Help to solve this!

silvan · January 16, 2015, 1:37am

Hi.
i posted this topic in beginner basics section but no answer!
please help me if you can.
when my users tried to open some websites they face to this errors on their browsers (all browsers).
i updated all WiFi and network adapters driver and have antivirus on all network.
is there any problem with my mikrotik router board?

and another issue is sometime when the users tried to search on Google they face to this page repeatedly:

jarda · January 16, 2015, 9:07am

It can be MTU problem. Test the MTU by ping with no fragments and then set accordingly.

hossain2004a · January 16, 2015, 9:30am

export your configs in terminal by:

export

silvan · January 17, 2015, 8:55am

jan/17/2015 11:38:36 by RouterOS 6.10

software id = J0HH-NR4D

/interface bridge
add l2mtu=1598 name=bridge1 protocol-mode=none
/ip hotspot profile
set [ find default=yes ] login-by=http-chap,https,http-pap
add hotspot-address=10.10.5.1 login-by=https,http-pap name=hsprof1
use-radius=yes
/ip hotspot
add disabled=no idle-timeout=55m interface=bridge1 name=hotspot1 profile=
hsprof1
/ip hotspot user profile
set [ find default=yes ] idle-timeout=none keepalive-timeout=2m
mac-cookie-timeout=3d name=default-fast rate-limit=3000k/2500k
add idle-timeout=none keepalive-timeout=2m mac-cookie-timeout=3d name=fast
rate-limit=1000k/1000k transparent-proxy=yes
add idle-timeout=none keepalive-timeout=2m mac-cookie-timeout=3d name=medium
rate-limit=1000k/600k transparent-proxy=yes
add idle-timeout=none keepalive-timeout=2m mac-cookie-timeout=3d name=slow
rate-limit=1000k/300k transparent-proxy=yes

/ip ipsec proposal
set [ find default=yes ] enc-algorithms=3des
/ip pool
add name=hs-pool-14 ranges=10.10.5.15-10.10.10.254
/ip dhcp-server
add address-pool=hs-pool-14 disabled=no interface=bridge1 lease-time=1h name=
dhcp1
/port
set 0 name=serial0
set 1 name=serial1
/queue simple
add name=Total target=ether1
add disabled=yes max-limit=512k/512k name=tammy target=10.10.5.238/32
/snmp community
set [ find default=yes ] name=interisp
/system logging action
set 0 memory-lines=100
set 1 disk-lines-per-file=100
add name=webproxylog remote=10.10.5.235 target=remote
/tool user-manager customer
set admin password=xxxxx
/tool user-manager profile
add name=“Default” name-for-users=“” override-shared-users=1 owner=admin
price=0 starts-at=logon validity=0s
add name=1Mbps name-for-users=“Default 2” override-shared-users=off owner=
admin price=0 starts-at=logon validity=4w
/user group
set read policy=“local,reboot,read,test,winbox,password,sniff,sensitive,api,!t
elnet,!ssh,!ftp,!write,!policy,!web”
set write policy=“local,reboot,read,write,test,winbox,password,sensitive,!teln
et,!ssh,!ftp,!policy,!web,!sniff,!api”
add name=sniffer
/interface bridge port
add bridge=bridge1 interface=ether2
add bridge=bridge1 interface=ether3
add bridge=bridge1 interface=ether4
add bridge=bridge1 interface=ether5
add bridge=bridge1 interface=ether6
add bridge=bridge1 interface=ether7
add bridge=bridge1 interface=ether8
add bridge=bridge1 interface=ether9
add bridge=bridge1 interface=ether10
add bridge=bridge1 interface=ether11
add bridge=bridge1 interface=ether12
add bridge=bridge1 interface=ether13
/interface bridge settings
set use-ip-firewall-for-pppoe=yes use-ip-firewall-for-vlan=yes
/ip accounting
set enabled=yes threshold=2560
/ip accounting web-access
set accessible-via-web=yes address=10.10.5.163/32
/ip address
add address=10.10.5.1/24 comment=“hotspot network” interface=bridge1
network=10.10.5.0
add address=185.34.16.117/28 interface=ether1 network=xx.xx.xx.xx
/ip dhcp-server network
add address=10.10.5.0/24 comment=“hotspot network” dns-server=
xx.xx.xx.xx,8.8.8.8 gateway=10.10.5.1
/ip dns
set servers=xx.xx.xx.,4.2.2.2,8.8.8.8,4.2.2.4
/ip firewall filter
add action=passthrough chain=unused-hs-chain comment=
“place hotspot rules here” disabled=yes
add action=reject chain=forward content=facebook disabled=yes reject-with=
icmp-admin-prohibited src-address-list=“”
add action=reject chain=forward content=youtube disabled=yes reject-with=
icmp-admin-prohibited
add action=drop chain=forward disabled=yes layer7-protocol=“(unknown)”
/ip firewall nat
add action=passthrough chain=unused-hs-chain comment=
“place hotspot rules here” disabled=yes to-addresses=0.0.0.0
add action=masquerade chain=srcnat comment=“masquerade hotspot network”
src-address=10.5.70.0/24 to-addresses=0.0.0.0
add action=masquerade chain=srcnat comment=“masquerade hotspot network”
src-address=10.10.5.0/24 to-addresses=0.0.0.0
add action=dst-nat chain=dstnat disabled=yes dst-address=95.170.205.199
dst-port=2000 protocol=tcp to-addresses=10.10.5.2 to-ports=8291
add action=dst-nat chain=dstnat dst-address=180.25.11.125 dst-port=5000
protocol=tcp to-addresses=10.10.5.5 to-ports=8291
/ip hotspot ip-binding
add comment=john mac-address=xx:xx:xx:xx:xx:xx type=bypassed

