Community discussions

Search found 1186 matches

  • 1
  • 2
  • 3
  • 4
  • 5
  • 24
by CZFan
Thu May 23, 2019 12:23 am
Forum: General
Topic: VLAN trunk - master-slave way of config on physical interfaces [SOLVED]
Replies: 30
Views: 1037

Re: VLAN trunk - master-slave way of config on physical interfaces [SOLVED]

It never came to my mind to try to push VLANs through a L2TP tunnel in bridge mode, but I've expected it would be enough to configure the /interface bridge port and /interface bridge vlan items also for the L2TP interfaces. However, it seems RouterOS is not ready for this (at least as of 6.44.3). W...
by CZFan
Tue May 21, 2019 10:33 pm
Forum: General
Topic: Strange RP filter behavior
Replies: 12
Views: 466

Re: Strange RP filter behavior

@macgaiver: Here you go, but be warned, once you see it, you can't unsee it.

Do you and @sindy visit each other in The Matrix for drinks :-)
by CZFan
Tue May 21, 2019 12:18 am
Forum: General
Topic: Route to multiple remote locations with same LAN subnet/network [SOLVED]
Replies: 6
Views: 250

Re: Route to multiple remote locations with same LAN subnet/network [SOLVED]

Sindy=genius!!!
You should write a routerOS book, I will pre-order buy it now!

Yes, indeed, that he should do, will also order before publication.
His method of reaching or explains is excellent
by CZFan
Fri May 17, 2019 9:41 pm
Forum: General
Topic: Winbox Simple Queue display change
Replies: 1
Views: 78

Re: Winbox Simple Queue display change

Toggle on or off by clicking on "#"
by CZFan
Thu May 16, 2019 10:10 pm
Forum: General
Topic: How to PCQ this?
Replies: 5
Views: 235

Re: How to PCQ this?

Are the subnets consecutive? If so, aggregate / summarize the subnets
by CZFan
Wed May 15, 2019 11:50 pm
Forum: General
Topic: How to PCQ this?
Replies: 5
Views: 235

Re: How to PCQ this?

Target should point to internal subnet, rest looks good
by CZFan
Tue May 14, 2019 3:34 am
Forum: General
Topic: Mk, NAT Open Request [Help needed]
Replies: 42
Views: 1355

Re: Mk, NAT Open Request [Help needed]

I think it is time you pride the config, in terminal window,
Export file=YourFileName hide-sensitive and either attach the file here or copy and paste the contents between source code brackets
by CZFan
Sun May 12, 2019 1:56 am
Forum: General
Topic: SXT 2 Discontinued?
Replies: 3
Views: 222

Re: SXT 2 Discontinued?

On Stock in Germany

Same in South Africa
by CZFan
Sat May 11, 2019 9:57 pm
Forum: General
Topic: VLAN over Bridge
Replies: 41
Views: 1233

Re: VLAN over Bridge

... The way Google Fiber and the OP's ISP use of the CoS field in the VLAN tag is rather a misuse to me, because normally it is used to convey the information about frame priority, not that it would have to contain a single mandatory value. But I have no idea what weakness of their system they had ...
by CZFan
Sat May 11, 2019 8:49 pm
Forum: General
Topic: VLAN over Bridge
Replies: 41
Views: 1233

Re: VLAN over Bridge

... 3. While I've only worked on one RB4011 I don't recall all the switch menu options being set like this. But I won't know until this week when it's back up online at a the customer site to double check but wasn't there when I was doing the initial setup. ... The RB4011 has a RTL8367 switch chip ...
by CZFan
Sat May 11, 2019 8:38 pm
Forum: General
Topic: VLAN over Bridge
Replies: 41
Views: 1233

Re: VLAN over Bridge

@sindy & @anav, while your little spat is cute you both have failed to notice some glaring errors in this config. 1. bridgePrio6 is the one that is supposed to filter this WAN VLAN stuff. So why is it a _member_ of the default bridge?! That's a no no. 2. There is nothing that shows bridgePrio6 has ...
by CZFan
Sun Apr 28, 2019 3:21 am
Forum: Forwarding Protocols
Topic: Output of "/routing bgp advertisements print" is truncated [SOLVED]
Replies: 5
Views: 356

Re: Output of "/routing bgp advertisements print" is truncated [SOLVED]

Have you tried accessing the device with ssh and then run command?
by CZFan
Wed Apr 24, 2019 4:40 pm
Forum: General
Topic: use another dns for http
Replies: 12
Views: 419

