Hi there, somewhat new to Mikrotik (building a solution to replace my pfsense box) though very much excited by it. Using a Routerboard RB3011UiAS-RM.
My 3011 is setup as such (it goes into various switches and WAPs downstream):
WAN modem (ADSL) bridged into ETH1.
ETH2 serves my LAN with internet on a 192.168.1.x subnet
ETH3 serves my LAN with internet over a first PPTP tunnel on a 192.168.2.x subnet
ETH4 serves my LAN with internet over a second PPTP tunnel over a specific range of the 192.168.1.x subnet
ETH5-10 serves my LAN with internet on a 192.168.50.x subnet
Everything works as it should except one thing (help help please help).
When I use the tunnels traffic is intermittent. They’ll connect just fine and there’s traffic which dies out after a while - I can ping the router, I can ping external sites, I can ping via name (e.g. google.com) and all is well. I just can’t load webpage, which is really annoying.
But then if I run Torch… it comes alive again!
Any advice? the ADSL connection is on an MTU of 1380, the L2 MTU of everything else internal seems to be 1598.
Seems like on your configuration FastTrack makes packets avoid something in firewall or somewhere else and it causes issues for your particular configuration. It is not a bug. It simply is how FastTrack works. Sounds like you have to make exception for particular traffic.
http://wiki.mikrotik.com/wiki/Manual:Wiki/Fasttrack
"Note that not all packets in a connection can be fasttracked, so it is likely to see some packets going through slow path even though connection is marked for fasttrack. This is the reason why fasttrack-connection is usually followed be identical action=accept rule. Fasttracked packets bypass firewall, connection tracking, simple queues, queue tree with parent=global, ip traffic-flow(restriction removed in 6.33), ip accounting, ipsec, hotspot universal client, vrf assignment, so it is up to administrator to make sure fasttrack does not interfere with other configuration; "
I still have some devices connecting onto the wrong subnet (the first is the .50, they’re supposed to be on the .2) - one’s an AppleTV and the other a laptop. I could set the AppleTV static but the laptop wants to be trickier about it. Much to learn here.
If I could ask a followup - we had the routerBoard setup by its dealer, I can’t ‘see’ where the PPTP connections are lined to various DHCP pools and routerBoard interfaces. What am I looking for in the menu settings to learn a bit more here? May want to make some changes.