Community discussions

MikroTik App

Search found 774 matches

by k6ccc
Thu Sep 23, 2021 7:47 pm
Forum: Beginner Basics
Topic: vlan across two mikrotik devices
Replies: 6
Views: 224

Re: vlan across two mikrotik devices

My router history goes something like this. Way back when I first got DSL (mid 90s), I had one consumer grade router with some stuff on the LAN side. I got into a ham radio application that I needed two ports for that had to be on separate public IP addresses (they fixed that need a long time ago). ...
by k6ccc
Thu Sep 23, 2021 6:44 pm
Forum: SwOS
Topic: Did CSS326 had same cable test capability as CSS610?
Replies: 4
Views: 252

Re: Did CSS326 had same cable test capability as CSS610?

I wonder if that is something new in 2.14 (lite).
2.14 is not out yet for the CSS326...

The only thing that COULD relate in the 2.14 release notes is:
*) make Port statistics more precise;
But I don't think so...
by k6ccc
Thu Sep 23, 2021 6:41 pm
Forum: Beginner Basics
Topic: vlan across two mikrotik devices
Replies: 6
Views: 224

Re: vlan across two mikrotik devices

Why? Not just have one router wth two WAN connections?? In my case, it's a combination of old history and redundancy - if one router fails, I still have something working. Actually one of my changes will be to merge them into the 4011 router. Hopefully get that completed this weekend in prep for th...
by k6ccc
Thu Sep 23, 2021 6:12 pm
Forum: SwOS
Topic: Did CSS326 had same cable test capability as CSS610?
Replies: 4
Views: 252

Re: Did CSS326 had same cable test capability as CSS610?

I have several CSS326 switches and have never seen that - and did not know it existed. That could be useful. Watching this thread to see if there is a good answer. Interesting - the Mikrotik Wiki for the CSS610 does not show that either... https://wiki.mikrotik.com/wiki/SwOS/CSS610 What version of S...
by k6ccc
Thu Sep 23, 2021 5:49 pm
Forum: Beginner Basics
Topic: Blocking incoming DNS
Replies: 4
Views: 183

Re: Blocking incoming DNS

Dropping DNS requests inbound from the internet will keep your router from doing anything with the packet (other than dropping the packet). There is NOTHING you can do to prevent a certain type of packet from reaching your router from the internet (other than an upstream firewall). In other words, n...
by k6ccc
Thu Sep 23, 2021 5:31 pm
Forum: Beginner Basics
Topic: vlan across two mikrotik devices
Replies: 6
Views: 224

Re: vlan across two mikrotik devices

I am doing exactly the same thing. My router #1 is connected to my cable based internet and has a collection of LANs and VLANs connected to other ports. All the LANs and VLANs on router #1 are my .10x series of names. Router #2 is connected to my DSL internet (gets replaced with fiber in a week), an...
by k6ccc
Fri Sep 17, 2021 7:27 pm
Forum: SwOS
Topic: VLANs with SwOS [SOLVED]
Replies: 5
Views: 1015

Re: VLANs with SwOS [SOLVED]

Ah, a Layer 1 issue. Glad you got it figured out.
by k6ccc
Thu Sep 16, 2021 6:03 pm
Forum: SwOS
Topic: feature request - https for webui
Replies: 11
Views: 2632

Re: feature request - https for webui

No he is not the OP, but the thread is still valid. SwitchOS does not support any form of secure connectivity - AND IT SHOULD!
by k6ccc
Thu Sep 16, 2021 8:05 am
Forum: SwOS
Topic: feature request - https for webui
Replies: 11
Views: 2632

Re: feature request - https for webui

As has been already stated in this thread - RouterOS can NOT be used on CSS devices.
by k6ccc
Wed Sep 15, 2021 2:09 am
Forum: SwOS
Topic: Default gateway
Replies: 10
Views: 5080

Re: Default gateway

Wow! New post on a 9 year old thread. I have never had any trouble configuring a SwitchOS device from either the same LAN, a different LAN on the same router, or some remote location. As stated earlier in this thread, it just sends traffic back from the same place that it got it. It just works witho...
by k6ccc
Wed Sep 15, 2021 12:29 am
Forum: General
Topic: Feature Request: Firewall Rules visual grouping
Replies: 3
Views: 376

Re: Feature Request: Firewall Rules visual grouping

I thought jump chains were another way of grouping that does what you ask? Jump chains also allows shortening the number of rules that the router has to process for for any given packet. For example a rule that performs some filter jumps to a chain that will have several more rules related to that ...
by k6ccc
Sun Sep 12, 2021 7:24 am
Forum: SwOS
Topic: VLANs with SwOS [SOLVED]
Replies: 5
Views: 1015

Re: VLANs with SwOS [SOLVED]

What you are trying to do is trivially easy in SwOS. I'm not in a position to look at mine as a comparison (and I'm too tired to be sure without looking), but I think you pretty much there.
I wont be able to compare to mine until Monday, but can do so then.
by k6ccc
Fri Sep 10, 2021 1:18 am
Forum: SwOS
Topic: Can't get multiple vlans to talk on one port
Replies: 3
Views: 467

Re: Can't get multiple vlans to talk on one port

The server is plugged into that port but I don't think its interface is vlan aware. Very simple - you can't do it if the server on port 24 is not VLAN aware. In order to get multiple VLANs on the same physical interface, they must be VLAN tagged - one VLAN can be untagged. If the server does not un...
by k6ccc
Tue Sep 07, 2021 6:10 pm
Forum: General
Topic: Multiple winbox logins
Replies: 7
Views: 675

Re: Multiple winbox logins

One thought is that I'm running CAPSMAN and wonder if a telnet session is used to pass info by to CAPS.
I don't use Capsman, but recall reading here on the forum that what you are seeing is normal for a Capsman installation.
by k6ccc
Tue Sep 07, 2021 6:05 pm
Forum: Beginner Basics
Topic: Using a MikroTik Router to manage downport MikroTik Switches
Replies: 6
Views: 588

Re: Using a MikroTik Router to manage downport MikroTik Switches

Figuratively speaking, and if the devices fit, this would probably be the right one for your purposes (note the limits): https://help.mikrotik.com/docs/display/ ... t+Extender
Does not apply to SwitchOS devices.
by k6ccc
Mon Sep 06, 2021 8:26 pm
Forum: Beginner Basics
Topic: Help with choosing an antenna for a rural setting please
Replies: 8
Views: 584

Re: Help with choosing an antenna for a rural setting please

I guess I have even less experience... what is a WISP ?
WISP = Wireless Internet Service Provider
The people that horribly pollute the Part 15 bands (a USA reference).
by k6ccc
Thu Sep 02, 2021 5:17 pm
Forum: Beginner Basics
Topic: Deep Dive MT Switching
Replies: 5
Views: 634

Re: Deep Dive MT Switching

I have been using SwitchOS for years, so fairly good with it (at least the functions I'm using). I'm looking forward to watching the video and learning a few more things...
Thanks guys.
by k6ccc
Thu Sep 02, 2021 2:38 am
Forum: Beginner Basics
Topic: Why is my CAPsMAN network not as good as I hope for?
Replies: 2
Views: 459

Re: Why is my CAPsMAN network not as good as I hope for?

Correct. To export and paste your configuration (and I'm assuming you are using WebFig or Winbox), open a terminal window, and type (without the quotes) "/export hide-sensitive file=any-filename-you-wish". Then open the files section and right click on the filename you created and select d...
by k6ccc
Tue Aug 31, 2021 5:35 pm
Forum: Beginner Basics
Topic: Setting static device ip
Replies: 20
Views: 1364

Re: Setting static device ip

I'm not the one who posted that this should have nothing to do with your ISP - but I completely agree with the statement. As for posting your configuration - To export and paste your configuration (and I'm assuming you are using WebFig or Winbox), open a terminal window, and type (without the quotes...
by k6ccc
Sun Aug 29, 2021 8:48 pm
Forum: Beginner Basics
Topic: VLAN by MAC Address - RB5009ug+s+in
Replies: 4
Views: 663

Re: VLAN by MAC Address - RB5009ug+s+in

My APs don't support VLAN tagging per SSID. I'm thinking to have a separated VLAN for IoT to keep my network a little more secure than it is.
Just curious what APs you are using that support multiple SSIDs, but not VLANs?
by k6ccc
Sun Aug 29, 2021 8:35 pm
Forum: Beginner Basics
Topic: Setting static device ip
Replies: 20
Views: 1364

Re: Setting static device ip

I just tried it to make sure you did not just discover a bug in 3.29. Worked fine for me. As soon as I click "Make Static" in the device popup box, the D cleared. The other way to make it static in Winbox is to right click on it and select Make Static in the resulting menu (the bottom entr...
by k6ccc
Sun Aug 29, 2021 8:28 pm
Forum: Beginner Basics
Topic: VLANs - different address on different ports
Replies: 43
Views: 2192

Re: VLANs - different address on different ports

@mikrotikshell What you are doing with your hEX is almost exactly what I am doing with mine except that I do have one port that is a VLAN trunk for a few additional LANs. The router is exclusively functioning as a router and all the switch functions are being handled in separate switches. Therefore ...
by k6ccc
Sat Aug 28, 2021 8:46 pm
Forum: Beginner Basics
Topic: 2,4 GHz / Home AP Dual missing
Replies: 11
Views: 1222

Re: 2,4 GHz / Home AP Dual missing

I updated software to the newest version Never ever utter that sentence. Always specify what version. For all you know a new version will come out five minutes after you make the statement, and sometimes answers to questions are very dependent on the actual version. OK, you can utter that sentence ...
by k6ccc
Sat Aug 28, 2021 8:40 pm
Forum: Beginner Basics
Topic: Edit - Disregard, was using on Beta Firmware.............
Replies: 6
Views: 774

Re: DO NOT POST WINBOX CONFIGS 3.29 GUI PHUCK-UP

Hi Anav I just tried this using Winbox 3.29 export hide-sensitive file=name and my observation is that all SYSTEM passwords are not seen but any password in scripts are exposed. I do not currently remember if RoS also encrypts passwords in scripts .... but SYSTEM Passwords are not visible on my RSC...
by k6ccc
Sat Aug 28, 2021 8:38 pm
Forum: Beginner Basics
Topic: Edit - Disregard, was using on Beta Firmware.............
Replies: 6
Views: 774

Re: DO NOT POST WINBOX CONFIGS 3.29 GUI PHUCK-UP

What does Winbox version have to do with CLI?
I was kinda wondering the same thing...
by k6ccc
Sat Aug 28, 2021 8:36 pm
Forum: Beginner Basics
Topic: Quickset CPE Mode [SOLVED]
Replies: 4
Views: 675

Re: Quickset CPE Mode [SOLVED]

As far as I know there is not, but you COULD do something like an export prior to any changes, then another export after changes. Download both and use the compare feature in NotePad++ to see the differences. However hopefully you know what changes you made while in Safe mode.
by k6ccc
Sat Aug 28, 2021 6:12 am
Forum: Beginner Basics
Topic: Edit - Disregard, was using on Beta Firmware.............
Replies: 6
Views: 774

Re: DO NOT POST WINBOX CONFIGS 3.29 GUI PHUCK-UP

I'm not sure I have a good reference, but I just opened WinBox 3.29 under Windows 10 on my RB4011iGS+ running 6.48.3. Did an /export hide-sensitive file=test. I then did it again without hide-sensitive. Then downloaded both files and opened both with Notepad ++ and am using the file compare function...
by k6ccc
Sat Aug 28, 2021 5:48 am
Forum: Beginner Basics
Topic: Best budget Mikrotik router for 30-50 sub routers
Replies: 4
Views: 723

Re: Best budget Mikrotik router for 30-50 sub routers

Your description is a little vague. Do you need a router that has WiFi built in or is your WiFi separate from the router?
by k6ccc
Fri Aug 27, 2021 7:39 pm
Forum: Beginner Basics
Topic: Quickset CPE Mode [SOLVED]
Replies: 4
Views: 675

Re: Quickset CPE Mode [SOLVED]

And once you make ANY change outside of Quickset - NEVER EVER touch QuickSet again.

