Community discussions

Search found 3113 matches

  • 1
  • 3
  • 4
  • 5
  • 6
  • 7
  • 11
by anav
Wed Mar 06, 2019 4:28 pm
Forum: General
Topic: bridge vlan sanity [SOLVED]
Replies: 18
Views: 758

Re: bridge vlan sanity [SOLVED]

Please post your working config so that I can learn something!! :-)
by anav
Wed Mar 06, 2019 4:28 pm
Forum: General
Topic: bridge vlan sanity [SOLVED]
Replies: 18
Views: 758

Re: bridge vlan sanity [SOLVED]

question: Will inter-vlan routing work since all vlans are within the single bridge? I will need inter-vlan, and then can create firewall rules to block some traffic as needed. When within the same bridge or not on the same bridge, the answer is NO at layer 2, YES at layer IF, you make the proper f...
by anav
Wed Mar 06, 2019 4:24 pm
Forum: Beginner Basics
Topic: Make Printer reachable in a different network
Replies: 3
Views: 347

Re: Make Printer reachable in a different network

Sounds like a double nat scenario and you are effed.......... I would put the printer on the second network and port forward all requests for printer ports be sent to the right IP address behind the second router. That way it will appear to be ON THE LAN for the primary network and it will be within...
by anav
Wed Mar 06, 2019 4:18 pm
Forum: Beginner Basics
Topic: Using RouterOS to VLAN your network
Replies: 91
Views: 25368

Re: Using RouterOS to VLAN your network

Looking at the example of all in one.......... (1) what the heck is base vlan??????????????? /interface list member add interface=ether1 list=WAN add i nterface=BASE_VLAN list=VLAN add interface=BLUE_VLAN list=VLAN add interface=GREEN_VLAN list=VLAN I also see base vlan in the first router example??...
by anav
Wed Mar 06, 2019 4:02 pm
Forum: General
Topic: bridge vlan sanity [SOLVED]
Replies: 18
Views: 758

Re: bridge vlan sanity [SOLVED]

In the meantime it never hurts to go back to some decent references and this is the best..................
Pick the example which fits closest to your scenario (Router-Switch-AP (all in one))
viewtopic.php?f=13&t=143620
by anav
Wed Mar 06, 2019 3:59 pm
Forum: General
Topic: How can i use datacenter multi ip on dsl?
Replies: 3
Views: 241

Re: How can i use datacenter multi ip on dsl?

This doesn't sound like its been approved by the business IT manager LOL.
by anav
Wed Mar 06, 2019 3:55 pm
Forum: Beginner Basics
Topic: Basic wireless with cAP ac - network specific setup
Replies: 11
Views: 1121

Re: Basic wireless with cAP ac - network specific setup

Hi Evelas,
I have two capAC in my home so I an help.
I also use Wisp-AP with no problem.
What is the main router you are using and what kind of traffic do you have flowing to and fro the capac (any vlans??)

Diagrams help.
Also post your latest capac config
/export hide-sensitive file=yourconfigmar06
by anav
Wed Mar 06, 2019 1:53 pm
Forum: Wireless Networking
Topic: Back to back LHGG-60ad Ptp link (relay) [SOLVED]
Replies: 10
Views: 824

Re: Back to back LHGG-60ad Ptp link (relay) [SOLVED]

This forum sometimes! The guy sis asking what seems a really simple question, can he back to back two of the 60Ghz links, the answer is yes. Who mentioned dual radios and PtMP? Radio A <WIRELESS> Radio B <CAT5> Radio C <WIRELESS> Radio D. Is there some additional text in the same colour as the page...
by anav
Wed Mar 06, 2019 1:46 pm
Forum: Beginner Basics
Topic: Forum have BUG 5 (five) years.
Replies: 9
Views: 999

Re: Forum have BUG 5 (five) years.

Please go back to school and learn how to communicate.
Most folks here are most willing to help, but not when the person requesting support has the communication skills of a 5 year old.
I am sure that is not the case and you are older, so it must be pure laziness and arrogance.
by anav
Wed Mar 06, 2019 5:01 am
Forum: Beginner Basics
Topic: Can't login via WinBox
Replies: 3
Views: 248

Re: Can't login via WinBox

Update your firmware while at it.
by anav
Wed Mar 06, 2019 2:11 am
Forum: General
Topic: Simple Miktorik + Proxmox VLAN config
Replies: 24
Views: 1399

Re: Simple Miktorik + Proxmox VLAN config

Ops, I forgot it, sorry.
yourlatestconfig-with-bridge-vlan-rule.rsc
While I am looking at this you should update your OS to 6.44!

Is the first switch on ether2 a managed switch??
by anav
Wed Mar 06, 2019 2:09 am
Forum: General
Topic: bridge vlan sanity [SOLVED]
Replies: 18
Views: 758

Re: bridge vlan sanity [SOLVED]

toxic, Look at my last config, I kept the bridge pvid at default ie 1 Yes. bridge itself has vlan filtering The bridge ports that are trunk cannot have pvid assigments its only for incoming untagged traffic that needs to be tagged. hence wlan1, wlan2 and eth3 Give that a try. If it doesnt work then ...
by anav
Wed Mar 06, 2019 12:07 am
Forum: General
Topic: Simple Miktorik + Proxmox VLAN config
Replies: 24
Views: 1399

Re: Simple Miktorik + Proxmox VLAN config

No worries.... lets keep at it.
Post your latest config.................
by anav
Wed Mar 06, 2019 12:05 am
Forum: General
Topic: bridge vlan sanity [SOLVED]
Replies: 18
Views: 758

Re: bridge vlan sanity [SOLVED]

Basics, Trunk ports do not get pvid Access ports get pvid Your eth3 I thought was going to a managed switch first...........thus also a trunk port. BUT now I see its going to an un-managed switch....... You also dont mention an access point but have guest wifi now added as well??? Thus /interface br...
by anav
Tue Mar 05, 2019 9:51 pm
Forum: RouterBOARD hardware
Topic: How much bandwidth can be controlled using RB750GR3?
Replies: 6
Views: 1186

Re: How much bandwidth can be controlled using RB750GR3?

Hmmm not sure what your numbers are revealing but I recently went to a 1 gig service. With that I could see my hex top out around 400megs.................. my RB450Gx4 got me into the 900 megs range................... (speed tests (speedtest app from ookla) from ISP mobile to ISP broadband (same net...
by anav
Tue Mar 05, 2019 9:44 pm
Forum: General
Topic: bridge vlan sanity [SOLVED]
Replies: 18
Views: 758

Re: bridge vlan sanity [SOLVED]

Two ways to do this,,,,,,,,,,,, The first is my attempt to do it not using pvid=1.............. /interface bridge add name=all-vlan-bridge vlan-filtering=yes pvid=10 /interface bridge port add bridge=all-vlan-bridge interface=ether1 add bridge=all-vlan-bridge interface=ether2 add bridge=all-vlan-bri...
by anav
Tue Mar 05, 2019 8:27 pm
Forum: Wireless Networking
Topic: Block PC to access local LAN on Mikrotik
Replies: 3
Views: 411

Re: Block PC to access local LAN on Mikrotik

The point being made is you have provided very little information to help us answer your question. Diagram?? Config/? /export hide-sensitive file=yourconfig If you have ubuntu on same subnet as the main LAN its difficult to separate out. Much better to put that wifi on its own VLAN, or off the bridg...
by anav
Tue Mar 05, 2019 8:22 pm
Forum: Wireless Networking
Topic: Back to back LHGG-60ad Ptp link (relay) [SOLVED]
Replies: 10
Views: 824

Re: Back to back LHGG-60ad Ptp link (relay) [SOLVED]

According to the diagram You are all wrong. Not possible. Only one ethernet port on the LHG60 and only one antenna LOL. Its not a dual radio setup!! Now if the op had posted internet----> {ethernet cable) A-------Link1--------B {ethernet cable} C -------Link2---------D {ethenet cable} E--------link3...
by anav
Tue Mar 05, 2019 6:56 pm
Forum: General
Topic: dynamic ip in a dst-nat rule
Replies: 5
Views: 300

Re: dynamic ip in a dst-nat rule

For inside connections to your own servers (but for some strange reason want to use the public wan ip address) the typical answer is to use hairpin-nat. There is another option i don't quite understand but it has to do with routing the traffic............ directly to the server. /ip route rule add a...
by anav
Tue Mar 05, 2019 6:23 pm
Forum: Beginner Basics
Topic: Help with WAN bandwidth limiting
Replies: 12
Views: 602

Re: Help with WAN bandwidth limiting

Thanks solar, at tad complicated for me, perhaps in five years when I retire I will be able to play and learn more depth on these routers..........
by anav
Tue Mar 05, 2019 5:00 pm
Forum: Beginner Basics
Topic: Help with WAN bandwidth limiting
Replies: 12
Views: 602

Re: Help with WAN bandwidth limiting

I understand but what affect does that have on users...........
Is limiting sessions per user an option here as another component of the solution or not required......
by anav
Tue Mar 05, 2019 4:53 pm
Forum: General
Topic: Simple Miktorik + Proxmox VLAN config
Replies: 24
Views: 1399

Re: Simple Miktorik + Proxmox VLAN config

1. Missing /interface bridge vlan rules.............

/interface bridge vlan
add bridge=bridge-LAN tagged=bridge-LAN,ether4 vlan-ids=100,200
(assuming only ether4 requires to be trunked with vlans at the moment)

2. DNS is different from I am use too but if it works for you....
by anav
Tue Mar 05, 2019 4:44 pm
Forum: Beginner Basics
Topic: Problem without going net
Replies: 2
Views: 276

Re: Problem without going net

Have to managed to resolve the problem?

If not can you export the config?
/export hide-sensitive file=yourconfig
fixed export iine
by anav
Tue Mar 05, 2019 1:55 pm
Forum: General
Topic: dynamic ip in a dst-nat rule
Replies: 5
Views: 300

Re: dynamic ip in a dst-nat rule

in-interface=eth1wan or if you have several wans, in-interface-list=wan (instead of IP addresses)
by anav
Tue Mar 05, 2019 1:49 pm
Forum: General
Topic: limitation of block address list
Replies: 1
Views: 144

Re: limitation of block address list

Search for and read post entitled MOAB.
by anav
Tue Mar 05, 2019 1:48 pm
Forum: General
Topic: Simple Miktorik + Proxmox VLAN config
Replies: 24
Views: 1399

Re: Simple Miktorik + Proxmox VLAN config

/export hide-sensitive file=yourlatestconfig
by anav
Tue Mar 05, 2019 1:45 pm
Forum: Beginner Basics
Topic: Help with WAN bandwidth limiting
Replies: 12
Views: 602

Re: Help with WAN bandwidth limiting

Solar are you telling us that to set up bw limits on a per user basis is that simple, no other commands?
by anav
Tue Mar 05, 2019 1:43 pm
Forum: Beginner Basics
Topic: port forwarding - can't figure it out
Replies: 2
Views: 196

Re: port forwarding - can't figure it out

There is a lot of garbage/noise on the internet regarding mikrotik setups For port forwarding you need one rule in firewall filter rules - to basically say to the router, please allow any dstnat packets through the firewall. In the firewall nat rules is where you make the individual port forwarding ...
by anav
Tue Mar 05, 2019 1:24 pm
Forum: Announcements
Topic: v6.45beta [testing] is released!
Replies: 305
Views: 72811

Re: v6.45beta [testing] is released!

*) bridge - fixed possible memory leak when using "ingress-filtering=yes" on bridge interface;

How did this bug manifest itself?? Been using this setup for a while and didnt notice any issues, on the other hand I dont really monitor that closely.
by anav
Tue Mar 05, 2019 4:56 am
Forum: Wireless Networking
Topic: cAP ac disconnecting
Replies: 1
Views: 203

Re: cAP ac disconnecting

my capacs are in wisp-AP mode and are used as APs in my network (two of them) carrying different vlans etc.......
They work fine. never tried cap mode.
by anav
Tue Mar 05, 2019 3:35 am
Forum: General
Topic: Simple Miktorik + Proxmox VLAN config
Replies: 24
Views: 1399

Re: Simple Miktorik + Proxmox VLAN config

Please actually post your config not the replication of what I suggested its very confusing.....
I need to see a clean latest config.
by anav
Mon Mar 04, 2019 11:38 pm
Forum: Beginner Basics
Topic: 2 firmware update locations ?
Replies: 7
Views: 489

Re: 2 firmware update locations ?

