Community discussions

Search found 15 matches

by Fesiitis
Thu Oct 03, 2019 5:28 pm
Forum: General
Topic: Azure Site-to-Site VPN using Mikrotik, cant access private IP from. Traffic flows only from Azure to Onprem [SOLVED]
Replies: 7
Views: 675

Re: Azure Site-to-Site VPN using Mikrotik, cant access private IP from. Traffic flows only from Azure to Onprem [SOLVED]

No, BGP should be configured only if you only really needs it. Also there's no need for additional Routes from Azure side. With default NSG rules, Azure should allow IPsec traffic for both sides.
by Fesiitis
Thu Oct 03, 2019 5:08 pm
Forum: General
Topic: Azure Site-to-Site VPN using Mikrotik, cant access private IP from. Traffic flows only from Azure to Onprem [SOLVED]
Replies: 7
Views: 675

Re: Azure Site-to-Site VPN using Mikrotik, cant access private IP from. Traffic flows only from Azure to Onprem [SOLVED]

First srcnat rule is not meant to allow Azure to On-Premise traffic, it is for On-Premise to Azure. Basically with that srcnat, mangle rule and these default fw rules you should be able to access Azure from On-Premise and vice versa. I have many IPsec tunnels created from Mikrotik to Azure that way ...
by Fesiitis
Thu Oct 03, 2019 1:10 pm
Forum: General
Topic: Azure Site-to-Site VPN using Mikrotik, cant access private IP from. Traffic flows only from Azure to Onprem [SOLVED]
Replies: 7
Views: 675

Re: Azure Site-to-Site VPN using Mikrotik, cant access private IP from. Traffic flows only from Azure to Onprem [SOLVED]

You have to add additional NAT rule to access Azure from On-Premise - /ip firewall nat add action=accept chain=srcnat comment="Azure" dst-address=\ azure-subnet/24 src-address=onprem-subnet/24 Also Azure suggests to clamp TCP MSS at 1350, so you should set this value by adding additional Mangle rule...
by Fesiitis
Thu Sep 26, 2019 12:04 am
Forum: General
Topic: VLANs for wifi and guest on router as AP
Replies: 2
Views: 322

VLANs for wifi and guest on router as AP

I'm pretty new on VLAN's, never had any needs to configure it before, so basically this is first time I'm doing it. Here you can see how I would like to see network for wifi for employees and guests - https://i.imgur.com/1MukyEr.png On cAP ac has no any specific configuration yet, it's basically fre...
by Fesiitis
Tue Sep 17, 2019 2:32 pm
Forum: General
Topic: Disk space problem [SOLVED]
Replies: 4
Views: 775

Re: Disk space problem [SOLVED]

This router has only 16 MB of storage size. I have RBwAP2nD and RB760iGS as well. On RBwAP2nD I had upgrade problems just because of storage size. And I solved this by getting rid of unwanted packages. Go to System > Packages and uninstall packages you don't use. Now on both routers I have only thes...
by Fesiitis
Thu Sep 12, 2019 2:08 pm
Forum: General
Topic: L2TP/IPSec VPN can access LAN but not Router [SOLVED]
Replies: 12
Views: 4098

Re: L2TP/IPSec VPN can access LAN but not Router [SOLVED]

Thanks for reply. This works. Next time I will post configuration as a text, thanks for suggestion. ;)
by Fesiitis
Thu Sep 12, 2019 1:34 pm
Forum: General
Topic: L2TP/IPSec VPN can access LAN but not Router [SOLVED]
Replies: 12
Views: 4098

Re: L2TP/IPSec VPN can access LAN but not Router [SOLVED]

I found this topic, because I have a same issue the OP had. Except I don't have L2TP/IPsec VPN, but IKE2 IPsec configured. And changing from !LAN to WAN does not fix issue, I can't access to router from any device on 10.12.14.0/24 network at all. If I disable that default "not from LAN" rule, I can ...
by Fesiitis
Thu Aug 15, 2019 7:24 pm
Forum: General
Topic: Feature requests
Replies: 1160
Views: 208166

