I hardly ever use the CLI, so can't help you on that part...
by k6ccc
Thu Jun 22, 2023 7:19 pm
Forum: General
Topic: Feature request: rules groups or rules colors in WinBox
Replies: 9
Views: 3153

Re: Feature request: rules groups or rules colors in WinBox

I almost exclusively use WinBox, so this was tailored to look good in WinBox. I use a bunch of chains, and most of them end with a "Drop everything" rule. I follow that with one more rule that never sees any packets (since the previous rule is a drop everything) that has a really long comm...
by k6ccc
Thu Jun 22, 2023 7:00 pm
Forum: General
Topic: Consolidate 3 switches into 1
Replies: 3
Views: 528

Re: Consolidate 3 switches into 1

Piece of cake using a CSS326 using SwitchOS. You can segment it either with VLANs or Port Isolation. Either is very easy to set up.
by k6ccc
Wed Jun 21, 2023 2:46 am
Forum: SwOS
Topic: CSS326-24G-2S+ not able to connect at 10G speed on SFP+
Replies: 2
Views: 2654

Re: CSS326-24G-2S+ not able to connect at 10G speed on SFP+

As I understand it, the CSS326 will operate at higher speeds when set to Auto AND the other end is forcing the higher speed. However as Okes said, the RB2011 is Gig only, so it certainly won't force 10G speed.
by k6ccc
Mon Jun 19, 2023 7:56 pm
Forum: Useful user articles
Topic: 📌 Tool: Using Splunk to analyse MikroTik logs 3.9 (Graphing everything) 💾 🛠 💻 📊
Replies: 318
Views: 117367

Re: 📌 Tool: Using Splunk to analyse MikroTik logs 3.9 (Graphing everything) 💾 🛠 💻 📊

Thanks. I have never use github for anything other than one project that I beta which test uses github for bug reports - just writing comments. I'm doing this on a Windows server, so I assume the extract from the zip should go into C:\Program Files\Splunk. The root of the zip is MikroTik-main with t...
by k6ccc
Mon Jun 19, 2023 9:29 am
Forum: SwOS
Topic: Only VLAN 1 is not propagating through switch? [SOLVED]
Replies: 6
Views: 3551

Re: Only VLAN 1 is not propagating through switch? [SOLVED]

Never use VLAN 1. "Never" is a strong word ... but then there are 4093 other values which one can use, so the actual need to use VID 1 is 1 in 4093 :wink: OK, Never use VLAN 1 unless there is some very specific reason that you MUST use VLAN 1. I actually had one of those until recently. A...
by k6ccc
Mon Jun 19, 2023 5:09 am
Forum: SwOS
Topic: Only VLAN 1 is not propagating through switch? [SOLVED]
Replies: 6
Views: 3551

Re: Only VLAN 1 is not propagating through switch? [SOLVED]

Never use VLAN 1.
by k6ccc
Mon Jun 19, 2023 12:45 am
Forum: Beginner Basics
Topic: Log to disk - bad for disk life???
Replies: 6
Views: 873

Re: Log to disk - bad for disk life???

Am I correct in my understanding?
Yes?

Use external syslog or external USB device, if possible.
That's was what I thought, but wanted to be sure. And of course, no external USB slot on the RB4011...
Working on a Splunk install on my server.
by k6ccc
Mon Jun 19, 2023 12:03 am
Forum: Useful user articles
Topic: 📌 Tool: Using Splunk to analyse MikroTik logs 3.9 (Graphing everything) 💾 🛠 💻 📊
Replies: 318
Views: 117367

Re: 📌 Tool: Using Splunk to analyse MikroTik logs 3.9 (Graphing everything) 💾 🛠 💻 📊

Just download the app from GIT and copy the folder mikrotik to %SplunkHome%/etc/apps and restart splunk.
I'm looking at: https://github.com/Jotne/MikroTik
What am I supposed to download?
by k6ccc
Sun Jun 18, 2023 11:03 pm
Forum: Beginner Basics
Topic: Log to disk - bad for disk life???
Replies: 6
Views: 873

Re: Log to disk - bad for disk life???

Am I correct in my understanding?
by k6ccc
Sun Jun 18, 2023 9:05 pm
Forum: Beginner Basics
Topic: Log to disk - bad for disk life???
Replies: 6
Views: 873

Log to disk - bad for disk life???

Sanity check something for me. Log on my RB4011iGS+ (ROS 6.49.6 at the moment) writes between 1000 and 2000 log entries per day. The vast majority of those only write to memory with a much smaller number writing to disk. My understanding of the way different types of memory work is that writing that...
by k6ccc
Sun Jun 18, 2023 8:18 pm
Forum: SwOS
Topic: Reverse polarity in "Link" tab [SOLVED]
Replies: 3
Views: 3309

Re: Reverse polarity in "Link" tab [SOLVED]

I had to look at the CSS610 series manual to figure out what you were talking about. All my switches are CSS326 or CSS106 series and they don't have that indication.
However, with that said, it should not really matter as far as I know.
.
by k6ccc
Thu Jun 15, 2023 11:41 pm
Forum: General
Topic: No activity LEDs for CRS3xx series switches?
Replies: 8
Views: 3348

Re: No activity LEDs for CRS3xx series switches?

