Community discussions

Search found 2966 matches

  • 1
  • 2
  • 3
  • 4
  • 5
  • 10
by pukkita
Sat Oct 14, 2017 2:37 pm
Forum: Wireless Networking
Topic: CAPSMAN + Guest WiFi
Replies: 8
Views: 5016

Re: CAPSMAN + Guest WiFi

You seem to miss the IP > DHCP > Network entries. Also I think for your intended setup add address=10.35.0.1 interface=bridgeopen network=10.35.0.0 Should be add address=10.35.0.1/24 interface=bridgeopen network=10.35.0.0 . Do clients connected to the open network: 1.- Get an IP? 2.- post ipconfig/a...
by pukkita
Sat Oct 14, 2017 2:24 pm
Forum: Beginner Basics
Topic: Replace OpenVPN Server/Client
Replies: 13
Views: 1255

Re: Replace OpenVPN Server/Client

- L2tp works only on port UDP 500. This is a sad notice. In OpenVPN i don't use standard ports for connect. Some ISPs will slow down traffic on this common ports.
Similarly goes for GRE.

Would be nice having customizable L2TP port for ROS... of course only ROS devices could be used on both sides.
by pukkita
Fri Oct 13, 2017 2:09 pm
Forum: Forwarding Protocols
Topic: OSPF - one way neighbor
Replies: 2
Views: 884

Re: OSPF - one way neighbor

Check your firewall for any filter o nat rules that may be getting into OSPF's way.
by pukkita
Fri Oct 13, 2017 1:14 pm
Forum: Beginner Basics
Topic: Replace OpenVPN Server/Client
Replies: 13
Views: 1255

Re: Replace OpenVPN Server/Client

Download the sstp-client-1.0.11.tar.gz package and look at the README inside, there's no need for X. You can create .deb packages rather easily, look inside the sources. pe1chl, SSTP may not be the optimal solution but giving the limitations gamba47 is facing, which SSTP dodges, there's nothing to l...
by pukkita
Wed Oct 11, 2017 3:35 pm
Forum: Wireless Networking
Topic: CAPSMAN + Guest WiFi
Replies: 8
Views: 5016

Re: CAPSMAN + Guest WiFi

When i connect to the private network, it's ok, i've got an ip address and have a n internet access, but when i tryed to connect to guest network, i also get ip address, but no internet access, and also i can't ping my router from the connected device. I assume you mean the internet router plugged ...
by pukkita
Wed Oct 11, 2017 3:12 pm
Forum: Beginner Basics
Topic: Replace OpenVPN Server/Client
Replies: 13
Views: 1255

Re: Replace OpenVPN Server/Client

No need for softether, SSTP Client is all you need.

What distribution are you using?

This provides a plugin for stock pppd and a sstp client tool (sstpc).

Typical area were you may find issues while setting up is the server certificate, watch out pppd client logs on Linux server.
by pukkita
Wed Oct 11, 2017 3:05 pm
Forum: Beginner Basics
Topic: Here is my last attempt - RB3011 - No Server outbound connection
Replies: 20
Views: 1781

Re: Here is my last attempt - RB3011 - No Server outbound connection

Your routing is fine. Did you issue the ping to 8.8.8.8 from the router??? Remove masquerade on bridge-LAN, only masquerade you need is the one already set: You posted: /ip firewall nat add action=masquerade chain=srcnat comment="default masquerade" \ out-interface=ether1_WAN add action=dst-nat chai...
by pukkita
Wed Oct 11, 2017 3:00 pm
Forum: Wireless Networking
Topic: CAPsMAN errors in log
Replies: 8
Views: 7193

Re: CAPsMAN errors in log

Change its logic:
 chain=input action=drop in-interface-list=WAN
by pukkita
Tue Oct 10, 2017 11:47 am
Forum: Beginner Basics
Topic: Here is my last attempt - RB3011 - No Server outbound connection
Replies: 20
Views: 1781

Re: Here is my last attempt - RB3011 - No Server outbound connection

/ip address add address=192.168.88.1/24 comment=defconf interface=ether2 network=\ 192.168.88.0 You should change that IP to interface=bridge-LAN /ip arp add address=192.168.88.248 interface=bridge-LAN mac-address=7C:05:07:10:04:AD Delete this. On Winbox, open a New Terminal and issue /ip address p...
by pukkita
Mon Oct 09, 2017 12:30 pm
Forum: Beginner Basics
Topic: Here is my last attempt - RB3011 - No Server outbound connection
Replies: 20
Views: 1781

Re: Here is my last attempt - RB3011 - No Server outbound connection

According to the SB6141 Manual , as pcunite says there's no SFP, you should wire it like this: I am confused? I bought this SFP Copper Module (Mikrotik Item model number S-RJ01). Now you are saying i cant use it with this router and modem? I am very confused now? It is an ethernet cord, it is nothi...
by pukkita
Sat Oct 07, 2017 12:00 pm
Forum: Wireless Networking
Topic: wireless repeater for two different SSIDs on different frequencies?
Replies: 4
Views: 559

Re: wireless repeater for two different SSIDs on different frequencies?

Then you'll need to to it the not optimal way. It's not optimal because you're forcing the radio on the repeater to split its tasks in two, so it: - halves the bandwidth - doubles the latency - halves available spectrum efficiency for everyone. Say wired hAP is A, repeating hAP is B, and user C is c...
by pukkita
Sat Oct 07, 2017 11:35 am
Forum: Beginner Basics
Topic: Here is my last attempt - RB3011 - No Server outbound connection
Replies: 20
Views: 1781

Re: Here is my last attempt - RB3011 - No Server outbound connection

According to the SB6141 Manual, as pcunite says there's no SFP, you should wire it like this:
wiring.png
by pukkita
Fri Oct 06, 2017 12:58 pm
Forum: Wireless Networking
Topic: Unable to get IP on Virtual AP
Replies: 1
Views: 1039

Re: Unable to get IP on Virtual AP

Make sure that either - If you don't mind both SSIDs being bridged, ensure the VirtualAP interface is added as a port to the same interface (bridge) the DHCP server is running on ( Check IP > DHCP Server ). - If you want to keep both SSIDs isolated, you'll need to setup another DHCP server to be ded...
by pukkita
Fri Oct 06, 2017 12:29 pm
Forum: General
Topic: Authorize a single website with the proxy
Replies: 1
Views: 278

Re: Authorize a single website with the proxy

You cannot, exceptions to proxy access list are static, so unless there's a regex pattern that will catch both orange.fr and related CDNs (highly unlikely), you'll need to add a specific proxy ACL for each.
by pukkita
Fri Oct 06, 2017 12:27 pm
Forum: Wireless Networking
Topic: wireless repeater for two different SSIDs on different frequencies?
Replies: 4
Views: 559

Re: wireless repeater for two different SSIDs on different frequencies?

Yes, but that wouldn't be optimal.

Best approach is wiring both Haps, then have both broadcast any SSIDs you want on any of the two bands.

Good scenario to use CAPsMAN.
by pukkita
Fri Oct 06, 2017 12:24 pm
Forum: General
Topic: Logging only src on NAT traslations
Replies: 6
Views: 665

Re: Logging only src on NAT traslations

I can't see the usefulness of storing only the src-address and port if it cannot be cross-related to a dst-address... if you just want that info, use radacct.

Otherwise, you'll need to process the data at syslog receiving stage.
by pukkita
Fri Oct 06, 2017 12:15 pm
Forum: Beginner Basics
Topic: How to install Dude server on Routerboard 1100?
Replies: 23
Views: 25455

Re: How to install Dude server on Routerboard 1100?

There's no dude server for MIPSBE platform, it's only supported on Tile, ARM, MMIPS and x86/CHR.

You need to install it on a supported router, then by adding the RB433 as a device, (and as long as wireless cards used aren't AC chipset), you'll be able to do spectral scans from the main dude server.
by pukkita
Fri Oct 06, 2017 11:28 am
Forum: Beginner Basics
Topic: Setup DNS caching
Replies: 6
Views: 3335

Re: Setup DNS caching

You can setup this value on 6.40, AFAIK there's no limitation.

Obviously, unless hardware is sized for the load, this won't make a difference.
by pukkita
Mon Oct 02, 2017 2:02 pm
Forum: Beginner Basics
Topic: Setup DNS caching
Replies: 6
Views: 3335

Re: Setup DNS caching

I've setup before with port redirecting with dstnat to udp port 53, There's no need for port redirection, are you "hijacking" outgoing DNS queries and redirecting them to the cache? Depending on the resolving library used by the client this may not work (most modern libraries). You'd better hand th...
by pukkita
Sun Oct 01, 2017 3:43 pm
Forum: Beginner Basics
Topic: Setup DNS caching
Replies: 6
Views: 3335

Re: Setup DNS caching

How did you set it up? Basically you need to 1.- Add OpenDNS servers to IP > DNS Servers, you can set more than one by clicking on the small, bottom pointing triangle next to the Servers field. 2.- While you're at that screen, make sure Allow Remote Requests is enabled (this enables the DNS server f...
by pukkita
Wed Sep 27, 2017 2:26 pm
Forum: Beginner Basics
Topic: DHCP client doesn't work on SFP(S-RJ01) port
Replies: 24
Views: 2780

Re: DHCP client doesn't work on SFP(S-RJ01) port

How was your WAN setup? Does it use DHCP to get the WAN IP?

Are you sure sfp interface is linked and running? (Look at Interfaces > SFP1 > status)
by pukkita
Wed Sep 27, 2017 2:22 pm
Forum: General
Topic: Masquerade traffic in forward chain
Replies: 3
Views: 588

Re: Masquerade traffic in forward chain

Post an export.
by pukkita
Mon Sep 25, 2017 1:15 pm
Forum: General
Topic: hAp ac: Reset Problem
Replies: 4
Views: 2265

Re: hAp ac: Reset Problem

Glad you found the fix!
Can the part of the firmware that handles this stage when booting get corrupted?
It can happen, you'd notice because after netinstall it won't boot either, there's a Backup Booter you can force on System > RouterBoard [Settings] in such case.
by pukkita
Fri Sep 22, 2017 3:10 pm
Forum: General
Topic: hAp ac: Reset Problem
Replies: 4
Views: 2265

Re: hAp ac: Reset Problem

by pukkita
Fri Sep 22, 2017 3:06 pm
Forum: Wireless Networking
Topic: Transparent WiFi AP
Replies: 2
Views: 902

Re: Transparent WiFi AP

Try this:

- Go to Wireless, open wlan1-gateway, click on [Advanced Mode] button, and set Multicast Helper to full.
by pukkita
Wed Sep 20, 2017 12:12 pm
Forum: General
Topic: Interface PPP Server side flaps/disconnects all
Replies: 6
Views: 896

Re: Interface PPP Server side flaps/disconnects all

I'd say you have two problems; a L2, root one that causes the pppoe sessions to disconnect, you need to find the cause. Interface flapping on PPPoE Uplinks are not admisible on production scenarios, check wiring/fiber, SFP modules, Switches, etc. Are you using OSPF? The second one (high CPU load) se...
by pukkita
Wed Sep 20, 2017 11:49 am
Forum: General
Topic: Mikrotik RB800 RouterBoard Help
Replies: 12
Views: 1598

Re: Mikrotik RB800 RouterBoard Help

Secondly, i have only six PtP long distance links in different directions at different locations, so i think its not feasible and investing extra budget using extra network gears for many links to 360 degree coverage with no such customer base in near future. This is government based organizational...
by pukkita
Tue Sep 19, 2017 11:19 am
Forum: Beginner Basics
Topic: RB951Ui-2HnD ethernet ports look deactivated even the Wifi.
Replies: 2
Views: 378

Re: RB951Ui-2HnD ethernet ports look deactivated even the Wifi.

Do you mean that you cannot "see" it via winbox neighbors or connect to it via previously known IP?

In such case, you need to do a netinstall
by pukkita
Tue Sep 19, 2017 11:16 am
Forum: General
Topic: Interface PPP Server side flaps/disconnects all
Replies: 6
Views: 896

Re: Interface PPP Server side flaps/disconnects all

Which interface flaps? the VLANs? What's the CPU load at those times?
by pukkita
Tue Sep 19, 2017 11:13 am
Forum: Beginner Basics
Topic: Suggestion for Linking?
Replies: 2
Views: 415

Re: Suggestion for Linking?

If I change the port to auto-negotiation disabled, port speed 1G, Full Duplex, the link light will appear on the CRS and report transmission activity. The Netgear will not establish link light or pass traffic.
Then you need to force 1G also at Netgear's end, did you try that?
by pukkita
Tue Sep 19, 2017 10:55 am
Forum: General
Topic: Mikrotik RB800 RouterBoard Help
Replies: 12
Views: 1598

Re: Mikrotik RB800 RouterBoard Help

This remote wireless network connectivity belongs to government based wildlife remote monitoring project where 32 HD CCTV cameras live feeds from remote forest monitoring sites would be monitored at wildlife range office in the city. Nice project :D I'm curious, where is it? Have you disabled one o...
by pukkita
Mon Sep 18, 2017 1:40 pm
Forum: General
Topic: Mikrotik RB800 RouterBoard Help
Replies: 12
Views: 1598

Re: Mikrotik RB800 RouterBoard Help

Taking a routerboard and sticking multiple radio cards on it is a thing of the past, (and never 8 cards!!) and the least desirable option, several radios cramped on a single board interfere with each other; your approach, single RB + multiple cards is the worst option possible from a optimal standpo...
by pukkita
Sat Sep 16, 2017 11:56 am
Forum: General
Topic: Mikrotik RB800 RouterBoard Help
Replies: 12
Views: 1598

Re: Mikrotik RB800 RouterBoard Help

RB800 was obsoleted long ago.

