Community discussions

Search found 248 matches

by Redmor
Mon Jan 28, 2019 11:50 pm
Forum: General
Topic: Italy MUM
Replies: 8
Views: 545

Re: Italy MUM

Redmor, you are showing your age. No young person in this day an age, would make such gender specific sexist remarks (girls??)LOL. I have reworded your post for the modern era...... What about doing the next MUM in Italy? We have the sea, pizza, hot women, hot men, hot (fill in the blank)... This f...
by Redmor
Mon Jan 28, 2019 8:55 pm
Forum: General
Topic: Italy MUM
Replies: 8
Views: 545

Italy MUM

What about doing next MUM in Italy?
by Redmor
Mon Jan 28, 2019 8:51 pm
Forum: Announcements
Topic: v6.43.8 [stable] is released!
Replies: 169
Views: 32124

Re: v6.43.8 [stable] is released!

You can't use anymore country settings and frequency mode different from regulatory domain.
by Redmor
Mon Jan 28, 2019 8:49 pm
Forum: General
Topic: Limit upload connection by SIZE.
Replies: 4
Views: 410

Re: Limit upload connection by SIZE.

Try to block adding out interface.
by Redmor
Mon Jan 28, 2019 8:29 pm
Forum: General
Topic: Schedule to enable/disable interface
Replies: 2
Views: 311

Re: Schedule to enable/disable interface

Can't you hire someone to do the job? It's plenty of people looking for a job out there.
by Redmor
Mon Jan 28, 2019 8:25 pm
Forum: General
Topic: Don't buy Mikrotik hardware! NO SUPPORT
Replies: 15
Views: 1363

Re: Don't buy Mikrotik hardware! NO SUPPORT

Hi, I'm afraid to say this, but DON'T buy any hardware from Mikotik, NO SUPPORT AT ALL. For more than a year problem with Mikrotik WAPac and WiFi clients with broadcom chipset. Emailed a lot, given all necessary info, no results, last emails don't have any response! You're probably using a wrong co...
by Redmor
Sun Jan 27, 2019 10:32 pm
Forum: General
Topic: bulk update for interface with 180 VLANs
Replies: 1
Views: 287

Re: bulk update for interface with 180 VLANs

:foreach i in=[/interface vlan find] do={/interface vlan set $i interface=BondingInterface1}

This script changes ALL vlans
by Redmor
Fri Jan 25, 2019 8:18 am
Forum: General
Topic: pasting .rsc on a blank slate router
Replies: 4
Views: 450

Re: pasting .rsc on a blank slate router

Script should be pasted even if you disconnect.
If you want to be sure change /system identity at the end, so you will have a feedback.
by Redmor
Fri Jan 25, 2019 8:16 am
Forum: General
Topic: No country [SOLVED]
Replies: 4
Views: 562

Re: No country [SOLVED]

Hi, can you tell me how I have to do it?
/interface wireless set wlan1 frequency-mode=superchannel scan-list=4900-6100
by Redmor
Fri Jan 25, 2019 8:14 am
Forum: General
Topic: Which types of ports would you like to see for a high speed router
Replies: 168
Views: 24842

Re: Which types of ports would you like to see for a high speed router

I would like a CCR 1036 with 4 SFP+
by Redmor
Thu Jan 24, 2019 9:50 pm
Forum: General
Topic: Address list in allowed addresses
Replies: 6
Views: 444

Re: Address list in allowed addresses

TIP : If you don't see it in a pull-down menu after its creation, you can't use it. Address-list is in the firewall section, and is usable only for firewall configs. The idea is interesting though!! Cheers, In some cases I have allowed addresses in an address list, in those cases I have to write th...
by Redmor
Thu Jan 24, 2019 9:47 pm
Forum: General
Topic: Auto MTU for VPNs
Replies: 0
Views: 241

Auto MTU for VPNs

Why there's no auto MTU for PPTP, SSTP and L2TP like PPPoE?
I've found after several tries that default 1450 is too big for LTE and was causing slow upload, setting it to 1440 solved the problem.
by Redmor
Thu Jan 24, 2019 9:45 pm
Forum: General
Topic: 6.43.8 vulnerability or hack?
Replies: 31
Views: 5487

Re: 6.43.8 vulnerability or hack?