I don't think this is gonna be fixed ever. This kind of make the activity led completely useless. (CSS don't have this issue for example) That last part is not correct. Watching one of my CSS326 switches with SwitchOS 2.13, the port LEDs wink off about every half second if there is activity, but al...
by k6ccc
Thu Jun 15, 2023 4:29 pm
Forum: SwOS
Topic: CSS326-24G-2S+ Switch Loss on SFP+ active
Replies: 4
Views: 2756

Re: CSS326-24G-2S+ Switch Loss on SFP+ active

What SFP module are you using?
by k6ccc
Thu Jun 15, 2023 4:27 pm
Forum: SwOS
Topic: Can't access GUI CSS326-24G-2S+
Replies: 1
Views: 2325

Re: Can't access GUI CSS326-24G-2S+

Is the switch and your computer on the same IP subnet? Check your DHCP server and see if the switch got an IP address from the DHCP server. If not, a factory new switch should be 192.168.88.1. Make sure your computer is on the same subnet. Other option is to directly connect a computer to the switch...
by k6ccc
Sat Jun 10, 2023 11:31 pm
Forum: General
Topic: Trying to make a sneaky VPN [SOLVED]
Replies: 17
Views: 2398

Re: Trying to make a sneaky VPN [SOLVED]

I'm trying to get around a 3rd-party firewall that blocks non HTTP traffic. I have a mAP installed on the customer's network and I typically have such devices connect to my server via Wireguard - but the traffic is blocked by their firewall. And I'm having difficulties working with the corporate fi...
by k6ccc
Thu Jun 08, 2023 6:08 pm
Forum: General
Topic: Routeros, operating system services boot order [SOLVED]
Replies: 14
Views: 1074

Re: Routeros, operating system services boot order [SOLVED]

From the Wiki for scheduler: startup - execute the script 3 seconds after the system startup. There is no option in the scheduler to add a different delay for a schedule based on startup. Just wroted..... :delay 20s (for example) That's what I get for believing the manual. Neither the old nor the n...
by k6ccc
Thu Jun 08, 2023 5:58 pm
Forum: General
Topic: Routeros, operating system services boot order [SOLVED]
Replies: 14
Views: 1074

Re: Routeros, operating system services boot order [SOLVED]

From the Wiki for scheduler: startup - execute the script 3 seconds after the system startup.
There is no option in the scheduler to add a different delay for a schedule based on startup.
by k6ccc
Thu Jun 08, 2023 5:39 pm
Forum: General
Topic: Routeros, operating system services boot order [SOLVED]
Replies: 14
Views: 1074

Re: Routeros, operating system services boot order [SOLVED]

As I recall, when I set that up years ago, I tried a couple of delay times, and once I found what worked, I doubled that for the permanent script.
by k6ccc
Thu Jun 08, 2023 5:29 pm
Forum: General
Topic: Routeros, operating system services boot order [SOLVED]
Replies: 14
Views: 1074

Re: Routeros, operating system services boot order [SOLVED]

For example, I had scheduled the sending of a notification email when my router restarted, but it was never sent... I also have a startup script that sends me E-Mail notifications. The scheduler starts the script at start-time=startup. The script writes a log entry and then has a delay 00:00:20 bef...
by k6ccc
Thu Jun 08, 2023 4:54 pm
Forum: Beginner Basics
Topic: RouterOS Wan Issue
Replies: 3
Views: 520

Re: RouterOS Wan Issue

Without knowing how your router is configured, we would be guessing. Please post your configuration. To export and paste your configuration (and I'm assuming you are using WebFig or Winbox), open a terminal window, and type (without the quotes) "/export hide-sensitive file=any-filename-you-wish...
by k6ccc
Tue Jun 06, 2023 11:27 pm
Forum: Scripting
Topic: One router can't send ftp - other can
Replies: 12
Views: 2286

Re: One router can't send ftp - other can

Update - specifically for Rextended... It's working now, and I don't know why. All three routers working perfectly. The last step (after getting the ftp all working) was to add a .cmd file on the server that added the date on all nine files every night after the ftp uploads completed - easier to tha...
by k6ccc
Tue Jun 06, 2023 10:11 pm
Forum: General
Topic: something wrong with dstnat [SOLVED]
Replies: 11
Views: 1685