For some reason my firmware won't upgrade - any ideas? Model RouterBOARD 3011UiAS Serial Number 689A05E7C324 Firmware Type ipq8060 Factory Firmware 3.27 Current Firmware 6.44 Upgrade Firmware 6.44 I tried both UI and Terminal. Yes I have rebooted :) your routeboard firmeware is updated, (its the on...
by anav
Mon Mar 04, 2019 9:48 pm
Forum: General
Topic: Problem with src-nat - no received packe (have Tx but no Rx )
Replies: 3
Views: 228

Re: Problem with src-nat - no received packe (have Tx but no Rx )

I am not very familiar with pptp or ppoee etc........ but this looks wrong. add action=masquerade chain=srcnat comment="masquerade hotspot network" \ src-address=172.16.0.0/24 it should be add action=masquerade chain=srcnat comment="masquerade hotspot network" \ src-address=172.16.0.0/24 out-interfa...
by anav
Mon Mar 04, 2019 9:40 pm
Forum: Beginner Basics
Topic: VLAN on multiple PORTS tagged and untagged
Replies: 5
Views: 332

Re: VLAN on multiple PORTS tagged and untagged

No because you set your firewall rules in
/ip firewall filter (for both input and forward chain). They apply to all traffic!!
/ip firewall NAT (for source nat and nat/fw rules for each particular dstnat)
by anav
Mon Mar 04, 2019 4:17 pm
Forum: General
Topic: Suricata IDS/IPS integration with Mikrotik (now with OSSEC)
Replies: 183
Views: 79682

Re: Suricata IDS/IPS integration with Mikrotik (now with OSSEC)

Good points. Yes I have ports open for septic device and solar device with source address list for static company IPs to access. Having a source address list in my NAT rule renders the port invisible on scans Yes I have iot devices but they are all on vlans and not on the same vlan and only have acc...
by anav
Mon Mar 04, 2019 4:08 pm
Forum: General
Topic: Simple Miktorik + Proxmox VLAN config
Replies: 24
Views: 1399

Re: Simple Miktorik + Proxmox VLAN config

Okay, (1) Change both to bridge for interface /interface vlan add interface=ether4 name=vlan-ether4-HISOLAN-200 vlan-id=200 add interface=ether4 name=vlan-ether4-ISOLAN-100 vlan-id=100 add interface= bridge-LAN name=vlan-ether4-HISOLAN-200 vlan-id=200 add interface= bridge-LAN name=vlan-ether4-ISOLA...
by anav
Mon Mar 04, 2019 2:56 pm
Forum: Beginner Basics
Topic: 2 firmware update locations ?
Replies: 7
Views: 489

Re: 2 firmware update locations ?

Normis, I keep both up to date, after waiting a few days of course to see if there is some disaster (selfishly waiting of course). Is there a prescribed procedure for the routerboard such as a. keep it the same as OS or b. keep it one behind latest OS in case of issue cropping up on latest OS? Just ...
by anav
Mon Mar 04, 2019 2:54 pm
Forum: Beginner Basics
Topic: Help with WAN bandwidth limiting
Replies: 12
Views: 602

Re: Help with WAN bandwidth limiting

You can also limit the number of connections as well to assist in providing equal sharing amongst users.........
by anav
Mon Mar 04, 2019 2:52 pm
Forum: Beginner Basics
Topic: VLAN on multiple PORTS tagged and untagged
Replies: 5
Views: 332

Re: VLAN on multiple PORTS tagged and untagged

Hy, here my shorted export: /interface bridge add admin-mac=XXXXXXXXXXXXXXX auto-mac=no name=bridgeMAIN /interface ethernet set [ find default-name=ether2 ] name=2LIVROOM set [ find default-name=ether4 ] name=4FOO /interface vlan add comment=XXXXXXXXXXX interface=4FOO name=VLAN160 vlan-id=160 /inte...
by anav
Mon Mar 04, 2019 1:28 am
Forum: General
Topic: Radical change coming for home and small business networking
Replies: 37
Views: 2945

Re: Radical change coming for home and small buisness networking

Good luck with that
At first I thought, ah someone has shares invested, but then I realized that probably not, if one cannot spell business properly. ;-)
by anav
Sun Mar 03, 2019 11:52 pm
Forum: General
Topic: RouterOS making unaccounted outbound winbox connections [SOLVED]
Replies: 64
Views: 31623

Re: RouterOS making unaccounted outbound winbox connections [SOLVED]

Just check in System -> Schedule. There will be a schedule to run a script every minute that continues to allow the hackers in. Remove the script from System -> scripts too. SOCKS proxy has probably been enabled. turn that off. check there are no new users added under System -> users change the pas...
by anav
Sun Mar 03, 2019 10:42 pm
Forum: General
Topic: Radical change coming for home and small business networking
Replies: 37
Views: 2945

Re: Radical change coming for home and small buisness networking

Gotta link for any other information. Right now the only credible source is one company/site???? Where are the adoptees?? I would suspect that the name of the game would be transparency and the word that will be avoided is disruption. In other words technology that is going to cost people and force ...
by anav
Sun Mar 03, 2019 10:38 pm
Forum: General
Topic: Securing Mikrotik router using firewall rules causing issues. [SOLVED]
Replies: 21
Views: 1422

Re: Securing Mikrotik router using firewall rules causing issues. [SOLVED]

I would turn remote requests back on. You have your firewall rule that DNS to the router is ONLY allowed from the LAN interface, so you are covered. For your dhcp-server you have setup that gateway and DNS is your main LANIP you should put in a few servers, such as 8.8.8.8, 1.1.1.1, 208.67.222.222 I...
by anav
Sun Mar 03, 2019 10:31 pm
Forum: General
Topic: Suricata IDS/IPS integration with Mikrotik (now with OSSEC)
Replies: 183
Views: 79682

Re: Suricata IDS/IPS integration with Mikrotik (now with OSSEC)

Great explanation Tom, it sounds a bit of what layer7 firewall does on the Mikrotik, looking for a pattern of packets etc.......... I have read that using layer7 rules really loads the MT CPU so what you in affect are doing is offloading such work and using the MT at the very front end and to implem...
by anav
Sun Mar 03, 2019 8:20 pm
Forum: General
Topic: Taged and untaged to the same interface. [SOLVED]
Replies: 41
Views: 1723

Re: Taged and untaged to the same interface. [SOLVED]

No it has nothing to do with CLI, it has everything to do with the ability to communicate ideas clearly. Suggest you use google translate as I am sure in Estonian you can articulate your points much more precisely. A diagram is universal and does not rely on language. Winbox-Mikrotik notation is uni...
by anav
Sun Mar 03, 2019 8:16 pm
Forum: General
Topic: Securing Mikrotik router using firewall rules causing issues. [SOLVED]
Replies: 21
Views: 1422

Re: Securing Mikrotik router using firewall rules causing issues. [SOLVED]

Just noticed the fact that your are missint the TOO ADDRESS for your gameranger rule!!! add action=dst-nat chain=dstnat comment=GameRanger dst-port=xxxxx \ in-interface-list=WAN protocol=udp to-ports=xxxx add action=dst-nat chain=dstnat comment=GameRanger dst-port=xxxxx \ in-interface-list=WAN proto...
by anav
Sun Mar 03, 2019 7:41 pm
Forum: General
Topic: Securing Mikrotik router using firewall rules causing issues. [SOLVED]
Replies: 21
Views: 1422

Re: Securing Mikrotik router using firewall rules causing issues. [SOLVED]

So I understand game ranger you need to forward ports because ..... : a. You run a game ranger server on your LAN, or b. You need to open a port to your PC that is a client for Game Ranger (the server is on the internet) looking at your config, I would add connection-state=new for another entry arg...
by anav
Sun Mar 03, 2019 7:38 pm
Forum: General
Topic: Taged and untaged to the same interface. [SOLVED]
Replies: 41
Views: 1723

Re: Taged and untaged to the same interface. [SOLVED]

Well that explains it! According to a comedy show I watched, Estonians have evolved little since Neaderthal man. (At least thats what I heard a Latvian Comedian say). He also said something about the great beaches you have (of rock)! By the way I took a look at your post in the correct forum. It is ...
by anav
Sun Mar 03, 2019 6:28 pm
Forum: Wireless Networking
Topic: Mikrotik RB4011iGS+5HacQ2HnD and WiFi 802.11 AC 160mhz
Replies: 36
Views: 5364

Re: Mikrotik RB4011iGS+5HacQ2HnD and WiFi 802.11 AC 160mhz

RB4011 is a relatively new mode, but really a flagship model, and if they are aware of any issues, it is in their best interests to fix as soon as possible. They certainly were quick to fix inconsistencies with new Apple phones so I would guess that they are working on other fixes. Similarly the LHG...
by anav
Sun Mar 03, 2019 6:22 pm
Forum: General
Topic: HTTP speed test
Replies: 5
Views: 445

Re: HTTP speed test

You requested a feature, try the forum which states........ "RouterOS v6 RC and v7 BETA BETA Testing and Feature Suggestions for the next RouterOS release (ROS v7)" Can't miss it - as its top of the Forum list! .... What's new in 6.44 (2019-Feb-25 14:11): MAJOR CHANGES IN v6.44: --------------------...
by anav
Sun Mar 03, 2019 6:17 pm
Forum: General
Topic: Taged and untaged to the same interface. [SOLVED]
Replies: 41
Views: 1723

Re: Taged and untaged to the same interface. [SOLVED]

If you are the typical Latvian person, you have successfully removed any motivation to visit there. :-(
by anav
Sun Mar 03, 2019 3:01 pm
Forum: General
Topic: Wirless Managemnt On VLAN and Pass All vlans [SOLVED]
Replies: 4
Views: 367

Re: Wirless Managemnt On VLAN and Pass All vlans [SOLVED]

Can you post a diagram?
by anav
Sun Mar 03, 2019 2:59 pm
Forum: General
Topic: Taged and untaged to the same interface. [SOLVED]
Replies: 41
Views: 1723

Re: Taged and untaged to the same interface. [SOLVED]

Mkx, you are only a Guru, not to be trusted. ;-) However mi amigo, a trainer no less, the smart one of the three of us, and I don't mean MT acument. I mean he wakes up every morning and smells the Med, can go downstairs around the block and have some fresh tortilla.............damn him. I have to go...
by anav
Sun Mar 03, 2019 2:49 pm
Forum: Beginner Basics
Topic: VLAN Setup Renders CAPACS Invisible On Winbox
Replies: 4
Views: 368

Re: VLAN Setup Renders CAPACS Invisible On Winbox

Thanks I will give that a try.
by anav
Sun Mar 03, 2019 5:57 am
Forum: General
Topic: huge amount of TCP DNS queries from outside
Replies: 6
Views: 468

Re: huge amount of TCP DNS queries from outside

I see where you stated start with default configuration, the waters were muddied when you started by saying export configuration.
All is good! My apologies.
by anav
Sat Mar 02, 2019 11:39 pm
Forum: Beginner Basics
Topic: VLAN Setup Renders CAPACS Invisible On Winbox
Replies: 4
Views: 368

Re: VLAN Setup Renders CAPACS Invisible On Winbox

You have 3 vlan interfaces defined off bridgeHalway ... and yet bridgeHalway is not a member of any VLAN ... You don't have IP config on any of vlan interfaces so essentially you don't need those vlan interfaces at all. So I assume you want to have MAC winbox connectivity ... For that, you have to ...
by anav
Sat Mar 02, 2019 11:35 pm
Forum: Beginner Basics
Topic: Mikrotik 3011 VLAN setup voice + data
Replies: 60
Views: 5673

Re: Mikrotik 3011 VLAN setup voice + data

post config,,,,,,,,,, :-)
by anav
Sat Mar 02, 2019 9:05 pm
Forum: General
Topic: Suricata IDS/IPS integration with Mikrotik (now with OSSEC)
Replies: 183
Views: 79682

Re: Suricata IDS/IPS integration with Mikrotik (now with OSSEC)

Hi Tom, Just trying to understand what all this work is LOL. I gather you are using a computer with linux OS, that is performing some functions on incoming wan data? So what is the architecture - modem to router to computer back to router? What are you trying to stop? Presumably most people do not a...
by anav
Sat Mar 02, 2019 7:09 pm
Forum: General
Topic: Securing Mikrotik router using firewall rules causing issues. [SOLVED]
Replies: 21
Views: 1422

Re: Securing Mikrotik router using firewall rules causing issues. [SOLVED]

Confirmed --> Yes but please use safe mode for all configuration changes. Wait a few secs after each apply and if the router doesnt kick out your good to proceed. If it does kick you out, the offending action is not applied and you can re-connect to the point just before. Duplicate rules in red (whi...
by anav
Sat Mar 02, 2019 7:03 pm
Forum: Beginner Basics
Topic: VLAN Setup Renders CAPACS Invisible On Winbox
Replies: 4
Views: 368