RouterOS can’t know which config is added by you, which added by rogue user, so either you check the config by hand or clear all of it. RouterOS can remove tools and scripts and such

But in /export it's easy to see what a rogue user did.
by Redmor
Thu Jan 24, 2019 8:21 am
Forum: General
Topic: Address list in allowed addresses
Replies: 6
Views: 444

Re: Address list in allowed addresses

example please.
/user set admin allowed-addresses=address_list instead of IPs, for example I have an address list that already contains same IPs that are in allowed addresses.
by Redmor
Wed Jan 23, 2019 10:13 pm
Forum: General
Topic: UDP SIP INVITEs fragmenting through EoIP
Replies: 8
Views: 483

Re: UDP SIP INVITEs fragmenting through EoIP

Stay with default MTU (1458 for EoIP 1438 if running PPPoE through it) or use VPLS tunnels, with them you can set MTU to 1500 or higher.
by Redmor
Wed Jan 23, 2019 10:11 pm
Forum: General
Topic: Address list in allowed addresses
Replies: 6
Views: 444

Address list in allowed addresses

I would like to use address list in allowed addresses fields, what do you think?
by Redmor
Wed Jan 23, 2019 9:55 pm
Forum: General
Topic: What about January newsletter?
Replies: 1
Views: 264

What about January newsletter?

What about January newsletter? I bet this is the time for Nv3 and ROS 7
Support reply if there will be Nv3 or ROS 7 this time :D
by Redmor
Wed Jan 23, 2019 5:27 pm
Forum: General
Topic: 6.43.8 vulnerability or hack?
Replies: 31
Views: 5487

Re: 6.43.8 vulnerability or hack?

1) I ALWAYS said that this hacked RB, even if behind dst-nat, has got the firewall that I've posted, so it isn't opened to the internet, access is restricted. 2) I don't use default username admin 3) I don't use backup files or exports to reconfigure, I have exports but I rewrite whole configuration...
by Redmor
Wed Jan 23, 2019 3:39 pm
Forum: General
Topic: 6.43.8 vulnerability or hack?
Replies: 31
Views: 5487

Re: 6.43.8 vulnerability or hack?

normis https://blog.mikrotik.com/security/new-exploit-for-mikrotik-router-winbox-vulnerability.html there's a point that says: "Regardless of version used, all RouterOS versions that have the default firewall enabled, are not vulnerable" Is my firewall as sure as denconf? Please tell me what do you...
by Redmor
Tue Jan 22, 2019 9:48 pm
Forum: General
Topic: 6.43.8 vulnerability or hack?
Replies: 31
Views: 5487

Re: 6.43.8 vulnerability or hack?

Anav ... should mrz explain again and again and step by step what to do when you are hacked or could expect that autor is aware of https://blog.mikrotik.com/ "Regardless of version used, all RouterOS versions that have the default firewall enabled, are not vulnerable" I want to know what makes defc...
by Redmor
Tue Jan 22, 2019 9:43 pm
Forum: General
Topic: 6.43.8 vulnerability or hack?
Replies: 31
Views: 5487

Re: 6.43.8 vulnerability or hack?

Currently there is no new known winbox port vulnerabilities. If you are sure that after first hack you reinstalled the route rand changed login credentials, then contact support. There are cases that routers get "hacked" even after upgrade, because already stolen credentials was not changed. mrz, a...
by Redmor
Tue Jan 22, 2019 9:41 pm
Forum: General
Topic: 6.43.8 vulnerability or hack?
Replies: 31
Views: 5487

Re: 6.43.8 vulnerability

I agree, until you know more that title is speculation and unnecessary. It could be just as accurate to state, IM AN INSECURE ADMIN HELP. Why would you leave WInbox open to the internet? Did you at least use Port Knocking techniques? Why was access not via VPN. Was the router hacked previously and ...
by Redmor
Tue Jan 22, 2019 3:37 pm
Forum: General
Topic: 6.43.8 vulnerability or hack?
Replies: 31
Views: 5487

Re: 6.43.8 vulnerability

I agree, until you know more that title is speculation and unnecessary. It could be just as accurate to state, IM AN INSECURE ADMIN HELP. Why would you leave WInbox open to the internet? Did you at least use Port Knocking techniques? Why was access not via VPN. Was the router hacked previously and ...
by Redmor
Tue Jan 22, 2019 3:31 pm
Forum: General
Topic: 6.43.8 vulnerability or hack?
Replies: 31
Views: 5487

Re: 6.43.8 vulnerability

Guys, please. 1. If the reason is unknown, it's not an hack until you spot what's wrong in config 2. I have the same config everywhere 3. Winbox is not open to the world, I have an accept rule with src-address list public IPs that I use to connect (exactly 4) to connect. 4. Everything in input is dr...
by Redmor
Tue Jan 22, 2019 1:58 pm
Forum: General
Topic: 6.43.8 vulnerability or hack?
Replies: 31
Views: 5487

6.43.8 vulnerability or hack?

