Community discussions

Search found 249 matches

by karlisi
Thu Dec 22, 2016 8:17 am
Forum: Beginner Basics
Topic: Configuring TR-069 CWMP
Replies: 1
Views: 984

Re: Configuring TR-069 CWMP

It's added in 6.38rc24 (2016-Nov-03 13:01):
!) tr069-client - initial implementation (as separate package);
by karlisi
Tue Dec 13, 2016 8:50 am
Forum: General
Topic: Help. both LAN and WLAN must have internet connection.
Replies: 4
Views: 500

Re: Help. both LAN and WLAN must have internet connection.

Your interface WAN2 have no IP address assigned.
by karlisi
Tue Nov 22, 2016 9:31 am
Forum: Beginner Basics
Topic: help
Replies: 1
Views: 303

Re: help

At first read tthe documentation http://wiki.mikrotik.com/wiki/Manual:RouterOS_FAQ I have a rb951g-2hnd router, I want to have two wan, does it work? Yes I want to use it as an antivirus, does it work? No I want to back up the network, does it work? ??? Please explain what You mean by this I want to...
by karlisi
Mon Nov 21, 2016 4:45 pm
Forum: Beginner Basics
Topic: How To Stop Attack to Server And Control User internet Usage
Replies: 8
Views: 2959

Re: How To Stop Attack to Server And Control User internet Usage

Make sure in server network settings there are only internal DNS server IP addresses. AD DC should not know about any external DNS servers. To access Internet resources there should be forwarders configured on DNS server.
by karlisi
Wed Nov 09, 2016 2:36 pm
Forum: Beginner Basics
Topic: Multi WAN on same Gateway
Replies: 3
Views: 623

Re: Multi WAN on same Gateway

Plese post Your configuration export /ip firewall nat
by karlisi
Wed Nov 09, 2016 11:16 am
Forum: Beginner Basics
Topic: Multi WAN on same Gateway
Replies: 3
Views: 623

Re: Multi WAN on same Gateway

Try this add action=src-nat chain=srcnat out-interface=WAN1 src-address=192.168.1.0/24 \ to-addresses=10.0.0.1 add action=src-nat chain=srcnat out-interface=WAN2 src-address=192.168.2.0/24 \ to-addresses=10.0.0.2 add action=src-nat chain=srcnat out-interface=WAN3 src-address=192.168.3.0/24 \ to-addr...
by karlisi
Wed Nov 09, 2016 10:59 am
Forum: Beginner Basics
Topic: CAPsMAN begginer
Replies: 2
Views: 508

Re: CAPsMAN begginer

In CAPsMAN leave channel not configured, APs will choose channels automatically.
by karlisi
Wed Nov 02, 2016 9:33 am
Forum: Announcements
Topic: v6.36.4 [bugfix] is released!
Replies: 51
Views: 15001

Re: v6.36.4 [bugfix] is released!

Thanks for the link, it is really useful. But as I said before: I don't care about many changes let's say in 6.35.4 which are fixing 6.35.3 bugs, I just need to see summary of changes from 6.34.6 to 6.36.4.
Agree to this. Consolidated changelog for bugfix versions would be very useful.
by karlisi
Fri Oct 28, 2016 9:27 am
Forum: Announcements
Topic: v6.36.4 [bugfix] is released!
Replies: 51
Views: 15001

Re: v6.36.4 [bugfix] is released!

The same. On some devices upgrade to newest bugfix is available, on some not, regardless of currently installed version or processor type.
by karlisi
Wed Oct 26, 2016 2:11 pm
Forum: Virtualization
Topic: CHR on bare metal
Replies: 13
Views: 2450

Re: CHR on bare metal

A single licensing scheme would be nice. Something to the effect of this: You purchase X number of licenses, which are tracked through a support portal. When you install an instance of ROS (virtual or bare metal), you input a key obtained from the support portal that is linked to your account. The ...
by karlisi
Tue Oct 18, 2016 10:57 am
Forum: Wireless Networking
Topic: mikrotik access point / controlling on the time of wireless authentication
Replies: 20
Views: 3318

Re: post to the support of the mikrotik

Try this
/interface wireless access-list
add interface=wlan1 mac-address=00:23:4D:76:8F:F5
add interface=wlan1 mac-address=00:23:4D:76:8F:F5 time=8h-20h,sun,mon,tue,wed,thu,fri,sat \
    vlan-mode=no-tag
by karlisi
Mon Oct 03, 2016 9:49 am
Forum: Wireless Networking
Topic: Capsman Host cannot see host
Replies: 1
Views: 406

