Community discussions

MikroTik App
 
User avatar
anav
Forum Guru
Forum Guru
Topic Author
Posts: 11720
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

NEW USER POSTING FOR ASSISTANCE

Tue Jan 25, 2022 5:29 pm

Hi folks, welcome to the fray!

[ NEED HELP STARTING TO CONFIG YOUR ROUTER go to this link - viewtopic.php?p=906567#p906567 ]

NEED HELP CREATING THE PERFECT POST TO GET ASSISTANCE

This article is designed to get you to the point where you can provide a coherent request for support. No one will be able to resist well articulated and described issues! :-)

Step1: Provide a network diagram of your setup with enough detail so that the subnets (vlans), devices and their relationships are clearly established. If able, on the same, or perhaps separate diagram indicate the purpose of each port on your device.

NETWORK DIAGRAM APPS:
https://online.visual-paradigm.com/diag ... -software/
https://www.lucidchart.com/pages/
https://drawio-app.com/product/
https://www.diagrams.net/ (its older sibling soon to be discontinued https://drawio-app.com/product/)
( Other links for diagrams.net - https://www.youtube.com/watch?v=P3ieXjI7ZSk & https://www.youtube.com/watch?v=mpF1i9sfEJ0 )
https://sourceforge.net/projects/dia-installer/
https://www.yworks.com/products/yed (and icons for yed --> https://github.com/danger89/yEd_cisco_network_icons )
https://www.libreoffice.org/discover/draw/

http://kilievich.com/fpinger/ - has a simple drawing program but not its main intent.

Step2: Provide your latest working config. This is done by going to your winbox menu and selecting the TERMINAL menu selection. At the command prompt enter the following:
/export hide-sensitive file=anynameyouwish { note in software vers 7 'hide-sensitive' is no longer required }.

After that go to your FILES menu selection and locate the file name. A right click and download to your desktop. Open in notepad++ and copy and paste into your thread. Note, please use the CODE icons ( black square with white square brackets - on the same line as Bold Underline etc.. ) to select the text and apply the functionality. There may be some additional requests to see jpegs of your winbox screen etc, but that will be specifically asked for during assistance.

Caution: Ensure any actual Public IP or Public Gateway IP, if found in the config, is removed or replaced with fake numbers or syntax like x.x.x.x !

Step3: Now that you have given us the the complete facts of your config (and not snippets please), it is time to communicate what you would like to accomplish with your config. Yes, you heard right, we dont want to hear about the issue just yet, but instead we want to know what you are trying to accomplish that is being thwarted by the config or the lack of knowledge on MT RoS.

***** List the user requirements/use cases: (user includes the admin!)
- what you want your user or groups of users, or devices or groups of devices, to be able to do
- what you want your user or groups of users, or devices or groups of devices, to be blocked from doing
- what are the controls and functionality you wish the router to provide

***** HINT: There should be NO mention of the config or config parameters in the use cases. This is strictly descriptions of the ability for users/devices to conduct their work or normal activities. What is that work or activity that they must be able to perform.

Step4: Finally, now is the time to state what is NOT working. This includes what issues you may be seeing on the config of the router; what traffic flow is not occurring that should be occurring or that you wish to occur; or simply that you are stumped as to what to do next on the config. Provide sufficient detail so that you can be understood.

Note: If english is not your primary language be sure to use google translate or similar to provide a full translated description!

WHAT TO AVOID - THE XY FACTOR --> https://xyproblem.info/
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Last edited by anav on Fri May 06, 2022 10:03 pm, edited 18 times in total.
I'd rather manage rats than software. Follow my advice at your own risk! (Sob & mkx forced me to write that!)
MTUNA Certified, by the Ascerbic Llama!
 
Sob
Forum Guru
Forum Guru
Posts: 8170
Joined: Mon Apr 20, 2009 9:11 pm

Re: NEW USER POSTING FOR ASSISTANCE

Wed Jan 26, 2022 1:07 am

Few more tips:

Details are important!

Wrong: I want to access my NAS in VLAN 10 from PC in VLAN 20, but it doesn't work. And you have several firewall rules with different conditions for IP addresses, so someone can have "fun" guessing what rules apply and what don't.
Correct: I want to access my NAS (192.168.30.10) in VLAN 10 from PC (192.168.40.50) in VLAN 20. I tried ping and it worked, but I can not access shared folders from Windows (and because I'm clever user, I also know for sure that it's standard SMB prococol). Much better.

If you want to keep some info private (IP adresses, etc), do not make a mess of it

Wrong: Silently remove some parts of config, because you think they are not important. If you knew for sure, you wouldn't be asking here (there may be some exceptions).
Correct: Write what you removed (e.g. DHCP leases). At least we will know that something may be there.

Wrong: My PC is 10.x.x.x.
Correct: My PC is 10.11.12.13. It's private (= non-public and non-unique) address, there's no need to hide it.

Wrong: My first WAN has x.x.x.x and second WAN has x.x.x.x. Best combined with firewall rules with dst-address=x.x.x.x.
Correct: My first WAN has x.x.x.2/30 (static) and second WAN has y.y.y.17/24 (DHCP). We can tell them apart, and it's also clear that it's two different networks.
Correct: My first WAN has 23.x.x.2/30 (static) and second WAN has 13.x.x.17/24 (DHCP). Also clear, and as a bonus, we're sure that those are public addresses.

Wrong: I have 2001:xxxx:xxxx:xxxx::2/64 on WAN and 2001:xxxx:xxxx:xxxx::1/64 on LAN.
Correct: I have 2001:xxxx:xxxx:yyyy::2/64 on WAN and 2001:xxxx:xxxx:zzzz::1/64 on LAN. It's important to show that some parts (yyyy and zzzz) are different.

Learn about public addresses

If it's 10.x.x.x, 100.64-127.x.x, 172.16-31.x.x, 192.168.x.x, it's not public and has limited use, access from internet may be a problem (there's still some hope if ISP forwards ports to you, as NAT 1:1 or otherwise).

Share original instructions, if you got some

Wrong: I did this and that, but it doesn't work.
Correct: This is what I got from ISP: <some things to configure>. I then did this and that, but it doesn't work. Of course it doesn't, when you completely misunderstood what should be done. ;)
Come on people, do you really have to quote full posts? It's annoying and in most cases useless.
 
User avatar
anav
Forum Guru
Forum Guru
Topic Author
Posts: 11720
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Re: NEW USER POSTING FOR ASSISTANCE

Wed Jan 26, 2022 3:01 am

All good, which should prompt me to give an example at the end of the post!
I'd rather manage rats than software. Follow my advice at your own risk! (Sob & mkx forced me to write that!)
MTUNA Certified, by the Ascerbic Llama!

Who is online

Users browsing this forum: spazio and 3 guests