Also, when you do start making changes outside of QuickSet "Safe" mode is your friend.
by k6ccc
Fri Aug 27, 2021 7:36 pm
Forum: SwOS
Topic: Suggested VLAN configuration
Replies: 2
Views: 950

Re: Suggested VLAN configuration

Your description of what you want is a little odd, but let's go with that. I don't really understand what you mean by having one port as Management, but another port that is a Management VLAN that spans all ports. I have posted a couple of screen captures of my CSS106. I included a link to the photo...
by k6ccc
Wed Aug 25, 2021 6:45 pm
Forum: Beginner Basics
Topic: Private to Private NAT
Replies: 5
Views: 609

Re: Private to Private NAT

I have a existing network on 192.168.0.1. I have two devices I would like to test and communicate with. These units both are static IPs at 192.168.1.1 from the factory. To change these to unique IPs will mean code rewrite and custom FPGA images. Whoever designed a piece of equipment that is hard co...
by k6ccc
Wed Aug 25, 2021 6:35 pm
Forum: Beginner Basics
Topic: Criticize my topology
Replies: 7
Views: 694

Re: Criticize my topology

The biggest question is how much traffic will this network need to handle. What I mean by that is for example, how fast is the internet connection? How many client devices will there be? Will clients be WiFi or wired. Will the clients be primarily communicating with the internet or with local servic...
by k6ccc
Wed Aug 25, 2021 4:28 pm
Forum: General
Topic: Could I open winbox via file extension?
Replies: 11
Views: 747

Re: Could I open winbox via file extension?

I cannot directly launch c: \ winbox.exe 1.1.1.1, for obvious security reasons preset on all browsers.
Your statement does not make sense. Winbox and web browser don't relate.
by k6ccc
Wed Aug 25, 2021 2:18 am
Forum: SwOS
Topic: How remove a port from a Lacp group
Replies: 1
Views: 776

Re: How remove a port from a Lacp group

For each port that you want to remove from the LACP group, change the mode from "Active" or "Static" to "Passive" on the switches at both ends in the LAG tab.
by k6ccc
Wed Aug 25, 2021 2:00 am
Forum: General
Topic: MIKROTIK RB4011iGS+RM, reset of routeros [SOLVED]
Replies: 4
Views: 602

Re: MIKROTIK RB4011iGS+RM, reset of routeros [SOLVED]

Not familiar with the "30-30-30" method, but this Wiki page gives the reset procedures: https://wiki.mikrotik.com/wiki/Manual:Reset Netinstall can be quite picky. Having done so recently with a LHG link radio, I can tell you that the procedure worked after resolving a Windows firewall issu...
by k6ccc
Wed Aug 25, 2021 1:25 am
Forum: Beginner Basics
Topic: 2,4 GHz / Home AP Dual missing
Replies: 11
Views: 1222

Re: 2,4 GHz / Home AP Dual missing

And if you make ANY changes in WebFig, Winbox, or a terminal - NEVER EVER touch Quick Set again.
by k6ccc
Wed Aug 25, 2021 12:05 am
Forum: Announcements
Topic: WinBox v3.29 released!
Replies: 114
Views: 11541

Re: WinBox v3.29 released!

Please reverse your change that moved close below start in all the tools. PLEASE keep stop below start. It has wasted a significant amount of time already
That one I would agree with - as in putting Stop below Start...
by k6ccc
Tue Aug 24, 2021 9:22 pm
Forum: General
Topic: Could I open winbox via file extension?
Replies: 11
Views: 747

Re: Could I open winbox via file extension?

winbox accepts command line parameters, what you could do is run a shell script that reads a text file and executes winbox with IP address taken from the text file as command line parameter. Gee, I learned a second thing new about Winbox today! Must be my lucky day. Actually I think I did know that...
by k6ccc
Tue Aug 24, 2021 9:07 pm
Forum: General
Topic: Could I open winbox via file extension?
Replies: 11
Views: 747

Re: Could I open winbox via file extension?

I have no idea what you mean by " 'connect to' camp ", however I think I understand what you are asking. Do you mean that you want a windows file that you can execute that will open Winbox and automatically connect to some particular router? That as opposed to the normal opening of Winbox ...
by k6ccc
Tue Aug 24, 2021 8:53 pm
Forum: Beginner Basics
Topic: How not to specify all tagged ports for each VLAN bridge?
Replies: 2
Views: 367

Re: How not to specify all tagged ports for each VLAN bridge?

I like my solution to that. I do all switching in CSS326 switches running SwitchOS where it is really easy. The routers do not do any switch functions at all - only routing.
by k6ccc
Tue Aug 24, 2021 6:55 pm
Forum: Announcements
Topic: WinBox v3.29 released!
Replies: 114
Views: 11541

Re: WinBox v3.29 released!

Previously, when running Torch and double-clicking a line in the results, Torch was stopped and IP address under mouse cursor copied to corresponding field (src. or dst. address) where it was easily accessible. Now I can't repeat that. Is it WinBox 3.29 or my MacOS?.. Never knew about that capabili...
by k6ccc
Tue Aug 24, 2021 5:33 pm
Forum: General
Topic: The static address list is lost after the reboot.
Replies: 4
Views: 394

Re: The static address list is lost after the reboot.

I don't have anywhere near that number of addresses in the firewall address lists on either of my MT routers (less than 100 entries), but have never experienced entries being lost after a reboot, firmware update, etc.
by k6ccc
Tue Aug 24, 2021 5:11 pm
Forum: General
Topic: The static address list is lost after the reboot.
Replies: 4
Views: 394

Re: The static address list is lost after the reboot.

Do you mean Static DHCP addresses, a firewall address list, or something else?
by k6ccc
Tue Aug 24, 2021 6:25 am
Forum: Announcements
Topic: WinBox v3.29 released!
Replies: 114
Views: 11541

Re: WinBox v3.29 released!

I think it is an important bug. I use Linux and wine, but others have confirmed that the problem also occurs under Windows.

@pe1chi - Unable to duplicate on either Windows 7 or Windows 10.
by k6ccc
Mon Aug 23, 2021 3:52 am
Forum: Beginner Basics
Topic: Replies coming from Router instead of host
Replies: 2
Views: 796

Re: Replies coming from Router instead of host

Yea, hard to follow from your description. A drawing with how everything is connected would help.
Also, export your configurations and post.
by k6ccc
Tue Aug 17, 2021 6:38 am
Forum: Beginner Basics
Topic: help chasing down a timing-related firewall issue?
Replies: 4
Views: 829

Re: help chasing down a timing-related firewall issue?

Actually Anav did provide useful information. He asked you to export your config and post it. Otherwise we're only guessing.
by k6ccc
Fri Aug 13, 2021 5:20 pm
Forum: Beginner Basics
Topic: monthly data per IP
Replies: 11
Views: 1138

Re: monthly data per IP

K6ccc, i have graphing enabled for some interfaces but it does not give totals? Max In: 3.46Mb; Average In: 1.14Mb; Current In: 311.58Kb; Max Out: 33.96Mb; Average Out: 7.15Mb; Current Out: 5.23Mb; Am i overlooking a way to add the totals to the graphing ? (indeed it would be a nice way to do it) C...
by k6ccc
Fri Aug 13, 2021 12:22 am
Forum: Beginner Basics
Topic: monthly data per IP
Replies: 11
Views: 1138

Re: monthly data per IP

Take a look at graphing. You can limit access to a single IP address for each queue. The end user can see it as a simple web page.
Not very high tech, but might accomplish what you want.
by k6ccc
Wed Aug 11, 2021 2:15 am
Forum: Beginner Basics
Topic: RB750G no traffic on VLAN interface
Replies: 5
Views: 642

Re: RB750G no traffic on VLAN interface

Unless you have significant traffic within the same VLAN on different ethernet ports it is much simpler to use a VLAN-aware bridge. None of my routers have any traffic between different Ethernet ports on the same VLAN because there are none. Routers are used exclusively as routers and switches are ...
by k6ccc
Fri Aug 06, 2021 11:06 pm
Forum: Beginner Basics
Topic: Can't connect to this network on Windows10
Replies: 2
Views: 513

Re: Can't connect to this network on Windows10

Start by testing to rule out a WiFi issue. Hook an ethernet cable from a router LAN port to your computer and see if that works.

Next step is to export your configuration and post it here (in a code block).
by k6ccc
Mon Aug 02, 2021 9:46 am
Forum: General
Topic: Need for external antennas!!!
Replies: 3
Views: 395

Re: Need for external antennas!!!

If what you mean is that the radios in the inside router would send the radio signal up the tower to an SXT mounted at the top of a tall tower - not gonna work. Radio signals in cables at the frequencies you are asking about have very high attenuation. In other words, even with a fairly small tower ...
by k6ccc
Fri Jul 09, 2021 2:11 am
Forum: General
Topic: VLAN Translation
Replies: 3
Views: 460

Re: VLAN Translation

Never tried it, but you likely could have one port that has VLAN 1 as untagged and another port that has the other desired VLAN as untagged. Then run a cable between the two ports. I have never tried that, but I have heard of that being done.
by k6ccc
Thu Jul 08, 2021 11:30 pm
Forum: Beginner Basics
Topic: Access to Router in LAN2
Replies: 5
Views: 790

Re: Access to Router in LAN2

Please tell me that all the various routers EXCEPT the RB4011 are only being used as managed switches and not routers. Unless I am badly missing something, if you are doing ANY routing function in the rest of the routers, you are only making your life more complex. And I can't help you much on the c...
by k6ccc
Wed Jul 07, 2021 6:04 pm
Forum: Beginner Basics
Topic: Access to Router in LAN2
Replies: 5
Views: 790

Re: Access to Router in LAN2

Can you provide a drawing of how all this is hooked up?
by k6ccc
Wed Jul 07, 2021 6:02 pm
Forum: Beginner Basics
Topic: How do I start troubleshooting an "I - invalid" configuration?
Replies: 8
Views: 720

Re: How do I start troubleshooting an "I - invalid" configuration?

You gave us almost no information to go on. As mkx said, the logs MIGHT help, but don't count on it - a lot of stuff is not logged unless you tell it to be. Since you gave us no information to go on, about all I can suggest is to read the docs for the command or setting you are getting the invalid i...
by k6ccc
Sun Jul 04, 2021 2:42 am
Forum: Beginner Basics
Topic: Home LAN/WiFi/Guest WiFi/IoT devices advice needed
Replies: 13
Views: 1028

Re: Home LAN/WiFi/Guest WiFi/IoT devices advice needed

My recommendation would be to get some new access points that understand VLANs. Personally I am using Meraki - which are getting fairly inexpensive on the used market - but the management service is rather expensive. Works really well at my house. I can run up to 15 SSIDs (not that I would need anyw...
by k6ccc
Sun Jul 04, 2021 2:17 am
Forum: Beginner Basics
Topic: Home LAN/WiFi/Guest WiFi/IoT devices advice needed
Replies: 13
Views: 1028

Re: Home LAN/WiFi/Guest WiFi/IoT devices advice needed

however the APs can't. That's one of my issues. The same AP would provide access for both the regular and the guest WiFi so I don't have any idea how to tell them apart. Yes, you have a problem. Unless there is some magic I don't know about, you need to either have access points that understand VLA...
by k6ccc
Fri Jul 02, 2021 6:09 pm
Forum: Beginner Basics
Topic: Sailboat secondary Router issue
Replies: 10
Views: 795

Re: Sailboat secondary Router issue

I Want to make sure I have the data flow correctly. The Grove is being used as a WiFi client and it connects to the Marina WiFi as your internet source. The Grove is operating as a router and providing a LAN connection directly to the GL-B1300 on the 192.168.88.x subnet. The GL-B3100 is also operati...
by k6ccc
Wed Jun 30, 2021 1:15 am
Forum: General
Topic: ARP Ping
Replies: 13
Views: 629

Re: ARP Ping

Damn, I had a really nice response all typed up and it went into oblivion...