Re: Capsman Host cannot see host

Enable client to client forwarding in Capsman datapath.
by karlisi
Wed Sep 28, 2016 4:55 pm
Forum: Forwarding Protocols
Topic: Mikrotik SMTP Traffic block except mail server
Replies: 3
Views: 1129

Re: Mikrotik SMTP Traffic block except mail server

It should work. Post Your firewall rules here.
by karlisi
Wed Sep 28, 2016 2:46 pm
Forum: Forwarding Protocols
Topic: Mikrotik SMTP Traffic block except mail server
Replies: 3
Views: 1129

Re: Mikrotik SMTP Traffic block except mail server

chain=forward protocol=tcp src-address=172.16.5.5 dst-port=25 action=accept
chain=forward protocol=tcp src-address=172.16.5.0/24 dst-port=25 action=drop
by karlisi
Thu Sep 22, 2016 9:54 am
Forum: Beginner Basics
Topic: Upgrade Firmware for Mikrotik Router
Replies: 2
Views: 620

Re: Upgrade Firmware for Mikrotik Router

AFAIK no impact on configuration. All my CCR1009 running 2.37 firmware without problems.
by karlisi
Mon Sep 19, 2016 10:01 am
Forum: Beginner Basics
Topic: help needed IP phone VLAN
Replies: 13
Views: 1578

Re: help needed IP phone VLAN

Have You srcnatted bridgetel? It is separate interface, check firewall rules for it. In general they should be the same as for bridge-local.
by karlisi
Mon Sep 12, 2016 9:37 am
Forum: Virtualization
Topic: CHR feature requests
Replies: 55
Views: 9653

Re: CHR feature requests

Support for Citrix XenServer.
by karlisi
Mon Sep 05, 2016 9:23 am
Forum: Wireless Networking
Topic: Upgrading APs in CAPsMAN configuration
Replies: 1
Views: 990

Re: Upgrading APs in CAPsMAN configuration

If You can connect via Winbox, upgrade using it (download from Mikrotik site to workstation, copy/paste to Winbox -> Files, then reboot router).
by karlisi
Thu Jul 28, 2016 9:34 am
Forum: General
Topic: Mikrotik rb1100 only giving internet to 5 devices.
Replies: 4
Views: 634

Re: Mikrotik rb1100 only giving internet to 5 devices.

Are You sure all these addresses from dhcp pool are Yours? They are public addresses and typically not used for internal LANs. From configuration I guess Your public addressses are 12.175.41.48/29 which means 6 IP addresses in total, one for gateway and 5 addresses left for computers.
by karlisi
Mon Jul 25, 2016 11:59 am
Forum: Beginner Basics
Topic: Mikrotik Router dhcp-client on wan (ether1) interface
Replies: 1
Views: 3554

Re: Mikrotik Router dhcp-client on wan (ether1) interface

I think dhcp-client section should look like this
/ip dhcp-client
add add-default-route=yes default-route-distance=0 dhcp-options=hostname,clientid interface=eth1
Now You have eth9 defined as dhcp client interface
by karlisi
Fri Jul 22, 2016 9:29 am
Forum: Beginner Basics
Topic: error : dhcp offering lease without success ?
Replies: 7
Views: 3219

Re: error : dhcp offering lease without success ?

I have not any static DHCP entries.
by karlisi
Thu Jul 21, 2016 12:43 pm
Forum: Beginner Basics
Topic: error : dhcp offering lease without success ?
Replies: 7
Views: 3219

Re: error : dhcp offering lease without success ?

No, different hardware, Windows laptops, Samsung smartphones with different Android versions.
by karlisi
Thu Jul 21, 2016 10:09 am
Forum: Beginner Basics
Topic: error : dhcp offering lease without success ?
Replies: 7
Views: 3219

Re: error : dhcp offering lease without success ?

I've seen this error appearing on my networks and after some investigation concluded it's something on client side.One day this error appears on one client regardless of site. Next day this client is OK.It never appears if client is connected by wire, only if wirelessly.
by karlisi
Thu Jul 21, 2016 10:00 am
Forum: General
Topic: Help setting up Capsman
Replies: 7
Views: 1170

Re: Help setting up Capsman

/caps-man channel
add band=2ghz-onlyn extension-channel=Ce frequency=2412 name=channel1 tx-power=30 width=20
add band=5ghz-a/n/ac extension-channel=Ceee frequency=5210 name=channel42 tx-power=10 width=20
Remove frequency from channel settings, it will let CAPs themselves choose the best channel.
by karlisi
Thu Jul 21, 2016 9:49 am
Forum: General
Topic: Capsman install help?
Replies: 4
Views: 589

Re: Capsman install help?