The "nearest" modern RB to RB800 is the RB850Gx2.

Depending on bandwidth and duties, more commonly used RBs for this task would be RB3011, RB1100AHx2, or CCR1009.

What are the RB intended tasks?
by pukkita
Sat Sep 16, 2017 11:50 am
Forum: Beginner Basics
Topic: Any newer wifi ac to be launched soon than hAP ac
Replies: 5
Views: 649

Re: Any newer wifi ac to be launched soon than hAP ac

hAP ac is the flagship AP for indoor use, really doubt mikrotik would be launching another device to replace it on for this segment soon.
by pukkita
Wed Sep 13, 2017 11:37 am
Forum: RouterBOARD hardware
Topic: RB2011UiAS-RM Powers Off Seconds After Connecting Ether1
Replies: 20
Views: 1812

Re: RB2011UiAS-RM Powers Off Seconds After Connecting Ether1

My guess was that the switch was creating a different ground level than the router, or something along these lines...
That's my guess also, check grounding of the enterasys, rack and 2011... everything should end on a single common ground.
by pukkita
Sun Sep 10, 2017 11:52 am
Forum: Wireless Networking
Topic: Epson XP-330 Wireless Cannot Connect
Replies: 2
Views: 438

Re: Epson XP-330 Wireless Cannot Connect

Try setting channel width to 20MHz.
by pukkita
Sun Sep 10, 2017 11:24 am
Forum: The User Manager
Topic: memory manager error info debug error mikrotik
Replies: 3
Views: 944

Re: memory manager error info debug error mikrotik

Use a MicroSD or USB, and run user-manager database off it, you're running out of space.

Which routerboard are you using?
by pukkita
Thu Sep 07, 2017 2:46 pm
Forum: RouterBOARD hardware
Topic: EROR NetInstall RB1100AHx2 [SOLVED]
Replies: 5
Views: 1002

Re: EROR NetInstall RB1100AHx2 [SOLVED]

Try upgrading the bootloader via Bios: https://i.mt.lv/routerboard/files/p2020_3.24.fwf trying netinstall for 6.38.7 again.
by pukkita
Wed Sep 06, 2017 6:38 pm
Forum: RouterBOARD hardware
Topic: EROR NetInstall RB1100AHx2 [SOLVED]
Replies: 5
Views: 1002

Re: EROR NetInstall RB1100AHx2 [SOLVED]

Which netinstall version? What's the bootloader version on the 1100AHx2? It is on par with the netinstall version you're using?

Have you tried to format NAND via the serial console first?
by pukkita
Wed Sep 06, 2017 5:28 pm
Forum: General
Topic: router was rebooted without proper shutdown, probably kernel failure
Replies: 27
Views: 10816

Re: router was rebooted without proper shutdown, probably kernel failure

E. Have you been changing cables ? F. Are you sure that someone in the building have not made a loop connecting cables to local switch?. I'd add: G. Are you sure nobody has created a new bridge, added a new port to an existing one, or changed/set some ethernet port master port parameter? If you had...
by pukkita
Wed Sep 06, 2017 5:25 pm
Forum: General
Topic: router was rebooted without proper shutdown, probably kernel failure
Replies: 27
Views: 10816

Re: router was rebooted without proper shutdown, probably kernel failure

BartoszP is right, highly unlikely three routers start to misbehave at the same time; check your network / routers first. If you don't find 100% CPU or other anomalies on logs: Make sure Current Firmware is the same version as Update firmware on System > Routerboard. If not, click on upgrade and re...
by pukkita
Wed Sep 06, 2017 4:55 pm
Forum: General
Topic: router was rebooted without proper shutdown, probably kernel failure
Replies: 27
Views: 10816

Re: router was rebooted without proper shutdown, probably kernel failure

BartoszP is right, highly unlikely three routers start to misbehave at the same time; check your network / routers first. If you don't find 100% CPU or other anomalies on logs: Make sure Current Firmware is the same version as Update firmware on System > Routerboard. If not, click on upgrade and reb...
by pukkita
Wed Sep 06, 2017 4:41 pm
Forum: Beginner Basics
Topic: L2TP server, i can't see devices in network [SOLVED]
Replies: 5
Views: 2214

Re: L2TP server, i can't see devices in network [SOLVED]

Computers in the same range expect others to reply to their arp queries, i.e. expect the rest to be L2 connected and thus receiving/replying broadcasts straight on their own. Proxy-arp aids when you use the same range for the VPN, as remote computers aren't directly connected to the network; it make...
by pukkita
Mon Sep 04, 2017 12:01 pm
Forum: Beginner Basics
Topic: 2011-UiAS-2HnD-IN replace antennas
Replies: 9
Views: 911

Re: 2011-UiAS-2HnD-IN replace antennas

When you spoke about a closed rack I thought on an outdoor enclosure for a tower or something similar, not for indoor duty. In that case your plan will work, you'll lose some db's due to the longer cabling and the additional connectors, but will be better than having the router antennas inside the f...
by pukkita
Mon Sep 04, 2017 11:49 am
Forum: Wireless Networking
Topic: Routing bgp mpls vpls, node bts with crs o ccr, max 300-400mbps each node
Replies: 3
Views: 702

Re: Routing bgp mpls vpls, node bts with crs o ccr, max 300-400mbps each node

The "easy" solution would be a CCR1072-1G-8S+ :D

Another possibilities:

- Use a router with an SFP+ port like CCR1009-7G-1C-1S+ plus a suitable switch, like CRS212 or the CRS317, connect them via SFP+ at 10G with a DAC cable and you're set.

- Budget option: a Hex + CRS212.
by pukkita
Sun Sep 03, 2017 10:52 pm
Forum: Beginner Basics
Topic: 2011-UiAS-2HnD-IN replace antennas
Replies: 9
Views: 911

Re: 2011-UiAS-2HnD-IN replace antennas

It will work , but... Is this a sound plan? Am I using the right components? Will it work afterwards? Would it be better to do it another way? Instead of taking a desktop integrated router, adding an external enclosure, adding an additional loss point (SMA->SMA Antenna) and longer pigtails, and a cr...
by pukkita
Sat Sep 02, 2017 3:15 pm
Forum: RouterBOARD hardware
Topic: wAP and hAP lite wifi [SOLVED]
Replies: 2
Views: 621

Re: wAP and hAP lite wifi [SOLVED]

Yes, they have same chipset, QCA9533.
by pukkita
Sat Sep 02, 2017 2:36 pm
Forum: Beginner Basics
Topic: mobile broadband with mikrotik routerboard
Replies: 6
Views: 1866

Re: mobile broadband with mikrotik routerboard

In such case a hAP ac Lite could be an affordable dual radio device to learn with, plus you can connect an USB modem like the e3372 to build your MIFI solution, or use 2,4GHz radio to connect to your existing MIFI and re-broadcast via the 5GHz radio, etc.
by pukkita
Fri Sep 01, 2017 11:05 pm
Forum: Wireless Networking
Topic: Event with 1200 wireless users
Replies: 8
Views: 3340

Re: Event with 1200 wireless users

hAP ac and wAP ac are dual channel radios, so 12 APs = 24 radios; 1200/24 = 50 users per radio, I doubt all 50 will be active simultaneously, so as long as placement is well thought out it should be enough, short of additional APs to cover any shaded areas you may find. Most modern smartphones and t...
by pukkita
Fri Sep 01, 2017 7:40 pm
Forum: Wireless Networking
Topic: Routing bgp mpls vpls, node bts with crs o ccr, max 300-400mbps each node
Replies: 3
Views: 702

Re: Routing bgp mpls vpls, node bts with crs o ccr, max 300-400mbps each node

I have yet to test this device, but I doubt it. CRS is a programmable Switch, but CPU power is not suitable for routing (software) that bandwidth, acccording to its specs : Captura de pantalla 2017-09-01 a la(s) 18.38.42.png Best bet for that duty if budget is no object: CCR or RB1100AH. Low Budget:...
by pukkita
Fri Sep 01, 2017 3:54 pm
Forum: General
Topic: Connecting Multiple Questions
Replies: 2
Views: 619

Re: Connecting Multiple Questions

Post a diagram. Hand-drawn is fine.
by pukkita
Fri Sep 01, 2017 3:51 pm
Forum: Beginner Basics
Topic: in SFP1 out SFP2
Replies: 2
Views: 582

Re: in SFP1 out SFP2

Post an export and a /ip route print, What's the source IP of branch office PC?
by pukkita
Fri Sep 01, 2017 3:49 pm
Forum: RouterBOARD hardware
Topic: Simultaneous clients - mANT 19S [SOLVED]
Replies: 3
Views: 830

Re: Simultaneous clients - mANT 19S [SOLVED]

I wouldn't design it with just a single mANTBox 19S. Apart from only covering 120 degrees, 76 simultaneous stations will be too much, I would target for 50 stations max per sector. Best bet would be using three sectors, either mANTBox19S or 15S (clients closer than 500m). You'll be covering 360, and...
by pukkita
Fri Sep 01, 2017 3:41 pm
Forum: General
Topic: Looking for a secure alternative to eoip
Replies: 7
Views: 1274

Re: Looking for a secure alternative to eoip

EoIP does what it needs to do but the performance knock is massive. Over a Gbps ethernet link I'm only getting around 10MB/s of real performance before the cpu hits 100%. Which routerboard? If your CPU does not support hardware acceleration for AES encryption/decryption then it would be slow as hel...
by pukkita
Fri Sep 01, 2017 3:37 pm
Forum: RouterBOARD hardware
Topic: Advice needed in choosing the right Mikrotik device [SOLVED]
Replies: 4
Views: 717

Re: Advice needed in choosing the right Mikrotik device [SOLVED]

I'd use 5GHz better, not only because of the potential higher throughput by using 40MHz or wider channels; 2.4GHz spectrum is much smaller and already saturated by home routers.
by pukkita
Fri Sep 01, 2017 2:39 pm
Forum: Wireless Networking
Topic: Questions Regarding RB435GUAH - Heat & Lifetime
Replies: 1
Views: 444

Re: Questions Regarding RB435GUAH - Heat & Lifetime

If environment conditions are going to be tough, I would stay away from RB + radio cards + pigtails. If heat is going to be high, it will put a stress on all mechanical connections: PCIe card slots, internal and external pigtails.... also 3 PCIe radios cramped on the same board/enclosure is not opti...
by pukkita
Fri Sep 01, 2017 2:29 pm
Forum: General
Topic: RBmAP2nD serial [SOLVED]
Replies: 4
Views: 622

Re: RBmAP2nD serial [SOLVED]

AFAIK this model doesn't have serial port, and USB port is for powering only. What is your goal?
by pukkita
Fri Sep 01, 2017 2:25 pm
Forum: RouterBOARD hardware
Topic: Advice needed in choosing the right Mikrotik device [SOLVED]
Replies: 4
Views: 717

Re: Advice needed in choosing the right Mikrotik device [SOLVED]

It may link on 5GHz, but waP is not a good choice for this application. Majority of traffic (download) will go from wAP to SXT; wAP have small gain omni antennas not suited for linking at 300m. If you expect to connect more devices to it, your best bet would be using a SXT-SA for the Apartment (90 d...
by pukkita
Thu Aug 31, 2017 8:31 pm
Forum: General
Topic: USB Power Reset
Replies: 6
Views: 2061

Re: USB Power Reset

I would generate supouts while on troublesome setups and email support linking to this post, so that they're aware of this. (this is an user forum, while mikrotik staff reads the forum, is not the most efficient way to report bugs)
by pukkita
Thu Aug 31, 2017 8:28 pm
Forum: Beginner Basics
Topic: mobile broadband with mikrotik routerboard
Replies: 6
Views: 1866

Re: mobile broadband with mikrotik routerboard

MIFI as internet source wirelessly connected to a hap lite to do bw management isn't what I would call and optimal setup.

Instead of using an additional device, I'd use a wAP LTE straight and build your own MIFI, this time with all ROS goodies.
by pukkita
Thu Aug 31, 2017 3:45 pm
Forum: Beginner Basics
Topic: Replace OpenVPN Server/Client
Replies: 13
Views: 1255

Re: Replace OpenVPN Server/Client

Use SSTP then...
  • You can set up a different port if you want
  • NAT friendly
  • Less likely to be throttled down by ISPs
by pukkita
Thu Aug 31, 2017 1:49 pm
Forum: Wireless Networking
Topic: Event with 1200 wireless users
Replies: 8
Views: 3340

Re: Event with 1200 wireless users

For 1Gbps bandwidth, definitelly a RB1100AHx2 would be the minimum I'd get.

