Community discussions

MikroTik App

Search found 1553 matches

by k6ccc
Sat Jun 15, 2024 9:10 pm
Forum: Beginner Basics
Topic: VLAN - help with setting up
Replies: 11
Views: 580

Re: VLAN - help with setting up

I didn't know that, I learn something new every day, thank you. Next time I'll be much more careful about safety, Safety is not so much the issue - although there are a few things not to make public. The far bigger issue is that trying to read a bunch of screen captures is very often hard to read a...
by k6ccc
Fri Jun 14, 2024 5:59 pm
Forum: Scripting
Topic: Check IP script died after update - maybe
Replies: 5
Views: 328

Re: Check IP script died after update - maybe

Thank you very much. Sometimes it's the obvious. I deleted the extra IP and the script worked correctly so you were right on the money. I will give your second suggestion a try. I understand exactly what it is all doing with one exception. Can you explain what the meaning or purpose of the "->0...
by k6ccc
Fri Jun 14, 2024 6:46 am
Forum: Beginner Basics
Topic: VLAN - help with setting up
Replies: 11
Views: 580

Re: VLAN - help with setting up

The VLAN should be as follows: VLAN 1 - 10.1.0.0/8 (Router and Switch / Cameras) DHCP 1 - 10.1.0.1-10.1.0.254 VLAN 2 - 10.2.0.0/8 (All connections from Switch) DHCP 2 - 10.2.0.1-10.2.0.254 VLAN 3 - 10.3.0.0/8 (Wi-Fi Devices / Mobiles) DHCP 3 - 10.3.0.1-10.3.0.254 VLAN 4 - 10.4.0.0/8 (Wi-Fi devices ...
by k6ccc
Fri Jun 14, 2024 6:38 am
Forum: Beginner Basics
Topic: VLAN - help with setting up
Replies: 11
Views: 580

Re: VLAN - help with setting up

Winbox is fine for setting up VLANs. Strongly suggest avoiding VLAN 1. Many devices treat VLAN 1 as something special (usually without telling you). Please don't post screen captures to show your configuration. Export and post your configuration. To export and paste your configuration (and I'm assum...
by k6ccc
Fri Jun 14, 2024 6:32 am
Forum: Beginner Basics
Topic: Can't Port Forward 1433
Replies: 8
Views: 390

Re: Can't Port Forward 1433

add action=accept chain=input comment=winbox dst-port=8291 protocol=tcp
You are still allowing unrestricted WinBox access from the Internet - VERY dangerous. Anav gave you a correction earlier.
by k6ccc
Fri Jun 14, 2024 1:50 am
Forum: Scripting
Topic: Check IP script died after update - maybe
Replies: 5
Views: 328

Re: Check IP script died after update - maybe

Ding! Ding! Ding!! Totally forgot that I had in fact give the WAN interface a static 192.168.100.0/24 address because that is the local management address for the ONT. Simple solution will be to remove that address... Always look to what the tech did last - or in this case two steps ago... Thank you.
by k6ccc
Thu Jun 13, 2024 6:38 pm
Forum: Scripting
Topic: Check IP script died after update - maybe
Replies: 5
Views: 328

Check IP script died after update - maybe

I have a dynamic public IP from my ISP. For years I have had a script that checks the address and sends some E-Mails if the IP has changed. Most of the script was right off the Wiki. My IP seldom changes, but when it would change, the script always worked. However it appears that when I updated the ...
by k6ccc
Wed Jun 05, 2024 7:27 am
Forum: Scripting
Topic: FTP configuration problems with CRS326
Replies: 2
Views: 234

Re: FTP configuration problems with CRS326

You are posting this in the SwitchOS section of the forum. If you are running the CRS326 on SwitchOS, there is no ftp functionality.
by k6ccc
Tue Jun 04, 2024 1:06 am
Forum: Beginner Basics
Topic: Weird routing behaviour
Replies: 3
Views: 252

Re: Weird routing behaviour

I understood your layout, I was and still am surprised that you are getting a private IP range from your ISP. However with that said, in order to troubleshoot, please export and post your configuration. Else we are guessing. To export and paste your configuration (and I'm assuming you are using WebF...
by k6ccc
Mon Jun 03, 2024 9:59 pm
Forum: Beginner Basics
Topic: Weird routing behaviour
Replies: 3
Views: 252

Re: Weird routing behaviour

Are you really getting 192.168.27.1 from your ISP?
by k6ccc
Sun May 26, 2024 7:59 pm
Forum: Beginner Basics
Topic: how to change vlan tag for tagged? [SOLVED]
Replies: 7
Views: 669

Re: how to change vlan tag for tagged? [SOLVED]

I always considered this to be the basic functionality of VLAN.
Not something normally done. What is your use case for this?
by k6ccc
Sat May 25, 2024 1:55 am
Forum: Beginner Basics
Topic: missing features with routeros 7.14 [SOLVED]
Replies: 2
Views: 549

Re: missing features with routeros 7.14 [SOLVED]

One other note since your first Screen capture was showing you using QuickSet.

Once you make ANY changes to any RouterOS device, NEVER use QuickSet every again. You may very well end up losing any changes and also in a unpredictable configuration.
by k6ccc
Fri May 24, 2024 10:58 pm
Forum: Beginner Basics
Topic: Wifi crashes as soon as traffic is generated
Replies: 6
Views: 562

Re: Wifi crashes as soon as traffic is generated

Using a BACKUP config from a different radio should not be expected to work. Backup is only to be used on the EXACT same device. Second, look at the factory firmware. You can never downgrade firmware to anything lower than the factory firmware. You would likely be better off upgrading the 7.12.1 rad...
by k6ccc
Fri May 24, 2024 5:42 pm
Forum: SwOS
Topic: Missing port from arp table ? [SOLVED]
Replies: 3
Views: 447

Re: Missing port from arp table ? [SOLVED]

Don't feel stupid. It actually would make sense to use the port number if there is no name. I put names on every port because it helps me remember stuff. Also useful on the VLANs page where the name will show up when you rest the cursor over a checkbox. Helps avoid clicking the wrong box.
by k6ccc
Fri May 24, 2024 5:08 pm
Forum: SwOS
Topic: Weird issue SwOS 2.16 on CRS312
Replies: 24
Views: 3652

Re: Weird issue SwOS 2.16 on CRS312

For whatever it's worth, My RB4011 is directly connected to two different CSS326 switches and then there is one more CSS326 in the house. All the switches have been running 2.16 since within a day or two of 2.16 coming out. No problems at all.
by k6ccc
Thu May 23, 2024 11:50 pm
Forum: SwOS
Topic: Missing port from arp table ? [SOLVED]
Replies: 3
Views: 447

Re: Missing port from arp table ? [SOLVED]

The port listed is the port name - not the port number. Do you by chance have no name listed on the "Link" page? Here is one of my CSS326 switches with SwOS 2.16 http://k6ccc.org/Mikrotik/Hosts_listing.png In the event that the image does not imbed, here is a direct link to it: http://k6cc...
by k6ccc
Thu May 23, 2024 5:47 pm
Forum: Beginner Basics
Topic: Wifi crashes as soon as traffic is generated
Replies: 6
Views: 562

Re: Wifi crashes as soon as traffic is generated

Post your configuration. Without that, we would be guessing. To export and paste your configuration (and I'm assuming you are using WebFig or Winbox), open a terminal window, and type (without the quotes) "/export hide-sensitive file=any-filename-you-wish". Then open the files section and ...
by k6ccc
Thu May 23, 2024 12:43 am
Forum: Beginner Basics
Topic: Network Infrastructure for Home
Replies: 4
Views: 568

Re: Network Infrastructure for Home

I agree with holvoetn on not using the 10GB electrical SFPs. Use fiber SFPs. As for the POE, you may be limited to what kind of POE you actually need. If it's active POE (802.3af or 802.3at) the requirements are different than if it's passive POE, and at what voltage. So you need to see what your ca...
by k6ccc
Tue May 14, 2024 7:25 pm
Forum: Beginner Basics
Topic: What does turning on VPN from quick set actualy do?
Replies: 5
Views: 481

Re: What does turning on VPN from quick set actualy do?

Also note that once you make ANY changes to the router, NEVER touch QuickSet ever again.
by k6ccc
Tue May 14, 2024 7:19 pm
Forum: Beginner Basics
Topic: Scheduler not working every day [SOLVED]
Replies: 2
Views: 5756

Re: Scheduler not working every day [SOLVED]

You are showing an interval of 00:00:00 instead of the required 1d 00:00:00. Note, you can enter that as 24:00:00 and ROS will translate that if desired.
by k6ccc
Thu May 09, 2024 1:04 am
Forum: General
Topic: serious problem with arp table!
Replies: 8
Views: 763

Re: serious problem with arp table!

Just an educated guess here. Since the clients with static IP addresses can reach the router, but DHCP clients can not, this sounds like an IP, not an arp issue. Go to one of the non working PCs and open a command prompt and execute: ipconfig /all Confirm that the computer received an IP address, an...
by k6ccc
Wed May 08, 2024 4:58 pm
Forum: Beginner Basics
Topic: How to block IP range when NATed?
Replies: 11
Views: 925

Re: How to block IP range when NATed?

I agree with the suggestion to put comments that mean something to you for each firewall rule. Makes it far easier to remember a year down the road what you were doing.
by k6ccc
Tue May 07, 2024 5:06 pm
Forum: SwOS
Topic: Features SwOS RB260GS/RB260GSP
Replies: 6
Views: 671

Re: Features SwOS RB260GS/RB260GSP

Better and easier can be quite much anti-correlated. And easier can be subjective ... e.g. I've never practically used SwOS, so I guess ROS would be easier for me :wink: And I fully admit that I'm just the opposite. I have never done switching in RouterOS. Each port on every router is a separate LA...
by k6ccc
Mon May 06, 2024 11:02 pm
Forum: SwOS
Topic: Features SwOS RB260GS/RB260GSP
Replies: 6
Views: 671

Re: Features SwOS RB260GS/RB260GSP

I think if you better must go for a CRS switch which can offer much better management features because works using RouterOS, is worth the price increase Switching is SOOOO much easier to deal with in SwitchOS... specially on few ports devices like rb260. Dont forget we are talking about sub 60 USD ...
by k6ccc
Sun May 05, 2024 11:16 pm
Forum: SwOS
Topic: Features SwOS RB260GS/RB260GSP
Replies: 6
Views: 671

Re: Features SwOS RB260GS/RB260GSP

1. Ability to change the login from the standard "admin" Would be nice, but IMHO not overly needed. 2. Ability to set a password of 32 characters or more Do you really need over a 32 character password? There does need to be a limit from a coding standpoint. At least it's not limiting to ...
by k6ccc
Fri May 03, 2024 11:13 pm
Forum: Beginner Basics
Topic: Help with denying traffic between Vlans
Replies: 2
Views: 342

Re: Help with denying traffic between Vlans

Export and post your configuration. Without that, we're guessing. To export and paste your configuration (and I'm assuming you are using WebFig or Winbox), open a terminal window, and type (without the quotes) "/export hide-sensitive file=any-filename-you-wish". Then open the files section...
by k6ccc
Fri May 03, 2024 5:07 pm
Forum: General
Topic: Migration
Replies: 1
Views: 331

Re: Migration V6 to V7

For starters, export and post the config of both routers - otherwise, we're guessing. To export and paste your configuration (and I'm assuming you are using WebFig or Winbox), open a terminal window, and type (without the quotes) "/export hide-sensitive file=any-filename-you-wish". Then op...
by k6ccc
Tue Apr 30, 2024 4:43 am
Forum: General
Topic: Advice on choosing WiFi equipment
Replies: 15
Views: 844

Re: Advice on choosing WiFi equipment

For only a 20 meter span, can you at least temporarily run a cable either overhead on a messenger cable or even in a piece of conduit laying on the ground? Optical would be preferred over copper to avoid noise / ground voltage differences / etc. Obviously not a long term solution, but would that be ...
by k6ccc
Fri Apr 26, 2024 7:27 pm
Forum: General
Topic: Get Two public IP on the same interface [SOLVED]
Replies: 23
Views: 2931

Re: Get Two public IP on the same interface [SOLVED]

In my case, originally I did it because I was running two instances of a ham radio linking system. Each had (at that time) to be on a separate pubic IP address. So one was on on LAN that used one of my public IP addresses and the other instance was on a different LAN that used one of the other publi...
by k6ccc
Fri Apr 26, 2024 6:52 pm
Forum: General
Topic: Get Two public IP on the same interface [SOLVED]
Replies: 23
Views: 2931

Re: Get Two public IP on the same interface [SOLVED]

I did exactly what you are trying to do for years. Each LAN or VLAN used a different public IP on my DSL. This was ROS 5 and early 6, so Anav's information is far more current. Very easy and worked great.
by k6ccc
Fri Apr 26, 2024 6:43 pm
Forum: Announcements
Topic: v6.49.15 [stable] is released!
Replies: 14
Views: 21091

Re: v6.49.15 [stable] is released!

Arm based devices must use v7, there is no option for them.

