Thx!

How can I disable detect internet?

I activated fasttrack, but I don't see any improvement. Still 350 mbit/s.

What can I do that if I connect a new PC to the CSS to get him an IP in VLAN50 without setting it manually in the PC or set the port in the CSS to VLAN ID 50?

I think I got it working. This is my config now: export hide-sensitive # jun/23/2021 09:17:23 by RouterOS 6.48.3 # software id = XE0V-A40Q # # model = RB760iGS # serial number = A815099AF64D /interface bridge add name=bridge1 vlan-filtering=yes /interface ethernet set [ find default-name=ether2 ] na...

My suggestion, though, would be to convert ether3 and ether5 to proper trunk ports (remember to do the same on CSS as well) and would configure CSS to perform tagging (with VID 1) on access/hybrid ports. How can I do that? I want every port of the CSS to use every VLAN. The separation is done in my...

Hi, I have a hex S since a few years, connected to a CSS322. Back then, all tutorials were not using any bridge. Now I want to use a Bridge, however, if I activate VLAN Filtering, my network collapses. The network looks like that: Netzwerk(1).png This is my configuration: export hide-sensitive # jun...

Get rid of vlan1 for data it should only be used as the default bridge vlan!!! (use vlan10) and use this reference.....
viewtopic.php?f=23&t=143620

Do you mean I should place my computer and server and everything else into VLAN10 instead of 1?

okay, I understand. I deactivated the bond and now I'm facing some problems: If I transfer files between VLAN1 and VLAN10 the speed drops even further to 35 mb/s. And in additon, if I activate the VLAN Filtering in the bridge I'll loose internet connection. This is the new configuration: # jun/04/20...

Hi, There's no hardware offload feature on hex so all vlan operation is done in the cpu not on a switch chip and that could potentially explain your situation, don't use the router to do what the switch is supposed to do as workaround configure your css switch and make an untagged/access port towar...

Hi, I have a hex S and a CSS326 and using VLANs. This works so far, but the traffic between two VLANs is very slow (50 mb/s) and the CPU usage of the hex S is at 40-60 %. Where is the error in the config? # jun/04/2021 12:18:29 by RouterOS 6.48.2 # software id = XE0V-A40Q # # model = RB760iGS # seri...

Ah ok, now I added some rules.

But why don't I allow any winbox connection anymore? I reopened it a few times in the last hours?

I have the problem that this rule:
add action=drop chain=input comment="Block everything else"
does what it says: blocking everything else. I'm not able to connect to the internet from my Server from eth4. How can I solve this?

I had to allow ports 443 and 80 between my client and the reverse proxy. this is was my filter looks like now: /ip firewall filter add action=accept chain=forward connection-nat-state=dstnat add action=drop chain=input connection-state=invalid add action=accept chain=input comment="Allow Establ...

I got it running now.

forwarded the ports between my pc and server.

How can I harden my firewall?

I removed the In-Port but still no connection. /interface list add name=WAN add name=LAN /interface wireless security-profiles set [ find default=yes ] supplicant-identity=MikroTik /ip pool add name=dhcp ranges=192.168.0.10-192.168.0.40 add name=dhcp_pool6 ranges=192.168.20.2-192.168.20.254 add name...

This dst Nat is already running, otherwise I won't have access from outside.
Here:
add action=dst-nat chain=dstnat comment="HTTPS an reverse proxy" dst-address=XXX dst-port=80,443 in-interface=ether1 \
protocol=tcp to-addresses=192.168.100.110 to-ports=443

XXX is my external IP.

I tried to disable the filter rule which blocks the traffic between both networks, but this didn't change anything. Still no access to my domain. edit: If I add my domain and the IP of my reverse Proxy to the /etc/hosts file of my Win 10 computer AND if I disable the filter rules THEN it will work. ...

Thanks so far guys! I added a static DNS entry to my mikrotik and made and forward dstnat accept filter rule. But it still won't work. Here is my exports: export hide-sensitive # mar/12/2019 13:48:21 by RouterOS 6.44 # software id = XXX # # model = RB760iGS # serial number = XXX /interface ethernet ...

4 rules? which do I need? The wiki only tells about one and the tutorial as well.

DNS: I'm using pi hole as a DNS for my Client, and 1.1.1.1 for my webserver. Should I modify my piHole?
Will this work even if I block all traffic between 192.168.100.0 and 192.168.0.0 with a firewall rule?

Hi, I have a webserver in IP Range 192.168.100.0/24 and I have a client in 192.168.0.0/24. I can't connect over my domain address to my webserver from inside my network, that's why I would like to make a Hairpin NAT. I tried to do it after this tutorial: https://www.youtube.com/watch?v=_kw_bQyX-3U&a...

that looks like a great idea

I plugged the NIC of my webservers into the router (eth4) with an own address (192.168.100.0/24) without VLAN and it works. Thus, the problem must be something with SwOS and/or Proxmox.

Sorry for the confusion. I tried so much the past days and I'm confused myself

I appreciate your help very much.

I can't return the CSS, since I use it for 4 years or so now. It is a good switch, that's why I purchased the hEX S.

I made one quick and dirty.
Hope you can see what I want

The Webserver are: Reverse Proxy, Nextcloud and Wordpress (three different IPs).

How can I make a shiny diagram?

Hi, I got a brand new hEX S and a CSS326. I got a Proxmox-Server with 3 NICs. One NIC should be used for webservers and forbid any connections to my LAN, therefore it has to be in a VLAN. I want my "normal" LAN without VLAN just running. Thus, I can replace in emergency cases the mikrotik ...

Yes, I'm not the only one with SFP-> 1Gbit transfer problems. Downgrading solved the problem. 2.3 and 2.4 are running fine. So far it is a very good switch!

Hi, I got my workstation (with Mellanox Connectx-2) connected per DAC to the CSS326. WIthin SWOS it tells me "10G", but if I try to copy something to the servers (1Gbit) I only get 30-180mbit traffic speed. If I connect the workstation with a 1Gbit cable instead, I get around 980 mbit/s. I...