Use cm2, fp will be discontinued.
by karlisi
Mon Jul 18, 2016 4:44 pm
Forum: Beginner Basics
Topic: No internet access after configuring DHCP and a few other questions
Replies: 7
Views: 872

Re: No internet access after configuring DHCP and a few other questions

Add this before other forward chain rules
/ip firewall filter
add chain=forward connection-state=established,related
by karlisi
Thu Jul 07, 2016 8:31 am
Forum: General
Topic: CAPSMan v2 - monitoring channels
Replies: 2
Views: 1042

Re: CAPSMan v2 - monitoring channels

Winbox -> Capsman -> Interfaces, column Current Channel
by karlisi
Wed Jun 08, 2016 1:01 pm
Forum: General
Topic: IPv4 Addresses Change Interfaces
Replies: 6
Views: 817

Re: IPv4 Addresses Change Interfaces

Perhaps interfaces ether2 to ether4 are in bridge-local?
by karlisi
Mon May 30, 2016 3:28 pm
Forum: General
Topic: PPTP
Replies: 2
Views: 354

Re: PPTP

You should disable 'Use default gateway on remote network' option in VPN settings on client computer.
How to
by karlisi
Thu May 12, 2016 10:00 am
Forum: Beginner Basics
Topic: Beginner Basics
Replies: 4
Views: 774

Re: Beginner Basics

by karlisi
Fri Mar 11, 2016 9:30 am
Forum: General
Topic: how to remote controlled router mikrotik behind another router
Replies: 26
Views: 4002

Re: how to remote controlled router mikrotik behind another router

If You don't need access from outside to routerA, problem is solved.
RouterA will be inaccessible because connections from Internet to any port on routerA will be redirected to routerB. The idea of my slution was to give access to routerB keeping access to routerA.
by karlisi
Thu Mar 10, 2016 12:50 pm
Forum: General
Topic: how to remote controlled router mikrotik behind another router
Replies: 26
Views: 4002

Re: how to remote controlled router mikrotik behind another router

So i won't be able to connect to routerB from other network outside of routerA ???
I don't mean physically accessible. If You can connect to router A from outside, also router B will be accessible.
by karlisi
Thu Mar 10, 2016 10:46 am
Forum: General
Topic: how to remote controlled router mikrotik behind another router
Replies: 26
Views: 4002

Re: how to remote controlled router mikrotik behind another router

Thanks for your replied. If i config like that i will be able to connect to routerB wherever i go right ? what about DNS name in ip cloud ? Can i use it ? i couldn't not test it right now :( I think yes, DNS name should work, if resolved correctly. And yes, You will be able connect to router B from...
by karlisi
Wed Mar 09, 2016 2:43 pm
Forum: General
Topic: how to remote controlled router mikrotik behind another router
Replies: 26
Views: 4002

Re: how to remote controlled router mikrotik behind another router

At first You should give router B, interface ether1 fixed IP address, i.e. 172.16.10.2, else it will not work, except You made reservation in router A DHCP server for router B (very probably, not). Second, if You want to connect to it with Winbox, here is dst-nat rule for router A /ip firewall nat a...
by karlisi
Thu Feb 25, 2016 10:40 am
Forum: General
Topic: wiki firewall update
Replies: 2
Views: 805

Re: wiki firewall update

i got some firewall filters that i add from the wiki: http://wiki.mikrotik.com/wiki/Securing_your_router i got a error in the line icmp: "/ip firewall filter> add chain=input protocol=icmp limit=50/5s,2 comment="Allow limited pings" expected : (line 1 column 44)" Have You copy/paste the script from...
by karlisi
Thu Feb 18, 2016 8:51 am
Forum: Beginner Basics
Topic: TikTool for MikroTik
Replies: 10
Views: 1742

Re: TikTool for MikroTik

Sorry for misinterpretation.
by karlisi
Wed Feb 17, 2016 8:42 am
Forum: Beginner Basics
Topic: TikTool for MikroTik
Replies: 10
Views: 1742

Re: TikTool for MikroTik

:-)
I dont understand because its declared by Kiawe that TikTool alows to manage/admin MikroTik routers...isnt it?
I can declare my SuperManagementTool works with Microsoft Server, does it mean it is supported by Microsoft?
by karlisi
Mon Feb 15, 2016 9:27 am
Forum: Beginner Basics
Topic: TikTool for MikroTik
Replies: 10
Views: 1742

Re: TikTool for MikroTik

TikTool - Mobile Winbox
By Kiawe Tech, LLC


As said already, not developed or supported by MikroTik.
by karlisi
Mon Feb 15, 2016 9:20 am
Forum: Forwarding Protocols
Topic: Internet Not allow client use to pop and smtp mail server use outlook.
Replies: 1
Views: 886

Re: Internet Not allow client use to pop and smtp mail server use outlook.

