RouterOS : 7.12 I have setup static arp under /IP arp There is no IPSec tunnels on mikrotik. Also no specific routes under /ip route I have setup NAT only for 5060. Do you think I should set dst-nat for port 5062? chain=dstnat action=dst-nat to-addresses=192.168.181.15 protocol=tcp dst-address-list=...
yes that is strange why mikrotik don't NAT those messages from provider to client(192.168.181.15) and I can't find why.
Also we can't reproduce problem, it just happens several times a week.
during day we have that mikrotik don't forward bye commands during call and operator have empty line and call must be manually closed. I have collected log but not sure what is happening. Maybe some UDP timeout and mikrotki loses NAT mappings and don't know where to forward packets. Maybe someone ha...
Server: Mikrotik Open VPN server (RouterOS 7.8 ) Clienti: Windows OpenVPN 2.6.2 If I set next it still connect with AES-256-CBC and without auth part I get error [unsupported auth digest] data-ciphers AES-256-GCM:AES-128-GCM:AES-256-CBC data-ciphers-fallback AES-256-CBC auth SHA512 But if I set next...
RASDIUS timeout is already 40 sec. which is I think enough, it can be set to 60 sec. so it is same as DUO but problem is PPP authentication as I understand and this is if we don't do DUO autorization inside 5 sec. connection hangs. I would like to control PPP authentication timeout and for now I hav...
ver. 7.6 I have setup radius login for OpenVPN integrated with DUO 2FA authentication. We have noticed problem if you don't click yes in DUO app in about 5 seconds VPN connection hangs and you must manually kill connection because OpenVPN will never clean it. When connection hangs encoding part is e...
we have same issue with OpenVPN UDP connections but because we allow [only one] clients can't connect after that any more and we must manually clear connections. https://cdn.screencast.com/uploads/g000302M5s8dVYia1WADrIY2jvebB/11.02.2022-04.03.png?sv=2021-08-06&st=2022-11-02T03%3A09%3A18Z&se...
is there maybe a plan to add auto update option and set that as default option? There are many routers which will never be updated or until something real bad happens. Also maybe to add option to auto update only security fixes. This way every router will be immediately patched/updated(unmanaged) an...
@huntah thank you for the link. I have used rras/isa/tmg and that was never a problem until I switched to mikrotik :( Missing NetBIOS broadcast is another problem. Now I know I can suggest mikrotik only to smaller offices where is feasible to manually setup remote clients. Regards, Darko Bazulj
when client connects to Mikrotik by VPN is there a way to pass [Dns Suffix] property? https://dl.dropboxusercontent.com/u/12735114/mikrotik/dnssuffix1.png Under /ppp profile I see only dns-server option but no domin/dns suffix property . Also I haven't saw option to pass DHCP to VPN clients. I'm men...
we used TMG2010 until now and we have switched to Mikrotik. But now I have problem with VPN clients and machine name resolving/browsing using only machine names. I have read that one solution is to use WINS but for now we don't have WINS. https://dl.dropboxusercontent.com/u/12735114/mikrotik/tmg1-ne...
@Pietro thank you for help. # find is there a way to test find output on CLI before you start changing something or using in script? Just to check if your query is right. # where and regex I have tried to use regex but it looks id doesn't work or I'm missing something. work /ip route print where com...
I'm playing with find and where but I'm missing something. #works /ip route print where dst-address="0.0.0.0/0" # don't work /ip route find where dst-address="0.0.0.0/0" /ip route find dst-address="0.0.0.0/0" Aim is to search for comments by using wildcards. Do I miss s...