Re: use another dns for http

Personally, I would use Domain Controller as DNS (and DHCP) for internal clients, DNS should already be installed on DC Server as that is one of the requirements for AD to work properly
by CZFan
Wed Apr 24, 2019 3:52 am
Forum: General
Topic: ip scan to text file
Replies: 1
Views: 78

Re: ip scan to text file

Think it will be something like
/tool ip-scan address=12.34.56.78 interface=ether1
by CZFan
Wed Apr 24, 2019 1:38 am
Forum: Beginner Basics
Topic: RouterOS - NAT problem (dst-nat)
Replies: 23
Views: 827

Re: RouterOS - NAT problem (dst-nat)

...
Then the client will send mails out, either directly to your hosted mail server or alternative Skype server.
...
Suppose to be SMTP Server, Apple IOS auto correct :-(
by CZFan
Tue Apr 23, 2019 4:22 am
Forum: Beginner Basics
Topic: RouterOS - NAT problem (dst-nat)
Replies: 23
Views: 827

Re: RouterOS - NAT problem (dst-nat)

@Anav, IIRC, you are using an email client with mail server hosted our side your network. Then the client will send mails out, either directly to your hosted mail server or alternative Skype server. The mail coming in, is being "pulled" by the mail client, so connection is into initiated from inside...
by CZFan
Tue Apr 23, 2019 4:00 am
Forum: General
Topic: Issues with internal traffic not getting NATed
Replies: 21
Views: 835

Re: Issues with internal traffic not getting NATed

I am struggling to understand what you are looking for here, the "drop invalid" rule is the built in solution
by CZFan
Tue Apr 23, 2019 3:46 am
Forum: General
Topic: Run script when a gateway fails over
Replies: 5
Views: 263

Re: Run script when a gateway fails over

Based on the limited information you provided, this should be sufficient:

Create / run a script to pick up active wan IP
by CZFan
Sun Apr 21, 2019 8:31 pm
Forum: Beginner Basics
Topic: RouterOS - NAT problem (dst-nat)
Replies: 23
Views: 827

Re: RouterOS - NAT problem (dst-nat)

RouterOS uses routes from "/ip route" to decide where to send packets. It doesn't automatically send replies back the same way from where the request came. So you have incoming connection on WAN2, but default route uses WAN1, so response packets are sent there and of course it doesn't work. Solutio...
by CZFan
Sun Apr 21, 2019 6:02 pm
Forum: Beginner Basics
Topic: Avoiding Double NAT with multiple routers
Replies: 25
Views: 8937

Re: Avoiding Double NAT with multiple routers


@anav I already did it (viewtopic.php?f=13&t=145144), but I got no answers... l don’t know what to do.

You now have an answer...
by CZFan
Sun Apr 21, 2019 6:01 pm
Forum: Beginner Basics
Topic: NAT problems - Xbox One and Nintendo Switch
Replies: 7
Views: 517

Re: NAT problems - Xbox One and Nintendo Switch

If you have hired a company to do the installation, then surely they must correct the problem / design of the network?

Alternatively, my suggestion will be to hire a Mikrotik Certified Consultant in your area. https://mikrotik.com/consultants
by CZFan
Fri Apr 19, 2019 3:22 am
Forum: General
Topic: Need advice with a proper router for my home.
Replies: 13
Views: 653

Re: Need advice with a proper router for my home.

What will you do that concerns you about the memory.
Hap ac2 has 4 cpu and that memory is more than sufficient
by CZFan
Mon Apr 15, 2019 11:50 pm
Forum: General
Topic: who can I hire to get a export to work as an import an a clone [SOLVED]
Replies: 7
Views: 363

Re: who can I hire to get a export to work as an import an a clone [SOLVED]

...

I can't seem to downgrade it to 6.34.4 Mikrotik seems to have deleted the firmware from there website

...

https://mikrotik.com/download/archive
by CZFan
Sun Apr 14, 2019 4:39 pm
Forum: General
Topic: help with queue
Replies: 4
Views: 262

Re: help with queue

Add a simple queue with target of CCTV IP and set rate limits required
by CZFan
Sun Apr 14, 2019 4:34 pm
Forum: Beginner Basics
Topic: HAP mini IPSEC+EoIP performance?
Replies: 4
Views: 293

Re: HAP mini IPSEC+EoIP performance?

