Community discussions

Search found 144 matches

by zipvault
Tue Apr 25, 2017 2:44 am
Forum: Beginner Basics
Topic: VPN video tutorial for Ipsec L2tp mikrotik
Replies: 3
Views: 1026

Re: VPN video tutorial for Ipsec L2tp mikrotik

Hello i half understood this

Seems you want to do a "remote user vpn"?

U may need to portforward UDP 500 or 4500 for the wan
by zipvault
Sun Apr 23, 2017 10:58 am
Forum: Scripting
Topic: Script Expire users a after number of days
Replies: 4
Views: 2315

Re: Script Expire users a after number of days

Session_timeout

And idle_timeout

should both work
by zipvault
Sun Apr 23, 2017 10:55 am
Forum: Beginner Basics
Topic: VPN video tutorial for Ipsec L2tp mikrotik
Replies: 3
Views: 1026

VPN video tutorial for Ipsec L2tp mikrotik

L2TP VPN Tutorial

https://youtu.be/vPxGIz0_Pnw

Hope this helps
by zipvault
Fri Mar 10, 2017 3:19 am
Forum: General
Topic: Radius accounting attributes
Replies: 0
Views: 252

Radius accounting attributes

Ok so say i have a radius server Where different account can log in I want to manage the data usage of each account to be uploaded to their website account and represented as a graph of the accounts data usage Now i have set mangle rules to keep track of data per account But then how do i export thi...
by zipvault
Sat Jan 28, 2017 7:39 am
Forum: General
Topic: Ppoe to dhcp gateway to subnet dhcp router to switch to ptmp
Replies: 0
Views: 234

Ppoe to dhcp gateway to subnet dhcp router to switch to ptmp

ppoe gateway which i want to tell mikrotik router the ip of new devices to add to mikrotik arp list So i can manage firewall on the tik from an incoming gatewAy and incoming dhcp I was thinking Dhcp relay? Maybe Vlan is my answer or Some sort of subnet config where tik recevies dhcp from the gateway...
by zipvault
Mon Jan 09, 2017 6:04 pm
Forum: Beginner Basics
Topic: Radius server
Replies: 4
Views: 751

Re: Radius server

Look, I appreciate that you're trying to learn something, but this is a forum specifically for RouterOS and MikroTik products. If you want to ask a question about those, go right ahead, Ok thankyou i appreciate your response i will ask my question Should i use a AAA radius server For clients to acc...
by zipvault
Mon Jan 09, 2017 12:20 am
Forum: Beginner Basics
Topic: Radius server
Replies: 4
Views: 751

Re: Radius server

I did google radius server but i would like to know more from experience pros lurking the forums

With the possibility of someone who knows about radius servers taking the time to expain their angle and uses and the benefits of radius over other systems alike.
by zipvault
Sun Jan 08, 2017 2:01 am
Forum: Beginner Basics
Topic: Radius server
Replies: 4
Views: 751

Radius server

Would someone care to explain radius server to me and the benefits and uses
by zipvault
Sun Jan 08, 2017 1:54 am
Forum: Beginner Basics
Topic: Best rb board to handle 3 mobile internet connections
Replies: 3
Views: 657

Re: Best rb board to handle 3 mobile internet connections

Which rb boards are best for this

Also im thinking low power for mobility..

Has any one tried to power the rbboard via two 5v usbs
by zipvault
Sun Jan 08, 2017 1:47 am
Forum: Beginner Basics
Topic: VPN MAC OS
Replies: 15
Views: 5379

Re: VPN MAC OS

I've been trying for two days now You remind me of me two weeks ago :) Once you figure it out its very easy To make vpn If you follow the methods i posted on this forum page you should work it out Basically there are two main things u need to set Ppp> make a profile / then make a secret You also go...
by zipvault
Sat Jan 07, 2017 5:02 pm
Forum: Beginner Basics
Topic: Best rb board to handle 3 mobile internet connections
Replies: 3
Views: 657

Re: Best rb board to handle 3 mobile internet connections

I see some routerboards have pcie cards

Has anyone installed moble lte card into those pci slots
by zipvault
Sat Jan 07, 2017 1:32 pm
Forum: Beginner Basics
Topic: Best rb board to handle 3 mobile internet connections
Replies: 3
Views: 657

Best rb board to handle 3 mobile internet connections

What is the best mikrotik router To run 3 or 4 mobile internet connections via Lte Sim card to ethernet boxes i have These boxes output ethernet So i will have three ethernets ewch with seperate mobile internet connection I want to make a mobile box And i want a rb board to control the balance for t...
by zipvault
Sat Jan 07, 2017 1:30 pm
Forum: Beginner Basics
Topic: Balance and failsafe
Replies: 8
Views: 1373

Re: Balance and failsafe

What is the best mikrotik router To run 3 or 4 mobile internet connections via Lte Sim card to ethernet boxes i have These boxes output ethernet So i will have three ethernets ewch with seperate mobile internet connection I want to make a mobile box And i want a rb board to control the balance for t...
by zipvault
Fri Jan 06, 2017 4:49 am
Forum: Announcements
Topic: v6.38 [current] is released!
Replies: 168
Views: 37156

Re: v6.38 [current] is released!

by zipvault
Fri Jan 06, 2017 4:19 am
Forum: Beginner Basics
Topic: winbox port
Replies: 2
Views: 459

Re: winbox port

i see

so i would just specify port in the "connect to:" box

after the ip

in the winbox app


thanks sob your a legend
the answer was staring me in the face thanks: ) :lol:
by zipvault
Fri Jan 06, 2017 4:16 am
Forum: Beginner Basics
Topic: check for update returns ERROR: could not resolve dns name
Replies: 4
Views: 5524

Re: check for update returns ERROR: could not resolve dns name

ping results with no ping interface selected blank default ping mikrotik.com results: timeout status=packet rejected if i select ether 2 as interface i get results: i get timeout status= timeout also tried to ping google from inside routeros also returns packet rejects and timeouts but everything el...
by zipvault
Fri Jan 06, 2017 4:05 am
Forum: Beginner Basics
Topic: setup 2 public IP addresses NAT, mail server, web server
Replies: 11
Views: 9568