I don't think so...
From the Mikrotik download page, v6.49.15 is available for both ARM and ARM 64 devices.
And my RB4011iGS+RM (currently 6.49.8) shows that it is available for upgrade from the Packages page in WinBox
.
by k6ccc
Fri Apr 26, 2024 6:31 pm
Forum: Beginner Basics
Topic: Dynamic port forwarding
Replies: 6
Views: 649

Re: Dynamic port forwarding

There are many reasons for server to go down ... one is that it emits smoke. I actually had that happen once - although it was running as a server (and a server OS) it was actually a dell tower. Everything after that that was running as a server was a "real" server machine. The first of w...
by k6ccc
Wed Apr 17, 2024 6:42 pm
Forum: General
Topic: Mutliple IP on same interface
Replies: 5
Views: 417

Re: Mutliple IP on same interface

I have not played with ROS 7 yet except my old RB750Gr3 router that's sole purpose will be to provide a WireGuard VPN (have not tried that) so I can learn how to set up WireGuard.
My primary RB4011 router that does everything is still 6.49.8.

One of these days...
by k6ccc
Wed Apr 17, 2024 5:35 pm
Forum: General
Topic: Mutliple IP on same interface
Replies: 5
Views: 417

Re: Mutliple IP on same interface

It's been several years since I did this and it was ROS 6 something. My DSL gave me up to eight static IP addresses. I had each local LAN use a different public IP. As I recall, I just had to specify the Preferred source in the IP > Routes table. I don't THINK I had to do anything else - but as I sa...
by k6ccc
Mon Apr 15, 2024 8:15 pm
Forum: Beginner Basics
Topic: router to mail.hamilton.com
Replies: 9
Views: 618

Re: router to mail.hamilton.com

instead research your network neighbourhood, select a couple if NTP servers you trust and configure your router with them. Or if you really want control of it, go buy your own NTP server hardware and configure your router to use that. There are several ntp server products for not all that much mone...
by k6ccc
Mon Apr 15, 2024 8:06 pm
Forum: Beginner Basics
Topic: Locked out of HEX POE
Replies: 3
Views: 429

Re: Locked out of HEX POE

This is a good example case of why .rsc exports could be a preferred option over binary .backup for most day-to-day backup tasks Or both export and binary - each has their advantages. I have a script in each of my routers that creates new export and binary files every night and then sends those fil...
by k6ccc
Thu Apr 11, 2024 1:58 am
Forum: SwOS
Topic: How to VLAN? [SOLVED]
Replies: 7
Views: 5537

Re: How to VLAN? [SOLVED]

Can't help you on the RouterOS side as I don't use a bridge in my router. However on the SwitchOS end, in addition to what mkx said, on the trunk port on the VLAN tab, set Egress to "Add if Missing". Also, although your drawing shows VLAN 99, you do not have it defined on the VLANs tab. La...
by k6ccc
Wed Apr 10, 2024 12:48 am
Forum: Beginner Basics
Topic: Mikrotik RB4011 and a 1 Gbps Up/Down connection
Replies: 7
Views: 983

Re: Mikrotik RB4011 and a 1 Gbps Up/Down connection

How are you measuring that? I have a RB4011 as my primary router that is directly connected to my fiber ONT via a Gig-E connection. If I test with the speedtest in the router using the high speed test facility generously hosted by TomjNorthIdaho, I consistently get 975 - 990 Mb/s. If I test via my d...
by k6ccc
Mon Apr 08, 2024 5:53 pm
Forum: General
Topic: DVR does not display IP Camera
Replies: 1
Views: 278

Re: DVR does not display IP Camera

Without seeing your configuration, we are guessing. Export and post your configuration. To export and paste your configuration (and I'm assuming you are using WebFig or Winbox), open a terminal window, and type (without the quotes) "/export hide-sensitive file=any-filename-you-wish". Then ...
by k6ccc
Mon Mar 18, 2024 6:03 am
Forum: General
Topic: 24v PSU failure
Replies: 7
Views: 1947

Re: 24v PSU failure

I have not had any failures - for whatever that's worth. I'm not trying to power anything from any of my hAPs however.

Have you actually measured the current draw - as opposed to just reading specs?
by k6ccc
Sat Mar 16, 2024 2:17 am
Forum: Beginner Basics
Topic: port forwarding problem [SOLVED]
Replies: 21
Views: 4151

Re: port forwarding problem [SOLVED]

Please note when you post the config, please include your config in a code block. The code block is the 7th icon on the row of icons above the text entry box. It looks like a square with a blob in the middle. When your press that, it will produce a beginning and ending code block. Past your config t...
by k6ccc
Sun Mar 10, 2024 12:03 am
Forum: General
Topic: RB4011 VLAN traffic getting dropped
Replies: 5
Views: 883

Re: RB4011 VLAN traffic getting dropped

+1 on NOT using VLAN 1. Although the Mikrotik will handle it fine, LOTS of other devices treat VLAN 1 as something special - often unpredictably.
by k6ccc
Wed Mar 06, 2024 3:06 am
Forum: SwOS
Topic: 10G link CRS305-1G-4S+ with CSS610-8G-2S+ [SOLVED]
Replies: 7
Views: 2134

Re: 10G link CRS305-1G-4S+ with CSS610-8G-2S+ [SOLVED]

Interesting on the Chinese SFPs. I am also using non-Mikrotik 10G optical SFPs in my CSS326 switches, and they are working great - and were A LOT less expensive then the Mikrotik SFPs. It is well known that the electrical SFPs get hot. I think that the 10G optical SFPs are running cooler than the 1G...
by k6ccc
Mon Mar 04, 2024 4:15 am
Forum: Beginner Basics
Topic: WAN side switch configuration
Replies: 4
Views: 451

Re: WAN side switch configuration

but how would I restrict management to one port in switchos? Or I guess how would I limit management to a vlan in switchos? On the System tab, there is a row of checkboxes for "Allow from ports". That is the ports of the switch from which switch management is allowed. Below that is "...
by k6ccc
Sun Mar 03, 2024 11:48 pm
Forum: Beginner Basics
Topic: WAN side switch configuration
Replies: 4
Views: 451

Re: WAN side switch configuration

Confirm if you are doing this under RouterOS or SwitchOS? I ask because of your statement that if it was a router, it would be trivial. If you are using RouterOS, it would still be trivial. If you are using SwitchOS, the way I would do it is to create two VLANs. One would be your VLAN 200 Management...
by k6ccc
Sat Mar 02, 2024 2:56 am
Forum: Beginner Basics
Topic: 2 MIKROTIKs and 2 isolated LANs
Replies: 5
Views: 669

Re: 2 MIKROTIKs and 2 isolated LANs

Did you really mean that LAN B should have no access to LAN B? Did you really mean no access B to A? If I understand what you are trying to do, it is possible, but without your configurations, we would be guessing. Please post both configurations. To export and paste your configuration (and I'm assu...
by k6ccc
Thu Feb 29, 2024 5:50 am
Forum: General
Topic: Problems with assign static IP to specific mac in mikrotik
Replies: 2
Views: 370

Re: Problems with assign static IP to specific mac in mikrotik

Or reboot the client. Or disconnect the LAN cable to the client and then re-connect it. Or wait a while.

Changing the IP to static or changing that IP address on the server does NOT force an immediate IP change on the client. The IP will change next time the client requests an address.
by k6ccc
Wed Feb 28, 2024 7:09 pm
Forum: Announcements
Topic: SwOS version 2.16 released!
Replies: 48
Views: 56078

Re: SwOS version 2.16 released!

I was able to recreate the issue by just adding the management vlan, that is if I try the upgrade from vlan tagged network it will fail... That's interesting. All five of my switches are accessed via a Management VLAN that is one of the VLANs on a trunk port. All originally were 2.13 and upgraded w...
by k6ccc
Wed Feb 28, 2024 5:04 am
Forum: General
Topic: RB 4011 ports 1-5 occasionally fail after upgrade to 7.
Replies: 9
Views: 2501

Re: RB 4011 ports 1-5 occasionally fail after upgrade to 7.

Watching this thread. I am still running 6.49.8 on my RB4011iGS+, but expecting to move to ROS 7 one of these days...
by k6ccc
Mon Feb 26, 2024 11:44 pm
Forum: Beginner Basics
Topic: log files limited to 2 on my RB4011 [SOLVED]
Replies: 6
Views: 1218

Re: log files limited to 2 on my RB4011 [SOLVED]

This is copied from WinBox because in my opinion it's easier to read than an export. If you want the export version, just ask. The first part creates the backup, export and version files. Next is to send some of those files via E-Mail. Last is to use ftp to transfer the files to my file server. My s...
by k6ccc
Sat Feb 24, 2024 8:41 pm
Forum: Announcements
Topic: SwOS version 2.16 released!
Replies: 48
Views: 56078

Re: SwOS version 2.16 released!

As a followup, I upgraded all three CSS326-24G-2S switches from 2.13 to 2.16 about 14 hours ago and the upgrades went smooth and no issues seen since. I am holding off on updating the CRS326-24G-2S for a while because it's at a remote radio site that I can't physically get to because I recently had ...
by k6ccc
Fri Feb 23, 2024 11:36 pm
Forum: Beginner Basics
Topic: DHCP Starting IP from 192.168.88.2
Replies: 13
Views: 1649

Re: DHCP Starting IP from 192.168.88.2

My RB4011 with a small DHCP pool (10 or 20 IPs) for each LAN and a large number of static reservations, assigns from the top of the pool (on the rare occasions that an unknown device connects). All regularly known devices have static reservations.
by k6ccc
Fri Feb 23, 2024 11:07 pm
Forum: Announcements
Topic: SwOS version 2.16 released!
Replies: 48
Views: 56078

Re: SwOS version 2.16 released!

Upgraded my CSS106-5G-1S and CSS106-1G-4P-1S without issue. Both are fairly non-critical. I will wait a while and then update the three CSS326-24G-2S+ and the CRS326-24G-2S+.
by k6ccc
Tue Jan 30, 2024 12:47 am
Forum: General
Topic: Can't reach site hosted on the same AS
Replies: 4
Views: 428

Re: Can't reach site hosted on the same AS

You need a HairPin NAT.
https://help.mikrotik.com/docs/display/ROS/NAT (about a quarter of the way down the page)

Edit: I misread the question (that's what I get for doing it FAST), so this answer is not likely what you need... sorry.
by k6ccc
Tue Jan 30, 2024 12:45 am
Forum: General
Topic: Allow remote-logging input on ROS [SOLVED]
Replies: 12
Views: 1575

Re: Allow remote-logging input on ROS [SOLVED]

If I get what you're asking, it doesn't. You need something that will function as a Syslog Server. Lots of them available from very simple to very complex.
by k6ccc
Tue Jan 30, 2024 12:35 am
Forum: SwOS
Topic: SwOS lite 2.17 - Violation of broadcast domain isolation with DHCP Option-82 "Add Information Option" [SOLVED]
Replies: 2
Views: 5294

Re: SwOS lite 2.17 - violation of broadcast domain isolation? [SOLVED]

Post a screen capture of the VLAN and VLANs tabs on the switch.
by k6ccc
Sun Jan 28, 2024 1:41 am
Forum: Beginner Basics
Topic: VLAN question
Replies: 12
Views: 1553

Re: VLAN question

In one of untagged ports I have switch (just bridge over all ports, nothing else). Do I need to setup vlan also on this switch, or it will work, since port is untagged? It does not work in my case, but I want to know theory first, to be able to better find cause (wrong router configuration or switc...
by k6ccc
Fri Jan 26, 2024 5:50 pm
Forum: Beginner Basics
Topic: log files limited to 2 on my RB4011 [SOLVED]
Replies: 6
Views: 1218

Re: log files limited to 2 on my RB4011 [SOLVED]

I agree with Jotne. In my case, every night, I have a script that ftp the log files to my file server (along with the config export and backup files).
One of these days I will work on Splunk...
by k6ccc
Tue Jan 16, 2024 4:46 pm
Forum: Beginner Basics
Topic: Wifi Extender setup on boat
Replies: 3
Views: 654

Re: Wifi Extender setup on boat

It's a simple manner to change the IP range on the Mikrotik so there is no conflict. As gigabyte091 said, please post your configurations. Since you are new, I will tell you how to do that. To export and paste your configuration (and I'm assuming you are using WebFig or Winbox), open a terminal wind...
by k6ccc
Tue Jan 16, 2024 12:55 am
Forum: General
Topic: User poll about using Winbox
Replies: 106
Views: 96869

Re: User poll about using Winbox

1) Once in a while - usually just use <Own>
2) Loads a saved layout after Winox connects.
3) No opinion
4) It's OK.
5) Nothing yet.
by k6ccc
Sun Jan 14, 2024 1:49 am
Forum: Beginner Basics
Topic: Which dstIP to use in f/w rule for dstNAT packet? [SOLVED]
Replies: 6
Views: 1210

Re: Which dstIP to use in f/w rule for dstNAT packet? [SOLVED]

Thanks mkx. Although I have seen that before, I figured it was a good one to bookmark.
by k6ccc
Fri Jan 12, 2024 4:49 pm
Forum: Beginner Basics
Topic: Issue getting IP Address
Replies: 3
Views: 781

Re: Issue getting IP Address

To export and paste your configuration (and I'm assuming you are using WebFig or Winbox), open a terminal window, and type (without the quotes) "/export hide-sensitive file=any-filename-you-wish". Then open the files section and right click on the filename you created and select download i...
by k6ccc
Fri Jan 05, 2024 6:52 pm
Forum: Beginner Basics
Topic: Home web address goes to router.
Replies: 2
Views: 1088

Re: Home web address goes to router.