I have a RB that has been attacked twice in two months. I don't have an export, but: 1. RB is dst-natted with port 8292 to 8291 2. There's a simple firewall that drops invalid connection, then accepts connections from src-address list, accepts icmp, established, related and drops input. 3. Only winb...
by Redmor
Sun Jan 20, 2019 1:18 pm
Forum: General
Topic: No country [SOLVED]
Replies: 4
Views: 562

Re: No country [SOLVED]

Set superchannel and scan-list 4900-6100
by Redmor
Sat Jan 19, 2019 3:00 pm
Forum: General
Topic: PWR-Line AP coordinator selection
Replies: 0
Views: 280

PWR-Line AP coordinator selection

Should coordinator be the PWR-Line that is wired connected to the router or can be every PWR-Line? That's the question that made me set CCO MAC selection as always on PWR-Line connected to the router and as never or auto to the others. I've noticed that, if always CCO PWR-Line goes down, with the ot...
by Redmor
Sat Jan 19, 2019 3:11 am
Forum: General
Topic: Help with home networks
Replies: 4
Views: 333

Re: Help with home networks

Yes, I can use "create enabled" with CAPsMAN, but I wouldn't have ap-bridge...
by Redmor
Sat Jan 19, 2019 1:10 am
Forum: General
Topic: Help with home networks
Replies: 4
Views: 333

Re: Help with home networks

central cmdb? ;-)
DBs should be updated by people, never trust people.
by Redmor
Sat Jan 19, 2019 12:59 am
Forum: General
Topic: MULTI ISP SETTING
Replies: 2
Views: 291

Re: MULTI ISP SETTING

Recursive routing is the answer.
by Redmor
Sat Jan 19, 2019 12:56 am
Forum: General
Topic: How to copy a dynamic route?
Replies: 2
Views: 314

Re: How to copy a dynamic route?

Can't you make it static? You should provide type of route and current configuration.
by Redmor
Sat Jan 19, 2019 12:54 am
Forum: General
Topic: Help with home networks
Replies: 4
Views: 333

Help with home networks

I need to know if there's a best way to know the exact number of APs in a customer home. For example, a coworker installed 3 APs and one goes down, but as you know, customer never knows the exact number of APs in his home and thinks that there's something not working. I log into the router and in ne...
by Redmor
Fri Jan 18, 2019 11:06 pm
Forum: General
Topic: Mode button to run script
Replies: 1
Views: 264

Mode button to run script

There's a way to make mode button run a script in "/system script" on event?
I would like to modify script when I need instead of rewrite it entirely.
by Redmor
Fri Jan 18, 2019 11:04 pm
Forum: General
Topic: RB951G-2HnD MTU problem [SOLVED]
Replies: 14
Views: 799

Re: RB951G-2HnD MTU problem [SOLVED]

Leave MTU as is.
If you need more MTU try to use VPLS tunnels.
by Redmor
Mon Jan 14, 2019 12:41 am
Forum: General
Topic: Mikrotik wifi no internet when connected with 2 bars
Replies: 1
Views: 222

Re: Mikrotik wifi no internet when connected with 2 bars

Try to change frequency sometimes it happens when auto frequency selection choose 2412.
by Redmor
Sun Jan 06, 2019 5:24 am
Forum: General
Topic: much difference between tx / Rx
Replies: 4
Views: 373

Re: much difference between tx / Rx

Try to downgrade if you updated.
If nothing changes, it means you can't transmit well as before because of noise, remember you aren't using Dynadish but SXT.
by Redmor
Sun Jan 06, 2019 5:22 am
Forum: General
Topic: LHG LTE, differences between LTE and 4G models?
Replies: 1
Views: 260

LHG LTE, differences between LTE and 4G models?

What are the differences between LHG LTE and 4G models, except for gain?
by Redmor
Sat Jan 05, 2019 5:33 pm
Forum: General
Topic: BGP + PPPoE Mikrotik CCR and MTU Problem
Replies: 2
Views: 270

Re: BGP + PPPoE Mikrotik CCR and MTU Problem

I have 1480 MTU on every RB in my network and I don't have this issue, it isn't the cause of the problem
By the way if you want 1500 MTU set MRRU to 1504 in both PPPoE server and clients.
by Redmor
Fri Jan 04, 2019 8:30 am
Forum: General
Topic: Bandwith test works just in one direction
Replies: 3
Views: 303

Re: Bandwith test works just in one direction

Are those routers connected with ethernet?
If yes, are ethernets in full-duplex?
by Redmor
Fri Jan 04, 2019 12:36 am
Forum: Wireless Networking
Topic: wAP LTE Kit: lte1 interface does not register to austrian A1 network (static ip-APN) [SOLVED]
Replies: 9
Views: 2019