Re: setup 2 public IP addresses NAT, mail server, web server

im trying to get my head around balancing two isps

for simultanious use for redundancy and increased speed

if one drops the other is still there

rather than if one drops it connects to the other

maybe you wish to chime in here sob: http://forum.mikrotik.com/viewtopic.php?f=13&t=116465
by zipvault
Fri Jan 06, 2017 4:01 am
Forum: Beginner Basics
Topic: winbox port
Replies: 2
Views: 459

winbox port

can i change the default winbox port in services

i guess my question is can i change winbox port to "custom"

as i figured i would also need to change the port in the winbox application

"though i could not find the place to change in winbox app itself"
by zipvault
Fri Jan 06, 2017 3:25 am
Forum: Beginner Basics
Topic: check for update returns ERROR: could not resolve dns name
Replies: 4
Views: 5524

check for update returns ERROR: could not resolve dns name

routerOS check for update returns ERROR: could not resolve dns name


but everything else has being working really well..
by zipvault
Fri Jan 06, 2017 3:17 am
Forum: Beginner Basics
Topic: Balance and failsafe
Replies: 8
Views: 1373

Re: Balance and failsafe

[quote NAT rules allowing one group to access 1 WAN IP; while NAT'ing group b to WAN 2.[/quote]


has anyone seen that some apple products such as there airport access points have issues with double nat
by zipvault
Fri Jan 06, 2017 3:15 am
Forum: Beginner Basics
Topic: Balance and failsafe
Replies: 8
Views: 1373

Re: Balance and failsafe

ether1 =isp1
ether5 =isp2


shall i bridge the two ether1 and 5 ports to dstnat??
by zipvault
Fri Jan 06, 2017 2:55 am
Forum: Beginner Basics
Topic: Balance and failsafe
Replies: 8
Views: 1373

Re: Balance and failsafe

also i wonder if i can set

to """boot ethernet on ether1 down""

for instance if ether 1 looses internet connection i can boot ether5

to run

so it will boot up a raspberry pi which has 4g lte backup internet card
by zipvault
Fri Jan 06, 2017 1:36 am
Forum: Beginner Basics
Topic: Balance and failsafe
Replies: 8
Views: 1373

Re: Balance and failsafe

Your first post: wiki link is a bit irrelevant As i dont understand how a marked group can be balanced to output on a new port Your second post: makes no sense to me Not trying to assign ip I have nat rules in place How does the router handle two simultanious nats I thought it was one or the other F...
by zipvault
Thu Jan 05, 2017 6:11 pm
Forum: Beginner Basics
Topic: Balance and failsafe
Replies: 8
Views: 1373

Re: Balance and failsafe

The wiki explains how to mark packets as group a and groupb

Does this mean one client would have two ip address one from Each group


I still dont understand how i can route one wan to group a and one to group b
by zipvault
Thu Jan 05, 2017 12:37 pm
Forum: General
Topic: peplink + alt dual LTE
Replies: 0
Views: 310

peplink + alt dual LTE

alternatives to peplinks, as they are very expensive for me

looking for dual sim or maybe two or three single sim units

i can balance together on y Tik for an ultimate portable 4g rig
by zipvault
Thu Jan 05, 2017 12:35 pm
Forum: Beginner Basics
Topic: Balance and failsafe
Replies: 8
Views: 1373

Balance and failsafe

what is the best way to balance two internet connections into one

also what is the best way to setup failsafe on mikrotik so when fiber goes down it goes to 4g
by zipvault
Wed Jan 04, 2017 12:51 am
Forum: Beginner Basics
Topic: VPN MAC OS
Replies: 15
Views: 5379

Re: VPN MAC OS

:D agreed
by zipvault
Mon Jan 02, 2017 1:16 am
Forum: Beginner Basics
Topic: 3 or 5 volt rails on the rbboards to add a small fan
Replies: 7
Views: 957

Re: 3 or 5 volt rails on the rbboards to add a small fan

Runs so much better now and nice and cool
by zipvault
Sun Jan 01, 2017 3:41 pm
Forum: Beginner Basics
Topic: 3 or 5 volt rails on the rbboards to add a small fan
Replies: 7
Views: 957

Re: 3 or 5 volt rails on the rbboards to add a small fan

Screen Shot 2017-01-01 at 10.53.58 PM.png
23 degree cooling

59 degree to 36
by zipvault
Sun Jan 01, 2017 3:33 am
Forum: Beginner Basics
Topic: Mark packets 2017 approach
Replies: 4
Views: 728

Re: Mark packets 2017 approach

Packet marking ?

Connection marking ?
by zipvault
Sun Jan 01, 2017 3:32 am
Forum: Beginner Basics
Topic: 3 or 5 volt rails on the rbboards to add a small fan
Replies: 7
Views: 957

Re: 3 or 5 volt rails on the rbboards to add a small fan

I found jp1 fan terminal on the board
by zipvault
Sat Dec 31, 2016 12:43 am
Forum: Beginner Basics
Topic: Seems some firewall settings disappear on power cycle
Replies: 10
Views: 1470

Re: Seems some firewall settings disappear on power cycle

Sounds like u needed a little bit

Of "release" and "renew"

Releases the pools and renews for new connection..

Im getting a new box to handle ppoe and DPI layer 7 then routing that to my mikrotik
by zipvault
Fri Dec 30, 2016 4:13 pm
Forum: Beginner Basics
Topic: Seems some firewall settings disappear on power cycle
Replies: 10
Views: 1470

Re: Seems some firewall settings disappear on power cycle

Does it need mss or can i delete it seems to work fine with it deleted :)


Also i worked out what my disapearing fire wall rules was about

It happens when i chang between ppoe and automaic config in quickset
by zipvault
Fri Dec 30, 2016 3:01 pm
Forum: General
Topic: ipsec unstable
Replies: 11
Views: 3924

Re: ipsec unstable

anyone see the above post???