Short answer is that I will work with checking DHCP status with a short lease time. Thanks for that suggestion.
by k6ccc
Wed Jun 30, 2021 12:09 am
Forum: General
Topic: ARP Ping
Replies: 13
Views: 629

Re: ARP Ping

Rextended is on the right track, but confirm that this is not actually pinging the device, but rather querying the ARP table? The reason I ask is because I was getting 0mSec response time - which over my WiFi does not make sense for pinging the device. Further I did a test shown below where I was AR...
by k6ccc
Tue Jun 29, 2021 11:13 pm
Forum: General
Topic: ARP Ping
Replies: 13
Views: 629

Re: ARP Ping

I should have been more specific - and titled this thread a bit different.... Your last screen capture (klembord-2.jpg) was exactly what I was doing when trying from the WinBox ping command. I have tried it both with and without the "ARP Ping" checkbox set. Same result - timeout on every d...
by k6ccc
Tue Jun 29, 2021 9:32 pm
Forum: General
Topic: ARP Ping
Replies: 13
Views: 629

ARP Ping

Hi all, I have a script that does a flood-ping to all of my IoT devices once an hour and sends me an E-Mail if one does not respond. This works just fine EXCEPT for my Amazon Echo devices which do not respond to an ICMP ping. Doing some searching around, someone suggested using an ARP Ping rather th...
by k6ccc
Sat Jun 26, 2021 11:49 pm
Forum: Beginner Basics
Topic: zoom firewall settings
Replies: 5
Views: 715

Re: zoom firewall settings

Hello, Can you please check the post I stuck in my config.

Please don't cross post to a totally unrelated subject.
by k6ccc
Thu Jun 24, 2021 8:25 pm
Forum: General
Topic: So why do I want to run ROS on a Switch when SWOS is just fine?
Replies: 17
Views: 1428

Re: So why do I want to run ROS on a Switch when SWOS is just fine?

A switch is a switch and a switch and a router is a router. Different hardware for different jobs. Yes, you can make a router play switch, but not the other way around.
by k6ccc
Thu Jun 24, 2021 7:45 am
Forum: SwOS
Topic: swOS on css326 lag not working
Replies: 2
Views: 1758

Re: swOS on css326 lag not working

With no other details, my first guess is that you are creating a loop that is not configured properly for a LAG on one end or the other. At least until you get the LAG working, enable RSTP so that at the least the loop will be killed quickly. I can tell you that LAG does work on the CSS326 (I have d...
by k6ccc
Thu Jun 24, 2021 1:39 am
Forum: General
Topic: So why do I want to run ROS on a Switch when SWOS is just fine?
Replies: 17
Views: 1428

Re: So why do I want to run ROS on a Switch when SWOS is just fine?

Lack of administration via encryted channels (TLS, ssh) is a downside of SWOS.
Agreed, but I only access it on a local management LAN that normal people can't access (at least not without a lot of effort).
by k6ccc
Wed Jun 23, 2021 5:33 pm
Forum: General
Topic: So why do I want to run ROS on a Switch when SWOS is just fine?
Replies: 17
Views: 1428

Re: So why do I want to run ROS on a Switch when SWOS is just fine?

Here's my two cents on it. I run my two MT routers strictly as routers, and I have five MT switches that perform all switching function. The switches run SwitchOS (including one CRS326 that was shipped to me in error instead of a CSS326) and the routers of course run RouterOS. I like SwOS for it's s...
by k6ccc
Sun Jun 20, 2021 8:43 pm
Forum: SwOS
Topic: Understanding how traffic travels through MikroTik on SWoS
Replies: 2
Views: 1582

Re: Understanding how traffic travels through MikroTik on SWoS

Your description and drawing don't match, so it's really hard to tell what you are trying to do.
by k6ccc
Sat Jun 19, 2021 2:16 am
Forum: General
Topic: router was rebooted without proper shutdown
Replies: 1
Views: 313

Re: router was rebooted without proper shutdown

Power loss would be my first guess.
by k6ccc
Sat Jun 19, 2021 2:07 am
Forum: SwOS
Topic: SwOS LAG work? on VLANS
Replies: 4
Views: 1579

Re: SwOS LAG work? on VLANS

Let me make sure I understand what you want. You want untagged traffic over a LAG. When I was testing a LAG on two of my switches, I think I tested that and it worked fine. I don't see any reason that it would not.
by k6ccc
Wed Jun 16, 2021 6:24 pm
Forum: SwOS
Topic: Missing information in GUI tabs CSS326-24G-2S+
Replies: 2
Views: 1352

Re: Missing information in GUI tabs CSS326-24G-2S+

Correct. You have to add them.
by k6ccc
Sun Jun 13, 2021 2:53 am
Forum: SwOS
Topic: CSS610-8G-2S+IN No Link on SFP+ with Intel X520
Replies: 44
Views: 7452

Re: CSS610-8G-2S+IN No Link on SFP+ with Intel X520

Just as a useful tidbit. Hate to tell you this, but SFPs are not as universal as the SFP people would like you to believe. Some devices are VERY picky about SFPs (HP switches come to mind - I know there are others). Best bet is to use the SFPs that are recommended by the manufacturer of the device y...
by k6ccc
Sat Jun 12, 2021 6:19 am
Forum: SwOS
Topic: RSTP and LACP
Replies: 1
Views: 1349

Re: RSTP and LACP

I guess you did not like my answer on the other thread. Looking at my two RB260 switches, there is no indication of LAG support on either version. As for RTSP, the older RB260GS with SwitchOS version 1.6 does not have any indication of RTSP support, However the newer CSS106-5G-1S with SwitchOS versi...
by k6ccc
Fri Jun 11, 2021 7:36 am
Forum: SwOS
Topic: LAG (LACP) or RSTP or both???
Replies: 20
Views: 11407

Re: LAG (LACP) or RSTP or both???

Hi, How does one enable LAGP in rb260GS (link aggregration) First of all, are you talking about the old RB260GS with version 1.x firmware or the new CSS106-5G-1S (still called the RB260GS) with version 2.x firmware? I have one of each, and I don't see any settings for LAG on either one. Makes me th...
by k6ccc
Wed Jun 09, 2021 6:16 pm
Forum: SwOS
Topic: Management VLAN?
Replies: 2
Views: 1721

Re: Management VLAN?

Take a look at the System tab. Note the "Allow From", "Allow From Ports", and "Allow from VLAN" selections. Allow From lets you enter an IP address that is the only IP allowed to connect. Allow From Ports specifies which ports on the switch that connection can came into...
by k6ccc
Wed Jun 09, 2021 6:06 pm
Forum: General
Topic: port forwarding restrictions
Replies: 9
Views: 669

Re: port forwarding restrictions

...yes you should be crazy and should move up to Canada ;-)
Too cold.
by k6ccc
Wed Jun 09, 2021 4:27 am
Forum: General
Topic: port forwarding restrictions
Replies: 9
Views: 669

Re: port forwarding restrictions

OK, I'm not losing my mind. I have used individual IPs in most situations and it appeared to be working fine.
by k6ccc
Wed Jun 09, 2021 12:15 am
Forum: General
Topic: port forwarding restrictions
Replies: 9
Views: 669

Re: port forwarding restrictions

This is good because as soon as you add a source address list, when one does a scan of their ports, the port does not appear at all. Without the source address list if you scan your ports, the dst nat port is visible but closed. I prefer invisible LOL. Anav, I want to clarify something about what y...
by k6ccc
Tue Jun 08, 2021 6:31 pm
Forum: Beginner Basics
Topic: Setting Up small home network with MikroTik hEX RB750Gr3
Replies: 20
Views: 2098

Re: Setting Up small home network with MikroTik hEX RB750Gr3

What you want to do is really quite straight forward for VLAN use. The link that anav posted is a good start. I am doing a similar concept (more stuff and more VLANs however) at my house with the same RB750Gr3 router. Can I assume that all your WiFi APs are UBNT? Are they VLAN aware? I am a strong s...
by k6ccc
Sat Jun 05, 2021 9:39 pm
Forum: SwOS
Topic: Minor issue with login interface and a pwd manager
Replies: 11
Views: 1907

Re: Minor issue with login interface and a pwd manager

I thought you were meant you were using some addon password manager in FireFox - hence my reference to a "real" password manager. My confusion - sorry
Actually the PWM that I use recently added a plugin for Firefox, but I have no real interest in using it.
by k6ccc
Sat Jun 05, 2021 8:42 pm
Forum: SwOS
Topic: Minor issue with login interface and a pwd manager
Replies: 11
Views: 1907

Re: Minor issue with login interface and a pwd manager

I use a real password manager and not a Firefox plugin. I only have a small number of things that have the password stored in FireFox, and those do not sync across devices. I do have my MT switches password stored so I only have to press enter, but for most stuff, I copy from the PWM and paste in to...
by k6ccc
Fri Jun 04, 2021 9:49 pm
Forum: SwOS
Topic: Minor issue with login interface and a pwd manager
Replies: 11
Views: 1907

Re: Minor issue with login interface and a pwd manager

I use Firefox as my preferred browser on this Windows 10 computer as well. I have Firefox set to remember the password for my MT switches, and like bpwl, I connect to the switch IP and the login window pops up already filled in, and I just hit enter and I'm in. Not using any plugin - just standard F...
by k6ccc
Mon May 31, 2021 8:26 pm
Forum: Beginner Basics
Topic: Limit a particular client to only communicate with another client on LAN
Replies: 3
Views: 377

Re: Limit a particular client to only communicate with another client on LAN

Filtering devices that are on the same LAN is tough because they are generally not going through the router. However if you create a separate VLAN for the NVR, it is easy in firewall rules to allow and disallow what can get to what.
by k6ccc
Mon May 31, 2021 8:11 pm
Forum: Beginner Basics
Topic: Setting up VLAN/Firewall with Mikrotik Router (RB4011)
Replies: 5
Views: 710

Re: Setting up VLAN/Firewall with Mikrotik Router (RB4011)

What you are proposing is fairly straight forward. It is no problem to set up firewall rules so that either all or selected devices on your private or management VLAN can get to either IoT or Kids VLAN devices to manage them, but those two VLANs for example can only get to the internet - I do that a...
by k6ccc
Mon May 31, 2021 2:07 am
Forum: Beginner Basics
Topic: Broadcast reply stuck in other address range
Replies: 3
Views: 547

Re: Broadcast reply stuck in other address range

Don't claim to be the expert here, but as I understand it, broadcast only works on the local subnet. In other words, it will not route.
by k6ccc
Fri May 28, 2021 10:37 pm
Forum: Scripting
Topic: Export in script bombing after update to 6.48.2 [SOLVED]
Replies: 5
Views: 1437

Re: Export in script bombing after update to 6.48.2 [SOLVED]

From the changelog: *) console - require "write+ftp" permissions for exporting configuration to file; Thanks! That was it. I had not caught that in when I read the release notes. And per the request, here is the full script: # Policies needed: ftp, read, policy, sensitive, test, write # P...
by k6ccc
Fri May 28, 2021 9:27 pm
Forum: General
Topic: Winbox glitch
Replies: 15
Views: 1959

Re: Winbox glitch

Never experienced this. Just tried every example cited in this thread and could not duplicate it on a RB750r2 or RB750Gr3 - both running 6.48.2 and WinBox 3.27 on a Dell desktop running Windows 10.
by k6ccc
Fri May 28, 2021 9:18 pm
Forum: Beginner Basics
Topic: Problem routing traffic from one lan to another
Replies: 6
Views: 786

Re: Problem routing traffic from one lan to another

Since you only gave a few details, the most obvious issue is your 219 subnet on the router is /24, and it is trying to communicate with devices outside that subnet IP range. Other than that, you did not give enough details. Export and post your config. If there are more devices involved, a network d...
by k6ccc
Fri May 28, 2021 8:01 pm
Forum: Scripting
Topic: Export in script bombing after update to 6.48.2 [SOLVED]
Replies: 5
Views: 1437

Export in script bombing after update to 6.48.2 [SOLVED]

I have a RB750r2 and a RB750Gr3 that each have a script that creates a backup, export, and version listing. The three files are then sent off site for archive. This script is run by schedule every night. These have worked perfectly for years. A few weeks ago, both routers were updated to 6.48.2 and ...
by k6ccc
Fri May 28, 2021 6:49 pm
Forum: General
Topic: Multiple Public IP from one interface
Replies: 4
Views: 544

Re: Multiple Public IP from one interface

When my DSL provider gave me up to eight addresses, I did pretty much what you want. I had several LANs and each one would use a different IP on the WAN side. ETH 1 - Internet connection with four static addresses (for example a.b.c.61, a.b.c.94, a.b.c.145, a.b.c.216) ETH 2 - .201 LAN - 192.168.201....
by k6ccc
Wed May 26, 2021 1:20 am
Forum: SwOS
Topic: [Bug?]PPPOE over VLAN not work
Replies: 3
Views: 2162

Re: [Bug?]PPPOE over VLAN not work

My first guess is a tagged vs untagged port issue Is the VLAN 620 coming from the cable modem, or is that just a VLAN you are using for transport? In other words, is the traffic from the cable modem VLAN tagged or is it untagged? Same thing at the other end - is the traffic being handed off to the R...
by k6ccc
Wed May 26, 2021 12:46 am
Forum: General
Topic: How to setup a server to use a Public IP address inside the network without using NAT
Replies: 5
Views: 680

Re: How to setup a server to use a Public IP address inside the network without using NAT

Run your internet into a dumb switch Take one output from that switch and run into the WAN port of your MT router and configured it with one of your /29 addresses - for example x.y.z.2. Connect your outside server to another port of that dumb switch and give it a different address in the /29 range -...
by k6ccc
Wed May 26, 2021 12:31 am
Forum: Beginner Basics
Topic: How much range does a router have?
Replies: 3
Views: 518

Re: How much range does a router have?