VLAN Setup Renders CAPACS Invisible On Winbox

IAW with pcunites vlan new methods for setup, I moved the homelan off of the bridge and onto its own vlan (vlanid=11) (vice the default pvid=1). However, I have now lost access to my capacs. I have not been able to resolve the issue. For topology eth2 goes to a 24 port dlink managed switch (one trun...
by anav
Sat Mar 02, 2019 6:26 pm
Forum: Beginner Basics
Topic: [DHCP server] Define custom vendor class?
Replies: 8
Views: 2677

Re: [DHCP server] Define custom vendor class?

need this feature not only in enterprise env, but in WISP too
I dont understand the need for vendor class, in what use cases is it useful?
by anav
Sat Mar 02, 2019 6:22 pm
Forum: General
Topic: HTTP speed test
Replies: 5
Views: 445

Re: HTTP speed test

Wrong forum.
Suggest download speedtest app.
or check out new capability in 6.44!!
by anav
Sat Mar 02, 2019 6:10 pm
Forum: General
Topic: Limiting the number of concurrent sessions
Replies: 1
Views: 175

Re: Limiting the number of concurrent sessions

I just used google........ max 100 connection for every host ip (32 bit of netmask) : Code: Select all /ip firewall add chain=forward protocol= tcp tcp-flags=syn connection-limit=100,32 action=drop comment="connection limit" disabled=no in this case , max 100 connection for every host ip (32 bit of ...
by anav
Sat Mar 02, 2019 6:06 pm
Forum: Beginner Basics
Topic: Connecting two routers in two buildings with cable
Replies: 8
Views: 715

Re: Connecting two routers in two buildings with cable

Well I see a conflict as both routers are providing DHCP?
What would be the purpose of ether5 on both routers, in other words what does the connectivity allow.....
by anav
Sat Mar 02, 2019 4:47 pm
Forum: General
Topic: huge amount of TCP DNS queries from outside
Replies: 6
Views: 468

Re: huge amount of TCP DNS queries from outside

Would suggest export configuration, netinstall with latest firmware. And add back what you need from the old configuration. Default configuration is secure and a good point to start from. I never trust a router that has been comprised even if it was just a password hack. And good time to clean up t...
by anav
Sat Mar 02, 2019 4:46 pm
Forum: General
Topic: load-balancing don't work
Replies: 49
Views: 3014

Re: load-balancing don't work

Get rid of the static DNS setting. You dont have eth5 on a bridge port???? Next to peruse mangle rules.............. I'm no expert and thus recommend this MUM presentation....... https://mum.mikrotik.com/presentations/LB19/presentation_6360_1548749570.pdf I note it uses in-interface=LAN for its two ...
by anav
Sat Mar 02, 2019 4:25 pm
Forum: General
Topic: RB1100x4 not accessible!
Replies: 9
Views: 485

Re: RB1100x4 not accessible!

That was my mindset, I had 1100x2 locally. this was an x4. I was prepping to overnight a new one and re-config with config backups Howevr.. HUZZAH.. I was teamviewered to laptop, worked with client and set a local gateway - as was dual homed... then was able to netboot and re-install. Old config wa...
by anav
Sat Mar 02, 2019 4:24 pm
Forum: General
Topic: Securing Mikrotik router using firewall rules causing issues. [SOLVED]
Replies: 21
Views: 1422

Re: Securing Mikrotik router using firewall rules causing issues. [SOLVED]

Should I delete the green rules too? Going to try the the WAN settings in NAT . Actually I did was copy the upnp NAT rules, then disabled the upnp. It seems upnp took the ether1 by default. Update: Updated the In. Interface list to WAN. But, weird thing is that not after the implementation of rules...
by anav
Sat Mar 02, 2019 4:23 pm
Forum: General
Topic: Securing Mikrotik router using firewall rules causing issues. [SOLVED]
Replies: 21
Views: 1422

Re: Securing Mikrotik router using firewall rules causing issues. [SOLVED]

@anav
why is it deleted - ''untracked'' ?
Good question, its a side case IF.........
In other words its rarely used but is needed if doing something funky in raw rules.
In other words its not a basic setting but for me an advanced setting and not required.
by anav
Sat Mar 02, 2019 4:19 pm
Forum: General
Topic: Help - Configure RB750Gr3 with all ports isolated - Setting up VLANs?
Replies: 0
Views: 308

Re: Help - Configure RB750Gr3 with all ports isolated - Setting up VLANs?

Yes, there are two ways to proceed (in general). In either case you are going to create four different DHCP networks ******************USE SAFE MODE*********************** at all times through your configuring process. Just using LANs (1) In interface settings Use comment to identify each etherport ...
by anav
Sat Mar 02, 2019 3:59 pm
Forum: General
Topic: huge amount of TCP DNS queries from outside
Replies: 6
Views: 468

Re: huge amount of TCP DNS queries from outside

Please define cleaned it and secured it? That response may be inadequate!
by anav
Sat Mar 02, 2019 3:56 pm
Forum: Beginner Basics
Topic: DHCP Server Issues
Replies: 26
Views: 1556

Re: DHCP Server Issues

Too funny. I was merely pointing out that ether2 needed to be replaced by bridge in your rule. Yes I didn't include the last line of the rule but it should be /ip address add address=192.168.88.1/24 comment=defconf interface= bridge network=\ 192.168.88.0 It should work. (I normally use winbox to en...
by anav
Sat Mar 02, 2019 5:18 am
Forum: General
Topic: Securing Mikrotik router using firewall rules causing issues. [SOLVED]
Replies: 21
Views: 1422

Re: Securing Mikrotik router using firewall rules causing issues. [SOLVED]

My recommendations are to get rid of all those silly filter rules as I stated in a previous post. Get rid of all those source address lists except you need one for your admin access as stated in a previous post. The only comment I will make on your latest config is to use 'in-interface-list=wan" vic...
by anav
Sat Mar 02, 2019 5:09 am
Forum: Beginner Basics
Topic: DHCP Server Issues
Replies: 26
Views: 1556

Re: DHCP Server Issues

/ip address
add address=192.168.88.1/24 comment=defconf interface=ether2 network=\

should be
/ip address
add address=192.168.88.1/24 comment=defconf interface=bridge network=\
by anav
Sat Mar 02, 2019 12:44 am
Forum: Wireless Networking
Topic: CAPsMAN - different IP POOLs for 2 WLANs
Replies: 4
Views: 332

Re: CAPsMAN - different IP POOLs for 2 WLANs

Because there is no advantage other than a more complicated router setup and load on the router for only one device.
Understanding how the AP should be configured is a first step anyway.
I have two capacs and i would much rather have them separately configured as I do now.
by anav
Sat Mar 02, 2019 12:41 am
Forum: Beginner Basics
Topic: DHCP Server Issues
Replies: 26
Views: 1556

Re: DHCP Server Issues

Thats not a default setting is it..................
by anav
Fri Mar 01, 2019 10:35 pm
Forum: Beginner Basics
Topic: Introduction to RouterOS documentation
Replies: 13
Views: 919

Re: Introduction to RouterOS documentation

I truly sob when I read posts by Sob. I think that the flexibity of this great OS is its greatest downfall for those not IT trained. Concur Sob, you are bang on.
by anav
Fri Mar 01, 2019 10:33 pm
Forum: Beginner Basics
Topic: DHCP Server Issues
Replies: 26
Views: 1556

Re: DHCP Server Issues

I dont blame you.
Can you post your config.
/export hide-sensitive file=yourconfigmar01
by anav
Fri Mar 01, 2019 9:37 pm
Forum: Wireless Networking
Topic: CAPsMAN - different IP POOLs for 2 WLANs
Replies: 4
Views: 332

Re: CAPsMAN - different IP POOLs for 2 WLANs

For only one AP, I personally wouldnt touch capsman with a 10 foot pole.
by anav
Fri Mar 01, 2019 9:36 pm
Forum: Beginner Basics
Topic: Routing over a wireless client issues.
Replies: 1
Views: 179

Re: Routing over a wireless client issues.

Damn I wish you hadnt added the extra bit on your post. I am not allowed to be an accessory to a crime so I cannot help. :-)
Not sure what you mean what would help is
a. diagram
b. config
/export hide-sensitive file=yourconfigmar01
by anav
Fri Mar 01, 2019 9:34 pm
Forum: Beginner Basics
Topic: DHCP Server Issues
Replies: 26
Views: 1556

Re: DHCP Server Issues

Hmmm did you try rebooting the PCs and the router?
by anav
Fri Mar 01, 2019 9:32 pm
Forum: General
Topic: Drop traffic between two different vlans that are on the same interface
Replies: 10
Views: 534

Re: Drop traffic between two different vlans that are on the same interface

Hi CZFAN, sorry no capiche. Not being able to ping hosts, from the lan side but using external WANIPs is probably an issue with not using hairpin nat. Not being able to ping hosts on the same vlan from the lan side of the router is finger problems Not being able to ping from one vlan to another vlan...
by anav
Fri Mar 01, 2019 9:25 pm
Forum: General
Topic: Taged and untaged to the same interface. [SOLVED]
Replies: 41
Views: 1723

Re: Taged and untaged to the same interface. [SOLVED]

I did not say I was a Guru in the definition sense, its what shows up next to my nick/avatar and I have no choice.
If they let me configure that or provide choices it would be KETBD "Knows enough to be Dangerous"
by anav
Fri Mar 01, 2019 9:23 pm
Forum: General
Topic: RB3011 Switch VLAN Access Port Issue
Replies: 5
Views: 781

Re: RB3011 Switch VLAN Access Port Issue

A good reason to stick with VLANS on a single bridge approach. Slower but no leakage or errors is better. Tortoise wins the race!!!
by anav
Fri Mar 01, 2019 9:22 pm
Forum: General
Topic: Securing Mikrotik router using firewall rules causing issues. [SOLVED]
Replies: 21
Views: 1422

Re: Securing Mikrotik router using firewall rules causing issues. [SOLVED]

You do not need upnp enabled. In fact sometimes you dont need a port fowarding for torrenting, I have no idea about Game Ranger. In any case, for port forwarding if you cannot nail down the external WANIPs that need access to your server (unsolicited entry ie not due to reply packets coming in throu...
by anav
Fri Mar 01, 2019 9:13 pm
Forum: General
Topic: Securing Mikrotik router using firewall rules causing issues. [SOLVED]
Replies: 21
Views: 1422

Re: Securing Mikrotik router using firewall rules causing issues. [SOLVED]

Duplicate rules in red (which you can delete) out of order rules in blue (put in order ie input chain first then forward chain) Drop rules in green or parts of rules add rules pink /ip firewall filter add action=accept chain=input comment=\ "defconf: accept established,related ,untracked" connection...
by anav
Fri Mar 01, 2019 4:57 pm
Forum: General
Topic: RouterOS v7.0 beta1 - when?
Replies: 609
Views: 157389

Re: RouterOS v7.0 beta1 - when?

Ive written my letter to Tully CEO. It says. "Don't listen to all these yahoos on the forum that whine about v7. Keep providing stable secure releases with the fixes that can be managed with the resources you have. Regardless of the brand of networking equipment, there is always a huge crowd of unsa...
by anav
Fri Mar 01, 2019 4:48 pm
Forum: Beginner Basics
Topic: Introduction to RouterOS documentation
Replies: 13
Views: 919

Re: Introduction to RouterOS documentation

Hi Colin, Welcome to the world of MikroTik. Very little official documentation, lots of user input (with multiple solutions to 1 issue normally) and an extremely steep learning curve. Use the default config to start with, adapt it to get you "online" and then study it from there to understand what ...
by anav
Fri Mar 01, 2019 4:44 pm
Forum: General
Topic: hap Mini
Replies: 10
Views: 1058

Re: hap Mini

Concur, when you buy a mini or 'lite' version, one should expect half an update LOL.
(in other words there should be mini or lite upgrade versions - split updates into standard lite (bare minimum required packages) and extra lite (contains only xtra packages)
by anav
Fri Mar 01, 2019 4:39 pm
Forum: General
Topic: Taged and untaged to the same interface. [SOLVED]
Replies: 41
Views: 1723

Re: Taged and untaged to the same interface. [SOLVED]

My title says Guru, not Admin. Simple lesson in literacy. Latvia I am sure is a beautiful country with friendly and warm people. However, when the Russian Tanks come rolling over the horizon that will be gone in a flash, I am afraid and the world will lose another friend! On a positive note, my driv...
by anav
Fri Mar 01, 2019 4:36 pm
Forum: General
Topic: Drop traffic between two different vlans that are on the same interface
Replies: 10
Views: 534

Re: Drop traffic between two different vlans that are on the same interface

Trafic that you are trying to avoid in your ping command is not for the forward chain, is for the input chain. If you do not want users on vlanx communicate with the interface of the VLANy on the router , you need to block the traffic on the input chain. Regards. What you said makes no sense to me....
by anav
Fri Mar 01, 2019 4:34 pm
Forum: General
Topic: Simple Miktorik + Proxmox VLAN config
Replies: 24
Views: 1399