@normis i see your folder name in there also?
by zipvault
Fri Dec 30, 2016 7:25 am
Forum: General
Topic: ipsec unstable
Replies: 11
Views: 3924

Re: ipsec unstable

About original problem, please generate supout files after tunnel goes down and send then to support. where do i send supout for support support@mikrotik.com ? can mikrotik distributors/certified trainers be trusted, eg one certified distributor is offering to help if i send supout, he seems very h...
by zipvault
Fri Dec 30, 2016 5:52 am
Forum: RouterBOARD hardware
Topic: RB 850Gx2 Fan PINS
Replies: 20
Views: 2747

Re: RB 850Gx2 Fan PINS

Can i use ether power to trigger fan

To turn on from temperature sys info threshold

Or trigger lan on and off by timmer for night and day
by zipvault
Fri Dec 30, 2016 5:28 am
Forum: RouterBOARD hardware
Topic: RB 850Gx2 Fan PINS
Replies: 20
Views: 2747

Re: RB 850Gx2 Fan PINS

The smallest fan i can find is pi-fan its .20A

Please advise

Its bloody hot here

Was 41 degrees celsius yesterday

And rb board is nearly hitting 60 degree

I believe with small fan i can get it down to 50 degrees


http://forum.mikrotik.com/viewtopic.php?f=13&t=116257
by zipvault
Fri Dec 30, 2016 3:13 am
Forum: Beginner Basics
Topic: Fastrack beginner basics
Replies: 9
Views: 1435

Re: Fastrack beginner basics

@normis trying to get my head around this packetflow diagram where is the best place to set ip firewall out of these three routing locations After bridge dst nat and before pre routing Or after bridge forward and before forward Or after bridge src nat and before interface htb ?? Or maybe all of them...
by zipvault
Fri Dec 30, 2016 3:11 am
Forum: Beginner Basics
Topic: Need help with some very basic understanding...apologies in advance
Replies: 8
Views: 901

Re: Need help with some very basic understanding...apologies in advance

Hello i just stumbled across the post im trying to get my head around this packetflow diagram where is the best place to set ip firewall out of the three routinf locations Adter bridge dst nat and before pre routing Or after bridge forwarda and before forward Or after bridge src nat and before inter...
by zipvault
Fri Dec 30, 2016 2:42 am
Forum: General
Topic: How to configure this IP firewall rule?
Replies: 8
Views: 1212

Re: How to configure this IP firewall rule?

My understanding is the first packet is a "new" one

Then Comes the established and related

But i see movement on my interfaces

But the firewall doesnt seem to represent the data flowing

And fastpath and fasttrack is disabled
by zipvault
Fri Dec 30, 2016 1:43 am
Forum: Beginner Basics
Topic: Fastrack beginner basics
Replies: 9
Views: 1435

Re: Fastrack beginner basics

Not all of my packets are showing in fire wall rules

And i have disabled fasttack
by zipvault
Fri Dec 30, 2016 1:41 am
Forum: General
Topic: How to configure this IP firewall rule?
Replies: 8
Views: 1212

Re: How to configure this IP firewall rule?

Not all packets are showing up in my firewal ?
by zipvault
Thu Dec 29, 2016 3:15 pm
Forum: General
Topic: My iWinbox app is released! Manage your RouterOS devices on iPhone/iPad and SNMP monitoring
Replies: 35
Views: 12539

Re: My iWinbox app is released! Manage your RouterOS devices on iPhone/iPad and SNMP monitoring


Thanks blajah :D legend

Exactly what i was after i didnt realise thats what the api was hadnt learnt api yet

I only just found the packet flow diagram which is going along way in helping me understand the inernal routing.
by zipvault
Thu Dec 29, 2016 3:07 pm
Forum: General
Topic: Raw Firewall
Replies: 1
Views: 398

Re: Raw Firewall

I discovered the packet flow diagram big help
by zipvault
Thu Dec 29, 2016 2:34 pm
Forum: Beginner Basics
Topic: Fastrack beginner basics
Replies: 9
Views: 1435

Re: Fastrack beginner basics

Yes i had read this wiki thanks
All good info

I discovered the packet flow diagaram :)

This paxket flow diagram helped me understand the routinf great help for anyone interested

Im now learning about bgp and gre tunnels any further info would be much appreciated
by zipvault
Thu Dec 29, 2016 2:30 pm
Forum: General
Topic: DOS approach
Replies: 6
Views: 786

Re: DOS approach

Im now learning about bgp and gre tunnels any further info would be much appreciated
by zipvault
Thu Dec 29, 2016 2:27 pm
Forum: Forwarding Protocols
Topic: OSPF over GRE Tunnel
Replies: 7
Views: 3487

Re: OSPF over GRE Tunnel

Hello im now learning about bgp and gle tunnels any further info would be much appreciated
by zipvault
Thu Dec 29, 2016 12:26 pm
Forum: General
Topic: DDoS story, or WARNING: use 'conection-limit' with caution!
Replies: 112
Views: 63015

Re: DDoS story, or WARNING: use 'conection-limit' with caution!

Your funny normis you make me laugh i understand you believe it is a grandeur task, but anything is possible _______ Dos approach forum = " i was just reading into layer 3 layer 4 and layer 7 ddos Cloud based seems the best current option as it can implement multiple processing paths Looking at opti...
by zipvault
Thu Dec 29, 2016 12:20 pm
Forum: General
Topic: DOS approach
Replies: 6
Views: 786

Re: DOS approach

Cloudflare is a cloud service, not one device. A router can't take 600Gbit attack traffic and keep working normally. Your ISP uplink will be full, for one. Yep i was just reading into layer 3 layer 4 and layer 7 ddos Cloud based seems the best current option as it can implement multiple processing ...
by zipvault
Thu Dec 29, 2016 12:05 pm
Forum: General
Topic: DDoS story, or WARNING: use 'conection-limit' with caution!
Replies: 112
Views: 63015

Re: DDoS story, or WARNING: use 'conection-limit' with caution!