I like some of the humor answers...
Routers don't have range - access points do.
Not enough information to give an answer.
by k6ccc
Fri May 21, 2021 11:59 pm
Forum: SwOS
Topic: Issues with creating VLAN's
Replies: 2
Views: 1429

Re: Issues with creating VLAN's

I run VLANs on multiple switches running SwitchOS. I want to make sure I understand what you are trying to accomplish. I sort of think you want a device each of the SFP ports that will have untagged traffic and only communicate with each other. Is that correct? This description being opposite to a V...
by k6ccc
Mon May 17, 2021 7:03 am
Forum: SwOS
Topic: SwOS
Replies: 1
Views: 1686

Re: SwOS

Not that I know of. I saw your other post and replied.
by k6ccc
Thu May 13, 2021 4:34 pm
Forum: Beginner Basics
Topic: Managing /29 network
Replies: 8
Views: 1074

Re: Managing /29 network

I have a MikroTik RB4011iGS+ running 6.45.9.

Note that 6.45.9 is quite elderly. Is there a reason that you are running such an old version of RouterOS?
Your concern is that the router will be public facing, correct?
No - in general.
by k6ccc
Sat May 08, 2021 8:40 pm
Forum: General
Topic: WeBfig as default page in the management page [SOLVED]
Replies: 3
Views: 601

Re: WeBfig as default page in the management page [SOLVED]

Same here. I don't normally use WebFig (I usually use WinBox), but I just logged into my RB750Gr3 with 6.47.8 and it went right into WebFig.
by k6ccc
Thu May 06, 2021 6:04 pm
Forum: Beginner Basics
Topic: Managing /29 network
Replies: 8
Views: 1074

Re: Managing /29 network

I have a MikroTik RB4011iGS+ running 6.45.9.

Note that 6.45.9 is quite elderly. Is there a reason that you are running such an old version of RouterOS?
by k6ccc
Thu May 06, 2021 5:56 pm
Forum: Beginner Basics
Topic: Block New Dynamic Leases [Help] [SOLVED]
Replies: 12
Views: 1354

Re: Block New Dynamic Leases [Help] [SOLVED]

thank you.. it seems i cannot find Address Pool in Filter Rules. i can drop specific addresses but i cant find address pool . IP Pool is not in rules. I use WinBox most of the time, so this screen capture should help: http://extraphotos.info/mikrotik/IP_pool.png If in a terminal window, see here: /...
by k6ccc
Tue May 04, 2021 5:59 pm
Forum: Announcements
Topic: SwOS version 2.13 released!
Replies: 48
Views: 27034

Re: SwOS version 2.13 released!

I managed to get my 4 CSS106 switches to upgrade to FW2.13 ... the culprit seems that (at least mine) don't like to get upgraded while having allowing access only from VLAN 99 ... during upgrade it somewhere looses the VLAN config and it wants to connect over default vlan ( 1 ) ... disabling the ac...
by k6ccc
Sun May 02, 2021 8:58 pm
Forum: Beginner Basics
Topic: Block New Dynamic Leases [Help] [SOLVED]
Replies: 12
Views: 1354

Re: Block New Dynamic Leases [Help] [SOLVED]

If you have a DHCP server that has no IP pool (or no addresses in the pool), it will be unable to issue dynamic addresses. However it can happily hand out static addresses (some systems call that DHCP reservations) to known MAC addresses. So it you need to add a device, create a new static address i...
by k6ccc
Sun May 02, 2021 8:47 pm
Forum: Announcements
Topic: SwOS version 2.13 released!
Replies: 48
Views: 27034

Re: SwOS version 2.13 released!

Of my two CSS106 switches (one CSS106-5G-1S, and one CSS106-1G-4P-1S), the POE version has RSTP turned on (only because it defaulted that way and I never turned it off) and the non-POE version has RSTP turned off for all ports - neither needs RSTP. Both upgraded just fine from 2.12 to 2.13 via the &...
by k6ccc
Sat May 01, 2021 8:11 pm
Forum: Announcements
Topic: SwOS version 2.13 released!
Replies: 48
Views: 27034

Re: SwOS version 2.13 released!

After running 2.13 on three of my minor switches for the past day and a half, I just updated my two main CSS326-24G-2S+ via the "Download & Upgrade" button. Both took the upgrade just fine with only one or two pings to 8.8.8.8 dropped on each one.
Everything appears to be working fine.
by k6ccc
Sat May 01, 2021 7:38 am
Forum: Beginner Basics
Topic: Block New Dynamic Leases [Help] [SOLVED]
Replies: 12
Views: 1354

Re: Block New Dynamic Leases [Help] [SOLVED]

What are you trying to accomplish? Do you want to have no DHCP client, or only certain ones, or something else?
by k6ccc
Fri Apr 30, 2021 7:30 am
Forum: Announcements
Topic: SwOS version 2.13 released!
Replies: 48
Views: 27034

Re: SwOS version 2.13 released!

Upgraded the following without incident via the "download & upgrade" button:
CRS326-24G-2S+ (running under SwitchOS)
CSS106-5G-1S
CSS106-1G-4P-1S

I'm holding off on my two CSS326-24G-2S+ main switches for a few days to make sure 2.13 is stable.
by k6ccc
Tue Apr 20, 2021 2:58 am
Forum: Scripting
Topic: An equivalent of GoSub? [SOLVED]
Replies: 3
Views: 1043

Re: An equivalent of GoSub? [SOLVED]

Thanks Jotne. Took a little effect, but made it work for my simple purposes.
by k6ccc
Fri Apr 16, 2021 8:23 am
Forum: Scripting
Topic: An equivalent of GoSub? [SOLVED]
Replies: 3
Views: 1043

Re: An equivalent of GoSub? [SOLVED]

Thanks Jotne. I'm gonna have to do some reading and playing with that when I'm awake (not enough for that right now). Maybe tomorrow...
by k6ccc
Fri Apr 16, 2021 5:51 am
Forum: SwOS
Topic: Can I use scripts on SwOS?
Replies: 2
Views: 2454

Re: Can I use scripts on SwOS?

Correct. No scripts in SwOS.
by k6ccc
Fri Apr 16, 2021 3:01 am
Forum: General
Topic: High Density Scenario - 30k client
Replies: 7
Views: 736

Re: High Density Scenario - 30k client

Can I guess that this is some type of show or event where you will be providing WiFi to attendees that need access to the internet and nothing else? And what is your internet access? Bandwidth, media, single or multiple IPs?
by k6ccc
Thu Apr 15, 2021 8:48 pm
Forum: Scripting
Topic: An equivalent of GoSub? [SOLVED]
Replies: 3
Views: 1043

An equivalent of GoSub? [SOLVED]

I fully admit that I don't use scripting much in RouterOS. I do have a few that either I directly used from this section of the forum, or took from here and modified for my own purposes. I barely can function on my own... Does RouterOS scripting language have an equivalent of a GoSub command? I coul...
by k6ccc
Tue Apr 13, 2021 6:29 pm
Forum: Beginner Basics
Topic: Two ISPs over single point-to-point link
Replies: 2
Views: 478

Re: Two ISPs over single point-to-point link

Set up each internet service as a separate VLAN. The UBNT MW link will carry VLANs just fine. Also if you are not aware of it, you can set the UBNT MW to only respond to a certain VLAN for management of it. My UBNT link here only monitors my VLAN 203 - but is passing 15 VLANs. BTW, thanks for the dr...
by k6ccc
Fri Apr 09, 2021 2:17 am
Forum: Beginner Basics
Topic: 751 GR3
Replies: 1
Views: 298

Re: 751 GR3

Fire up WinBox and see if you can access it via MAC address.
by k6ccc
Thu Apr 08, 2021 2:26 am
Forum: Beginner Basics
Topic: Mikrotik Switch - it is not a switch?
Replies: 30
Views: 2860

Re: Mikrotik Switch - it is not a switch?

If it's like most Mikrotik routers, with the default configuration, port 1 will be configured as the WAN port and everything else connected in a bridge. CRS switches has different default configuration. All ports bridged, and, if I remember correctly, a static IP assigned to that bridge. So much fo...
by k6ccc
Thu Apr 08, 2021 2:03 am
Forum: Beginner Basics
Topic: Mikrotik Switch - it is not a switch?
Replies: 30
Views: 2860

Re: Mikrotik Switch - it is not a switch?

If it's like most Mikrotik routers, with the default configuration, port 1 will be configured as the WAN port and everything else connected in a bridge. Therefore, all ports EXCEPT port 1 should be able to function as if it was a dumb switch. Make sure you are not trying to use port 1 until you chan...
by k6ccc
Mon Apr 05, 2021 7:58 am
Forum: General
Topic: Multicast flood
Replies: 13
Views: 1012

Re: Multicast flood

Run your HDMI over Ethernet in Unicast rather than multicast - provided that the hardware is capable of that. Solves your multicast flood if it's not running multicast..
by k6ccc
Mon Apr 05, 2021 5:16 am
Forum: General
Topic: Multicast flood
Replies: 13
Views: 1012

Re: Multicast flood

Is there anything else you would like to recommend.
Unicast.
by k6ccc
Mon Apr 05, 2021 1:29 am
Forum: SwOS
Topic: CRS326 DHCP over VLAN Trunk not working
Replies: 2
Views: 1946

Re: CRS326 DHCP over VLAN Trunk not working

What SwitchOS version?

I just looked at my one CRS326 (running SwitchOS version 2.12) and it is configured for static IP, but I can do a test without too much difficulty. The only connection to that switch from the rest of my network is via one VLAN trunk..
by k6ccc
Fri Mar 26, 2021 7:06 pm
Forum: Beginner Basics
Topic: I can't access the web interface for MikroTik hAP ac2 [SOLVED]
Replies: 11
Views: 1357

Re: I can't access the web interface for MikroTik hAP ac2 [SOLVED]

I would lose access to it every time I got the device partway configured. Likely your fault. For example, if you change the IP subnet of the device, of course you are going to lose connection to it - until you change the IP of your computer. Although I don't normally use it, Webfig works just fine....
by k6ccc
Fri Mar 26, 2021 6:59 pm
Forum: Beginner Basics
Topic: I can't access the web interface for MikroTik hAP ac2 [SOLVED]
Replies: 11
Views: 1357

Re: I can't access the web interface for MikroTik hAP ac2 [SOLVED]

My only sadness now is that I bought this device thinking it was ddwrt/openwrt/tomato compatible.
In other words, you bought something other than what you are looking for, and then are bitching that it does not work the way you wanted. Frankly, I am VERY glad that it is no ddwrt compatible.
by k6ccc
Fri Mar 26, 2021 6:30 pm
Forum: Beginner Basics
Topic: I can't access the web interface for MikroTik hAP ac2 [SOLVED]
Replies: 11
Views: 1357

Re: I can't access the web interface for MikroTik hAP ac2 [SOLVED]

You can use Webfig which is a web interface similar to WinBox, or you can use a Telnet or preferably SSH session to configure it with a text based interface. If you are on a MAC, apparently there is a way to run WinBox on a MAC, but I don't use a MAC, so I have no details. If you are on linux, you s...
by k6ccc
Wed Mar 24, 2021 6:05 pm
Forum: Beginner Basics
Topic: Rb260gsp setup as simple switch?
Replies: 2
Views: 498

Re: Rb260gsp setup as simple switch?

