Community discussions

MUM Europe 2020

Search found 20 matches

by dillagr
Sun Jun 24, 2018 2:34 am
Forum: General
Topic: How to Mangle internet connections for PCQ but exempt LAN traffic
Replies: 6
Views: 1067

Re: How to Mangle internet connections for PCQ but exempt LAN traffic

i'm also interested in a solution to this post.. could you share the resolution, if any?
by dillagr
Thu Feb 01, 2018 3:12 am
Forum: General
Topic: Security & VLAN
Replies: 4
Views: 587

Re: Security & VLAN

i'm using a VLAN on an ethernet interface (i don't know much about bridges). then the rules i made are based on the interface in and interface out based on the VLAN. for example if the network 192.168.99.0/24 are for "servers", then block the guest wifi from access to it.. this is the rule i put in....
by dillagr
Tue Jan 09, 2018 1:25 am
Forum: Beginner Basics
Topic: How to configure mikrotik via virtual machine?
Replies: 5
Views: 5599

Re: How to configure mikrotik via virtual machine?

i'm also a noob.. using a mikrotik RoS on a virtual machine.. i posted my experience(s) in my blog: http://www.pimp-my-rig.com/2016/12/init ... outer.html
see if that helps.
by dillagr
Mon Feb 06, 2017 12:45 am
Forum: Beginner Basics
Topic: Mangle based on in-interface and out-interface
Replies: 3
Views: 872

Re: Mangle based on in-interface and out-interface

No, in-interface=ether3 does not cover vlans on ether3.
thank you sir!
by dillagr
Fri Feb 03, 2017 4:00 am
Forum: Beginner Basics
Topic: Mangle based on in-interface and out-interface
Replies: 3
Views: 872

Mangle based on in-interface and out-interface

i'm using a CHR VM on ESXi v5.5.. i have set ether1 and ether2 as my WAN interfaces. (to minimize mangle rules for packet marking and connection marking) whenever i mark packets on in-interface=ether3 or out-interface=ether3, does that apply to all VLANs under ether3? winbox screen capture is below:...
by dillagr
Sun Jan 29, 2017 1:38 pm
Forum: General
Topic: Using Splunk to analyse MikroTik logs
Replies: 98
Views: 17885

Re: Using Splunk to analyse MikroTik logs

thanks! appreciate it.
by dillagr
Sat Jan 28, 2017 11:36 am
Forum: General
Topic: Using Splunk to analyse MikroTik logs
Replies: 98
Views: 17885

Re: Using Splunk to analyse MikroTik logs

this is cool! could you share how/what you did on the mikrotik side for this to happen?
by dillagr
Thu Jan 26, 2017 2:14 pm
Forum: General
Topic: How to access internal files of RouterOS?
Replies: 5
Views: 1287

Re: How to access internal files of RouterOS?

on a CHR, i guess you may mount the vmdk/vdi file on another virtual machine (that's how i would do it).
by dillagr
Sun Jan 15, 2017 4:11 am
Forum: RouterBOARD hardware
Topic: What is exactly direct attach cable?... Does it contain SFP+ interface?
Replies: 15
Views: 2869

Re: What is exactly direct attach cable?... Does it contain SFP+ interface?

DAC cables, although copper, are rated to the speed required to operate without the complexity of having to understand optics. on that note, there are two kinds of fiber optic cables to use.. multi-mode and single-mode. the SFP to use should match the cable as well. the major difference between the ...
by dillagr
Fri Jan 13, 2017 5:26 am
Forum: RouterBOARD hardware
Topic: What is exactly direct attach cable?... Does it contain SFP+ interface?
Replies: 15
Views: 2869

Re: What is exactly direct attach cable?... Does it contain SFP+ interface?