Regarding AP count, it depends on the size/shape of the floors in the building, you'll need to position them for optimal coverage.

I'd start with 10-12 APs.
by pukkita
Thu Aug 31, 2017 12:20 pm
Forum: General
Topic: CRS326-24G-2S+RM Switch chip features
Replies: 5
Views: 1326

Re: CRS326-24G-2S+RM Switch chip features

Yes.
by pukkita
Thu Aug 31, 2017 12:15 pm
Forum: Wireless Networking
Topic: Event with 1200 wireless users
Replies: 8
Views: 3340

Re: Event with 1200 wireless users

Maybe a mix Metal and Groove
With omnis? don't.

I would use hAP ac + wAP ac.

What's the internet bandwidth? As main router / controller I'd go for a RB1100AHx2 or CCR.
by pukkita
Wed Aug 30, 2017 8:53 pm
Forum: General
Topic: dhcp-relay over MKT cascade [SOLVED]
Replies: 3
Views: 671

Re: dhcp-relay over MKT cascade [SOLVED]

Capturing traffic at the edge router I don't see anythig related with the DHCP, is it possible that the first MKT is filtering the DHCP discover?
Could be... have you torched MKT1 ether wired to MKT2 to see if DHCP requests are present?
by pukkita
Wed Aug 30, 2017 8:05 pm
Forum: General
Topic: The Mikrotik web server has down [SOLVED]
Replies: 4
Views: 1127

Re: The Mikrotik web server has down [SOLVED]

Connect to it via mac-winbox, and look at the logs, to determine why web server has stopped (hdd space full, etc).

In such case it would be best to reboot after cleanup.
by pukkita
Wed Aug 30, 2017 2:09 pm
Forum: Beginner Basics
Topic: Multiple WAN and NAT
Replies: 2
Views: 1146

Re: Multiple WAN and NAT

2 chain=srcnat action=src-nat to-addresses=84.54.xxx.250 src-address=192.168.88.37 log=yes log-prefix="SRCNAT" I cannot see where 84.54.xxx.250 is assigned on IP > Addresses? If you want to src-nat the router will need to have that IP assigned. Re: Mangle: Have a look at Tomas Kirnak's Load Balance...
by pukkita
Wed Aug 30, 2017 12:41 pm
Forum: General
Topic: USB Power Reset
Replies: 6
Views: 2061

Re: USB Power Reset

Just tested (6.40.2) on a 951Ui model and doesn't reboot.

Does it happen with a different USB device? Does it happen with no USB device?

I would netinstall it to 6.40.2. If problem persists, generate a supout and email support linking to this post.
by pukkita
Wed Aug 30, 2017 12:31 pm
Forum: Scripting
Topic: Redundant WANs - Script or Mangle to make both accessible and 2 hop failover [SOLVED]
Replies: 14
Views: 2555

Re: Redundant WANs - Script or Mangle to make both accessible and 2 hop failover [SOLVED]

Never mind :D

I cleared it anyway, as if you had that doubt, so could future users browsing the thread.
by pukkita
Tue Aug 29, 2017 8:06 pm
Forum: Beginner Basics
Topic: Big net for more than 254 devices
Replies: 1
Views: 530

Re: Big net for more than 254 devices

Guess with "transparent" you mean a bridged scenario: just use a bigger subnet. You will have a bridged (switched) network. To achieve this, instead of using 192.168.0.0/24, use 192.168.0.0/23: Network: 192.168.0.0/23 HostMin: 192.168.0.1 HostMax: 192.168.1.254 Broadcast: 192.168.1.255 Hosts/Net: 51...
by pukkita
Tue Aug 29, 2017 7:53 pm
Forum: General
Topic: Internet starts working after i do IP Scan
Replies: 34
Views: 2934

Re: Internet starts working after i do IP Scan

Something's not quite right there. Have you used .backup files to move configs between routers? Try this: Go to the bridge, and blank Admin. MAC Address (click on upward pointing triangle on its right, then apply) Run (you will temporarily lost the connection) /interface ethernet reset-mac-address [...
by pukkita
Tue Aug 29, 2017 7:41 pm
Forum: Scripting
Topic: Redundant WANs - Script or Mangle to make both accessible and 2 hop failover [SOLVED]
Replies: 14
Views: 2555

Re: Redundant WANs - Script or Mangle to make both accessible and 2 hop failover [SOLVED]

If you create a Netwatch monitor that reaches out to 8.8.4.4 and if it can't reach that address is disable the main route until reachable again, won't that IP become instantly reachable when it fails over to the second backup default route, causing it to fail back over to the failed line? No, becau...
by pukkita
Tue Aug 29, 2017 7:37 pm
Forum: Beginner Basics
Topic: Dual wan setup troubles
Replies: 40
Views: 5436

Re: Dual wan setup troubles

Follow the presentation mangle to the letter until you get a solid grasp on it, before jumping into customizations.

Order, and following it to the utmost detail is really important.
by pukkita
Tue Aug 29, 2017 3:26 pm
Forum: General
Topic: PPPoE best use of public IPs [SOLVED]
Replies: 4
Views: 794

Re: PPPoE best use of public IPs [SOLVED]

No, not for the local address, but for remote-address of the specific customer needing it. Local address should/could be the same for all pppoe users on a given router, and it's usually a private one as it won't be using by anything else than local traffic between its pppoe users and the router.
by pukkita
Tue Aug 29, 2017 3:22 pm
Forum: Scripting
Topic: Redundant WANs - Script or Mangle to make both accessible and 2 hop failover [SOLVED]
Replies: 14
Views: 2555

Re: Redundant WANs - Script or Mangle to make both accessible and 2 hop failover [SOLVED]

Follow the same logic/instructions on the presentation, it's wonderfully covered there.
by pukkita
Tue Aug 29, 2017 1:44 pm
Forum: General
Topic: Mikrotik to Mikrotik Lan Connection
Replies: 5
Views: 744

Re: Mikrotik to Mikrotik Lan Connection

- MKT2 LAN IP? 172.10.0.0/16 that's not an RFC1918 range, you're using a public Internet range (belongs to AT&T in the US) for a private network. Proper range is 172.16.0.0/12 In any case: Captura de pantalla 2017-08-29 a la(s) 12.36.42.png MKT1: ether3 shouldn't be a port of a bridge, or switch gr...
by pukkita
Tue Aug 29, 2017 12:59 pm
Forum: General
Topic: PPPoE best use of public IPs [SOLVED]
Replies: 4
Views: 794

Re: PPPoE best use of public IPs [SOLVED]

I am doing this with PPPoE and running PPPoE at each relay rather than centrally (I have reasons for doing it like this). I have a /25 public IP range that I wish to use as sparingly as possible. As some sites might only need 1 or 2 CPE with public IPs, how is best to achieve this without wasting p...
by pukkita
Tue Aug 29, 2017 12:49 pm
Forum: RouterBOARD hardware
Topic: RB2011UiAS-RM Powers Off Seconds After Connecting Ether1
Replies: 20
Views: 1812

Re: RB2011UiAS-RM Powers Off Seconds After Connecting Ether1

to next device connected to the suspect port ether1, if it's the internet router, then the internet router IP facing the mikrotik device. What's the ROS version and System > Routerboard firmware versions? I would netinstalll, reset to no defaults and restore the config on the RB2011 in any case, as ...
by pukkita
Tue Aug 29, 2017 12:47 pm
Forum: Scripting
Topic: Redundant WANs - Script or Mangle to make both accessible and 2 hop failover [SOLVED]
Replies: 14
Views: 2555

Re: Redundant WANs - Script or Mangle to make both accessible and 2 hop failover [SOLVED]

Glad it helped :D

Those lists are created to help mangle determine kind of traffic:

- Local networks to local networks
- Local networks to internet
- Internet to local networks

As depending on that rerouting should be done or not, etc.
by pukkita
Tue Aug 29, 2017 12:40 pm
Forum: RouterBOARD hardware
Topic: RB850Gx2 Voltage Monitor wrong measurements
Replies: 4
Views: 621

Re: RB850Gx2 Voltage Monitor wrong measurements

I suggested supout/support route because looks like a bug and Mikrotik would better know...
by pukkita
Tue Aug 29, 2017 12:33 pm
Forum: Beginner Basics
Topic: Basic setup for router with multiple AP's [SOLVED]
Replies: 23
Views: 11766

Re: Basic setup for router with multiple AP's [SOLVED]

Omnitik has single radio (5GHz) it doesn't have 2.4GHz.
by pukkita
Tue Aug 29, 2017 12:27 pm
Forum: RouterBOARD hardware
Topic: RB2011UiAS-RM Powers Off Seconds After Connecting Ether1
Replies: 20
Views: 1812

Re: RB2011UiAS-RM Powers Off Seconds After Connecting Ether1

Set the internet router LAN ip for watch address and check if supout is generated after such 30s connectivity loss.
by pukkita
Mon Aug 28, 2017 11:22 pm
Forum: General
Topic: USB Power Reset
Replies: 6
Views: 2061

Re: USB Power Reset

Check on System > Routerboard Current Firmware is 3.41, upgrade and reboot if isn't.
by pukkita
Mon Aug 28, 2017 11:16 pm
Forum: RouterBOARD hardware
Topic: RB2011UiAS-RM Powers Off Seconds After Connecting Ether1
Replies: 20
Views: 1812

Re: RB2011UiAS-RM Powers Off Seconds After Connecting Ether1

Every time I connect ether1 to my switch (C5G124-48P2) ~30 seconds later the router turns off.. Unplug the cable from either end, and the router will boot back up. My initial thought was the 802.3at switch port might be causing issues with the passive PoE input on ether1.. It shouldn't, but I disab...
by pukkita
Mon Aug 28, 2017 7:39 pm
Forum: RouterBOARD hardware
Topic: RB850Gx2 Voltage Monitor wrong measurements
Replies: 4
Views: 621

Re: RB850Gx2 Voltage Monitor wrong measurements

Double check Fimrware is up to date. If it is, generate a supout and email support linking to this post.
by pukkita
Mon Aug 28, 2017 7:35 pm
Forum: General
Topic: Mikrotik to Mikrotik Lan Connection
Replies: 5
Views: 744

Re: Mikrotik to Mikrotik Lan Connection

What are:

- MKT1 LAN IP
- MKT1 PTP IP
- MKT2 PTP IP?
- MKT2 LAN IP?
mockup.jpg
by pukkita
Mon Aug 28, 2017 6:19 pm
Forum: Wireless Networking
Topic: send push notifications
Replies: 1
Views: 876

Re: send push notifications

No, not directly from ROS.

Closest feature is the IP > Hotspot >User Profiles, create new one, Advertise tab, which most probably won't work as most websites nowadays are HTTPS, whose traffic you cannot intercept to play man-in-the-middle.
by pukkita
Mon Aug 28, 2017 6:11 pm
Forum: Scripting
Topic: Redundant WANs - Script or Mangle to make both accessible and 2 hop failover [SOLVED]
Replies: 14
Views: 2555

Re: Redundant WANs - Script or Mangle to make both accessible and 2 hop failover [SOLVED]

Do you have any insight into how to make both WAN's accessible? The problem I assume I am running into is when traffic comes in to the new fiber it is going back out the comcast line so it is never making the complete connection. For example, I can ping the public IP of the comcast line but not the...
by pukkita
Mon Aug 28, 2017 1:06 pm
Forum: General
Topic: Routerboard Connected User Amount Limit
Replies: 9
Views: 1162

Re: Routerboard Connected User Amount Limit

ether 2 and ether 4 on the RB 1200 are damaged so are unusable. with your diagram and suggested setup could i say ether 6-9 be used for connecting any devices that need to intercommunicate amongst theirselves and use ether 1,3,5 for the fibre link with the valns? No, 1,3,5 are still the best ports ...
by pukkita
Sun Aug 27, 2017 6:54 pm
Forum: General
Topic: Problem with OPENVPN and mangle [SOLVED]
Replies: 6
Views: 1466

Re: Problem with OPENVPN and mangle [SOLVED]

MANGLE chain: prerouting, src. address 192.168.32.3, in. interface:lan bridge, action: mark routing, new routing mark to_cable When mangle rule is disabled everything is working fine, when is enabled NAS is no longer available over VPN. Where is the problem? As you have guessed, on that mangling: y...
by pukkita
Sun Aug 27, 2017 6:47 pm
Forum: General
Topic: Need help for multiple vlan load balancing and fail over.
Replies: 1
Views: 468

Re: Need help for multiple vlan load balancing and fail over.

This matter is not suited for a short explanation on a forum thread, Have a look at Tomas Kirnak's Load Balance / Mangle Deep Dive presentation.

