Community discussions

Search found 2966 matches

  • 1
  • 2
  • 3
  • 4
  • 5
  • 10
by pukkita
Sun Jan 07, 2018 12:53 pm
Forum: General
Topic: Log messages: ssh auth timeout
Replies: 2
Views: 2273

Re: Log messages: ssh auth timeout

The real question is no sane admin will leave unrestricted access to a router from the Internet.

Best practice: prevent access completely to it from the internet, set up VPN access and allow only that.

If your router IP is not fixed, use IP > Cloud.
by pukkita
Wed Dec 06, 2017 3:02 pm
Forum: Beginner Basics
Topic: Configuring AP gets wrong
Replies: 5
Views: 532

Re: Configuring AP gets wrong

Have a look at viewtopic.php?t=123380

Set the wAP AP as a wireless/wired switch as explained there.
by pukkita
Wed Dec 06, 2017 2:18 pm
Forum: Beginner Basics
Topic: 52ac + hAP ac - Is this enough for my RV?
Replies: 12
Views: 1494

Re: 52ac + hAP ac - Is this enough for my RV?

I think the hardware you have have selected is fine, since you are stationary in an RV park you can power it however you want. If you were trying to run off of the battery system in your RV I'd suggest not using the included power injectors, but instead to hardwire (with fuses and a switch, of cour...
by pukkita
Sun Dec 03, 2017 3:52 pm
Forum: General
Topic: I can not access a nanostation connected to omnitik
Replies: 5
Views: 416

Re: I can not access a nanostation connected to omnitik

Are you sure the nano hasn't resetted itself to 192.168.1.20? Can you see it via IP > Neighbors?
by pukkita
Fri Dec 01, 2017 11:03 am
Forum: Wireless Networking
Topic: choosing an access point suitable for my needs
Replies: 1
Views: 239

Re: choosing an access point suitable for my needs

being mostly laptops, I'd go either for the Hap ac or wAP ac.
by pukkita
Fri Dec 01, 2017 10:36 am
Forum: General
Topic: I can not access a nanostation connected to omnitik
Replies: 5
Views: 416

Re: I can not access a nanostation connected to omnitik

Move IP .5.200 from ether1 to bridge1.

I understand there's nothing on Ip > Firewall > Nat
by pukkita
Tue Nov 28, 2017 8:02 pm
Forum: Beginner Basics
Topic: logging to remote syslog
Replies: 2
Views: 1345

Re: logging to remote syslog

You need to configure it to suit your needs, default configuration logs to memory only.

See /System logging, you need to:

1.- Create a remote Action setup for your syslog collector
2.- Set up logging Rules for the topics you want, setting/changing its action to the remote one you set on step #1.
by pukkita
Sun Nov 26, 2017 12:50 pm
Forum: General
Topic: Mikrotik connectivity to FreeRadius
Replies: 6
Views: 507

Re: Mikrotik connectivity to FreeRadius

Mikrotik doesn't check anything it simply asks freeradius: user X with password Z wants to login, should I allow it? Then is freeradius which checks on its tables and simply answers Mikrotik router if the user successfully authenticated, and any user related reply items. You need to check your freer...
by pukkita
Sun Nov 26, 2017 12:39 pm
Forum: Beginner Basics
Topic: 52ac + hAP ac - Is this enough for my RV?
Replies: 12
Views: 1494

Re: 52ac + hAP ac - Is this enough for my RV?

I wouldn't use the Metal52ac, reasons: - You need an antenna for it. Forget about using a omnidirectional antenna to pick on distant signals, that's the worst option possible. - only 1 chain. I would use LHG2 To "pick" on the distant signal, advantages: - 1/3d of the cost vs Metal52ac + antenna - Be...
by pukkita
Sat Nov 25, 2017 1:17 pm
Forum: General
Topic: [HELP] Problem. I need 2 hotspots with 2 radius servers on one Mikrotik
Replies: 4
Views: 438

Re: [HELP] Problem. I need 2 hotspots with 2 radius servers on one Mikrotik

RouterOS uses only 1 Radius client, you cannot have two hotspots using different radius servers on the same router. You can have several radius servers on /radius, but RouterOS will use the first, unless it's down; then it will try the second, and so on. You don't need two seperate radius servers fo...
by pukkita
Sat Nov 25, 2017 1:08 pm
Forum: General
Topic: Mikrotik connectivity to FreeRadius
Replies: 6
Views: 507

Re: Mikrotik connectivity to FreeRadius

You cannot just tinker with the tables and expect it to work... Seems your freeradius configuration makes it interpret that table as radcheck, and you chose to store gender on the op field, which freeradius expects to be a two character field, containing Freeradius operators . radcheck table has to ...
by pukkita
Sat Nov 25, 2017 12:54 pm
Forum: General
Topic: Multiple VLAN on one port connected to AP
Replies: 1
Views: 302

Re: Multiple VLAN on one port connected to AP

Run Tools > Torch on ether3, tick "Show VLAN id", do you see the expected VLAN IDs there?

Post a full export.
by pukkita
Sat Nov 25, 2017 10:28 am
Forum: RouterBOARD hardware
Topic: RB493G, 60.0% Bad Blocks!!! What should I do now?
Replies: 17
Views: 3708

Re: RB493G, 60.0% Bad Blocks!!! What should I do now?

Write to support linking to this post and explaining the situation, they'll work out the license issue.
by pukkita
Fri Nov 24, 2017 8:43 pm
Forum: General
Topic: Default configuration
Replies: 4
Views: 1805

Re: Default configuration

Yes, you're right: the wiki specifies it:
Configure script RouterOS export file produced by the export command). Any file supplied here will become the default configuration of the reinstalled router.
by pukkita
Tue Nov 21, 2017 5:56 pm
Forum: General
Topic: Issues w/ HTTPS
Replies: 10
Views: 697

Re: Issues w/ HTTPS

This is usually MTU, or packet loss issues. Isolate and test that subnet and its uplink point to the rest of the network.
by pukkita
Tue Nov 21, 2017 11:12 am
Forum: General
Topic: L2TP/IPSEC meltdown?
Replies: 2
Views: 361

Re: L2TP/IPSEC meltdown?

A weird thing noticed: the throughput improves considerably when I run the Packet Sniffer on the L2TP interface! Running Packet sniffer disables FastPath and Fasttrack . Check your firewall settings if you have fasttrack enabled. Similar thread: very strange slow web access but can be solved by pac...
by pukkita
Thu Nov 16, 2017 12:19 pm
Forum: General
Topic: /queue tree parent=global
Replies: 12
Views: 25395

Re: /queue tree parent=global

You don't need different packets for upload/download, just make sure that for a given traffic category, you mark traffic on both directions. It's the parent which will dictate if QoS will be applied on upload or download, depending on parent interface, you can use same packet marks. parent=global wi...
by pukkita
Wed Nov 15, 2017 2:36 pm
Forum: General
Topic: /queue tree parent=global
Replies: 12
Views: 25395

Re: /queue tree parent=global

Can I have a parent=global queue to handle all traffic towards the LAN while not intermixing the rates with the upload traffic to the two internet interfaces?
Yes, that's the way.
by pukkita
Sun Nov 12, 2017 12:49 pm
Forum: Beginner Basics
Topic: Before I buy questions
Replies: 21
Views: 1626

Re: Before I buy questions

For home use, options on increasing budget: - hAP ac: router + AP on single device. Drawback: you need to position it optimally for the AP. - RB3011 + wAP AC: Best of both worlds: router can be positioned on your comm cabinet, and wAP AC(s) optimally for best wireless coverage. - RB3011 + hAP AC: if...
by pukkita
Sat Nov 11, 2017 10:05 pm
Forum: General
Topic: License question: ROS 4.5 to 6.xx
Replies: 9
Views: 806

Re: License question: ROS 4.5 to 6.xx

Which RB433? In these cases the best option is to netinstall.
by pukkita
Sat Nov 11, 2017 12:28 pm
Forum: Beginner Basics
Topic: Before I buy questions
Replies: 21
Views: 1626

Re: Before I buy questions

From RB1100AHx4 brochure:
Captura de pantalla 2017-11-11 a la(s) 11.23.24.png
So a difference on dude edition is it comes with a 60GB M.2 disk from factory.

Additionally, dude edition sports 3 switch groups, while non dude edition seems to have none.
by pukkita
Sat Nov 11, 2017 12:20 pm
Forum: General
Topic: not created tcp-mss rule in mangle
Replies: 3
Views: 1010

Re: not created tcp-mss rule in mangle

What's new in 6.39 (2017-Apr-27 10:06):
!) ppp - implemented internal algorithm for "change-mss", no mangle rules necessary;
by pukkita
Fri Nov 10, 2017 10:50 pm
Forum: Wireless Networking
Topic: Bridge design validation?
Replies: 4
Views: 436

Re: Bridge design validation?

Only on the 750UP location, as allstarcomps said that's the only place where you need to connect more than one station. L4 is $45, but... SXT's are directional antennas, if you want to connect the two SXT lites to the AP on 750UP location, you'll need not only a radio that has L4 license, but also i...
by pukkita
Fri Nov 10, 2017 12:17 pm
Forum: Wireless Networking
Topic: Bridge design validation?
Replies: 4
Views: 436

Re: Bridge design validation?

Post a diagram. I tried to configure all 3 in bridge mode but could only get the bridge to function over any 2 APs at one time. SXT Lite license level is L3, that means it's limited to act as an AP for only one device (wireless mode = bridge). You can either pay to raise its license to L4, or purcha...
by pukkita
Fri Nov 03, 2017 6:13 pm
Forum: Wireless Networking
Topic: Using Mikrotek at a backpackers hostel
Replies: 5
Views: 670

Re: Using Mikrotek at a backpackers hostel

CAPsMAN requires certain knowledge, QoS definitely, you would be better hiring someone knowledgeable . I wouldn't limit per user (simple queue), but program a QoS (queue tree) that categorizes traffic, dynamically distributes available bandwidth depending on traffic category priority, then use PCQ q...
by pukkita
Wed Nov 01, 2017 12:35 pm
Forum: Wireless Networking
Topic: Using Mikrotek at a backpackers hostel
Replies: 5
Views: 670

Re: Using Mikrotek at a backpackers hostel

When you say MI Repeater I understand it's a wireless repeater? If so, that's your first problem. I'd: - Put the Airtel router in bridge mode if possible - Deploy a internet router to manage users, speeds, QoS and CAPsMAN. Hex could be a budget candidate that fits the job nicely. - Deploy at least t...
by pukkita
Mon Oct 30, 2017 10:54 am
Forum: Wireless Networking
Topic: Could 10Mhz channel works with any Wireless Card?
Replies: 6
Views: 581

Re: Could 10Mhz channel works with any Wireless Card?

Exactly. If you're setting up an AP for unknown wireless/mobile devices you'll have to set it up in the most widely compatible way.

For 2.4GHz that means 20MHz and default settings.
by pukkita
Sun Oct 29, 2017 8:58 pm
Forum: Wireless Networking
Topic: Could 10Mhz channel works with any Wireless Card?
Replies: 6
Views: 581

Re: Could 10Mhz channel works with any Wireless Card?

You need

1.- Mikrotik radio that suports 5/10MHz (not all of them do)
2.- Client with radio with same capabilities
by pukkita
Sun Oct 29, 2017 5:52 pm
Forum: Wireless Networking
Topic: Quickly varying wireless communication rates
Replies: 5
Views: 612

Re: Quickly varying wireless communication rates

Because there are two directions while communicating. Let's suppose this scenario: AP <-> STATION using frequency 5640. Interference may be local and affecting only the receiving side, (e.g. other antenna nearby STATION transmitting on 5640). while it could be possible that AP can "hear" STATION whe...
by pukkita
Sun Oct 29, 2017 5:39 pm
Forum: Beginner Basics
Topic: Cannot access PPTP VPN Client from LAN
Replies: 8
Views: 3269

Re: Cannot access PPTP VPN Client from LAN

Have you tried setting the src-address on the mikrotik router to 192.168.5.1? Windows PPTP client should get a route to 192.168.5.0 via the VPN, nothing else should be required. That's the point of using same network range on LAN and VPN + proxy-arp, no routing is necessary. Check a router print on ...
by pukkita
Sun Oct 29, 2017 2:36 pm
Forum: Beginner Basics
Topic: Cannot access PPTP VPN Client from LAN
Replies: 8
Views: 3269

Re: Cannot access PPTP VPN Client from LAN

Only place where proxy-arp is needed is on bridge1, nowhere else.