The Hairpin is used so that you can access the server from your local LAN using the public IP address or URL. To get port 80 to forward to the server you need a Destination NAT add action=dst-nat chain=dstnat comment="Web Server on Jupiter." \ dst-port=80 in-interface=E10_Fiber_Internet pr...
by k6ccc
Fri Jan 05, 2024 5:09 am
Forum: Beginner Basics
Topic: forward not mark
Replies: 17
Views: 1976

Re: forward not mark

You gave us almost no information to go on. Start off by exporting and posting your config. To export and paste your configuration (and I'm assuming you are using WebFig or Winbox), open a terminal window, and type (without the quotes) "/export hide-sensitive file=any-filename-you-wish". T...
by k6ccc
Fri Dec 29, 2023 5:38 pm
Forum: General
Topic: Firewall
Replies: 3
Views: 678

Re: Firewall

The rule as shown is in the Input chain. Needs to be in the Forward chain.
by k6ccc
Wed Dec 27, 2023 4:50 pm
Forum: General
Topic: Port knocking in random order
Replies: 10
Views: 1458

Re: Port knocking in random order

One could easily replace the port knocking with my cell phone connecting to wireguard ( logged ) and script uses that for WOL. :-) Food for thought. Assuming you has already thought of that but its not so easy maybe.... Not with S6. Although my two "secondary purpose" routers are 7.13, th...
by k6ccc
Wed Dec 27, 2023 4:23 pm
Forum: General
Topic: IP Firewall/NAT Input and Output Chain
Replies: 16
Views: 1921

Re: IP Firewall/NAT Input and Output Chain

@k6ccc

we know the theory behind of input/output give us e.g. for that, so we can see it
Read post #2. I gave examples of each.
by k6ccc
Wed Dec 27, 2023 8:08 am
Forum: General
Topic: Port knocking in random order
Replies: 10
Views: 1458

Re: Port knocking in random order

How does a port knocking affect a wake on LAN for PCs....... not sure how I see that would work. The port knock completion writes an entry in the log. A script checks for that log entry every minute. When it sees the correct text in the log, it executes the WOL. Took a while to come up with that on...
by k6ccc
Wed Dec 27, 2023 2:36 am
Forum: General
Topic: Port knocking in random order
Replies: 10
Views: 1458

Re: Port knocking in random order

what is the right number of ports 3,456?? The answer to that likely depends on how import that security is. I have several port knock sequences that vary from 2 step to 6 step. Some of them are pretty low importance - for example, two of them trigger a Wake On LAN in order to boot up one of two com...
by k6ccc
Tue Dec 26, 2023 7:50 pm
Forum: General
Topic: Winbox is deleting my Addresses
Replies: 1
Views: 417

Re: Winbox is deleting my Addresses

Let's start off with what router, what router software version, and confirm you mean in IP > Addresses? If that is the case, no - never seen that problem. Are the addresses in question static or dynamically assigned? If we get very far, you will need to post your configuration, so to avoid the rush,...
by k6ccc
Tue Dec 26, 2023 6:55 pm
Forum: General
Topic: IP Firewall/NAT Input and Output Chain
Replies: 16
Views: 1921

Re: IP Firewall/NAT Input and Output Chain

If you don't need anything pacific you can just use action, input , accept to allow everything. Actually, at the end of any chain in the router, there is an implied accept. In other words, if there are no rules in a chain, that chain will accept every packet. One general rule of thumb is to specify...
by k6ccc
Tue Dec 26, 2023 6:37 pm
Forum: General
Topic: IP Firewall/NAT Input and Output Chain
Replies: 16
Views: 1921

Re: IP Firewall/NAT Input and Output Chain

The common three chains are: Input: Packets that are destined to the router itself. For example your packets to a Winbox or terminal session; or someone pinging you. Output: Packets that originate from the router itself. For example the packets that Winbox generates back to you; or responses to the ...
by k6ccc
Tue Dec 26, 2023 6:21 pm
Forum: Beginner Basics
Topic: How to block specific Youtube url ?
Replies: 5
Views: 1155

Re: How to block specific Youtube url ?

No. Not happening.
by k6ccc
Mon Dec 18, 2023 2:54 am
Forum: SwOS
Topic: How to add a VLAN tag on the WAN egress, RB260GS
Replies: 4
Views: 3287

Re: How to add a VLAN tag on the WAN egress, RB260GS

Make sure that the laptop that can't be pinged has it's Windows Firewall set to allow ICMP traffic. Default is to not allow ICMP traffic.
by k6ccc
Sun Dec 17, 2023 8:27 pm
Forum: SwOS
Topic: How to add a VLAN tag on the WAN egress, RB260GS
Replies: 4
Views: 3287

Re: How to add a VLAN tag on the WAN egress, RB260GS

Agree with mkx. Here are the VLAN and VLANs tabs for one of my CSS106-5G-1S (RB260GS) switches. Note that I do not use Optional, but rather "Strict" on the VLAN mode and "Only tagged" or "Only Untagged" on the VLAN Receive mode - UNLESS it is a Hybrid port (as the two O...
by k6ccc
Fri Dec 15, 2023 11:55 pm
Forum: Beginner Basics
Topic: Help with running a script... [SOLVED]
Replies: 20
Views: 4147

Re: Help with running a script... [SOLVED]

But speaking of rebooting, is it a good practice to reboot the router periodically, say, once a week?
You should not need to. The only time I reboot any of mine is when they get a firmware update. I just looked, my primary home router has an uptime of 159 days 16 hours.
by k6ccc
Fri Dec 15, 2023 12:58 am
Forum: General
Topic: FTP client blocked
Replies: 5
Views: 2129

Re: FTP client blocked

Yes, that is better. The original problem is that your NAT rule was forwarding ALL port 21 traffic to your own FTP server. Kind of a problem when you were trying to reach some external FTP server.
by k6ccc
Fri Dec 15, 2023 12:24 am
Forum: Beginner Basics
Topic: Noob needs help...
Replies: 8
Views: 1698

Re: Noob needs help...

Lots of devices (not just Mikrotik) do strange things with VLAN 1. Best to NEVER use VLAN 1 unless you have a specific use case that requires it (I do). That's worth knowing. What kind of strange things? Treat it as a management VLAN (often without telling you that). Treat it as a VLAN that you hav...
by k6ccc
Thu Dec 14, 2023 2:59 am
Forum: Beginner Basics
Topic: Help with running a script... [SOLVED]
Replies: 20
Views: 4147

Re: Help with running a script... [SOLVED]

I will be the first person to tell you that I am terrible a RouterOS scripts. Most of the ones I have originated from someone elses script that I modified a bit to meet my purposes. However when I have needed to troubleshoot a script, a couple things that can help. Start by adding a bunch of info lo...
by k6ccc
Thu Dec 14, 2023 2:51 am
Forum: Beginner Basics
Topic: Firewall filter rules - performance impact
Replies: 8
Views: 1664

Re: Firewall filter rules - performance impact

Not number of filters themselves would account for resource hunger, but their "weight" - amount of parameters to check inside each As I understand it, that is a very good summary. Personally I use a number of jumps to some other chain. For example I have four Raspberry Pis that each can b...
by k6ccc
Thu Dec 14, 2023 2:39 am
Forum: Beginner Basics
Topic: Noob needs help...
Replies: 8
Views: 1698

Re: Noob needs help...

Lots of devices (not just Mikrotik) do strange things with VLAN 1. Best to NEVER use VLAN 1 unless you have a specific use case that requires it (I do).
by k6ccc
Thu Dec 14, 2023 2:33 am
Forum: SwOS
Topic: SwOS on CRS309-1G-8S+
Replies: 1
Views: 2010

Re: SwOS on CRS309-1G-8S+

Go into your browser and set an exemption to allow non-secured access on the IP for your switch.
by k6ccc
Mon Dec 11, 2023 2:15 am
Forum: SwOS
Topic: Host learned on Trunk port instead of physical one
Replies: 4
Views: 3007

Re: Host learned on Trunk port instead of physical one

Let me do this in my best Rod Serling voice: Little did you know that you were living in the Twilight Zone....
by k6ccc
Sat Dec 09, 2023 12:41 am
Forum: General
Topic: interface is slave
Replies: 5
Views: 8809

Re: interface is slave

The port is a slave because it is a member of the Bridge. To make it not a slave (of the Bridge), remove the port from the Bridge.
by k6ccc
Thu Dec 07, 2023 8:18 pm
Forum: General
Topic: switch filter: can a single rule be used for the same TCP and UDP dst-port?
Replies: 7
Views: 1841

Re: switch filter: can a single rule be used for the same TCP and UDP dst-port?

Noted. I don't do anything in switching or bridging in any of my routers - just routing. All switch function is done in separate switches.
by k6ccc
Thu Dec 07, 2023 7:55 pm
Forum: General
Topic: switch filter: can a single rule be used for the same TCP and UDP dst-port?
Replies: 7
Views: 1841

Re: switch filter: can a single rule be used for the same TCP and UDP dst-port?

Said in another way: if I need to block port X for both TCP and UDP, I need to use two rules or can I simply use one rule without specifying the protocol? Yes, you need to specify the protocol for each. However, as a general rule of thumb, a better way to set up your firewall rules is to explicitly...
by k6ccc
Wed Dec 06, 2023 4:41 pm
Forum: Beginner Basics
Topic: Turned off NAT, now can't get into WebFig
Replies: 13
Views: 2194

Re: Turned off NAT, now can't get into WebFig

Can you explain what you mean by "Make sure your computer has an IP address on that network"?
I mean, make sure your computer has an IP in the 192.168.88.0/24 address range.
by k6ccc
Wed Dec 06, 2023 1:51 am
Forum: Beginner Basics
Topic: Turned off NAT, now can't get into WebFig
Replies: 13
Views: 2194

Re: Turned off NAT, now can't get into WebFig

First of all, once the router is set up, NEVER EVER use Quick Setup again. Most likely the router is back to the default IP address of 192.168.88.1. Make sure your computer has an IP address on that network. You mentioned double NAT. Sounds like there is other devices involved. Please describe your ...
by k6ccc
Tue Dec 05, 2023 6:55 am
Forum: SwOS
Topic: Host learned on Trunk port instead of physical one
Replies: 4
Views: 3007

Re: Host learned on Trunk port instead of physical one

Never seen that one...
I don't normally have a LAG on any of my CSS326 switches, but when I have had one, the connected devices correctly showed up in the hosts table on the correct ports.
What version of SwitchOS?
by k6ccc
Wed Nov 29, 2023 6:40 pm
Forum: Beginner Basics
Topic: Beginner setup opinion
Replies: 2
Views: 1233

Re: Beginner setup opinion

How many devices?
any special capabilities needed.
by k6ccc
Wed Nov 29, 2023 6:38 pm
Forum: Beginner Basics
Topic: one ip range for lan, other for wifi
Replies: 18
Views: 2983

Re: one ip range for lan, other for wifi

Too busy to look in detail. Maybe someone else can give some insight.
by k6ccc
Wed Nov 29, 2023 8:09 am
Forum: General
Topic: How can Mikrotik/RouterOS send emails using Gmail?
Replies: 12
Views: 3707

Re: How can Mikrotik/RouterOS send emails using Gmail?

Just FYI, the code examples I gave earlier are from a router running 6.49.10.
by k6ccc
Tue Nov 28, 2023 8:33 pm
Forum: General
Topic: How can Mikrotik/RouterOS send emails using Gmail?
Replies: 12
Views: 3707

Re: How can Mikrotik/RouterOS send emails using Gmail?

Another doubt. In addition to the ".backup" file, can you email an encrypted ".rsc" export file? I E-Mail a backup, Export and a Version text file every night. I addition messages extracted from the log when someone logs in or out, or a port knock sequence completes. Additionall...
by k6ccc
Tue Nov 28, 2023 5:56 pm
Forum: SwOS
Topic: Which VLAN setup guide is correct?
Replies: 9
Views: 2851

Re: Which VLAN setup guide is correct?

OK, I took a quick look at the two Mikrotik references. My guess was correct, one is for the older RB260 and the other is the newer RB260 (aka CSS106-5G-1S).
by k6ccc
Tue Nov 28, 2023 5:46 pm
Forum: SwOS
Topic: Which VLAN setup guide is correct?
Replies: 9
Views: 2851

Re: Which VLAN setup guide is correct?