No, you do not need to set port mirroring. The out of the box config will work for you, although as Phillip said, you likely will want to set the IP configuration.
And correct, no point in paying extra for the PoE that you likely won't be using.
by k6ccc
Thu Mar 18, 2021 9:55 pm
Forum: Beginner Basics
Topic: DHCP
Replies: 2
Views: 455

Re: DHCP

You did not say which Mikrotik you are using. For the purpose, you should have a switch, not a router. If you are using a router, you are going to need to provide us with a drawing (or a really good description - drawing is better) of your network layout, and a export of your router configuration in...
by k6ccc
Mon Mar 15, 2021 7:22 pm
Forum: Beginner Basics
Topic: Logins limit
Replies: 1
Views: 337

Re: Logins limit

Well, you're right - each session required a separate logon. That is a bit surprising...
I don't normally use WebFig - either SSH or generally Winbox.
by k6ccc
Mon Mar 15, 2021 5:02 pm
Forum: General
Topic: Mikrotik UPS Solution
Replies: 11
Views: 1075

Re: Mikrotik UPS Solution

The original poster said that he has two CRS125 routers and two passive POE injectors running on 24 volts. My original and followup suggestions was to run both the routers and the POE injectors off the same 24 volt battery plant. How do you ideally split current between 4 devices (2xCRS, 2xPoE inje...
by k6ccc
Mon Mar 15, 2021 4:13 pm
Forum: General
Topic: Mikrotik UPS Solution
Replies: 11
Views: 1075

Re: Mikrotik UPS Solution

The original poster said that he has two CRS125 routers and two passive POE injectors running on 24 volts. My original and followup suggestions was to run both the routers and the POE injectors off the same 24 volt battery plant.
by k6ccc
Mon Mar 15, 2021 6:59 am
Forum: General
Topic: Mikrotik UPS Solution
Replies: 11
Views: 1075

Re: Mikrotik UPS Solution

Is there such a thing but with ethernet inputs/outputs to go in between regular injectors and devices? Would make things a bit simpler
Use your existing POE injectors, but power if from a 24 volt battery plant. Use the same thing to power the routers. Much easier than any sort of UPS.
by k6ccc
Sun Mar 14, 2021 10:16 pm
Forum: General
Topic: Mikrotik UPS Solution
Replies: 11
Views: 1075

Re: Mikrotik UPS Solution

Running the devices directly off a battery plant would be better. Ideally with redundant battery chargers to protect you in case a battery charger fails. Easier if all the devices can operate off the same voltage. And there is no switching time upon AC power failure - only the battery chargers stop ...
by k6ccc
Sun Mar 14, 2021 7:24 am
Forum: General
Topic: How do you know that Mikrotik had become popular ?
Replies: 5
Views: 702

Re: How do you know that Mikrotik had become popular ?

If one was proactive and wanted to be more aggressive one would log all entry attempts on port 8291 on input chain and block those IPs for all ports on raw chain.
That's what I do...
by k6ccc
Sat Mar 13, 2021 8:49 pm
Forum: Beginner Basics
Topic: ipv6 package
Replies: 7
Views: 815

Re: ipv6 package

No real point in installing the IPv6 package if you are not going to use it (neither do I).
by k6ccc
Fri Mar 05, 2021 11:41 pm
Forum: SwOS
Topic: CRS312, VLANs cannot talk with outside of the switch
Replies: 13
Views: 2317

Re: CRS312, VLANs cannot talk with outside of the switch

No, I do not normally use the port isolation capability - just different VLANs to keep things apart. On your port 1, on the VLAN tab, change VLAN mode to disabled and VLAN Receive to Only untagged. Off hand, I suspect that the switch is trying to send VLAN tagged traffic to your client PC - which li...
by k6ccc
Fri Mar 05, 2021 6:45 pm
Forum: SwOS
Topic: CRS312, VLANs cannot talk with outside of the switch
Replies: 13
Views: 2317

Re: CRS312, VLANs cannot talk with outside of the switch

SwitchOS handles VLANs just fine. I am using multiple VLANs on all of my switches. Most of my ports are not VLAN tagged - but are assigned to a VLAN, but there is at least one VLAN trunk port, and several of the switches have one or more other ports that are VLAN tagged. Based on the hosts tab, you ...
by k6ccc
Mon Mar 01, 2021 9:32 pm
Forum: General
Topic: winbox multiple instances/databases
Replies: 5
Views: 461

Re: winbox multiple instances/databases

Different log on accounts for the computer that is running WinBox?

What are you trying to accomplish?
by k6ccc
Sun Feb 28, 2021 8:46 pm
Forum: Beginner Basics
Topic: hAP Lite: How to connect ethernet/LAN device to WLAN subnet?
Replies: 4
Views: 452

Re: hAP Lite: How to connect ethernet/LAN device to WLAN subnet?

It will involve setting up a bridge, but I don't use any bridges in my routers, so I can't help you much. The Ethernet port and the WLAN need to be in a bridge, but that's about my limit on bridges.
by k6ccc
Sat Feb 27, 2021 9:11 pm
Forum: Beginner Basics
Topic: I need help about installation mikrotik on VMware Esxi 6.0
Replies: 3
Views: 464

Re: I need help

I can't help you at all with your problem, but for future reference, a more useful message subject would be helpful. For example: I need help with VMware esxi
by k6ccc
Thu Feb 25, 2021 4:38 am
Forum: Beginner Basics
Topic: Load Backup issue with Custom Script? 6.48.1
Replies: 1
Views: 349

Re: Load Backup issue with Custom Script? 6.48.1

If I'm understanding your question, it is doing what it's supposed to. From the Wiki:
The configuration restore can be used for restoring the router's configuration, exactly as it was at the backup creation moment, from a backup file.
by k6ccc
Wed Feb 24, 2021 4:12 am
Forum: Beginner Basics
Topic: User "Allowed Address" not in "/export" or "/export verbose"?
Replies: 2
Views: 375

Re: User "Allowed Address" not in "/export" or "/export verbose"?

Hmmm, interesting. You are right, not there..
by k6ccc
Mon Feb 22, 2021 12:26 am
Forum: Beginner Basics
Topic: Port Forwarding
Replies: 4
Views: 697

Re: Port Forwarding

Both methods work. The one accept all DST-NATted is certainly the easy route, but I wanted him to know why his rules did not work right - in other words, he might learn something. The other part is that there are times where you have a need to either not use the one accept rule, or to not use it for...
by k6ccc
Sun Feb 21, 2021 8:20 am
Forum: SwOS
Topic: SwOS
Replies: 3
Views: 1785

Re: SwOS

However, there is a major bug with the current release version of swOS not working with VLANS properly, which makes them unviable for anything except a lab setting. I would advise waiting until 2.13 is officially released. Oh really? Don't tell my six Mikrotik switches that are all running 2.12, an...
by k6ccc
Sun Feb 21, 2021 8:15 am
Forum: Beginner Basics
Topic: Port Forwarding
Replies: 4
Views: 697

Re: Port Forwarding

Two of your code segments. The first is you DST Nat rules. I am going to assume that the first one (the port 80 TCP) is really like the port 80 UDP, but got mangled in the export and paste. Assuming that is true, those rules are fine. add action=dst-nat chain=dstnat comment="NGINX Proxy Port Fo...
by k6ccc
Thu Feb 18, 2021 5:47 pm
Forum: Beginner Basics
Topic: Opening firewall ports
Replies: 4
Views: 713

Re: Opening firewall ports

And to answer part two of your original question, yes the default firewall rules are fairly good for most purposes. If you are replacing a consumer grade router with a Mikrotik, the default configuration will work just fine. When you want to allow other stuff (such as your SSH question) is where the...
by k6ccc
Thu Feb 04, 2021 8:38 pm
Forum: Beginner Basics
Topic: Can't switch to SwOS
Replies: 2
Views: 480

Re: Can't switch to SwOS

That's a fairly old version of RouterOS. Just a stab in the dark. Update to a current version of RouterOS and see if the command to switch to SwitchOS is there.
by k6ccc
Mon Feb 01, 2021 4:33 am
Forum: SwOS
Topic: Subnet mask and swos
Replies: 12
Views: 7435

Re: Subnet mask and swos

There is traffic from my PC. So let's check the browser page. (Chrome has the developers tools built in).
And the browser is checking upgrade.microsoft .com to fill in this page. The switch is not initiating a request.
Ain't that interesting...
by k6ccc
Sun Jan 31, 2021 11:17 pm
Forum: SwOS
Topic: Subnet mask and swos
Replies: 12
Views: 7435

Re: Subnet mask and swos

The only thing with this "answer with src IP and src MAC as destination" mechanism is that the switch cannot initiate a connection to something outside the own subnet, as it does not have a clue on the gateway to use. But I see no process that initiates a connection from the switch (like ...
by k6ccc
Sun Jan 31, 2021 8:26 pm
Forum: SwOS
Topic: Subnet mask and swos
Replies: 12
Views: 7435

Re: Subnet mask and swos

I have not found a situation where I could not access any of my switches. At the very least, the computer is on a different VLAN than the switch is listening on, so traffic is going through a router or two to get there and it always finds its way back. This computer has an IP on my .101 LAN. Althoug...
by k6ccc
Sun Jan 31, 2021 8:05 pm
Forum: General
Topic: 24v 800mA power supply failure
Replies: 4
Views: 584

Re: 24v 800mA power supply failure

I have several of those and have not had any fail - for whatever that's worth...
by k6ccc
Sun Jan 31, 2021 8:03 pm
Forum: Beginner Basics
Topic: Looking for new Switch (Parameters Below)
Replies: 2
Views: 391

Re: Looking for new Switch (Parameters Below)

If you are happy with the CSS326-24G-2S+, I would get another one. Extra ports are always useful. Amazing how ports can get used in the future. In full disclosure, I have two of them (with rack ears) here at home plus a CRS326-24G-2S+RM that is running SwitchOS up at a local radio site and I am very...
by k6ccc
Sun Jan 24, 2021 8:27 pm
Forum: General
Topic: WinBox problem after upgrading to v6.48
Replies: 3
Views: 445

Re: WinBox problem after upgrading to v6.48

That was going to be my guess - old version of WinBox.
Glad you got it resolved.
by k6ccc
Sun Jan 24, 2021 5:13 am
Forum: General
Topic: how to conquer random mac address?
Replies: 7
Views: 1400

Re: how to conquer random mac address?

iPhones are doing the same thing with a recent update. At least on the iPhone you can turn it off for a specific WiFi connection. If the Lenova has the same option, you could set up a rate limit so that if someone is not using one of your DHCP reservation IP addresses, they get limited to slow speed...
by k6ccc
Sat Jan 23, 2021 9:00 pm
Forum: General
Topic: Coax to RJ45 - is a MoCA adapter required? [SOLVED]
Replies: 8
Views: 1121

Re: Coax to RJ45 - is a MoCA adapter required? [SOLVED]

Yeah, seems like I'll have to give up on this idea. I'd hoped to just jam the coax to my ethernet plug, and maybe punch in some PPPoE credentials manually or something, but yeah I'm forgetting that there's more to it than just whether it fits in the slot or not. That would be about like thinking yo...
by k6ccc
Sat Jan 23, 2021 8:48 pm
Forum: Beginner Basics
Topic: Basic question about firewall rule organization, and grouping by chains.
Replies: 5
Views: 645

Re: Basic question about firewall rule organization, and grouping by chains.

I group all my chains together. As noted before, the router does not care, but it makes it far easier for the poor human being that has to read it - that would be me. You can also create any other chains that you want. Speeds up processing if you can jump to a different chain for one certain type of...
by k6ccc
Fri Jan 22, 2021 9:29 pm
Forum: General
Topic: [Request] Winbox Default Port
Replies: 8
Views: 1025

Re: [Request] Winbox Default Port

...without saving the host in the Managed list (for security reasons) What's your issue with using the managed list? Only someone who logs onto your PC with your account will see your list, and as Normis pointed out, the file is encrypted if you use the Master password. Keep in mind that the IP of ...
by k6ccc
Fri Jan 22, 2021 7:31 pm
Forum: Beginner Basics
Topic: Allow LAN to LAN routes
Replies: 2
Views: 417

Re: Allow LAN to LAN routes

I would agree, configure the EeroMesh device that has a wired connection simply as an access point, an let the MT handle the router functions.
by k6ccc
Fri Jan 22, 2021 5:31 pm
Forum: SwOS
Topic: Can SwitchOS pass VLAN's to other MikroTik switches?
Replies: 4
Views: 1762

Re: Can SwitchOS pass VLAN's to other MikroTik switches?