Re: Simple Miktorik + Proxmox VLAN config

Well, the promox bit is zing over my head but since your name is one of my favourite Barca footballers I will do my best with the rest.............
by anav
Fri Mar 01, 2019 4:31 pm
Forum: General
Topic: Securing Mikrotik router using firewall rules causing issues. [SOLVED]
Replies: 21
Views: 1422

Re: Securing Mikrotik router using firewall rules causing issues. [SOLVED]

Try this with set to "loose" vice strict. /ip settings set rp-filter=strict This is a problem.......... /ip address add address=192.168.88.1/24 comment=defconf interface=ether2 network=\ 192.168.88.0 The interface should be your bridge!!! not ether2 Remove and disable upnp , not required and a secur...
by anav
Fri Mar 01, 2019 4:19 pm
Forum: Beginner Basics
Topic: reverse nat in packet flow diagram
Replies: 16
Views: 1327

Re: reverse nat in packet flow diagram

To all, I found the best pic for this discussion presented at a recent MUM. Yes, I have no life I troll MUM archives. Shoot me now! Slides 15-16 https://mum.mikrotik.com/presentations/CL19/presentation_6440_1550064119.pdf For an Ipsec flow, refer to SLIDE 27 on this pdf (I love the onion analogy for...
by anav
Fri Mar 01, 2019 4:07 pm
Forum: Beginner Basics
Topic: Introduction to RouterOS documentation
Replies: 13
Views: 919

Re: Introduction to RouterOS documentation

csaunders72, welcome to the complex and powerful world of MikroTik do not fear, the bost basic stuff is in the web interface "QUICKSET" tab and if you do not go elsewhere, your home router can be set up with just that page. venture further only if you want to learn. you can start here, search by to...
by anav
Fri Mar 01, 2019 3:59 pm
Forum: Beginner Basics
Topic: firewall prerouting [SOLVED]
Replies: 6
Views: 924

Re: firewall prerouting [SOLVED]

That is a problem because you think you explained what you wish to accomplish and all you did was ask why isnt some configuration working and the unexpected results you are getting. None of which has anything to do with your requirements. As I requested state your requirements on a use case basis wi...
by anav
Fri Mar 01, 2019 3:55 pm
Forum: Beginner Basics
Topic: Introduction to RouterOS documentation
Replies: 13
Views: 919

Re: Introduction to RouterOS documentation

Awesome, suggest you fly to Latvia (for a vacation) and help write decent documentation for the Wiki that addresses the non-IT trained person in setting up their equipment. The documentation is sufficient to get one up and running (as is the default setup) but as soon as you start to implement chang...
by anav
Fri Mar 01, 2019 1:02 am
Forum: General
Topic: Taged and untaged to the same interface. [SOLVED]
Replies: 41
Views: 1723

Re: Taged and untaged to the same interface. [SOLVED]

Well Im sure Latvia and Canada are very similar except your schnapps is way better whereas our Rye Whiskey is only to dream about in Latvia.
In that case you can probably visit MT and get better answers directly!!
by anav
Fri Mar 01, 2019 1:00 am
Forum: General
Topic: Simple Miktorik + Proxmox VLAN config
Replies: 24
Views: 1399

Re: Simple Miktorik + Proxmox VLAN config

Xavi your written description does not match your diagram. You show ports 2,3,4 connecting to 3 switches. Switch 2 feeds to your private LAN Switch 3 feeds ISOLAN (vlan100) Switch 4 feeds HISOLAN (vlan200) Okay I understand in reality you only have one input for all of BOCA4 So port 4 on the router ...
by anav
Fri Mar 01, 2019 12:00 am
Forum: General
Topic: Taged and untaged to the same interface. [SOLVED]
Replies: 41
Views: 1723

Re: Taged and untaged to the same interface. [SOLVED]

Hopefully you can find a mikrotik forum in your own country that speaks your language and/or find a trained person in your country and they can assist.
I quite frankly have not understood much of what your saying and without a diagram and a config I cannot help further
by anav
Thu Feb 28, 2019 10:28 pm
Forum: General
Topic: Problem RB1100AHx4
Replies: 1
Views: 221

Re: Problem RB1100AHx4

You need to do a netinstall procedure. Basically attach the device directly to your PC. Setting the ipv4 on the PC to specific settings. Reset the router using the pinhole but in a different manner than for just a quick reset. I believe you wait until the light starts blinking and then is solid agai...
by anav
Thu Feb 28, 2019 10:21 pm
Forum: General
Topic: Taged and untaged to the same interface. [SOLVED]
Replies: 41
Views: 1723

Re: Taged and untaged to the same interface. [SOLVED]

Oh okay this is a theoretical discussion and you do not have a MT router and dont have a configuration and dont have a network. Well then, ask your professor at school :-) I have tagged and untagged vlans on ports on my MT What you wont find is a single port serving a device which has to be on a vla...
by anav
Thu Feb 28, 2019 10:14 pm
Forum: Beginner Basics
Topic: Need help opening ports for Torrents on RB2011iLS-IN
Replies: 10
Views: 787

Re: Need help opening ports for Torrents on RB2011iLS-IN

Awesome and as noted on the NAT rules, For destination NAT if the too port is the same as the destination port in the rule (no translation required), only the destination port need be entered.
There is no harm in entering it twice and its also clear to any reader.
by anav
Thu Feb 28, 2019 10:10 pm
Forum: Beginner Basics
Topic: allow wifi only local network
Replies: 5
Views: 557

Re: allow wifi only local network

Well that depends....... From a security router admin standpoint, no access is granted unless required. Meaning if the wifi users ONLY need access to the LAN for the shared printer that also means there is no requirement for them to access the rest of the LAN. Thus one only needs the following filte...
by anav
Thu Feb 28, 2019 10:05 pm
Forum: Beginner Basics
Topic: Isolate Ethernet Client
Replies: 1
Views: 214

Re: Isolate Ethernet Client

Posting a config may help
/export hide-sensitive file=yourconfigfeb28

What I would do is put all on a single bridge.
a vlan for the private wifi,
a vlan for port 3 traffic.

(to clarify would the WLAN be part of the network that pc1 and pc2 or is it truly private from the rest).
by anav
Thu Feb 28, 2019 8:24 pm
Forum: General
Topic: Drop traffic between two different vlans that are on the same interface
Replies: 10
Views: 534

Re: Drop traffic between two different vlans that are on the same interface

By their nature VLANS provide separation at layer two. Thus even if on the same bridge they will not crosstalk. However if you allow them at layer 3 to connect, then they will be able to reach each other. The key is proper forward chain fiirewall filter rules. Your basic forward chain should be fast...
by anav
Thu Feb 28, 2019 8:18 pm
Forum: General
Topic: Taged and untaged to the same interface. [SOLVED]
Replies: 41
Views: 1723

Re: Taged and untaged to the same interface. [SOLVED]

Do you have a diagram to provide and also if available a config?
by anav
Thu Feb 28, 2019 4:11 pm
Forum: Beginner Basics
Topic: Need help opening ports for Torrents on RB2011iLS-IN
Replies: 10
Views: 787

Re: Need help opening ports for Torrents on RB2011iLS-IN

Concur, turn UPNP off. Simply create the necessary DST rules as you have done, for the most part they seem fine. For filter rule as I stated in my above post create a rule allowing those connections. As to what Steve intimated, I would put your torrent server on its own VLAN with no access to your L...
by anav
Thu Feb 28, 2019 3:04 pm
Forum: General
Topic: Srcnat
Replies: 6
Views: 377

Re: Srcnat

I think any English major would point out that you connected the dots in an obtuse way and my analysis is accurate. I know what you meant but it was not conveyed cleanly and of course, you know how I feel about bad ponys................. In any case, I think its a good exercise to look at the packet...
by anav
Thu Feb 28, 2019 2:59 pm
Forum: General
Topic: Remote SSH access Issue Via NAT
Replies: 4
Views: 302

Re: Remote SSH access Issue Via NAT

??/ Mikrotik doesnt make modems??
Who setup the ssh on the modem??
by anav
Thu Feb 28, 2019 2:58 pm
Forum: General
Topic: Service Ports in red
Replies: 12
Views: 1437

Re: Service Ports in red

A diagram will help, I am only used to simple networks at home.
by anav
Thu Feb 28, 2019 2:57 pm
Forum: General
Topic: Unauthorized access to MikroTiK
Replies: 20
Views: 2808

Re: Unauthorized access to MikroTiK

If you cannot use netinstall then there are no guarantees for a hacked unit, regardless of what half measures you take.
by anav
Thu Feb 28, 2019 2:54 pm
Forum: General
Topic: Problem with src-nat - no received packe (have Tx but no Rx )
Replies: 3
Views: 228

Re: Problem with src-nat - no received packe (have Tx but no Rx )

post config
/export hide-sensitive file=yourconfigfeb28
by anav
Thu Feb 28, 2019 2:53 pm
Forum: General
Topic: Remote SSH access Issue Via NAT
Replies: 4
Views: 302

Re: Remote SSH access Issue Via NAT

You cannot access the external modem??
by anav
Thu Feb 28, 2019 2:52 pm
Forum: Beginner Basics
Topic: trunk configuration on hEX S
Replies: 1
Views: 234

Re: trunk configuration on hEX S

viewtopic.php?f=13&t=143620

Have a read through the examples in this link and you should be well on your way.
At least it will spur more specific questions.
by anav
Thu Feb 28, 2019 2:49 pm
Forum: Beginner Basics
Topic: allow wifi only local network
Replies: 5
Views: 557

Re: allow wifi only local network

The easy answer is NOT to have the wifi on the same subnet. It is very easy to put wifi on a VLAN or a different LAN, your choice. Then via firewall filter rules you will only allow LAN(wired) to internet and you will allow the VLAN or wifi LAN subnet to only access the single wired LANIP. By puttin...
by anav
Thu Feb 28, 2019 4:36 am
Forum: General
Topic: Srcnat
Replies: 6
Views: 377

Re: Srcnat

Well looking at the diagrams its a puzzle for sure. ... In the PostRouting Chain hey we can see the srcnat block here!!! Exactly. Thats where the block is = thats where both decision and address translation occurs. No complexity, no puzzle. ps: same applies for dst-nat - it occurs exactly at the pl...
by anav
Thu Feb 28, 2019 4:31 am
Forum: Beginner Basics
Topic: reverse nat in packet flow diagram
Replies: 16
Views: 1327

Re: reverse nat in packet flow diagram

True dat!

How do I post a jpeg here, not a linked one that you have to open up???
by anav
Wed Feb 27, 2019 11:31 pm
Forum: General
Topic: Hardware Selection
Replies: 14
Views: 1204

Re: Hardware Selection

Got it thanks! I dont think I was saying 20gigs at any time but I was not thinking that there would be two way flow at all times and plus there will be wan in and out that may also detract from that total. In any case the 10+ sft port is the fattest pipe to use to a main switch.
by anav
Wed Feb 27, 2019 11:28 pm
Forum: General
Topic: Srcnat
Replies: 6
Views: 377

Re: Srcnat

Well looking at the diagrams its a puzzle for sure. The Routing diagram clearly either I or K routes, I think I is showing the input side to the routing decision (to the router) whereas K is the outgoing side and thus probably more applicable. So following the bouncing ball K goes back into the rout...
by anav
Wed Feb 27, 2019 9:33 pm
Forum: General
Topic: Firewall in Access Points
Replies: 8
Views: 602

Re: Firewall in Access Points

Okay so the capac acting as a wisp bridge an invoke input chain rules???
by anav
Wed Feb 27, 2019 8:58 pm
Forum: General
Topic: Taged and untaged simultaneously?
Replies: 9
Views: 655

Re: Taged and untaged simultaneously?