I have not looked at your collection of links in the first post (not taken the time), but I have several RB260 switches using a SFP as a trunk port. Is this on one of the "old" RB260s that are limited to SwitchOS 1.x or one of the "new" ones also known as a CSS106-5G-1S that uses...
by k6ccc
Tue Nov 28, 2023 4:42 pm
Forum: Beginner Basics
Topic: one ip range for lan, other for wifi
Replies: 18
Views: 2983

Re: one ip range for lan, other for wifi

Post your configuration. To export and paste your configuration (and I'm assuming you are using WebFig or Winbox), open a terminal window, and type (without the quotes) "/export hide-sensitive file=any-filename-you-wish". Then open the files section and right click on the filename you crea...
by k6ccc
Tue Nov 28, 2023 12:50 pm
Forum: Beginner Basics
Topic: one ip range for lan, other for wifi
Replies: 18
Views: 2983

Re: one ip range for lan, other for wifi

Subnet mask most likely should be 255.255.255.0 - or if you prefer /24. See Networks tab.
by k6ccc
Mon Nov 27, 2023 8:43 pm
Forum: Beginner Basics
Topic: one ip range for lan, other for wifi
Replies: 18
Views: 2983

Re: one ip range for lan, other for wifi

Posting screen captures or WebFig or WinBox is a DREADFUL way of showing configurations. Learn how to at lest basicly read and enter commands. However here it is in WinBox (very similar to WebFig)
Image
by k6ccc
Mon Nov 27, 2023 8:17 pm
Forum: General
Topic: How can Mikrotik/RouterOS send emails using Gmail?
Replies: 12
Views: 3707

Re: How can Mikrotik/RouterOS send emails using Gmail?

Each of my routers sends multiple E-Mails per day via G-Mail. Here is my E-mail setup: /tool e-mail set address=smtp.gmail.com from="RB4011iGS+ Router" password=mypasswordhere \ port=587 start-tls=yes user=userid@gmail.com And here is an extract from a script that uses the E-Mail to send a...
by k6ccc
Mon Nov 27, 2023 8:01 pm
Forum: Beginner Basics
Topic: one ip range for lan, other for wifi
Replies: 18
Views: 2983

Re: one ip range for lan, other for wifi

Add a new IP Pool and assign that new pool to the new DHCP server. For example here are two of my networks. .101 has a physical interface on the router, whereas the .102 is on a VLAN out of the router. /ip pool add name=".101 DHCP pool" ranges=192.168.101.201-192.168.101.219 add name="...
by k6ccc
Mon Nov 27, 2023 8:31 am
Forum: General
Topic: Winbox export whitespace bug
Replies: 8
Views: 2768

Re: Winbox export whitespace bug

@helipos Are you talking about what I circled in red?

Image

If that's he case, note that every command that is longer than one line has everything except the first line indented 4 characters. Makes it a hell of a lot easier to read.
by k6ccc
Sun Nov 26, 2023 11:12 pm
Forum: Beginner Basics
Topic: Firewall doesn't work properly.
Replies: 14
Views: 1962

Re: Firewall doesn't work properly.

On the VLAN tab in SwitchOS, here is the way I do it for VLAN tagged trunks (assuming no need for untagged traffic). VLAN mode = Strict, VLAN Receive = Tagged only, and Default VLAN ID = some unused number ( I normally use 970 + the port number ). If the port needs to also have untagged traffic, the...
by k6ccc
Tue Nov 21, 2023 9:08 pm
Forum: General
Topic: Questions about (basic) firewall
Replies: 9
Views: 2141

Re: Questions about (basic) firewall

Re #2. I end ALL chains with a drop everything rule. The one before it is not needed.
by k6ccc
Fri Nov 17, 2023 10:53 pm
Forum: SwOS
Topic: CenturyLink/Quantum VLAN 201 not forwarding on CSS610
Replies: 4
Views: 2272

Re: CenturyLink/Quantum VLAN 201 not forwarding on CSS610

I don't see any major issues with your configuration. I do have an old recollection about LAGs having issues in some situations with VLANs. As a test, drop one of the connections in the LACP and see if that changes anything - you may need to remove the LACP, not just kill one of the ports.
.
by k6ccc
Fri Nov 17, 2023 8:56 pm
Forum: General
Topic: Small Feature request
Replies: 2
Views: 883

Re: Small Feature request

Let me make sure I understand your problem. You have a router that has multiple IP addresses, The router NTP client is sending NTP requests either from some address that does not belong to the router or more likely from the wrong address based on what interface the packet is going out on. I just loo...
by k6ccc
Fri Nov 17, 2023 7:38 pm
Forum: SwOS
Topic: CenturyLink/Quantum VLAN 201 not forwarding on CSS610
Replies: 4
Views: 2272

Re: CenturyLink/Quantum VLAN 201 not forwarding on CSS610

Confirming that the ONT is expecting that all traffic between it and whatever connected device is VLAN tagged with VLAN 201. Also confirm that the VLAN 200 is simply a dummy number that does not exist anywhere (except SwitchOS requires you to put SOMETHING there). I do that on ports that are VLAN tr...
by k6ccc
Thu Nov 09, 2023 11:20 pm
Forum: General
Topic: Is mikrotik update site working ? [SOLVED]
Replies: 5
Views: 1111

Re: Is mikrotik update site working ? [SOLVED]

One more note. I just checked on my RB750Gr3 and it updated from 6.49.8 to 7.12
So, yes, the update site is working...
by k6ccc
Thu Nov 09, 2023 11:06 pm
Forum: General
Topic: What is going on with Mikrotik?
Replies: 10
Views: 2072

Re: What is going on with Mikrotik?

Agreed. Mikrotik wireless is not their strong suit. Routers and to a slightly less extent switches is where they shine.
Personally I have a bunch of Mikrotik routers and switches at home, but the WiFi is Meraki.
by k6ccc
Thu Nov 09, 2023 10:59 pm
Forum: General
Topic: Is mikrotik update site working ? [SOLVED]
Replies: 5
Views: 1111

Re: Is mikrotik update site working ? [SOLVED]

In response to your query, I happen to be connected to one of my routers (an RB750r2), so I did a check for updates. It immediately found that that there was an update (stable channel) from 6.49.8 to 6.49.10. The router was able to download the update just fine.
by k6ccc
Wed Nov 08, 2023 8:38 pm
Forum: Beginner Basics
Topic: Weird routing behavior with another CIDR
Replies: 4
Views: 1057

Re: Weird routing behavior with another CIDR

Does the Client 2 computer know that 192.168.10.2 is it's gateway?
by k6ccc
Wed Nov 08, 2023 4:43 pm
Forum: SwOS
Topic: Router's wan and lan link to same switch via vlan, but packets get lost. [SOLVED]
Replies: 4
Views: 5742

Re: Router's wan and lan link to same switch via vlan, but packets get lost. [SOLVED]

I found that css610 does not supports "independent vlan learning", so when router connect wan an lan to the same switch, there are two ports using same mac address.Eventhough they are in separated vlans, but sharing the same table which leads the communication issues. I changed the ax6000...
by k6ccc
Wed Nov 08, 2023 1:53 am
Forum: Beginner Basics
Topic: Attempting to configure routeros
Replies: 5
Views: 1085

Re: Attempting to configure routeros

What device and RouterOS version to start with?
by k6ccc
Tue Nov 07, 2023 12:33 am
Forum: General
Topic: Possibly weird behavior?
Replies: 2
Views: 665

Re: Possibly weird behavior?

Also, find your Shift key and give it some love. It's lonely.
Love it!
by k6ccc
Mon Nov 06, 2023 11:04 pm
Forum: Beginner Basics
Topic: Routing between 2 Devices
Replies: 15
Views: 1840

Re: Routing between 2 Devices

Your first drawing and posted configuration do not match (IP addresses). Getting one to work should be very simple. As long as the PC knows that the router is it's gateway, it will just work. Remember, it's a router - it routes unless you tell it not to. Getting three devices with the same IP to wor...
by k6ccc
Mon Nov 06, 2023 6:38 pm
Forum: SwOS
Topic: Router's wan and lan link to same switch via vlan, but packets get lost. [SOLVED]
Replies: 4
Views: 5742

Re: Router's wan and lan link to same switch via vlan, but packets get lost. [SOLVED]

I am doing similar at home. All ports on the router connect to different VLANs on the same switch. Works fine. Couple comments. First is I HIGHLY recommend NOT using VLAN 1. Although SwitchOS has no issues with it, a lot of devices treat VLAN 1 as "special". Often with undocumented or poor...
by k6ccc
Mon Nov 06, 2023 6:14 pm
Forum: SwOS
Topic: Get DHCP IP via trunk port
Replies: 2
Views: 2124

Re: Get DHCP IP via trunk port

I don't recall that you can. I have always set static IPs on network elements.
by k6ccc
Mon Nov 06, 2023 5:58 am
Forum: General
Topic: Unable to Ping Gateway
Replies: 3
Views: 2764

Re: Unable to Ping Gateway

Post your config. Otherwise we are just guessing. To export and paste your configuration (and I'm assuming you are using WebFig or Winbox), open a terminal window, and type (without the quotes) "/export hide-sensitive file=any-filename-you-wish". Then open the files section and right click...
by k6ccc
Mon Nov 06, 2023 5:51 am
Forum: Beginner Basics
Topic: Bug/Improvement suggestion - Lost connection to Winbox
Replies: 11
Views: 1967

Re: Bug/Improvement suggestion - Lost connection to Winbox

Agreed. QuickSet should never be used on anything except a brand new device and once touched, never used again.
by k6ccc
Fri Nov 03, 2023 5:00 pm
Forum: Beginner Basics
Topic: Simple VLAN / AP setup question has me stumped
Replies: 16
Views: 2133

Re: Simple VLAN / AP setup question has me stumped

I don't do any WiFi on Mikrotik, so not much help there, but as a general rule of thumb avoid using VLAN 1 unless absolutely required. Too many devices treat VLAN 1 as "special" and often don't behave as you might expect.
by k6ccc
Tue Oct 31, 2023 4:18 pm
Forum: General
Topic: Static routing does not work without NAT
Replies: 7
Views: 1341

Re: Static routing does not work without NAT

Yes, because 217.147.160.48/28 is an internal subnet with 217.147.160.63 being a broadcast address. Why would you be using a public address range for your internal subnet? Far better to use one of the private lan spaces: Class A: 10.0. 0.0 to 10.255. 255.255. Class B: 172.16. 0.0 to 172.31. 255.255...
by k6ccc
Mon Oct 30, 2023 7:14 pm
Forum: General
Topic: /tools/graphing totally unreliable
Replies: 3
Views: 856

Re: /tools/graphing totally unreliable

On Saturday, I rebooted my RB5009 after months of continuous usage - and now all my graphing data is gone :-(
I can't get it - why is this happening?
As I recall, the usage data is all in volatile storage. So it is lost on reboot - as you observed.
by k6ccc
Mon Oct 30, 2023 7:09 pm
Forum: Beginner Basics
Topic: Would VLANS be the right approach here
Replies: 4
Views: 1060

Re: Would VLANS be the right approach here

Yes, VLANs are a very good solution to what you are trying to do. I am doing exactly the same at home. VLAN 201 - 192.168.201.0/24 "Normal" home LAN. Wired devices only. VLAN 202 - 192.168.202.0.24 Guest WiFi. Internet access only. VLAN 203 - 192.168.203.0.24 "Private" WiFi. Know...
by k6ccc
Mon Oct 30, 2023 6:52 pm
Forum: SwOS
Topic: WAN on switch
Replies: 7
Views: 4637

Re: WAN on switch

What is the point of the switch - as opposed to just running the ISP connection into the router? Now, I am doing something similar however. My router (RB4011) is in my garage data cabinet. My fiber ISP drops into the garage data cabinet and there is a Ethernet connection directly from the ONT into t...
by k6ccc
Sun Oct 29, 2023 6:26 pm
Forum: SwOS
Topic: Which Switch?
Replies: 1
Views: 2210

Re: Which Switch?

Can a switch running Router OS be used as an L2 Switch and what is the difference between SwitchOS and SwitchOS Lite? On he first part, yes. That what a Bridge in RouterOS does (simple answer) For the second part, some of the hardware uses SwitchOS and some uses the lite version. Can't be mixed. Sw...
by k6ccc
Sat Oct 28, 2023 12:02 am
Forum: Beginner Basics
Topic: Code example
Replies: 6
Views: 1389

Re: Code example

Interesting concept. I use WinBox almost exclusively for configuration of my routers. On more than one occasion, I have looked at my daily exports in order to figure out the CLI structure for some change that I did the day before (the router creates backup and export files every night).
by k6ccc
Fri Oct 27, 2023 6:22 pm
Forum: SwOS
Topic: CSS326 Hosts disappear and missing after VLAN config
Replies: 3
Views: 2685

Re: CSS326 Hosts disappear and missing after VLAN config

I had missed that you have IVL turned on. That's another one of those to leave off unless you really understand what it does. Glad you caught it. Not really sure why IVL would have caused what you were seeing however...
by k6ccc
Thu Oct 26, 2023 11:31 pm
Forum: SwOS
Topic: CSS326 Hosts disappear and missing after VLAN config
Replies: 3
Views: 2685

Re: CSS326 Hosts disappear and missing after VLAN config

What version of SwitchOS? I can tell you that it's not likely a SwitchOS bug - the hosts tab works fine for me with lots of VLANs. Your config looks OK, except on the VLANs tab I would turn off Port Isolation unless you really understand what that does ON THAT TAB. Normally in my case on untagged po...
by k6ccc
Wed Oct 25, 2023 5:15 pm
Forum: General
Topic: Simple Web Server to Host Simple Files [SOLVED]
Replies: 15
Views: 5459

Re: Simple Web Server to Host Simple Files [SOLVED]

You can also add a simple web server on a computer (your preferred flavor of OS), or even a RaspBerry Pi on the LAN and port forward via NAT so it can be reached from the Internet.
by k6ccc
Wed Oct 25, 2023 1:58 am
Forum: General
Topic: Mysterious connections from Internet to LAN [SOLVED]
Replies: 11
Views: 1911

Re: Mysterious connections from Internet to LAN [SOLVED]

Hey @k6ccc, stop talking BS. All information was already given, you just lack to read it.
Apply some logic instead of brute-force idiocy.
Only in your mind. Damn near no useful information was given.