************************************* 200 users************
add comment=“bryan adam” name=bryan password=82
profile=Default 2

/ip proxy
set cache-administrator=revert enabled=yes max-cache-size=none parent-proxy=
0.0.0.0 src-address=0.0.0.0
/ip route
add distance=1 gateway=xx.xx.xx.xx
/ip service
set ssh disabled=yes
set api disabled=yes
/ip upnp
set allow-disable-external-interface=no
/radius
add address=127.0.0.1 secret=12345 service=hotspot
/radius incoming
set accept=yes
/snmp
set enabled=yes trap-community=interisp
/system clock
set time-zone-name=xxxxx
/system identity
set name=“Main Server”
/system logging
add action=webproxylog prefix=proxy topics=web-proxy
/system ntp client
set enabled=yes primary-ntp=207.46.197.32 secondary-ntp=4.2.2.2
/system scheduler
add interval=1m name=schedule1 on-event=RC policy=
ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive,api
start-date=jun/08/1970 start-time=10:24:50
add comment=“starting night user” interval=1d name=start-night on-event=
enableNight_rule policy=
ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive,api
start-date=nov/27/2014 start-time=09:30:00
add comment=“starting night user” interval=1d name=stop-night on-event=
disableNight_rule policy=
ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive,api
start-date=nov/27/2014 start-time=10:00:00
/system script
add name=enableBia2_rule policy=
ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive,api
source=“/ip proxy access enable [find comment="bia2"]”
add name=disableBia2_rule policy=
ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive,api
source=“/ip proxy access disable [find comment="bia2"]”
add name=enableNight_rule policy=
ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive,api
source=“/ip hotspot user enable [find user="night"]”
add name=disableNight_rule policy=
ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive,api
source=“/ip hotspot user disable [find user="night"]”
add name=removeActiveNight policy=
ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive,api
source=“/ip hotspot active find user="night"”
/tool user-manager router
add coa-port=1700 customer=admin disabled=no ip-address=127.0.0.1 log=
auth-ok,auth-fail,acct-ok,acct-fail name=“Main server” shared-secret=
12345 use-coa=no
/tool user-manager user
add caller-id=CC:3A:61:70:E2:80 comment=“it manager” customer=admin disabled=
no email=t@gmail.com first-name=rever last-name=makort location=
name=re password=xxxx phone=xxxxxx shared-users=1
wireless-enc-algo=none wireless-enc-key=“” wireless-psk=“”

silvan · January 19, 2015, 2:40pm

any help?

hossain2004a · January 20, 2015, 10:27am

Are your hotspot user’s log in??
and why there are some many bridges?