Has anyone seen cloudflare

They specialise in ddos protect

Looks like i good service they boast stopping 600gbps attack

How can i build something like this for myself at that scale with mikrotik
by zipvault
Thu Dec 29, 2016 12:01 pm
Forum: General
Topic: DOS approach
Replies: 6
Views: 786

Re: DOS approach

@cloudflare

I just came across cloudflare they specialise in blocking 600gbps ddos looks like a good service how can i apply something like this to my mikrotik
by zipvault
Thu Dec 29, 2016 11:36 am
Forum: General
Topic: Routeros framework open source? Osx and ios development
Replies: 4
Views: 592

Re: Routeros framework open source? Osx and ios development

RouterOS API provides necessary access to develop such tools. A few exist: http://forum.mikrotik.com/viewtopic.php ... 9&p=574714

Thanks champ @normis 8)

I posted hopefully he can share the ROS framework will give me a big step forward on redoing interface gui
by zipvault
Thu Dec 29, 2016 11:34 am
Forum: General
Topic: My iWinbox app is released! Manage your RouterOS devices on iPhone/iPad and SNMP monitoring
Replies: 35
Views: 12539

Re: My iWinbox app is released! Manage your RouterOS devices on iPhone/iPad and SNMP monitoring

Hello im new to mikrotik here

Do you have the framework for ROS

I would like to develop this further in swift
by zipvault
Thu Dec 29, 2016 11:29 am
Forum: Beginner Basics
Topic: Fastrack beginner basics
Replies: 9
Views: 1435

Re: Fastrack beginner basics

Janis explains some basics in the following Video:
https://youtu.be/CTF8OptALmw

Hello the video is mostly russian i find it hard to understand.


Also i believe he was talking about fastpath

I was asking about fast track ?
by zipvault
Thu Dec 29, 2016 4:32 am
Forum: Beginner Basics
Topic: Fastrack beginner basics
Replies: 9
Views: 1435

Fastrack beginner basics

Hello can we chat about fast track. My current understanding is it can move data faster from ether 1 to ether2 But then come all my questions With fast track do you set firewall rules for which interface Can you set fastrrack exclusive rules. I see the obvious benefit it speed and reduced cpu usage....
by zipvault
Thu Dec 29, 2016 4:20 am
Forum: Beginner Basics
Topic: Please Help me im being attacked RIGHT NOW
Replies: 34
Views: 4921

Re: Please Help me im being attacked RIGHT NOW

The best thing to do is for you to try to connect to your Mikrotik from an external internet source (mobile data maybe?) and test access. Hi ben i have firewall and arp and nat and local management only set up Remote access is off and telnet is off so im pretty sure i have covered all bases regardi...
by zipvault
Thu Dec 29, 2016 4:00 am
Forum: Beginner Basics
Topic: 3 or 5 volt rails on the rbboards to add a small fan
Replies: 7
Views: 957

3 or 5 volt rails on the rbboards to add a small fan

Is there any 3 or 5 volt rails on the rbboards to add a small fan


Maybe i can use power from the led light?

To solder in small fan?
by zipvault
Thu Dec 29, 2016 2:47 am
Forum: Beginner Basics
Topic: Please Help me im being attacked RIGHT NOW
Replies: 34
Views: 4921

Re: Please Help me im being attacked RIGHT NOW

Ppoe is coming through ether1

My rules are set to ether1

So ur saying i should have set to ppoe interface?

Or i can try to set for both?

Does raw firewall or prerouting happen before the ppoe virtual interface???
by zipvault
Thu Dec 29, 2016 2:37 am
Forum: Beginner Basics
Topic: Mark packets 2017 approach
Replies: 4
Views: 728

Re: Mark packets 2017 approach

Anything coming in, I would like to count it

To check if relative or established packets are counted to make sure there is no additional packets that were not requested.. ?
by zipvault
Thu Dec 29, 2016 2:32 am
Forum: General
Topic: Routeros framework open source? Osx and ios development
Replies: 4
Views: 592

Re: Routeros framework open source? Osx and ios development

"KISS rule" rulez ... should I explain the acronim ? U mean keep it simple Having an iphone app to manage is very simple Would keep up with the standard as other mikrotik competitors already have this sercice. Plus would add dedicated mac software rather than running parrallels or other emulators
by zipvault
Wed Dec 28, 2016 5:03 pm
Forum: General
Topic: Routeros framework open source? Osx and ios development
Replies: 4
Views: 592

Routeros framework open source? Osx and ios development

Any chance i can develop an ios interface in swift to talk to routeros frameworks?
For mikrotik

Maybe possibly macbox v10 project on the cards :D
by zipvault
Wed Dec 28, 2016 4:57 pm
Forum: Beginner Basics
Topic: Mark packets 2017 approach
Replies: 4
Views: 728

Mark packets 2017 approach

Best packet marking?
by zipvault
Wed Dec 28, 2016 4:49 pm
Forum: Beginner Basics
Topic: Please Help me im being attacked RIGHT NOW
Replies: 34
Views: 4921

Re: Please Help me im being attacked RIGHT NOW

Got it thanks for clarification

Drop last
by zipvault
Wed Dec 28, 2016 4:33 pm
Forum: Beginner Basics
Topic: Please Help me im being attacked RIGHT NOW
Replies: 34
Views: 4921

Re: Please Help me im being attacked RIGHT NOW

You will never be able to firewall each "bad" IP individually. The reverse approach is much easier - drop everything and allow only yourself and only on non-standard ports. Implement multiple layers of security if needed, but again - drop everything first. Yes you Makes perfect sense maybe ten year...
by zipvault
Wed Dec 28, 2016 4:23 pm
Forum: Beginner Basics
Topic: Please Help me im being attacked RIGHT NOW
Replies: 34
Views: 4921

Re: Please Help me im being attacked RIGHT NOW

This is useless. The addresses will never repeat them. Read up on how DDoS works. These are disposable victims of trojans and other bugs, cameras, infected PCs etc. Currently with my arp and nat im hoping no random address can even access But reading about things like shodan Im wondering if it is w...
by zipvault
Wed Dec 28, 2016 3:47 pm
Forum: Beginner Basics
Topic: Please Help me im being attacked RIGHT NOW
Replies: 34
Views: 4921

Re: Please Help me im being attacked RIGHT NOW

WAN interface targeted to router itself on port 53 .

your probably going to laugh at me but i have a dumb questions which one is my wan interface in picture attached..
Screen Shot 2016-12-28 at 11.43.24 PM.png
by zipvault
Wed Dec 28, 2016 3:26 pm
Forum: General
Topic: Raw Firewall
Replies: 1
Views: 398