I'm done with you.
by k6ccc
Wed Oct 25, 2023 1:43 am
Forum: General
Topic: Mysterious connections from Internet to LAN [SOLVED]
Replies: 11
Views: 1911

Re: Mysterious connections from Internet to LAN [SOLVED]

And a tiny piece of information leaks out - that there is an upstream router. We're not mind readers. We can only go on the information that YOU supply. We still don't know what kind of router you have, what version of RouterOS you are using, or any network layout (other than now there is a FritzBox...
by k6ccc
Wed Oct 25, 2023 12:14 am
Forum: General
Topic: Mysterious connections from Internet to LAN [SOLVED]
Replies: 11
Views: 1911

Re: Mysterious connections from Internet to LAN [SOLVED]

Yes, it could be something starting from a device on your LAN. However until you post your configuration, we are only guessing.
by k6ccc
Tue Oct 24, 2023 11:21 pm
Forum: General
Topic: Mysterious connections from Internet to LAN [SOLVED]
Replies: 11
Views: 1911

Re: Mysterious connections from Internet to LAN [SOLVED]

First guess is that you have something you don't think you have. Export your config and post it. To export and paste your configuration (and I'm assuming you are using WebFig or Winbox), open a terminal window, and type (without the quotes) "/export hide-sensitive file=any-filename-you-wish&quo...
by k6ccc
Tue Oct 24, 2023 11:02 pm
Forum: SwOS
Topic: RB2011iL Bridge problem
Replies: 1
Views: 2326

Re: RB2011iL Bridge problem

You did not specify, but from your description, it sounds like you are using RouterOS - not SwitchOS. You would do better to post this in the General or Beginner Basics sections of this forum. This section of the forum is specifically intended for SwitchOS use. Far better chance that someone will an...
by k6ccc
Tue Oct 24, 2023 10:58 pm
Forum: SwOS
Topic: SwOS temperate peaks at 78 degrees at peak.
Replies: 2
Views: 2386

Re: SwOS temperate peaks at 78 degrees at peak.

If that's a non-air conditioned room, that is pretty normal. I just looked at mine (same switch type) and they vary from about 50 (in an air conditioned data cabinet) up to 72 (in my not air conditioned family room - currently 27C). Also varies a little depending on what SFPs you have plugged in. Th...
by k6ccc
Sun Oct 22, 2023 1:04 am
Forum: SwOS
Topic: SwOS help for a trunk port
Replies: 17
Views: 4724

Re: SwOS help for a trunk port

Glad you got ti working. I have been using SwitchOS for years and every switch has VLAN trunks (between switches or between a router and a switch), and most also have hybrid ports for my managed WiFi access points that use untagged traffic for management and different VLANs for each WiFi SSID. Any o...
by k6ccc
Thu Oct 19, 2023 11:36 pm
Forum: SwOS
Topic: SwOS help for a trunk port
Replies: 17
Views: 4724

Re: SwOS help for a trunk port

Can you post the System tab. The secret to why you get locked out is likely there. Get the lockout issue resolved BEFORE you do the rest or else you will likely get locked out again. On the VLAN tab, I would change all the untagged ports to either disabled or strict and set them to untagged only. On...
by k6ccc
Thu Oct 19, 2023 5:18 am
Forum: General
Topic: nRay affected by Rain
Replies: 2
Views: 688

Re: nRay affected by Rain

60 GHz is highly affected by rain. Can you split the path into two shorter paths?
by k6ccc
Wed Oct 18, 2023 6:00 am
Forum: SwOS
Topic: SwOS help for a trunk port
Replies: 17
Views: 4724

Re: SwOS help for a trunk port

Your network drawing and screen captures look fine. The only thing I would do different is uncheck "Port Isolation" on all ports - unless you really understand what that does on that page.
by k6ccc
Sat Oct 14, 2023 7:43 am
Forum: Beginner Basics
Topic: DNS usage in url
Replies: 4
Views: 1401

Re: DNS usage in url

A lot more information please. Are you trying to access from an internal LAN, or the Internet? Is xyz.xyz.com.pl your domain? What router and software version? You will likely need to post your configuration To export and paste your configuration (and I'm assuming you are using WebFig or Winbox), op...
by k6ccc
Mon Oct 09, 2023 4:23 am
Forum: SwOS
Topic: Why does SwOS exist?
Replies: 7
Views: 3879

Re: Why does SwOS exist?

For switches, I MUCH Prefer SwitchOS. The cost difference has essentially nothing to do with my purchase decision.
by k6ccc
Tue Oct 03, 2023 1:16 am
Forum: Beginner Basics
Topic: Need help for port forward
Replies: 10
Views: 9447

Re: Need help for port forward

you can consider to use the passthrough so that the LHG is used only as modem and the public IP is assigned directly to the WAN interface of the HEX. In this way you avoid double NAT. Great idea. I don't use Mikrotik RF devices at all, so did not know they could do that. Learn something new every d...
by k6ccc
Sun Oct 01, 2023 10:53 pm
Forum: Beginner Basics
Topic: Need help for port forward
Replies: 10
Views: 9447

Re: Need help for port forward

Just to make sure I am clear on the concept, you have two routers involved. First is your microwave radio LHG and then that is feeding the RB750. That means your NAT needs to be NATTed in both routers. Instead of screen captures (which only give partial information, please export your configuration ...
by k6ccc
Sat Sep 30, 2023 8:54 pm
Forum: SwOS
Topic: lost access to switchos
Replies: 3
Views: 2634

Re: lost access to switchos

It's easy to do - done it myself. I generally leave the management pretty unrestricted until I have a switch completely set up and the save a backup to the PC before restricting access. That way if I mess it up and lock myself out, there is a backup from just before I locked myself out. Generally re...
by k6ccc
Sat Sep 30, 2023 8:09 pm
Forum: SwOS
Topic: [Feature request] human readable full configuration export from SwOS
Replies: 3
Views: 2705

Re: [Feature request] human readable full configuration export from SwOS

Yes, it would be nice to have a human readable export from SwitchOS.
by k6ccc
Sat Sep 30, 2023 8:06 pm
Forum: SwOS
Topic: how do you get 2nd Switch to receive WOL Packets?
Replies: 15
Views: 3542

Re: how do you get 2nd Switch to receive WOL Packets?

I am doing exactly what the original poster is trying to do - except in my case my R4011 is generating the WoL packets. From there via untagged LAN to CSS326 then tagged VLAN trunk (VLAN 201) to another CSS326 and then untagged LAN to the family room PC. Works perfect every time. Does not matter if ...
by k6ccc
Fri Sep 29, 2023 3:12 pm
Forum: Beginner Basics
Topic: Failing to open a port [SOLVED]
Replies: 9
Views: 2072

Re: Failing to open a port [SOLVED]

In order toaccess it from your LAN via the public IP, you need to have a hairpin NAT set up. TONS of forum posts about that here.
See what happens when your your friend tries it.
by k6ccc
Fri Sep 29, 2023 7:47 am
Forum: Beginner Basics
Topic: Failing to open a port [SOLVED]
Replies: 9
Views: 2072

Re: Failing to open a port [SOLVED]

Assuming you corrected: add action=dst-nat chain=dstnat comment=Minecraft dst-port=25565 \ in-interface=bridge protocol=tcp to-addresses=192.168.88.31 to-ports=\ 25565 to: add action=dst-nat chain=dstnat comment=Minecraft dst-port=25565 \ in-interface=ether1 protocol=tcp to-addresses=192.168.88.31 t...
by k6ccc
Wed Sep 27, 2023 2:14 am
Forum: SwOS
Topic: Need Help On Connecting Two CSS610s over VLAN
Replies: 13
Views: 3325

Re: Need Help On Connecting Two CSS610s over VLAN

Yes, it works fine. Because your RB4011 cooperates as it's flexible enough to take necessary config without womiting. Not all routers are as flexible. Or are flexible but configured in a non-compatible way (by ISP). Hence my question about ability to configure the "black box" router on di...
by k6ccc
Tue Sep 26, 2023 7:26 pm
Forum: SwOS
Topic: Need Help On Connecting Two CSS610s over VLAN
Replies: 13
Views: 3325

Re: Need Help On Connecting Two CSS610s over VLAN

What he is doing is in a way similar to what I am doing. My cable internet terminates in my family room and connects to a CSS326 switch (where it gets encapsulated on VLAN 100). That CSS326 has a trunk to another CSS326 in my garage data cabinet. One port of the garage CSS326 is VLAN 100 (untagged) ...
by k6ccc
Tue Sep 26, 2023 7:14 pm
Forum: SwOS
Topic: SwOS Lite v2.17 packet loss issue
Replies: 15
Views: 3976

Re: SwOS Lite v2.17 packet loss issue

I am gathering that both switches are configured exactly the same (except presumably they have a different IP address). I am also gathering that the unnamed device on the left is the router. Since laptop to laptop is working properly, I'm not sure this is a switch problem, but rather a router proble...
by k6ccc
Sun Sep 24, 2023 9:04 pm
Forum: SwOS
Topic: CRS326-24S - As TOR and VLAN help ?
Replies: 3
Views: 2673

Re: CRS326-24S - As TOR and VLAN help ?

I am going to post three screen captures of one of my CSS326 switches. This will likely answer most of your questions. I'm noticing that this is a really old capture, and I'm not sure why I cut the VLAN and Links tabs off after port 21... I'm going to point our a few specific ports that have various...
by k6ccc
Fri Sep 22, 2023 10:22 pm
Forum: SwOS
Topic: CRS326-24S - As TOR and VLAN help ?
Replies: 3
Views: 2673

Re: CRS326-24S - As TOR and VLAN help ?

Sounds like a fairly simple setup. SwitchOS works very well for switch functions. I use SwitchOS for all of my switches here at the house and am very happy with it. I have been using SwitchOS for years, so if you have any questions, feel free to ask. And yes, you will likely get people commenting th...
by k6ccc
Tue Sep 19, 2023 7:56 pm
Forum: SwOS
Topic: Switch RB260GS, VLANs, DHCP not working
Replies: 4
Views: 2820

Re: Switch RB260GS, VLANs, DHCP not working

I have a half dozen SwitchOS devices and DHCP on VLANs works just fine, so you have something amiss. I am not able to connect to my switches right now, but when I get back to the home network, I will poke around. In the mean time, there screen captures might help you get started: These are all from ...
by k6ccc
Sat Sep 16, 2023 8:19 am
Forum: Forwarding Protocols
Topic: Hide my real IP in ICMP.
Replies: 1
Views: 1885

Re: Hide my real IP in ICMP.

If I understand your question, no. As I understand your question, if someone pings your domain that will get to your RouterBoard, you want a fake IP address returned. The initial IP shown in the ping command is based on the DNS lookup and is before ever sending a ping to you. In the ping command sho...
by k6ccc
Wed Sep 13, 2023 8:57 pm
Forum: Beginner Basics
Topic: Goodwe inverter disconnects regularly
Replies: 2
Views: 1344

Re: Goodwe inverter disconnects regularly

Never heard of Goodwe. How are the inverter and router connected to each other (example, USB, wired IP, WiFi, smoke signals)?
by k6ccc
Wed Sep 13, 2023 8:53 pm
Forum: Beginner Basics
Topic: Setting up 2 VLANs and Inter-VLAN Routing
Replies: 7
Views: 1863

Re: Setting up 2 VLANs and Inter-VLAN Routing

I know it's recommended to not use vlan-id=1, but this is a lab not a real setup in which the instructions said to do so. The recommendation is not so much about production environment, it's about sink holes planted inside ROS if one wants to use VID 1 ... I'm not saying it's not possible, but one ...
by k6ccc
Sun Sep 10, 2023 6:55 am
Forum: Beginner Basics
Topic: Random Websites Will Not Load, Reset requiered
Replies: 4
Views: 1832

Re: Random Websites Will Not Load, Reset requiered

Without knowing your configuration, we are guessing. Please post a network drawing (or at least a GOOD description of what it connected to what), and a configuration export. To export and paste your configuration (and I'm assuming you are using WebFig or Winbox), open a terminal window, and type (wi...
by k6ccc
Mon Sep 04, 2023 9:17 pm
Forum: Beginner Basics
Topic: My device not stable after update
Replies: 5
Views: 1538

Re: My device not stable after update

Also, what version of WinBox? Older versions of WinBox won't work right with newer versions of RouterOS.
by k6ccc
Sat Sep 02, 2023 8:14 pm
Forum: Beginner Basics
Topic: Directly accessing SVG real-time traffic graphs?
Replies: 5
Views: 3025

Re: Directly accessing SVG real-time traffic graphs?