Reboot the router afterwards.
by pukkita
Sun Oct 29, 2017 12:57 pm
Forum: Beginner Basics
Topic: Cannot access PPTP VPN Client from LAN
Replies: 8
Views: 3269

Re: Cannot access PPTP VPN Client from LAN

please post
/interface export
/ip address export
by pukkita
Sun Oct 29, 2017 12:56 pm
Forum: General
Topic: Help with router configuration for Agascha
Replies: 6
Views: 494

Re: Help with router configuration for Agascha

Not sure if I understood your situation right. If you want the laptop acting as server to have a fixed IP, you can still use DHCP. 1.- Go to IP > DHCP Server > Leases and locate the laptop one. 2.- Double click on it, and click on "Make static". From now on, the laptop will be always offered that sa...
by pukkita
Sun Oct 29, 2017 12:41 pm
Forum: Wireless Networking
Topic: Quickly varying wireless communication rates
Replies: 5
Views: 612

Re: Quickly varying wireless communication rates

6Mbps is the lowest of the so-called "basic rates", and the only basic-rate with default configuration. Radio switches to this basic rate when initially establishing or renegotiating the radio link; this indicates you're having interferences, SXTs may have moved, a new nearby obstacle, or a new obst...
by pukkita
Sun Oct 29, 2017 12:29 pm
Forum: Beginner Basics
Topic: Cannot access PPTP VPN Client from LAN
Replies: 8
Views: 3269

Re: Cannot access PPTP VPN Client from LAN

shouldn't need this
chain=srcnat action=masquerade src-address=192.168.5.48/29 dst-address=!192.168.5.48/29 log=no log-prefix=""
if proxy-arp is properly set.
by pukkita
Sat Oct 28, 2017 12:50 pm
Forum: General
Topic: RB951G-2HND Reboot issues and system corruption [SOLVED]
Replies: 6
Views: 1576

Re: RB951G-2HND Reboot issues and system corruption [SOLVED]

No, USB external disk cannot be used as system partition, and I'm afraid it cannot be used for graphs storage either.

External storage can be used for web proxy cache, samba sharing, etc.
by pukkita
Fri Oct 27, 2017 7:02 pm
Forum: General
Topic: RB951G-2HND Reboot issues and system corruption [SOLVED]
Replies: 6
Views: 1576

Re: RB951G-2HND Reboot issues and system corruption [SOLVED]

Lots of power off/power on and bad electricity supply can corrupt the NAND format or damage it, specially if you're writing constantly to it (do you have graphs active?). If you're experiencing such electricity supply unstability, you'd better either get an UPS at least for the router... this router...
by pukkita
Fri Oct 27, 2017 11:05 am
Forum: General
Topic: RB951G-2HND Reboot issues and system corruption [SOLVED]
Replies: 6
Views: 1576

Re: RB951G-2HND Reboot issues and system corruption [SOLVED]

Looks like your NAND is gone, you'd better write support, short of netinstalling it again, resetting it to no defaults and reconfiguring it looking if it holds fine this time. Better than using a .backup, you could make an export, so that you can just copy & paste the config on this, or any router (...
by pukkita
Wed Oct 25, 2017 1:27 pm
Forum: General
Topic: Firewall logs [SOLVED]
Replies: 1
Views: 581

Re: Firewall logs [SOLVED]

Len = Length (size).

You got it right for the rest.
by pukkita
Wed Oct 25, 2017 11:53 am
Forum: Wireless Networking
Topic: RB951G-2HnD: wireless 300Mbps, how to?
Replies: 7
Views: 1844

Re: RB951G-2HnD: wireless 300Mbps, how to?

300 is radio datarate, in TCP that would equal about half, 100-150Mbps TCP.

You need clients to be dual-chain / dual stream (2x2 MIMO) while most mobile devices are single chain.
by pukkita
Wed Oct 25, 2017 11:12 am
Forum: The Dude
Topic: CRS326-24G-2S+RM
Replies: 4
Views: 1081

Re: CRS326-24G-2S+RM

At this moment I have CRS125-24G-1S and I want to get 2nd device with spf, gigabit lan ports and with Dude support.
Sounds like RB3011 is what you are looking for. Next option would be a CCR.
by pukkita
Sun Oct 22, 2017 12:29 pm
Forum: Beginner Basics
Topic: Problem with very simple Route on Mikrotik RB750
Replies: 6
Views: 681

Re: Problem with very simple Route on Mikrotik RB750

Another thing that you may need to ensure is that you are actually masquerading or dst-natting traffic from your .123 network to your .10 network. Nope, no need to. If 10.x clients use 10.x (10.1 or 10.200) as default gateway, and .123.x clients have .123.x as default gateway both networks will be ...
by pukkita
Sat Oct 21, 2017 12:06 pm
Forum: General
Topic: How to Check MikroTik with SN in Web
Replies: 3
Views: 577

Re: How to Check MikroTik with SN in Web

Check System > License, if it's fine then I'd say you can rest asured is not a copy.
by pukkita
Sat Oct 21, 2017 11:44 am
Forum: The Dude
Topic: Export Dude DB as XML
Replies: 2
Views: 793

Re: Export Dude DB as XML

Exported database is sqlite, you may use sqlite tools to create the XML export, like .e.g. sqlite-manager or SqliteStudio for once in a time operations. To program an automatic conversion process, you may use sqlite to export database to CSV, then use either your own code to convert, or use a CSV to...
by pukkita
Sat Oct 21, 2017 11:37 am
Forum: Beginner Basics
Topic: Problem with very simple Route on Mikrotik RB750
Replies: 6
Views: 681

Re: Problem with very simple Route on Mikrotik RB750

This is the case right now. But tbh i don't understand why this must be the GW, when there is no device with that IP (should i give the RB750 this IP?) Yes, you should either change it to 192.168.10.1, or keep the current 192.168.10.200 AND set the clients to use 192.168.10.200 as gateway. Best app...
by pukkita
Fri Oct 20, 2017 3:06 pm
Forum: The Dude
Topic: CRS326-24G-2S+RM
Replies: 4
Views: 1081

Re: CRS326-24G-2S+RM

CRS326 is ARM platform, whereas most CRS line is mipsbe, where dude is not supported.

Have you tried uploading the dude arm package to it then rebooting (provided you're using RouterOS and not SwOS with the CRS326)?
by pukkita
Fri Oct 20, 2017 2:57 pm
Forum: Beginner Basics
Topic: Problem with very simple Route on Mikrotik RB750
Replies: 6
Views: 681

Re: Problem with very simple Route on Mikrotik RB750

Sadly i'm on the edge of insanity, because i just can't seem to get it to work. I have a static Route on the AVM Fritzbox, which redirects every request etc. directed at the 10.xxx Network right to the RB750 (because the AVM is the Gateway for the 123.xxx Clients). Can you post that route? Check th...
by pukkita
Sun Oct 15, 2017 12:22 pm
Forum: Wireless Networking
Topic: ptp qrt 5ac 12.1 km
Replies: 8
Views: 808

Re: ptp qrt 5ac 12.1 km

200Mbps is going to depend on available spectrum, contiguous free 40MHz-50MHz minimum required.

Suitable devices for this in order of preference:

- netmetal (dual chain) + mANT30-PA
- netbox + mANT30-PA
- QRT ac
- DynaDish
by pukkita
Sun Oct 15, 2017 12:13 pm
Forum: Beginner Basics
Topic: Replace OpenVPN Server/Client
Replies: 13
Views: 1253

Re: Replace OpenVPN Server/Client

GRE does not use a port!
I know... I meant ISPs are known/likely to throttle it down also, or even block it. The point of the OP was using a transport that was unlikely to be tinkered by the ISP...
by pukkita
Sat Oct 14, 2017 2:48 pm
Forum: Wireless Networking
Topic: ptp qrt 5ac 12.1 km
Replies: 8
Views: 808

Re: ptp qrt 5ac 12.1 km

It's stated at the calculator, link it's possible, but you'll need an outrageously high tower (>70m height) to mount the Tx device. Either that, or use four devices to create 2 PTPs. First PTP will clear the elevation by Rx'ing at the edge; this first PTP Rx radio will be wired to second PTP back to...
by pukkita
Sat Oct 14, 2017 2:37 pm
Forum: Wireless Networking
Topic: CAPSMAN + Guest WiFi
Replies: 8
Views: 5001

Re: CAPSMAN + Guest WiFi

You seem to miss the IP > DHCP > Network entries. Also I think for your intended setup add address=10.35.0.1 interface=bridgeopen network=10.35.0.0 Should be add address=10.35.0.1/24 interface=bridgeopen network=10.35.0.0 . Do clients connected to the open network: 1.- Get an IP? 2.- post ipconfig/a...
by pukkita
Sat Oct 14, 2017 2:24 pm
Forum: Beginner Basics
Topic: Replace OpenVPN Server/Client
Replies: 13
Views: 1253

Re: Replace OpenVPN Server/Client

- L2tp works only on port UDP 500. This is a sad notice. In OpenVPN i don't use standard ports for connect. Some ISPs will slow down traffic on this common ports.
Similarly goes for GRE.

Would be nice having customizable L2TP port for ROS... of course only ROS devices could be used on both sides.
by pukkita
Fri Oct 13, 2017 2:09 pm
Forum: Forwarding Protocols
Topic: OSPF - one way neighbor
Replies: 2
Views: 882

Re: OSPF - one way neighbor

Check your firewall for any filter o nat rules that may be getting into OSPF's way.
by pukkita
Fri Oct 13, 2017 1:14 pm
Forum: Beginner Basics
Topic: Replace OpenVPN Server/Client
Replies: 13
Views: 1253

Re: Replace OpenVPN Server/Client

Download the sstp-client-1.0.11.tar.gz package and look at the README inside, there's no need for X. You can create .deb packages rather easily, look inside the sources. pe1chl, SSTP may not be the optimal solution but giving the limitations gamba47 is facing, which SSTP dodges, there's nothing to l...
by pukkita
Wed Oct 11, 2017 3:35 pm
Forum: Wireless Networking
Topic: CAPSMAN + Guest WiFi
Replies: 8
Views: 5001

Re: CAPSMAN + Guest WiFi

When i connect to the private network, it's ok, i've got an ip address and have a n internet access, but when i tryed to connect to guest network, i also get ip address, but no internet access, and also i can't ping my router from the connected device. I assume you mean the internet router plugged ...
by pukkita
Wed Oct 11, 2017 3:12 pm
Forum: Beginner Basics
Topic: Replace OpenVPN Server/Client
Replies: 13
Views: 1253

Re: Replace OpenVPN Server/Client

No need for softether, SSTP Client is all you need.

What distribution are you using?

This provides a plugin for stock pppd and a sstp client tool (sstpc).

Typical area were you may find issues while setting up is the server certificate, watch out pppd client logs on Linux server.
by pukkita
Wed Oct 11, 2017 3:05 pm
Forum: Beginner Basics
Topic: Here is my last attempt - RB3011 - No Server outbound connection
Replies: 20
Views: 1775

Re: Here is my last attempt - RB3011 - No Server outbound connection

Your routing is fine. Did you issue the ping to 8.8.8.8 from the router??? Remove masquerade on bridge-LAN, only masquerade you need is the one already set: You posted: /ip firewall nat add action=masquerade chain=srcnat comment="default masquerade" \ out-interface=ether1_WAN add action=dst-nat chai...
by pukkita
Wed Oct 11, 2017 3:00 pm
Forum: Wireless Networking
Topic: CAPsMAN errors in log
Replies: 8
Views: 7173

Re: CAPsMAN errors in log

Change its logic:
 chain=input action=drop in-interface-list=WAN
by pukkita
Tue Oct 10, 2017 11:47 am
Forum: Beginner Basics
Topic: Here is my last attempt - RB3011 - No Server outbound connection
Replies: 20
Views: 1775

Re: Here is my last attempt - RB3011 - No Server outbound connection

/ip address add address=192.168.88.1/24 comment=defconf interface=ether2 network=\ 192.168.88.0 You should change that IP to interface=bridge-LAN /ip arp add address=192.168.88.248 interface=bridge-LAN mac-address=7C:05:07:10:04:AD Delete this. On Winbox, open a New Terminal and issue /ip address p...
by pukkita
Mon Oct 09, 2017 12:30 pm
Forum: Beginner Basics
Topic: Here is my last attempt - RB3011 - No Server outbound connection
Replies: 20
Views: 1775

Re: Here is my last attempt - RB3011 - No Server outbound connection

According to the SB6141 Manual , as pcunite says there's no SFP, you should wire it like this: I am confused? I bought this SFP Copper Module (Mikrotik Item model number S-RJ01). Now you are saying i cant use it with this router and modem? I am very confused now? It is an ethernet cord, it is nothi...
by pukkita
Sat Oct 07, 2017 12:00 pm
Forum: Wireless Networking
Topic: wireless repeater for two different SSIDs on different frequencies?
Replies: 4
Views: 558

Re: wireless repeater for two different SSIDs on different frequencies?