Firewall rules are applied from top, your third rule drops all connections from MailAllow address list and next two rules are not in effect. To allow connections to ports 110 and 25 (SMTP port is 25, not 26) and block all other connections add action=drop chain=forward src-address-list=MailAllow sho...
by karlisi
Fri Feb 12, 2016 9:09 am
Forum: General
Topic: CAPsMAN v2 ready for testing
Replies: 201
Views: 102039

Re: CAPsMAN v2 ready for testing

You can use any bridge if You integrate CAPsMAN in existing network.
by karlisi
Tue Feb 02, 2016 12:03 pm
Forum: Beginner Basics
Topic: Problem with basic CAPsMAN configuration
Replies: 8
Views: 9072

Re: Problem with basic CAPsMAN configuration

Sorry, I have no ideas. Only difference from me I see is, You added wlan1 to bridge1 in /interface bridge and also in /capsman datapath. I have only second one.
by karlisi
Mon Feb 01, 2016 9:42 am
Forum: Beginner Basics
Topic: Problem with basic CAPsMAN configuration
Replies: 8
Views: 9072

Re: Problem with basic CAPsMAN configuration

What if You set discovery interface to Eth1? This is my working configuration for RB2011UiAS-2HnD with CAPsMAN and CAP enabled (interface LAN is a bridge containing all Ethernet ports, excluding Internet): /interface wireless cap set discovery-interfaces=LAN enabled=yes interfaces=wlan1 /caps-man ma...
by karlisi
Fri Jan 29, 2016 2:11 pm
Forum: Beginner Basics
Topic: Problem with basic CAPsMAN configuration
Replies: 8
Views: 9072

Re: Problem with basic CAPsMAN configuration

To deliver your configuration to APs you shoud make at least one provision rule, i.e.:
/caps-man provisioning
add action=create-dynamic-enabled master-configuration=Config1 name-format=identity
by karlisi
Fri Jan 08, 2016 1:37 pm
Forum: Beginner Basics
Topic: CaPsMAN wlan interface on/off with sheduler SOLVED
Replies: 4
Views: 2031

Re: CaPsMAN wlan interface on/off with sheduler

You should enable or disable provisioning rules, not configurations. If You have first rule with both wlans and second rule wih wlan1 only, then first script enables first rule and second script disables it. /caps-man provisioning enable 0 :delay 1 /caps-man radio provision numbers=[find] /caps-man ...
by karlisi
Fri Jan 08, 2016 11:07 am
Forum: Beginner Basics
Topic: CaPsMAN wlan interface on/off with sheduler SOLVED
Replies: 4
Views: 2031

Re: CaPsMAN wlan interface on/off with sheduler

In CAPsMAN configuration create 2 configurations - one for wlan1, another for wlan2.
In provisioning create 2 rules, one with both wlans, one with wlan1 only.
Create 2 scripts and corresponding schedules - one will enable the first configuration, another will disable the first configuration.
by karlisi
Fri Jan 08, 2016 10:53 am
Forum: RouterBOARD hardware
Topic: RB260GSP POE max output?
Replies: 2
Views: 1384

Re: RB260GSP POE max output?

CRS power consumption seems OK, but You should test it. The lowest supported input voltage for CRS125-24G is 8 V, it means current about 1.9 A if power consumption is 15 W.
by karlisi
Fri Nov 13, 2015 9:13 am
Forum: Beginner Basics
Topic: Traffic between builtin radio and ethernet in bridge are skipping bridge
Replies: 2
Views: 752

Re: Traffic between builtin radio and ethernet in bridge are skipping bridge

AFAIK if interfaces are in the same bridge they aren't processed by forward chain.
by karlisi
Wed Nov 11, 2015 4:01 pm
Forum: Wireless Networking
Topic: wireless-fp vs wireless-cm2
Replies: 5
Views: 3538

Re: wireless-fp vs wireless-cm2

I am using it because of CAPsMAN v2. We can't resolve traffic forwarding problem if AP and CAPsMAN controller are on the same device with CAPsMAN v1 from wireless-fp package.
by karlisi
Fri Nov 06, 2015 1:09 pm
Forum: General
Topic: no firewall rules for DHCP renewing for WAN interface + DHCP-parameter list
Replies: 7
Views: 1737

Re: no firewall rules for DHCP renewing for WAN interface + DHCP-parameter list

Blocked outgoing? Just guess, DHCP uses UDP, perhaps You forgot it? It would be easier if You will give
/ip firewall filter print
and
/ip dhcp-client print
here.
by karlisi
Thu Nov 05, 2015 9:46 am
Forum: General
Topic: no firewall rules for DHCP renewing for WAN interface + DHCP-parameter list
Replies: 7
Views: 1737