Re: wAP LTE Kit: lte1 interface does not register to austrian A1 network (static ip-APN) [SOLVED]

For the WAP LTE that needs a user authentication there is a need for a LTE firmware upgrade to v008. Please see the attachment how to do the LTE firmware upgrade. The LTE firmware upgrade can only be executed via active LTE connection as the LTE modem is connecting to the firmware server. How do th...
by Redmor
Fri Jan 04, 2019 12:36 am
Forum: Wireless Networking
Topic: wAP LTE Kit: lte1 interface does not register to austrian A1 network (static ip-APN) [SOLVED]
Replies: 9
Views: 2019

Re: wAP LTE Kit: lte1 interface does not register to austrian A1 network (static ip-APN) [SOLVED]

For the WAP LTE that needs a user authentication there is a need for a LTE firmware upgrade to v008. Please see the attachment how to do the LTE firmware upgrade. The LTE firmware upgrade can only be executed via active LTE connection as the LTE modem is connecting to the firmware server. Thanks a ...
by Redmor
Fri Jan 04, 2019 12:34 am
Forum: Wireless Networking
Topic: wAP LTE Kit International APN problem [SOLVED]
Replies: 24
Views: 5557

Re: wAP LTE Kit International APN problem [SOLVED]

Bug is solved in newer wAPs because they come out with LTE firmware v8, you have v1. Ask support@mikrotik.com the guide to upgrade wAP's LTE firmware, and always upgrade wAPs to last stable version. You're referring to this? https://wiki.mikrotik.com/wiki/Manual:Interface/LTE#Modem_firmware_upgrade...
by Redmor
Fri Jan 04, 2019 12:31 am
Forum: Wireless Networking
Topic: real p2p performance of DISC Lite5 ac
Replies: 3
Views: 547

Re: real p2p performance of DISC Lite5 ac

You can use Disc Lite as a frisbee, as a dish for dinner, as an Halloween Mask, as a friend on a desert island, but don't use it for PTP, PTMP or everything else that involves its wlan1.
by Redmor
Fri Jan 04, 2019 12:25 am
Forum: General
Topic: PPTP server problem
Replies: 7
Views: 647

Re: PPTP server problem

You should use your public IP to connect from the outside instead of 192.168.178.210, you can't reach that IP from Internet. The masquerade rule you used is useless in this case. Are you trying to make a VPN to connect to your LAN? Assume your public IP is 1.2.3.4, do the following: 1. Choose a priv...
by Redmor
Thu Jan 03, 2019 9:06 pm
Forum: General
Topic: PPTP server problem
Replies: 7
Views: 647

Re: PPTP server problem

Looks like 192.168.178.201 isn't src-natted, can you post your 750 configuration?
by Redmor
Thu Jan 03, 2019 1:48 am
Forum: General
Topic: PPTP server problem
Replies: 7
Views: 647

Re: PPTP server problem

Are you sure that your ISP isn't blocking pptp servers?
by Redmor
Thu Jan 03, 2019 1:47 am
Forum: General
Topic: Should MikroTik make more powerful antennas and wireless protocols in 2019?
Replies: 19
Views: 1409

Re: Should MikroTik make more powerful antennas and wireless protocols in 2019?

You know that we will not see new kernel on current RBs? Update actual RBs or make new ones with new kernel, better hardware and so on, what's the best choice for MK that is selling their products?
Come on, it's not so different than smartphones.
by Redmor
Wed Jan 02, 2019 12:44 am
Forum: General
Topic: No proxy-arp working on l2tp client active
Replies: 7
Views: 490

Re: No proxy-arp working on l2tp client active

Not sure about proxy-arp, a MK Trainer said to me during MTCNA course to not use it with VPNs, so I found another way.

It is recommended on the wiki, however.
If something is on the Wiki it doesn't mean it's the word of God and no one can say that there are better ways.
by Redmor
Tue Jan 01, 2019 11:00 pm
Forum: General
Topic: No proxy-arp working on l2tp client active
Replies: 7
Views: 490

Re: No proxy-arp working on l2tp client active

The fact that is both client and server should not make this problem. I suggest to post remaining configuration (I don't see mangle) and wait for someone else to answer, I never tried this configuration with both client and server, I always had configuration like L2TP client in another client. Is a ...
by Redmor
Tue Jan 01, 2019 8:07 pm
Forum: General
Topic: No proxy-arp working on l2tp client active
Replies: 7
Views: 490

Re: No proxy-arp working on l2tp client active

I don't think it's a routing problem because you have same network for LAN and L2TP, so there's nothing to route, or maybe you're marking LAN connections using only src-address and you don't have dst-address (for example !LAN Network), in that case you mark everything and you wouldn't neither be abl...