Then you'll need to to it the not optimal way. It's not optimal because you're forcing the radio on the repeater to split its tasks in two, so it: - halves the bandwidth - doubles the latency - halves available spectrum efficiency for everyone. Say wired hAP is A, repeating hAP is B, and user C is c...
by pukkita
Sat Oct 07, 2017 11:35 am
Forum: Beginner Basics
Topic: Here is my last attempt - RB3011 - No Server outbound connection
Replies: 20
Views: 1775

Re: Here is my last attempt - RB3011 - No Server outbound connection

According to the SB6141 Manual, as pcunite says there's no SFP, you should wire it like this:
wiring.png
by pukkita
Fri Oct 06, 2017 12:58 pm
Forum: Wireless Networking
Topic: Unable to get IP on Virtual AP
Replies: 1
Views: 1034

Re: Unable to get IP on Virtual AP

Make sure that either - If you don't mind both SSIDs being bridged, ensure the VirtualAP interface is added as a port to the same interface (bridge) the DHCP server is running on ( Check IP > DHCP Server ). - If you want to keep both SSIDs isolated, you'll need to setup another DHCP server to be ded...
by pukkita
Fri Oct 06, 2017 12:29 pm
Forum: General
Topic: Authorize a single website with the proxy
Replies: 1
Views: 277

Re: Authorize a single website with the proxy

You cannot, exceptions to proxy access list are static, so unless there's a regex pattern that will catch both orange.fr and related CDNs (highly unlikely), you'll need to add a specific proxy ACL for each.
by pukkita
Fri Oct 06, 2017 12:27 pm
Forum: Wireless Networking
Topic: wireless repeater for two different SSIDs on different frequencies?
Replies: 4
Views: 558

Re: wireless repeater for two different SSIDs on different frequencies?

Yes, but that wouldn't be optimal.

Best approach is wiring both Haps, then have both broadcast any SSIDs you want on any of the two bands.

Good scenario to use CAPsMAN.
by pukkita
Fri Oct 06, 2017 12:24 pm
Forum: General
Topic: Logging only src on NAT traslations
Replies: 6
Views: 665

Re: Logging only src on NAT traslations

I can't see the usefulness of storing only the src-address and port if it cannot be cross-related to a dst-address... if you just want that info, use radacct.

Otherwise, you'll need to process the data at syslog receiving stage.
by pukkita
Fri Oct 06, 2017 12:15 pm
Forum: Beginner Basics
Topic: How to install Dude server on Routerboard 1100?
Replies: 23
Views: 25451

Re: How to install Dude server on Routerboard 1100?

There's no dude server for MIPSBE platform, it's only supported on Tile, ARM, MMIPS and x86/CHR.

You need to install it on a supported router, then by adding the RB433 as a device, (and as long as wireless cards used aren't AC chipset), you'll be able to do spectral scans from the main dude server.
by pukkita
Fri Oct 06, 2017 11:28 am
Forum: Beginner Basics
Topic: Setup DNS caching
Replies: 6
Views: 3323

Re: Setup DNS caching

You can setup this value on 6.40, AFAIK there's no limitation.

Obviously, unless hardware is sized for the load, this won't make a difference.
by pukkita
Mon Oct 02, 2017 2:02 pm
Forum: Beginner Basics
Topic: Setup DNS caching
Replies: 6
Views: 3323

Re: Setup DNS caching

I've setup before with port redirecting with dstnat to udp port 53, There's no need for port redirection, are you "hijacking" outgoing DNS queries and redirecting them to the cache? Depending on the resolving library used by the client this may not work (most modern libraries). You'd better hand th...
by pukkita
Sun Oct 01, 2017 3:43 pm
Forum: Beginner Basics
Topic: Setup DNS caching
Replies: 6
Views: 3323

Re: Setup DNS caching

How did you set it up? Basically you need to 1.- Add OpenDNS servers to IP > DNS Servers, you can set more than one by clicking on the small, bottom pointing triangle next to the Servers field. 2.- While you're at that screen, make sure Allow Remote Requests is enabled (this enables the DNS server f...
by pukkita
Wed Sep 27, 2017 2:26 pm
Forum: Beginner Basics
Topic: DHCP client doesn't work on SFP(S-RJ01) port
Replies: 24
Views: 2768

Re: DHCP client doesn't work on SFP(S-RJ01) port

How was your WAN setup? Does it use DHCP to get the WAN IP?

Are you sure sfp interface is linked and running? (Look at Interfaces > SFP1 > status)
by pukkita
Wed Sep 27, 2017 2:22 pm
Forum: General
Topic: Masquerade traffic in forward chain
Replies: 3
Views: 587

Re: Masquerade traffic in forward chain

Post an export.
by pukkita
Mon Sep 25, 2017 1:15 pm
Forum: General
Topic: hAp ac: Reset Problem
Replies: 4
Views: 2256

Re: hAp ac: Reset Problem

Glad you found the fix!
Can the part of the firmware that handles this stage when booting get corrupted?
It can happen, you'd notice because after netinstall it won't boot either, there's a Backup Booter you can force on System > RouterBoard [Settings] in such case.
by pukkita
Fri Sep 22, 2017 3:10 pm
Forum: General
Topic: hAp ac: Reset Problem
Replies: 4
Views: 2256

Re: hAp ac: Reset Problem

by pukkita
Fri Sep 22, 2017 3:06 pm
Forum: Wireless Networking
Topic: Transparent WiFi AP
Replies: 2
Views: 899

Re: Transparent WiFi AP

Try this:

- Go to Wireless, open wlan1-gateway, click on [Advanced Mode] button, and set Multicast Helper to full.
by pukkita
Wed Sep 20, 2017 12:12 pm
Forum: General
Topic: Interface PPP Server side flaps/disconnects all
Replies: 6
Views: 894

Re: Interface PPP Server side flaps/disconnects all

I'd say you have two problems; a L2, root one that causes the pppoe sessions to disconnect, you need to find the cause. Interface flapping on PPPoE Uplinks are not admisible on production scenarios, check wiring/fiber, SFP modules, Switches, etc. Are you using OSPF? The second one (high CPU load) se...
by pukkita
Wed Sep 20, 2017 11:49 am
Forum: General
Topic: Mikrotik RB800 RouterBoard Help
Replies: 12
Views: 1596

Re: Mikrotik RB800 RouterBoard Help

Secondly, i have only six PtP long distance links in different directions at different locations, so i think its not feasible and investing extra budget using extra network gears for many links to 360 degree coverage with no such customer base in near future. This is government based organizational...
by pukkita
Tue Sep 19, 2017 11:19 am
Forum: Beginner Basics
Topic: RB951Ui-2HnD ethernet ports look deactivated even the Wifi.
Replies: 2
Views: 377

Re: RB951Ui-2HnD ethernet ports look deactivated even the Wifi.

Do you mean that you cannot "see" it via winbox neighbors or connect to it via previously known IP?

In such case, you need to do a netinstall
by pukkita
Tue Sep 19, 2017 11:16 am
Forum: General
Topic: Interface PPP Server side flaps/disconnects all
Replies: 6
Views: 894

Re: Interface PPP Server side flaps/disconnects all

Which interface flaps? the VLANs? What's the CPU load at those times?
by pukkita
Tue Sep 19, 2017 11:13 am
Forum: Beginner Basics
Topic: Suggestion for Linking?
Replies: 2
Views: 415

Re: Suggestion for Linking?

If I change the port to auto-negotiation disabled, port speed 1G, Full Duplex, the link light will appear on the CRS and report transmission activity. The Netgear will not establish link light or pass traffic.
Then you need to force 1G also at Netgear's end, did you try that?
by pukkita
Tue Sep 19, 2017 10:55 am
Forum: General
Topic: Mikrotik RB800 RouterBoard Help
Replies: 12
Views: 1596

Re: Mikrotik RB800 RouterBoard Help

This remote wireless network connectivity belongs to government based wildlife remote monitoring project where 32 HD CCTV cameras live feeds from remote forest monitoring sites would be monitored at wildlife range office in the city. Nice project :D I'm curious, where is it? Have you disabled one o...
by pukkita
Mon Sep 18, 2017 1:40 pm
Forum: General
Topic: Mikrotik RB800 RouterBoard Help
Replies: 12
Views: 1596

Re: Mikrotik RB800 RouterBoard Help

Taking a routerboard and sticking multiple radio cards on it is a thing of the past, (and never 8 cards!!) and the least desirable option, several radios cramped on a single board interfere with each other; your approach, single RB + multiple cards is the worst option possible from a optimal standpo...
by pukkita
Sat Sep 16, 2017 11:56 am
Forum: General
Topic: Mikrotik RB800 RouterBoard Help
Replies: 12
Views: 1596

Re: Mikrotik RB800 RouterBoard Help

RB800 was obsoleted long ago.

The "nearest" modern RB to RB800 is the RB850Gx2.

Depending on bandwidth and duties, more commonly used RBs for this task would be RB3011, RB1100AHx2, or CCR1009.

What are the RB intended tasks?
by pukkita
Sat Sep 16, 2017 11:50 am
Forum: Beginner Basics
Topic: Any newer wifi ac to be launched soon than hAP ac
Replies: 5
Views: 649

Re: Any newer wifi ac to be launched soon than hAP ac

hAP ac is the flagship AP for indoor use, really doubt mikrotik would be launching another device to replace it on for this segment soon.
by pukkita
Wed Sep 13, 2017 11:37 am
Forum: RouterBOARD hardware
Topic: RB2011UiAS-RM Powers Off Seconds After Connecting Ether1
Replies: 20
Views: 1801

Re: RB2011UiAS-RM Powers Off Seconds After Connecting Ether1

My guess was that the switch was creating a different ground level than the router, or something along these lines...
That's my guess also, check grounding of the enterasys, rack and 2011... everything should end on a single common ground.
by pukkita
Sun Sep 10, 2017 11:52 am
Forum: Wireless Networking
Topic: Epson XP-330 Wireless Cannot Connect
Replies: 2
Views: 437

Re: Epson XP-330 Wireless Cannot Connect

Try setting channel width to 20MHz.
by pukkita
Sun Sep 10, 2017 11:24 am
Forum: The User Manager
Topic: memory manager error info debug error mikrotik
Replies: 3
Views: 940

Re: memory manager error info debug error mikrotik

Use a MicroSD or USB, and run user-manager database off it, you're running out of space.

Which routerboard are you using?
by pukkita
Thu Sep 07, 2017 2:46 pm
Forum: RouterBOARD hardware
Topic: EROR NetInstall RB1100AHx2 [SOLVED]
Replies: 5
Views: 1001

Re: EROR NetInstall RB1100AHx2 [SOLVED]

Try upgrading the bootloader via Bios: https://i.mt.lv/routerboard/files/p2020_3.24.fwf trying netinstall for 6.38.7 again.
by pukkita
Wed Sep 06, 2017 6:38 pm
Forum: RouterBOARD hardware
Topic: EROR NetInstall RB1100AHx2 [SOLVED]
Replies: 5
Views: 1001

Re: EROR NetInstall RB1100AHx2 [SOLVED]

Which netinstall version? What's the bootloader version on the 1100AHx2? It is on par with the netinstall version you're using?

Have you tried to format NAND via the serial console first?
by pukkita
Wed Sep 06, 2017 5:28 pm
Forum: General
Topic: router was rebooted without proper shutdown, probably kernel failure
Replies: 27
Views: 10790

Re: router was rebooted without proper shutdown, probably kernel failure

E. Have you been changing cables ? F. Are you sure that someone in the building have not made a loop connecting cables to local switch?. I'd add: G. Are you sure nobody has created a new bridge, added a new port to an existing one, or changed/set some ethernet port master port parameter? If you had...
by pukkita
Wed Sep 06, 2017 5:25 pm
Forum: General
Topic: router was rebooted without proper shutdown, probably kernel failure
Replies: 27
Views: 10790

Re: router was rebooted without proper shutdown, probably kernel failure

BartoszP is right, highly unlikely three routers start to misbehave at the same time; check your network / routers first. If you don't find 100% CPU or other anomalies on logs: Make sure Current Firmware is the same version as Update firmware on System > Routerboard. If not, click on upgrade and re...
by pukkita
Wed Sep 06, 2017 4:55 pm
Forum: General
Topic: router was rebooted without proper shutdown, probably kernel failure
Replies: 27
Views: 10790

Re: router was rebooted without proper shutdown, probably kernel failure

BartoszP is right, highly unlikely three routers start to misbehave at the same time; check your network / routers first. If you don't find 100% CPU or other anomalies on logs: Make sure Current Firmware is the same version as Update firmware on System > Routerboard. If not, click on upgrade and reb...
by pukkita
Wed Sep 06, 2017 4:41 pm
Forum: Beginner Basics
Topic: L2TP server, i can't see devices in network [SOLVED]
Replies: 5
Views: 2205

Re: L2TP server, i can't see devices in network [SOLVED]

Computers in the same range expect others to reply to their arp queries, i.e. expect the rest to be L2 connected and thus receiving/replying broadcasts straight on their own. Proxy-arp aids when you use the same range for the VPN, as remote computers aren't directly connected to the network; it make...
by pukkita
Mon Sep 04, 2017 12:01 pm
Forum: Beginner Basics
Topic: 2011-UiAS-2HnD-IN replace antennas
Replies: 9
Views: 910

Re: 2011-UiAS-2HnD-IN replace antennas

When you spoke about a closed rack I thought on an outdoor enclosure for a tower or something similar, not for indoor duty. In that case your plan will work, you'll lose some db's due to the longer cabling and the additional connectors, but will be better than having the router antennas inside the f...
by pukkita
Mon Sep 04, 2017 11:49 am
Forum: Wireless Networking
Topic: Routing bgp mpls vpls, node bts with crs o ccr, max 300-400mbps each node
Replies: 3
Views: 701

Re: Routing bgp mpls vpls, node bts with crs o ccr, max 300-400mbps each node

The "easy" solution would be a CCR1072-1G-8S+ :D

Another possibilities:

- Use a router with an SFP+ port like CCR1009-7G-1C-1S+ plus a suitable switch, like CRS212 or the CRS317, connect them via SFP+ at 10G with a DAC cable and you're set.