The fact of your WAN interfaces being VLANs doesn't change a thing, just use them as WANs.
by pukkita
Sun Aug 27, 2017 6:42 pm
Forum: Beginner Basics
Topic: DHCP doesn't reach guest network
Replies: 4
Views: 734

Re: DHCP doesn't reach guest network

PS. I also can't ping 10.0.0.253 or 10.0.3.253, strangly enough... /ip address add address=10.0.0.253 interface=02-pfSense network=10.0.0.0 add address=10.0.3.253 interface=02-GUEST-pfSense-VLAN200 network=10.0.3.0 Once you add ports to a bridge, any IPs should be assigned on the bridge itself: /ip...
by pukkita
Sun Aug 27, 2017 6:30 pm
Forum: Beginner Basics
Topic: Dual wan setup troubles
Replies: 40
Views: 5436

Re: Dual wan setup troubles

Have a look at Tomas Kirnak's Load Balance / Mangle Deep Dive presentation.

Your problem comes from the fact you're not marking on input chain.
by pukkita
Sun Aug 27, 2017 6:26 pm
Forum: Forwarding Protocols
Topic: Need Help For Failover Link and OSPF settins [SOLVED]
Replies: 14
Views: 2136

Re: Need Help For Failover Link and OSPF settins [SOLVED]

I changed the cost to 10 both of them and now traffic goes both interface.. is this correct implementation ? Yes, that's ECMP in action. should i change the gateway on router-2 or any extra setting ? No need to do anything for failover, test that for yourself by disabling any of radio link interfac...
by pukkita
Sun Aug 27, 2017 2:40 pm
Forum: Forwarding Protocols
Topic: Need Help For Failover Link and OSPF settins [SOLVED]
Replies: 14
Views: 2136

Re: Need Help For Failover Link and OSPF settins [SOLVED]

The quid here is playing with radio links interface costs in order to achieve ECMP . add authentication=simple authentication-key=xxxx interface=ether10-11Ghz network-type=broadcast priority=14 add authentication=simple authentication-key=xxxx cost=20 interface=ether11-5GhzLink network-type=broadcas...
by pukkita
Sun Aug 27, 2017 2:16 pm
Forum: Beginner Basics
Topic: MikroTik Labs
Replies: 2
Views: 865

Re: MikroTik Labs

All mikrotik devices sport all ROS features, so for lab use almost any device will allow you to setup labs. Unlicensed CHR will be limited to 1Mbps, but again, for a Lab this still allows to setup any scenario, and you can get an unlimited temporary license for 60 days. You can run user-manager or d...
by pukkita
Sun Aug 27, 2017 1:14 pm
Forum: General
Topic: Routerboard Connected User Amount Limit
Replies: 9
Views: 1162

Re: Routerboard Connected User Amount Limit

locodog already said how would that be accomplished. I stand by my advise, RB1200 will be probably the best performing board of the three. Let's look at it's block diagram: Captura de pantalla 2017-08-27 a la(s) 12.08.08.png If you were to use just the RB1200 without an additional switch, most optim...
by pukkita
Sun Aug 27, 2017 1:03 pm
Forum: Wireless Networking
Topic: Link issues
Replies: 9
Views: 866

Re: Link issues

Ok, then if those are PTPs, lock down the highest stable, low RTT datarate on the AP radio.

Be sure to pass traffic while evaluating highest stable datarate with low RTT. If RTT goes nuts on a given datarate, select the next lower one.
by pukkita
Sat Aug 26, 2017 9:11 pm
Forum: Wireless Networking
Topic: Layer 2 issues
Replies: 4
Views: 592

Re: Layer 2 issues

It definitely looks like some sort of L2 issue is happening, broadcast storm, network loop or similar.

Try logging into an affected powerbox via mac-winbox or RoMON, and have a look at /tool profile, and interfaces looking for saturated ethernets.
by pukkita
Sat Aug 26, 2017 9:01 pm
Forum: General
Topic: Getting Error: RADIUS accounting request not send: no respond
Replies: 3
Views: 1543

Re: Getting Error: RADIUS accounting request not send: no respond

Look like the rebuild was not successful, the database possibly got corrupted due to lack of space.. You may need to clear it out and start from scratch, or have someone knowledgeable to inspect it if it contains useful accounting data.
by pukkita
Sat Aug 26, 2017 8:58 pm
Forum: Beginner Basics
Topic: Firewall rule for L2TP/IPSec access to router
Replies: 3
Views: 7281

Re: Firewall rule for L2TP/IPSec access to router

The only issue is that I need to add a L2TP Server binding and a new Interface List item for every L2TP client. Do all remote users need access to the router itself?? In such case it will be easier to change the firewall logic, instead of /ip firewall filter add action=drop chain=input comment="def...
by pukkita
Sat Aug 26, 2017 6:57 pm
Forum: Wireless Networking
Topic: Link issues
Replies: 9
Views: 866

Re: Link issues

That looks much better. I have 3 links, all 5 ghz, all with cm9 cards. On the same RB433? There's where your problem probably comes. Specially if at any given moment two of them need to Tx and Rx simultaneously. I'd rather seperate radios on different RBs, and go straight to integrated units (SXTs, ...
by pukkita
Sat Aug 26, 2017 6:48 pm
Forum: Beginner Basics
Topic: Firewall rule for L2TP/IPSec access to router
Replies: 3
Views: 7281

Re: Firewall rule for L2TP/IPSec access to router

There's relevant info lacking from your post, so speaking out of my guessings... Firstly, if local VPN IP on router is 192.168.99.1, you should use it to access it; otherwise, you need to do some adjustments on the remote PC connecting via VPN: - Make your VPN connection the default route (making al...
by pukkita
Sat Aug 26, 2017 3:21 pm
Forum: Wireless Networking
Topic: Link issues
Replies: 9
Views: 866

Re: Link issues

BR433 on my side with cm9 cards
Cards? There's more than one? What's at the other side? A sector (PtMP)?
by pukkita
Sat Aug 26, 2017 3:13 pm
Forum: Wireless Networking
Topic: Link issues
Replies: 9
Views: 866

Re: Link issues

Doesn't look so stable. Which devices are you using? Is this a PTP or a PtMP? What's the System > RouterBoard Current vs Upgrade Firmware on both? If this is a PTP, for 3km link, signal levels are really unleveled, assuming both AP and station are the same model, I'd bet you have either fresnel or l...
by pukkita
Sat Aug 26, 2017 2:50 pm
Forum: Scripting
Topic: Redundant WANs - Script or Mangle to make both accessible and 2 hop failover [SOLVED]
Replies: 14
Views: 2555

Re: Redundant WANs - Script or Mangle to make both accessible and 2 hop failover [SOLVED]

There are several possible ways of doing this. One of them is setting default route through an Internet host like 8.8.8.8 by using recursivity, so that the "ping gateway" ROS feature controls the failover. I have had issues with this, and wouldn't be surprised if your ISP, or further up the uplink f...
by pukkita
Sat Aug 26, 2017 2:23 pm
Forum: General
Topic: Getting Error: RADIUS accounting request not send: no respond
Replies: 3
Views: 1543

Re: Getting Error: RADIUS accounting request not send: no respond

Your radius is not responding.

Check the hotspot router reaches the radius ip.

Check Radius service is not failing due to database problems, high load, or that it doesn't have accounting enabled.

Is radius an external radius host, or user-manager running on the same device?
by pukkita
Sat Aug 26, 2017 2:21 pm
Forum: General
Topic: Mikrotik to Mikrotik Lan Connection
Replies: 5
Views: 744

Re: Mikrotik to Mikrotik Lan Connection

Post a diagram, depìcting devices, interfaces and IPs. Hand drawn is perfectly fine.
by pukkita
Sat Aug 26, 2017 12:37 pm
Forum: Beginner Basics
Topic: Not sure what solution to use
Replies: 1
Views: 247

Re: Not sure what solution to use

Difficult to provide more specific instructions due to the scarce information, but: Assuming there's one router with one WAN connection which routes 6 public IP addresses, in order to masquerade outgoing Internet connections you only need: - Have all the IPs assigned on the router. I assume the 12.1...
by pukkita
Sat Aug 26, 2017 12:18 pm
Forum: General
Topic: Limits on IPsec/L2TP VPN connections on level 6 license
Replies: 1
Views: 435

Re: Limits on IPsec/L2TP VPN connections on level 6 license

What's on System > License?

It doesn't have to be related to license, there are other settings that may cause this, like bad ip pool, inconsistent settings, etc.

Watch out the log when that happens, and post it here. Posting an export of your config is a good idea also.
by pukkita
Sat Aug 26, 2017 12:05 pm
Forum: Beginner Basics
Topic: RB750GR3 default filter rules query!!!
Replies: 4
Views: 599

Re: RB750GR3 default filter rules query!!!

It was introduced on 6.40.2, but can be used on any fasttrack enabled ROS version.
by pukkita
Fri Aug 25, 2017 9:42 pm
Forum: Wireless Networking
Topic: Wireless Backhaul for AP Options
Replies: 7
Views: 1298

Re: Wireless Backhaul for AP Options

You could use a RB912 with a 2nd radio installed + 2 external antennas, but it won't be neither less bulkier nor cheaper, and way less reliable (pigtails). I understand Mikrotik philosophy is providing flexible building blocks at disruptive prices, that's why no too-scenario-specific devices are rel...
by pukkita
Fri Aug 25, 2017 7:30 pm
Forum: Beginner Basics
Topic: Web pages and iTunes don´t load properly or don`t load at all
Replies: 12
Views: 781

Re: Web pages and iTunes don´t load properly or don`t load at all

Yes, looks like some kind of ethernet problem with that laptop.
by pukkita
Fri Aug 25, 2017 7:05 pm
Forum: Wireless Networking
Topic: Wireless Backhaul for AP Options
Replies: 7
Views: 1298

Re: Wireless Backhaul for AP Options

If I do that, broadcast a client SSID and connect as a client, on the same 5GHz radio I'd imagine I'll suffer from the common problem of wireless mesh and I could see a reduction in performance. Does the MIMO (triple chain) of the product off-set the loss of air-time in this case Yes, it does suffe...
by pukkita
Fri Aug 25, 2017 4:27 pm
Forum: General
Topic: Redirect Gateway
Replies: 3
Views: 948

Re: Redirect Gateway

No need for the second mangle on output chain. This rule alone should be enough: /ip firewall mangle add chain=prerouting action=mark-routing new-routing-mark=VPN_Gateway passthrough=no protocol=tcp src-address=192.168.168.101 dst-address=!192.168.168.0/24 dst-port=80 log=no log-prefix="" What you s...
by pukkita
Fri Aug 25, 2017 4:17 pm
Forum: Beginner Basics
Topic: Web pages and iTunes don´t load properly or don`t load at all
Replies: 12
Views: 781

Re: Web pages and iTunes don´t load properly or don`t load at all

Which interface? do you refer to a laptop?
by pukkita
Fri Aug 25, 2017 3:11 pm
Forum: Beginner Basics
Topic: Web pages and iTunes don´t load properly or don`t load at all
Replies: 12
Views: 781

Re: Web pages and iTunes don´t load properly or don`t load at all

Try upgrading to 6.40.2, per its changelog : *) pppoe-client - fixed wrong MRU detection over VLAN interfaces; Not all Movistar ONTs expose VLANs anymore, that could be the reason others not experiencing problems if this fixes it. Have seen some Movistar ONTs change from exposing VLANs to not exposi...
by pukkita
Fri Aug 25, 2017 2:38 pm
Forum: Beginner Basics
Topic: Web pages and iTunes don´t load properly or don`t load at all
Replies: 12
Views: 781

Re: Web pages and iTunes don´t load properly or don`t load at all

ROS version? Firmware version? (System > Routerboard Current Firmware ) Looks like MTU problem. Does your pppoe-out1 enter Running state? Open a New Terminal and issue the following commands, posting them back here: /ip address print /ip route print /interface print Have you had a look at the WAN st...
by pukkita
Fri Aug 25, 2017 2:33 pm
Forum: Beginner Basics
Topic: LHG complete transparent
Replies: 2
Views: 345

Re: LHG complete transparent

Reset it to no defaults (connect to it via winbox neighbors tab afterwards, no need for ip settings) Station: - Setup it as wireless-mode=station-bridge - Create a bridge - Add wlan1 and ether1 to the bridge. AP: -wireless mode is AP-bridge or bridge - Create a bridge - Add wlan1 and ether1 to it Do...
by pukkita
Fri Aug 25, 2017 2:27 pm
Forum: General
Topic: Internet starts working after i do IP Scan
Replies: 34
Views: 2934

Re: Internet starts working after i do IP Scan

At this point, I would save an export (.rsc file) for backup, then:

- netinstall the router.
- Reset it to no defaults
- Connect to it from Winbox Neighbors tab, then import or copy & paste backup. rsc file contents.

Post a System > Routerboard screenshot. Current firmware should be 3.35.
by pukkita
Fri Aug 25, 2017 2:06 pm
Forum: General
Topic: [SOLVED] Bricked hAP ac, can not recover by netinstall [SOLVED]
Replies: 5
Views: 5291

Re: Bricked hAP ac, can not recover by netinstall [SOLVED]

Try keeping the reset button pressed until you see the hAP appear in netinstall. Have you played with protected RouterBoot features in the past? When you say winbox doesn't detect it, do you refer to Neighbors tab? Even with a laptop with its ethernet as only network active interface? (all the rest ...
by pukkita
Fri Aug 25, 2017 2:04 pm
Forum: RouterBOARD hardware
Topic: mAP lite
Replies: 58
Views: 19455

Re: mAP lite

Yes. Despite being a tiny device, it supports all ROS features (CPU allowing).
by pukkita
Fri Aug 25, 2017 2:00 pm
Forum: Beginner Basics
Topic: Dual wan - only one active at a time
Replies: 6
Views: 1996

Re: Dual wan - only one active at a time

NAT is the last step in traffic manipulation, unless routing steers traffic via a specific WAN, where NAT is set, NAT is not going to happen.