Re: no firewall rules for DHCP renewing for WAN interface + DHCP-parameter list

Hello, today I tried to block everything except Winbox port. 1) When I rebooted the RB2011 the WAN port got an IP from the DHCP server. Why is it possible for the WAN port to request an IP (discover to 255.255.255.255) when everything is blocked by firewall rules? The WAN port can enter <requesting...
by karlisi
Wed Oct 28, 2015 4:08 pm
Forum: Wireless Networking
Topic: CApsMAN problem
Replies: 13
Views: 2134

Re: CApsMAN problem

Here it is my configuration, but I don't know how to determine my capsman version. I suppose it should be the embedded version of the router firmware mipsbe v6.25 . Look in /system/packages wireless-cm2 -> CAPsMAN v.2 wireless-fp -> CAPsMAN v.1 (not recommended) Be sure router and all AP have the s...
by karlisi
Wed Oct 28, 2015 3:58 pm
Forum: General
Topic: firewall/connections - what does the first column mean
Replies: 5
Views: 5641

Re: firewall/connections - what does the first column mean

[admin@] /ip firewall connection> print
Flags: E - expected, S - seen-reply, A - assured, C - confirmed, D - dying, F - fasttrack, 
s - srcnat, d - dstnat 
by karlisi
Wed Oct 28, 2015 3:51 pm
Forum: Beginner Basics
Topic: Dual wan with load balancing
Replies: 4
Views: 1129

Re: Dual wan with load balancing

From my experience, with dynamic WAN You are out of luck. In some examples there are interface names in routes instead of gateway IP, I tried this without success.
by karlisi
Fri Oct 09, 2015 10:41 am
Forum: Beginner Basics
Topic: Question regarding firewall rules and NAT
Replies: 2
Views: 508

Re: Question regarding firewall rules and NAT

3 chain=dstnat action=dst-nat to-addresses=10.0.0.104 to-ports=25 protocol=tcp in-interface=ether5 dst-port=25 log=no log-prefix="" What if You modify NAT rule? chain=dstnat action=dst-nat to-addresses=10.0.0.104 to-ports=25 protocol=tcp in-interface=ether5 dst-port=25 log=no log-prefix="" src-addr...
by karlisi
Wed Sep 30, 2015 10:32 am
Forum: General
Topic: Different Option in CAPsMAN Provisioning
Replies: 2
Views: 540

Re: Different Option in CAPsMAN Provisioning

The first is from CAPsMAN version 1 (wireless-fp package), second fron version 2 (wireless-cm2 package).
by karlisi
Thu Sep 10, 2015 1:14 pm
Forum: Wireless Networking
Topic: CAPsMAN and 4 CAP devices
Replies: 13
Views: 2272

Re: CAPsMAN and 4 CAP devices

I don't get it. Only thing I can imagine that could be problem is that those 2 devices were configured to work before I bought another 3 (RB750 and 2 RB951). They had 6.1 version and it was CAPsMAN v2 on them installed. Then I configured new ones and just tried to reconfigure that devices and conne...
by karlisi
Thu Sep 10, 2015 1:05 pm
Forum: Wireless Networking
Topic: CAPsMAN and 4 CAP devices
Replies: 13
Views: 2272

Re: CAPsMAN and 4 CAP devices

Have You tried to create at least one provisioning rule?
http://wiki.mikrotik.com/wiki/Manual:CA ... ovisioning
by karlisi
Wed Aug 12, 2015 1:49 pm
Forum: General
Topic: how to configure seagate NAS in microtik router?
Replies: 2
Views: 494

Re: how to configure seagate NAS in microtik router?

In winbox go to DHCP Server -> Leases, find already assigned lease for your device, righ-click on it and in menu click Make Static. If IP address should be different from automatically assigned, open this lease with doubleclick and edit IP address. It must be in DHCP address range. Then restart NAS ...
by karlisi
Wed Aug 05, 2015 8:12 am
Forum: General
Topic: CAPsMAN v2 ready for testing
Replies: 201
Views: 102039

Re: CAPsMAN v2 ready for testing

We are running CAPsMAN v2 controllers on CCR1009 with no problems. Also have one on RB1100 (1 CPU), works OK. One difference, our controllers are traffic forwarders too.
by karlisi
Fri Jul 24, 2015 1:09 pm
Forum: Beginner Basics
Topic: RDP
Replies: 25
Views: 4044