- Budget option: a Hex + CRS212.
by pukkita
Sun Sep 03, 2017 10:52 pm
Forum: Beginner Basics
Topic: 2011-UiAS-2HnD-IN replace antennas
Replies: 9
Views: 910

Re: 2011-UiAS-2HnD-IN replace antennas

It will work , but... Is this a sound plan? Am I using the right components? Will it work afterwards? Would it be better to do it another way? Instead of taking a desktop integrated router, adding an external enclosure, adding an additional loss point (SMA->SMA Antenna) and longer pigtails, and a cr...
by pukkita
Sat Sep 02, 2017 3:15 pm
Forum: RouterBOARD hardware
Topic: wAP and hAP lite wifi [SOLVED]
Replies: 2
Views: 620

Re: wAP and hAP lite wifi [SOLVED]

Yes, they have same chipset, QCA9533.
by pukkita
Sat Sep 02, 2017 2:36 pm
Forum: Beginner Basics
Topic: mobile broadband with mikrotik routerboard
Replies: 6
Views: 1862

Re: mobile broadband with mikrotik routerboard

In such case a hAP ac Lite could be an affordable dual radio device to learn with, plus you can connect an USB modem like the e3372 to build your MIFI solution, or use 2,4GHz radio to connect to your existing MIFI and re-broadcast via the 5GHz radio, etc.
by pukkita
Fri Sep 01, 2017 11:05 pm
Forum: Wireless Networking
Topic: Event with 1200 wireless users
Replies: 8
Views: 3325

Re: Event with 1200 wireless users

hAP ac and wAP ac are dual channel radios, so 12 APs = 24 radios; 1200/24 = 50 users per radio, I doubt all 50 will be active simultaneously, so as long as placement is well thought out it should be enough, short of additional APs to cover any shaded areas you may find. Most modern smartphones and t...
by pukkita
Fri Sep 01, 2017 7:40 pm
Forum: Wireless Networking
Topic: Routing bgp mpls vpls, node bts with crs o ccr, max 300-400mbps each node
Replies: 3
Views: 701

Re: Routing bgp mpls vpls, node bts with crs o ccr, max 300-400mbps each node

I have yet to test this device, but I doubt it. CRS is a programmable Switch, but CPU power is not suitable for routing (software) that bandwidth, acccording to its specs : Captura de pantalla 2017-09-01 a la(s) 18.38.42.png Best bet for that duty if budget is no object: CCR or RB1100AH. Low Budget:...
by pukkita
Fri Sep 01, 2017 3:54 pm
Forum: General
Topic: Connecting Multiple Questions
Replies: 2
Views: 618

Re: Connecting Multiple Questions

Post a diagram. Hand-drawn is fine.
by pukkita
Fri Sep 01, 2017 3:51 pm
Forum: Beginner Basics
Topic: in SFP1 out SFP2
Replies: 2
Views: 582

Re: in SFP1 out SFP2

Post an export and a /ip route print, What's the source IP of branch office PC?
by pukkita
Fri Sep 01, 2017 3:49 pm
Forum: RouterBOARD hardware
Topic: Simultaneous clients - mANT 19S [SOLVED]
Replies: 3
Views: 829

Re: Simultaneous clients - mANT 19S [SOLVED]

I wouldn't design it with just a single mANTBox 19S. Apart from only covering 120 degrees, 76 simultaneous stations will be too much, I would target for 50 stations max per sector. Best bet would be using three sectors, either mANTBox19S or 15S (clients closer than 500m). You'll be covering 360, and...
by pukkita
Fri Sep 01, 2017 3:41 pm
Forum: General
Topic: Looking for a secure alternative to eoip
Replies: 7
Views: 1274

Re: Looking for a secure alternative to eoip

EoIP does what it needs to do but the performance knock is massive. Over a Gbps ethernet link I'm only getting around 10MB/s of real performance before the cpu hits 100%. Which routerboard? If your CPU does not support hardware acceleration for AES encryption/decryption then it would be slow as hel...
by pukkita
Fri Sep 01, 2017 3:37 pm
Forum: RouterBOARD hardware
Topic: Advice needed in choosing the right Mikrotik device [SOLVED]
Replies: 4
Views: 712

Re: Advice needed in choosing the right Mikrotik device [SOLVED]

I'd use 5GHz better, not only because of the potential higher throughput by using 40MHz or wider channels; 2.4GHz spectrum is much smaller and already saturated by home routers.
by pukkita
Fri Sep 01, 2017 2:39 pm
Forum: Wireless Networking
Topic: Questions Regarding RB435GUAH - Heat & Lifetime
Replies: 1
Views: 444

Re: Questions Regarding RB435GUAH - Heat & Lifetime

If environment conditions are going to be tough, I would stay away from RB + radio cards + pigtails. If heat is going to be high, it will put a stress on all mechanical connections: PCIe card slots, internal and external pigtails.... also 3 PCIe radios cramped on the same board/enclosure is not opti...
by pukkita
Fri Sep 01, 2017 2:29 pm
Forum: General
Topic: RBmAP2nD serial [SOLVED]
Replies: 4
Views: 621

Re: RBmAP2nD serial [SOLVED]

AFAIK this model doesn't have serial port, and USB port is for powering only. What is your goal?
by pukkita
Fri Sep 01, 2017 2:25 pm
Forum: RouterBOARD hardware
Topic: Advice needed in choosing the right Mikrotik device [SOLVED]
Replies: 4
Views: 712

Re: Advice needed in choosing the right Mikrotik device [SOLVED]

It may link on 5GHz, but waP is not a good choice for this application. Majority of traffic (download) will go from wAP to SXT; wAP have small gain omni antennas not suited for linking at 300m. If you expect to connect more devices to it, your best bet would be using a SXT-SA for the Apartment (90 d...
by pukkita
Thu Aug 31, 2017 8:31 pm
Forum: General
Topic: USB Power Reset
Replies: 6
Views: 2056

Re: USB Power Reset

I would generate supouts while on troublesome setups and email support linking to this post, so that they're aware of this. (this is an user forum, while mikrotik staff reads the forum, is not the most efficient way to report bugs)
by pukkita
Thu Aug 31, 2017 8:28 pm
Forum: Beginner Basics
Topic: mobile broadband with mikrotik routerboard
Replies: 6
Views: 1862

Re: mobile broadband with mikrotik routerboard

MIFI as internet source wirelessly connected to a hap lite to do bw management isn't what I would call and optimal setup.

Instead of using an additional device, I'd use a wAP LTE straight and build your own MIFI, this time with all ROS goodies.
by pukkita
Thu Aug 31, 2017 3:45 pm
Forum: Beginner Basics
Topic: Replace OpenVPN Server/Client
Replies: 13
Views: 1253

Re: Replace OpenVPN Server/Client

Use SSTP then...
  • You can set up a different port if you want
  • NAT friendly
  • Less likely to be throttled down by ISPs
by pukkita
Thu Aug 31, 2017 1:49 pm
Forum: Wireless Networking
Topic: Event with 1200 wireless users
Replies: 8
Views: 3325

Re: Event with 1200 wireless users

For 1Gbps bandwidth, definitelly a RB1100AHx2 would be the minimum I'd get.

Regarding AP count, it depends on the size/shape of the floors in the building, you'll need to position them for optimal coverage.

I'd start with 10-12 APs.
by pukkita
Thu Aug 31, 2017 12:20 pm
Forum: General
Topic: CRS326-24G-2S+RM Switch chip features
Replies: 5
Views: 1323

Re: CRS326-24G-2S+RM Switch chip features

Yes.
by pukkita
Thu Aug 31, 2017 12:15 pm
Forum: Wireless Networking
Topic: Event with 1200 wireless users
Replies: 8
Views: 3325

Re: Event with 1200 wireless users

Maybe a mix Metal and Groove
With omnis? don't.

I would use hAP ac + wAP ac.

What's the internet bandwidth? As main router / controller I'd go for a RB1100AHx2 or CCR.
by pukkita
Wed Aug 30, 2017 8:53 pm
Forum: General
Topic: dhcp-relay over MKT cascade [SOLVED]
Replies: 3
Views: 668

Re: dhcp-relay over MKT cascade [SOLVED]

Capturing traffic at the edge router I don't see anythig related with the DHCP, is it possible that the first MKT is filtering the DHCP discover?
Could be... have you torched MKT1 ether wired to MKT2 to see if DHCP requests are present?
by pukkita
Wed Aug 30, 2017 8:05 pm
Forum: General
Topic: The Mikrotik web server has down [SOLVED]
Replies: 4
Views: 1122

Re: The Mikrotik web server has down [SOLVED]

Connect to it via mac-winbox, and look at the logs, to determine why web server has stopped (hdd space full, etc).

In such case it would be best to reboot after cleanup.
by pukkita
Wed Aug 30, 2017 2:09 pm
Forum: Beginner Basics
Topic: Multiple WAN and NAT
Replies: 2
Views: 1144

Re: Multiple WAN and NAT

2 chain=srcnat action=src-nat to-addresses=84.54.xxx.250 src-address=192.168.88.37 log=yes log-prefix="SRCNAT" I cannot see where 84.54.xxx.250 is assigned on IP > Addresses? If you want to src-nat the router will need to have that IP assigned. Re: Mangle: Have a look at Tomas Kirnak's Load Balance...
by pukkita
Wed Aug 30, 2017 12:41 pm
Forum: General
Topic: USB Power Reset
Replies: 6
Views: 2056

Re: USB Power Reset

Just tested (6.40.2) on a 951Ui model and doesn't reboot.

Does it happen with a different USB device? Does it happen with no USB device?

I would netinstall it to 6.40.2. If problem persists, generate a supout and email support linking to this post.
by pukkita
Wed Aug 30, 2017 12:31 pm
Forum: Scripting
Topic: Redundant WANs - Script or Mangle to make both accessible and 2 hop failover [SOLVED]
Replies: 14
Views: 2549

Re: Redundant WANs - Script or Mangle to make both accessible and 2 hop failover [SOLVED]

Never mind :D

I cleared it anyway, as if you had that doubt, so could future users browsing the thread.
by pukkita
Tue Aug 29, 2017 8:06 pm
Forum: Beginner Basics
Topic: Big net for more than 254 devices
Replies: 1
Views: 529

Re: Big net for more than 254 devices

Guess with "transparent" you mean a bridged scenario: just use a bigger subnet. You will have a bridged (switched) network. To achieve this, instead of using 192.168.0.0/24, use 192.168.0.0/23: Network: 192.168.0.0/23 HostMin: 192.168.0.1 HostMax: 192.168.1.254 Broadcast: 192.168.1.255 Hosts/Net: 51...
by pukkita
Tue Aug 29, 2017 7:53 pm
Forum: General
Topic: Internet starts working after i do IP Scan
Replies: 34
Views: 2932

Re: Internet starts working after i do IP Scan

Something's not quite right there. Have you used .backup files to move configs between routers? Try this: Go to the bridge, and blank Admin. MAC Address (click on upward pointing triangle on its right, then apply) Run (you will temporarily lost the connection) /interface ethernet reset-mac-address [...
by pukkita
Tue Aug 29, 2017 7:41 pm
Forum: Scripting
Topic: Redundant WANs - Script or Mangle to make both accessible and 2 hop failover [SOLVED]
Replies: 14
Views: 2549

Re: Redundant WANs - Script or Mangle to make both accessible and 2 hop failover [SOLVED]

If you create a Netwatch monitor that reaches out to 8.8.4.4 and if it can't reach that address is disable the main route until reachable again, won't that IP become instantly reachable when it fails over to the second backup default route, causing it to fail back over to the failed line? No, becau...
by pukkita
Tue Aug 29, 2017 7:37 pm
Forum: Beginner Basics
Topic: Dual wan setup troubles
Replies: 40
Views: 5423

Re: Dual wan setup troubles

Follow the presentation mangle to the letter until you get a solid grasp on it, before jumping into customizations.

