Community discussions

Search found 1219 matches

  • 1
  • 2
  • 3
  • 4
  • 5
  • 25
by CZFan
Wed Jun 19, 2019 1:44 pm
Forum: General
Topic: Google pings corrupts
Replies: 1
Views: 84

Google pings corrupts

Hi, Not strictly a Mikrotik related question, but just want to see if you guys get the same. This started recently, can't ping any Google services with packets bigger than 92, if I do, packets gets corrupted. I get this from 2 locations which has nothing in common except using Mikrotik routers, diff...
by CZFan
Wed Jun 19, 2019 2:15 am
Forum: Beginner Basics
Topic: RB2011 WAN interface not reaching full speed
Replies: 1
Views: 91

Re: RB2011 WAN interface not reaching full speed

Start by upgrading to 6.44.3, then post results of "export hide-sensitive" here (between source code bracket so, see menu bot tons above)
by CZFan
Wed Jun 19, 2019 2:10 am
Forum: Beginner Basics
Topic: RB751G-2hnd - VLAN on ether5 - No bridge - DHCP server issues
Replies: 1
Views: 86

Re: RB751G-2hnd - VLAN on ether5 - No bridge - DHCP server issues

From your post, I ge the feeling there is a bigger picture / goal missing, anyway. Using info in your post, you do not need to do any config so on the chip level as it seems there will be no vlan switching. Then add the vlan to ether 5, add IP address to vlan interface, same with DHCP server. The si...
by CZFan
Sun Jun 16, 2019 9:18 pm
Forum: Beginner Basics
Topic: Config VPN and DDNS + smartphone
Replies: 5
Views: 284

Re: Config VPN and DDNS + smartphone

Have you tried to connect with pc/laptop? Apple (iPhone, etc) have dropped support for pptp vpn a while ago due to pptp not being secure, not even allowing it on passthrough, maybe Samsung followed same process. Will be a good idea if you used another VPN type anyway, one that is more secure, i.e. L...
by CZFan
Sun Jun 16, 2019 8:29 pm
Forum: General
Topic: Hardware VLAN
Replies: 6
Views: 322

Re: Hardware VLAN

Yes,
/interface vlan
add interface=bridge1 vlan-id=2 name=vlan2

/ip address
add address=192.168.2.1/24 interface=vlan2
Also see...
https://wiki.mikrotik.com/wiki/Manual:B ... witch_chip
by CZFan
Sun Jun 16, 2019 7:32 pm
Forum: Wireless Networking
Topic: How replace a failing Wireless Wire Dish unit ?
Replies: 2
Views: 129

Re: How replace a failing Wireless Wire Dish unit ?

Besides admin users, IP addresses, for normal management, etc,you will have to configure the following as a minimum to get the link up:

1. Mode: "Bridge" or "Station Bridge" depending which one you replacing
2: SSID
3: SSID Password
by CZFan
Sun Jun 16, 2019 7:26 pm
Forum: Wireless Networking
Topic: Configuring a Wireless Wire Dish as a switch ?
Replies: 2
Views: 127

Re: Configuring a Wireless Wire Dish as a switch ?

Not sure I understand correct, but there is only 1 Ethernet interface on these devices?

However, you can connect a switch on both sides of it
by CZFan
Sat Jun 15, 2019 11:44 pm
Forum: Beginner Basics
Topic: SXT LTE kit and router Zyxel NBG-416N
Replies: 1
Views: 120

Re: SXT LTE kit and router Zyxel NBG-416N

Search for SXT passthrough
by CZFan
Sat Jun 15, 2019 10:11 pm
Forum: General
Topic: One device in my network will not work
Replies: 4
Views: 137

Re: One device in my network will not work

I can't understand at all. That's pretty common here, I've reverted to guessing. Here in particular, I've guessed that "it's my Mikrotik" actually means "it's caused by some issue on my Mikrotik". Let's see whether the guess was correct. Must be a "bug" in the forum software, the crystal ball facil...
by CZFan
Sat Jun 15, 2019 9:24 pm
Forum: General
Topic: need help choosing hardware
Replies: 4
Views: 191