As far as I can recall, Hap Mini and Lite has exactly the same specs, only difference is mini has 3 ether ports and Lite has 4 ether ports
by CZFan
Fri Apr 12, 2019 4:45 am
Forum: Wireless Networking
Topic: Some wireless questions
Replies: 5
Views: 378

Re: Some wireless questions

My main concern is to make sure the antennas are aligned, my thinking is does not matter settings you play with, if alignment is out, you will never have a stable / good link. but seems for some reason, no one here wants to comment on if the alignment tool in Winbox still works. I have set the chann...
by CZFan
Thu Apr 11, 2019 11:20 pm
Forum: General
Topic: L2TP VPN "L2TP UDP packet received from" over and over again. [SOLVED]
Replies: 14
Views: 558

Re: L2TP VPN "L2TP UDP packet received from" over and over again. [SOLVED]

Yup, that will also work as OpenVPN on MT is TCP Based.

I just prefer SSTP over O-VPN as SSTP uses port 443, less chance of ISP's blocking it.
by CZFan
Thu Apr 11, 2019 9:43 pm
Forum: Forwarding Protocols
Topic: MikroTik and Cisco ASA
Replies: 5
Views: 402

Re: MikroTik and Cisco ASA

One suggestion will be to not use NATing between proxy / ASA / MT, but rather routing and only NAT out on MT
by CZFan
Thu Apr 11, 2019 9:04 pm
Forum: General
Topic: L2TP VPN "L2TP UDP packet received from" over and over again. [SOLVED]
Replies: 14
Views: 558

Re: L2TP VPN "L2TP UDP packet received from" over and over again. [SOLVED]

You can use certs with SSTP between MT's, but it is not required. My point was you can quickly test it without creating certs etc. if it works better, then implement with certs
by CZFan
Thu Apr 11, 2019 7:53 pm
Forum: General
Topic: L2TP VPN "L2TP UDP packet received from" over and over again. [SOLVED]
Replies: 14
Views: 558

Re: L2TP VPN "L2TP UDP packet received from" over and over again. [SOLVED]

UDP not good for unstable links, maybe try a TCP based site to site VPN, i.e. SSTP bwteen MT's, don't need certs in this case
by CZFan
Wed Apr 10, 2019 3:18 am
Forum: Wireless Networking
Topic: Some wireless questions
Replies: 5
Views: 378

Re: Some wireless questions

Thx for your response, and I might very well be wrong and please correct me if I am wrong My understanding is that it is 897Mb/s air rate (radio) and should be able E to get 450 - 500 Mb/s data rate. I did some more reading, and it seems like with the equipment used for the link and due to short dis...
by CZFan
Tue Apr 09, 2019 9:10 pm
Forum: Wireless Networking
Topic: Some wireless questions
Replies: 5
Views: 378

Re: Some wireless questions

Bump, anyone, please?
by CZFan
Mon Apr 08, 2019 9:00 pm
Forum: Wireless Networking
Topic: Some wireless questions
Replies: 5
Views: 378

Some wireless questions

Hi Have a PTP link (2 x LHG 5ac's) connected but not too happy re performance which I am sure is due to my limited knowledge on wireless and asking for some help. The distance between the devices is about 500m with clear line of sight, both devices are on ROS 6.44.1. I if I can get the link to push ...
by CZFan
Mon Apr 08, 2019 3:52 pm
Forum: General
Topic: Filter Rules - Output showing activity, why?
Replies: 4
Views: 226

Re: Filter Rules - Output showing activity, why?

cause your rules are incorrect: Forward chain, you have dst address list which should work ok, but should really be src address list input chain, again you have dst address list, this will never work as you should not have any China IPs as per address list on your router, so should also be src addre...
by CZFan
Sat Apr 06, 2019 9:59 pm
Forum: General
Topic: SIP port(s)
Replies: 6
Views: 331

Re: SIP port(s)

I want mind to grind coffee beans. They should call it the cAPpuccinoAC

:lol: :lol: :lol: :lol:
by CZFan
Sat Apr 06, 2019 2:37 am
Forum: Beginner Basics
Topic: PPTP Issues
Replies: 13
Views: 636

Re: PPTP Issues

If you coming with a Windows client behind a NAT and L2TP/IPSec server is also behind a NAT, have a look at this, it solved my problem:

https://support.microsoft.com/en-gb/hel ... in-windows
by CZFan
Fri Apr 05, 2019 5:54 pm
Forum: The User Manager
Topic: HEX S - User Manager (Will it be enough)
Replies: 3
Views: 403

Re: HEX S - User Manager (Will it be enough)

Would you use a Mini to transport the local school rugby / soccer team to a game?

The Hex S is a SOHO device, that is an acronym for "Small Office / Home Office", do you think what you are trying to do fits in there?
by CZFan
Thu Apr 04, 2019 11:12 am
Forum: Announcements
Topic: v6.44.2 [stable] is released!
Replies: 67
Views: 10364

Re: v6.44.2 [stable] is released!