Please post
/ip route print detail
/ip address print
/ip firewall address-list print
by pukkita
Fri Aug 25, 2017 12:25 pm
Forum: General
Topic: [SOLVED] Bricked hAP ac, can not recover by netinstall [SOLVED]
Replies: 5
Views: 5291

Re: Bricked hAP ac, can not recover by netinstall [SOLVED]

Check the reset switch is not damaged and is shorting itself even w/o pressing it. That may cause the reboot loop.
by pukkita
Fri Aug 25, 2017 11:43 am
Forum: The User Manager
Topic: Radius Server is not responding message
Replies: 6
Views: 13055

Re: Radius Server is not responding message

Try setting src-address in radius to 127.0.0.1.

I assume both user-manager and hotspot are installed on the same router.
by pukkita
Fri Aug 25, 2017 11:39 am
Forum: Beginner Basics
Topic: RB750GR3 default filter rules query!!!
Replies: 4
Views: 599

Re: RB750GR3 default filter rules query!!!

Yes, it's a new optimization to default firewall filter rules. Yes, it has to do with fasttrack.
by pukkita
Fri Aug 25, 2017 11:35 am
Forum: Wireless Networking
Topic: Regarding Powerfull Wireless Link
Replies: 3
Views: 439

Re: Regarding Powerfull Wireless Link

Have you done an spectral scan? You'll need a non AC Mikrotik radio (or other brand) to carry it out. Specific scenario 5GHz Spectrum is what will dictate what speeds can be achieved, regardless of equipment used. If there's 40MHz contiguous spectrum available, you may get near those 200Mbps. If the...
by pukkita
Fri Aug 25, 2017 11:23 am
Forum: Wireless Networking
Topic: Spreading the load using a WISP to avoid major dips in speed!
Replies: 10
Views: 808

Re: Spreading the load using a WISP to avoid major dips in speed!

Thanks very much indeed for the clarification about IPTV and the QOS configuration!! Have you any thoughts about the make, model, and performance of a suitable load balancer which we will need if we go for 2 uplinks? The already deployed RB850G can cope with the two. Do you think that speed limitat...
by pukkita
Fri Aug 25, 2017 11:11 am
Forum: Beginner Basics
Topic: Dual wan - only one active at a time
Replies: 6
Views: 1996

Re: Dual wan - only one active at a time

You're not doing any load balancing, and steering all LAN - > Internet traffic towards WAN1: add action=mark-connection chain=prerouting comment=LAN->WAN connection-mark=no-mark dst-address-list=!local-lan dst-address-type=!local \ new-connection-mark=LAN->WAN passthrough=yes src-address-list=local-...
by pukkita
Fri Aug 25, 2017 10:52 am
Forum: Beginner Basics
Topic: General WISP managment
Replies: 3
Views: 493

Re: General WISP managment

Depends on expected customer distance, I'd recommend mANTBox 19S for >800m customers, and 15S or SXT-SA for closer customers. You need to study the terrain, then deploy sectors estrategically depending on surrounding conditions and customer density; typical setup 3 x 19S to cover 360 for mid-long di...
by pukkita
Thu Aug 24, 2017 8:38 pm
Forum: General
Topic: Routerboard Connected User Amount Limit
Replies: 9
Views: 1162

Re: Routerboard Connected User Amount Limit

Are you using hotspot? Or plain DHCP?
by pukkita
Thu Aug 24, 2017 8:31 pm
Forum: General
Topic: CRS326-24G-2S+RM Switch chip features
Replies: 5
Views: 1326

Re: CRS326-24G-2S+RM Switch chip features

Don't think that's possible, because there's only one switch chip. FYI, 6.41RC has a new bridge/switch chip implementation, where hardware offloading is used to accelerate switching/bridging when possible. Haven't tested it yet, and don't know which specific circumstances need to be met for HW offlo...
by pukkita
Thu Aug 24, 2017 8:24 pm
Forum: Wireless Networking
Topic: Spreading the load using a WISP to avoid major dips in speed!
Replies: 10
Views: 808

Re: Spreading the load using a WISP to avoid major dips in speed!

I was referring to setup your own IPTV streaming server. When I refer to multicast, I refer to stream IPTV via multicast, i.e. users will be connected to the server and will "fetch" the same stream from the network, i.e., if 5 users are watching a given channel, and such channel is 3Mbps, total netw...
by pukkita
Thu Aug 24, 2017 7:28 pm
Forum: SwOS
Topic: 2 x CSS326-24G-2S+RM
Replies: 12
Views: 3369

Re: 2 x CSS326-24G-2S+RM

Check updates from SwOS GUI
by pukkita
Thu Aug 24, 2017 7:26 pm
Forum: General
Topic: CRS326-24G-2S+RM Switch chip features
Replies: 5
Views: 1326

Re: CRS326-24G-2S+RM Switch chip features

As it's a CRS, i.e. a switch, it has one switch chip.

All ports are connected to this switch chip:
Captura de pantalla 2017-08-24 a la(s) 18.26.40.png
by pukkita
Thu Aug 24, 2017 1:36 pm
Forum: Beginner Basics
Topic: dhcp server not working
Replies: 4
Views: 2903

Re: dhcp server not working

Does it appear in red?

So far cannot spot anything, which ROS version? Could you export it again using /export compact this time?
by pukkita
Thu Aug 24, 2017 1:27 pm
Forum: General
Topic: About RB750Gr3
Replies: 8
Views: 1044

Re: About RB750Gr3

It may, depending on other factors, but I think there are more suitable options. What's the available Internet bandwidth? In any case, for a network of that size, I'll use a RB3011 minimum. If budget allows, investing on a RB1100AHx2 or CCR from starters will better protect the investment and allow ...
by pukkita
Thu Aug 24, 2017 1:25 pm
Forum: General
Topic: Default configuration
Replies: 4
Views: 1807

Re: Default configuration

Yes, is it possible to change default configuration.

You need to use netinstall Configure Script feature.
by pukkita
Thu Aug 24, 2017 1:18 pm
Forum: Beginner Basics
Topic: General WISP managment
Replies: 3
Views: 493

Re: General WISP managment

The question is Omnitik the right decision for a base spot in this situation?! No. Stay away from Omnis. Basebox would be a good choice if only a handful, similar distance customers will use it, or to use it (PoE version) as a PoE Switch and reserve radio to carry out spectrum scans w/o disturbing ...
by pukkita
Thu Aug 24, 2017 1:09 pm
Forum: General
Topic: Routerboard Connected User Amount Limit
Replies: 9
Views: 1162

Re: Routerboard Connected User Amount Limit

which routerboard out of the 3 i have is better suited to handle a high user load? The RB1200 im looking at roughly a user load of anywhere from 20 users up top 600 connectedf at any given time. What's the internet bandwidth? Are you running queues? I would invest straight on a RB1100AHx2 or a CCR.
by pukkita
Wed Aug 23, 2017 8:01 pm
Forum: General
Topic: Internet starts working after i do IP Scan
Replies: 34
Views: 2934

Re: Internet starts working after i do IP Scan

I think there's a 99.9% probability of the problems being due to the Tenda switches. Probably a bug or limitation in its arp'ing scheme. Avoid Tenda and Whatever-link (D, TP, LR...) brand crappy switches. Netgear is usually fine, and so are CRS routerboards. You can try setting proxy-arp or local-pr...
by pukkita
Wed Aug 23, 2017 7:57 pm
Forum: RouterBOARD hardware
Topic: RB2011UiAS-RM work on 12V DC?
Replies: 4
Views: 551

Re: RB2011UiAS-RM work on 12V DC?

No problem either. I found the power rating of a RB2011UiAS-2HnD-IN as 11W, yours is the non Wireless version, so max power will be less.

For 12V: 11W=12V*I; I = 0.91A. So you have enough margin even with the 1.3A limitation.
by pukkita
Wed Aug 23, 2017 7:53 pm
Forum: SwOS
Topic: 2 x CSS326-24G-2S+RM
Replies: 12
Views: 3369

Re: 2 x CSS326-24G-2S+RM

I would directly write support in this case. BTW, There's a SwOS 2.5rc2 release candidate version, not sure if would help in your case.
by pukkita
Wed Aug 23, 2017 7:45 pm
Forum: RouterBOARD hardware
Topic: RB2011UiAS-RM work on 12V DC?
Replies: 4
Views: 551

Re: RB2011UiAS-RM work on 12V DC?

As long as the PSU provides enough amps, you won't have any underpowering or other problems in your scenario (would be different if you powered the 2011 via PoE-In using a long cable). RB2011 original power adapter is 24V @ 1.2A, i.e. Maximum Power = 24V * 1.2A = 28.8W. I doubt maximum power draw fr...
by pukkita
Wed Aug 23, 2017 4:08 pm
Forum: Beginner Basics
Topic: Dual wan - only one active at a time
Replies: 6
Views: 1996

Re: Dual wan - only one active at a time

Have a look at this presentation by Tomas Kirnak.

On dual WAN setups means should be deployed so that traffic entering by a given wan leaves by the same one.

Double check you're actually masquerading on the secondary WAN too, when it's the default route hosts from internet should ping too.
by pukkita
Wed Aug 23, 2017 4:06 pm
Forum: SwOS
Topic: 2 x CSS326-24G-2S+RM
Replies: 12
Views: 3369

Re: 2 x CSS326-24G-2S+RM

double check the ROS or SwOS version and firmware, from SwOS changelog : What's new in v2.4: *) CSS106: fixed upgrade over PoE ports when PoE stopped working; *) CRS326: fixed port in disabled VLAN mode to forward untagged packets; What's new in v2.3: *) fixed CRS317: make 10G links more stable; *) ...
by pukkita
Wed Aug 23, 2017 12:00 pm
Forum: Beginner Basics
Topic: RB951 Hotspot + LAN Clients (Home network)
Replies: 3
Views: 635

Re: RB951 Hotspot + LAN Clients (Home network)

The solution to this is placing more APs on each floor, at a minimum another RB951 at third floor, wiring it to the main RB951. This RB will need to be wired to the main RB951, configuration needed: On third floor RB951: setup wireless, create a bridge and add the wireless interface and the ether po...
by pukkita
Tue Aug 22, 2017 7:05 pm
Forum: Wireless Networking
Topic: Spreading the load using a WISP to avoid major dips in speed!
Replies: 10
Views: 808

Re: Spreading the load using a WISP to avoid major dips in speed!

Have done some integrations, mostly using hardware DVB-S or DVB-C streamers.

There's a very interesting software project for this: stalker-portal
by pukkita
Tue Aug 22, 2017 6:59 pm
Forum: General
Topic: Mass netinstall
Replies: 7
Views: 1146

Re: Mass netinstall

(netinstall can run under wine but it would be better when it could run from commandline) It would be actually really nice , as it would be possible to setup tftp/dhcp netinstall servers on the network. I haven't fully reverse engineered what netinstall does exactly, wonder what's the reason (apart...
by pukkita
Tue Aug 22, 2017 5:02 pm
Forum: General
Topic: Mass netinstall
Replies: 7
Views: 1146

Re: Mass netinstall

1. Is there a way of automating the process of getting into netinstall mode? For example, is there a command that can be issued 'reboot into boot loader mode' so I can write a script to automate that part (eg tied to a DHCP lease event that would spot the router grabbing an IP) /system routerboard ...
by pukkita
Tue Aug 22, 2017 2:20 pm
Forum: General
Topic: Marking MS Update packets
Replies: 3
Views: 2590

Re: Marking MS Update packets

You can follow a more general approach, and mark regular HTTP/S, and HTTP/HTTPs "downloads" (more than X Mb on a given established connection, 5MB in this example) using mangle connection-bytes : add action=mark-connection chain=prerouting dst-port=80,443 new-connection-mark=HTTP packet-mark=no-mark...
by pukkita
Tue Aug 22, 2017 1:15 pm
Forum: Wireless Networking
Topic: Spreading the load using a WISP to avoid major dips in speed!
Replies: 10
Views: 808

Re: Spreading the load using a WISP to avoid major dips in speed!

In that case you can add a second antena/internet uplink, and make the main router load balance the connections through the two internet uplinks. No need for a second routerboard. QoS plus second internet uplink and load balancing should provide a smoother experience for all users. Third possible en...
by pukkita
Tue Aug 22, 2017 1:07 pm
Forum: General
Topic: Internet starts working after i do IP Scan
Replies: 34
Views: 2934

Re: Internet starts working after i do IP Scan

Plug yours directly to the 3011 and test if you have same problems.
by pukkita
Tue Aug 22, 2017 1:05 pm
Forum: Beginner Basics
Topic: wAP dropping connection
Replies: 4
Views: 521

Re: wAP dropping connection

Firmware is not up to date, note Upgrade Firmware = 3.36 while Current Firmware=3.26.