Order, and following it to the utmost detail is really important.
by pukkita
Tue Aug 29, 2017 3:26 pm
Forum: General
Topic: PPPoE best use of public IPs [SOLVED]
Replies: 4
Views: 791

Re: PPPoE best use of public IPs [SOLVED]

No, not for the local address, but for remote-address of the specific customer needing it. Local address should/could be the same for all pppoe users on a given router, and it's usually a private one as it won't be using by anything else than local traffic between its pppoe users and the router.
by pukkita
Tue Aug 29, 2017 3:22 pm
Forum: Scripting
Topic: Redundant WANs - Script or Mangle to make both accessible and 2 hop failover [SOLVED]
Replies: 14
Views: 2549

Re: Redundant WANs - Script or Mangle to make both accessible and 2 hop failover [SOLVED]

Follow the same logic/instructions on the presentation, it's wonderfully covered there.
by pukkita
Tue Aug 29, 2017 1:44 pm
Forum: General
Topic: Mikrotik to Mikrotik Lan Connection
Replies: 5
Views: 743

Re: Mikrotik to Mikrotik Lan Connection

- MKT2 LAN IP? 172.10.0.0/16 that's not an RFC1918 range, you're using a public Internet range (belongs to AT&T in the US) for a private network. Proper range is 172.16.0.0/12 In any case: Captura de pantalla 2017-08-29 a la(s) 12.36.42.png MKT1: ether3 shouldn't be a port of a bridge, or switch gr...
by pukkita
Tue Aug 29, 2017 12:59 pm
Forum: General
Topic: PPPoE best use of public IPs [SOLVED]
Replies: 4
Views: 791

Re: PPPoE best use of public IPs [SOLVED]

I am doing this with PPPoE and running PPPoE at each relay rather than centrally (I have reasons for doing it like this). I have a /25 public IP range that I wish to use as sparingly as possible. As some sites might only need 1 or 2 CPE with public IPs, how is best to achieve this without wasting p...
by pukkita
Tue Aug 29, 2017 12:49 pm
Forum: RouterBOARD hardware
Topic: RB2011UiAS-RM Powers Off Seconds After Connecting Ether1
Replies: 20
Views: 1801

Re: RB2011UiAS-RM Powers Off Seconds After Connecting Ether1

to next device connected to the suspect port ether1, if it's the internet router, then the internet router IP facing the mikrotik device. What's the ROS version and System > Routerboard firmware versions? I would netinstalll, reset to no defaults and restore the config on the RB2011 in any case, as ...
by pukkita
Tue Aug 29, 2017 12:47 pm
Forum: Scripting
Topic: Redundant WANs - Script or Mangle to make both accessible and 2 hop failover [SOLVED]
Replies: 14
Views: 2549

Re: Redundant WANs - Script or Mangle to make both accessible and 2 hop failover [SOLVED]

Glad it helped :D

Those lists are created to help mangle determine kind of traffic:

- Local networks to local networks
- Local networks to internet
- Internet to local networks

As depending on that rerouting should be done or not, etc.
by pukkita
Tue Aug 29, 2017 12:40 pm
Forum: RouterBOARD hardware
Topic: RB850Gx2 Voltage Monitor wrong measurements
Replies: 4
Views: 619

Re: RB850Gx2 Voltage Monitor wrong measurements

I suggested supout/support route because looks like a bug and Mikrotik would better know...
by pukkita
Tue Aug 29, 2017 12:33 pm
Forum: Beginner Basics
Topic: Basic setup for router with multiple AP's [SOLVED]
Replies: 23
Views: 11745

Re: Basic setup for router with multiple AP's [SOLVED]

Omnitik has single radio (5GHz) it doesn't have 2.4GHz.
by pukkita
Tue Aug 29, 2017 12:27 pm
Forum: RouterBOARD hardware
Topic: RB2011UiAS-RM Powers Off Seconds After Connecting Ether1
Replies: 20
Views: 1801

Re: RB2011UiAS-RM Powers Off Seconds After Connecting Ether1

Set the internet router LAN ip for watch address and check if supout is generated after such 30s connectivity loss.
by pukkita
Mon Aug 28, 2017 11:22 pm
Forum: General
Topic: USB Power Reset
Replies: 6
Views: 2056

Re: USB Power Reset

Check on System > Routerboard Current Firmware is 3.41, upgrade and reboot if isn't.
by pukkita
Mon Aug 28, 2017 11:16 pm
Forum: RouterBOARD hardware
Topic: RB2011UiAS-RM Powers Off Seconds After Connecting Ether1
Replies: 20
Views: 1801

Re: RB2011UiAS-RM Powers Off Seconds After Connecting Ether1

Every time I connect ether1 to my switch (C5G124-48P2) ~30 seconds later the router turns off.. Unplug the cable from either end, and the router will boot back up. My initial thought was the 802.3at switch port might be causing issues with the passive PoE input on ether1.. It shouldn't, but I disab...
by pukkita
Mon Aug 28, 2017 7:39 pm
Forum: RouterBOARD hardware
Topic: RB850Gx2 Voltage Monitor wrong measurements
Replies: 4
Views: 619

Re: RB850Gx2 Voltage Monitor wrong measurements

Double check Fimrware is up to date. If it is, generate a supout and email support linking to this post.
by pukkita
Mon Aug 28, 2017 7:35 pm
Forum: General
Topic: Mikrotik to Mikrotik Lan Connection
Replies: 5
Views: 743

Re: Mikrotik to Mikrotik Lan Connection

What are:

- MKT1 LAN IP
- MKT1 PTP IP
- MKT2 PTP IP?
- MKT2 LAN IP?
mockup.jpg
by pukkita
Mon Aug 28, 2017 6:19 pm
Forum: Wireless Networking
Topic: send push notifications
Replies: 1
Views: 872

Re: send push notifications

No, not directly from ROS.

Closest feature is the IP > Hotspot >User Profiles, create new one, Advertise tab, which most probably won't work as most websites nowadays are HTTPS, whose traffic you cannot intercept to play man-in-the-middle.
by pukkita
Mon Aug 28, 2017 6:11 pm
Forum: Scripting
Topic: Redundant WANs - Script or Mangle to make both accessible and 2 hop failover [SOLVED]
Replies: 14
Views: 2549

Re: Redundant WANs - Script or Mangle to make both accessible and 2 hop failover [SOLVED]

Do you have any insight into how to make both WAN's accessible? The problem I assume I am running into is when traffic comes in to the new fiber it is going back out the comcast line so it is never making the complete connection. For example, I can ping the public IP of the comcast line but not the...
by pukkita
Mon Aug 28, 2017 1:06 pm
Forum: General
Topic: Routerboard Connected User Amount Limit
Replies: 9
Views: 1158

Re: Routerboard Connected User Amount Limit

ether 2 and ether 4 on the RB 1200 are damaged so are unusable. with your diagram and suggested setup could i say ether 6-9 be used for connecting any devices that need to intercommunicate amongst theirselves and use ether 1,3,5 for the fibre link with the valns? No, 1,3,5 are still the best ports ...
by pukkita
Sun Aug 27, 2017 6:54 pm
Forum: General
Topic: Problem with OPENVPN and mangle [SOLVED]
Replies: 6
Views: 1464

Re: Problem with OPENVPN and mangle [SOLVED]

MANGLE chain: prerouting, src. address 192.168.32.3, in. interface:lan bridge, action: mark routing, new routing mark to_cable When mangle rule is disabled everything is working fine, when is enabled NAS is no longer available over VPN. Where is the problem? As you have guessed, on that mangling: y...
by pukkita
Sun Aug 27, 2017 6:47 pm
Forum: General
Topic: Need help for multiple vlan load balancing and fail over.
Replies: 1
Views: 466

Re: Need help for multiple vlan load balancing and fail over.

This matter is not suited for a short explanation on a forum thread, Have a look at Tomas Kirnak's Load Balance / Mangle Deep Dive presentation.

The fact of your WAN interfaces being VLANs doesn't change a thing, just use them as WANs.
by pukkita
Sun Aug 27, 2017 6:42 pm
Forum: Beginner Basics
Topic: DHCP doesn't reach guest network
Replies: 4
Views: 733

Re: DHCP doesn't reach guest network

PS. I also can't ping 10.0.0.253 or 10.0.3.253, strangly enough... /ip address add address=10.0.0.253 interface=02-pfSense network=10.0.0.0 add address=10.0.3.253 interface=02-GUEST-pfSense-VLAN200 network=10.0.3.0 Once you add ports to a bridge, any IPs should be assigned on the bridge itself: /ip...
by pukkita
Sun Aug 27, 2017 6:30 pm
Forum: Beginner Basics
Topic: Dual wan setup troubles
Replies: 40
Views: 5423

Re: Dual wan setup troubles

Have a look at Tomas Kirnak's Load Balance / Mangle Deep Dive presentation.

Your problem comes from the fact you're not marking on input chain.
by pukkita
Sun Aug 27, 2017 6:26 pm
Forum: Forwarding Protocols
Topic: Need Help For Failover Link and OSPF settins [SOLVED]
Replies: 14
Views: 2124

Re: Need Help For Failover Link and OSPF settins [SOLVED]

I changed the cost to 10 both of them and now traffic goes both interface.. is this correct implementation ? Yes, that's ECMP in action. should i change the gateway on router-2 or any extra setting ? No need to do anything for failover, test that for yourself by disabling any of radio link interfac...
by pukkita
Sun Aug 27, 2017 2:40 pm
Forum: Forwarding Protocols
Topic: Need Help For Failover Link and OSPF settins [SOLVED]
Replies: 14
Views: 2124

Re: Need Help For Failover Link and OSPF settins [SOLVED]

The quid here is playing with radio links interface costs in order to achieve ECMP . add authentication=simple authentication-key=xxxx interface=ether10-11Ghz network-type=broadcast priority=14 add authentication=simple authentication-key=xxxx cost=20 interface=ether11-5GhzLink network-type=broadcas...
by pukkita
Sun Aug 27, 2017 2:16 pm
Forum: Beginner Basics
Topic: MikroTik Labs
Replies: 2
Views: 862

Re: MikroTik Labs

All mikrotik devices sport all ROS features, so for lab use almost any device will allow you to setup labs. Unlicensed CHR will be limited to 1Mbps, but again, for a Lab this still allows to setup any scenario, and you can get an unlimited temporary license for 60 days. You can run user-manager or d...
by pukkita
Sun Aug 27, 2017 1:14 pm
Forum: General
Topic: Routerboard Connected User Amount Limit
Replies: 9
Views: 1158

Re: Routerboard Connected User Amount Limit

locodog already said how would that be accomplished. I stand by my advise, RB1200 will be probably the best performing board of the three. Let's look at it's block diagram: Captura de pantalla 2017-08-27 a la(s) 12.08.08.png If you were to use just the RB1200 without an additional switch, most optim...
by pukkita
Sun Aug 27, 2017 1:03 pm
Forum: Wireless Networking
Topic: Link issues
Replies: 9
Views: 866

Re: Link issues

Ok, then if those are PTPs, lock down the highest stable, low RTT datarate on the AP radio.

Be sure to pass traffic while evaluating highest stable datarate with low RTT. If RTT goes nuts on a given datarate, select the next lower one.
by pukkita
Sat Aug 26, 2017 9:11 pm
Forum: Wireless Networking
Topic: Layer 2 issues
Replies: 4
Views: 591

Re: Layer 2 issues

It definitely looks like some sort of L2 issue is happening, broadcast storm, network loop or similar.

Try logging into an affected powerbox via mac-winbox or RoMON, and have a look at /tool profile, and interfaces looking for saturated ethernets.
by pukkita
Sat Aug 26, 2017 9:01 pm
Forum: General
Topic: Getting Error: RADIUS accounting request not send: no respond
Replies: 3
Views: 1540

Re: Getting Error: RADIUS accounting request not send: no respond

Look like the rebuild was not successful, the database possibly got corrupted due to lack of space.. You may need to clear it out and start from scratch, or have someone knowledgeable to inspect it if it contains useful accounting data.
by pukkita
Sat Aug 26, 2017 8:58 pm
Forum: Beginner Basics
Topic: Firewall rule for L2TP/IPSec access to router
Replies: 3
Views: 7264

Re: Firewall rule for L2TP/IPSec access to router

The only issue is that I need to add a L2TP Server binding and a new Interface List item for every L2TP client. Do all remote users need access to the router itself?? In such case it will be easier to change the firewall logic, instead of /ip firewall filter add action=drop chain=input comment="def...
by pukkita
Sat Aug 26, 2017 6:57 pm
Forum: Wireless Networking
Topic: Link issues
Replies: 9
Views: 866

Re: Link issues

That looks much better. I have 3 links, all 5 ghz, all with cm9 cards. On the same RB433? There's where your problem probably comes. Specially if at any given moment two of them need to Tx and Rx simultaneously. I'd rather seperate radios on different RBs, and go straight to integrated units (SXTs, ...
by pukkita
Sat Aug 26, 2017 6:48 pm
Forum: Beginner Basics
Topic: Firewall rule for L2TP/IPSec access to router
Replies: 3
Views: 7264

Re: Firewall rule for L2TP/IPSec access to router

There's relevant info lacking from your post, so speaking out of my guessings... Firstly, if local VPN IP on router is 192.168.99.1, you should use it to access it; otherwise, you need to do some adjustments on the remote PC connecting via VPN: - Make your VPN connection the default route (making al...
by pukkita
Sat Aug 26, 2017 3:21 pm
Forum: Wireless Networking
Topic: Link issues
Replies: 9
Views: 866

Re: Link issues

BR433 on my side with cm9 cards
Cards? There's more than one? What's at the other side? A sector (PtMP)?
by pukkita
Sat Aug 26, 2017 3:13 pm
Forum: Wireless Networking
Topic: Link issues
Replies: 9
Views: 866

Re: Link issues

Doesn't look so stable. Which devices are you using? Is this a PTP or a PtMP? What's the System > RouterBoard Current vs Upgrade Firmware on both? If this is a PTP, for 3km link, signal levels are really unleveled, assuming both AP and station are the same model, I'd bet you have either fresnel or l...
by pukkita
Sat Aug 26, 2017 2:50 pm
Forum: Scripting
Topic: Redundant WANs - Script or Mangle to make both accessible and 2 hop failover [SOLVED]
Replies: 14
Views: 2549

Re: Redundant WANs - Script or Mangle to make both accessible and 2 hop failover [SOLVED]

There are several possible ways of doing this. One of them is setting default route through an Internet host like 8.8.8.8 by using recursivity, so that the "ping gateway" ROS feature controls the failover. I have had issues with this, and wouldn't be surprised if your ISP, or further up the uplink f...
by pukkita
Sat Aug 26, 2017 2:23 pm
Forum: General
Topic: Getting Error: RADIUS accounting request not send: no respond
Replies: 3
Views: 1540

Re: Getting Error: RADIUS accounting request not send: no respond

Your radius is not responding.

