Hopefully i’m posting in the correct section. First of all i’m running a MikroTik hAP ac Dual-Band since 2016 and this is the first time in these 4 years when i have a problem with it.
Long story short … I have a 1000 Mbps internet connection and for the last 3 months all I could reach was a 250 Mbps (multiple days, multiple hours).
I’ve tested the internet connection using the router offered by my ISP and using an old TP-Link WR1043ND v4 router, and speeds are according to the contract, over 950Mbps download and over 450Mbps upload.
Seeing these speeds and the fact that I’ve checked and recheck, reconfigured the router and nothing, today I’ve decided to do a factory reset and start from 0 … and this is what exactly my router did … went to a 0.
Basically I’ve used the factory reset option from WinBox, the router restarted and after more than 30 minutes (went for a snack and some talking on the phone) … it was dead … it couldn’t assign any ip addresses, it couldn’t be accessed … nothing. Seeing this i did a second restart using the button on the right side and now dhcp works, it assigns a proper IP address (192.168.88.254) but i can’t access the router by any means. The web interface is not working, WinBox doesn’t work. I can see the router in the Neighbors tab in WinBox. You can imagine I’ve tried multiple cables, all of the ports, the default username and password, my old username and password, static ip (multiple ips with no gateway with no dns) and so on.
Currently i’m out of ideas. Is there something that I’m missing? It’s been 4 years since my last configuration from 0 so I’m expecting to miss something.
try command line access using SSH or Telnet (which are missing in your list of attempts)
set it to factory defaults yet another time by long press of the button after connecting the power (see the manual for the precise procedure if you haven’t yet).
I also had an issue that when using Winbox via MAC address, the IP address of the interface on the PC had to be from another subnet than the address of Mikrotik’s interface to which it is connected (or none at all), otherwise the Winbox reverted to using IP connection rather than the MAC one. I don’t use Winbox much so I don’t know whether this is a feature or it was a bug of a particular Winbox version.
if you have another Mikrotik handy, you can try mac-telnet from there (if the winbox server is disabled, the mac-telnet one may still be available)
if you have an USB-to-serial converter, a “null modem” cable, and either a serial port on your PC or yet another USB-to-serial converter, you can use serial connection
if neither of the steps above helps (configuration can disable any of the above access methods), you’ll have to use Netinstall, but that may be an adventure on its own (even if you follow the instructions precisely, i.e. disable all IP interfaces on the PC except the one you use, you may get surprises).
Well, whatever address column in the list you click, or even double-click, the address is only copied into the address field and to really connect, you have to press [Connect]. So I doubt I had missed that the address was the wrong (IP in that case) one. But I’ve just checked with Winbox 3.20 (I know it’s not up-to-date) and it works as expected, sniffer shows the communication goes to 255.255.255.255:20561 although I’ve got the IP address from the same subnet like the Mikrotik interface to which I am connected.
The point back then was that the WinBox port was disabled on firewall, so I could not connect through there via IP and tried via MAC. And after just disabling the DHCP client on Windows and setting an IP from a different subnet, I could get through via MAC without changing anything on the Mikrotik.
But what I’ve described happened months or even years ago, so no way to find out any more what the real issue was.
tried SSH or Telnet and it did not work (tired it from Windows / from another notebook which was using also Windows and installed a new notebook with Debian and also nothing) … it has the same behavior as WinBox, it responds to PING but can’t be accessed
factory reset - after writing the post … I did reset it 3 - 4 times in the past couple of days and the same, nothing
tried this - before resetting the router I’ve played with the subnet a bit … had it configured on 192.168.0.1/24 … moved it to 192.168.1.1 and then to 192.168.10.1. Tried all of them and nothing, plus other subnets.
This is my only MikroTik device … but i was always fascinated by the MikroTik mAP 2nD RBmAP2nD … so i think this is the perfect moment to order one
As strange as it sound … i do have this setup … but i will have to study it and try it today
I will have to study this.
By any chance … before performing a factory restart of the router … i did do a backup using “Files” from WinBox, downloaded the file but never deleted it … can this dumbass pick that up?
First of all… you’ve said you tried the default username and password (which is the correct way after reset to defaults, all user credentials are wiped by reset to defaults). So when using SSH, did you get no response or you got asked for login but no credentials worked? If the latter, what do you think is the password associated to the default login?
It’s actually bigger than it appears to be on the pictures, and I look forward for a 5 GHz version of it, but it is really handy, e.g. as an external VPN box for your PC.
But… I hate to say that, but given your initial problem, I’d say that unless you need an SFP port to connect the uplink to the ISP, you’d better buy a hAP ac² to replace the hAP ac. It has some limitations as compared to the hAP ac (no SFP port, no PoE out, only dual-chain WiFi as compared to the triple-chain on hAP ac), but it has a much more powerful CPU - ARM rather than MIPSBE, four cores rather than one on the same frequency, and an encryption engine. And when I did a test some time ago, it could handle a 1 Gbit/s uplink even with PPPoE (with fasttracking enabled in the firewall). Be aware that use of queues reduces the throughput significantly, but if you don’t need PPPoE on the other hand, it may still be enough for your uplink speed even with queues.
As you have got this hardware, chances are high that command line doesn’t scare you. It’s a no-brainer, PuTTY has a serial mode, set 115200, 8, N, 1. The only thing is that you need to find the name of your serial port in the device list in Windows and type it into the PuTTY form field, there is no drop-down list of ports created automatically. The command line is the same like in telnet and ssh.
There are two good things about the “restore to defaults”. It does not pick up any backup it finds on the disk automatically after factory reboot, but it doesn’t delete anything in the user area on the disk either, so you can revert back to previous configurations without need to upload them first (so you can do that still from the serial terminal, without setting up network connectivity manually). On some devices only a special directory flash/ is not erased, because the rest is a ramdisk, but that’s not your case.
But what I just wrote is not true if you use Netinstall, which wipes the disk out completely. Which should not be a big deal for you as you still have your backup downloaded elsewhere.
The only point is that the backup probably includes your unintended slowdown (if it’s not just the CPU weakness as suggested above) and it is restored as a whole. So once you manage to break into your device, the right procedure is to restore the backup, then upgrade to the firmware version you want to run, and then do an export into a file rather than a backup. If you have any certificates or SSH keys on the machine, you have to export them separately, including the private keys for those certificates the machine uses to authenticate itself or sign other certificates. The export file only contains configuration commands, no hidden values you cannot check. You download it, add delay 60s as its first line, then do netinstall to the same version to which you have upgraded before to get rid of anything that might have gone wrong internally, then upload the modified .rsc file back, and then run system reset-configuration run-after-reset=the-exported-file.rsc. The netinstalled version must be the same like the one which was running when you did the export, otherwise part of the import may fail, leaving you with an incomplete configuration.
I’m just guessing, but if you have an up-to-date Winbox and the RouterOS in the device is older than 6.43, I would suppose that everything is OK and you can just choose the “legacy” option to log in; even if you have just purchased device as a brand new one, it still doesn’t mean that it wasn’t somewhere in a warehouse for some time, so it may have been shipped from factory with < 6.43.
But if you haven’t changed Winbox version since logging in to that very device before, I would be careful.
In any case, if any managent interface (winbox, web, telnet, ssh, api) of that router was open to the internet while the device was running the old software, export the configuration, save it on your PC, netinstall the device with an up-to-date long-term version and re-create the configuration from the export. Otherwise a normal upgrade is enough.