Re: RDP

First place to learn about RouterOS is Mikrotik Wiki, there are many examples. About firewall here
by karlisi
Fri Jul 24, 2015 9:14 am
Forum: Beginner Basics
Topic: RDP
Replies: 25
Views: 4044

Re: RDP

Do you have the same rule in forward chain?
by karlisi
Thu Jul 23, 2015 3:34 pm
Forum: Wireless Networking
Topic: CAPSMAN prevent clients from automatically connecting
Replies: 2
Views: 405

Re: CAPSMAN prevent clients from automatically connecting

Under 'Access List' create rules for each allowed client with action=accept and one last rule with action=reject for all clients.
by karlisi
Thu Jul 23, 2015 1:44 pm
Forum: Beginner Basics
Topic: RDP
Replies: 25
Views: 4044

Re: RDP

NAT is OK. Post
/ip firewall filter print chain=input
by karlisi
Wed Jul 22, 2015 2:04 pm
Forum: General
Topic: DNS is changing to 195.3.144.115
Replies: 6
Views: 657

Re: DNS is changing to 195.3.144.115

It can be some malware, this IP address belongs to RN Data SIA (195.3.144.0/22) and it is connected with ZeroAccess Botnet.
by karlisi
Tue Jul 21, 2015 9:58 am
Forum: Beginner Basics
Topic: MikroTik_RB2011UiAS-2HnD-IN Internet Configuration + Firewall
Replies: 17
Views: 1612

Re: MikroTik_RB2011UiAS-2HnD-IN Internet Configuration + Firewall

So, back to OP. I discovered if i connect my Laptop (is connected only wired) directly with the cisco my Internet (50Mbit) runs like speedy Gonzales, but when i have also connected my Router with my Laptop loading Internet sites take for instance a few seconds more. In the house i have also 2 Intern...
by karlisi
Tue Jul 21, 2015 7:58 am
Forum: General
Topic: Creating a Single Blacklist of Multiple IP
Replies: 19
Views: 4686

Re: Creating a Single Blacklist of Multiple IP

AFAIK this is not possible, address lists are made from separate entries for each address. This form is more manageable as one entry with multiple values.
by karlisi
Mon Jul 20, 2015 10:08 am
Forum: General
Topic: Creating a Single Blacklist of Multiple IP
Replies: 19
Views: 4686

Re: Creating a Single Blacklist of Multiple IP

Your firewall rule uses address-list, there is no need for more rules. In Blacklist address list you will put all addresses to be blocked by this rule. Like this /ip firewall filter add action=drop chain=input comment="drop blacklisted addresses" \ src-address-list=Blacklist disabled=no /ip firewall...
by karlisi
Fri Jul 17, 2015 9:27 am
Forum: Beginner Basics
Topic: MikroTik_RB2011UiAS-2HnD-IN Internet Configuration + Firewall
Replies: 17
Views: 1612

Re: MikroTik_RB2011UiAS-2HnD-IN Internet Configuration + Firewall

OK, nothing wrong with bridge configuration.
I mentioned in Your first post there are no DNS servers configured. Please post /ip dns print output here.
by karlisi
Thu Jul 16, 2015 11:30 am
Forum: General
Topic: CAPsMAN v2 ready for testing
Replies: 201
Views: 102039

Re: CAPsMAN v2 ready for testing

After successfull update there will be cm2 package file in /files, AFAIK it is for compatibility purposes, you can delete it, otherwise you will receive error "package already installed" on every reboot.
by karlisi
Thu Jul 16, 2015 11:26 am
Forum: Beginner Basics
Topic: MikroTik_RB2011UiAS-2HnD-IN Internet Configuration + Firewall
Replies: 17
Views: 1612

Re: MikroTik_RB2011UiAS-2HnD-IN Internet Configuration + Firewall

Nope, they're all in the bridge, therefore they are not standalone and are in the same L2 network. It says it *right here* in the code they posted: /interface bridge port add bridge=bridge-local interface=ether2 add bridge=bridge-local interface=ether3 add bridge=bridge-local interface=ether4 add b...
by karlisi
Thu Jul 16, 2015 8:20 am
Forum: General
Topic: CAPsMAN v2 ready for testing
Replies: 201
Views: 102039

Re: CAPsMAN v2 ready for testing

where do I find cm2 package for 6.30 6.30.1?
didn't find it on the download page.
Starting from 6.30 it's included in main package.
by karlisi
Thu Jul 16, 2015 8:17 am
Forum: Beginner Basics
Topic: MikroTik_RB2011UiAS-2HnD-IN Internet Configuration + Firewall
Replies: 17
Views: 1612