You might want to take a look at this thread regarding using Splunk for this purpose:
viewtopic.php?t=179960
by k6ccc
Fri Sep 01, 2023 8:04 pm
Forum: Beginner Basics
Topic: first configuration
Replies: 4
Views: 1436

Re: first configuration

That is what I'm doing with my RB4011. Router only performs routing / DHCP functions. All switching is done in separate managed switches (CSS326 in my case). No bridge in the router.
by k6ccc
Wed Aug 30, 2023 10:53 pm
Forum: Beginner Basics
Topic: when to upgrade ROS (7.xx)
Replies: 24
Views: 4010

Re: when to upgrade ROS (7.xx)

@en1gm4 I'm kind of in the same boat. My main router here at home is a RB4011iGS+ that is running 6.49.8. I have been watching ROS 7 for about a year, but currently have no real NEED to upgrade to it. I also would like to play with WireGuard, but it's not a need for me. I will be off work for the ne...
by k6ccc
Wed Aug 23, 2023 11:56 pm
Forum: Beginner Basics
Topic: Practical redundancy on devices with PoE port + adapter?
Replies: 26
Views: 3243

Re: Practical redundancy on devices with PoE port + adapter?

Finally getting back to this thread. Had fairly major surgery 8 days ago and have not really been doing much on the computer. Sort of getting there. Somewhat humorous Amm0 that you had a power outage. We had the end of Hurricane Hilary come though here over the weekend. Not really much of a problem ...
by k6ccc
Sun Aug 20, 2023 7:57 pm
Forum: Beginner Basics
Topic: Unnable to ping lan devices
Replies: 2
Views: 1089

Re: Unnable to ping lan devices

Your router has no clue how to find the192.168.88.nnn network. It has no addresses on that network, and no route statement to know how to reach it. Second - and I know only enough about bridges in ROS to be dangerous so take this with caution. You have one IP address assigned to one of the ports on ...
by k6ccc
Sun Aug 20, 2023 3:11 am
Forum: General
Topic: Mikrotik website about ipv6 throughput?
Replies: 47
Views: 5432

Re: Mikrotik website lying about throughput?

In 2023, IPv6 is the norm, IPv4 the exception, telling a RB5009, release this year, can route 10Gb/s of traffic is a lie.
I don't know how true that statement is. I have both fiber and cable based internet here in the Los Angeles metro area, and neither of my ISPs is making IPv6 available.
by k6ccc
Sat Aug 19, 2023 11:47 pm
Forum: Beginner Basics
Topic: DHCP untrusted error
Replies: 11
Views: 1921

Re: DHCP untrusted error

OK, so you don't follow instructions. You did not include a network drawing or at least a good detailed description of the network. You did not post your complete configuration (minus sensitive data), and you did not post it within code blocks as instructed. Lastly you state that you're not wanting ...
by k6ccc
Sat Aug 19, 2023 10:14 pm
Forum: Beginner Basics
Topic: Rule to remove from address list
Replies: 9
Views: 1656

Re: Rule to remove from address list

test-connection takes about 15 seconds to time out on each ping, and there's no way to control that. So I set the timeout to 30 to leave a little wiggle room. You don't have to wait for the test connection to time out (unless whatever you are using to generate the knock is too stupid). I have some ...
by k6ccc
Sat Aug 19, 2023 9:55 pm
Forum: Beginner Basics
Topic: DHCP untrusted error
Replies: 11
Views: 1921

Re: DHCP untrusted error

There are so many issues here, let me see what I can start with. 1) Get rid of the cable between ports 13 & 15 - that is NOT how to get two diverse networks to communicate! That is the router's job. 2) Since you are trying to run two networks from the CCR to site B, you have two choices. Either ...
by k6ccc
Sat Aug 19, 2023 9:42 pm
Forum: Beginner Basics
Topic: Ping by routerName.local instead of by IP [SOLVED]
Replies: 4
Views: 1511

Re: Ping by routerName.local instead of by IP [SOLVED]

Not really sure what you are asking or telling us. You gave us no information on equipment, software, or configuration. But yes, the Mikrotik router may or may not be able to provide local DNS service - depending mostly on configuration. ssh routerName.local:21 Why are you trying to ssh to the ftp p...
by k6ccc
Sat Aug 19, 2023 8:42 pm
Forum: Beginner Basics
Topic: Router/bridge at same time
Replies: 11
Views: 2016

Re: Router/bridge at same time

Start off with posting a network drawing so we know what you are trying to do. Next is post your configuration. To export and paste your configuration (and I'm assuming you are using WebFig or Winbox), open a terminal window, and type (without the quotes) "/export hide-sensitive file=any-filena...
by k6ccc
Sat Aug 19, 2023 8:38 pm
Forum: Beginner Basics
Topic: HAP AC2 Wired conection
Replies: 5
Views: 1232

Re: HAP AC2 Wired conection

To export and paste your configuration (and I'm assuming you are using WebFig or Winbox), open a terminal window, and type (without the quotes) "/export hide-sensitive file=any-filename-you-wish". Then open the files section and right click on the filename you created and select download i...
by k6ccc
Sat Aug 19, 2023 8:36 pm
Forum: SwOS
Topic: CSS610-8G VLAN config
Replies: 3
Views: 3403

Re: CSS610-8G VLAN config

Do not use VLAN 1 for anything - unless there is a specific requirement to do so for some attached device. Too many devices that treat VLAN 1 "special" - and most will not tell you that.
by k6ccc
Sat Aug 19, 2023 8:34 pm
Forum: SwOS
Topic: Is SwOS dead?
Replies: 6
Views: 5875

Re: Is SwOS dead?

It's obvious that SwitchOS is a low priority for Mikrotik. Even SwOS lite for the couple of switches it uses keeps getting updates, but full SwitchOS seems to be getting ignored. As far as moving to RouterOS, I personally find that for pure switch functions, SwitchOS is FAR easier to use. I also hav...
by k6ccc
Sun Aug 13, 2023 2:05 am
Forum: Beginner Basics
Topic: Many open filtered ports in nmap
Replies: 5
Views: 1524

Re: Many open filtered ports in nmap

For starters, your input chain is essentially wide open. So is your forward chain. Generally recommended procedure is to specifically allow what you want and then have a drop everything rule at the end of the chain (which you don't have). You want this for both the input and forward chains - maybe o...
by k6ccc
Sat Aug 12, 2023 8:37 pm
Forum: Beginner Basics
Topic: so i connected two lans together why is firewall dropping as invalid
Replies: 6
Views: 1470

Re: so i connected two lans together why is firewall dropping as invalid

Start off with a network description - or better yet and network drawing.
by k6ccc
Sat Aug 12, 2023 8:35 pm
Forum: Beginner Basics
Topic: Many open filtered ports in nmap
Replies: 5
Views: 1524

Re: Many open filtered ports in nmap

Are you are testing from the Internet or testing from a computer on your LAN? A Google search will generally tell you what things use those ports. Sounds like you have some things open that you are not expecting. Without your configuration, we would be guessing. Post your configuration please. To ex...
by k6ccc
Fri Aug 11, 2023 11:11 pm
Forum: Beginner Basics
Topic: VLAN DHDP-Relay
Replies: 12
Views: 2930

Re: VLAN DHDP-Relay

Your description and minimal config does not really give enough useful information. Please post a network drawing and export your configuration. To export and paste your configuration (and I'm assuming you are using WebFig or Winbox), open a terminal window, and type (without the quotes) "/expo...
by k6ccc
Fri Aug 11, 2023 11:04 pm
Forum: Wireless Networking
Topic: LTE in vehicle: worth it to get antenna outside car?
Replies: 3
Views: 1903

Re: LTE in vehicle: worth it to get antenna outside car?

I'd like to re-purpose the "shark-fin" style antenna enclosure that's already on the roof of the car if I can. That way I don't have to come up with another antenna mounting locaiton. If you don't mind spending some money, you can get custom (or semi-custom) antennas that replace the fact...
by k6ccc
Fri Aug 11, 2023 8:43 pm
Forum: Wireless Networking
Topic: LTE in vehicle: worth it to get antenna outside car?
Replies: 3
Views: 1903

Re: LTE in vehicle: worth it to get antenna outside car?

I work in a city radio shop. We have hundreds of vehicles with various radio services - GPS, Wifi, cellular, and of course the two way radios. I can absolutely assure you that getting the antenna outside the steel box known as your car will SUBSTANTIALLY improve radio performance. Best bet is an ant...
by k6ccc
Fri Aug 11, 2023 7:22 pm
Forum: Beginner Basics
Topic: Practical redundancy on devices with PoE port + adapter?
Replies: 26
Views: 3243

Re: Practical redundancy on devices with PoE port + adapter?

I sometimes use 24V battery packs on either PoE injector or as the DC IN, with the battery charge always plugged in to the grid. No AC/DC conversion and Mikrotik's don't really use all that much power, so $50-100 battery pack is often longer lasting/cheaper than APC-like AC UPS. The 24V lithium pac...
by k6ccc
Fri Aug 11, 2023 6:27 pm
Forum: Beginner Basics
Topic: Practical redundancy on devices with PoE port + adapter?
Replies: 26
Views: 3243

Re: Practical redundancy on devices with PoE port + adapter?

Thanks. These monitoring tips are great. For me the most important one would be the temperature - sometimes AC units fail in server rooms and then things can get toasty. You're welcome. Yep, temperature and power issues are high on the monitoring priority list. I was maybe thinking building my own,...
by k6ccc
Thu Aug 10, 2023 11:35 pm
Forum: Beginner Basics
Topic: Best way of setting Static IP for WAN when connecting remotely
Replies: 5
Views: 1427

Re: Best way of setting Static IP for WAN when connecting remotely

About 25% need the WAN set statically. We remote in (Teamviewer); log into Router and go to set WAN IP and then we get disconnected (We need to set DNS next I assume?) I'm curious how you are getting to it via TeamViewer (which I use regularly and am very familiar with). I assume you remote into a ...
by k6ccc
Thu Aug 10, 2023 7:30 pm
Forum: Beginner Basics
Topic: Practical redundancy on devices with PoE port + adapter?
Replies: 26
Views: 3243

Re: Practical redundancy on devices with PoE port + adapter?

Thanks for info. Out of curiosity, how do you solve monitoring and reporting of MIkroTik systems and external sensors/batteries and such? There are a couple things that I am doing. For environmental monitoring, I have a box called a Watchdog 1000 from IT Watchdogs (now owned by Vertiv). It has mult...
by k6ccc
Thu Aug 10, 2023 5:08 pm
Forum: Beginner Basics
Topic: VLAN SwOS CRS326-24G-2S+ [SOLVED]
Replies: 6
Views: 1429

Re: VLAN SwOS CRS326-24G-2S+ [SOLVED]

Let me know if you have any more questions. I'm one of the people here that uses and really likes SwitchOS (I have seven switches that I manage).
by k6ccc
Wed Aug 09, 2023 11:19 pm
Forum: Beginner Basics
Topic: Practical redundancy on devices with PoE port + adapter?
Replies: 26
Views: 3243

Re: Practical redundancy on devices with PoE port + adapter?

#2 Jesus. ... Don't you think that s a bit of an overkill? Only a little. Think of it as public safety grade. I run a large regional public safety 2-way radio system for a living. We operate with the understanding that under the wrong set of circumstances, failure of the radio system can result in ...
by k6ccc
Wed Aug 09, 2023 7:20 pm
Forum: Beginner Basics
Topic: Practical redundancy on devices with PoE port + adapter?
Replies: 26
Views: 3243

Re: Practical redundancy on devices with PoE port + adapter?

So you chose an option to have external dedicated poe backup. Correct I am thinking about this too, in a way that I would have a separate injector and an adapter for each device if I wont find a way to configure excess PoE switch ports to be redundancies. I don't have POE switches, so that is not a...
by k6ccc
Wed Aug 09, 2023 5:08 pm
Forum: Beginner Basics
Topic: Practical redundancy on devices with PoE port + adapter?
Replies: 26
Views: 3243

Re: Practical redundancy on devices with PoE port + adapter?

I am doing exactly what you are wanting to do on a RB4011, RB750Gr3, and RB750r2 routers, and two CSS326 switches in my data cabinet. It works very well. All of these devices use passive (or dumb) POE input on port 1. In the case of the RB4011 it is getting 48V POE and the others are getting 24V POE...
by k6ccc
Wed Aug 09, 2023 4:54 pm
Forum: Beginner Basics
Topic: VLAN SwOS CRS326-24G-2S+ [SOLVED]
Replies: 6
Views: 1429

Re: VLAN SwOS CRS326-24G-2S+ [SOLVED]

OK Cube4d, welcome to the forum. A couple of comments. Assuming that port 2 is being used as a VLAN trunk (as opposed to a Hybrid mode). All of your devices EXCEPT the router connection on port 2 are NOT VLAN aware (or at least not operating as a VLAN connection). 1) DO NOT use VLAN 1. Any other num...
by k6ccc
Tue Aug 08, 2023 11:40 pm
Forum: Beginner Basics
Topic: VLANs access port - not restricted
Replies: 2
Views: 965

Re: VLANs access port - not restricted

Routing between networks is what a router does. You have no firewall rules to prevent routing between LANs so that is exactly what it will do. Remember in RouterOS, at the end of a firewall chain there is am implied accept. So the general plan is to specifically accept what you want to allow and the...
by k6ccc
Sun Aug 06, 2023 6:04 am
Forum: Beginner Basics
Topic: Meaning of "Client ID" in a DHCP Server Lease [SOLVED]
Replies: 2
Views: 1974

Re: Meaning of "Client ID" in a DHCP Server Lease [SOLVED]

Can't do this with a dynamic address, but with DHCP reservations (what Mikrotik calls static), but put a comment on the item.