No I am the Llama from Canada, some day Donkey ;-)
by anav
Wed Feb 27, 2019 8:57 pm
Forum: Beginner Basics
Topic: Need help opening ports for Torrents on RB2011iLS-IN
Replies: 10
Views: 787

Re: Need help opening ports for Torrents on RB2011iLS-IN

You dont need the to port rules in your DST NAT rules if the dst port entered is the same.
For the firewall your need a single rule for the forward chain
add action=accept chain=forward connection-nat-state=dstnat
by anav
Wed Feb 27, 2019 8:49 pm
Forum: General
Topic: Hardware Selection
Replies: 14
Views: 1204

Re: Hardware Selection

Paternot, interesting however, the diagram distinctly shows a 10gb link direct to the SFP+ port. Perhaps it would be fair to say that if no other etheports are used (other than WAN) then the SFP+ port may see traffic close to 10Mgb? In other words the router could use that sfp link to another manage...
by anav
Wed Feb 27, 2019 8:22 pm
Forum: General
Topic: Taged and untaged to the same interface. [SOLVED]
Replies: 41
Views: 1723

Re: Taged and untaged to the same interface. [SOLVED]

Well without a diagram and without a config to look at its hard to understand what you want. Thus I can only tell you my configuration. I have two etheports for my LAN, eth2 and eth3, Since eth2 goes to a managed switch and eth3 goes to a managed switch they are both trunk ports. All the vlans runni...
by anav
Wed Feb 27, 2019 7:38 pm
Forum: General
Topic: Taged and untaged to the same interface. [SOLVED]
Replies: 41
Views: 1723

Re: Taged and untaged to the same interface. [SOLVED]

Have you read the links provided from the other post? The examples show how to setup a single bridge. create vlans with the bridge as the interface and all required subnet type info (ip address, ip pool, dhcp server and dhcp-server network) How to setup bridge ports How to setup interface bridge vla...
by anav
Wed Feb 27, 2019 6:00 pm
Forum: General
Topic: Anybody ues AT&T Gigabit Fiber with Mikrotik RouterOS?
Replies: 77
Views: 9378

Re: Anybody ues AT&T Gigabit Fiber with Mikrotik RouterOS?

No worries medkit, since that RB3011 seems really underpowered for your Huge network and I have a much smaller network please feel free to send it my way, I will pay postage.
by anav
Wed Feb 27, 2019 5:54 pm
Forum: General
Topic: Hardware Selection
Replies: 14
Views: 1204

Re: Hardware Selection

Hmmm I think I prefer Bert, or perhaps Ernie LOL. Do you play with a little yellow rubber ducky in the tub??
by anav
Wed Feb 27, 2019 5:51 pm
Forum: General
Topic: redirect subdomain(NAT)
Replies: 11
Views: 1180

Re: redirect subdomain(NAT)

The big V 1, the magic unicorn 0 :-)
by anav
Wed Feb 27, 2019 5:46 pm
Forum: General
Topic: RouterOS v7.0 beta1 - when?
Replies: 609
Views: 157389

Re: RouterOS v7.0 beta1 - when?

@vecernik87 Hey guys, stop harassing Mikrotik about V7 :D It is a good topic for jokes but bad choice for serious discussion. I am not a blind fan, but in this case, @normis is right. Anyone, who ever did a continuous development, knows that specifying future dates of release is a suicide. If you do...
by anav
Wed Feb 27, 2019 5:36 pm
Forum: General
Topic: Taged and untaged simultaneously?
Replies: 9
Views: 655

Re: Taged and untaged simultaneously?

Yes, I can answer you question in the appropriate forum. :-)
by anav
Wed Feb 27, 2019 5:35 pm
Forum: General
Topic: VLAN id translation?
Replies: 8
Views: 522

Re: VLAN id translation?

I wish I could to save time and energy. No one will mind if you click on any post in this thread as being solved (then it will be effectively ignored from hereonin) and you can repost your initial question in either of the two other forums noted.
by anav
Wed Feb 27, 2019 5:33 pm
Forum: General
Topic: Hardware Selection
Replies: 14
Views: 1204

Re: Hardware Selection

Frankly speaking: Bartosz ... "sz" pronounced as "sh" in "wash" :lol:
no problemo Bart for short, no chance for error LOL
by anav
Wed Feb 27, 2019 5:32 pm
Forum: General
Topic: Service Ports in red
Replies: 12
Views: 1437

Re: Service Ports in red

First thing I noticed is an error in ip address. /ip address add address=10.16.2.2/30 comment=defconf interface=ether2-Gateway\ network=10.16.2.0 add address=100.100.11.1/24 interface=vlan11 network=100.100.11.0 add address=192.168.254.1/24 interface=vlan11 network=192.168.254.0 Second, I have no cl...
by anav
Wed Feb 27, 2019 5:22 pm
Forum: Beginner Basics
Topic: allow wifi only local network
Replies: 5
Views: 557

Re: allow wifi only local network

Okay lets see if this makes sense. you have wired LAN you have a wifi a. is the wifi on the same subnet as the LAN? b. do you want the wifi on a different subnet? c. should wifi be able to access wired LAN d. should wifi be able to access the internet e. should the wired LAN be able to access the in...
by anav
Wed Feb 27, 2019 5:18 pm
Forum: General
Topic: Taged and untaged simultaneously?
Replies: 9
Views: 655

Re: Taged and untaged simultaneously?

It is not pollution. I have given you clear directions on where the answers to your questions are located. I have also lead you by your hand to the appropriate forums for technical help (General or Beginner Basics). Please feel free to take the free advice and post your questions in the appropriate ...
by anav
Wed Feb 27, 2019 5:15 pm
Forum: General
Topic: VLAN id translation?
Replies: 8
Views: 522

Re: VLAN id translation?

Your question on a topic in a forum designed to discuss new features requested by users (not technical help for router configuration) is by very definition SPAM. Please feel free to continue to report your self-inflicted spam crimes. :-) I suggest you please post your topic in an appropriate forum a...
by anav
Wed Feb 27, 2019 4:17 pm
Forum: General
Topic: VLAN id translation?
Replies: 8
Views: 522

Re: VLAN id translation?

The answers are in the links provided. Use google translate if necessary.
by anav
Wed Feb 27, 2019 4:14 pm
Forum: General
Topic: Taged and untaged simultaneously?
Replies: 9
Views: 655

Re: Taged and untaged simultaneously?

Then read more slowly and pay close attention to the examples in the second link.
by anav
Wed Feb 27, 2019 4:13 pm
Forum: General
Topic: VLAN id translation?
Replies: 8
Views: 522

Re: VLAN id translation?

The answers to all your questions were provided in this post............
viewtopic.php?f=1&t=145849
by anav
Wed Feb 27, 2019 4:10 pm
Forum: General
Topic: routerOS blocks various surveillance cloud adresses
Replies: 2
Views: 270

Re: routerOS blocks various surveillance cloud adresses

Also you need to post your config, what you think is setup and what is actually configured are not always the same. ;-)

/export hide-sensitive file=yourconfigfeb27
by anav
Wed Feb 27, 2019 4:09 pm
Forum: General
Topic: Hardware Selection
Replies: 14
Views: 1204

Re: Hardware Selection

The RB4011 is better bang for the buck bartoz............. same engine better test results and a 10gig port (SFP+) which the 1100 doesnt have and its cheaper.
by anav
Wed Feb 27, 2019 4:02 pm
Forum: General
Topic: 6.42.7 Not safe from Zeroday Exploit
Replies: 2
Views: 484

Re: 6.42.7 Not safe from Zeroday Exploit

Concur, your report is interesting but without evidence that the routers were netinstalled to 6.42.7 and the passwords changed there is no story here................. moving along.
by anav
Wed Feb 27, 2019 4:00 pm
Forum: General
Topic: Firewall in Access Points
Replies: 8
Views: 602

Re: Firewall in Access Points

Well since its in AP mode how and thus not routing at layer 3, how is it going to apply filter rules?
Not saying it cant but usually not possible.
I do know there is a default rule that allows all traffic to pass so there is some sort of ACL structure or filtering.
by anav
Wed Feb 27, 2019 3:57 pm
Forum: General
Topic: Service Ports in red
Replies: 12
Views: 1437

Re: Service Ports in red

post your config
/export hide-sensitive file=yourconfigfeb27
by anav
Wed Feb 27, 2019 3:56 pm
Forum: General
Topic: Joining VLANs
Replies: 3
Views: 481

Re: Joining VLANs

Wrong forum, try General and/or Beginner Basics.
I would be happy to answer questions there.
by anav
Wed Feb 27, 2019 3:54 pm
Forum: General
Topic: Taged and untaged simultaneously?
Replies: 9
Views: 655

Re: Taged and untaged simultaneously?

Why do you use the most inappropriate forum for this question? There is a General and Beginner Basics forum, both would have been reasonable choices. One also expects some level of effort to understand the topic prior to asking questions so recommended reading includes: https://wiki.mikrotik.com/wik...
by anav
Wed Feb 27, 2019 2:27 pm
Forum: General
Topic: Hardware Selection
Replies: 14
Views: 1204

Re: Hardware Selection

The RB4011 non-wifi version is a beast with one SFP+ port for 10gig passthrough............ Not sure if that is something that appeals?
Check out the specs compared to the other devices........
by anav
Wed Feb 27, 2019 2:24 pm
Forum: General
Topic: Firewall in Access Points
Replies: 8
Views: 602

Re: Firewall in Access Points

Hmm interesting question.
On my two capacs I have winbox access only from the LAN side but no firewall rules added.
Access to configure the capac is limited to either subnet or specific pc IPs.
The firewall rules are applied to all traffic by the main router.

Are you saying there is more to do??
by anav
Wed Feb 27, 2019 2:21 pm
Forum: General
Topic: how to block traffic between WiFi and Ethernet?
Replies: 1
Views: 268

Re: how to block traffic between WiFi and Ethernet?

Sounds bizarre and not fruitful...... best to have something like {forward chain} default -allow established related fastrack allow established related drop invalid packets [add any allow rules you wish] drop all else. IN other words in the above setup nothing is allowed in terms of layer 3 routing ...
by anav
Wed Feb 27, 2019 2:16 pm
Forum: Beginner Basics
Topic: reverse nat in packet flow diagram
Replies: 16
Views: 1327

Re: reverse nat in packet flow diagram

@vecernik87: He's just eager to learn. No matter how much knowledge you throw on him, he wants more. :) Not really, I just want it to be clear that people do not have to make DST NAT rules in the configuration to ensure return packets from SOURCE NAT rules get back to the original LANIP. Its not a ...
by anav
Wed Feb 27, 2019 2:09 pm
Forum: Beginner Basics
Topic: Using MikroTik hAP as simple switch plus wireless AP
Replies: 37
Views: 13569

Re: Using MikroTik hAP as simple switch plus wireless AP

Well any slight bit of research would have pointed that out, which is something most of us do and would expect one to conduct. https://wiki.mikrotik.com/wiki/Manual:Winbox https://wiki.mikrotik.com/wiki/Manual:First_time_startup Probably a few gazillon youtube examples to boot. But I agree impossibl...
by anav
Wed Feb 27, 2019 4:07 am
Forum: Beginner Basics
Topic: reverse nat in packet flow diagram
Replies: 16
Views: 1327

Re: reverse nat in packet flow diagram

Thanks Sob, that clears it up. Best not to swallow any stories from ponys on drugs. ;-)
by anav
Wed Feb 27, 2019 2:08 am
Forum: General
Topic: Security issue when Winbox exposed
Replies: 68
Views: 6225

Re: Security issue when Winbox exposed

@Redmor: It depends. If you configure firewall to let only specific addresses in, nothing else will pass. But whether traffic that looks as from some address is really from device that legitimately owns that address, that's a different question. E.g. if I whitelist a.b.c.d on my home router, there'...
by anav
Wed Feb 27, 2019 2:03 am
Forum: Beginner Basics
Topic: reverse nat in packet flow diagram
Replies: 16
Views: 1327

Re: reverse nat in packet flow diagram

I beg to differ. Its not destination nat that is going on its simply connection tracking linking the dots. Destination NAT refers to a process selected by the admin for certain traffic. If you are saying that the router automatically performs what appears to be destination nat type functionality for...
by anav
Wed Feb 27, 2019 1:57 am
Forum: Beginner Basics
Topic: Using MikroTik hAP as simple switch plus wireless AP
Replies: 37
Views: 13569

Re: Using MikroTik hAP as simple switch plus wireless AP

Okay after you have used the pin to reset the router, and have setup your pc.
Just plug eth2 directly to your PC. You should be able to winbox directly into the router unless its broken???
by anav
Wed Feb 27, 2019 1:52 am
Forum: Beginner Basics
Topic: Block LAN access, allow only Internet + some restrictions
Replies: 2
Views: 766

Re: Block LAN access, allow only Internet + some restrictions

What I would do is turn all that traffic into a vlan. So lets say eth3 is a port that is directly wired to the AP. create a guest-bridge (pvid=1) ingress filtering=yes create vlanAP_30 associate the vlan to the guest bridge when identifying the vlan interface add address with interface being vlanAP_...
by anav
Tue Feb 26, 2019 11:36 pm
Forum: General
Topic: Security issue when Winbox exposed
Replies: 68
Views: 6225

Re: Security issue when Winbox exposed

The only open to internet usage would be via port knocking as a last resort, otherwise it would be VPN to router and then access winbox from within router.
by anav
Tue Feb 26, 2019 11:34 pm
Forum: Beginner Basics
Topic: Using MikroTik hAP as simple switch plus wireless AP
Replies: 37
Views: 13569