To upgrade:

1.- Click on Log.

2.- Go to System > Routerboard and click the Upgrade button.

Watch out log, when you see a message stating upgrade was successful, reboot the router.
by pukkita
Tue Aug 22, 2017 12:40 pm
Forum: General
Topic: Internet starts working after i do IP Scan
Replies: 34
Views: 2934

Re: Internet starts working after i do IP Scan

Are there any PCs directly connected to the 3011? Do those ping internet?
by pukkita
Tue Aug 22, 2017 12:23 am
Forum: General
Topic: Internet starts working after i do IP Scan
Replies: 34
Views: 2934

Re: Internet starts working after i do IP Scan

can you ping those?
- 82.114.64.3
- 82.114.64.4
- 192.168.1.1
instead of traceroute do a
tracert -d 8.8.8.8
by pukkita
Mon Aug 21, 2017 3:34 pm
Forum: Beginner Basics
Topic: wAP dropping connection
Replies: 4
Views: 521

Re: wAP dropping connection

What's the ROS version?

What's in System > Routerboard, can you post a screenshot?
by pukkita
Mon Aug 21, 2017 3:32 pm
Forum: Beginner Basics
Topic: RB951 Hotspot + LAN Clients (Home network)
Replies: 3
Views: 635

Re: RB951 Hotspot + LAN Clients (Home network)

Which devices are broadcasting the wireless signal? How are they connected to the mikrotik RB951 router?

Is the RB951 the only AP?
by pukkita
Mon Aug 21, 2017 3:06 pm
Forum: General
Topic: Dropping DHCP OFFER packets from certain MAC addresses
Replies: 3
Views: 809

Re: Dropping DHCP OFFER packets from certain MAC addresses

Post an export, and some description on how the 750 is wired to the rest of the network.

Depending on that, it may be possible to leverage bridge filters to isolate those rogue DHCP servers from the 750.
by pukkita
Mon Aug 21, 2017 2:07 pm
Forum: General
Topic: Internet starts working after i do IP Scan
Replies: 34
Views: 2934

Re: Internet starts working after i do IP Scan

Can you tell me how to do that, im not expert for mikrotik. Copy and paste this onto a New Terminal: /ip firewall filter add chain=input action=accept protocol=icmp comment="defconf: accept ICMP" add chain=input action=accept connection-state=established,related comment="defconf: accept established...
by pukkita
Mon Aug 21, 2017 11:18 am
Forum: General
Topic: Internet starts working after i do IP Scan
Replies: 34
Views: 2934

Re: Internet starts working after i do IP Scan

post an
ipconfig /all


on your PC, I assume you run windows.

BTW, your router is exposed to the internet, you should add firewall rules to prevent anyone from bruteforcing your router.
by pukkita
Sun Aug 20, 2017 1:33 pm
Forum: General
Topic: Internet starts working after i do IP Scan
Replies: 34
Views: 2934

Re: Internet starts working after i do IP Scan

You need to make masquerade more specific: /ip firewall nat add action=masquerade out-interface=ether1 chain=srcnat comment="Masquerade WAN" src-address=192.168.1.0/24 Apart from that everything looks fine, the arp problem doesn't seem to be related to 3011 config. Do PCs connected to switch1 ping P...
by pukkita
Sat Aug 19, 2017 9:41 pm
Forum: General
Topic: Internet starts working after i do IP Scan
Replies: 34
Views: 2934

Re: Internet starts working after i do IP Scan

Which ports are those switches connected to? A hand drawn diagram depicting what's connected and where on the 3011 would be essential.

Connect to it using winbox, open a New Terminal and issue
/export
Pasting the output here.
by pukkita
Sat Aug 19, 2017 9:32 pm
Forum: General
Topic: DHCP server on slave interface
Replies: 7
Views: 11724

Re: DHCP server on slave interface

In my case, DHCP server should run on VLAN interface, which is part of a bridge "trunk". Not quite... vlan is "hanging" from bridge-trunk. The only interfaces which are part of bridge-trunk, i.e. are bridge ports, are ether4 and ether5. I don't understand why vlan102 is "slave" and vlan101 not. Bec...
by pukkita
Sat Aug 19, 2017 2:14 pm
Forum: General
Topic: Internet starts working after i do IP Scan
Replies: 34
Views: 2934

Re: Internet starts working after i do IP Scan

Looks like an arp problem. Check Arp setting of LAN interface.
by pukkita
Sat Aug 19, 2017 2:07 pm
Forum: Wireless Networking
Topic: Spreading the load using a WISP to avoid major dips in speed!
Replies: 10
Views: 808

Re: Spreading the load using a WISP to avoid major dips in speed!

On average there are between 30 and 80 devices online at any given time. Bandwidth from wisp is stated as 60 mbs download and 40mbs upload. [...] Unfortunately although the speed is now expected by provider to be between 4 and 7 megabits we sometimes get dips down to as low as 1megabit although at ...
by pukkita
Sat Aug 19, 2017 2:48 am
Forum: Beginner Basics
Topic: Port Forwarding for the beginner
Replies: 8
Views: 4961

Re: Port Forwarding for the beginner

What are your firewall filter rules?

Open a New Terminal and issue:
/export
Then copy and paste the output here.

Your port forwarding is apparently fine.
by pukkita
Fri Aug 18, 2017 1:08 pm
Forum: General
Topic: how to read wireless registration table
Replies: 11
Views: 1919

Re: how to read wireless registration table

Tx goes from router to client. So client download is Tx rate on router.
by pukkita
Fri Aug 18, 2017 12:20 pm
Forum: Scripting
Topic: Getting destination IP
Replies: 4
Views: 504

Re: Getting destination IP

Only first one (prerouting) is needed.

You can add the address-list mangle rule after the existing one, as long as the existing one has passthrough enabled, mangle proccessing won't stop there and will reach the one adding to the address list.
by pukkita
Fri Aug 18, 2017 11:28 am
Forum: Beginner Basics
Topic: Crs226 Sfp bonding so that multiple floors can be interconnected
Replies: 9
Views: 787

Re: Crs226 Sfp bonding so that multiple floors can be interconnected

Higher OSI layers depend lower ones for everything to work, in your scenario: Layer 1 - Fiber runs and SFPs linking / running properly Layer 2 - Proper Switches master/slave ports configuration (fine as per your export) Layer 3 - Proper IP range assignment Layer 1 I am able to link sfp1-0 to sfp1-1 ...
by pukkita
Fri Aug 18, 2017 11:21 am
Forum: Beginner Basics
Topic: Routing between lans on PowerBox
Replies: 13
Views: 930

Re: Routing between lans on PowerBox

Question. Instead of the whole dedicated PC thing, could I use a hAP ac lite tower since it says it has "USB port for 3G/4G modem "?? I'm just wondering before I buy one if I plugged my cell phone with tethering into the usb port that it would then work. I already own 7 tiks so i dont want another ...
by pukkita
Thu Aug 17, 2017 12:29 pm
Forum: Scripting
Topic: Getting destination IP
Replies: 4
Views: 504

Re: Getting destination IP

I would rather use the add dst to address list action in mangle.

Easier, and you can get a text output at any later stage.
by pukkita
Thu Aug 17, 2017 11:35 am
Forum: Forwarding Protocols
Topic: VPLS Interface flapping
Replies: 1
Views: 425

Re: VPLS Interface flapping

Poor wireless link would be the first thing I would check, look for OSPF flapping.

Which equipment is used on the PTP? are there switches between the two routers running the VPLS tunnel??
by pukkita
Thu Aug 17, 2017 11:32 am
Forum: General
Topic: Redirecting 443 to 80 is not Working
Replies: 5
Views: 751

Re: Redirecting 443 to 80 is not Working

There's no way of fixing it, HTTPS protocol is designed to prevent exactly that, i.e. the user connecting to a different server from the legit one.
by pukkita
Thu Aug 17, 2017 11:10 am
Forum: Wireless Networking
Topic: Please anyone can help me: Error - Simultaneous Session Limit Reached & RADIUS accounting request not sent ?
Replies: 11
Views: 2813

Re: Please anyone can help me: Error - Simultaneous Session Limit Reached & RADIUS accounting request not sent ?

What was the router uptime when you posted that status screenshot? Doesn't look like unresponsive radius on that screenshot; I thought it was actually an external radius server, not user-manager running on the same router. Yes, you should upgrade to current 6.40.1, check System > Routerboard afterwa...
by pukkita
Wed Aug 16, 2017 9:37 pm
Forum: Beginner Basics
Topic: Crs226 Sfp bonding so that multiple floors can be interconnected
Replies: 9
Views: 787

Re: Crs226 Sfp bonding so that multiple floors can be interconnected

Should work as you have it configured, if that same config is on rest of switches. I assume switches are daisy chained, ie floor 0 SFP+1 |====| SFP+1 floor 1 SFP+2 |====| SFP+1 floor 3 SFP+2 |====| SFP+1 floor 4 Are you sure SFP modules are linking right? post screenshots of sfp interfaces SFP tab o...
by pukkita
Wed Aug 16, 2017 12:14 pm
Forum: Beginner Basics
Topic: Routing between lans on PowerBox
Replies: 13
Views: 930

Re: Routing between lans on PowerBox

Are PC dedicated for internet, and internet/ lan backbone 750 routers connected to a switch? or are they interconnected by point to point connections (directly between them)? Do all network equipment (but radios on 10.10.10.0/24) use 192.168.1.116 as default gateway? It should, then you need to add ...
by pukkita
Tue Aug 15, 2017 10:03 pm
Forum: Beginner Basics
Topic: Routing between lans on PowerBox
Replies: 13
Views: 930

Re: Routing between lans on PowerBox

After Changes. undid the 192.168.1.0 address because it over-rode my dhcp client and lost my address of 192.168.1.17 to it. Applied NAT Missed that. If it's getting a 192.168.1.x address then nothing else should be required, neither dst or src-nat; for routing to work, both parties (routers) have t...
by pukkita
Tue Aug 15, 2017 8:41 pm
Forum: Beginner Basics
Topic: Routing between lans on PowerBox
Replies: 13
Views: 930

Re: Routing between lans on PowerBox

You need to add an ip address from 192.168.1.0/24 on ether1.

As soon as you do that, ROS will have a directly connected route towards 192.168.1.0/24 and it will start to route.
by pukkita
Tue Aug 15, 2017 8:08 pm
Forum: Beginner Basics
Topic: Crs226 Sfp bonding so that multiple floors can be interconnected
Replies: 9
Views: 787

Re: Crs226 Sfp bonding so that multiple floors can be interconnected

You need to make both SFP ports slaves of the master port the switch chip is setup to.

Open a New Terminal, and issue
/export
Pasting the output here.
by pukkita
Tue Aug 15, 2017 4:29 pm
Forum: General
Topic: Please explain: Simple Queue and PCQ insight
Replies: 6
Views: 1143

Re: Please explain: Simple Queue and PCQ insight

No. CCR is a multi core device, optimized to run simple queues by spreading them along available cores.
by pukkita
Tue Aug 15, 2017 3:20 pm
Forum: General
Topic: Please explain: Simple Queue and PCQ insight
Replies: 6
Views: 1143

Re: Please explain: Simple Queue and PCQ insight

Yes, from ROS 6.x onwards, and specially on multi-core devices.
by pukkita
Tue Aug 15, 2017 12:57 pm
Forum: General
Topic: Router Compromised - Security flaw ?
Replies: 26
Views: 2314

Re: Router Compromised - Security flaw ?

Hi All, Last week we had 2 routers on our network compromised. Both were running 6.29.1 (yes I know its not the latest but ive been through the changelog and cant see anything relevant). Have a closer look at the changelog archive : Release 6.38.5 2017-03-09 What's new in 6.38.5 (2017-Mar-09 11:32)...
by pukkita
Tue Aug 15, 2017 12:36 pm
Forum: General
Topic: Please explain: Simple Queue and PCQ insight
Replies: 6
Views: 1143

Re: Please explain: Simple Queue and PCQ insight

I have read through mikrotik wiki and doesn't have full understand how simple queue and pcq works. Mayb that 's because my bad english and not native. I am currently limiting download and upload speed of Hotspot user by specfying limit in Hotspot profile rate limit. I can see that this limit show i...
by pukkita
Tue Aug 15, 2017 11:47 am
Forum: General
Topic: SIMPLE QUEUES NOT WORKING PROPERLY
Replies: 4
Views: 4076

Re: SIMPLE QUEUES NOT WORKING PROPERLY

Simple queues are processed sequentially, once a packet matches one, it won't proceed to the next same-level simple queue. That's the reason why Simple queues have a strict order - each packet must go through every queue until it reaches one queue which conditions fits packet parameters or until th...
by pukkita
Tue Aug 15, 2017 11:36 am
Forum: Wireless Networking
Topic: Please anyone can help me: Error - Simultaneous Session Limit Reached & RADIUS accounting request not sent ?
Replies: 11
Views: 2813

Re: Please anyone can help me: Error - Simultaneous Session Limit Reached & RADIUS accounting request not sent ?