Image
by k6ccc
Fri Aug 04, 2023 7:20 pm
Forum: Beginner Basics
Topic: vlan interoperability issues
Replies: 8
Views: 1455

Re: vlan interoperability issues

In an almost default configuration the VLANs should communicate just fine - that's what a router does. Beyond that, please post your configuration so we're not guessing. To export and paste your configuration (and I'm assuming you are using WebFig or Winbox), open a terminal window, and type (withou...
by k6ccc
Wed Aug 02, 2023 7:34 am
Forum: Beginner Basics
Topic: Migrating RADIUS data to another RADIUS server
Replies: 2
Views: 940

Re: Migrating RADIUS data to another RADIUS server

What Radius server are you using?
by k6ccc
Mon Jul 31, 2023 5:46 pm
Forum: SwOS
Topic: Need help to convert RouterOS to SwitchOS
Replies: 9
Views: 4284

Re: Need help to convert RouterOS to SwitchOS

The screen captures above are from the Family room switch. Port 1 is the trunk between the Family room switch and the Garage switch. You can see in the VLANs tab that essentially every VLAN is included on that trunk. That allows everything to be able to flow between the two switches. As far as keepi...
by k6ccc
Mon Jul 31, 2023 4:59 pm
Forum: Beginner Basics
Topic: Connectivity Issues with Amazon Echo Alexa and Fire TV on MikroTik RouterOS
Replies: 10
Views: 2651

Re: Connectivity Issues with Amazon Echo Alexa and Fire TV on MikroTik RouterOS

Without knowing your configuration, we would only be guessing. Please export and post your configuration. To export and paste your configuration (and I'm assuming you are using WebFig or Winbox), open a terminal window, and type (without the quotes) "/export hide-sensitive file=any-filename-you...
by k6ccc
Fri Jul 28, 2023 6:54 pm
Forum: Announcements
Topic: CVE-2023-30799
Replies: 14
Views: 31435

Re: CVE-2023-30799

Interesting, but pretty much a non-issue since it requires the actor to be logged in with full admin privilege anyway...
by k6ccc
Thu Jul 27, 2023 4:55 pm
Forum: Beginner Basics
Topic: NAT for Axis Cameras
Replies: 1
Views: 859

Re: NAT for Axis Cameras

It sounds like you are in a double NAT situation. From the Internet, the Draytek needs to NAT the required ports from it WAN to it's LAN. This sounds like it is working (although needs to be edited to point the NAT destination to the Mikrotik rather than the individual cameras. Then in the Mikrotik ...
by k6ccc
Wed Jul 26, 2023 8:35 pm
Forum: General
Topic: Bridge Layer 2 and LAN DHCP going stuck
Replies: 8
Views: 958

Re: Bridge Layer 2 and LAN DHCP going stuck

I have Cisco SG500,
(Mistakenly I wrote SA500)
Sorry
I did not catch the difference in the screen capture either...

In any case, from the screen capture, it DOES appear that your SG500 is a VLAN aware managed switch. So go back to my earlier post with suggestions.
by k6ccc
Wed Jul 26, 2023 5:38 pm
Forum: General
Topic: Bridge Layer 2 and LAN DHCP going stuck
Replies: 8
Views: 958

Re: Bridge Layer 2 and LAN DHCP going stuck

Your description says that the Cisco SA-500 is unmanaged, but the drawing and screen capture shows that the SA-500 is a managed switch. I don't speak Cisco, and it's not my intent to look it up for you. So I am going to with the SA-500 being a managed switch. Run a single VLAN trunk between the MT r...
by k6ccc
Wed Jul 26, 2023 5:21 pm
Forum: SwOS
Topic: SWos Devices IP Addressing
Replies: 4
Views: 2972

Re: SWos Devices IP Addressing

I don't use a VPN to access my switches, but every time I access any of them it is from a different LAN and therefore is routed. Works fine. Nothing special required in the router.
by k6ccc
Sat Jul 22, 2023 11:08 pm
Forum: SwOS
Topic: CSS-610 management ports and topology dreams.
Replies: 7
Views: 3471

Re: CSS-610 management ports and topology dreams.

There's MSTP which does know about VLANs and you should be using it. I don't have any SwOS drvice so I don't know if SwOS supports MSTP or not.
No, SwitchOS does not support MSTP. I was just setting up an RSTP link last night in SwitchOS, so STP capability is fresh in my mind...
by k6ccc
Sat Jul 22, 2023 10:50 pm
Forum: General
Topic: What dynamic DNS are you using and why? (Free or not)
Replies: 12
Views: 6084

Re: What dynamic DNS are you using and why? (Free or not)

I am using https://www.dynu.com/ and am happy with their free service. Been using them for only a few months. Prior to that I was using a DSL with static IPs. Moved to cable based internet with a dynamic IP address. I am using a Windows application that I run on my server, but they also have a scri...
by k6ccc
Fri Jul 21, 2023 6:28 pm
Forum: Beginner Basics
Topic: Winbox shows empty config and keeps dissconecting
Replies: 4
Views: 2442

Re: Winbox shows empty config and keeps dissconecting

Where is the PC that you are using connected to? By that I mean are you connected to a LAN on Router 1, Router 2, something else? If you physically plug into the router that you can't access (rather than accessing across the tunnel), does it work? What version of WinBox are you using? Are you trying...
by k6ccc
Fri Jul 21, 2023 5:43 pm
Forum: SwOS
Topic: CSS-610 management ports and topology dreams.
Replies: 7
Views: 3471

Re: CSS-610 management ports and topology dreams.

Your description and drawing don't match so it's really hard to know what you are trying to do. You state that you don't want to use VLANs and then have VLANs running all over the place. Your dashed lines with "no contact" is meaning less. I assume you mean "out of band" for OOB....
by k6ccc
Thu Jul 20, 2023 11:52 pm
Forum: SwOS
Topic: CSS610 LAG VLAN confusion [SOLVED]
Replies: 2
Views: 6042

Re: CSS610 LAG VLAN confusion [SOLVED]

When I have run a LAG under SwitchOS (on a VLAN trunk), I have set the VLAN and VLANs tabs to match each other for the two ports that are part of the LAG - it worked that way. I have never tried any other way and there is no setting on either the LAG or VLAN tabs to reflect that a specific VLAN is o...
by k6ccc
Thu Jul 20, 2023 8:58 pm
Forum: General
Topic: How to set Mikrotik default IP
Replies: 3
Views: 1289

Re: How to set Mikrotik default IP

Sounds like you have messed up something in the config. It absolutely SHOULD work 100% of the time (it does on my RB4011 with multiple WANs). Export and post your config. To export and paste your configuration (and I'm assuming you are using WebFig or Winbox), open a terminal window, and type (witho...
by k6ccc
Thu Jul 20, 2023 8:54 pm
Forum: General
Topic: traffic stops almost completely after a few bridge hops
Replies: 9
Views: 1145

Re: traffic stops almost completely after a few bridge hops

Start with the configurations of each of the devices. Export and post each configuration and post them here so we have a clue what you have done to break it. To export and paste your configuration (and I'm assuming you are using WebFig or Winbox), open a terminal window, and type (without the quotes...
by k6ccc
Wed Jul 19, 2023 7:11 pm
Forum: Beginner Basics
Topic: VLAN Routing and General Review
Replies: 16
Views: 2487

Re: VLAN Routing and General Review

Yes it is possible that the Allen Bradley switches are intentionally dumbed down - of that I have no information. Mikrotik switches running SwitchOS also have no ability to specify a gateway, but they will just send packets back to whatever the switch received the packet from - whether that is a dir...
by k6ccc
Tue Jul 18, 2023 7:42 pm
Forum: Beginner Basics
Topic: Question regarding IP pools [SOLVED]
Replies: 24
Views: 2245

Re: Question regarding IP pools [SOLVED]

Here's one of mine. Lease time on this one is 3 hours.
/ip dhcp-server
add address-pool=".101 DHCP pool" authoritative=after-2sec-delay disabled=no \
    interface=E02-pB4_101 lease-time=3h name=".101 DHCP server"
by k6ccc
Tue Jul 18, 2023 7:40 pm
Forum: Beginner Basics
Topic: Question regarding IP pools [SOLVED]
Replies: 24
Views: 2245

Re: Question regarding IP pools [SOLVED]

While DHCP protocol does define way for client to release the address, it's seldomly (if ever) used. Some (a few) devices will initiate a release - I have observed some devices do so on my network. Trying to remember which devices will release a DHCP lease when shut down. Not sure, but it may be th...
by k6ccc
Tue Jul 18, 2023 7:36 pm
Forum: Beginner Basics
Topic: Question regarding IP pools [SOLVED]
Replies: 24
Views: 2245

Re: Question regarding IP pools [SOLVED]

Simply set a fairly short lease time in the DHCP server setting.
by k6ccc
Tue Jul 18, 2023 7:10 pm
Forum: Beginner Basics
Topic: Question regarding IP pools [SOLVED]
Replies: 24
Views: 2245

Re: Question regarding IP pools [SOLVED]

I have set up L2TP server with IP pool 10.8.0.2-10.8.0.254 . I see that when users connect , it starts assigning them IPs starting from 10.8.0.254 , 10.8.0.253 and etc... Correct. Mikrotik DHCP server starts at the high end of the range. My question is what happens after all the IPs are used ? I un...
by k6ccc
Tue Jul 18, 2023 7:00 pm
Forum: Beginner Basics
Topic: Block Traffic to Specific IP Ranges via Terminal
Replies: 3
Views: 1005

Re: Block Traffic to Specific IP Ranges via Terminal

Are these enough to block all outgoing traffic (output & forward) from all sources to those IP ranges I mentioned ? /ip firewall filter add action=drop chain=output dst-address=141.101.78.0/23 add action=drop chain=output dst-address=173.245.48.0/20 add action=drop chain=forward dst-address=141...
by k6ccc
Tue Jul 18, 2023 12:45 am
Forum: Beginner Basics
Topic: Help me figure out where traffic is going through
Replies: 2
Views: 837

Re: Help me figure out where traffic is going through

I disabled all input rules and output in hoping that i won't be able to browse the internet but i am. Traffic passing through the router does not go through the Input nor Output chain. It goes through the Forward chain. The Input chain is for traffic that has the router as it's destination (your Wi...
by k6ccc
Tue Jul 18, 2023 12:40 am
Forum: Beginner Basics
Topic: Help me figure out where traffic is going through
Replies: 2
Views: 837

Re: Help me figure out where traffic is going through

Your image is unavailable to us. Also, without your configuration, we would be guessing. Please export and post your configuration. To export and paste your configuration (and I'm assuming you are using WebFig or Winbox), open a terminal window, and type (without the quotes) "/export hide-sensi...
by k6ccc
Mon Jul 17, 2023 11:53 pm
Forum: SwOS
Topic: SwOS Stacking
Replies: 16
Views: 7641

Re: SwOS Stacking

Or did you read my statement that there are 7 free (unused) ports to mean that I was connecting the two switches with 7 connections? Yes, that's what I understood from your post. I am not native English speaker so forgive me... :D I can assure you that your English is better than my ability to spea...
by k6ccc
Mon Jul 17, 2023 11:43 pm
Forum: SwOS
Topic: SwOS Stacking
Replies: 16
Views: 7641

Re: SwOS Stacking

Not an option for me since all three switches in this reference are CSS326. And for switches, I really prefer SwitchOS...
by k6ccc
Mon Jul 17, 2023 11:41 pm
Forum: Beginner Basics
Topic: Winbox Mikrotik configure it as AP for the LAN
Replies: 16
Views: 2079

Re: Winbox Mikrotik configure it as AP for the LAN

hAP ac lite is a nice device, but the WiFi is rather limited primarily due to only internal antennas. I have two of them (although they are running a ham radio software called AREDN).
Firmware updates on most of the Mikrotik devices is pretty reliable.
by k6ccc
Mon Jul 17, 2023 11:31 pm
Forum: Beginner Basics
Topic: LACP SwOS
Replies: 1
Views: 921

Re: LACP SwOS

Confirming when you are making these tests, you have the working LAG from the CRS-309 to the XG-7100, and the second LAG from the CRS-309 to the CRS-328 causes the storm (the CRS-305 is not yet into the picture). Also, confirm that there is no connection from the CRS-328 to the CRS-305? You did not ...
by k6ccc
Mon Jul 17, 2023 11:16 pm
Forum: Beginner Basics
Topic: Winbox Mikrotik configure it as AP for the LAN
Replies: 16
Views: 2079