God, I hope so! I am running VLANs on every one of my Mikrotik switches. I have five MT switches here at home, and lots of VLANs. I would hate to find that what I have been doing for years doesn't work :)
by k6ccc
Fri Jan 22, 2021 5:24 pm
Forum: General
Topic: 2 Mikrotiks on same layer 2
Replies: 15
Views: 1189

Re: 2 Mikrotiks on same layer 2

Not following what you are trying to accomplish. Can you draw a picture of what you want to do?
by k6ccc
Thu Jan 21, 2021 6:05 pm
Forum: General
Topic: Is there a way to log into admin panel if service on port 80 was accidentially turned off
Replies: 13
Views: 1138

Re: Is there a way to log into admin panel if service on port 80 was accidentially turned off

Keep in mind that really the only thing you would do via MAC Winbox is to enable proper ways of accessing the router. Think of it as an "Ah crap, I messed up, let me fix my screwup".
by k6ccc
Thu Jan 21, 2021 4:29 am
Forum: Beginner Basics
Topic: Slower performance when connected directly to router!
Replies: 12
Views: 1232

Re: Slower performance when connected directly to router!

The 100Mb/s sounds suspicious. Check the connection speed on the laptop. Could be a cable issue. Gigabit normally requires all four pairs whereas 10Base-T and 100Base-T only uses two of the pairs.
by k6ccc
Wed Jan 20, 2021 9:21 pm
Forum: Beginner Basics
Topic: Dividing one routerboard making it two separate wan routers
Replies: 6
Views: 792

Re: Dividing one routerboard making it two separate wan routers

I am doing essentially what you are trying to do with a RB750Gr3 (Hex) with my normal internet as port 1, and a ham radio network as a second WAN when happens to be a VLAN on port 4. Works fine. Does require a little care in routing tables, and of course firewall rules to keep the intended traffic s...
by k6ccc
Tue Jan 19, 2021 6:04 pm
Forum: General
Topic: RouterOS .backup to .rsc/text
Replies: 4
Views: 696

Re: RouterOS .backup to .rsc/text

I lost my lain text .rsc files for the router config For future use, automatically produce a new (current) .rsc file on a regular basis. I have a script that produces the binary .backup and a plain text .rsc files and sends them to me via E-Mail. That scrip is run via the scheduler every night. Now...
by k6ccc
Tue Jan 12, 2021 5:18 pm
Forum: General
Topic: How to setup Mikrotik router and TTL
Replies: 15
Views: 2437

Re: How to setup Mikrotik router and TTL

How about asking a question. The subject is so vague, and other than that, you don't tell us what you are trying to do, or what you need help with.
by k6ccc
Tue Jan 12, 2021 5:15 pm
Forum: Beginner Basics
Topic: Can I change user name in SwOS?
Replies: 4
Views: 665

Re: Can I change user name in SwOS?

Not in SwitchOS.
by k6ccc
Sun Jan 10, 2021 3:22 am
Forum: Beginner Basics
Topic: New user- need help! Please!
Replies: 4
Views: 661

Re: New user- need help! Please!

I changed my laptop's IP to static 192.168.88.2, and was able to log into the switch, but as soon as I tried to change switch IP to 192168.1.58, I lost connection. That would be correct. As soon as you changed the IP on the switch to 192.168.1.58, your PC can no longer access the switch until you c...
by k6ccc
Tue Jan 05, 2021 5:40 pm
Forum: Beginner Basics
Topic: IPv6 Firewall
Replies: 22
Views: 2376

Re: IPv6 Firewall

It is a bug/shortcoming in RouterOS. When you add a new package, the default configuration for that package is not applied. Workaround: always enable IPv6 as first thing when you receive a new router, then update to the newest RouterOS version, and then reset to factory defaults. When you do the re...
by k6ccc
Tue Jan 05, 2021 1:48 am
Forum: General
Topic: Coaxial Adapter
Replies: 4
Views: 628

Re: Coaxial Adapter

Nope. Doing so would likely release the magic smoke that makes all electronics work. Combining transmitters into a single antenna can be done, but it's not something that is plug and play - or inexpensive.
by k6ccc
Wed Dec 30, 2020 4:40 am
Forum: General
Topic: Winbox - MacOS Big Sur
Replies: 24
Views: 7514

Re: Winbox - Big Sur

Can I assume "Big Sur" is a name for a recent Mac OS? I don't speak Mac.

If that is the case, don't hold your breath. Mikrotik has never supported Mac OS, and appears that they have no interest in doing so.
by k6ccc
Mon Dec 14, 2020 11:20 pm
Forum: SwOS
Topic: SwitchOS CLI
Replies: 8
Views: 6807

Re: SwitchOS CLI

I use switches exclusively as switches and I use routers exclusively as routers - the two functions do not cross. In fact, the only reason I have one CRS326 is that I ordered a CSS326 and the vendor incorrectly sent me a CRS326. When I contacted them about it, they said it was not worth the effort a...
by k6ccc
Mon Dec 14, 2020 4:11 am
Forum: SwOS
Topic: SwitchOS CLI
Replies: 8
Views: 6807

Re: SwitchOS CLI

There's a version of OS available which has everything you want. It's called ROS. Yes, ROS device can be configured as a switch, doesn't have to be router. That does not help with switch only devices (see my list below). And for managing switches, SwitchOS works very well. With that said, it would ...
by k6ccc
Mon Dec 14, 2020 4:07 am
Forum: General
Topic: Forum registration disabled?
Replies: 2
Views: 491

Re: Forum registration disabled?

Beats me, but I concur that unless it's well hidden, there is no way to join.
by k6ccc
Sat Dec 05, 2020 11:01 pm
Forum: SwOS
Topic: CRS326-24G-2S+ no ip address
Replies: 3
Views: 1209

Re: CRS326-24G-2S+ no ip address

If it is still on a factory config, it will be 192.168.88.1. If you changed it, you need to point your browser to the address that you changed it to. If you changed it to DHCP, whatever device is operating as a DHCP server should be able to tell you what address it is using. If you can't not find it...
by k6ccc
Fri Dec 04, 2020 6:23 am
Forum: SwOS
Topic: swos-css326 permit specific mac to port
Replies: 1
Views: 735

Re: swos-css326 permit specific mac to port

Look at ACL rules. I've never used them so I can't give you examples, but MAC filtering is in the options.
by k6ccc
Fri Dec 04, 2020 6:18 am
Forum: SwOS
Topic: Setup and access switch from upstream router
Replies: 2
Views: 850

Re: Setup and access switch from upstream router

The only aspect I don't like, is the fact that you lose access to the switch from any port that is not routed by the specified VLAN (10 in my scenario). Because if my upstream router dies or is misconfigured, I also lose access to the switch. I guess that my next purchase will have a console port ;...
by k6ccc
Sun Nov 01, 2020 3:47 am
Forum: SwOS
Topic: SwOS boots but cannot access
Replies: 3
Views: 1894

Re: SwOS boots but cannot access

Can you hook up the switch to something that will provide a DHCP address (usually your router). Then look at the DHCP server to see what address was assigned. Then try to go to that address.with a web browser.
by k6ccc
Fri Oct 30, 2020 2:10 am
Forum: SwOS
Topic: CSS610-8G-2S+IN VLAN Behaviour
Replies: 1
Views: 1630

Re: CSS610-8G-2S+IN VLAN Behaviour

I don't have that switch, but am very familiar with SwitchOS. What you are reporting does not make a lot of sense. BTW, I suspect you typoed something in your description because the DHCP range for VLAN 2 does not include the switch management address. However, I suspect that was a fat finger item.....
by k6ccc
Thu Oct 15, 2020 6:29 am
Forum: SwOS
Topic: SwOs - Suggestion for improvements
Replies: 2
Views: 1105

Re: SwOs - Suggestion for improvements

That is one of my pet peeves - We won't tell you what the password requirements are - but there are requirements. Unfortunately that is VERY common!
by k6ccc
Mon Oct 05, 2020 9:04 pm
Forum: Beginner Basics
Topic: proplem with dhcp
Replies: 7
Views: 766

Re: proplem with dhcp

Is this on Amazon AWS? If not, why are you using their IP addresses? it's private ip , so why don't use Highly recommend that you don't use a public address on your private network. There are private IP ranges for a reason. Using someone elses address range wiil come back to haunt you if you every ...
by k6ccc
Sat Oct 03, 2020 10:33 pm
Forum: SwOS
Topic: CSS610-8G-2S+IN - SWOS 2.12rc2 Upgrade missing
Replies: 15
Views: 4318

Re: CSS610-8G-2S+IN - SWOS 2.12rc2 Upgrade missing

I had not really paid attention to the model of switch that you are using. Apparently that is a very new product and the software download page has not been updated with the new model. As this is a user forum, you might be better off sending a message to support@mikrotik.com That will get directly t...
by k6ccc
Sat Oct 03, 2020 6:15 am
Forum: SwOS
Topic: CSS610-8G-2S+IN - SWOS 2.12rc2 Upgrade missing
Replies: 15
Views: 4318

Re: CSS610-8G-2S+IN - SWOS 2.12rc2 Upgrade missing

Go to the Mikrotic downloads page: https://mikrotik.com/download
Download the appropriate file and do a manual upgrade (near the bottom of the Upgrade tab).
by k6ccc
Thu Oct 01, 2020 9:08 pm
Forum: SwOS
Topic: Help me please, switch keeps briking on me
Replies: 3
Views: 832

Re: Help me please, switch keeps briking on me

You are not giving us much info on your configuration. Are you trying to access the switch via one of the trunks or have you designated a specific non-tagged port as your "management" port? As xvo said, you need to tell the switch what port or ports and what VLAN management access is allow...
by k6ccc
Thu Sep 24, 2020 12:03 am
Forum: General
Topic: [FEATURE REQUEST] User Interface Overhaul?
Replies: 10
Views: 1104

Re: [FEATURE REQUEST] User Interface Overhaul?

Like the others who have posted, I have very very issues with WinBox (what I normally use for most purposes). I find it easy to work with. It is FAR better than the GUI for the Juniper routers we have at work. I use my MT routers strictly as routers (no switch functionality, but lots of VLANs), so t...
by k6ccc
Wed Sep 23, 2020 2:28 am
Forum: SwOS
Topic: NewBie CRS305 issue
Replies: 1
Views: 843

Re: NewBie CRS305 issue

You did not tell us what fiber SFPs you are using. You did specify that the ones having problems are using multi-mode FO cable. Makes me wonder if there is a mismatch between multi-mode and single-mode - either with the jumper cables or with the SFPs. From what you said, I am gathering that you are ...
by k6ccc
Mon Sep 21, 2020 11:52 pm
Forum: Announcements
Topic: WinBox v3.27 released!
Replies: 105
Views: 31868

Re: WinBox v3.27 released!

