in my situation I only allow one to one communication - nope, local hosts [and/or devices] are completely secure from each other unless permitted,This completely exposes hosts in list, more secure is to allow just needed ports for hosts in list.
MikroTik wireless is OK not great but OKAre the mikrotk access point so good or not ?
Yes I agree with your assessment — that it’s a bug …There the workaround is "insert a delay" too, but that kind of kludges should not be necessary.
On my website I advertise my Cost of ServiceI wanted to know if any professionals here charged that much per hour, and if that's in any way comparable to Serbia. Will also check locally, if someone else says 200e/h, I'm going into networks
Would make the gear very expensive and not their market ...... drumroll please...............
" DPI of encrypted packets "
Using Winbox go to WireGuard / Peerswhere is this setting? I do not see itis-responder (yes | no; Default: no
@anav….. this is getting very annoying.
I will try and get a trial and personally see how it goes ….Okay they are telling me they use their own software coupled with Zeek monitoring software, say they do not use any existing platform???
Their new 10gig box supposedly comes with 8gigs of memory and quad core cpu ???
I surmise based on the quoted comment you have an IOS app installed that is acting like a firewall preventing the action.And the declined comes definitely from iOS
firewalla is just a fork of pfSense --- IMO does not compare to Fortigate/Arista/Juniper/Cisco for layer 7The one exception, no subscription fees is something called firewalla... I wonder if anyone has used this device and can comment??
@normis...... all you need is the router password. No need to connect to router with Winbox or anything else. App does it all for you,
KISS = acronym “keep it simple” = ZeroTier ;- )
In-my-opinion , WireGuard is far easier to setup and far more efficent to run when KISS is applied .... but if you are a Rocket Scientist then ZeroTier is your cup of Tea.ZeroTier is easier to setup, but even if idle it ZeroTier does use more bandwidth than WG.
Anav where did you get the 15% from? It’s 13%llama (amazon)
323.69+15% = $372.24
My suggestion is the AX2 or AX3 - ARM64 using the qcom driversCan anyone suggest me the lowest price mikrotik router with WiFi and comes with ros7 ?
As I am going to put wireguard VPN client on it so need router os 7
@antoniocerasuoloprobably becasue the CRS310 has the 2.5 Gibit ports?
https://eu.store.ui.com/eu/en/pro/products/ucg-ultrayes DPI /IDP for home use of course budget .. max 400Euro
Thanks for your feedback but I do not agree just yet ... I am monitrring the LAB CCR1009 with wireshark and so far I do not see any activity from api.ipify.org under v7.13.4 [stable]Malware infected box. Do a clean netinstall and null config, then configure from scratch.
https://web.archive.org/web/20231216022 ... p?t=182373There was a good tutorial for this scenario... Unfortunately it's taken down...
OK followed your suggestion but that did not work ... thanks but now i will wait for 7.13.1 :-)In v7.13 the package "routeros" already exists in System > Package. You have to delete (uninstall) the existing packages except the "routeros" package, then do the downgrade.
Hi diamuxinHi friend, to downgrade from 7.13 to 7.12.X you only have to have in /system/package the package "routeros" and delete the rest, then the downgrade works.
@llamajaja … aka @anav …. Did they ban you AGAIN ??? goodness gracious greatBla bla bla
@kraal and @mkxWhat a subtle way to say that you're 100% against me as well Given the fact that I usually don't agree with your vision of pedagogy, I must say that I'm not disappointedIm 100% with holvoe/tangent etc and 100% against mkx.
100% better solution is WireGuard just as @holvoetn stated plus WireGuard Security is second to none without sacrificing performance ...Add one to the mix
Wireguard. A lot faster then all the rest.
udp port 1900If it has something to do with firewall policies, can you tell me which ports upnp needs to open on the firewall.
DeDMorozzzz YOU should mark it as solved because you are the initiator ....It really should.
Should I mark in anyway, or it's a moderator's job?
It’s an encrypted message for @DarkNate that states the followingWhat does this all mean?
@Rox169Did you have chance to test AX3?
My bad Amm0 … not binary —- but refer to viewtopic.php?p=985966&hilit=Docker+update#p985966And it's unclear what issues you're actually run into...
/ip smb shares add name=sharethis directory=moab
/ip smb shares remove [find name=sharethis]
"With Assembler and CPM/86" ... very impressive my Italian Friend ... your RouterOS code is very nice ... but you need to make it very fast not only NICE ...I started programming when I was a child with Assembler and CPM/86 with MSDOS 3.0 and "debug"...
DarkNate …MikroTik needs to make some changes to their UI/CLI/UX logic and docs to help make L3 offloading as simple, straightforward and clear as possible.
Anav my friend you are wasting your valuable retirement time with this … I know that you want to conquer this bugger but tell me something …. Is it really worth the struggle ??? Poke poke POKESo I am gun shy of that functionality.
My primary focus in gear is as follows all depending on circumstances:So .what gear do you sell then?
If that was true THEN your developers would have BGP/BFD done by now on 7.x .... and very surprising that it is not for ARM ...this makes it all easier and makes development faster
Good catch Znevna …. In fact disk3 is microSD card and disk2 is microUSB …..How is Disk2 and Disk3 connected?
You only seem to have one usb device connected with one partition.
The hAP ax2 was designed for the home user and not the Network nerd ….….. nobody is going to run containers on it.
You may need to run Netinstall 5 or 6 times ... and switch Netinstall to 1 version lower ..... that's been my experience with Netinstall on some version of Tik devices.Netinstall is not working.
Yes, in fact I did.@mozerd
Did you copy-paste your post? Perhaps a more relevant proverb in English is 'All roads lead to Rome".
@Larsa, without one shadow of doubt I really like your sense of humor ….That was a bit unfair since hell will freez to ice already tomorrow and I don't really have time to fix it. : )
Hell will freeze over before @Larsa will provide that “right” config for you …. simplicity, performance, reduced costs ONLY in Larsa’s dreams.Still waiting for that "right" config LOL
@Larsa … word games do not work ?.. but you can dream all you want because in dreams everything is possible.So ZeroTier cannot meet ANY of those 3 CRITICAL advantages.
TZ meets all these requirements by definition.
Just for You @ZnevnaWhat gives?
ZeroTier is NOT available on the Tile architecture……TILE
If the Office is high security then measures can be taken to protect the nodes etc ... it all depends on the budget and network access control via Network Intrusion Detection systems ...Regular office, ......
The hEX will serve for your purposes as the Router.non-critical social media activity, no VOIP / no gaming.
It's not strictly simultaneous, just typical coffee shop free wifi activities.
Many many data fields are not populated with the MT App under IOS on my iPhone ... far too many to take pics .... I do not think that MikroTik look at this frequently.Do you also update the MT Apps in RC releases ( like missing allowed IP addresses in peer settings )?
*) ios app - text
@Sob ....@anav: The idea with routes was inspired by @mozerd, poor guy now has constant nightmares that WG in RouterOS is incomplete, so this option would save him, and it's true that I saw other people miss adding routes before.
Goodness Gracious Great Balls of Fire .... @anav -- The configuration Guru is back and kicking ....I hope you can see now where your thinking went off the rails..................