Raw Firewall

how should i set up my raw firewall for local address list internet access only.
by zipvault
Wed Dec 28, 2016 3:16 pm
Forum: Beginner Basics
Topic: Please Help me im being attacked RIGHT NOW
Replies: 34
Views: 4921

Re: Please Help me im being attacked RIGHT NOW

dec/24 00:33:46 system,error,critical login failure for user administrator from 190.82.77.203 via telnet dec/24 00:33:47 system,error,critical login failure for user root from 85.11.22.132 via telnet dec/24 00:33:48 system,error,critical login failure for user root from 190.82.77.203 via telnet [/q...
by zipvault
Wed Dec 28, 2016 2:29 pm
Forum: Beginner Basics
Topic: Seems some firewall settings disappear on power cycle
Replies: 10
Views: 1470

Re: Seems some firewall settings disappear on power cycle

850gx2 Yes visual check passed Yes latest stable ROS and winbox Ive only had this one week or so So im new to this I power cycled to reset ppoe And noticed the disabled firewall rules got wiped i thought was strange but i was able to restore from backup so all good I havnt tried to power cycle it ag...
by zipvault
Wed Dec 28, 2016 1:41 pm
Forum: Beginner Basics
Topic: Application of Firewall rules and general security question (public network access)
Replies: 7
Views: 1103

Re: Application of Firewall rules and general security question (public network access)

does this help at all:? /ip firewall address-list add address=192.168.0.0/16 list=private-networks add address=172.16.0.0/12 list=private-networks add address=10.0.0.0/8 list=private-networks add address=1.1.1.1 list=port-knock-secured-ips comment="This is an example - this address will be allowed a...
by zipvault
Wed Dec 28, 2016 1:39 pm
Forum: General
Topic: DOS approach
Replies: 6
Views: 786

Re: DOS approach


Nice whats the latest on this blackhole method?

Do u preroute and mark packets before the firewall for this method??
by zipvault
Wed Dec 28, 2016 1:35 pm
Forum: General
Topic: IP Cloud
Replies: 113
Views: 66410

Re: IP Cloud

why is my cloud settings greyed out?
by zipvault
Wed Dec 28, 2016 1:07 pm
Forum: Scripting
Topic: Minimal script for Namecheap DNS update
Replies: 4
Views: 1168

Re: Minimal script for Namecheap DNS update

you have to own a domain name registered on namecheap.com, .
,

ok some of mine are with crazydomains.com though

im looking into C name maybe i can do it through C name
by zipvault
Wed Dec 28, 2016 10:48 am
Forum: Wireless Networking
Topic: Long range network nanobeams
Replies: 5
Views: 689

Re: Long range network nanobeams

Do we have a new acooperator here or is this any kind of his reincarnation? I come in peace jarda, Im on a knowledge quest The Beauty of this internet is we can communicate across the globe to learn and educate eachother in a positive manner, Excuse my lack of understanding and theories These Airfi...
by zipvault
Wed Dec 28, 2016 9:34 am
Forum: Beginner Basics
Topic: Seems some firewall settings disappear on power cycle
Replies: 10
Views: 1470

Re: Seems some firewall settings disappear on power cycle

Seems some firewall rules just disapper on restart mainly the disabled ones not sure happens randomly with power cycle

And no safe mode is not on
by zipvault
Wed Dec 28, 2016 9:32 am
Forum: Wireless Networking
Topic: Long range network nanobeams
Replies: 5
Views: 689

Re: Long range network nanobeams

Would like 10 km bradcast to two access points 2km and 5km

Withatleast a 50mbps connection

I started looking at carrier licenses

I then wondered where does the internet come from in the first place

Is it mainly submarine cables connecting the world?
by zipvault
Wed Dec 28, 2016 9:30 am
Forum: General
Topic: Name Server
Replies: 10
Views: 1349

Re: Name Server

Yes C name is one of the ways i can link it


Ill have a look into this c name more..
by zipvault
Tue Dec 27, 2016 2:42 pm
Forum: Beginner Basics
Topic: Seems some firewall settings disappear on power cycle
Replies: 10
Views: 1470

Seems some firewall settings disappear on power cycle

Seems some firewall settings disappear on router power cycle?
by zipvault
Tue Dec 27, 2016 11:41 am
Forum: Wireless Networking
Topic: Long range network nanobeams
Replies: 5
Views: 689

Re: Long range network nanobeams

Then my next question would be If i can send two internet connections on one Nanobeam network. For reliability and redundancy for instance If site 3 has inernet coming from site 1 and site 2 And if site 1 goes down then site 3 will still be online via site 2 #chupaka would like to hear your input..
by zipvault
Tue Dec 27, 2016 11:25 am
Forum: Wireless Networking
Topic: Long range network nanobeams
Replies: 5
Views: 689

Long range network nanobeams

Is it possible to connect multiple networks connection back to mikrotik router Using nanobeam m5 i want to connect two other networks back to mine Wonderif if its possible to use their internet bandwidth as well Like joining three connections to one And then sharing so any one site can use all the b...
by zipvault
Mon Dec 26, 2016 7:22 pm
Forum: Beginner Basics
Topic: Please Help me im being attacked RIGHT NOW
Replies: 34
Views: 4921

Re: Please Help me im being attacked RIGHT NOW

Ur a legend blajah raw FIRE

I made it tcp also


Does dns only resolve on 53? Learn something new everyday
by zipvault
Mon Dec 26, 2016 7:13 pm
Forum: Beginner Basics
Topic: Ping Google or Yahoo but got the same IP and cannot browse any
Replies: 15
Views: 1273

Re: Ping Google or Yahoo but got the same IP and cannot browse any

That picture is not the address lists

Its the addressessss
by zipvault
Mon Dec 26, 2016 7:09 pm
Forum: General
Topic: Name Server
Replies: 10
Views: 1349

Re: Name Server

How do i make my own name server then

How does apple google and amazon prevent this i wonder
by zipvault
Mon Dec 26, 2016 5:42 am
Forum: Wireless Networking
Topic: Distance shows 53 Km
Replies: 2
Views: 857

Re: Distance shows 53 Km

Im interested how it calculates the distance

Could it be time related..