I can confirm it as well in 3.27 64 bit version. However, you are going to need to put something in that field regardless of what defaults there, so this is not really much of an issue. Note that this is on the Bridge VLAN page as shows above and not the interface VLAN page (where the default is 1 -...
by k6ccc
Sat Sep 19, 2020 7:31 pm
Forum: General
Topic: icmp nat
Replies: 13
Views: 994

Re: icmp nat

if any of the hosts have open ports (a web, ftp, or mail server for example), you can send tcp pickets to those ports and get a response. Most monitoring services can check for all sorts of ports. And this approach makes a lot of sense, because a response to a ping tells you nothing more than that ...
by k6ccc
Sat Sep 19, 2020 8:36 am
Forum: General
Topic: icmp nat
Replies: 13
Views: 994

Re: icmp nat

Nope. icmp does not have ports (unlike udp and tcp), so all you get is IP. If you have multiple public IPs, you can have each public IP NAT to a different host, but if you only have one public IP, you only get one. Now with that said, if any of the hosts have open ports (a web, ftp, or mail server f...
by k6ccc
Sat Sep 19, 2020 8:15 am
Forum: General
Topic: icmp nat
Replies: 13
Views: 994

Re: icmp nat

Yep. If you have only one public IP, you can only ping one host.
by k6ccc
Sat Sep 19, 2020 7:51 am
Forum: General
Topic: icmp nat
Replies: 13
Views: 994

Re: icmp nat

I just set this up on one of my routers. This is working fine. Note that if you don't have a forward rule to allow anything DST-NATted, you will need to build a specific rule to accept these packets. http://extraphotos.info/mikrotik/ICMP-NAT-1.png http://extraphotos.info/mikrotik/ICMP-NAT-2.png Also...
by k6ccc
Sat Sep 19, 2020 7:26 am
Forum: General
Topic: icmp nat
Replies: 13
Views: 994

Re: icmp nat

You are almost there. Add the In Interface, and on the Action tab, set for DST NAT and tell what IP to send it to.
by k6ccc
Sat Sep 19, 2020 6:59 am
Forum: General
Topic: icmp nat
Replies: 13
Views: 994

Re: icmp nat

Correct, icmp does not have ports.
by k6ccc
Sat Sep 19, 2020 6:04 am
Forum: SwOS
Topic: Help with CSS326-24G-2S+ and LACP
Replies: 1
Views: 672

Re: Help with CSS326-24G-2S+ and LACP

You're not giving a lot of information. It looks OK on the CSS326 as long as the other end is configured to initiate the LACP.
Also, what SwOS version are you running?
by k6ccc
Sat Sep 19, 2020 5:58 am
Forum: General
Topic: icmp nat
Replies: 13
Views: 994

Re: icmp nat

No different than any other NAT except the Protocol is icmp instead of the more common tcp or udp - I ran one for a specific purpose a while back.
by k6ccc
Wed Sep 16, 2020 10:43 pm
Forum: SwOS
Topic: Service VLAN on swOS
Replies: 5
Views: 4237

Re: Service VLAN on swOS

I don't remember seeing any mention of it in any updates. Push really comes to shove, I likely could test in here.
by k6ccc
Sun Sep 13, 2020 7:32 am
Forum: Announcements
Topic: Expected down time for this forum SEPT 11
Replies: 42
Views: 7912

Re: Expected down time for this forum SEPT 11

Same here. My password was invalid - it said. Used the "I forgot my password" link. "reset" my password to what it has been before - 4 capital letters, 4 lower case letters, 7 special characters, and 1 number - cryptic crap generated by my password manager.
by k6ccc
Wed Sep 09, 2020 11:44 pm
Forum: Announcements
Topic: SwOS version 2.12 released!
Replies: 99
Views: 63435

Re: SwOS version 2.12 released!

update to version 2.12 and I deleted the Mac Address and the Series. Any solution? I don't understand your statement. What do you mean that you deleted the MAC and the series (or was that supposed to be Serial?). You as a user do not have the ability to change either of those fields from the GUI, a...
by k6ccc
Sun Sep 06, 2020 7:37 pm
Forum: Beginner Basics
Topic: Port forward
Replies: 7
Views: 656

Re: Port forward

Make sure that you have either a firewall rule that allows that port in the forward chain or a rule that allows anything DSTNAT forwarded to be accepted in the forward chain.
Creating a port forward does NOT automatically allow that through the firewall (unless you have a allow anything DSTNAT rule).
by k6ccc
Thu Sep 03, 2020 6:25 pm
Forum: Announcements
Topic: WinBox v3.27 released!
Replies: 105
Views: 31868

Re: WinBox v3.27 released!

Good grief, I just downloaded 3.25 yesterday.. Anyway with 3.27 (64 bit version), file list and log are working on my RB750Gr3 and RB750r2. Good grief, do you not check for updates at least twice daily?? I know you are largely just being funny anav... Actually I check this forum fairly regularly, a...
by k6ccc
Thu Sep 03, 2020 6:28 am
Forum: Announcements
Topic: WinBox v3.27 released!
Replies: 105
Views: 31868

Re: WinBox v3.27 released!

Can't replicate that on my RB750r2 with 6.47.1. Worked fine.
by k6ccc
Wed Sep 02, 2020 10:05 pm
Forum: Announcements
Topic: WinBox v3.27 released!
Replies: 105
Views: 31868

Re: WinBox v3.27 released!

Good grief, I just downloaded 3.25 yesterday..

Anyway with 3.27 (64 bit version), file list and log are working on my RB750Gr3 and RB750r2.
by k6ccc
Thu Aug 27, 2020 8:07 am
Forum: SwOS
Topic: Need help to setup 2 VLANs
Replies: 4
Views: 1958

Re: Need help to setup 2 VLANs

On the VLANs tab, For each VLAN, check the boxes for the ports that will access that VLAN.
To add VLANs to the VLANs tab, press the APPEND button at the bottom. Then edit the VLAN number and ports.
by k6ccc
Mon Aug 24, 2020 7:49 pm
Forum: SwOS
Topic: Need help to setup 2 VLANs
Replies: 4
Views: 1958

Re: Need help to setup 2 VLANs

Here are a couple screen shots from my CSS326 that should help. BTW, I posted this and then realized that the screen captures were quite dated. I edited the post with new captures, so if you looked at this within the first 5 minutes after I posted it, the images changed. If you see this this text, y...
by k6ccc
Sun Aug 23, 2020 10:47 pm
Forum: SwOS
Topic: CSS326-24G-2S+RM hangs until power cycle
Replies: 117
Views: 43467

Re: CSS326-24G-2S+RM hangs until power cycle

As far as I know, you are the first person to report this lockup under ROS. This entire thread has been about SwOS.
by k6ccc
Fri Aug 21, 2020 7:45 am
Forum: Beginner Basics
Topic: Remote Management Access using Public IP
Replies: 11
Views: 8085

Re: Remote Management Access using Public IP

Use WinBox, not WebFig, and in addition to the above suggestions, use non-standard ports.
by k6ccc
Thu Aug 20, 2020 7:12 am
Forum: General
Topic: Today lost winbox functions 6.47.1 !?
Replies: 2
Views: 498

Re: Today lost winbox functions 6.47.1 !?

6.47.1 is working fine with WinBox on both my routers. Did you change anything?
by k6ccc
Wed Aug 19, 2020 5:43 pm
Forum: SwOS
Topic: CSS326-24G-2S+RM hangs until power cycle
Replies: 117
Views: 43467

Re: CSS326-24G-2S+RM hangs until power cycle

Coming up on 36 days and still good on both of mine..
by k6ccc
Wed Aug 19, 2020 5:07 am
Forum: General
Topic: Is it possible to mark-routing the ICMP packets?
Replies: 2
Views: 803

Re: Is it possible to mark-routing the ICMP packets?

Not enough detail. What are you trying to accomplish?
by k6ccc
Tue Aug 18, 2020 7:47 am
Forum: General
Topic: Help! Unknown Logs Eating RAM [SOLVED]
Replies: 2
Views: 544

Re: Help! Unknown Logs Eating RAM [SOLVED]

I only looked at a few of them, but it looks like you have set up a NAT with logging enabled. In that case, there will be a log entry for every packet. Turn off logging on your NAT.
by k6ccc
Tue Aug 18, 2020 12:07 am
Forum: Beginner Basics
Topic: Firewall drop port scanners rule trigered by Avast Antivirus
Replies: 3
Views: 1092

Re: Firewall drop port scanners rule trigered by Avast Antivirus

Let me see if I have this right. You add firewall rules to detect and stop port scanners, then you complain that it does exactly what you asked it to do (stop a port scanner). If you want to do a port scan to see what might be open, yes, you will need to disable your port scanner blocker rules while...
by k6ccc
Mon Aug 17, 2020 11:54 pm
Forum: SwOS
Topic: IPTV Switching
Replies: 13
Views: 4106

Re: IPTV Switching

I don't believe that is correct. Optional will allow either untagged or tagged packets, but you still need to tell the switch what VLANs are on which port. At least that is my understanding (and my observation for ports that I have set to optional). I just did a test. I have WiFi access points that ...
by k6ccc
Mon Aug 17, 2020 5:44 pm
Forum: Beginner Basics
Topic: firewall blocks router [SOLVED]
Replies: 5
Views: 1579

Re: firewall blocks router [SOLVED]

You are only showing one firewall rule in the input chain - and that is a drop everything. Based on that, there must be more to it that you are not showing us, else nothing into the router would work at all - including your ability to communicate with the router. If you want our help, you need to pr...
by k6ccc
Sat Aug 15, 2020 2:10 am
Forum: SwOS
Topic: IPTV Switching
Replies: 13
Views: 4106

Re: IPTV Switching

My strong suspicion is that the IPTV is using a VLAN and the "normal" computer internet is untagged. That way, if you plug a computer into it, it understands the untagged traffic. The TV box is set up to look for a VLAN so it is happy too. Assuming that is the case, you will need to set up...
by k6ccc
Fri Aug 14, 2020 11:28 pm
Forum: SwOS
Topic: IPTV Switching
Replies: 13
Views: 4106

Re: IPTV Switching

Knowing virtually nothing about IPTV (other than what I have read on this forum), are all four ports on the ISP router usable for either internet or TV, or are there specific ports for each?
by k6ccc
Fri Aug 14, 2020 5:44 pm
Forum: Beginner Basics
Topic: Remove bridge from RB750Gr3
Replies: 7
Views: 2015

Re: Remove bridge from RB750Gr3

We need to see what his configuration looks like. Until we see that, we are guessing.
by k6ccc
Fri Aug 14, 2020 12:15 am
Forum: SwOS
Topic: IPTV Switching
Replies: 13
Views: 4106

Re: IPTV Switching

Most dumb switches will handle VLAN tagged traffic because they will simply ignore the VLAN tagging, and pass them along. Most smart switches understand what a VLAN tag is and process them, and then handle them as such. Sorry for the torch reference - I had RouterOS in mind when you said you were ru...
by k6ccc
Thu Aug 13, 2020 11:02 pm
Forum: SwOS
Topic: IPTV Switching
Replies: 13
Views: 4106

Re: IPTV Switching

If I were to hazard a guess, the IPTV is likely using a VLAN for connectivity. Using Torch on the ports that the TV boxes are on may shed some light.
by k6ccc
Thu Aug 13, 2020 9:26 pm
Forum: Beginner Basics
Topic: Remove bridge from RB750Gr3
Replies: 7
Views: 2015

Re: Remove bridge from RB750Gr3

You are wanting to operate very similar to my RB750Gr3 - it is strictly used as a router and all switch functions are handled by a separate switch (CSS326-24G-2S in my case). I have never had a bridge on any of my routers. By default a router will route traffic between LANs, so you must put in firew...
by k6ccc
Thu Aug 13, 2020 9:11 pm
Forum: Beginner Basics
Topic: Router Mode
Replies: 6
Views: 1871

Re: Router Mode

Additionally, once you have made any config changes to your router, you should NEVER use QuickSet. QuickSet will happily overwrite your changes for you.
by k6ccc
Thu Aug 13, 2020 6:44 am
Forum: Beginner Basics
Topic: all links not support HTTPS
Replies: 6
Views: 1489

Re: all links not support HTTPS

I don't run hotspot, so I can't help, but I get the idea.
by k6ccc
Thu Aug 13, 2020 12:47 am
Forum: Beginner Basics
Topic: Newbie switch question [SOLVED]
Replies: 2
Views: 798

Re: Newbie switch question [SOLVED]

You are really close. As soon as a new device sends a packet, the switch learns the MAC of that device and stores that and what port it was on in it's hosts table. As long as the device does not move to another port it will remember where it is (it should have a timeout in there). As long as the MAC...
by k6ccc
Tue Aug 11, 2020 10:07 pm
Forum: Beginner Basics
Topic: Multiple Tagged VLANs on One Port
Replies: 4
Views: 1273

Re: Multiple Tagged VLANs on One Port

If you look my first screen capture, under Open Mesh #1, you will see that VLAN receive mode is set to "Any", and the default VLAN ID is set to "201". That means that port 1 will receive either VLAN tagged or untagged traffic, and that inbound untagged traffic will be assigned to...
by k6ccc
Tue Aug 11, 2020 5:58 pm
Forum: Beginner Basics
Topic: Firewall/VLAN setup
Replies: 10
Views: 4404

Re: Firewall/VLAN setup

By default, a Mikrotik router will router whenever it can. In other words, unless you block it with a firewall rule, it will happily route between VLANs. In each chain, the router will start at the top of the firewall rules in that chain, and keep processing rules until it finds a rule that matches,...
by k6ccc
Tue Aug 11, 2020 5:43 pm
Forum: Beginner Basics
Topic: all links not support HTTPS
Replies: 6
Views: 1489

Re: all links not support HTTPS

WAY not enough information. What are you talking about?
by k6ccc
Tue Aug 11, 2020 5:40 pm
Forum: Beginner Basics
Topic: Multiple Tagged VLANs on One Port
Replies: 4
Views: 1273

Re: Multiple Tagged VLANs on One Port

I am in the exact same situation with my WiFi nodes, and I have two of them fed from a CSS106-5G-1S (proper name for the current RB260GS). Here are a couple screen captures: http://extraphotos.info/mikrotik/CSS106-VLAN.PNG Open Mesh #1 uses VLAN 201 as it's untagged management LAN, and Open Mesh #2 ...
by k6ccc
Mon Aug 10, 2020 2:08 am
Forum: SwOS
Topic: Is there any SwOS ACL documentation with example?
Replies: 4
Views: 3341

Re: Is there any SwOS ACL documentation with example?