Re: need help choosing hardware

The 866Mb/s is probably "Radio" speed, which will equate to approximately 50% of that for Data Throughput due to wireless overhead, etc. I recently replaced a Mikrotik LHG 5 AC wireless link with the Mikrotik 60GHz "Wireless Wire" product, end result is I have XBox / PS4 gamers on the other side of ...
by CZFan
Sat Jun 15, 2019 9:08 pm
Forum: General
Topic: Can you make a CRS328-24P-4S+ both a switch and router
Replies: 6
Views: 264

Re: Can you make a CRS328-24P-4S+ both a switch and router

Yes, but it actually is a "Switch" by design, so not best performance if you have high speed routing requirements.
by CZFan
Sat Jun 15, 2019 1:23 pm
Forum: Beginner Basics
Topic: Mikrotik RB2011 in "Router" Mode
Replies: 11
Views: 544

Re: Mikrotik RB2011 in "Router" Mode

I am not really sure you are successfully pinging the SXT (192.168.88.1) as both devices have that same IP config on ether1 interfaces, so your config seems totally incorrect . You already have a "router / firewall / DHCP / etc" in the SXT, why not make the Hap AC2 a "switch+AP" only device? See top...
by CZFan
Thu Jun 13, 2019 11:42 am
Forum: Beginner Basics
Topic: Every device shows the same IP in Winbox Scan
Replies: 4
Views: 180

Re: Every device shows the same IP in Winbox Scan

Suspect you have configured Proxy-Arp on interface(s).
by CZFan
Thu Jun 13, 2019 12:49 am
Forum: General
Topic: RouterOS Virtual Labs
Replies: 84
Views: 107339

Re: RouterOS Virtual Labs

@sebastia,
I created a new "project" in gns3 today and again, one of the my routers mixed up the ether ports.

Would you mind sharing a bit more of your setup, i.e. Which version of gns3, using virtualbox, VMware player, workstation, etc?
by CZFan
Wed Jun 12, 2019 2:16 pm
Forum: RouterBOARD hardware
Topic: Wireless wire 60Ghz default password
Replies: 25
Views: 5609

Re: Wireless wire 60Ghz default password

Took over client from another service provider, previous service provider created their own admin user / password and removed the default admin user. The equipment is now mounted on masts, etc, is there a way to get the default admin user / password from the device for record keeping purposes? Using...
by CZFan
Tue Jun 11, 2019 6:35 pm
Forum: Forwarding Protocols
Topic: ❗️❓ UNSTABLE VPLS on Wireless networks
Replies: 12
Views: 624

Re: ❗️❓ UNSTABLE VPLS on Wireless networks

One bit of info missing, does the wireless link go down for 60 seconds before connects again? Reason I am asking is we have a wireless link, 2 x LHG 5ac's, short distance (about 700 meters) but sometimes takes up to 3 minutes to connect again if the wireless link dropped and reason seems to be takin...
by CZFan
Sun Jun 09, 2019 11:40 pm
Forum: General
Topic: RouterOS Virtual Labs
Replies: 84
Views: 107339

Re: RouterOS Virtual Labs

I'm trying to get CHR working on EVE-NG and it works but the interfaces dont seem to line up. I will put 192.168.1.1/24 on R1:ether1 and 192.168.1.2/24 on R2:ether1. I will make a connection from R1:ether1 and R2:ether1. I will then try to ping 192.168.1.2 from R1 with no success. I will move the I...
by CZFan
Sun Jun 09, 2019 1:32 pm
Forum: Beginner Basics
Topic: Wireless Wire (RBwAPG-60adkit) - Not working. Appreciate the help!
Replies: 7
Views: 359

Re: Wireless Wire (RBwAPG-60adkit) - Not working. Appreciate the help!