Re: Winbox Mikrotik configure it as AP for the LAN

So the OP wants the Mikrotik to ONLY function as a WiFi access point. No "router" functions. That should be fairly straight forward (but I don't do WiFi in ROS so I'm no help there). And suntchi56, please tell us what hardware you have. Also, I would recommend updating the ROS version. 6.3...
by k6ccc
Mon Jul 17, 2023 7:30 pm
Forum: SwOS
Topic: SwOS Stacking
Replies: 16
Views: 7641

Re: SwOS Stacking

Despite all of that I still don't get why you didn't interconnect switches with at least 1 x 10 Gb twinax cable instead of 7 x 1 GbE interfaces... Where did you get the idea that I am connecting the two switches with 7 x 1 GbE connections? They are connected with a single 1 GigE connection - which ...
by k6ccc
Mon Jul 17, 2023 6:08 pm
Forum: SwOS
Topic: SwOS Stacking
Replies: 16
Views: 7641

Re: SwOS Stacking

Tying the two CSS326 switches together is easy. However they are still entirely treated as two separate switches from a management perspective. The other part is bigger. When there was just one switch in the data cabinet, it had a single 1GigE connection to another CSS326 in my family room. Eventual...
by k6ccc
Mon Jul 17, 2023 5:05 pm
Forum: SwOS
Topic: SwOS Stacking
Replies: 16
Views: 7641

Re: SwOS Stacking

I honestly cannot see many real uses for it, aside from ticking a box on a design spec. With the 100gb switch not listed in supported (maybe it does work and the document is old) you really limited on real throughput. My data cabinet at home now has two CSS326-24G-2S switches. I have two in there b...
by k6ccc
Mon Jul 17, 2023 5:38 am
Forum: Beginner Basics
Topic: Mediaserver and TV in different subnets
Replies: 2
Views: 1020

Re: Mediaserver and TV in different subnets

Unless there is some compelling reason not to, put them on the same subnet.
Broadcasts stay local to the subnet.
by k6ccc
Sun Jul 16, 2023 7:37 pm
Forum: Beginner Basics
Topic: Domain Search List for MT devices
Replies: 4
Views: 1160

Re: Domain Search List for MT devices

I have no idea what fqdn means or how to use it?
Fully Qualified Domain Name
https://en.wikipedia.org/wiki/Fully_qua ... omain_name
by k6ccc
Sat Jul 15, 2023 5:29 am
Forum: SwOS
Topic: Need help to convert RouterOS to SwitchOS
Replies: 9
Views: 4284

Re: Need help to convert RouterOS to SwitchOS

Particularly becuase there are things that don't apply to switches but they still show up and are not grayed-out. Do you mean in RouterOS or SwitchOS? If the latter, please give examples. If the former, I largely agree. Has a lot to do with why I am using routers exclusively as routers and switches...
by k6ccc
Fri Jul 14, 2023 9:34 pm
Forum: General
Topic: Volume installation/preparation
Replies: 7
Views: 1172

Re: Volume installation/preparation

Holvoetn had exactly the same thought as I did - Nice writeup. Not anything that I have a need for, but interesting to read. Thanks for posting that. I'm sure it will be useful to some people...
by k6ccc
Fri Jul 14, 2023 9:19 pm
Forum: General
Topic: OS V7.8 BGP needs port 23 open
Replies: 3
Views: 432

Re: OS V7.8 BGP needs port 23 open

I have the 179 rule in and see traffic on it. The 23 rule does not have any traffic, but if I disable that rule (23) my BGP goes down. It's very strange.
Sounds like something is there that you are not expecting. Post your config and the answer likely will reveal itself.
by k6ccc
Fri Jul 14, 2023 7:50 pm
Forum: SwOS
Topic: Need help to convert RouterOS to SwitchOS
Replies: 9
Views: 4284

Re: Need help to convert RouterOS to SwitchOS

BTW, newer version of SwitchOS allow you to name the VLANs on the VLANs tab so it is easier to remember what is what. Also, the checkboxes are colored so they are easier to see. My screen captures were from several years ago and an earlier version of SwitchOS.
by k6ccc
Fri Jul 14, 2023 7:44 pm
Forum: Beginner Basics
Topic: VLAN Routing and General Review
Replies: 16
Views: 2487

Re: VLAN Routing and General Review

my plan is to ONLY use VLAN 1 for the management of the switches on the network.
Use something other than VLAN 1. VLAN 99 seems to be a commonly used on, but there is nothing magic about that number.
by k6ccc
Fri Jul 14, 2023 7:42 pm
Forum: Beginner Basics
Topic: Which MikroTik wifi Router
Replies: 13
Views: 1441

Re: Which MikroTik wifi Router

which fiber transceivers sound the best.

It’s the ones with the oxygen-free copper traces…
You did say that you were this guy here demonstrating the Retro Encabulator? https://www.youtube.com/watch?v=RgaKjVXK0KA
by k6ccc
Fri Jul 14, 2023 7:35 pm
Forum: SwOS
Topic: Need help to convert RouterOS to SwitchOS
Replies: 9
Views: 4284

Re: Need help to convert RouterOS to SwitchOS

Easiest way to do this is include two screen captures of one of my CSS326 switches. BTW, in my collection of Mikrotik devices I have a CRS326 that I have running in SwitchOS. Most of everything you will do will be on the VLAN and VLANs tabs. First is the VLAN tab. I will point out a few lines. Port ...
by k6ccc
Fri Jul 14, 2023 5:26 pm
Forum: Beginner Basics
Topic: VLAN Routing and General Review
Replies: 16
Views: 2487

Re: VLAN Routing and General Review

Unless you REALLY have to, avoid VLAN 1. Many devices handle VLAN 1 strangely. You may find traffic on that VLAN that you did not intend.
And yes, there are some devices that do not give you a choice (I have a couple).
by k6ccc
Fri Jul 14, 2023 5:21 pm
Forum: Beginner Basics
Topic: Which MikroTik wifi Router
Replies: 13
Views: 1441

Re: Which MikroTik wifi Router

Part two is a single WiFi access point for a 2500 square foot home is likely going to be pushing it. Might work, but likely will have some dead/marginal spots. I would be looking at multiple wired access points.
by k6ccc
Fri Jul 14, 2023 5:16 pm
Forum: Beginner Basics
Topic: Which MikroTik wifi Router
Replies: 13
Views: 1441

Re: Which MikroTik wifi Router

In your proposed drawing, you are intending to use fiber from the Mikrotik to a media converter, only to turn it back to a wired 1G ethernet connection. Why not just run a wired Ethernet connection from the router to the DAC? Unless your house dimensions are measured in acres, you are not likely goi...
by k6ccc
Fri Jul 14, 2023 4:47 pm
Forum: Beginner Basics
Topic: Port Forwarding only works from external network
Replies: 4
Views: 1792

Re: Port Forwarding only works from external network

One quick note since you used QuickSet. Once you make ANY other change to the router config, NEVER EVER use QuickSet again. Doing so will blow away any other changes that you make.
by k6ccc
Wed Jul 12, 2023 9:16 pm
Forum: General
Topic: redirect a subdomain to a private ip in the local network
Replies: 7
Views: 1080

Re: redirect a subdomain to a private ip in the local network

<snip>
very limited capabilities beyond L4 (i.e. handling UDP/TCP packets). And "redirecting a subdomain" is an L7

What? You mean that whole OSI 7 layers thing actually means something? :D

Amazing how many people don't understand that...
by k6ccc
Wed Jul 12, 2023 7:26 pm
Forum: Beginner Basics
Topic: How to ping Mikrotik router behind ISP Router
Replies: 8
Views: 1665

Re: How to ping Mikrotik router behind ISP Router

The question to ask your ISP is if they can put their modem into bridge mode. Some will and some will not. If the ISP will put their device into bridge mode, that means your router will be truly public IP facing, so it gets (or you assign) the public IP addresses. For what it's worth, I have two int...
by k6ccc
Wed Jul 12, 2023 1:08 am
Forum: Beginner Basics
Topic: Port Forwarding: proper way to do "DMZ" + UPnP? [SOLVED]
Replies: 11
Views: 6864

Re: Port Forwarding: proper way to do "DMZ" + UPnP? [SOLVED]

i used /ip firewall nat add action=dst-nat chain=dstnat in-interface-list=WAN to-addresses=192.168.1.99 and it creates a perfect dmz but now i am locked out of winbox that uses port 8291 how can i exempt port 8291 from above rule? That should only be a problem if you are attempting to access WinBox...
by k6ccc
Tue Jul 11, 2023 6:41 am
Forum: General
Topic: ip firewall filter time is not working only 1d
Replies: 3
Views: 703

Re: ip firewall filter time is not working only 1d

Was it between 11:35 and 11:40 at the time? Any other time it will show as inactive time.
by k6ccc
Fri Jul 07, 2023 10:19 pm
Forum: Beginner Basics
Topic: Display garbled Chinese characters for Winbox settings comments on webfig
Replies: 3
Views: 1686

Re: Display garbled Chinese characters for Winbox settings comments on webfig

No useful information. What hardware? What software version? What WinBox version? Screen capture of what you're talking about. And this should have been in the "Beginner Basics" section of the forum. Maybe a moderator can move it. Edit - Thanks to whichever moderator moved this to the Begi...
by k6ccc
Thu Jul 06, 2023 10:00 pm
Forum: General
Topic: ip firewall filter time is not working only 1d
Replies: 3
Views: 703

Re: ip firewall filter time is not working only 1d

I have never created a time of day based firewall rule, so I tried a simple one. This rule only operates from 11:35:00 - 11:40:40 every day, and is a passthrough rule so it's just a packet counter - counting packets on my fiber internet connection. Worked fine. add action=passthrough chain=forward c...
by k6ccc
Thu Jul 06, 2023 6:47 pm
Forum: Beginner Basics
Topic: DHCP to Static IP on mAP
Replies: 8
Views: 1701

Re: DHCP to Static IP on mAP

Certainly. Set ETH1 as a DHCP client, and if you will not be using DHCP at all on your local LAN, you can delete (or disable) the router's DHCP server.
by k6ccc
Thu Jul 06, 2023 5:23 am
Forum: Beginner Basics
Topic: hAP ac^3
Replies: 1
Views: 860

Re: hAP ac^3

You're going to have to explain what you are trying to do better. A network drawing would help.
by k6ccc
Fri Jun 30, 2023 11:40 pm
Forum: Beginner Basics
Topic: Disable Webfig Username autofill
Replies: 7
Views: 2101

Re: Disable Webfig Username autofill

...especially since I'd say its a "best practice" to NOT use "admin" as a login name, but it being default only encourages it ;). Agreed. I don't use "admin" or "administrator" (with or without a capital A) as an admin UserID on anything where I have a choice...
by k6ccc
Fri Jun 30, 2023 9:31 pm
Forum: Beginner Basics
Topic: Disable Webfig Username autofill
Replies: 7
Views: 2101

Re: Disable Webfig Username autofill

So much for my educated guess....
by k6ccc
Fri Jun 30, 2023 5:09 pm
Forum: General
Topic: Maximum number of NAT users / sessions
Replies: 45
Views: 24043

Re: Maximum number of NAT users / sessions

Port from 0 to 32767 and 65535 are reserved or not used.
is this still true today ? about the only ports being used for nat are 32767 ?

No. That was a nine year old post.

You can use any port you like from 1 to 65534 for a NAT.
by k6ccc
Fri Jun 30, 2023 5:03 pm
Forum: Beginner Basics
Topic: Disable Webfig Username autofill
Replies: 7
Views: 2101

Re: Disable Webfig Username autofill

That is most likely happening in your browser, not in WebFig.
Just an educated guess as I never use WebFig.
by k6ccc
Thu Jun 29, 2023 2:10 am
Forum: General
Topic: PTP connection to switch for admin
Replies: 3
Views: 577

Re: PTP connection to switch for admin

Really hard to follow what you are saying. Please provide a network drawing and your configuration. Otherwise, we're guessing. To export and paste your configuration (and I'm assuming you are using WebFig or Winbox), open a terminal window, and type (without the quotes) "/export file=any-filena...
by k6ccc
Thu Jun 29, 2023 1:33 am
Forum: Beginner Basics
Topic: Conection from a router to another in the same DHCP
Replies: 3
Views: 800

Re: Conection from a router to another in the same DHCP

As tangent said, you gave us almost nothing to go on. Tell us what is connected to what - or better yet, a network drawing. And export your configuration. To export and paste your configuration (and I'm assuming you are using WebFig or Winbox), open a terminal window, and type (without the quotes) &...
by k6ccc
Thu Jun 29, 2023 1:22 am
Forum: Beginner Basics
Topic: Really a beginner [SOLVED]
Replies: 7
Views: 1759

Re: Really a beginner [SOLVED]

I have not poked through your config, but I can tell you that on my RB4011 that has ROS 6.49.6, the System > Clock display is correct, as is the Dashboard Date & Time in WinBox. Also, log entries are showing correct date and time. In my case, I am using my own Stratum-1 time server. I don't norm...