when i a searching any thing on google search engine i am found that i am no robot, that time i am reset device and upgrade version and same i found in after 1-2 days, same i checked all version, kindly suggest me where i can block these traffic generating from device.
Please post your configuration; go to terminal, run /export hide-sensitive and paste result here.
https://wiki.mikrotik.com/wiki/Manual:Configuration_Management#Exporting_Configuration
export hide-sensitive
/interface wireless
set [ find default-name=wlan1 ] band=5ghz-a/n disabled=no mode=station-bridge
ssid=XXXXXXX
/interface pppoe-client
add add-default-route=yes dial-on-demand=yes disabled=no interface=wlan1 name=
pppoe-out1 service-name=XXXXX use-peer-dns=yes user=XXXXXX
/interface wireless security-profiles
set [ find default=yes ] authentication-types=wpa-psk,wpa2-psk group-ciphers=
tkip,aes-ccm mode=dynamic-keys supplicant-identity=MikroTik
unicast-ciphers=tkip,aes-ccm
/ip hotspot profile
set [ find default=yes ] html-directory=flash/hotspot
/ip pool
add name=dhcp ranges=XXXXXXXXXXXX
/ip dhcp-server
add address-pool=dhcp disabled=no interface=ether1 name=dhcp1
/ip address
add address=XXXXXXXXXX/24 interface=ether1 network=XXXXXXXX
/ip dhcp-server network
add address=XXXXXXXXX/24 gateway=XXXXXXXXXX netmask=24
/ip dns
set servers=XXXXXXXXXXX
/ip firewall nat
add action=masquerade chain=srcnat out-interface=pppoe-out1
/ip service
set telnet disabled=yes
set ftp disabled=yes
set ssh disabled=yes
set api disabled=yes
set api-ssl disabled=yes
/ip smb
set allow-guests=no
/ip upnp
set show-dummy-rule=no
/system clock
set time-zone-name=Australia/Brisbane
/system package update
You have no firewall filter rules. Try adding accept rules for established+related and from ether1 (lan). Then drop everything from else. Both input and forward chains.
Go to system->packages and upgrade to the latest version (should be 6.43.2) and reboot.
Then go to system->routerboard and upgrade firmware and reboot again.
Then go to “quick set” and do a “reset configuration” and start from zero configuring your device.
Use the wizard to add the PPPoE, don’t follow Youtube video advise!!!
This time, do not remove the default firewall rules. They are there for a reason.
Again, don’t look on Youtube for videos by newbies explaining how to configure a MikroTik router!
Chandan is using wlan1 as uplink and ether1 as lan. Not sure if quickset will support that.
Sure it does, that is the CPE mode.
But I think he followed a video that I found when searching for “MikroTik PPPoE” and that starts by clearing out the entire config and then adding some basic things.
(leaving the device entirely unprotected)
Ah, missed that. Thanks.
i have done all process step by step and found that after 6hrs. i am again detect same issue.
Is it Mikrotik device version flow issue are something else?
Your task is to reset the router so it is secure and does not get hacked again.
So now you need to check if that is indeed the case. So you have a good firewall and you don’t see all
kinds of strange things in the router that you did not do yourself (like new users being created or changes made by others).
Once you’ve got that covered, you will probably still have to be patient for a while before Google trusts you again.
By the way, does that internet access you have via the access point directly go to internet with your own public internet address?
Or is it going to some WiSP that shares the connection amongst many subscribers with NAT (so you get an address like 192.168.x.x)
In the latter case, it may be that the problem is not caused by you but by any other subscriber to the same service.
when i am tracing global dns,
it will show me “thklb-7246-cmts-1.lab.virginmedia.net [XX.16.1.1]” one dns in my device in hoop list. kindly find the screen shot.
Are you located in the UK and subscribing to Virgin Media cable service?
If not, you are probably the victim of a bad sysadmin who used 194.168 instead of 192.168 for the local
network, and you are together with a lot of other users behind the same NAT towards internet.
(difficult to see because you blotted out the addresses - don’t do that! it does not reveal anything that could harm you)
Anyway, you will have to live with this “problem”. It is just an artifact of the way you access internet and the
way that Google handles abuse. As long as you access internet via the same address that others use to do abuse,
you will have this.
If you configured local LAN as 194.168.1.0/24 instead of 192.168.1.0/24 then DNS name of your gateway is resolved to external name.
You didn’t show your configuration so it is just a guess.
I have changed Local end Ip address with 192.168.10.1/24 and and monitored , i get again same issue .
I have changed Local end Ip address with 192.168.10.1/24 and and monitored , i get again same issue .
Define “same issue” => You still get 194.168.1.1 as first hop in your traceroute? Then post config without masking internal addresses.
If you still have issues with Google, as pe1chl mentioned, you probably have to find a way to stop over-requesting Google servers. Either by reviewing your router configuration and checking clients for malware. E.g. check the firewall connection table for noticeable (amounts of) connections.
Do you get a public IP from your ISP? Use something like iptracker on that IP to check if it really belongs to your internet provider. My guess is that your ISP is doing some messed up NAT and that might cause this issue.
Just to be clear, most sites will think that you are a robot if there are too many connections coming from the same IP. This is why me and others here are insisting on a NAT or an wrong internal IP address configured either on your side or in your ISP side.
Which internet provider do you have?
It is not your router but your provider. If there are too many Google requests from the same network (read your network providers) this robot message appears to check that it is not a robot that overloads the network.