Ping time from one to another


And they have slightly different clocks
by zipvault
Mon Dec 26, 2016 5:38 am
Forum: Beginner Basics
Topic: Interim Accounting packets with FreeRadius and PPPoE
Replies: 3
Views: 1036

Re: Interim Accounting packets with FreeRadius and PPPoE

I need to learn what radius is


Is it possible to set accounting to display packets and bandwitdh

On a timed 15 second refresh snapshot

To see real live real time transfer rates

From accountig to a say the firewall rule
by zipvault
Mon Dec 26, 2016 5:36 am
Forum: General
Topic: Accounting
Replies: 0
Views: 248

Accounting

Is it possible to set accounting to display packets and bandwitdh

On a timed 15 second refresh snapshot

To see real live real time transfer rates

From accountig to a firewall rule
by zipvault
Mon Dec 26, 2016 5:35 am
Forum: General
Topic: I want all traffic and packets to be monitored in firewall wall
Replies: 1
Views: 297

Re: I want all traffic and packets to be monitored in firewall wall

Is it possible to set accounting to display packets and bandwitdh

On a timed 15 second refresh snapshot


To see real live real time transfer rates

From accountig to a firewall rule
by zipvault
Mon Dec 26, 2016 5:31 am
Forum: General
Topic: Name Server
Replies: 10
Views: 1349

Re: Name Server

Thanks sob i had a quick look at built in cloud but fields are greyed out My plan is if i can connect this in built cloud to point to a url But my domain is on crazy domains and they requie a name server address So im thinking i can point the in built cloud to my local apache server And possibly hos...
by zipvault
Sun Dec 25, 2016 6:36 pm
Forum: Scripting
Topic: IP and port is open still PHP is not connecting via PHP API?
Replies: 13
Views: 2274

Re: IP and port is open still PHP is not connecting via PHP API?

the error is telling you.. what is on line 110 of that php file??? D:\xampp\htdocs\router-api\routeros_api.class.php on line 110 its not autenticating port 2089 seems it needs to enable this pack /\ have u tried changing to the port i mentioned and specify address Screen Shot 2016-12-26 at 2.31.33 A...
by zipvault
Sun Dec 25, 2016 6:27 pm
Forum: General
Topic: NAT selective access METHODS
Replies: 0
Views: 262

NAT selective access METHODS

ip dhcp server > leases make all static ip firewall > addresses make address lists for nat access go > ip firewall > nat mk nat = srcnat / nat masquerade > advanced > (add source list address you made earlier of clients you want to have access to nat) http://natfoster.com/wp-content/uploads/2016/02...
by zipvault
Sun Dec 25, 2016 4:28 pm
Forum: General
Topic: I want all traffic and packets to be monitored in firewall wall
Replies: 1
Views: 297

I want all traffic and packets to be monitored in firewall wall

every port every packet, accounting?
by zipvault
Sun Dec 25, 2016 3:37 pm
Forum: General
Topic: Name Server
Replies: 10
Views: 1349

Re: Name Server

hmm thanks i will have a look into this

anyone else using this?
by zipvault
Sun Dec 25, 2016 3:28 pm
Forum: Beginner Basics
Topic: No internet over LAN but WLAN internet is ok.
Replies: 20
Views: 7561

Re: No internet over LAN but WLAN internet is ok.

interface > ethernet tab >

scroll across and check master port and switch columns (15 and 18)

you have also set arp?
by zipvault
Sun Dec 25, 2016 3:10 pm
Forum: Beginner Basics
Topic: Please Help me im being attacked RIGHT NOW
Replies: 34
Views: 4921

Re: Please Help me im being attacked RIGHT NOW

One more note, as you see there are no DNS rules involved in this rule-set. You need to take care of that also.

my dns always changes is there a way for me to still make better dns rules that auto update??
by zipvault
Sun Dec 25, 2016 1:27 pm
Forum: Beginner Basics
Topic: No internet over LAN but WLAN internet is ok.
Replies: 20
Views: 7561

Re: No internet over LAN but WLAN internet is ok.

Try masquerade src net lan also?

I think since ur ether4 is disabled its not receving dhcp to ur lan on ether4 for internet access
by zipvault
Sun Dec 25, 2016 12:14 pm
Forum: General
Topic: urgent :bandwidth mangle,please Help !!!!
Replies: 1
Views: 296

Re: urgent :bandwidth mangle,please Help !!!!

Im going to havea look into this now as i want to do a similar thing Let me know how you go My current understanding Use packet marks in mangle to mark the packets, and include "protocol=tcp dst-port=80,443". Then make queues based on the packet marks. You cannot go based on host name in DNS form (w...
by zipvault
Sun Dec 25, 2016 11:52 am
Forum: Scripting
Topic: IP and port is open still PHP is not connecting via PHP API?
Replies: 13
Views: 2274

Re: IP and port is open still PHP is not connecting via PHP API?

Port 3306 open for client address

And allow incoming 3306 server side

??
by zipvault
Sun Dec 25, 2016 11:47 am
Forum: Scripting
Topic: IP and port is open still PHP is not connecting via PHP API?
Replies: 13
Views: 2274

Re: IP and port is open still PHP is not connecting via PHP API?

Is it

Ext/mysqli

Or

pdo_MySQL

Or

Ext/mysql
by zipvault
Sun Dec 25, 2016 11:34 am
Forum: Wireless Networking
Topic: Mikrotik UBNT Problem
Replies: 5
Views: 805

Re: Mikrotik UBNT Problem

Lease alltime disable=no

Broadcast always

?
by zipvault
Sun Dec 25, 2016 11:17 am
Forum: General
Topic: About Queues
Replies: 4
Views: 429

Re: About Queues

Any good mikrotik queing info out there i can educate myself with would be much appreciated im about to build my que lists
by zipvault
Sun Dec 25, 2016 11:16 am
Forum: Forwarding Protocols
Topic: BFD Open port on default conf
Replies: 3
Views: 817

Re: BFD Open port on default conf

I noticed one of my routers connects to mikrotik server on inital hard reset thought this was slightly strange
by zipvault
Sun Dec 25, 2016 11:11 am
Forum: Beginner Basics
Topic: Logging connection to specific IP
Replies: 1
Views: 339

Re: Logging connection to specific IP

Syslog to rss feed
by zipvault
Sun Dec 25, 2016 11:00 am
Forum: Scripting
Topic: IP and port is open still PHP is not connecting via PHP API?
Replies: 13
Views: 2274

Re: IP and port is open still PHP is not connecting via PHP API?