Re: MikroTik_RB2011UiAS-2HnD-IN Internet Configuration + Firewall

Your bridge configuration is wrong and is causing your DHCP server to be exposed to the Internet interface where your cable modem lives. You have configured the 100Mb/s switch properly by the look of it, with ether6 as a master and ether7-10 as slaves. What I don't see is you configuring ports 2-5 ...
by karlisi
Tue Jul 14, 2015 8:42 am
Forum: Beginner Basics
Topic: Capsman controller problems
Replies: 4
Views: 684

Re: Capsman controller problems

There any way that if the controller fails, the wireless network continue working, as is the case with the driver Ubiquiti?
In my tests, if CAP loses connection to CAPsMAN, it shuts down the radio. So, You are right, CAPsMAN device availability is critical in such network.
by karlisi
Mon Jul 13, 2015 10:45 am
Forum: Beginner Basics
Topic: Capsman controller problems
Replies: 4
Views: 684

Re: Capsman controller problems

Yes, it's normal. Shutting down CAPsMAN disables wireless on CAP enabled devices which are managed by it.
by karlisi
Fri Jul 10, 2015 2:33 pm
Forum: General
Topic: Best way to move configuration to another router
Replies: 3
Views: 1154

Re: Best way to move configuration to another router

I would try to export -> edit configuration file -> import
Not easy because of different hardware and default configuration, sometimes building from scratch can be easier.
by karlisi
Fri Jul 10, 2015 8:48 am
Forum: General
Topic: [HOW] One DHCP for RB1100's two switch group
Replies: 2
Views: 375

Re: [HOW] One DHCP for RB1100's two switch group

Set DHCP for local bridge, not for port1
by karlisi
Thu Jul 09, 2015 8:25 am
Forum: Wireless Networking
Topic: Bad wireless reception with RB2011UAS-2HnD-IN
Replies: 50
Views: 20634

Re: Bad wireless reception with RB2011UAS-2HnD-IN

For me RB2011 (RouterOS version 6.27) wireless works OK, we have 6 sites with it. Have you tried 6.30rc, perhaps there are problems with 6.29? Dear thank you for your reply. I was looking in the forum for any issue with the 6.29.1 and didn't find anything. But will try 6.30rc. Could you share your ...
by karlisi
Wed Jul 08, 2015 11:24 am
Forum: Wireless Networking
Topic: Bad wireless reception with RB2011UAS-2HnD-IN
Replies: 50
Views: 20634

Re: Bad wireless reception with RB2011UAS-2HnD-IN

For me RB2011 (RouterOS version 6.27) wireless works OK, we have 6 sites with it. Have you tried 6.30rc, perhaps there are problems with 6.29?
by karlisi
Wed Jul 01, 2015 4:23 pm
Forum: Wireless Networking
Topic: Бесшовность сети при настройке CAPsMAN
Replies: 2
Views: 2395

Re: Бесшовность сети при настройке CAPsMAN

In access list add one more rule with action=reject and signal range -76..-120, put this rule as first.
by karlisi
Mon Jun 29, 2015 9:30 am
Forum: Wireless Networking
Topic: importing and exporting config files
Replies: 20
Views: 117937

Re: importing and exporting config files

All installed packages are the same? Because import goes as scripted, row by row, i would check all settings, beginning from first line. Where configuration is not changed, carefully inspect your script. For me typically there was some settings for non defined item, i.e., make new DHCP server where ...
by karlisi
Thu Jun 25, 2015 11:07 am
Forum: Wireless Networking
Topic: importing and exporting config files
Replies: 20
Views: 117937

Re: importing and exporting config files

If you want to import exported configuration, you should do it on empty device - no default configuration when doing full reset.
/system reset-configuration no-defaults=yes
You shoudn't use backup/restore to transfer configuration to another device.
by karlisi
Wed Jun 17, 2015 11:10 am
Forum: General
Topic: [Ask] NAT doesn't work
Replies: 3
Views: 889

Re: [Ask] NAT doesn't work

In mikrotik: /ip firewall nat add action=src-nat chain=srcnat src-address=192.168.1.0/24 to-addresses=\ x.x.x.2 add action=src-nat chain=srcnat src-address=192.168.2.3 to-addresses=\ x.x.x.3 add action=dst-nat chain=dstnat disabled=yes dst-address=x.x.x.3 \ dst-port=443 protocol=tcp to-addresses=19...
by karlisi
Tue Jun 16, 2015 9:07 am
Forum: RouterBOARD hardware
Topic: RB2011UiAS-2HnD-IN and USB connected APC Back UPS CS 500
Replies: 2
Views: 1078

Re: RB2011UiAS-2HnD-IN and USB connected APC Back UPS CS 500

You need SmartUPS for this.