Re: something wrong with dstnat [SOLVED]

mkx beat me to it while I was typing... Unless I missed something (certainly possible), you have a firewall rule to allow the server LAN to access the internet, but nothing to allow the Internet to access the server LAN. The common way to accomplish that is something like this: /ip firewall filter a...
by k6ccc
Tue Jun 06, 2023 4:28 pm
Forum: Beginner Basics
Topic: Can't ping gateway [SOLVED]
Replies: 4
Views: 2261

Re: Can't ping gateway [SOLVED]

As I understand what you say your problem is, all devices on your LAN can ping the Mikrotik, but the Mikrotik can't ping the ISP gateway. My answer was based on that assumption. The firewall rule you posted relates to your client devices on your LAN being able to ping the Mikrotik. That has nothing ...
by k6ccc
Tue Jun 06, 2023 4:28 am
Forum: Beginner Basics
Topic: Can't ping gateway [SOLVED]
Replies: 4
Views: 2261

Re: Can't ping gateway [SOLVED]

It's always the possibility that the gateway is set up to not respond to pings. Some people thing that's the way to go...
by k6ccc
Mon Jun 05, 2023 2:32 am
Forum: Beginner Basics
Topic: Connecting two MT routers using bridged DSL modem
Replies: 6
Views: 657

Re: Connecting two MT routers using bridged DSL modem

If I understand what you are trying to do, the answer is maybe. The limiting factor is if the switch in the DSL modem will pass VLAN traffic. Some switches will and some will not. If the switch that is part of the DSL modem will pass VLAN traffic, then the connection between the DSL modem and router...
by k6ccc
Sun Jun 04, 2023 7:40 pm
Forum: Beginner Basics
Topic: Limit clients by signal range.
Replies: 18
Views: 3196

Re: Limit clients by signal range.

Now that you have explained the situation a little better, I can see that changing passwords would not work well for this situation, and the password essentially is publicly posted. That only leaves signal. Best suggestion would be using access points that have external antennas so that you can plac...
by k6ccc
Fri Jun 02, 2023 5:07 pm
Forum: General
Topic: Getting into a loop when using multiple "trunk" ports
Replies: 3
Views: 543

Re: Getting into a loop when using multiple "trunk" ports

And one offtopic question, because I can't find a clear answer, and that's just about the number of trunks. In my small network - max 4 VLANs and max around 50 network devices running at any one time, do I need more than one trunk? That entirely depends on traffic. I'm weird and have six switches o...
by k6ccc
Fri Jun 02, 2023 2:41 am
Forum: Scripting
Topic: One router can't send ftp - other can
Replies: 12
Views: 2286

Re: File locations?

Sorry if I can't help :(
You have been very helpful in many ways over the years - so thank you for trying here. One of these days I (or someone else) will figure this out and the result will get posted here...
by k6ccc
Thu Jun 01, 2023 8:41 pm
Forum: Scripting
Topic: One router can't send ftp - other can
Replies: 12
Views: 2286

Re: File locations?

You try to swap the IPs of the two device for see if some firewall rule drop the connection? Unfortunately, that would be a royal pain in the ass. Router 1 (the RB4011) is my main router so EVERYTHING is routing through it. Changing it's IP would cause a lot of stuff to fail, or a lot of work to ch...
by k6ccc
Thu Jun 01, 2023 5:02 pm
Forum: Scripting
Topic: One router can't send ftp - other can
Replies: 12
Views: 2286

Re: File locations?

[Admin@RB750r2] /file> /tool fetch address=192.168.201.11 src-path="/RB750r2_Version.txt" user=<redacted> mode=ftp password="<redacted>" port=21 dst-path="RB750r2_Version.txt" upload=yes status: failed failure: FTP server said: 550 File unavailable/inaccesable Accordin...
by k6ccc
Thu Jun 01, 2023 4:50 pm
Forum: Scripting
Topic: One router can't send ftp - other can
Replies: 12
Views: 2286

Re: File locations?

Did not have time to do anything until last night, and nothing that I did would make it work. I didn't see your added / suggestion until just now, so I'll give that a try next.
.
by k6ccc
Thu Jun 01, 2023 1:51 am
Forum: Beginner Basics
Topic: Wireguard configured but not handshake [SOLVED]
Replies: 17
Views: 3250

Re: Wireguard configured but not handshake [SOLVED]

camulodunum, Apparently you posted the config in post 5 and again in post 10, but then deleted it. Why? It makes it very hard for anyone else to follow this thread. Remember, many of the people who read any particular thread are trying to learn. When critical parts of the thread are deleted, it make...
by k6ccc
Thu Jun 01, 2023 12:19 am
Forum: Beginner Basics
Topic: Android TV box dont get DHCP from hAP AX3
Replies: 13
Views: 1839

Re: Android TV box dont get DHCP from hAP AX3

Sounds strange. However without your configuration, we would be guessing. Please post your configuration. To export and paste your configuration (and I'm assuming you are using WebFig or Winbox), open a terminal window, and type (without the quotes) "/export hide-sensitive file=any-filename-you...