Check the hotspot router reaches the radius ip.

Check Radius service is not failing due to database problems, high load, or that it doesn't have accounting enabled.

Is radius an external radius host, or user-manager running on the same device?
by pukkita
Sat Aug 26, 2017 2:21 pm
Forum: General
Topic: Mikrotik to Mikrotik Lan Connection
Replies: 5
Views: 743

Re: Mikrotik to Mikrotik Lan Connection

Post a diagram, depìcting devices, interfaces and IPs. Hand drawn is perfectly fine.
by pukkita
Sat Aug 26, 2017 12:37 pm
Forum: Beginner Basics
Topic: Not sure what solution to use
Replies: 1
Views: 247

Re: Not sure what solution to use

Difficult to provide more specific instructions due to the scarce information, but: Assuming there's one router with one WAN connection which routes 6 public IP addresses, in order to masquerade outgoing Internet connections you only need: - Have all the IPs assigned on the router. I assume the 12.1...
by pukkita
Sat Aug 26, 2017 12:18 pm
Forum: General
Topic: Limits on IPsec/L2TP VPN connections on level 6 license
Replies: 1
Views: 433

Re: Limits on IPsec/L2TP VPN connections on level 6 license

What's on System > License?

It doesn't have to be related to license, there are other settings that may cause this, like bad ip pool, inconsistent settings, etc.

Watch out the log when that happens, and post it here. Posting an export of your config is a good idea also.
by pukkita
Sat Aug 26, 2017 12:05 pm
Forum: Beginner Basics
Topic: RB750GR3 default filter rules query!!!
Replies: 4
Views: 598

Re: RB750GR3 default filter rules query!!!

It was introduced on 6.40.2, but can be used on any fasttrack enabled ROS version.
by pukkita
Fri Aug 25, 2017 9:42 pm
Forum: Wireless Networking
Topic: Wireless Backhaul for AP Options
Replies: 7
Views: 1293

Re: Wireless Backhaul for AP Options

You could use a RB912 with a 2nd radio installed + 2 external antennas, but it won't be neither less bulkier nor cheaper, and way less reliable (pigtails). I understand Mikrotik philosophy is providing flexible building blocks at disruptive prices, that's why no too-scenario-specific devices are rel...
by pukkita
Fri Aug 25, 2017 7:30 pm
Forum: Beginner Basics
Topic: Web pages and iTunes don´t load properly or don`t load at all
Replies: 12
Views: 779

Re: Web pages and iTunes don´t load properly or don`t load at all

Yes, looks like some kind of ethernet problem with that laptop.
by pukkita
Fri Aug 25, 2017 7:05 pm
Forum: Wireless Networking
Topic: Wireless Backhaul for AP Options
Replies: 7
Views: 1293

Re: Wireless Backhaul for AP Options

If I do that, broadcast a client SSID and connect as a client, on the same 5GHz radio I'd imagine I'll suffer from the common problem of wireless mesh and I could see a reduction in performance. Does the MIMO (triple chain) of the product off-set the loss of air-time in this case Yes, it does suffe...
by pukkita
Fri Aug 25, 2017 4:27 pm
Forum: General
Topic: Redirect Gateway
Replies: 3
Views: 944

Re: Redirect Gateway

No need for the second mangle on output chain. This rule alone should be enough: /ip firewall mangle add chain=prerouting action=mark-routing new-routing-mark=VPN_Gateway passthrough=no protocol=tcp src-address=192.168.168.101 dst-address=!192.168.168.0/24 dst-port=80 log=no log-prefix="" What you s...
by pukkita
Fri Aug 25, 2017 4:17 pm
Forum: Beginner Basics
Topic: Web pages and iTunes don´t load properly or don`t load at all
Replies: 12
Views: 779

Re: Web pages and iTunes don´t load properly or don`t load at all

Which interface? do you refer to a laptop?
by pukkita
Fri Aug 25, 2017 3:11 pm
Forum: Beginner Basics
Topic: Web pages and iTunes don´t load properly or don`t load at all
Replies: 12
Views: 779

Re: Web pages and iTunes don´t load properly or don`t load at all

Try upgrading to 6.40.2, per its changelog : *) pppoe-client - fixed wrong MRU detection over VLAN interfaces; Not all Movistar ONTs expose VLANs anymore, that could be the reason others not experiencing problems if this fixes it. Have seen some Movistar ONTs change from exposing VLANs to not exposi...
by pukkita
Fri Aug 25, 2017 2:38 pm
Forum: Beginner Basics
Topic: Web pages and iTunes don´t load properly or don`t load at all
Replies: 12
Views: 779

Re: Web pages and iTunes don´t load properly or don`t load at all

ROS version? Firmware version? (System > Routerboard Current Firmware ) Looks like MTU problem. Does your pppoe-out1 enter Running state? Open a New Terminal and issue the following commands, posting them back here: /ip address print /ip route print /interface print Have you had a look at the WAN st...
by pukkita
Fri Aug 25, 2017 2:33 pm
Forum: Beginner Basics
Topic: LHG complete transparent
Replies: 2
Views: 344

Re: LHG complete transparent

Reset it to no defaults (connect to it via winbox neighbors tab afterwards, no need for ip settings) Station: - Setup it as wireless-mode=station-bridge - Create a bridge - Add wlan1 and ether1 to the bridge. AP: -wireless mode is AP-bridge or bridge - Create a bridge - Add wlan1 and ether1 to it Do...
by pukkita
Fri Aug 25, 2017 2:27 pm
Forum: General
Topic: Internet starts working after i do IP Scan
Replies: 34
Views: 2932

Re: Internet starts working after i do IP Scan

At this point, I would save an export (.rsc file) for backup, then:

- netinstall the router.
- Reset it to no defaults
- Connect to it from Winbox Neighbors tab, then import or copy & paste backup. rsc file contents.

Post a System > Routerboard screenshot. Current firmware should be 3.35.
by pukkita
Fri Aug 25, 2017 2:06 pm
Forum: General
Topic: [SOLVED] Bricked hAP ac, can not recover by netinstall [SOLVED]
Replies: 5
Views: 5281

Re: Bricked hAP ac, can not recover by netinstall [SOLVED]

Try keeping the reset button pressed until you see the hAP appear in netinstall. Have you played with protected RouterBoot features in the past? When you say winbox doesn't detect it, do you refer to Neighbors tab? Even with a laptop with its ethernet as only network active interface? (all the rest ...
by pukkita
Fri Aug 25, 2017 2:04 pm
Forum: RouterBOARD hardware
Topic: mAP lite
Replies: 58
Views: 19446

Re: mAP lite

Yes. Despite being a tiny device, it supports all ROS features (CPU allowing).
by pukkita
Fri Aug 25, 2017 2:00 pm
Forum: Beginner Basics
Topic: Dual wan - only one active at a time
Replies: 6
Views: 1992

Re: Dual wan - only one active at a time

NAT is the last step in traffic manipulation, unless routing steers traffic via a specific WAN, where NAT is set, NAT is not going to happen.

Please post
/ip route print detail
/ip address print
/ip firewall address-list print
by pukkita
Fri Aug 25, 2017 12:25 pm
Forum: General
Topic: [SOLVED] Bricked hAP ac, can not recover by netinstall [SOLVED]
Replies: 5
Views: 5281

Re: Bricked hAP ac, can not recover by netinstall [SOLVED]

Check the reset switch is not damaged and is shorting itself even w/o pressing it. That may cause the reboot loop.
by pukkita
Fri Aug 25, 2017 11:43 am
Forum: The User Manager
Topic: Radius Server is not responding message
Replies: 6
Views: 13013

Re: Radius Server is not responding message

Try setting src-address in radius to 127.0.0.1.

I assume both user-manager and hotspot are installed on the same router.
by pukkita
Fri Aug 25, 2017 11:39 am
Forum: Beginner Basics
Topic: RB750GR3 default filter rules query!!!
Replies: 4
Views: 598

Re: RB750GR3 default filter rules query!!!

Yes, it's a new optimization to default firewall filter rules. Yes, it has to do with fasttrack.
by pukkita
Fri Aug 25, 2017 11:35 am
Forum: Wireless Networking
Topic: Regarding Powerfull Wireless Link
Replies: 3
Views: 439

Re: Regarding Powerfull Wireless Link

Have you done an spectral scan? You'll need a non AC Mikrotik radio (or other brand) to carry it out. Specific scenario 5GHz Spectrum is what will dictate what speeds can be achieved, regardless of equipment used. If there's 40MHz contiguous spectrum available, you may get near those 200Mbps. If the...
by pukkita
Fri Aug 25, 2017 11:23 am
Forum: Wireless Networking
Topic: Spreading the load using a WISP to avoid major dips in speed!
Replies: 10
Views: 806

Re: Spreading the load using a WISP to avoid major dips in speed!

Thanks very much indeed for the clarification about IPTV and the QOS configuration!! Have you any thoughts about the make, model, and performance of a suitable load balancer which we will need if we go for 2 uplinks? The already deployed RB850G can cope with the two. Do you think that speed limitat...
by pukkita
Fri Aug 25, 2017 11:11 am
Forum: Beginner Basics
Topic: Dual wan - only one active at a time
Replies: 6
Views: 1992

Re: Dual wan - only one active at a time

You're not doing any load balancing, and steering all LAN - > Internet traffic towards WAN1: add action=mark-connection chain=prerouting comment=LAN->WAN connection-mark=no-mark dst-address-list=!local-lan dst-address-type=!local \ new-connection-mark=LAN->WAN passthrough=yes src-address-list=local-...
by pukkita
Fri Aug 25, 2017 10:52 am
Forum: Beginner Basics
Topic: General WISP managment
Replies: 3
Views: 492

Re: General WISP managment

Depends on expected customer distance, I'd recommend mANTBox 19S for >800m customers, and 15S or SXT-SA for closer customers. You need to study the terrain, then deploy sectors estrategically depending on surrounding conditions and customer density; typical setup 3 x 19S to cover 360 for mid-long di...
by pukkita
Thu Aug 24, 2017 8:38 pm
Forum: General
Topic: Routerboard Connected User Amount Limit
Replies: 9
Views: 1158

Re: Routerboard Connected User Amount Limit

Are you using hotspot? Or plain DHCP?
by pukkita
Thu Aug 24, 2017 8:31 pm
Forum: General
Topic: CRS326-24G-2S+RM Switch chip features
Replies: 5
Views: 1323

Re: CRS326-24G-2S+RM Switch chip features

Don't think that's possible, because there's only one switch chip. FYI, 6.41RC has a new bridge/switch chip implementation, where hardware offloading is used to accelerate switching/bridging when possible. Haven't tested it yet, and don't know which specific circumstances need to be met for HW offlo...
by pukkita
Thu Aug 24, 2017 8:24 pm
Forum: Wireless Networking
Topic: Spreading the load using a WISP to avoid major dips in speed!
Replies: 10
Views: 806

Re: Spreading the load using a WISP to avoid major dips in speed!

I was referring to setup your own IPTV streaming server. When I refer to multicast, I refer to stream IPTV via multicast, i.e. users will be connected to the server and will "fetch" the same stream from the network, i.e., if 5 users are watching a given channel, and such channel is 3Mbps, total netw...
by pukkita
Thu Aug 24, 2017 7:28 pm
Forum: SwOS
Topic: 2 x CSS326-24G-2S+RM
Replies: 12
Views: 3360

Re: 2 x CSS326-24G-2S+RM

Check updates from SwOS GUI
by pukkita
Thu Aug 24, 2017 7:26 pm
Forum: General
Topic: CRS326-24G-2S+RM Switch chip features
Replies: 5
Views: 1323

Re: CRS326-24G-2S+RM Switch chip features

As it's a CRS, i.e. a switch, it has one switch chip.

All ports are connected to this switch chip:
Captura de pantalla 2017-08-24 a la(s) 18.26.40.png
by pukkita
Thu Aug 24, 2017 1:36 pm
Forum: Beginner Basics
Topic: dhcp server not working
Replies: 4
Views: 2896

Re: dhcp server not working

Does it appear in red?