I think it would be nice if MTK would explicitly mention that package includes SFP+ interfaces. At least in brochure or somewhere deeper. I mean well I know I could be more careful with shopping but still for people new in this topic it's not that obvious and photos usually show products with some ...
by dillagr
Thu Jan 12, 2017 9:54 am
Forum: General
Topic: DNS - very slow
Replies: 5
Views: 2116

Re: DNS - very slow

same issue! (ccr1016-12G 750 user). Any solution?
i have the same issue in the past but on another platform.. i ended up using another device for DNS functions (or let another server handle DNS).
by dillagr
Thu Jan 12, 2017 4:21 am
Forum: General
Topic: Mark MS services, updates?
Replies: 3
Views: 1215

Re: Mark MS services, updates?

am also interested on the suggestion(s) anyone could provide.
by dillagr
Thu Jan 12, 2017 4:19 am
Forum: Beginner Basics
Topic: DHCP Server does not work
Replies: 12
Views: 1678

Re: DHCP Server does not work

i think this block of code indicates which port(s) is/are VLAN tagged. [admin@MikroTik] > interface ethernet switch vlan print Flags: X - disabled, I - invalid, D - dynamic # VLAN-ID PORTS SVL LEARN FLOOD INGRESS-MIRROR QOS-GROUP 0 110 e1-master-WAN no yes no no none e5-BUERO1 e6-BUERO2 e7-BUERO3 e8...
by dillagr
Wed Jan 11, 2017 3:39 am
Forum: Beginner Basics
Topic: DHCP Server does not work
Replies: 12
Views: 1678

Re: DHCP Server does not work

would you mind posting the configuration under "/ip dhcp-server network"?
[admin@Mikrotik] /ip dhcp-server network print
by dillagr
Wed Jan 04, 2017 6:20 am
Forum: Scripting
Topic: capture output of ssh remote command
Replies: 5
Views: 2366

Re: capture output of ssh remote command

not sure if there is a feature to redirect the output to a file (afterall, routeros is Linux-based).
can you try this..
/system script> run test file=someoutput.txt
and see if that is what you need?
by dillagr
Thu Dec 29, 2016 3:38 am
Forum: General
Topic: How to configure this IP firewall rule?
Replies: 8
Views: 1311

Re: How to configure this IP firewall rule?

That would make an AND situation. The dst port would need to be 3799 and souce either 1812 or 1813 or the packet would drop. would this work? /ip firewall filter chain=input action=accept protocol=udp src-port=1812 dst-port=3799 /ip firewall filter chain=input action=accept protocol=udp src-port=18...
by dillagr
Thu Dec 29, 2016 1:01 am
Forum: General
Topic: How to configure this IP firewall rule?
Replies: 8
Views: 1311

Re: How to configure this IP firewall rule?

I want to disable all incoming UDP packet, unless source port is 1812 or 1813, or dest port is 3799. I tried to use two rules: /ip firewall filter chain=input action=drop protocol=udp src-port=!1812,1813 /ip firewall filter chain=input action=accept protocol=udp dst-port=3799 But this doesn't seem ...
by dillagr
Wed Dec 28, 2016 10:08 am
Forum: Virtualization
Topic: x86 on ESXi 5.5 HW Settings
Replies: 1
Views: 1218

Re: x86 on ESXi 5.5 HW Settings

Hi, first of all sorry for my english as i'm not a native speaker (spanish, kind of, Uruguay :c) I'm trying to narrow down the reason of random constant crashes with a x86 Dude Server Version 8 VM, running on ESXi 5.5. I thought that checking if I gave proper hardware settings to the VM would be th...
by dillagr
Wed Dec 28, 2016 1:23 am
Forum: Beginner Basics
Topic: Application of Firewall rules and general security question (public network access)
Replies: 7
Views: 1208

Re: Application of Firewall rules and general security question (public network access)

Incoming interface is where it comes from, outgoing interface is where it goes to. So to prevent access from bridge-A to other networks and router: /ip firewall filter add action=drop chain=forward in-interface=bridge-A add action=drop chain=input in-interface=bridge-A To also prevent access from o...
by dillagr
Mon Dec 26, 2016 3:39 pm
Forum: Beginner Basics
Topic: NAT with VLAN bridge
Replies: 2
Views: 2985

Re: NAT with VLAN bridge

on my setup i have these lines (adapted to your IP address): /ip firewall nat add chain=srcnat comment=INTRANET dst-address=10.0.0.0/8 \ src-address=10.0.0.0/8 add action=masquerade chain=srcnat disabled=yes out-interface=ether1 \ src-address=10.10.1.0/24 add action=masquerade chain=srcnat disabled=...