Re: Using MikroTik hAP as simple switch plus wireless AP

Yup exactly, so why cannot you connect to the router from the PC.
If the PC is setup with static IP 192.168.88.2 and point to gateway 192.168.88.1 and the router reset to defaults it should just work
Did you startup winbox??
by anav
Tue Feb 26, 2019 10:12 pm
Forum: Wireless Networking
Topic: Power Source for Temp Remote Location
Replies: 17
Views: 1116

Re: Power Source for Temp Remote Location

How much power watts does a laptop need? ( I actually googled that tripplite yesterday when looking around). Another nice option besides the netonix dc switch is this puppy (courtesy of alphageek) http://www.tycononline.com/TP-DCDC-1224G-9-36VDC-In-24VDC-Out-19W-Gigabit-DC-to-DC-Conv-POE-Ins_p_22.ht...
by anav
Tue Feb 26, 2019 10:07 pm
Forum: General
Topic: Firewall not matching bridge traffic in interface list
Replies: 5
Views: 717

Re: Firewall not matching bridge traffic in interface list

Hi usdmatt, thanks for those answers they really do help. My comments.... 1. I recommend you dont allow external remote access to winbox directly. If you cannot vpn into the router first, or use port knocking methods, do not do it. 2. Change your default winbox port number for starters. 3. As an adm...
by anav
Tue Feb 26, 2019 9:43 pm
Forum: General
Topic: RB750 hexlite configuration
Replies: 3
Views: 502

Re: RB750 hexlite configuration

Okay understand.
When you have a config post it here
/export hide-sensitive file=yourconfigfeb27

Dont add anything extra in firewall rules or anything just a basic setup to get you going.
by anav
Tue Feb 26, 2019 9:41 pm
Forum: General
Topic: Security issue when Winbox exposed
Replies: 68
Views: 6225

Re: Security issue when Winbox exposed

This is not rocket science.
Do not open winbox to the internet
Do not open winbox to the input chain (from the LAN side) except for admin.
Disable any unused services
For enabled services only allow the admin

What am I missing here??
by anav
Tue Feb 26, 2019 9:37 pm
Forum: Beginner Basics
Topic: default gateway with recursive lookup
Replies: 8
Views: 726

Re: default gateway with recursive lookup

Interesting question, I have not played with scope and perhaps its time to have that discussion!! Normally I just ensure my distance settings ensure that my first public DNS server lines up with its two rules (distance=X) and my second backup dns server lines up with its two rules but of higher numb...
by anav
Tue Feb 26, 2019 9:33 pm
Forum: Beginner Basics
Topic: firewall prerouting [SOLVED]
Replies: 6
Views: 924

Re: firewall prerouting [SOLVED]

A better way to approach this is not to show us any configuration but put in words what functionality you would like to have without discussing solution. ex. I want to only allow SSH and winbox connections outbound (lan to wan) for the admin only. Second, express your concerns. I am afraid of..........
by anav
Tue Feb 26, 2019 9:26 pm
Forum: Beginner Basics
Topic: Using MikroTik hAP as simple switch plus wireless AP
Replies: 37
Views: 13569

Re: Using MikroTik hAP as simple switch plus wireless AP

Thats why you use your magic pin and reset it to defaults and then following the steps.
by anav
Tue Feb 26, 2019 5:27 pm
Forum: General
Topic: Firewall not matching bridge traffic in interface list
Replies: 5
Views: 717

Re: Firewall not matching bridge traffic in interface list

Everything looks okay after a quick glance. I think you can delete this default rule which sticks around and is not so easy to find (static tab under IP DNS). /ip dns static add address=192.168.0.253 name=router Will only leave question entries............ /ip firewall filter add action=accept chain...
by anav
Tue Feb 26, 2019 5:00 pm
Forum: Beginner Basics
Topic: reverse nat in packet flow diagram
Replies: 16
Views: 1327

Re: reverse nat in packet flow diagram

Hmmmmmmmmmm Not so fast amigos! The rule in place is a source nat rule......... Why are you suddenly evoking a destination nat rule for inbound traffic that is not unsolicited but in response to an outbound based source nat rule. I am in doubt as to first packet flow diagram. Does the return packet ...
by anav
Tue Feb 26, 2019 3:23 pm
Forum: Beginner Basics
Topic: Using MikroTik hAP as simple switch plus wireless AP
Replies: 37
Views: 13569

Re: Using MikroTik hAP as simple switch plus wireless AP

I indeed feel your pain. What i did was connect my PC to the router first by setting up my ipv4 static on the pc 192.168.88.2 etc............ just to access the device, Then go to quick setup and change the mode to AP wisp. Then change the IP address to static one that will work on your network. Go ...
by anav
Tue Feb 26, 2019 3:19 pm
Forum: General
Topic: RB750 hexlite configuration
Replies: 3
Views: 502

Re: RB750 hexlite configuration

"The Point-to-Point Tunneling Protocol (PPTP) is an obsolete method for implementing virtual private networks." Cannot recommend any solution for this due to the above. Does the direction have a fixed WANIP address, in other words you could setup port forwarding and limit access to his/her WANIP and...
by anav
Tue Feb 26, 2019 3:16 pm
Forum: General
Topic: Firewall not matching bridge traffic in interface list
Replies: 5
Views: 717

Re: Firewall not matching bridge traffic in interface list

Post config please
/export hide-sensitive file=yourconfigfeb26
by anav
Tue Feb 26, 2019 2:47 pm
Forum: General
Topic: Unauthorized access to MikroTiK
Replies: 20
Views: 2808

Re: Unauthorized access to MikroTiK

What do you mean by updated................. if one simply updated to the lastest firmware via a standard update then the router is still most likely in a hacked state. As per clear instruction one should use netinstall for a completely clean restart (and not use any backup files either that may be ...
by anav
Tue Feb 26, 2019 2:45 pm
Forum: Beginner Basics
Topic: LANs without Internet
Replies: 1
Views: 393

Re: LANs without Internet

Please post config otherwise impossible to tell.
/export hide-sensitive file=yourconfigfeb26
by anav
Tue Feb 26, 2019 12:25 pm
Forum: Beginner Basics
Topic: LAN without internet
Replies: 7
Views: 733

Re: LAN without internet

please post config (not half snapshots)
/export hide-sensitive file=yourconfigfeb26
by anav
Tue Feb 26, 2019 12:20 pm
Forum: Announcements
Topic: v6.44 [stable] is released!
Replies: 219
Views: 37291

Re: v6.44 [stable] is released!

and I thought MT code was close to perfect already. ;-)
Seriously, congrats to the team, this kind of effort is massive, I hope Normis gives them a few hours off!!
by anav
Mon Feb 25, 2019 6:57 pm
Forum: General
Topic: Dynamic wan to local address solutions ?
Replies: 2
Views: 481

Re: Dynamic wan to local address solutions ?

Two items help us help you.
1. Diagram of network
2. config
/export hide-sensitive file=yourconfigfeb25
by anav
Mon Feb 25, 2019 6:56 pm
Forum: General
Topic: How to best connect multiple switches? [SOLVED]
Replies: 7
Views: 1051

Re: How to best connect multiple switches? [SOLVED]

Without knowing purpose of network or architecture its hard to say.
If you have enough ports separation by port adds more flexibility.
by anav
Mon Feb 25, 2019 6:15 pm
Forum: Wireless Networking
Topic: WLan60 P2P RouterOS v6.44rc4 (testing)
Replies: 1
Views: 431

Re: WLan60 P2P RouterOS v6.44rc4 (testing)

Im confused by your setup.
Im assuming you mean you bought a pair of wirless wire dishes that use the LHG60, prepaired on a secure link?
If so why are you configuring anything?
They act as a very long ethernet cable and should be transparent in your setup.
by anav
Mon Feb 25, 2019 6:12 pm
Forum: General
Topic: SOLVED Printer for 2 subnets
Replies: 6
Views: 698

Re: Printer for 2 subnets

Is the internal router the RB2011 acting as a router? I will assume yes.......... So the rule I noted is to allow the traffic to be destination nated to the printer. You will need a firewall rule allowing dst nat packets in general You will need in the primary router to forward the necessary ports f...
by anav
Mon Feb 25, 2019 6:06 pm
Forum: Wireless Networking
Topic: 60Ghz Wireless Wire Dish kits?
Replies: 2
Views: 656

Re: 60Ghz Wireless Wire Dish kits?

The Wireless wire units (not dish) seem to be quite good at 200m or less. I have not seen too much feedback discussing 200+ meters. These particular units (non-dish) can be thought of as extended ethernet cable. LIttle to no configuration just plug them in and aim and instant ethernet connection. Th...
by anav
Mon Feb 25, 2019 4:08 pm
Forum: Wireless Networking
Topic: Huge Problem - Urgent - WiFi Performance Problem
Replies: 5
Views: 770

Re: Huge Problem - Urgent - WiFi Performance Problem

More than likely human error but do post your config.......
/export hide-sensitive file=yourconfigfeb25
by anav
Mon Feb 25, 2019 4:06 pm
Forum: General
Topic: SOLVED Printer for 2 subnets
Replies: 6
Views: 698

Re: Printer for 2 subnets

So let me get this straight You have one wan ISP. You have two LANs (presumably not on the same bridge). One lan is for wifi and one lan is for wired home. On your lan you have remote access (from external wan) to one device the printer. You wish to have the wifi lan be able to access the printer to...
by anav
Mon Feb 25, 2019 3:01 pm
Forum: Wireless Networking
Topic: CapAC IP in WINBOX 0.0.0.0 WHY??
Replies: 0
Views: 438

CapAC IP in WINBOX 0.0.0.0 WHY??

When I try to get to my capacs via winbox instead of their LANIP showing up I am seeing 0.0.0.0 Of course the units are not accessible (cannot connect) via LANIP or mac address. Very weird. The capacs are on the same lan subnet as my PC. The only issue I can see is that the capacs were assigned pvid...
by anav
Mon Feb 25, 2019 2:57 pm
Forum: Wireless Networking
Topic: Huge Problem - Urgent - WiFi Performance Problem
Replies: 5
Views: 770

Re: Huge Problem - Urgent - WiFi Performance Problem

Giving birth must be a National Emergency. ;-)
by anav
Mon Feb 25, 2019 2:52 pm
Forum: Beginner Basics
Topic: LAN without internet
Replies: 7
Views: 733

Re: LAN without internet

post your config
/export hide-sensitive file=yourconfigfeb25
by anav
Sun Feb 24, 2019 11:53 pm
Forum: General
Topic: Access through 2nd ISP for port [SOLVED]
Replies: 7
Views: 827

Re: Access through 2nd ISP for port [SOLVED]

Sebastia, thats like asking I would like to colour the water green and you suppy red die! ;-P He asked for a physical port and you responded with a source address range. Why wouldnt the following work?? /ip route add distance=40 gateway=172.145.34.2 routing-mark=fakeruletest /ip route rule add inter...
by anav
Sun Feb 24, 2019 8:16 pm
Forum: Wireless Networking
Topic: How to Configure (settings) Multiple Wireless Wire bridges (two wAP60G)s on Same Network
Replies: 15
Views: 1375

Re: How to Configure (settings) Multiple Wireless Wire bridges (two wAP60G)s on Same Network

Funny so there is no way to name them like MasterPairA, SlavePairA, MasterPairB etc...................... They are pre-paired and act like an ethernet cable (plugNplay) from the user perspective (transparent). You do raise some good points, on how to upgrade and how to aim etc....... Is there not an...
by anav
Sun Feb 24, 2019 8:14 pm
Forum: Wireless Networking
Topic: Power Source for Temp Remote Location
Replies: 17
Views: 1116

Re: Power Source for Temp Remote Location

Sure thing, if I get there, lots of research to do first before forging ahead.
If I had 3-12v batteries in series I could attach both the DC switch and an AC converter for the laptop.
The laptop has its own battery which should be able to run for some time before needing the backup juice.
by anav
Sun Feb 24, 2019 8:08 pm
Forum: General
Topic: Opening port 9090 [SOLVED]
Replies: 5
Views: 517

Re: Opening port 9090 [SOLVED]

Hi there steve. The port if forwarded should show up as closed that is normal If you refine and limit access to your server via the nat rule by using a source address list, there is the added benefit that the port it invisible to scanning. With the two rules I noted, my forwarded ports, without an a...
by anav
Sun Feb 24, 2019 6:06 pm
Forum: Wireless Networking
Topic: Power Source for Temp Remote Location
Replies: 17
Views: 1116

Re: Power Source for Temp Remote Location

If you need an 'official solution' go with Netonix DC switch. Will increase your power budget though. https://www.netonix.com/wisp-switch/ws-8-150-dc.html Hi villageworker, does that mean I can ignore the need for a male plug adapter altogether and simply plug an ethernet cable from the dc switch i...
by anav
Sun Feb 24, 2019 5:58 pm
Forum: General
Topic: Opening port 9090 [SOLVED]
Replies: 5
Views: 517