You can set src port and dst port rule
by zipvault
Sun Dec 25, 2016 10:53 am
Forum: Wireless Networking
Topic: WiFi + short DHCP lease = problem?
Replies: 5
Views: 1546

Re: WiFi + short DHCP lease = problem?

erased
by zipvault
Sun Dec 25, 2016 10:43 am
Forum: Beginner Basics
Topic: No internet over LAN but WLAN internet is ok.
Replies: 20
Views: 7561

Re: No internet over LAN but WLAN internet is ok.

Local bridge address list is sitting inside the local pool

But the ether 3 address list is just outside the pool.

Bottom left and right of your screenshot at the top
by zipvault
Sun Dec 25, 2016 10:37 am
Forum: Beginner Basics
Topic: No internet over LAN but WLAN internet is ok.
Replies: 20
Views: 7561

Re: No internet over LAN but WLAN internet is ok.

Image

I think this is what he means but i feel its either a dhcp / ip address / or firewall issue.

Do you know how to make an address list, i would put all my local ips in a list and manage all from there,
by zipvault
Sun Dec 25, 2016 5:23 am
Forum: Scripting
Topic: Minimal script for Namecheap DNS update
Replies: 4
Views: 1168

Re: Minimal script for Namecheap DNS update

Very interesting, thanks i will look into this

is like dyn dns?

Im trying to make my own name server
by zipvault
Sun Dec 25, 2016 5:20 am
Forum: General
Topic: Name Server
Replies: 10
Views: 1349

Re: Name Server

Yer for public

Can mikrotik somehow do -> dyn dns?
by zipvault
Sun Dec 25, 2016 5:03 am
Forum: General
Topic: http request
Replies: 1
Views: 236

Re: http request

You want to log all http?
by zipvault
Sun Dec 25, 2016 4:31 am
Forum: Wireless Networking
Topic: Bandwith limit
Replies: 2
Views: 459

Re: Bandwith limit

I believe address lists" can assist you

and new connections can go on a list

And this list can be throttled per connection
by zipvault
Sun Dec 25, 2016 4:25 am
Forum: Beginner Basics
Topic: No internet over LAN but WLAN internet is ok.
Replies: 20
Views: 7561

Re: No internet over LAN but WLAN internet is ok.

In the bridge window also ether4 says disabled..
by zipvault
Sun Dec 25, 2016 4:23 am
Forum: Beginner Basics
Topic: No internet over LAN but WLAN internet is ok.
Replies: 20
Views: 7561

Re: No internet over LAN but WLAN internet is ok.

In the picture does it look like the local ip pool starts 89 positions prior to the address list starting points
by zipvault
Sat Dec 24, 2016 8:54 pm
Forum: General
Topic: Name Server
Replies: 10
Views: 1349

Name Server

how can i point a domain name to an apache server

can i create a name server on mikrotik?
by zipvault
Sat Dec 24, 2016 8:49 pm
Forum: General
Topic: Cannot get over 100base T connection on one Mac in a network
Replies: 2
Views: 450

Re: Cannot get over 100base T connection on one Mac in a network

cables are both 5e or faster i presume.. is it cat5 / cat5e / cat6 cable

check these settings on your mac network system pref
Screen Shot 4.44.44 AM.png
which router is it?
by zipvault
Sat Dec 24, 2016 8:38 pm
Forum: General
Topic: DDoS story, or WARNING: use 'conection-limit' with caution!
Replies: 112
Views: 63015

Re: DDoS story, or WARNING: use 'conection-limit' with caution!

.
chupaka i just saw youtube video of you hitting 600mb on a speed test on mikrotik

nice

how can i do this :)
by zipvault
Sat Dec 24, 2016 7:40 pm
Forum: General
Topic: Log the right way up
Replies: 4
Views: 1069

Re: Log the right way up

has anyone tried to RSS feed their log?
by zipvault
Sat Dec 24, 2016 7:39 pm
Forum: General
Topic: Log the right way up
Replies: 4
Views: 1069

Log the right way up

can we take a vote to flip the log window

so most recent is at the top.

makes sense?






Image
by zipvault
Sat Dec 24, 2016 7:29 pm
Forum: General
Topic: Dyre Upatre / mikrotik security
Replies: 2
Views: 417

Re: Dyre Upatre / mikrotik security

touché


though is there a way to check if router or system is infected

some sort of deep packet live scan
by zipvault
Sat Dec 24, 2016 6:05 am
Forum: General
Topic: Dyre Upatre / mikrotik security
Replies: 2
Views: 417

Dyre Upatre / mikrotik security

i stumbled across an article from 2015

that goes on to talk about dyre and upatre

has this being addressed?, or is it still a potential threat?

i want to develop a safer worldwide online community
by zipvault
Sat Dec 24, 2016 5:59 am
Forum: General
Topic: Crooks Use Hacked Routers to Aid Cyberheists
Replies: 5
Views: 3369

Re: Crooks Use Hacked Routers to Aid Cyberheists

any update on this dyre or upatre,

interested in securing any possible security flaws as i noticed an article about this from last year
by zipvault
Sat Dec 24, 2016 5:56 am
Forum: General
Topic: Dmitry - Explained
Replies: 0
Views: 286

Dmitry - Explained

hello reading up on dimitry mikrotik wiki. trying to get my head around the concept

can anyone shine some light on the topic
by zipvault
Sat Dec 24, 2016 5:49 am
Forum: General
Topic: DOS approach
Replies: 6
Views: 786

DOS approach

hello i have been reading the ddos info on the mikrotik wiki site, is this wiki safe i wonder.

what is you dos security approach?

http://wiki.mikrotik.com/wiki/DoS_attack_protection
by zipvault
Sat Dec 24, 2016 5:27 am
Forum: Beginner Basics
Topic: VPN MAC OS
Replies: 15
Views: 5379

Re: VPN MAC OS

You can use any number of tools to generate your own certificates. I think MikroTik has the OpenSSL libraries in place to generate your own certs via command line, or you make your own from Terminal on your Mac. I like using the XCA application (available for Win, Mac, and *nix). It's a nice GUI pr...
by zipvault
Sat Dec 24, 2016 4:45 am
Forum: Beginner Basics
Topic: Please Help me im being attacked RIGHT NOW
Replies: 34
Views: 4921

Re: Please Help me im being attacked RIGHT NOW

Thankyou i really appreciate your input it makes sense

If i do not specify ports in the rule does it just apply to all ports?


