Community discussions

Search found 44 matches

by AminYounessi
Wed Jul 10, 2019 8:18 am
Forum: General
Topic: What VPN tech with dynamic routing behind NAT?
Replies: 3
Views: 275

Re: What VPN tech with dynamic routing behind NAT?

Hi,

If you want to use Dynamic Routing Protocols like OSPF, and also you want to connect your local network, you need to use GRE tunnel, cause it can pass the Multicast traffic, So this one important reason that you need to use Dynamic Routing Protocol through the tunnel.
by AminYounessi
Wed Jul 10, 2019 8:14 am
Forum: General
Topic: Port Forwarding Not Working but Shows Packets
Replies: 11
Views: 754

Re: Port Forwarding Not Working but Shows Packets

Hi,

Please specify your right destination address in general tab.
by AminYounessi
Tue May 14, 2019 9:35 am
Forum: Beginner Basics
Topic: If I use "src-nat" i can not ping external(internet) resources
Replies: 6
Views: 412

Re: If I use "src-nat" i can not ping external(internet) resources

Hello. I have a mikrotik router on which assigned few public IPs. By that reason i'm using "src-nat" instead of Masquerade, because i need to separation which users go out through which public IP My rules /ip firewall nat add action=src-nat chain=srcnat disabled=no\ out-interface=ether1-gateway pro...
by AminYounessi
Mon Apr 15, 2019 9:39 am
Forum: Wireless Networking
Topic: 3.6 Km Ptp Link -- bad RX ccq and BW [SOLVED]
Replies: 7
Views: 630

Re: 3.6 Km Ptp Link -- bad RX ccq and BW [SOLVED]

Hi Gianrico,

Your link physically fine tuned because of the signal strength that you reach in the picture and the Noise floor is -101 dbm so it means the Noise is less, did you use 802.11 and test a bandwidth of the link?
by AminYounessi
Tue Mar 19, 2019 2:40 pm
Forum: Wireless Networking
Topic: How to setup redundant radio link?
Replies: 4
Views: 297

Re: How to setup redundant radio link?

Hi, You can use other MikroTik router behind each side of the link and connect 2 radios to that router on each side and you can use static route with different administrative distance to other side of the link or you can use the "interface bonding" option to bond two wireless link together, another ...
by AminYounessi
Tue Mar 19, 2019 1:00 pm
Forum: General
Topic: Block port tcp/udp
Replies: 12
Views: 604

Re: Block port tcp/udp

I do not use SIP, VOIP, UPNP ... We are in an audit process and this port is reported as unsafe. For this reason I want to close. # feb/18/2019 15:07:29 by RouterOS 6.32.3 # software id = 9RFM-A3U1 # /ip firewall address-list add address=27.221.0.0/16 list=POOL_BLOQUEIO add address=121.29.0.0/16 li...
by AminYounessi
Tue Mar 19, 2019 8:02 am
Forum: Beginner Basics
Topic: Radus server in my Mikrotik router
Replies: 6
Views: 386

Re: Radus server in my Mikrotik router

Hi, I have two Mikrotik router and a DD-WRT too. Would it be possible to use one of them as a radius server for the WiFi authentication at least? I have WPA2-PSK with MAC filtering. It would be nice to configure WiFi users only one place and other APs use that central authentication device. Radius ...
by AminYounessi
Tue Mar 19, 2019 7:51 am
Forum: Beginner Basics
Topic: need basic understanding
Replies: 8
Views: 561

Re: need basic understanding

Hi, You can use the MLPPP protocol if you have multiple pppoe link but please check the link below: https://wiki.mikrotik.com/wiki/Manual:MLPPP_over_single_and_multiple_links my question is can i use Router OS instead of my actual router by connecting it with the router ? without having network car...
by AminYounessi
Mon Mar 18, 2019 3:36 pm
Forum: Beginner Basics
Topic: Port forwarding doesn't work [SOLVED]
Replies: 18
Views: 776

Re: Port forwarding doesn't work [SOLVED]

Hi,

You wrote your nat rule by the wrong way.

/ip firewall nat
add action=dst-nat chain=dstnat dst-address=your-public-address dst-port=49999 log=yes protocol=tcp \
to-addresses=192.168.88.100 to-ports=80(your desire port)
by AminYounessi
Mon Mar 18, 2019 10:26 am
Forum: Beginner Basics
Topic: need basic understanding
Replies: 8
Views: 561

Re: need basic understanding

Hi,

You can use the MLPPP protocol if you have multiple pppoe link but please check the link below:

https://wiki.mikrotik.com/wiki/Manual:M ... iple_links
by AminYounessi
Wed Dec 05, 2018 7:37 am
Forum: Beginner Basics
Topic: Netinstall not install routeros
Replies: 3
Views: 406

Re: Netinstall not install routeros

No problem browse for another roueros on your netinstall, for example try older routeros version and after transferring done(you see the installation box getting blue) then use to netinstall, winbox or any other things that you want to upgrade to the latest version of winbox. Or simply download the ...
by AminYounessi
Wed Dec 05, 2018 7:29 am
Forum: Beginner Basics
Topic: wireless settings
Replies: 2
Views: 367

Re: wireless settings

The bridge mode on mikrotik wireless card is for Point-to-Point wireless links, so if you want to give wireless service to clients you need to set your wireless card mode to ap-bridge. ap-bridge use for Point-to-Multipoint wirelss links.