From RouterOS manual:
"The UPS monitor feature works with APC UPS units that support “smart” signalling over serial RS232 or USB connection"

From APC BackUPS CS 500 technical specification:
"Simple Signalling RS232 cable, USB"
by karlisi
Thu May 21, 2015 1:08 pm
Forum: Wireless Networking
Topic: Capsman, no ping
Replies: 2
Views: 736

Re: Capsman, no ping

Hello, please, help. I configure capsman with 2 SSID for staff and guest. Mode Local forfarding. All it's work. Wireless clients staff dont see clients guest, but wireless clients can't see each other inside staff network.
Enable client-to-client forwarding for staff network.
by karlisi
Tue May 19, 2015 10:20 am
Forum: General
Topic: CAPsMAN v2 ready for testing
Replies: 201
Views: 102039

Re: CAPsMAN v2 ready for testing

Hi!

Where can I get package of CAPsMan v2 for 6.29 (RC20)? in all_files is not there..

Thank you.
http://www.mikrotik.com/download/share/ ... mipsbe.npk

Change "mispbe" with you router architecture.
by karlisi
Mon May 18, 2015 10:09 am
Forum: General
Topic: Winbox 3 RC
Replies: 639
Views: 123918

Re: Winbox 3 RC

1. "taskbar" for windows inside winbox. Now bigger windows cover smaller all the time. All admins I talk to are pissed of because of this.
Or at least 'Windows' menu where we can see all open sub-windows and switch between them.
by karlisi
Wed May 13, 2015 3:22 pm
Forum: Announcements
Topic: RouterOS v6.28 released
Replies: 229
Views: 62052

Re: RouterOS v6.28 released

2. now i use wireless-fp to use capsman, and i got 2 routers in configuration, and i got 2 bridges in master router i got datapath1 configurated to add all master-wifi's in first bridge_work and cap on master router did it, but no packets pass through router to, even when cap is in bridge_work, ine...
by karlisi
Wed Apr 08, 2015 9:22 am
Forum: Beginner Basics
Topic: CapsManager on CCR1009
Replies: 2
Views: 531

Re: CapsManager on CCR1009

Yes. Actually I am using this exact router as CAPsMAN in some places. You don't need wireless on-board for this.
by karlisi
Thu Apr 02, 2015 11:33 am
Forum: Beginner Basics
Topic: Load Balancing Questions and Help
Replies: 14
Views: 1721

Re: Load Balancing Questions and Help

In Winbox open Interface list, open ether3, in Master Port choose 'none'. Then open ether4 and ether5, and change master port to ether3. If I remember correctly, You will need configure them twice, choosing 'none' at first, because MikroTik allows only one master port per switch.
by karlisi
Fri Feb 17, 2006 7:40 am
Forum: General
Topic: What version of MikroTik do you use?
Replies: 17
Views: 2770

Ooops, double post :)
by karlisi
Fri Feb 17, 2006 7:40 am
Forum: General
Topic: What version of MikroTik do you use?
Replies: 17
Views: 2770

I am using 2.7 and I am happy :) Why fix if nothing is broken... why? first - you cant get support or help from forums :) Why worry about support if all works :D Of course, there are many new features in latest versions, but they are not critical for my network, so... MT should be proud if older ve...
by karlisi
Thu Feb 16, 2006 7:34 am
Forum: General
Topic: What version of MikroTik do you use?
Replies: 17
Views: 2770

I am using 2.7 and I am happy :)
Why fix if nothing is broken...
by karlisi
Thu Nov 10, 2005 7:56 am
Forum: General
Topic: Syslog by Mikrotik !!!
Replies: 5
Views: 1428

Kiwi works great on Windows. Free version have many restrictions so you might want to buy it.
by karlisi
Wed Aug 17, 2005 7:18 am
Forum: Scripting
Topic: How to schedule by winbox ?
Replies: 12
Views: 4158

Perhaps two schedules - 0am to 10am and 10pm to 12pm
by karlisi
Fri Mar 04, 2005 8:03 am
Forum: General
Topic: web proxy and password protected websites
Replies: 2
Views: 1120

Its by design. From RouterOS manual:
"Only HTTP traffic is supported in web proxy transparent mode. HTTPS and FTP are not going to work this way."
http://www.mikrotik.com/docs/ros/2.8/ip ... xy.content
by karlisi
Sun Nov 14, 2004 10:37 am
Forum: General
Topic: NTP server issue
Replies: 1
Views: 972

Yes, you can. You dont need additional firewall rules or services. You need NTP package loaded on Mikrotik and NTP server. In NTP client configuration define NTP servers to synchronize with and enable unicast mode. You can find a list of public time servers here http://ntp.isc.org/bin/view/Servers/W...