I recently installed one of these Wireless Wire setups, straight from the supplier the 2 radios did not want to connect. After logging in on each device, I noticed both were in "Bridge" mode, changed the slave to "Station-Bridge" then it connected. Not sure if above is correct but my link is working...
by CZFan
Sun Jun 09, 2019 12:26 am
Forum: General
Topic: Need Solution: How to get the maximum speed of my Connection from my MikrotikBoard 2011UiAS-2HnD [SOLVED]
Replies: 7
Views: 362

Re: Need Solution: How to get the maximum speed of my Connection from my MikrotikBoard 2011UiAS-2HnD [SOLVED]

You will need to make use of firewall "fasttrack" rule.

Search the forum, many discussions re above, including on the 2011 router
by CZFan
Sat Jun 08, 2019 9:01 pm
Forum: Beginner Basics
Topic: Help! -- Something is dropping All traffic
Replies: 2
Views: 152

Re: Help! -- Something is dropping All traffic

Your problems is that "Cisco Small Business" thingy :-)

Just joking, have to echo what @anav said, without seeing config and / or more info on environment, very difficult to assist.

Maybe as a starting point provide full config (after deleting sensitive info) of 3011's and also a network diagram
by CZFan
Sat Jun 08, 2019 8:53 pm
Forum: General
Topic: Time Based firewaal rules
Replies: 12
Views: 487

Re: Time Based firewaal rules

I figured it out!! You have to specify the time and day or days that you want the rule to be applied and then you have to press reset all counters to reset everything and allow the new rule to be applied. I checked it 3-4 times and it worked fine. Thank you all!!!! I suspect that you have a rule be...
by CZFan
Sat Jun 08, 2019 8:27 pm
Forum: General
Topic: QUEUE TREE
Replies: 4
Views: 244

Re: QUEUE TREE

Don't quite understand your question, you say you have seen this configuration and state that it worked??? Anyway, to answer your question, yes, you mark the connection, then the packets of this connection, the "connection" is both "up" and "down" traffic. Then apply the queue tree config accordingl...
by CZFan
Sat Jun 08, 2019 8:20 pm
Forum: General
Topic: QinQ VLAN's Help needed [SOLVED]
Replies: 61
Views: 5036

Re: QinQ VLAN's Help needed [SOLVED]

@deepmedia
As a side note, I assume the 1.1.1.1, etc addresses are loopback addresses, anyway, personally I will stay away from them as they are routable on internet
by CZFan
Sat Jun 08, 2019 7:21 pm
Forum: General
Topic: Strange Mangle situation - Download fighting Upload [SOLVED]
Replies: 22
Views: 789

Re: Strange Mangle situation - Download fighting Upload [SOLVED]

...

How in the world are you going to specify flow direction in the "Queue Tree" ? The Flow Direction is done in mangle with packer marking and then used as an input in the "Queue Tree".
...
QtreeIface.JPG
by CZFan
Sat Jun 08, 2019 2:25 am
Forum: General
Topic: Strange Mangle situation - Download fighting Upload [SOLVED]
Replies: 22
Views: 789

Re: Strange Mangle situation - Download fighting Upload [SOLVED]

Hy I'm also confused. How can CZFan's example work? The mangle uses src-address-list, meaning "Download" traffic from a bunch of IPs. How can those packet marks be used in Queue trees for uploads? ... the mangle uses src-address-list, for the device starting the connection, in this case it was a pc...
by CZFan
Fri Jun 07, 2019 7:52 pm
Forum: General
Topic: Strange Mangle situation - Download fighting Upload [SOLVED]
Replies: 22
Views: 789

Re: Strange Mangle situation - Download fighting Upload [SOLVED]

... So long this did the trick, but i had the assumption that what ever you put into Connection marking follows the Packet marking if you use "Connection marking" as input ? This had me fighting for a very long time and i hope it help others as well. Also this proves that almost every Tutorial out ...
by CZFan
Fri Jun 07, 2019 1:54 am
Forum: Beginner Basics
Topic: Problem with Firewall Rule
Replies: 3
Views: 207

Re: Problem with Firewall Rule

It will block ssh, but as sftp runs over ssh session, it will also block sftp
by CZFan
Fri Jun 07, 2019 1:10 am
Forum: General
Topic: EoIP & Queue
Replies: 1
Views: 146

Re: EoIP & Queue

Under queue tree, for VPN:IN, change parent to LAN interface, i.e. Bridge or what ever you called it
by CZFan
Fri Jun 07, 2019 12:12 am
Forum: General
Topic: Strange Mangle situation - Download fighting Upload [SOLVED]
Replies: 22
Views: 789

Re: Strange Mangle situation - Download fighting Upload [SOLVED]

Not at my pc at the moment, but below with you doing some reading on wiki should get you there.