To fix whatever is happening to the radius server, if you're using SQL backend the problem is usually there. How many users? Alternatively, to alleviate the problem, if radius is being "overloaded", you can try to ease the load on it, by: - setting the Hotspot server profile interim update to 10 or ...
by pukkita
Mon Aug 14, 2017 11:47 pm
Forum: Beginner Basics
Topic: MikroTik RouterBOARD mAP 2n
Replies: 3
Views: 470

Re: MikroTik RouterBOARD mAP 2n

It's a little swiss-army knife wireless access point and router of sorts The condo complex has shared wifi throughout (similar to a hotel, where you go to a URL and input your room number). I doubt it was left there, is it probably the AP providing wireless coverage to your condo when you enter your...
by pukkita
Mon Aug 14, 2017 3:46 pm
Forum: Beginner Basics
Topic: MT CCR + WinSrv2008R2 as router = problem with propely setting [SOLVED]
Replies: 14
Views: 947

Re: MT CCR + WinSrv2008R2 as router = problem with propely setting [SOLVED]

Yes. You don't want to disable them, isn't it? After doing it, you can test by disabling one of the interfaces, more specifically the one with 192.168.1.x/24 addressing, as I assume LAN PCs are in the 192.168.10.x range. As long as you set the default gateway on M$ as 192.168.10.254 M$ will reach In...
by pukkita
Mon Aug 14, 2017 3:38 pm
Forum: Forwarding Protocols
Topic: OSPF Overwrites End User Public IP
Replies: 8
Views: 787

Re: OSPF Overwrites End User Public IP

Now for clients connected to the tower router they are unable to get this, they get only what their subscribed plan is, how can we offer the same cache services? Difficult to say anything specific without knowing your network with more detail, guess you'll need to deploy same mangle / top queues st...
by pukkita
Mon Aug 14, 2017 3:21 pm
Forum: Beginner Basics
Topic: MT CCR + WinSrv2008R2 as router = problem with propely setting [SOLVED]
Replies: 14
Views: 947

Re: MT CCR + WinSrv2008R2 as router = problem with propely setting [SOLVED]

We afraid a little to remove routing from M$ cause we don't have spare domain controller and we don't know how to M$ behave after remove routing and second networkcard .. In that case: 1.- Connect M$ 192.168.10.1 ethernet card to a Mikrotik ether port, say etherX 2.- Create a bridge, and add: ether...
by pukkita
Mon Aug 14, 2017 3:09 pm
Forum: RouterBOARD hardware
Topic: Rb 3011uias-Rm L5 => MINI GBIC
Replies: 4
Views: 584

Re: Rb 3011uias-Rm L5 => MINI GBIC

If you want 10G, then you'll need a different router, with 10G (SFP+) interfaces and power suitable for 10G, a CCR1009-7G-1C-1S+ as bare minimum. If you're an (W/F)ISP and not a "power user", then I'll skip straight to a CCR1036-8G-2S+ as it's the sweet spot in terms of price/performance, being a fu...
by pukkita
Mon Aug 14, 2017 3:02 pm
Forum: Beginner Basics
Topic: MT CCR + WinSrv2008R2 as router = problem with propely setting [SOLVED]
Replies: 14
Views: 947

Re: MT CCR + WinSrv2008R2 as router = problem with propely setting [SOLVED]

I don't know either, where is 192.168.20.2 supposed to be? I am afraid you need to do some cleanup. Cannot understand either why the need of the M$ routing at all, you'd better have one single router to act as default gateway for all the network, it will simplify management and avoid routing loops. ...
by pukkita
Mon Aug 14, 2017 2:25 pm
Forum: General
Topic: How do you upgrade this Mikrotik (double wireless package)
Replies: 28
Views: 3344

Re: How do you upgrade this Mikrotik (double wireless package)

In the past I did a couple of "reset configuration" with "keep user configuration", "no default configuration" and "run after reset" pointing to a /exported file that was slightly edited. This was on RB2011 routers and it worked fine every time. I did it to make major changes to configuration that ...
by pukkita
Mon Aug 14, 2017 2:13 pm
Forum: General
Topic: DHCP server on slave interface
Replies: 7
Views: 11724

Re: DHCP server on slave interface

Post an unedited (but from passwords) export.
by pukkita
Mon Aug 14, 2017 1:43 pm
Forum: RouterBOARD hardware
Topic: Rb 3011uias-Rm L5 => MINI GBIC
Replies: 4
Views: 584

Re: Rb 3011uias-Rm L5 => MINI GBIC

RB3011 has an SFP port (1.25G), not SFP+ (10G).

What do you want to link by fiber? what's the distance?
by pukkita
Mon Aug 14, 2017 1:17 pm
Forum: Beginner Basics
Topic: MT CCR + WinSrv2008R2 as router = problem with propely setting [SOLVED]
Replies: 14
Views: 947

Re: MT CCR + WinSrv2008R2 as router = problem with propely setting [SOLVED]

Then you need to assign one, eg 192.168.10.254/24 on ether interface facing SG500. Any host having just one connection in the 192.168.10.x/24 range will need 192.168.10.254 as default gateway, so you'll need to modify DHCP Server at 192.168.10.1 to hand out 192.168.10.254 as gateway.
by pukkita
Mon Aug 14, 2017 1:10 pm
Forum: General
Topic: SIMPLE QUEUES NOT WORKING PROPERLY
Replies: 4
Views: 4076

Re: SIMPLE QUEUES NOT WORKING PROPERLY

Have a look at this post.
by pukkita
Mon Aug 14, 2017 1:07 pm
Forum: Beginner Basics
Topic: Change "Check gateway" ping address on Routes?
Replies: 5
Views: 4320

Re: Change "Check gateway" ping address on Routes?

You can't, as the pinged ip is that of the gateway.

If you want to use 8.8.4.4 to monitor this, you'll need to resort to use Tools > Netwatch along with up and down scripts.
by pukkita
Mon Aug 14, 2017 12:58 pm
Forum: Beginner Basics
Topic: Blocking website in Bridge Mode
Replies: 6
Views: 1218

Re: Blocking website in Bridge Mode

That is probably changing every now an then... another approach would be importing an Address list with IPs from Skype (AS198015): 91.190.216.0/23 though that will prevent also from accessing Skype website, etc.
by pukkita
Mon Aug 14, 2017 12:51 pm
Forum: Beginner Basics
Topic: Fail Over dual wan, Dynamic and static IP
Replies: 5
Views: 1682

Re: Fail Over dual wan, Dynamic and static IP

Open a New Terminal and issue
/export
and paste output here, will try to fix on top of that.
by pukkita
Mon Aug 14, 2017 12:47 pm
Forum: Beginner Basics
Topic: MT CCR + WinSrv2008R2 as router = problem with propely setting [SOLVED]
Replies: 14
Views: 947

Re: MT CCR + WinSrv2008R2 as router = problem with propely setting [SOLVED]

post an export.

Does the mikrotik router has an 192.168.10.x/24 ip address assigned?
by pukkita
Mon Aug 14, 2017 12:32 pm
Forum: Wireless Networking
Topic: Please anyone can help me: Error - Simultaneous Session Limit Reached & RADIUS accounting request not sent ?
Replies: 11
Views: 2813

Re: Please anyone can help me: Error - Simultaneous Session Limit Reached & RADIUS accounting request not sent ?

There's some kind of problem with your radius server when receiving accounting, that's what first error points to (are you using radius?). Second message, logging failing due to simultaneous session limit reached could mean (if you're using radius), your radius server or service is not being notifie...
by pukkita
Mon Aug 14, 2017 12:16 pm
Forum: Beginner Basics
Topic: MT CCR + WinSrv2008R2 as router = problem with propely setting [SOLVED]
Replies: 14
Views: 947

Re: MT CCR + WinSrv2008R2 as router = problem with propely setting [SOLVED]

I have problem to reach 192.168.10.X from 192.168.20.X without connected 192.168.10.246 Link
But from 192.168.10.X i can reach 192.168.20.X ewen without 246 link
This doesn't make sense, first sentence contradicts second... please review your post and try to be more specific...
by pukkita
Mon Aug 14, 2017 12:12 pm
Forum: General
Topic: Bonding
Replies: 1
Views: 524

Re: Bonding

In your scenairo it will be even simpler thant that, you don't need any kind of EoIP tunnels, just set up bonding. and use arp monitoring.
by pukkita
Sun Aug 13, 2017 8:44 pm
Forum: Wireless Networking
Topic: What if there is no direct visibility? Please, help me!
Replies: 2
Views: 445

Re: What if there is no direct visibility? Please, help me!

If with passive you mean that there will be only antennas (no radios) at middle point, no, that's not possible. You need radios on all Antennas. Assumming all antennas have their radios (4 antennas + 4 radios total) it will work between A and B (middle point) but won't work very well between B and C...
by pukkita
Sun Aug 13, 2017 2:20 pm
Forum: General
Topic: RB750Gr3 slow gigabit performance
Replies: 6
Views: 2012

Re: RB750Gr3 slow gigabit performance

Difficult to say unless you post an export.

Are you using fasttrack? (you should)

As a side note: using DMZ is far from optimal, you'd better put the AT&T router in bridge mode, and setup the RB750Gr3 so that it takes the public ip, i.e. ATT will be a mere modem.
by pukkita
Sun Aug 13, 2017 2:13 pm
Forum: General
Topic: what does Accounting checkbox in Radius tab do?
Replies: 4
Views: 813

Re: what does Accounting checkbox in Radius tab do?

You'd better post those logs and more information, as I can be just guessing without that. That may happen if accounting data already in radius triggers it; but no new accounting is being sent by the NAS if Use Accounting is not enabled, that's for sure. Regarding failed auths, that means radius rej...
by pukkita
Sun Aug 13, 2017 1:03 pm
Forum: Beginner Basics
Topic: Fail Over dual wan, Dynamic and static IP
Replies: 5
Views: 1682

Re: Fail Over dual wan, Dynamic and static IP

I've found many guides on two static WANs but then some contradicting information or at least for me confusing info on one Static and one Dynamic. What is exactly confusing to you? Connectivity checking From checking fiber is online perspective, you need to use a different approach, doesn't matter ...
by pukkita
Sun Aug 13, 2017 12:52 pm
Forum: General
Topic: what does Accounting checkbox in Radius tab do?
Replies: 4
Views: 813

Re: what does Accounting checkbox in Radius tab do?

When you enable accounting, the NAS tracks and sends accounting information about every authenticated user to radius: time connected, bandwidth consumed, etc. one year ago I started to have a problem in the log: RADIUS accounting request not sent: no response. the users have to try several times in ...
by pukkita
Sat Aug 12, 2017 1:25 pm
Forum: General
Topic: Mikrotik router duplicates every single IP address on the network
Replies: 12
Views: 1476

Re: Mikrotik router duplicates every single IP address on the network

Did you use .backups from one radio to setup the rest of the radios? if so, that would be where your problem lies. .backups are only intended for a given device with a given ROS version. They're not meant for configuration mass deployment as it contains MAC addresses from specific device it was take...
by pukkita
Sat Aug 12, 2017 1:20 pm
Forum: Forwarding Protocols
Topic: OSPF Overwrites End User Public IP
Replies: 8
Views: 787

Re: OSPF Overwrites End User Public IP

With all due respect, my advice is hiring a consultant for this migration. Additionaly, you're wasting precious and scarce public ip addressing space.

OSPF won't ever change an IP, as JimmyNyHolm pointed, your edge router is masquerading connections from that customer.
by pukkita
Sat Aug 12, 2017 1:14 pm
Forum: The Dude
Topic: Weird slow connection trought usb ethernet adapter
Replies: 2
Views: 938

Re: Weird slow connection trought usb ethernet adapter

Looks like the USB card/ROS USB has issues, which is the ROS version AND firmware version? (System > Routerboard Firmware versions listed)

What's CPU load when doing this test?