Re: Opening port 9090 [SOLVED]

A diagram would be helpful as well in terms of ISP to ROUTER to electrical device and IP and vlan nomenclature the connected parts would use.
by anav
Sun Feb 24, 2019 5:57 pm
Forum: General
Topic: Opening port 9090 [SOLVED]
Replies: 5
Views: 517

Re: Opening port 9090 [SOLVED]

To be clear, equipment going out on port 9090 needs no special rules. However you may possibly have wanted to communicate that unsolicited WAN incoming with destination for that equipment over port 9090 - which makes more sense. So lets take a look at the two requirements, NAT rules and associated F...
by anav
Sun Feb 24, 2019 5:40 pm
Forum: Beginner Basics
Topic: how to make a geust network for dutch KPN config
Replies: 3
Views: 427

Re: how to make a geust network for dutch KPN config

FIRST piece of advice USE THE SAFE MODE!!! :-) SECOND is to SIMPLIFY! 1. Create one bridge 2. Create VLANS with all interfaces for vlans=singlebridge 3. With respect to dhcp a. create ip addresses for all vlans and homeland (interface is the bridge) b. create ip pools for all vlans and homeland c. c...
by anav
Sun Feb 24, 2019 5:30 pm
Forum: Beginner Basics
Topic: Using MikroTik hAP as simple switch plus wireless AP
Replies: 37
Views: 13569

Re: Using MikroTik hAP as simple switch plus wireless AP

If you are using this as a switch ap only then no that is not the default config. There are many clues. There is no need for any Ip address dhcp servers etc...…….. There is no need for bridge filter rules etc...……. It does not look like a default router mode let alone AP switch mode. But the real qu...
by anav
Sun Feb 24, 2019 5:27 pm
Forum: Beginner Basics
Topic: Mikrotik VLAN setup
Replies: 18
Views: 1465

Re: Mikrotik VLAN setup

Glad you are making progress.
A good diagram always helps and posting a complete config.
Its hard to work with pieces.
by anav
Sat Feb 23, 2019 10:19 pm
Forum: Wireless Networking
Topic: Power Source for Temp Remote Location
Replies: 17
Views: 1116

Re: Power Source for Temp Remote Location

Okay sod if I have something in series, 12v+12V+12v for example then I have to take care of inverter to handle 36v??
by anav
Sat Feb 23, 2019 9:51 pm
Forum: Beginner Basics
Topic: Mikrotik VLAN setup
Replies: 18
Views: 1465

Re: Mikrotik VLAN setup

Your DNS setup is messy but will address later. two things stand out........ and I can assume that your WLAN2 is not on a vlan (home user wifi) /interface bridge port add bridge=bridge comment=defconf interface=ether2 add bridge=bridge comment=defconf interface=ether3 add bridge=bridge comment=defco...
by anav
Sat Feb 23, 2019 9:40 pm
Forum: Wireless Networking
Topic: Power Source for Temp Remote Location
Replies: 17
Views: 1116

Re: Power Source for Temp Remote Location

Much thanks Paternot! The issue is noise. If I can provide a noiseless solution that is a bit more inconvenient regarding transport etc, it may be worth it. I will just use one of these cheap babies. ;-) https://www.powertechsystems.eu/home/products/48v-lithium-ion-battery-pack/61ah-48v-lithium-ion-...
by anav
Sat Feb 23, 2019 9:36 pm
Forum: Beginner Basics
Topic: 260
Replies: 1
Views: 200

Re: 260

by anav
Sat Feb 23, 2019 9:15 pm
Forum: Beginner Basics
Topic: Using RouterOS to VLAN your network
Replies: 91
Views: 25368

Re: Using RouterOS to VLAN your network

Okay guys I have a perfect test for this. I have a spare cable to my computer room and attached this to port 21 on the dlink and configured it as a hybrid pvid1 and tagged11. Fired up my computer, NO internet access but I did get access on winbox to my capac2 also attached to a trunk port on this sw...
by anav
Sat Feb 23, 2019 7:33 pm
Forum: Wireless Networking
Topic: Power Source for Temp Remote Location
Replies: 17
Views: 1116

Re: Power Source for Temp Remote Location

If it was for me perhaps but this will be used for official uses by sports organizations. I will be using only certified equipment. In addition I will be powering a laptop and thus my first link to a converter with two ac outlets is appealing. I also came across a dual batter to two female cigarette...
by anav
Sat Feb 23, 2019 7:30 pm
Forum: General
Topic: Advanced VLAN setup HAP AC RouterOS
Replies: 9
Views: 794

Re: Advanced VLAN setup HAP AC RouterOS

Hi Per, perhaps this will work for ether4????? /bridge ports (ingress behaviour) add bridge=mybridge interface=eth4 pvid=2 admit-all-frames /bridge interface vlans (egress behaviour) add bridge=mybridge tagged=mybridge,eth2,sfp untagged=eth4 vlan-id=2 add bridge=mybridge tagged=mybridge,eth2,eth3,et...
by anav
Sat Feb 23, 2019 7:13 pm
Forum: Wireless Networking
Topic: Power Source for Temp Remote Location
Replies: 17
Views: 1116

Re: Power Source for Temp Remote Location

By $DEITY, no - much easier than this. 1) You charge the two batteries. At home, I imagine. 2) Take them to where the LHG60 will be used. 3) Connect the adapter between the PoE injector and the batteries terminals. 4) Plug the LHG on the injector. Done. Using 24V You don't have to worry about the b...
by anav
Sat Feb 23, 2019 6:56 pm
Forum: Wireless Networking
Topic: Power Source for Temp Remote Location
Replies: 17
Views: 1116

Re: Power Source for Temp Remote Location

Awesome, so a couple of batteries wired in series would work nicely. So how do you adapt the dc plug to something that works for battery terminals LOL In other words I am not aware of any POE adapters designed to attach to 12v battery terminals. Nor am I aware of any 12v/24v battery adapters that ha...
by anav
Sat Feb 23, 2019 6:18 pm
Forum: General
Topic: DHCP Server and Access port problem [SOLVED]
Replies: 4
Views: 683

Re: DHCP Server and Access port problem [SOLVED]

Your diagram is confusing. To me it looks like you are getting your ISP via wifi? It looks like the vlans are coming over the wifi link from the ISP so why would you be providing DHCP for vlans??? Lets say I ignore the ISP side of the house you only need one bridge=bridge4vlans /bridge ports (identi...
by anav
Sat Feb 23, 2019 6:05 pm
Forum: General
Topic: Hotspot - do not bypass dns router role how ?
Replies: 5
Views: 474

Re: Hotspot - do not bypass dns router role how ?

Wow, okay that is good to know. I wonder why hotspot functionality bypasses NAT rules??
by anav
Sat Feb 23, 2019 5:12 pm
Forum: Wireless Networking
Topic: Power Source for Temp Remote Location
Replies: 17
Views: 1116

Power Source for Temp Remote Location

Thinking about a temporary location where there are no outlets and running an electrical cord is impossible. Imagine a stand sitting on posts in water (get to by boat). I assumed that a quiet generator would be the only option to provide pluggable power from a standard socket feeding poe adapter and...
by anav
Sat Feb 23, 2019 5:06 pm
Forum: Wireless Networking
Topic: LHG 60G experience
Replies: 554
Views: 66321

Re: LHG 60G experience

Much thanks Blue! For the solid mount, or any of them, is there a graduated controlled click during turning in horizontal or vertical directions? (or does one loosen bolts and move free form)? Of course I am still also trying to get my head around how you get something one mile let alone 5 miles apa...
by anav
Sat Feb 23, 2019 4:56 pm
Forum: General
Topic: Hotspot - do not bypass dns router role how ?
Replies: 5
Views: 474

Re: Hotspot - do not bypass dns router role how ?

I can only show you what I do......... /ip dns set allow-remote-requests=yes servers=\ 8.8.8.8,8.8.4.4,208.67.220.220,208.67.222.222 /ip dhcp-server network add address=192.168.0.0/24 comment=HomeDHCP dns-server=192.168.0.1 gateway=\ 192.168.0.1 add address=192.168.2.0/24 comment=DMZLan_Network dns-...
by anav
Sat Feb 23, 2019 4:26 pm
Forum: Beginner Basics
Topic: Mikrotik VLAN setup
Replies: 18
Views: 1465

Re: Mikrotik VLAN setup

It is not clear what the second picture is all about.
If it was me the vlans would be placed under interface = bridge.
if you wanted those vlans running on ether2,
the place to put that is under bridge ports rule.
by anav
Sat Feb 23, 2019 4:32 am
Forum: Beginner Basics
Topic: Using RouterOS to VLAN your network
Replies: 91
Views: 25368

Re: Using RouterOS to VLAN your network

Okay I made the big switch tonight using vlan11 vice vlan1 for my homelan. Problem: No longer have access to my capacs :-( Both of them are providing connectivity to the internet so there is at least that. ;-) One note: both of them shows in neighbours in winbox but comes up with IP address 0.0.0.0 ...
by anav
Sat Feb 23, 2019 1:28 am
Forum: Wireless Networking
Topic: LHG 60G experience
Replies: 554
Views: 66321

Re: LHG 60G experience

Has anyone compared these two mounts both by Mikrotik?
https://mikrotik.com/product/solidmount
and
https://i.mt.lv/cdn/rb_files/quickMount ... 113333.pdf
The bottom model for LHG.
by anav
Sat Feb 23, 2019 12:26 am
Forum: Wireless Networking
Topic: Selection guide for PtP links Ranges?
Replies: 10
Views: 602

Re: Selection guide for PtP links Ranges?

Thats a very interesting proposal. If I had to make a guess my vertical is not as critical then as horizontal. I am guessing here wildly but the angle of difference from one possible location to another would be approx 20degrees. So I would need a fixed ptp that I could ratchet left or right,. OR pe...
by anav
Fri Feb 22, 2019 10:20 pm
Forum: Beginner Basics
Topic: How to connect from android app Mikrotik to RB2011?
Replies: 6
Views: 491

Re: How to connect from android app Mikrotik to RB2011?

I don't recommend using the app from the WAN side, for many reasons (mainly security) other than its just in beta. However if you can open a VPN to home and then use the APP as though you were on the LAN, that may be a different story) Am I hearing an echo here? ;) Sent from my cell phone. Sorry fo...
by anav
Fri Feb 22, 2019 9:49 pm
Forum: Wireless Networking
Topic: Selection guide for PtP links Ranges?
Replies: 10
Views: 602

Re: Selection guide for PtP links Ranges?

Hi 2 frogs, yes that was my starting point but often charts dont express real world experiences ;-) In addition I am willing to mix and match devices to get results meaning, its more important to get a setup where the temporary antenna is easy to align with the fixed site. I should add the distance ...
by anav
Fri Feb 22, 2019 9:41 pm
Forum: Wireless Networking
Topic: Point 2 Point -2000M Boat Races
Replies: 11
Views: 1103

Re: Point 2 Point -2000M Boat Races

In any case the distance is now down to 1000m, from 2000m.
So the 60Hz should work fine, but I am still offput by the difficulty in people managing to aim the bloody things.
by anav
Fri Feb 22, 2019 9:33 pm
Forum: General
Topic: Security issue when Winbox exposed
Replies: 68
Views: 6225

Re: Security issue when Winbox exposed

I see where you are coming from, so I fixed it for ya................. What's new in 6.43.12 (2019-Feb-08 11:46): *) winbox - improvements in connection handling to router for morons that do not secure their winbox properly or upgrade their firmware ; :-) :-) Appropriate changelog (partially inspir...
by anav
Fri Feb 22, 2019 9:26 pm
Forum: Beginner Basics
Topic: How to connect from android app Mikrotik to RB2011?
Replies: 6
Views: 491

Re: How to connect from android app Mikrotik to RB2011?