You should not specify interfaces in mangle rules, then in queue tree config, specify the interface / queue as required, i.e. Bridge interface for download and PPPoE interface for upload
by CZFan
Sun Jun 02, 2019 1:02 am
Forum: Beginner Basics
Topic: Can i intercept Traffic flowing through my MikroTik Router?
Replies: 3
Views: 280

Re: Can i intercept Traffic flowing through my MikroTik Router?

Traffic flow is used for network statistics.

I think it will be better if you define "intercept" and what actually needs to happen to the frames / packets once intercepted in order for us to get a better unde standing of a our requirements and provide better suggestions.
by CZFan
Sun Jun 02, 2019 12:51 am
Forum: Beginner Basics
Topic: Ban IP's / Drop connections of RDP Brute forcers
Replies: 6
Views: 462

Re: Ban IP's / Drop connections of RDP Brute forcers

Hmmmm, there is no reason why the action drop rule should be in the RAW firewall filter and NOT the input chain. As the rhyme goes. I would like to slap the peepee of the person that wrote the wikee. Slow day. ;-) Highly recommend you read through this thread for some sage advice! https://forum.mik...
by CZFan
Fri May 31, 2019 12:21 am
Forum: General
Topic: Trying to change IPSEC Peers from main to aggressive, getting an error I dont understand.
Replies: 9
Views: 372

Re: Trying to change IPSEC Peers from main to aggressive, getting an error I dont understand.

Re firewall, also ensure you block DNS from outside on input chain
by CZFan
Thu May 23, 2019 12:23 am
Forum: General
Topic: VLAN trunk - master-slave way of config on physical interfaces [SOLVED]
Replies: 30
Views: 1181

Re: VLAN trunk - master-slave way of config on physical interfaces [SOLVED]

It never came to my mind to try to push VLANs through a L2TP tunnel in bridge mode, but I've expected it would be enough to configure the /interface bridge port and /interface bridge vlan items also for the L2TP interfaces. However, it seems RouterOS is not ready for this (at least as of 6.44.3). W...
by CZFan
Tue May 21, 2019 10:33 pm
Forum: General
Topic: Strange RP filter behavior
Replies: 12
Views: 532

Re: Strange RP filter behavior

@macgaiver: Here you go, but be warned, once you see it, you can't unsee it.

Do you and @sindy visit each other in The Matrix for drinks :-)
by CZFan
Tue May 21, 2019 12:18 am
Forum: General
Topic: Route to multiple remote locations with same LAN subnet/network [SOLVED]
Replies: 6
Views: 284

Re: Route to multiple remote locations with same LAN subnet/network [SOLVED]

Sindy=genius!!!
You should write a routerOS book, I will pre-order buy it now!

Yes, indeed, that he should do, will also order before publication.
His method of reaching or explains is excellent
by CZFan
Fri May 17, 2019 9:41 pm
Forum: General
Topic: Winbox Simple Queue display change
Replies: 1
Views: 106

Re: Winbox Simple Queue display change

Toggle on or off by clicking on "#"
by CZFan
Thu May 16, 2019 10:10 pm
Forum: General
Topic: How to PCQ this?
Replies: 5
Views: 258

Re: How to PCQ this?

Are the subnets consecutive? If so, aggregate / summarize the subnets
by CZFan
Wed May 15, 2019 11:50 pm
Forum: General
Topic: How to PCQ this?
Replies: 5
Views: 258

Re: How to PCQ this?