So far cannot spot anything, which ROS version? Could you export it again using /export compact this time?
by pukkita
Thu Aug 24, 2017 1:27 pm
Forum: General
Topic: About RB750Gr3
Replies: 8
Views: 1043

Re: About RB750Gr3

It may, depending on other factors, but I think there are more suitable options. What's the available Internet bandwidth? In any case, for a network of that size, I'll use a RB3011 minimum. If budget allows, investing on a RB1100AHx2 or CCR from starters will better protect the investment and allow ...
by pukkita
Thu Aug 24, 2017 1:25 pm
Forum: General
Topic: Default configuration
Replies: 4
Views: 1805

Re: Default configuration

Yes, is it possible to change default configuration.

You need to use netinstall Configure Script feature.
by pukkita
Thu Aug 24, 2017 1:18 pm
Forum: Beginner Basics
Topic: General WISP managment
Replies: 3
Views: 492

Re: General WISP managment

The question is Omnitik the right decision for a base spot in this situation?! No. Stay away from Omnis. Basebox would be a good choice if only a handful, similar distance customers will use it, or to use it (PoE version) as a PoE Switch and reserve radio to carry out spectrum scans w/o disturbing ...
by pukkita
Thu Aug 24, 2017 1:09 pm
Forum: General
Topic: Routerboard Connected User Amount Limit
Replies: 9
Views: 1158

Re: Routerboard Connected User Amount Limit

which routerboard out of the 3 i have is better suited to handle a high user load? The RB1200 im looking at roughly a user load of anywhere from 20 users up top 600 connectedf at any given time. What's the internet bandwidth? Are you running queues? I would invest straight on a RB1100AHx2 or a CCR.
by pukkita
Wed Aug 23, 2017 8:01 pm
Forum: General
Topic: Internet starts working after i do IP Scan
Replies: 34
Views: 2932

Re: Internet starts working after i do IP Scan

I think there's a 99.9% probability of the problems being due to the Tenda switches. Probably a bug or limitation in its arp'ing scheme. Avoid Tenda and Whatever-link (D, TP, LR...) brand crappy switches. Netgear is usually fine, and so are CRS routerboards. You can try setting proxy-arp or local-pr...
by pukkita
Wed Aug 23, 2017 7:57 pm
Forum: RouterBOARD hardware
Topic: RB2011UiAS-RM work on 12V DC?
Replies: 4
Views: 551

Re: RB2011UiAS-RM work on 12V DC?

No problem either. I found the power rating of a RB2011UiAS-2HnD-IN as 11W, yours is the non Wireless version, so max power will be less.

For 12V: 11W=12V*I; I = 0.91A. So you have enough margin even with the 1.3A limitation.
by pukkita
Wed Aug 23, 2017 7:53 pm
Forum: SwOS
Topic: 2 x CSS326-24G-2S+RM
Replies: 12
Views: 3360

Re: 2 x CSS326-24G-2S+RM

I would directly write support in this case. BTW, There's a SwOS 2.5rc2 release candidate version, not sure if would help in your case.
by pukkita
Wed Aug 23, 2017 7:45 pm
Forum: RouterBOARD hardware
Topic: RB2011UiAS-RM work on 12V DC?
Replies: 4
Views: 551

Re: RB2011UiAS-RM work on 12V DC?

As long as the PSU provides enough amps, you won't have any underpowering or other problems in your scenario (would be different if you powered the 2011 via PoE-In using a long cable). RB2011 original power adapter is 24V @ 1.2A, i.e. Maximum Power = 24V * 1.2A = 28.8W. I doubt maximum power draw fr...
by pukkita
Wed Aug 23, 2017 4:08 pm
Forum: Beginner Basics
Topic: Dual wan - only one active at a time
Replies: 6
Views: 1992

Re: Dual wan - only one active at a time

Have a look at this presentation by Tomas Kirnak.

On dual WAN setups means should be deployed so that traffic entering by a given wan leaves by the same one.

Double check you're actually masquerading on the secondary WAN too, when it's the default route hosts from internet should ping too.
by pukkita
Wed Aug 23, 2017 4:06 pm
Forum: SwOS
Topic: 2 x CSS326-24G-2S+RM
Replies: 12
Views: 3360

Re: 2 x CSS326-24G-2S+RM

double check the ROS or SwOS version and firmware, from SwOS changelog : What's new in v2.4: *) CSS106: fixed upgrade over PoE ports when PoE stopped working; *) CRS326: fixed port in disabled VLAN mode to forward untagged packets; What's new in v2.3: *) fixed CRS317: make 10G links more stable; *) ...
by pukkita
Wed Aug 23, 2017 12:00 pm
Forum: Beginner Basics
Topic: RB951 Hotspot + LAN Clients (Home network)
Replies: 3
Views: 633

Re: RB951 Hotspot + LAN Clients (Home network)

The solution to this is placing more APs on each floor, at a minimum another RB951 at third floor, wiring it to the main RB951. This RB will need to be wired to the main RB951, configuration needed: On third floor RB951: setup wireless, create a bridge and add the wireless interface and the ether po...
by pukkita
Tue Aug 22, 2017 7:05 pm
Forum: Wireless Networking
Topic: Spreading the load using a WISP to avoid major dips in speed!
Replies: 10
Views: 806

Re: Spreading the load using a WISP to avoid major dips in speed!

Have done some integrations, mostly using hardware DVB-S or DVB-C streamers.

There's a very interesting software project for this: stalker-portal
by pukkita
Tue Aug 22, 2017 6:59 pm
Forum: General
Topic: Mass netinstall
Replies: 7
Views: 1142

Re: Mass netinstall

(netinstall can run under wine but it would be better when it could run from commandline) It would be actually really nice , as it would be possible to setup tftp/dhcp netinstall servers on the network. I haven't fully reverse engineered what netinstall does exactly, wonder what's the reason (apart...
by pukkita
Tue Aug 22, 2017 5:02 pm
Forum: General
Topic: Mass netinstall
Replies: 7
Views: 1142

Re: Mass netinstall

1. Is there a way of automating the process of getting into netinstall mode? For example, is there a command that can be issued 'reboot into boot loader mode' so I can write a script to automate that part (eg tied to a DHCP lease event that would spot the router grabbing an IP) /system routerboard ...
by pukkita
Tue Aug 22, 2017 2:20 pm
Forum: General
Topic: Marking MS Update packets
Replies: 3
Views: 2586

Re: Marking MS Update packets

You can follow a more general approach, and mark regular HTTP/S, and HTTP/HTTPs "downloads" (more than X Mb on a given established connection, 5MB in this example) using mangle connection-bytes : add action=mark-connection chain=prerouting dst-port=80,443 new-connection-mark=HTTP packet-mark=no-mark...
by pukkita
Tue Aug 22, 2017 1:15 pm
Forum: Wireless Networking
Topic: Spreading the load using a WISP to avoid major dips in speed!
Replies: 10
Views: 806

Re: Spreading the load using a WISP to avoid major dips in speed!

In that case you can add a second antena/internet uplink, and make the main router load balance the connections through the two internet uplinks. No need for a second routerboard. QoS plus second internet uplink and load balancing should provide a smoother experience for all users. Third possible en...
by pukkita
Tue Aug 22, 2017 1:07 pm
Forum: General
Topic: Internet starts working after i do IP Scan
Replies: 34
Views: 2932

Re: Internet starts working after i do IP Scan

Plug yours directly to the 3011 and test if you have same problems.
by pukkita
Tue Aug 22, 2017 1:05 pm
Forum: Beginner Basics
Topic: wAP dropping connection
Replies: 4
Views: 521

Re: wAP dropping connection

Firmware is not up to date, note Upgrade Firmware = 3.36 while Current Firmware=3.26.

To upgrade:

1.- Click on Log.

2.- Go to System > Routerboard and click the Upgrade button.

Watch out log, when you see a message stating upgrade was successful, reboot the router.
by pukkita
Tue Aug 22, 2017 12:40 pm
Forum: General
Topic: Internet starts working after i do IP Scan
Replies: 34
Views: 2932

Re: Internet starts working after i do IP Scan

Are there any PCs directly connected to the 3011? Do those ping internet?
by pukkita
Tue Aug 22, 2017 12:23 am
Forum: General
Topic: Internet starts working after i do IP Scan
Replies: 34
Views: 2932

Re: Internet starts working after i do IP Scan

can you ping those?
- 82.114.64.3
- 82.114.64.4
- 192.168.1.1
instead of traceroute do a
tracert -d 8.8.8.8
by pukkita
Mon Aug 21, 2017 3:34 pm
Forum: Beginner Basics
Topic: wAP dropping connection
Replies: 4
Views: 521

Re: wAP dropping connection

What's the ROS version?

What's in System > Routerboard, can you post a screenshot?
by pukkita
Mon Aug 21, 2017 3:32 pm
Forum: Beginner Basics
Topic: RB951 Hotspot + LAN Clients (Home network)
Replies: 3
Views: 633

Re: RB951 Hotspot + LAN Clients (Home network)

Which devices are broadcasting the wireless signal? How are they connected to the mikrotik RB951 router?

Is the RB951 the only AP?
by pukkita
Mon Aug 21, 2017 3:06 pm
Forum: General
Topic: Dropping DHCP OFFER packets from certain MAC addresses
Replies: 3
Views: 807

Re: Dropping DHCP OFFER packets from certain MAC addresses

Post an export, and some description on how the 750 is wired to the rest of the network.

Depending on that, it may be possible to leverage bridge filters to isolate those rogue DHCP servers from the 750.
by pukkita
Mon Aug 21, 2017 2:07 pm
Forum: General
Topic: Internet starts working after i do IP Scan
Replies: 34
Views: 2932

Re: Internet starts working after i do IP Scan

Can you tell me how to do that, im not expert for mikrotik. Copy and paste this onto a New Terminal: /ip firewall filter add chain=input action=accept protocol=icmp comment="defconf: accept ICMP" add chain=input action=accept connection-state=established,related comment="defconf: accept established...
by pukkita
Mon Aug 21, 2017 11:18 am
Forum: General
Topic: Internet starts working after i do IP Scan
Replies: 34
Views: 2932

Re: Internet starts working after i do IP Scan

post an
ipconfig /all


on your PC, I assume you run windows.

BTW, your router is exposed to the internet, you should add firewall rules to prevent anyone from bruteforcing your router.
by pukkita
Sun Aug 20, 2017 1:33 pm
Forum: General
Topic: Internet starts working after i do IP Scan
Replies: 34
Views: 2932

Re: Internet starts working after i do IP Scan

You need to make masquerade more specific: /ip firewall nat add action=masquerade out-interface=ether1 chain=srcnat comment="Masquerade WAN" src-address=192.168.1.0/24 Apart from that everything looks fine, the arp problem doesn't seem to be related to 3011 config. Do PCs connected to switch1 ping P...
by pukkita
Sat Aug 19, 2017 9:41 pm
Forum: General
Topic: Internet starts working after i do IP Scan
Replies: 34
Views: 2932

Re: Internet starts working after i do IP Scan

Which ports are those switches connected to? A hand drawn diagram depicting what's connected and where on the 3011 would be essential.

Connect to it using winbox, open a New Terminal and issue
/export
Pasting the output here.
by pukkita
Sat Aug 19, 2017 9:32 pm
Forum: General
Topic: DHCP server on slave interface
Replies: 7
Views: 11705

Re: DHCP server on slave interface

In my case, DHCP server should run on VLAN interface, which is part of a bridge "trunk". Not quite... vlan is "hanging" from bridge-trunk. The only interfaces which are part of bridge-trunk, i.e. are bridge ports, are ether4 and ether5. I don't understand why vlan102 is "slave" and vlan101 not. Bec...
by pukkita
Sat Aug 19, 2017 2:14 pm
Forum: General
Topic: Internet starts working after i do IP Scan
Replies: 34
Views: 2932

Re: Internet starts working after i do IP Scan

Looks like an arp problem. Check Arp setting of LAN interface.
by pukkita
Sat Aug 19, 2017 2:07 pm
Forum: Wireless Networking
Topic: Spreading the load using a WISP to avoid major dips in speed!
Replies: 10
Views: 806

Re: Spreading the load using a WISP to avoid major dips in speed!

On average there are between 30 and 80 devices online at any given time. Bandwidth from wisp is stated as 60 mbs download and 40mbs upload. [...] Unfortunately although the speed is now expected by provider to be between 4 and 7 megabits we sometimes get dips down to as low as 1megabit although at ...
by pukkita
Sat Aug 19, 2017 2:48 am
Forum: Beginner Basics
Topic: Port Forwarding for the beginner
Replies: 8
Views: 4956

Re: Port Forwarding for the beginner

What are your firewall filter rules?

Open a New Terminal and issue:
/export
Then copy and paste the output here.

Your port forwarding is apparently fine.
by pukkita
Fri Aug 18, 2017 1:08 pm
Forum: General
Topic: how to read wireless registration table
Replies: 11
Views: 1914

Re: how to read wireless registration table

Tx goes from router to client. So client download is Tx rate on router.
by pukkita
Fri Aug 18, 2017 12:20 pm
Forum: Scripting
Topic: Getting destination IP
Replies: 4
Views: 503

Re: Getting destination IP

Only first one (prerouting) is needed.