Best Regards,
by AminYounessi
Wed Dec 05, 2018 7:26 am
Forum: Beginner Basics
Topic: TACACS
Replies: 2
Views: 409

Re: TACACS

If you have a cisco ACS you can check the link below:

https://wiki.mikrotik.com/wiki/Use_Cisc ... s_by_Group
by AminYounessi
Mon Oct 08, 2018 1:30 pm
Forum: General
Topic: RouterOS do not upgrade from 6.34.4
Replies: 7
Views: 836

Re: RouterOS do not upgrade from 6.34.4

Hi,

Did you try Netinstall or not? I suggest that you use Netinstall to upgrade your routeros or try downgrade it first then upgrade it with Netinstall.

Best Regards,
by AminYounessi
Mon Oct 08, 2018 1:25 pm
Forum: Beginner Basics
Topic: Problem with DHCP server and virtual AP
Replies: 6
Views: 700

Re: Problem with DHCP server and virtual AP

Hi Federico,

Why you setup a bridge interface for WIFI users? If you have one router directly connected to your wireless clients an you want to use virtual-AP with 10.0.0.0/24 different from your Local client's, So you just need to set your DHCP-Server on your virtual-AP.

Best Regards,
by AminYounessi
Mon Oct 01, 2018 11:09 am
Forum: Beginner Basics
Topic: How to config router to access internet with public and local IP
Replies: 1
Views: 547

Re: How to config router to access internet with public and local IP

Hi Amin, You can do this by two way: First way: You can configure your for example: ADSL-Router in Bridge mode Then connect it to the MikroTik router and set your Public address there, then go to ppp and configure pppoe-client from there or you can do this from terminal command like this: /interface...
by AminYounessi
Sun Sep 30, 2018 1:47 pm
Forum: Beginner Basics
Topic: use second Wan Only to go outside for one ip
Replies: 13
Views: 791

Re: use second Wan Only to go outside for one ip

Hi,

You jut need to specify "new-routing-mark=to-Wa2" under the second default route for the ISP2/ routing mark option.

Best Regards,
by AminYounessi
Sun Sep 30, 2018 1:40 pm
Forum: Beginner Basics
Topic: VPN pptp client internet connection problem
Replies: 4
Views: 558

Re: VPN pptp client internet connection problem

Hi, You simply need to put vpn connection on client desktop's and told the when they want to quit from internet, they must disable that connection. Or you can create a profile for vpn client's on the server side and specify the "session timeout" and "idle timeout" to automatically disconnect the vpn...
by AminYounessi
Sun Sep 30, 2018 1:27 pm
Forum: Beginner Basics
Topic: RDP Problem
Replies: 2
Views: 372

Re: RDP Problem

Hi,

At first i suggest that reset configuration with no default check and configure your router again or if you clear your mikrotik router "connection tracking" what will happens?
by AminYounessi
Tue Sep 18, 2018 11:12 am
Forum: General
Topic: add static dns
Replies: 5
Views: 630

Re: add static dns

Dear Majid, Please check your ip/dns configuration and you need to set your router address into "ip dns set servers=router-address" then you need to go to the ip firewall nat and write dns-proxy rule there for protocol=udp and destionation port 53. In static dns settings if you write "sample.com" yo...
by AminYounessi
Tue Sep 18, 2018 7:49 am
Forum: Beginner Basics
Topic: Router connections
Replies: 5
Views: 586

Re: Router connections

Hi, The S-seen reply means that "seen new connection is replied by your device" , A-assured means "the connection is trusted" , C-confirmed means "connection is confirmed by your device or firewall" , d-dst-nat , F- i think this is FIN i mean no more data from sender it seen after a connection is cl...
by AminYounessi
Mon Sep 17, 2018 11:51 am
Forum: Beginner Basics
Topic: Simple routing
Replies: 1
Views: 232

Re: Simple routing

You must write your route to the ip address of interface between two mikrotik's not to your mikrotik LAN interface side.