Re: Feature requests

I'm waiting for ike2 support for eap as responder. Hope this feature will be added soon, since support for this as initiator was added in v6.45.1 update.
by Fesiitis
Wed Jul 03, 2019 5:12 pm
Forum: General
Topic: L2TP VPN can not connect on Windows 10
Replies: 13
Views: 1488

Re: L2TP VPN can not connect on Windows 10

Does it stuck on "Connecting to **IP address**"? If yes then it's not Mikrotik problem. I have same issue with L2TP. On 1803 I had this issue if I had GeForce Experience installed on Windows 10. After upgrade to 1809 L2TP does not work even without GeForce Experience. Haven't tried with 1903.
by Fesiitis
Wed Jul 03, 2019 4:55 pm
Forum: General
Topic: IKEv2 with EAP-MSCHAPv2 mobile VPN [SOLVED]
Replies: 1
Views: 266

IKEv2 with EAP-MSCHAPv2 mobile VPN [SOLVED]

Hi! I have two different routers. One of them is just a personal computer running OPNsense as OS. Second one is RB850Gx2 (v6.45.1). I want to create VPN server using IKEv2 with EAP-MSCHAPv2 on both of them. I have already created it on OPNsense following this tutorial . Now I want to create somethin...
by Fesiitis
Tue Jun 26, 2018 8:21 pm
Forum: General
Topic: IP NAT only when connecting to specific IP [SOLVED]
Replies: 2
Views: 331

IP NAT only when connecting to specific IP [SOLVED]

Hi! I have DHCP setup with address pool 10.2.0.0/24. What I want to achieve is that when I connect to 10.50.50.4 with 80 and 443 ports (just example) then outgoing address pool is 10.3.0.0/24. It's should be like - my PC has IP 10.2.0.15 assigned. I'm connecting to 10.50.50.4:80 via web browser. My ...
by Fesiitis
Tue Apr 17, 2018 11:36 am
Forum: General
Topic: Remote logging to Graylog2 [SOLVED]
Replies: 2
Views: 2315

Re: Remote logging to Graylog2 [SOLVED]

Problem solved. Stupid Graylog2 can't reach neither Mikrotik router nor any other server if it's binded to direct IP address. After I set bind address to 0.0.0.0, everything started as it should be.
by Fesiitis
Tue Apr 17, 2018 11:26 am
Forum: General
Topic: Remote logging to Graylog2 [SOLVED]
Replies: 2
Views: 2315

Remote logging to Graylog2 [SOLVED]

I'm trying to configure Mikrotik router to send logs to Graylog2 server, but it looks that I have something missing or wrong because nothing happens..
mikrotik.PNG
graylog.PNG
Is there someone who can help me?
by Fesiitis
Tue Sep 13, 2016 1:57 pm
Forum: Wireless Networking
Topic: 2.4 and 5 GHz best settings
Replies: 5
Views: 6585

Re: 2.4 and 5 GHz best settings

When both chains are in use, my laptop (with Intel Centrino Wireless-N 2230) maximum download/upload speed shows ~25Mbps, but with one chain ~55Mbps. However another laptop (with Intel Centrino Advanced-N 6230), when both chains are in use, maximum speed is ~90Mbps, but with one chain ~45Mbps. That'...
by Fesiitis
Tue Sep 13, 2016 11:18 am
Forum: Wireless Networking
Topic: 2.4 and 5 GHz best settings
Replies: 5
Views: 6585

2.4 and 5 GHz best settings

Hi! One of our clients is using this product . That wireless router is configured as access-point (no DHCP, Ethernet and both Wi-Fi interfaces bridged). Currently settings for both interfaces: https://s12.postimg.io/bsv9tzpx9/image.png https://s12.postimg.io/6vhp8vny5/image.png Problem is that I can...