I don't recommend using the app from the WAN side, for many reasons (mainly security) other than its just in beta.
However if you can open a VPN to home and then use the APP as though you were on the LAN, that may be a different story)
by anav
Fri Feb 22, 2019 9:24 pm
Forum: Beginner Basics
Topic: Mikrotik VLAN setup
Replies: 18
Views: 1465

Re: Mikrotik VLAN setup

bridgeport eth4 bridge interface vlan tagged=bridge,eth4 vlan-id=10 Assuming this is a separate switch Assuming its a managed switch of some unknown brand eth4 router goes to eth1 switch (trunk port to trunk port) switch eth2-5 basically just keep as default no change required. switch eth6-8 access ...
by anav
Fri Feb 22, 2019 9:18 pm
Forum: Beginner Basics
Topic: Firewall rules
Replies: 4
Views: 799

Re: Firewall rules

Do you know which rules you have that are not part of the default?
Do you know what each rule does to the packets?
I second 2 frogs point (couldnt resist the pun) that until you are comfortable with how MT config works,
there is not point copying rules from all over the place to stick in the router.
by anav
Fri Feb 22, 2019 5:20 pm
Forum: General
Topic: Security issue when Winbox exposed
Replies: 68
Views: 6225

Re: Security issue when Winbox exposed

Haha, yes, well I am still waiting for Normis to sell his red car and buy me tickets to Latvia. I have heard its beautiful country with friendly people but then again we are awash in fake news. The problem is to convince him that I have any hacking skills worth utilizing. At best I can test physical...
by anav
Fri Feb 22, 2019 5:17 pm
Forum: General
Topic: mark connection with "content"
Replies: 5
Views: 413

Re: mark connection with "content"

Search threads for blocking ssh or login attempts. A chap wrote a script that he/she uses to detect something similar to what you are asking in terms of detecting strings or something. I wish I knew how ti interpret the script because it has promise for many types of applications. Found it..... chec...
by anav
Fri Feb 22, 2019 5:14 pm
Forum: General
Topic: Security issue when Winbox exposed
Replies: 68
Views: 6225

Re: Security issue when Winbox exposed

If I was a coder at MT, I would be royally pissed, imagine if someone reaches down your pants and plays with your personal work! ;-) I mean, they must be impressed how someone deflowers their work and finds ways to twist it for evil purposes. I hope the programmers are inspired to include cyber defe...
by anav
Fri Feb 22, 2019 3:24 pm
Forum: Wireless Networking
Topic: Selection guide for PtP links Ranges?
Replies: 10
Views: 602

Re: Selection guide for PtP links Ranges?

You really didn't answer a single question or provide any information I didn't already know. Your post was nothing more than spam. I will move onto another vendor for wifi links over distance. You need to be more specific to get an specific answer! - needed speed of the link I am connecting a lapto...
by anav
Fri Feb 22, 2019 6:13 am
Forum: Wireless Networking
Topic: Selection guide for PtP links Ranges?
Replies: 10
Views: 602

Re: Selection guide for PtP links Ranges?

You really didn't answer a single question or provide any information I didn't already know.
Your post was nothing more than spam. I will move onto another vendor for wifi links over distance.
by anav
Fri Feb 22, 2019 12:39 am
Forum: Wireless Networking
Topic: Selection guide for PtP links Ranges?
Replies: 10
Views: 602

Re: Selection guide for PtP links Ranges?

I was hoping for some practical advice. :-(
by anav
Fri Feb 22, 2019 12:38 am
Forum: General
Topic: Three vlans at home on MT hap ac2 - best practice?
Replies: 20
Views: 1132

Re: Three vlans at home on MT hap ac2 - best practice?

Yes of course, that is standard wifi config, no need to ask that in an MT forum LOL. Each WLAN has its own SSID so in your case I would imagine 4 ssids SSID names for example guestwifi smartdevices homewifi-2 homewifi-5 If you want to make people guess then you could make them the same SSID and logi...
by anav
Fri Feb 22, 2019 12:31 am
Forum: General
Topic: Security issue when Winbox exposed
Replies: 68
Views: 6225

Re: Security issue when Winbox exposed

I see where you are coming from, so I fixed it for ya................. What's new in 6.43.12 (2019-Feb-08 11:46): *) winbox - improvements in connection handling to router for morons that do not secure their winbox properly or upgrade their firmware; :-) :-) Appropriate changelog (partially inspired...
by anav
Thu Feb 21, 2019 11:05 pm
Forum: Beginner Basics
Topic: Firewall Rule for Remote Connection (ts)
Replies: 4
Views: 410

Re: Firewall Rule for Remote Connection (ts)

Are you able to know what wanips are going to require access to your servers?
other than that I am not sure how the router will know anything about password attempts?
Perhaps if there is no established connection after x amount of time, then something can be done.
its an interesting question.
by anav
Thu Feb 21, 2019 9:43 pm
Forum: General
Topic: Security issue when Winbox exposed
Replies: 68
Views: 6225

Re: Security issue when Winbox exposed

MKX, damn that sounds plausible! Since all the other security issues have been on the street for months some years and the corrective actions such as closing down crappy configs, using netinstall to upload the latest firmware should be in the forefront of any reader................. The issue should...
by anav
Thu Feb 21, 2019 9:35 pm
Forum: General
Topic: Three vlans at home on MT hap ac2 - best practice?
Replies: 20
Views: 1132

Re: Three vlans at home on MT hap ac2 - best practice?

Kewl that makes a lot of sense.............. On the radio side, suggest something like. Use one WLAN 5ghz for home users Create virtual WLAN 5ghz for guests (vlan-id=xx) Use one WLAN 2ghz for home user Create virtual WLAN 2ghz for smart devices (vlan-id=yy) On the bridge port settings for the WLAN. ...
by anav
Thu Feb 21, 2019 9:26 pm
Forum: Beginner Basics
Topic: L2TP/IPsec connection without sharing internet [SOLVED]
Replies: 5
Views: 502

Re: L2TP/IPsec connection without sharing internet [SOLVED]

Well you know there are many dead bodies littering the slopes of MT Everest, so I think you may be onto something! ;-)
by anav
Thu Feb 21, 2019 9:24 pm
Forum: Wireless Networking
Topic: Selection guide for PtP links Ranges?
Replies: 10
Views: 602

Selection guide for PtP links Ranges?

Basic question, are the max ranges shown useful in determining feasibility for a ptp link between like devices? For example, the SXTLite5 ac shows max range of 1.5km for AC and 4km for BGN as max ranges. Can I assume that I will get rock solid connection up to those distance with like units in a poi...
by anav
Thu Feb 21, 2019 8:41 pm
Forum: Wireless Networking
Topic: cAP ac: center button
Replies: 1
Views: 593

Re: cAP ac:

Perusing the downloads is fairly easy to master. Two important points gleaned...... (1) Reset button (the pinhole one) The reset button has three functions: • Hold this button during boot time until LED light starts flashing, release the button to reset RouterOS configuration (total 5 seconds). • Ke...
by anav
Thu Feb 21, 2019 8:32 pm
Forum: General
Topic: Security issue when Winbox exposed
Replies: 68
Views: 6225

Re: Security issue when Winbox exposed

Wow Sebastia, are you going to lose sleep over it. Has it changed your life drastically, need some depression medication......................... All kidding aside, as I said, there is no security issue per se, but the transparency and communication piece have yet to be explored and explained by MT....
by anav
Thu Feb 21, 2019 8:27 pm
Forum: Wireless Networking
Topic: Point 2 Point -2000M Boat Races
Replies: 11
Views: 1103

Re: Point 2 Point -2000M Boat Races

Thanks Sebastia, by the way I lost a whole evening reading that thread LOL. Seems like some folks have aluminum skulls ;-P Avacha, when you make inaccurate claims (see sebastias comment and link +4K) it detracts from the validity of your post, however I am very much interested in the valuable hopefu...
by anav
Thu Feb 21, 2019 8:15 pm
Forum: General
Topic: Security issue when Winbox exposed
Replies: 68
Views: 6225

Re: Security issue when Winbox exposed

Geez, I didn't know this forum was a nursery, I have never heard such whining. If you proper follow security protocols these are not issues that a serious IT admin is going to lose his bowels over. I do agree that its best to be transparent and I will await response and some facts from MT before pas...
by anav
Thu Feb 21, 2019 8:08 pm
Forum: General
Topic: Three vlans at home on MT hap ac2 - best practice?
Replies: 20
Views: 1132

Re: Three vlans at home on MT hap ac2 - best practice?

Hi G, That's what I have right now but soon will be migrating off using pvid=1 being tied to my homelan and the bridge. My homelan will be on vlan11, pvid=1 remains on bridge and on devices as default setting but not what I use to define and move around any of my traffic. However my radio and router...
by anav
Thu Feb 21, 2019 6:48 pm
Forum: Beginner Basics
Topic: Two modems, one router - "assigning" devices to modems
Replies: 6
Views: 327

Re: Two modems, one router - "assigning" devices to modems

hm, once I create another LAN, it will look the same indeed. The Mikrotik is located downstairs. There's a single cat6 cable going upstairs, which is connected to a switch on one end, and to Mikrotik on the other. Yes, there's a bunch of other devices connected (namely: two PCs at most and an acces...
by anav
Thu Feb 21, 2019 6:37 pm
Forum: General
Topic: Unauthorized access to MikroTiK
Replies: 20
Views: 2808

Re: Unauthorized access to MikroTiK

Hmmm they have an Announcements Section! Is this not clear - URGENT security reminder And by the way, just to be clear no matter what Forum Entry point you use, its always visible. A Blog space! https://blog.mikrotik.com/security/new-exploit-for-mikrotik-router-winbox-vulnerability.html and whatever...
by anav
Thu Feb 21, 2019 6:25 pm
Forum: Beginner Basics
Topic: L2TP/IPsec connection without sharing internet [SOLVED]
Replies: 5
Views: 502

Re: L2TP/IPsec connection without sharing internet [SOLVED]

Stevo, that seems to be a typical scenario. 1. VPN to a server external to the router (as the chap indicated, but he want to ensure not all traffic going out the router uses this l2tp connection. 2. VPN to a server internal to the router (from coffee shop to home to use home internet outbound and th...
by anav
Thu Feb 21, 2019 6:23 pm
Forum: Beginner Basics
Topic: Two modems, one router - "assigning" devices to modems
Replies: 6
Views: 327

Re: Two modems, one router - "assigning" devices to modems

Thank you. These are focussed on load balancing, however I get the impression you simply want to route LAN traffic from one set of users to one ISP and another set of users to the other ISP. That's correct. I'm not looking for load balancing at all. I've skimmed through the thread you linked me, th...
by anav
Thu Feb 21, 2019 6:16 pm
Forum: General
Topic: Unauthorized access to MikroTiK
Replies: 20
Views: 2808

Re: Unauthorized access to MikroTiK

Thanks for that reality check mozerd!
by anav
Thu Feb 21, 2019 6:09 pm
Forum: General
Topic: Problem on 6.37.5 version
Replies: 5
Views: 779

Re: Problem on 6.37.5 version

Please post config
/export hide-sensitive file=yourconfig

not even clear what the topology is or what device you are talking about.
also why are you so far behind in firmware updates?
by anav
Thu Feb 21, 2019 5:59 pm
Forum: General
Topic: Three vlans at home on MT hap ac2 - best practice?
Replies: 20
Views: 1132

Re: Three vlans at home on MT hap ac2 - best practice?

There is no such thing as guest wifi. Wifi is wifi. It depends on which MT mode you are using ie 2 chains (2 wifi) or 3 chains (3 wlans available). In my case I use capacs with two chains. So i configured one chain for 2.4 another chain for 5ghz If you want more wlans you can create virtual wlans. S...
by anav
Thu Feb 21, 2019 5:37 pm
Forum: General
Topic: Security issue when Winbox exposed
Replies: 68
Views: 6225

Re: Security issue when Winbox exposed

I think you missed the red herring and flaw in the whole article.......... "One important thing about this setup is that I opened port 8291 in the router’s firewall to allow Winbox access from the WAN . By default, Winbox is only available on the MikroTik hAP via the LAN. Don’t worry, I’m just simul...
by anav
Thu Feb 21, 2019 5:22 pm
Forum: Beginner Basics
Topic: Two modems, one router - "assigning" devices to modems
Replies: 6
Views: 327

Re: Two modems, one router - "assigning" devices to modems

Yes, I believe most if not all MT RBs can handle multiple WANs. I have two different RBs and both handle my fiber and cable ISPs with no problem. My setup is different in that I use the fiber as primary and cable as backup and cable for email. If you want to load balance or use one specifically ther...
by anav
Thu Feb 21, 2019 5:19 pm
Forum: Beginner Basics
Topic: MTK + TPLink
Replies: 1
Views: 177

Re: MTK + TPLink

Well without seeing your configs its difficult to make any factual comments. However, I do not support using the TPLINK as a router and would use it solely as an access point and let the RB do all the grunt work. Of course you cannot ping devices behind tplink as router, thats normal. In addition it...
by anav
Thu Feb 21, 2019 5:06 pm
Forum: Beginner Basics
Topic: Backup for the mikrotik [SOLVED]
Replies: 5
Views: 506

Re: Backup for the mikrotik [SOLVED]

I havent been very lucky at transferring whole backups between routers of the same ilk or different ilk. I tend to copy configs over parts at a time. Once I am done I put both copies into notepad plus plus and use their add on tool to do a file to file comparison. The comparison highlights every sli...
  • 1
  • 3
  • 4
  • 5
  • 6
  • 7
  • 11