Target should point to internal subnet, rest looks good
by CZFan
Tue May 14, 2019 3:34 am
Forum: General
Topic: Mk, NAT Open Request [Help needed]
Replies: 42
Views: 1421

Re: Mk, NAT Open Request [Help needed]

I think it is time you pride the config, in terminal window,
Export file=YourFileName hide-sensitive and either attach the file here or copy and paste the contents between source code brackets
by CZFan
Sun May 12, 2019 1:56 am
Forum: General
Topic: SXT 2 Discontinued?
Replies: 3
Views: 241

Re: SXT 2 Discontinued?

On Stock in Germany

Same in South Africa
by CZFan
Sat May 11, 2019 9:57 pm
Forum: General
Topic: VLAN over Bridge
Replies: 41
Views: 1313

Re: VLAN over Bridge

... The way Google Fiber and the OP's ISP use of the CoS field in the VLAN tag is rather a misuse to me, because normally it is used to convey the information about frame priority, not that it would have to contain a single mandatory value. But I have no idea what weakness of their system they had ...
by CZFan
Sat May 11, 2019 8:49 pm
Forum: General
Topic: VLAN over Bridge
Replies: 41
Views: 1313

Re: VLAN over Bridge

... 3. While I've only worked on one RB4011 I don't recall all the switch menu options being set like this. But I won't know until this week when it's back up online at a the customer site to double check but wasn't there when I was doing the initial setup. ... The RB4011 has a RTL8367 switch chip ...
by CZFan
Sat May 11, 2019 8:38 pm
Forum: General
Topic: VLAN over Bridge
Replies: 41
Views: 1313

Re: VLAN over Bridge

@sindy & @anav, while your little spat is cute you both have failed to notice some glaring errors in this config. 1. bridgePrio6 is the one that is supposed to filter this WAN VLAN stuff. So why is it a _member_ of the default bridge?! That's a no no. 2. There is nothing that shows bridgePrio6 has ...
by CZFan
Sun Apr 28, 2019 3:21 am
Forum: Forwarding Protocols
Topic: Output of "/routing bgp advertisements print" is truncated [SOLVED]
Replies: 5
Views: 400

Re: Output of "/routing bgp advertisements print" is truncated [SOLVED]

Have you tried accessing the device with ssh and then run command?
by CZFan
Wed Apr 24, 2019 4:40 pm
Forum: General
Topic: use another dns for http
Replies: 12
Views: 455

Re: use another dns for http

Personally, I would use Domain Controller as DNS (and DHCP) for internal clients, DNS should already be installed on DC Server as that is one of the requirements for AD to work properly
by CZFan
Wed Apr 24, 2019 3:52 am
Forum: General
Topic: ip scan to text file
Replies: 1
Views: 92

Re: ip scan to text file

Think it will be something like
/tool ip-scan address=12.34.56.78 interface=ether1
by CZFan
Wed Apr 24, 2019 1:38 am
Forum: Beginner Basics
Topic: RouterOS - NAT problem (dst-nat)
Replies: 23
Views: 899

Re: RouterOS - NAT problem (dst-nat)

...
Then the client will send mails out, either directly to your hosted mail server or alternative Skype server.
...
Suppose to be SMTP Server, Apple IOS auto correct :-(
by CZFan
Tue Apr 23, 2019 4:22 am
Forum: Beginner Basics
Topic: RouterOS - NAT problem (dst-nat)
Replies: 23
Views: 899

Re: RouterOS - NAT problem (dst-nat)

@Anav, IIRC, you are using an email client with mail server hosted our side your network. Then the client will send mails out, either directly to your hosted mail server or alternative Skype server. The mail coming in, is being "pulled" by the mail client, so connection is into initiated from inside...
by CZFan
Tue Apr 23, 2019 4:00 am
Forum: General
Topic: Issues with internal traffic not getting NATed
Replies: 21
Views: 889

Re: Issues with internal traffic not getting NATed

I am struggling to understand what you are looking for here, the "drop invalid" rule is the built in solution
  • 1
  • 2
  • 3
  • 4
  • 5
  • 25