One question i have


What is phase 1, 2 and 3 services?
by zipvault
Fri Dec 23, 2016 9:33 pm
Forum: General
Topic: OpenVPN client reports expired certificate even it is valid almost 10 years
Replies: 24
Views: 7826

Re: OpenVPN client reports expired certificate even it is valid almost 10 years

10 years is a long time

Maybe time to update cert?

I know server cert could expire?

You can check expiration with this:

$ echo | openssl s_client -connect urlhere
by zipvault
Fri Dec 23, 2016 8:57 pm
Forum: Beginner Basics
Topic: Please Help me im being attacked RIGHT NOW
Replies: 34
Views: 4921

Re: Please Help me im being attacked RIGHT NOW

Add a firewall rule on the INPUT chain that only allows WinBox, SSH, and HTTPS from one of your internal networks. Then add a firewall rule right below that to drop all traffic to your device. These two rules ensure that ONLY traffic from you is allowed to go directly to your device. i can use some...
by zipvault
Fri Dec 23, 2016 8:53 pm
Forum: Beginner Basics
Topic: Please Help me im being attacked RIGHT NOW
Replies: 34
Views: 4921

Re: Please Help me im being attacked RIGHT NOW

okay, i had over 85 firewall rules earlier, i have cut it back to 30 now, how do i specify a specific ip for instance earlier i had a mangement address book and i allowed only one ip address to access the webconf but i deleted it now im unsure how to reinstate this local only method or single ip acc...
by zipvault
Fri Dec 23, 2016 7:43 pm
Forum: Beginner Basics
Topic: Please Help me im being attacked RIGHT NOW
Replies: 34
Views: 4921

Re: Please Help me im being attacked RIGHT NOW

i am gonna advice you with something

allow accessing webfig online from ur network only not global

what is the best way you would advise to do this?
by zipvault
Fri Dec 23, 2016 6:13 pm
Forum: Beginner Basics
Topic: Please Help me im being attacked RIGHT NOW
Replies: 34
Views: 4921

Re: Please Help me im being attacked RIGHT NOW

I thought i had setup the brute force rule on mikrotik wiki also??? The one if an ip gets three wrong entries then they Get put on a list And if they stay on the list for 1 minute Then they get put on a block list Can any one shine some light on a script that does this Because obviously the one i di...
by zipvault
Fri Dec 23, 2016 6:04 pm
Forum: Beginner Basics
Topic: Please Help me im being attacked RIGHT NOW
Replies: 34
Views: 4921

Re: Please Help me im being attacked RIGHT NOW

i had turned of the remote login option... Yes i turned of the telnet service now, Are you only meant to enable telnet when u want to use it or can i block telnet so only my mac address can access?? How do i set my local address book to only access?? Yes i have about 80 firewall rules at the moment ...
by zipvault
Fri Dec 23, 2016 5:36 pm
Forum: Beginner Basics
Topic: Please Help me im being attacked RIGHT NOW
Replies: 34
Views: 4921

Please Help me im being attacked RIGHT NOW

please help me im being attacked how can i prevent this help me find them? this was just now.. log print dec/24 00:33:46 system,error,critical login failure for user administrator from 190.82.77.203 via telnet dec/24 00:33:47 system,error,critical login failure for user root from 85.11.22.132 via t...
by zipvault
Fri Dec 23, 2016 4:35 pm
Forum: Beginner Basics
Topic: VPN MAC OS
Replies: 15
Views: 5379

Re: VPN MAC OS

!Fixed
by zipvault
Fri Dec 23, 2016 4:14 pm
Forum: Beginner Basics
Topic: VPN MAC OS
Replies: 15
Views: 5379

Re: VPN MAC OS

thankyou i will check this out, here is ipsec tut if anyone needs SETTING UP IPSEC: L2TP does not need IPSec but L2TP by itself does NOT provide any encryption as it is a Tunneling Protocol. Thus we use L2TP tunnels and use IPSec to encrypt the data going over the tunnel. More Info: http://en.wikipe...
by zipvault
Fri Dec 23, 2016 3:54 pm
Forum: Beginner Basics
Topic: VPN MAC OS
Replies: 15
Views: 5379

Re: VPN MAC OS

my understanding now is

l2tp is the tunnel

and ipsec is the encryption i have set this up now

thanks

but still working on my certificates..
by zipvault
Fri Dec 23, 2016 9:18 am
Forum: Beginner Basics
Topic: VPN MAC OS
Replies: 15
Views: 5379

Re: VPN MAC OS

or something along the lines of this tutorial ??? ->

https://major.io/2015/05/01/howto-mikro ... pn-server/
by zipvault
Fri Dec 23, 2016 9:16 am
Forum: Beginner Basics
Topic: VPN MAC OS
Replies: 15
Views: 5379

Re: VPN MAC OS

i found this, how can i do this for mac? ____________________________ Setting up your own Certificate Authority (CA) and generating certificates and keys for an OpenVPN server and multiple clients Overview The first step in building an OpenVPN 2.x configuration is to establish a PKI (public key infr...
by zipvault
Fri Dec 23, 2016 9:03 am
Forum: Beginner Basics
Topic: VPN MAC OS
Replies: 15
Views: 5379

Re: VPN MAC OS

also in my further research it suggests

l2tp has issues with dropping due to nat

can this be configured appropriately, or

if i go down the open vpn route, how can i make my own certificates? do i use openssl?
by zipvault
Fri Dec 23, 2016 8:46 am
Forum: Beginner Basics
Topic: VPN MAC OS
Replies: 15
Views: 5379

VPN MAC OS

Hello world i need help with my mikrotik im only new to mikrotik 1 week old, but i am a fast learner i want to create secure connection on my router to my local networkcomputers, also i have small debian apache server at home which i would like to access remotely through vpn also... i believe i need...