You can add the address-list mangle rule after the existing one, as long as the existing one has passthrough enabled, mangle proccessing won't stop there and will reach the one adding to the address list.
by pukkita
Fri Aug 18, 2017 11:28 am
Forum: Beginner Basics
Topic: Crs226 Sfp bonding so that multiple floors can be interconnected
Replies: 9
Views: 787

Re: Crs226 Sfp bonding so that multiple floors can be interconnected

Higher OSI layers depend lower ones for everything to work, in your scenario: Layer 1 - Fiber runs and SFPs linking / running properly Layer 2 - Proper Switches master/slave ports configuration (fine as per your export) Layer 3 - Proper IP range assignment Layer 1 I am able to link sfp1-0 to sfp1-1 ...
by pukkita
Fri Aug 18, 2017 11:21 am
Forum: Beginner Basics
Topic: Routing between lans on PowerBox
Replies: 13
Views: 928

Re: Routing between lans on PowerBox

Question. Instead of the whole dedicated PC thing, could I use a hAP ac lite tower since it says it has "USB port for 3G/4G modem "?? I'm just wondering before I buy one if I plugged my cell phone with tethering into the usb port that it would then work. I already own 7 tiks so i dont want another ...
by pukkita
Thu Aug 17, 2017 12:29 pm
Forum: Scripting
Topic: Getting destination IP
Replies: 4
Views: 503

Re: Getting destination IP

I would rather use the add dst to address list action in mangle.

Easier, and you can get a text output at any later stage.
by pukkita
Thu Aug 17, 2017 11:35 am
Forum: Forwarding Protocols
Topic: VPLS Interface flapping
Replies: 1
Views: 425

Re: VPLS Interface flapping

Poor wireless link would be the first thing I would check, look for OSPF flapping.

Which equipment is used on the PTP? are there switches between the two routers running the VPLS tunnel??
by pukkita
Thu Aug 17, 2017 11:32 am
Forum: General
Topic: Redirecting 443 to 80 is not Working
Replies: 5
Views: 750

Re: Redirecting 443 to 80 is not Working

There's no way of fixing it, HTTPS protocol is designed to prevent exactly that, i.e. the user connecting to a different server from the legit one.
by pukkita
Thu Aug 17, 2017 11:10 am
Forum: Wireless Networking
Topic: Please anyone can help me: Error - Simultaneous Session Limit Reached & RADIUS accounting request not sent ?
Replies: 11
Views: 2806

Re: Please anyone can help me: Error - Simultaneous Session Limit Reached & RADIUS accounting request not sent ?

What was the router uptime when you posted that status screenshot? Doesn't look like unresponsive radius on that screenshot; I thought it was actually an external radius server, not user-manager running on the same router. Yes, you should upgrade to current 6.40.1, check System > Routerboard afterwa...
by pukkita
Wed Aug 16, 2017 9:37 pm
Forum: Beginner Basics
Topic: Crs226 Sfp bonding so that multiple floors can be interconnected
Replies: 9
Views: 787

Re: Crs226 Sfp bonding so that multiple floors can be interconnected

Should work as you have it configured, if that same config is on rest of switches. I assume switches are daisy chained, ie floor 0 SFP+1 |====| SFP+1 floor 1 SFP+2 |====| SFP+1 floor 3 SFP+2 |====| SFP+1 floor 4 Are you sure SFP modules are linking right? post screenshots of sfp interfaces SFP tab o...
by pukkita
Wed Aug 16, 2017 12:14 pm
Forum: Beginner Basics
Topic: Routing between lans on PowerBox
Replies: 13
Views: 928

Re: Routing between lans on PowerBox

Are PC dedicated for internet, and internet/ lan backbone 750 routers connected to a switch? or are they interconnected by point to point connections (directly between them)? Do all network equipment (but radios on 10.10.10.0/24) use 192.168.1.116 as default gateway? It should, then you need to add ...
by pukkita
Tue Aug 15, 2017 10:03 pm
Forum: Beginner Basics
Topic: Routing between lans on PowerBox
Replies: 13
Views: 928

Re: Routing between lans on PowerBox

After Changes. undid the 192.168.1.0 address because it over-rode my dhcp client and lost my address of 192.168.1.17 to it. Applied NAT Missed that. If it's getting a 192.168.1.x address then nothing else should be required, neither dst or src-nat; for routing to work, both parties (routers) have t...
by pukkita
Tue Aug 15, 2017 8:41 pm
Forum: Beginner Basics
Topic: Routing between lans on PowerBox
Replies: 13
Views: 928

Re: Routing between lans on PowerBox

You need to add an ip address from 192.168.1.0/24 on ether1.

As soon as you do that, ROS will have a directly connected route towards 192.168.1.0/24 and it will start to route.
by pukkita
Tue Aug 15, 2017 8:08 pm
Forum: Beginner Basics
Topic: Crs226 Sfp bonding so that multiple floors can be interconnected
Replies: 9
Views: 787

Re: Crs226 Sfp bonding so that multiple floors can be interconnected

You need to make both SFP ports slaves of the master port the switch chip is setup to.

Open a New Terminal, and issue
/export
Pasting the output here.
by pukkita
Tue Aug 15, 2017 4:29 pm
Forum: General
Topic: Please explain: Simple Queue and PCQ insight
Replies: 6
Views: 1143

Re: Please explain: Simple Queue and PCQ insight

No. CCR is a multi core device, optimized to run simple queues by spreading them along available cores.
by pukkita
Tue Aug 15, 2017 3:20 pm
Forum: General
Topic: Please explain: Simple Queue and PCQ insight
Replies: 6
Views: 1143

Re: Please explain: Simple Queue and PCQ insight

Yes, from ROS 6.x onwards, and specially on multi-core devices.
by pukkita
Tue Aug 15, 2017 12:57 pm
Forum: General
Topic: Router Compromised - Security flaw ?
Replies: 26
Views: 2309

Re: Router Compromised - Security flaw ?

Hi All, Last week we had 2 routers on our network compromised. Both were running 6.29.1 (yes I know its not the latest but ive been through the changelog and cant see anything relevant). Have a closer look at the changelog archive : Release 6.38.5 2017-03-09 What's new in 6.38.5 (2017-Mar-09 11:32)...
by pukkita
Tue Aug 15, 2017 12:36 pm
Forum: General
Topic: Please explain: Simple Queue and PCQ insight
Replies: 6
Views: 1143

Re: Please explain: Simple Queue and PCQ insight

I have read through mikrotik wiki and doesn't have full understand how simple queue and pcq works. Mayb that 's because my bad english and not native. I am currently limiting download and upload speed of Hotspot user by specfying limit in Hotspot profile rate limit. I can see that this limit show i...
by pukkita
Tue Aug 15, 2017 11:47 am
Forum: General
Topic: SIMPLE QUEUES NOT WORKING PROPERLY
Replies: 4
Views: 4062

Re: SIMPLE QUEUES NOT WORKING PROPERLY

Simple queues are processed sequentially, once a packet matches one, it won't proceed to the next same-level simple queue. That's the reason why Simple queues have a strict order - each packet must go through every queue until it reaches one queue which conditions fits packet parameters or until th...
by pukkita
Tue Aug 15, 2017 11:36 am
Forum: Wireless Networking
Topic: Please anyone can help me: Error - Simultaneous Session Limit Reached & RADIUS accounting request not sent ?
Replies: 11
Views: 2806

Re: Please anyone can help me: Error - Simultaneous Session Limit Reached & RADIUS accounting request not sent ?

To fix whatever is happening to the radius server, if you're using SQL backend the problem is usually there. How many users? Alternatively, to alleviate the problem, if radius is being "overloaded", you can try to ease the load on it, by: - setting the Hotspot server profile interim update to 10 or ...
by pukkita
Mon Aug 14, 2017 11:47 pm
Forum: Beginner Basics
Topic: MikroTik RouterBOARD mAP 2n
Replies: 3
Views: 468

Re: MikroTik RouterBOARD mAP 2n

It's a little swiss-army knife wireless access point and router of sorts The condo complex has shared wifi throughout (similar to a hotel, where you go to a URL and input your room number). I doubt it was left there, is it probably the AP providing wireless coverage to your condo when you enter your...
by pukkita
Mon Aug 14, 2017 3:46 pm
Forum: Beginner Basics
Topic: MT CCR + WinSrv2008R2 as router = problem with propely setting [SOLVED]
Replies: 14
Views: 946

Re: MT CCR + WinSrv2008R2 as router = problem with propely setting [SOLVED]

Yes. You don't want to disable them, isn't it? After doing it, you can test by disabling one of the interfaces, more specifically the one with 192.168.1.x/24 addressing, as I assume LAN PCs are in the 192.168.10.x range. As long as you set the default gateway on M$ as 192.168.10.254 M$ will reach In...
by pukkita
Mon Aug 14, 2017 3:38 pm
Forum: Forwarding Protocols
Topic: OSPF Overwrites End User Public IP
Replies: 8
Views: 787

Re: OSPF Overwrites End User Public IP

Now for clients connected to the tower router they are unable to get this, they get only what their subscribed plan is, how can we offer the same cache services? Difficult to say anything specific without knowing your network with more detail, guess you'll need to deploy same mangle / top queues st...
by pukkita
Mon Aug 14, 2017 3:21 pm
Forum: Beginner Basics
Topic: MT CCR + WinSrv2008R2 as router = problem with propely setting [SOLVED]
Replies: 14
Views: 946

Re: MT CCR + WinSrv2008R2 as router = problem with propely setting [SOLVED]

We afraid a little to remove routing from M$ cause we don't have spare domain controller and we don't know how to M$ behave after remove routing and second networkcard .. In that case: 1.- Connect M$ 192.168.10.1 ethernet card to a Mikrotik ether port, say etherX 2.- Create a bridge, and add: ether...
by pukkita
Mon Aug 14, 2017 3:09 pm
Forum: RouterBOARD hardware
Topic: Rb 3011uias-Rm L5 => MINI GBIC
Replies: 4
Views: 584

Re: Rb 3011uias-Rm L5 => MINI GBIC

If you want 10G, then you'll need a different router, with 10G (SFP+) interfaces and power suitable for 10G, a CCR1009-7G-1C-1S+ as bare minimum. If you're an (W/F)ISP and not a "power user", then I'll skip straight to a CCR1036-8G-2S+ as it's the sweet spot in terms of price/performance, being a fu...
by pukkita
Mon Aug 14, 2017 3:02 pm
Forum: Beginner Basics
Topic: MT CCR + WinSrv2008R2 as router = problem with propely setting [SOLVED]
Replies: 14
Views: 946

Re: MT CCR + WinSrv2008R2 as router = problem with propely setting [SOLVED]

I don't know either, where is 192.168.20.2 supposed to be? I am afraid you need to do some cleanup. Cannot understand either why the need of the M$ routing at all, you'd better have one single router to act as default gateway for all the network, it will simplify management and avoid routing loops. ...
by pukkita
Mon Aug 14, 2017 2:25 pm
Forum: General
Topic: How do you upgrade this Mikrotik (double wireless package)
Replies: 28
Views: 3341

Re: How do you upgrade this Mikrotik (double wireless package)

In the past I did a couple of "reset configuration" with "keep user configuration", "no default configuration" and "run after reset" pointing to a /exported file that was slightly edited. This was on RB2011 routers and it worked fine every time. I did it to make major changes to configuration that ...
by pukkita
Mon Aug 14, 2017 2:13 pm
Forum: General
Topic: DHCP server on slave interface
Replies: 7
Views: 11705

Re: DHCP server on slave interface

Post an unedited (but from passwords) export.
by pukkita
Mon Aug 14, 2017 1:43 pm
Forum: RouterBOARD hardware
Topic: Rb 3011uias-Rm L5 => MINI GBIC
Replies: 4
Views: 584

Re: Rb 3011uias-Rm L5 => MINI GBIC

RB3011 has an SFP port (1.25G), not SFP+ (10G).

What do you want to link by fiber? what's the distance?
by pukkita
Mon Aug 14, 2017 1:17 pm
Forum: Beginner Basics
Topic: MT CCR + WinSrv2008R2 as router = problem with propely setting [SOLVED]
Replies: 14
Views: 946

Re: MT CCR + WinSrv2008R2 as router = problem with propely setting [SOLVED]

Then you need to assign one, eg 192.168.10.254/24 on ether interface facing SG500. Any host having just one connection in the 192.168.10.x/24 range will need 192.168.10.254 as default gateway, so you'll need to modify DHCP Server at 192.168.10.1 to hand out 192.168.10.254 as gateway.
by pukkita
Mon Aug 14, 2017 1:10 pm
Forum: General
Topic: SIMPLE QUEUES NOT WORKING PROPERLY
Replies: 4
Views: 4062

Re: SIMPLE QUEUES NOT WORKING PROPERLY

Have a look at this post.
  • 1
  • 2
  • 3
  • 4
  • 5
  • 10