Best Regards,
by AminYounessi
Mon Sep 17, 2018 11:42 am
Forum: Beginner Basics
Topic: Web-Proxy Problem
Replies: 6
Views: 605

Re: Web-Proxy Problem

Did you set the dst-nat rule for rediecting traffic on destination port=80 to the 8080 port or not?
by AminYounessi
Mon Sep 17, 2018 10:06 am
Forum: Beginner Basics
Topic: Port forward back
Replies: 2
Views: 279

Re: Port forward back

Hi,

You just need to write this rule on your nat table to do your port forward

/ip firewall nat
ip firewall nat add chain=dstnat dst-address=public-address
dst-port=4444 action=dst-nat to-addresses=server-ip to-ports=server-port




Best Regards,
by AminYounessi
Tue Sep 11, 2018 8:16 am
Forum: Wireless Networking
Topic: how to extend wifi coverage
Replies: 1
Views: 308

Re: how to extend wifi coverage

Hi, At first you need to go to Basic settings / Operation Mode /Select the AP mode and click save. Then go to Wireless / Wireless Mode and select Universal Repeater and specify the mac address of MikoTik device there or click on survey to find your MikroTik there in Ap List and click on Connect ten ...
by AminYounessi
Tue Aug 28, 2018 7:00 am
Forum: Beginner Basics
Topic: multiple subnets on multiple ports - make them talk.
Replies: 3
Views: 333

Re: multiple subnets on multiple ports - make them talk.

Hi,

Can i ask you that in your client side's did you configure gateway for your client's or not?

Best Regards,
by AminYounessi
Sun Aug 26, 2018 1:53 pm
Forum: Beginner Basics
Topic: Everytime my Thinkpad T480 connects to hAP AC the unit drops wireless for some 15-30 seconds [SOLVED]
Replies: 2
Views: 413

Re: Everytime my Thinkpad T480 connects to hAP AC the unit drops wireless for some 15-30 seconds [SOLVED]

Hi, As i understand you want to use your hAP AC as a repeater for your unite pro, so the setup is very simple, you just need to go to the interface/wireless/repeater on your mikrotik device and just specify the mac address,SSID and secret key of your unite pro device. The important thing is you must...
by AminYounessi
Sun Aug 26, 2018 1:41 pm
Forum: Beginner Basics
Topic: Mac Address Filtering
Replies: 2
Views: 306

Re: Mac Address Filtering

Hi,

You can use the switch ACL option to drop specific mac address in ingress table and specify the src.port and src mac address that you want to drop it.
Or you can use the filter option in the bridge configuration and drop or accept any src-mac address.

Best Regards,
by AminYounessi
Wed Aug 22, 2018 8:24 am
Forum: Wireless Networking
Topic: Connect 2 mikrotiks wireless
Replies: 1
Views: 314

Re: Connect 2 mikrotiks wireless

Hi, Selecting the model of another mikrotik depend on how many users you want to support and other things. but you can use another hap lite or as you said before you can use CAP Lite or CAP too, and just you need to use the repeater mode on second routerboard to cover all area in your house. Best re...
by AminYounessi
Sun Aug 19, 2018 7:35 am
Forum: General
Topic: strange connection problem with Dynadish PTP...
Replies: 29
Views: 2076

Re: strange connection problem with Dynadish PTP...

Now I am experiencing a strange thing... I have a working PTP link [Dynadish] connected 5 kms apart and was working fine till Monday for past1 year. Monday the linked dropped connectivity. On probing further I realised that the connection on one end of the network works fine when plugged into a sta...
by AminYounessi
Wed Aug 15, 2018 2:03 pm
Forum: Beginner Basics
Topic: Can't access gateway from router
Replies: 3
Views: 426

Re: Can't access gateway from router

Hallo everybody! Situation as follows - I can access internet directly from my laptop but if I setup my Mikrotik with exactly the same settings as laptop (including mac) using Quick Setup the connection is broken. I can't ping gateway. What could be wrong? Thanks in advance! Hi, I think your scenar...
by AminYounessi
Wed Aug 15, 2018 12:12 pm
Forum: Beginner Basics
Topic: One IP Public Multiple Webserver
Replies: 4
Views: 1034

Re: One IP Public Multiple Webserver

Hi, You just need to write Destination-nat for those servers with different port number and specify the DNS records in your ip/dns/static for those two servers then you can open it from outside with one public ip address. (You just need to know about destination nat and PAT-port address translation ...
by AminYounessi
Wed Aug 15, 2018 11:41 am
Forum: Beginner Basics
Topic: Interconnect LAN & Gateway Routing
Replies: 3
Views: 350

Re: Interconnect LAN & Gateway Routing

Hi All, Have a question can this be done on MT? I have 3 LAN i want to interconnect them so i can manage devices connected on every LAN -br-lan - 10.1.1.0/24 - gw:10.1.1.254 (all client's computers are connected here) bridged ports: ether1,ether2,ether3,wlan1 -br-wlan - 10.1.2.0/24 - gw:10.1.2.254 ...
by AminYounessi
Wed Aug 15, 2018 11:27 am
Forum: Beginner Basics
Topic: Interconnect LAN & Gateway Routing
Replies: 3
Views: 350