I use SwitchOS quite a bit, but I have never needed to use ACL. My suggestion would be to play with the options and see what works. Then post it here so maybe someone else will know too...
by k6ccc
Thu Aug 06, 2020 5:51 pm
Forum: Announcements
Topic: SwOS version 2.12 released!
Replies: 99
Views: 63435

Re: SwOS version 2.12 released!

Hey everyone, we have several CSS326-24G-2S+ and updated them to 2.12 today. On each of our switches all used ports are flashing sinchronal and we are wondering if that behaviour is normal? The switches work fine as far as we can judge. Could be. I'm not home right now, but one of my CSS326 switche...
by k6ccc
Mon Aug 03, 2020 6:37 am
Forum: SwOS
Topic: CSS326-24G-2S+RM hangs until power cycle
Replies: 117
Views: 43467

Re: CSS326-24G-2S+RM hangs until power cycle

Anyone running the new firmware notice any issues? How's it working?
My two CSS326-24G-2S+RM are working fine on 2.12 - so far.
by k6ccc
Wed Jul 29, 2020 10:43 pm
Forum: Beginner Basics
Topic: Cant get all PCs online
Replies: 16
Views: 3355

Re: Cant get all PCs online

Or someone has plugged in another router on your LAN without you knowing it. Most likely they were looking for switching only, but left the DHCP server enabled.
by k6ccc
Wed Jul 29, 2020 8:48 pm
Forum: Beginner Basics
Topic: Cant get all PCs online
Replies: 16
Views: 3355

Re: Cant get all PCs online

Check your DHCP pool or pools. sounds like you have two DHCP pools with the first one set for 30 addresses with a Next Pool set to another address pool. The DHCP pools on one of my routers as seen in WinBox showing most of the pools have only 10 or 20 available addresses and none of the pools have a...
by k6ccc
Wed Jul 22, 2020 8:29 pm
Forum: Beginner Basics
Topic: hEX S router Individual ethernet port and VLANs configuration
Replies: 3
Views: 1619

Re: hEX S router Individual ethernet port and VLANs configuration

That is very similar to what I am doing. I am using my routers (RB750r2 & RB750Gr3) exclusively as routers. The different LAN ports connect to managed switches that handle ALL switching function. I don't know if you will have any downstream switches, or will each port be connected to a single de...
by k6ccc
Tue Jul 21, 2020 8:37 pm
Forum: General
Topic: How to count network usage per ip with my rOS
Replies: 1
Views: 712

Re: How to count network usage per ip with my rOS

For a small number of IPs that you want to check, you can create a passthrough fire wall rule that does not do anything except count packets. I have a bunch of those rules - although generally most are disabled except when I am doing some specific test that requires that particular rule. This would ...
by k6ccc
Tue Jul 21, 2020 8:09 pm
Forum: Announcements
Topic: SwOS version 2.12 released!
Replies: 99
Views: 63435

Re: SwOS version 2.12 released!

For lag config you would set both sides to active to have them participate in the group. One of the changes in this version was to allow lag to work with only one member active. While there could be an issue with how much membership traffic is sent, this is really a config issue on your end. I did ...
by k6ccc
Mon Jul 20, 2020 8:12 pm
Forum: SwOS
Topic: RB260GPS Trouble
Replies: 8
Views: 2824

Re: RB260GPS Trouble

I don't see anything that jumps out at me that would cause the problem that you are seeing. About the only config change you may want to try (although it should not matter) is to change the NVR and FO connections on the VLAN tab to VLAN Mode = Disabled and VLAN Receive = Untagged Only. May also try ...
by k6ccc
Sun Jul 19, 2020 7:36 pm
Forum: SwOS
Topic: RB260GPS Trouble
Replies: 8
Views: 2824

Re: RB260GPS Trouble

Several of your answers were non-answers (such as asking which of two options were you using and your answer was "no"). However, I think I largely figured out what you are trying to do. As far as I can tell, you are really only using the CSS106 on the 172.16.x.x network as a dumb switch an...
by k6ccc
Sun Jul 19, 2020 8:33 am
Forum: General
Topic: Allow limited user rights to make binary backup?
Replies: 4
Views: 1484

Re: Allow limited user rights to make binary backup?

Here is mine. Feel free to adapt for your own purposes... # Policies needed: ftp, read, policy, sensitive, test # Policies NOT needed: password, reboot, write, sniff, romon :log info "Starting daily backup"; /system backup save name=RB750Gr3-1_Daily /export file RB750Gr3-1_Daily /system pa...
by k6ccc
Sun Jul 19, 2020 5:59 am
Forum: General
Topic: Allow limited user rights to make binary backup?
Replies: 4
Views: 1484

Re: Allow limited user rights to make binary backup?

If all you want to do is create a binary backup, but leave it on the router, you don't need to allow that for your limited user group. Create a script to create the file and then a schedule that runs the script at whatever interval that you want. You can also have your script send the file somewhere...
by k6ccc
Sat Jul 18, 2020 8:42 pm
Forum: SwOS
Topic: RB260GPS Trouble
Replies: 8
Views: 2824

Re: RB260GPS Trouble

Still not enough detail. For the moment, I am going to assume that you are trying to access the NVRs from the 192.168.0.x side of the drawing (or from the internet), and that you can successfully access the NVR, but the NVR can not see the cameras. Is that correct? Or are you directly trying to acce...
by k6ccc
Sat Jul 18, 2020 8:24 pm
Forum: Announcements
Topic: SwOS version 2.12 released!
Replies: 99
Views: 63435

Re: SwOS version 2.12 released!

SwOS version 2.12 on CSS106-5G-1S do not work with VLAN on trunk port in state "enable" or "strict". Work only in "optional". I access to switch throw this trunk port. Allow From VLAN set for number VLAN that exist in VLANs and trunk port set "leave as is" (i...
by k6ccc
Fri Jul 17, 2020 10:24 pm
Forum: SwOS
Topic: RB260GPS Trouble
Replies: 8
Views: 2824

Re: RB260GPS Trouble

A little more details on config. For starters, how are you subnetted? Is there a router involved in the equation? All on one VLAN or more than one?
That's a good start...
by k6ccc
Tue Jul 14, 2020 11:52 pm
Forum: Announcements
Topic: SwOS version 2.12 released!
Replies: 99
Views: 63435

Re: SwOS version 2.12 released!

Followup. Great news. I have now performed both my LACP test and enabled IPv6 which caused both switches to crash earlier this year. Here is a simplified drawing of my LAN. http://extraphotos.info/mikrotik/LAN_simplified_drawing.png Last April, I had enabled IPv6 on router #1 and essentially instant...
by k6ccc
Tue Jul 14, 2020 9:31 pm
Forum: SwOS
Topic: CSS326-24G-2S+RM hangs until power cycle
Replies: 117
Views: 43467

Re: CSS326-24G-2S+RM hangs until power cycle

My initial tests are looking good for 2.12. I repeated my April test by enabling IPv6 in an attached router, and both switches are working just fine.
by k6ccc
Tue Jul 14, 2020 8:25 pm
Forum: Announcements
Topic: SwOS version 2.12 released!
Replies: 99
Views: 63435

Re: SwOS version 2.12 released!

Two major improvements for me. First is the intermittent lockup issue that has plagued SwitchOS for quite a few releases. I will be repeating the test that I did back in April that caused both switches to lock up almost instantly. The other major improvement for me is that LACP will now work properl...
by k6ccc
Mon Jul 13, 2020 7:55 pm
Forum: SwOS
Topic: CSS326-24G-2S+RM hangs until power cycle
Replies: 117
Views: 43467

Re: CSS326-24G-2S+RM hangs until power cycle

I'm sure that this has not been fixed because it is such a odd situation that causes it to happen. That makes it hard to replicate. As far as I know, I have only had it happen when I enabled IPv6 in the Mikrotik router that is attached to the garage switch. My arrangement is that my internet service...
by k6ccc
Tue Jul 07, 2020 9:47 pm
Forum: Beginner Basics
Topic: Open Access to TikApp
Replies: 6
Views: 1855

Re: Open Access to TikApp

how do I add secured addresses to the list?
Firewall rules to allow access or allowed addresses to log on - or both.
by k6ccc
Mon Jul 06, 2020 9:22 pm
Forum: Beginner Basics
Topic: Cannot import RSC file into Mikrotik - wrong config order
Replies: 5
Views: 1507

Re: Cannot import RSC file into Mikrotik - wrong config order

I have only done an import once - when I upgraded a RB750r2 with a RB750Gr3. I found the same thing. Had to break up the file into a bunch of small pieces to get it all to work. Like you, stuff was in the wrong order, and stuff in the default config conflicted with what I was trying to import. Ended...
by k6ccc
Mon Jul 06, 2020 5:18 am
Forum: General
Topic: A Network based System isn't working
Replies: 2
Views: 709

Re: A Network based System isn't working

Sorry, duplicate post
by k6ccc
Mon Jul 06, 2020 5:17 am
Forum: General
Topic: A Network based System isn't working
Replies: 2
Views: 709

Re: A Network based System isn't working

You gave us no useful information to work with.
What system? What equipment? What firmware? What is the network configuration? What is the problem? Anything else that might tell us (we're not mind readers)?
by k6ccc
Wed Jul 01, 2020 2:41 am
Forum: Beginner Basics
Topic: fw does not drop winbox mac-telnet [SOLVED]
Replies: 8
Views: 1974

Re: fw does not drop winbox mac-telnet [SOLVED]

Thanks.
I wonder if I had discovered and forgotten about that sometime in the past. When I looked at my router 2, both mac-winbox and mactel interface lists had all interfaces, but when I looked at my newer router 1, only the local LAN was listed for both.
by k6ccc
Tue Jun 30, 2020 9:04 pm
Forum: General
Topic: Winbox is resetting
Replies: 1
Views: 572

Re: Winbox is resetting

I am taking it that you mean that it is logging you back out of the router as soon as you log in. Can you connect to the node via WebFig or a terminal window and look at the log and see if that gives a clue what is happening?
by k6ccc
Tue Jun 30, 2020 8:51 pm
Forum: Beginner Basics
Topic: fw does not drop winbox mac-telnet [SOLVED]
Replies: 8
Views: 1974

Re: fw does not drop winbox mac-telnet [SOLVED]

OK, I have never given that any thought because I have never used MAC WinBox. How do you block MAC WinBox - either completely or selectively? Since it's not IP, the IP firewall and ports rules do not apply.
by k6ccc
Wed Jun 24, 2020 7:19 pm
Forum: SwOS
Topic: Do CRS305&309 support other brands' RJ45 SFP module?
Replies: 9
Views: 6400

Re: Do CRS305&309 support other brands' RJ45 SFP module?

When the whole concept of SFPs came about, the concept was that they would be universally compatible. However reality is that some work and some do not. This is not at all unique to Mikrotik. Simple answer it to buy the SFPs that the device manufacturer recommends. They have tested them and know wha...
by k6ccc
Tue Jun 23, 2020 9:27 pm
Forum: Beginner Basics
Topic: Virtual Server (port mapping) [SOLVED]
Replies: 12
Views: 3516

Re: Virtual Server (port mapping) [SOLVED]

Originally you were trying to forward to a different address in addition to a different port. DST-NAT would be appropriate for that. However as sutrus said, it's different if you are only changing ports.
by k6ccc
Tue Jun 23, 2020 7:24 pm
Forum: Beginner Basics
Topic: Virtual Server (port mapping) [SOLVED]
Replies: 12
Views: 3516

Re: Virtual Server (port mapping) [SOLVED]

Your action should be DST-NAT - not Netmap.