Hi Emils,

Is this fix related to recent vulnerability issue that were going to go public on 9 April?
by CZFan
Mon Apr 01, 2019 4:03 am
Forum: Wireless Networking
Topic: Alignment Mode : How to use
Replies: 4
Views: 8149

Re: Alignment Mode : How to use

Is this functionality still working? I have 2 lhg 5ac devices, link is up in bridged ptp config currently syncing at 400Mbps, but when I try this, I get nada. no sounds on station side, no info in Winbox on station side. All I get is customer screaming at me every time I do this as the link between ...
by CZFan
Mon Apr 01, 2019 1:43 am
Forum: Announcements
Topic: v6.44.1 [stable] is released!
Replies: 86
Views: 15830

Re: v6.44.1 [stable] is released!

Thx @mkx, @pe1chl for the info. Have over 1000 of these deployed in user homes (FTTx Deployment), so if things go wrong, not easy to get physical access to these plus user / client downtime. There was a time when I still had hair, when all jumped ship from Novell (had a very soft spot for Novell) to...
by CZFan
Sun Mar 31, 2019 4:28 am
Forum: Beginner Basics
Topic: WLAN - Users from LDAP and dynamic VLANs
Replies: 1
Views: 155

Re: WLAN - Users from LDAP and dynamic VLANs

IIRC, MT does not support dynamic VLAN's
by CZFan
Sun Mar 31, 2019 12:18 am
Forum: Announcements
Topic: v6.44.1 [stable] is released!
Replies: 86
Views: 15830

Re: v6.44.1 [stable] is released!

uninstall tr069 package, remove everything from /files, upgrade only routeros, after suiccessful upgrade install tr069 again Yes, if it was a device at my home, no issues, but now I must go do that on over 1000 devices at client site? WTF is it even necessary to do that, I am a patient person, been...
by CZFan
Sat Mar 30, 2019 11:59 pm
Forum: Announcements
Topic: v6.44.1 [stable] is released!
Replies: 86
Views: 15830

Re: v6.44.1 [stable] is released!

@CZFan, @gdelacruz: is there anything in the log about upgrading (or its failure)? When I try to uninstall the packages that are disabled, I get error, cant uninstall bundled package Have over 1000 of these devices deployed at 1 client only Log info after trying to upgrade: 23:46:30 system,info ins...
by CZFan
Sat Mar 30, 2019 3:16 pm
Forum: Announcements
Topic: v6.44.1 [stable] is released!
Replies: 86
Views: 15830

Re: v6.44.1 [stable] is released!

unfortunately my MT is not upgrading to 6.44 from 6.43.12. i am using the upgrade tool from winbox. downloading and reboot but it does not change at all... pls. advise .. using RB952Ui-5ac2nD.. thanks Having the same problem on 1 device, trying to upgrade from 6.43.8 to 6.44.1, it downloads it, reb...
by CZFan
Fri Mar 15, 2019 8:51 pm
Forum: Announcements
Topic: v6.44.1 [stable] is released!
Replies: 86
Views: 15830

Re: v6.44.1 [stable] is released!

Hi all,
I noticed since 6.44 and now 6.44.1 some neighbors are displayed without their IP address.. is there a solution?

My guess will be those devices do not have an IP on the interface reported on.
by CZFan
Fri Mar 15, 2019 3:29 pm
Forum: Announcements
Topic: v6.44.1 [stable] is released!
Replies: 86
Views: 15830

Re: v6.44.1 [stable] is released!

Updated hAP AC2 and CCR1009 from 6.44 to 6.44.1 I am seeing a lot of dropped Forwarded packets as INVALID. These are packets that should have hit the New connection from a local device in the address list. But are getting dropped. Also ... Updated my Hap AC^2, also getting lots of invalids dropped,...
by CZFan
Thu Mar 14, 2019 2:03 pm
Forum: Announcements
Topic: Statement on Vault 7 document release
Replies: 92
Views: 42384

Re: Statement on Vault 7 document release

upgrade ≠ reset configuration

On upgrade system files are replaced with new ones.

You are using the wrong symbol to explain to IT people, should use "!=" instead, then they will better understand :-)
by CZFan
Wed Mar 13, 2019 6:57 am
Forum: General
Topic: Why (not) use Hairpin NAT
Replies: 20
Views: 1246

Re: Why (not) use Hairpin NAT

So I missed this thread when it was new, but it's not too late to disagree now - hairpin NAT is awesome! ;) Ok, that was just to even things out a little. Reality is that haipin NAT should be unnecessary and by long time obsolete hack from old IPv4 + NAT times that were supposed to end years ago. U...
  • 1
  • 2
  • 3
  • 4
  • 5
  • 24