Re: Interconnect LAN & Gateway Routing

Hi, At first i think you write mangle rules for you clients in "pre-route" chain with mark-route action from mangle table and in the MT routing table you write 3 default route with route-mark option specify, am i right? So i think you must change your mangle rule with output chain in this scenario t...
by AminYounessi
Tue Aug 14, 2018 11:56 am
Forum: Wireless Networking
Topic: Does solar farm influence the 5GHz signal?
Replies: 3
Views: 557

Re: Does solar farm influence the 5GHz signal?

Yes of course . We know about RFI(Radio Frequency Interference), when we search about the EMI(Electromagnetic Interference), we undrestand that they are similar and often have the same causes and solutions. EMI includes RFI but also includes non-radiated interference, such as line noise coming in fr...
by AminYounessi
Mon Aug 13, 2018 12:31 pm
Forum: Wireless Networking
Topic: The right way to connect 2 APs wirelessly
Replies: 2
Views: 410

Re: The right way to connect 2 APs wirelessly

Hi,

If you just want to use the internet and your local network in upstairs, you can use the repeater option on other router to repeat the AP signal. its very easy and useful.


Best Regards,
by AminYounessi
Sun Dec 03, 2017 11:08 am
Forum: Wireless Networking
Topic: big mistake [SOLVED]
Replies: 21
Views: 2818

Re: big mistake [SOLVED]

MikroTik wireless have full feature that you need to know each of them and then you need to speak about that. I use MikroTik device's on my 30 wireless links for connecting my buildings to each other and have no problems with that. Mikrotik have many wireless mode's that you can use them in any scen...
by AminYounessi
Mon Sep 04, 2017 9:07 am
Forum: Beginner Basics
Topic: Problems setting up wAP2nD into AP Station/Client Mode
Replies: 1
Views: 413

Re: Problems setting up wAP2nD into AP Station/Client Mode

I am trying to set up a brand new wAP2nD into AP Station/Client Mode. Basically I want to connect to an AP and use the wAP2nD's ethernet port to connect to a computer. I have read https://wiki.mikrotik.com/wiki/Manual:Wireless_AP_Client and https://wiki.mikrotik.com/wiki/Connect_to_an_Available_Wir...
by AminYounessi
Mon Sep 04, 2017 7:53 am
Forum: Beginner Basics
Topic: bridge and firewall understanding
Replies: 1
Views: 555

Re: bridge and firewall understanding

Dear qbone, If you put any interface to the bridge, it means that your interface is in slave mode and the master is Bridge-interface so you can put the ip address to the iterface bridge-Grp1(for example: 192.168.1.10/24) and 192.168.2.10/24 for interface bridge-Grp2 and you need to configure firewal...
by AminYounessi
Mon Sep 04, 2017 7:16 am
Forum: Beginner Basics
Topic: Unable to Access Web Server [SOLVED]
Replies: 4
Views: 593

Re: Unable to Access Web Server [SOLVED]

Dear Falklan, You need to set the public ip address that you configure on your mikrotik interface that can see from internet on general tab of your destination-nat rule then you can tell that if any body connect to for example http://ippublic:8595 nat this destination to the 192.168.100.10:80 (i mea...
by AminYounessi
Tue Apr 04, 2017 7:10 am
Forum: Announcements
Topic: MUM Europe 2017 Live!
Replies: 64
Views: 12129

Re: MUM Europe 2017 Live!

hAP mini have a nice black and orange color design i like it.
LtAP mini i like this product, i waiting for this to use in my car!!!
by AminYounessi
Tue Feb 28, 2017 9:39 am
Forum: General
Topic: Firewall rules
Replies: 9
Views: 968

Re: Firewall rules

Yes,i know.
by AminYounessi
Sat Feb 25, 2017 7:28 am
Forum: General
Topic: Firewall rules
Replies: 9
Views: 968

Re: Firewall rules

Hello When you set your wireless access-point in hidden mode(no body can see your SSID commonly),and for increasing the security you can add your station mac addresses to your Access-Point(as my friend said earlier in this post) that just the mac address in your access-list table can connect to your...
by AminYounessi
Fri Feb 24, 2017 9:55 am
Forum: General
Topic: Mikrotik Routing decision
Replies: 0
Views: 304

Mikrotik Routing decision

Hello,

I have a question about the ospf link cost calculation. My question is in mikrotik, ospf how can decide that which link is better and calculate link costs?Is there a type of the link important in mikrotik ospf or not?And what is the default cost of the ospf.

Thank you so much
Best Regards