Wouldn't it be easier (and more optimal) to connect a second switch to the 2011 LAN ports?
by pukkita
Sat Aug 12, 2017 12:32 pm
Forum: Wireless Networking
Topic: 16 Buildings centralized wireless solution
Replies: 3
Views: 593

Re: 16 Buildings centralized wireless solution

so each of this connections from the central building to the other 15 ones must have at least around 150MB throughput That's not going to happen with 802.11A/N/ac PTMP and 15 stations. In that case, you'd better either create a PTP for each. You'll need minimum 40MHz for each to exceed 100Mbps, whi...
by pukkita
Sat Aug 12, 2017 12:25 pm
Forum: Forwarding Protocols
Topic: Resilio Sync (Bittorrent sync) - Download/Upload Speed Is Very Slow
Replies: 2
Views: 1763

Re: Resilio Sync (Bittorrent sync) - Download/Upload Speed Is Very Slow

bitorrent needs to establish incoming connections also. Check that: - Your mikrotik router has the public IP assigned, i.e. set your provider router as a mere modem (bridge mode) - Setup uPnP on mikrotik specifying WAN and LAN ports, and activate uPnP on the client, you should see D flagged (dynamyc...
by pukkita
Sat Aug 12, 2017 12:16 pm
Forum: RouterBOARD hardware
Topic: Memory test errors for RB1100AHx4 [SOLVED]
Replies: 5
Views: 872

Re: Memory test errors for RB1100AHx4 [SOLVED]

Generate a supout and email support. If device is under warranty, it will be covered.
by pukkita
Sat Aug 12, 2017 11:52 am
Forum: SwOS
Topic: can't access RB260GSP admin page via http
Replies: 5
Views: 1068

Re: can't access RB260GSP admin page via http

From RB260GSP manual: Note: SwOS uses a simple algorithm to ensure TCP/IP communication - it just replies to the same IP and MAC address packet came from. This way there is no need for Default Gateway on the device itself. If edgerouter is routing to carry your packets to the RB260GSP, you'll experi...
by pukkita
Sat Aug 12, 2017 11:38 am
Forum: Beginner Basics
Topic: How to have hAP AC Lite use router's subnet
Replies: 3
Views: 818

Re: How to have hAP AC Lite use router's subnet

Glad to hear that :D
by pukkita
Fri Aug 11, 2017 6:13 pm
Forum: RouterBOARD hardware
Topic: CRS317-1G-16S+RM: CWDM/DWDM SFP+ optics? [SOLVED]
Replies: 12
Views: 2692

Re: CRS317-1G-16S+RM: CWDM/DWDM SFP+ optics? [SOLVED]

It depends, for non Mikrotik hardware, see supported hardware.

S+31DLC10D is the Mikrotik product for 10G - 10Km (single mode).

CRS317 hasn't been included yet on Mikrotik SFP Compatibility Matrix, but being both Mikrotik products I bet it will support it.
by pukkita
Fri Aug 11, 2017 5:15 pm
Forum: General
Topic: Fcs error on link !
Replies: 5
Views: 4758

Re: Fcs error on link !

Check first the usual suspects: cable, injector... If those are fine, AF's are known to inject its own radio tx signal back into ether if there are obstacles in front or near it, causing these FCS problems. Lower Tx power if possible and check; if these go away, that's your problem. Has any radio be...
by pukkita
Thu Aug 10, 2017 7:25 pm
Forum: General
Topic: what type of port forwarding should i use for my dual wan network?
Replies: 4
Views: 573

Re: what type of port forwarding should i use for my dual wan network?

Yes the premises is rectangle 4m x 10m the gaming computers will be in 2 lines of 10 units back to back. Then the Hap ac will be all you need for wireless coverage. Oh yes i forgot to mention i want to install at least 4 cctv security cameras Are they PoE-In? (they should) if so, I'll use a a Hex P...
by pukkita
Thu Aug 10, 2017 6:01 pm
Forum: RouterBOARD hardware
Topic: Best ports for WAN / ISP on RB1100AHx4 [SOLVED]
Replies: 4
Views: 1247

Re: Best ports for WAN / ISP on RB1100AHx4 [SOLVED]

Ouch... I'd swear I read RB1100AHx2... :D So there is no difference in this case, all ports are equal... Not exactly... In this case, optimal ports would be ether11-13 leaving one unocuppied if possible; rationale: they won't be sharing as many ports (5) into the 2,5Gb/s switch chip uplink towards t...
by pukkita
Thu Aug 10, 2017 5:56 pm
Forum: General
Topic: what type of port forwarding should i use for my dual wan network?
Replies: 4
Views: 573

Re: what type of port forwarding should i use for my dual wan network?

RB260GSP is a PoE-out switch, it doesn't even run RouterOS but SwOS. For your application minimum I would pick is a RB3011 , it will be able to "move" 2x200Mbps fine. Assuming premises are square, or rectangular, as AP a Hap ac placed on the center will allow you to use the rest of the ports to dais...
by pukkita
Thu Aug 10, 2017 2:30 pm
Forum: Wireless Networking
Topic: Wireless repeater between 2 units?
Replies: 4
Views: 515

Re: Wireless repeater between 2 units?

Yes.
by pukkita
Thu Aug 10, 2017 2:29 pm
Forum: RouterBOARD hardware
Topic: crs210-8g-2s+in ether1 port flap
Replies: 7
Views: 899

Re: crs210-8g-2s+in ether1 port flap

I'd write support, including a supout and linking to this thread.
by pukkita
Thu Aug 10, 2017 2:24 pm
Forum: Beginner Basics
Topic: wireless tables, inteface empty
Replies: 9
Views: 908

Re: wireless tables, inteface empty

No, PowerBox Pro won't handle 500 simultaneous users, PowerBox Pro has a L4 license which limits simultaneous hotspot users to 200. Apart from that, it won't have enough CPU power. In any case, you'd be already limited by the SXTs, there's no way each would be able to handle 250 users, I'd say 50 ma...
by pukkita
Thu Aug 10, 2017 2:01 pm
Forum: RouterBOARD hardware
Topic: CCR1016-12g Can I add WLAN interface card?
Replies: 6
Views: 670

Re: CCR1016-12g Can I add WLAN interface card?

In that case the optimal pick for the AP is wAP ac : - Weather Proof - Tamper Proof - Already conceived to be fixed on Walls, Ceilings or Poles. To fill-in shadow indoor areas, or small non-crowded spaces you could use cAPs For big outdoors areas, you can resort to: - SXTG-2HnD (60 Degrees sector wi...
by pukkita
Thu Aug 10, 2017 1:58 pm
Forum: General
Topic: how i can disable and then enable pppoe users automatic ?
Replies: 4
Views: 629

Re: how i can disable and then enable pppoe users automatic ?

Sorry, this is an user-supported forum, there's a Scripting forum where you can post more specific questions.
by pukkita
Wed Aug 09, 2017 2:00 pm
Forum: RouterBOARD hardware
Topic: crs210-8g-2s+in ether1 port flap
Replies: 7
Views: 899

Re: crs210-8g-2s+in ether1 port flap

Could be Energy Efficient Ethernet setting ( RFC 802.3az ) on the i350-t4, according to Intel : Link flap when Energy Efficient Ethernet is enabled --------------------------------------------------- Some switches do not support Energy Efficient Ethernet (EEE) correctly. Make sure your switch is loa...
by pukkita
Wed Aug 09, 2017 1:42 pm
Forum: RouterBOARD hardware
Topic: CCR1016-12g Can I add WLAN interface card?
Replies: 6
Views: 670

Re: CCR1016-12g Can I add WLAN interface card?

I have DHCP server on the CCR bridge, which connects a few of the wired ports to ether2 What's on ether2? (ether port where the AP connects should be added to DHCP bridge). Post an export... but get no IPs on wireless devices connecting to the 2nd router. That means there's no layer2 continuity fro...
by pukkita
Wed Aug 09, 2017 1:27 pm
Forum: Wireless Networking
Topic: Wireless repeater between 2 units?
Replies: 4
Views: 515

Re: Wireless repeater between 2 units?

No need for EoIP tunnels, just set the Hap lite as a simple wired/wireless switch

No need to use wireless repeater, as both will be already connected via ethernet which is also the optimal approach.
by pukkita
Wed Aug 09, 2017 12:18 pm
Forum: General
Topic: how i can disable and then enable pppoe users automatic ?
Replies: 4
Views: 629

Re: how i can disable and then enable pppoe users automatic ?

If you want to enable/disable then and are using local user accounts, then you'll need to program a script to do so, and use the scheduler. Another possible approach would be using time feature on simple queues, not to disable them, but to apply restrictive speed limits to them: you can use IP addre...
by pukkita
Wed Aug 09, 2017 11:40 am
Forum: RouterBOARD hardware
Topic: CCR1016-12g Can I add WLAN interface card?
Replies: 6
Views: 670

Re: CCR1016-12g Can I add WLAN interface card?

Yes and no. :D No, you can't add a physical WLAN card to it. Wouldn't be really practical as the place where this router belongs is inside a rack anyway, while optimal AP placement are ceilings and walls usually. But... Yes, there's even a better way: any routerboard with wireless can work as a CAP ...
by pukkita
Wed Aug 09, 2017 11:32 am
Forum: RouterBOARD hardware
Topic: crs210-8g-2s+in ether1 port flap
Replies: 7
Views: 899

Re: crs210-8g-2s+in ether1 port flap

This is most probably hardware-specific, so doubt RB2011 issues could be related.

Post an screenshot of System > Routerboard, does Current Firmware match Upgrade Firmware?
by pukkita
Wed Aug 09, 2017 11:29 am
Forum: Beginner Basics
Topic: Blocking website in Bridge Mode
Replies: 6
Views: 1218

Re: Blocking website in Bridge Mode

Have you ticked Bridge > [Settings] Use IP Firewall ?

Traffic flowing through the bridge won't pass through the firewall unless that's enabled.
by pukkita
Wed Aug 09, 2017 11:27 am
Forum: RouterBOARD hardware
Topic: Best ports for WAN / ISP on RB1100AHx4 [SOLVED]
Replies: 4
Views: 1247

Re: Best ports for WAN / ISP on RB1100AHx4 [SOLVED]

Captura de pantalla 2017-08-09 a la(s) 10.23.49.png
Typically, ether11 and ether12, as they're out of the switch chips (better for LAN) and have direct CPU connection.
by pukkita
Tue Aug 08, 2017 2:23 pm
Forum: Wireless Networking
Topic: Many problems with RBLHG-5nD
Replies: 1
Views: 359

Re: Many problems with RBLHG-5nD

Is it new or does it started to behave like this recently after working for some time? Asking this because It could be either the reset button is damaged, or rust has shorted out its PCB pads, effectively acting as if reset button was constantly pressed, inducing a constant reboot/reset to defaults ...
by pukkita
Tue Aug 08, 2017 1:55 pm
Forum: General
Topic: wAP AC - Firewall Rules?
Replies: 2
Views: 610

Re: wAP AC - Firewall Rules?

You only need firewall protection on the device facing internet; per your post looks like that duty is already being carried away on the Hap ac, so no, you don't need any firewall on the wAP ac.

In fact best practice is having that AP doing as little as possible for the best AP performance.
by pukkita
Tue Aug 08, 2017 12:43 pm
Forum: Beginner Basics
Topic: Installation question
Replies: 1
Views: 448

Re: Installation question

Depends on:

- What's your house floor size? does it have multiple stories?
- Routerboard model?
by pukkita
Mon Aug 07, 2017 9:49 pm
Forum: Beginner Basics
Topic: vpn with isp ddns help!
Replies: 6
Views: 636

Re: vpn with isp ddns help!

Check SSTP service is enabled. Check also your ISP is actually forwarding those ports by doing a simple redirection to an internal webserver or RDP host, To debug what's happening, have a look at Log while trying to connect from outside, paste a screenshot here. Are you trying to connect from a smar...
by pukkita
Mon Aug 07, 2017 11:51 am
Forum: General
Topic: Why remote logging not work?
Replies: 8
Views: 1226

Re: Why remote logging not work?

Glad it helped.

You probably exceeded syslog's packet requirements by using multiple topics.
by pukkita
Mon Aug 07, 2017 11:33 am
Forum: RouterBOARD hardware
Topic: Queues Issues in Mikrotik CCR1036-12G-4S
Replies: 1
Views: 1990

Re: Queues Issues in Mikrotik CCR1036-12G-4S

Have a look at Janis Megis' Most underused and overused RouterOS features Presentation, specifically Queues don’t work properly
by pukkita
Mon Aug 07, 2017 11:25 am
Forum: General
Topic: PPPoE-Client : could not determine remote address, using 10.112.112.179
Replies: 2
Views: 1719

Re: PPPoE-Client : could not determine remote address, using 10.112.112.179

Use radtest or radclient to check if radius server is returning Framed-Pool attribute, and if so, same name ip pool is defined on the RB.

If not returning Framed-Pool, make sure there's a pool defined on whichever profile pppoe server is using.
by pukkita
Mon Aug 07, 2017 10:58 am
Forum: General
Topic: Why remote logging not work?
Replies: 8
Views: 1226

Re: Why remote logging not work?

mmm that changes everything... so it does work with simple topics?? Have you tried setting multiple single topic entries with same remote?
by pukkita
Mon Aug 07, 2017 10:52 am
Forum: General
Topic: Why remote logging not work?
Replies: 8
Views: 1226

Re: Why remote logging not work?

Can RB ping syslog server?

If RB has multiple IP ranges, try setting
/system logging action
set 3 remote=192.168.1.1 src-address=192.168.1.X
Where 192.168.1.x is the RB ip in that range.
by pukkita
Mon Aug 07, 2017 10:50 am
Forum: General
Topic: CCR and Two Switches
Replies: 1
Views: 349

Re: CCR and Two Switches

Bear in mind that on RB493G, ether3 and 4 are on the same switch group, so it may be switching or VLANs were implemented in hardware by using the switch chip features. CCR1009-7G-1C-1S+ doesn't have any switch chip, if you imported the RB493G configuration, anything related to switch chip won't be i...
  • 1
  • 2
  • 3
  • 4
  • 5
  • 10