MikroTik

ferry

Dear all,

i have already create new on dude 3.4. I run both dude 2.2 and 3.4, but the client seems to be autoacked in 3.4. Something wrong in dude 3.4??

Please advice..

Thx,
Ferry

ferry

Dear all,

i have already create new on dude 3.4. I run both dude 2.2 and 3.4, but the client seems to be autoacked in 3.4. Something wrong in dude 3.4??

Please advice..

Thx,
Ferry

ferry

hmmm. ic. so the point is i must create all that things from the beginning huh??? oohhhh.. my goodness

ferry

Dear all,

I have dude 2.2 for monitoring my servers and routers. Then i upgrade to version 3.4 with upload the backup.xml i got from 2.2 to 3.4. But the strange is the device began to auto acked themselves. Is there any suggestion?

thx,
ferry

ferry

Dear all,

i have pc with os mikrotik and connect it to modem 56k robotics with rs-232 and it works. but if the modem i try to connect with routerboard 500 cpu mipsle versi 2.9.51 or 3.13 it falied. any guess why?

thx,
Ferry

ferry

just pass.. why i install dude 3.0 rc1 & rc2, both of them is suspected a virus by avg, can anybody told me? thx

ferry

so i must format with fat or ntfs? in order to be known in mikrotik? cause if i format with fat, the problem is still appear.. thx

ferry

Dear all,

Anybody know the max size cache of secondary master? if i have 2 hdd, and the i choose the secondary master?? cause i have tried 30gb and it worked, but i tried with 80gb it didin't work, always asked to format the disk first.

Please advice...

Thx,

Ferry

ferry

Dear all,

Anybody know how to bundle several isp into 1?, so the bandwidth could be bigger than one isp.

thx

ferry

ferry

Dear all, I have tried load balancing from wiki, http://wiki.mikrotik.com/wiki/Load_Balancing_Persistent and it worked. But the question is what is happend if one of the connection broken? of course we have to disable/change some rule in mangle/ip route in order to get connection again. Have some ex...

ferry

no, my client want to connect to vpn. but there is just one connection. if the one pc already connect, the other one couldn't connect to the vpn. we just vpn client, connect to vpn server. I have already active ip-firewall-service-ports--> with gre and pptp enable, but it doesn't works. Any idea? Thx

ferry

Dear all,

I have RB 150 v 2.9.51 as gateway with NAT masquerade. The problem is that my client can't VPN more than one ip local. If 1 pc connect VPN, the other ip couldn't connect VPN. Any other suggestion?

Thx

ferry

Dear all,

I am having trouble with my RB 333. About 2 months up, suddenly the routerboard became 'hang'. The power didn't off, but the ethernet stop and couldn't be remote. Is there anything problem on RB 333? maybe about the temperature?

Thx,

Ferry

ferry

Dear all,

I have tried with Mikrotik OS v 3.2 and it worked. But if i used v 3.7, the process stopped when loading to Mikrotik OS. Maybe someone from Mikrotik can answer this question?

Thank you.

ferry

Dear all,

I have spec processor like this : Intel Xeon CPU X3210 2.13 Ghz QuadCore. Can Mikrotik OS support this cpu? Coz i have try to installed my hardware with Mikrotik OS v 3.7 and it's failed (the screen is blank). My question is can Mikrotik OS support this processor??

Thank you.

ferry

Dear all,

it works. nice job Cyra-Orin.thx

ferry

Dear all, I have a server with core 2 duo processor. I install my server with mikrotik v 3.0rc5. I see on the system-resource that the cpu count is "2". But why if i install my server with mikrotik v 3.0 or 3.1, the cpu count shows just "1". Any suggest?? Cause i have see on the ...

ferry

Dear all, I want to ask about EoIP tunnel. There are : - There is special hardware request for build eoip tunnel between mikrotik?, maybe two of them should be routerboard or ?? - I have tried to build eoip tunnel between my mikrotik, with different mac-address and same tunnel-id, but if i bandwidth...

ferry

Thx Andrew, i think your post is worked. i have tried it and my clients can dial vpn behind NAT Mikrotik. just open protocol gre and pptp in /ip firewall service-port and it works.

Thank you Andrew

Regards,

Ferry

ferry

Dear all, Hi i'm ferry. i want to ask about vpn. i use mikrotik for the gateway office. and my LAN want to connect vpn at the outside (other countries). But the NAT in mikrotik cause just 1 user connect to the vpn server. Can i have more than 1 connection but still pass the mikrotik?? :D Thank you R...

ferry

Hi all,

I want to ask, mhy my dude always access to my server's snmp(161), even the snmp in the dude is non active. I found so many logs in my syslog server, that the dude server try to snmp my servers.. Can anyone have any idea??

Thx a lot,

Ferry

ferry

Dear all,

maybe someone of you know? what is atribute probe down count is?

Thx

ferry

i want 2 RB , not just 1 rb. ------------------------------------- notebook1 --> rb1 -- rb2 --> notebook2 ------------------------------------- just like switch (rb1 and rb2) notebook1 & 2 in 1 network. (ex : 10.0.0.0/30) and then rb, all ports connected to notebook and the other rb are in bridg...

ferry

Dear audiences,

i have 2 rb and i want these rb to be bridged. just like switch but this is with 2 rb. Can I?

Thx

ferry

Hi all, I have problem on my dude. Sometimes the services like smtp, http, and pop down. But if i cross-check in my server at the same time, the protocol sevice is not down. Is this bug in dude 2.2? So, now i have a doubt in dude monitoring, it's not good to monitor server2.. Can i have ur opinion??...

ferry

Hi all,

i want to ask how to block p2p (like limewire) from web-proxy?, in other case i want my customer can access web??

can i have ur comments??

Thx

ferry

Okay, but where i can set the secondary radius???

if i set accounting backup to 'yes', it's just enable to yes, but how mikrotik now that there is a secondary radius, for example ip radius primary is 10.0.0.1 & secondary i set 10.0.0.2?

ferry

Okay. so where i set the second radius server (this is the "backup server") ? in mikrotik or in my radius server primary?

And how to change the default value "accounting-backup" to "yes" ?
--accounting-backup (yes | no; default: no)--

Maybe that could be clear

Thx

ferry

Dear all, I want to ask about RADIUS. In the radius menu there is a menu accounting-backup. The default value is no. If i change it to yes, can i know where's the file backup?? "accounting-backup (yes | no; default: no) - this entry is a backup RADIUS accounting server" Thx all :D Ferry

ferry

The things i want to ask is backup by script

Anybody know?

ferry

Dear all,

I have dude monitoring in my network to monitor all my client. Can i backup the dude? Maybe every week? There must be a scipt isn't it?

Thx Before..

Regards,

Ferry

ferry

Dear all,

I have a simple question, just to make sure. I have vpn server with ip public. And the other branch connect to my vpn , an d they get ip pool local (192.168.1.xx). I must set the interface local to proxy-arp?

Regards,

Ferry

ferry

Hi, i don't understand what u mean changeip. icmp 3:4 is what??

Thx

Ferry

ferry

I set the mtu & mru 1460 for the server & client. Any suggestion??

Thx,

Ferry

ferry

Hello all,

I want to ask about tunnel - l2tp. I have tunnel my network, sure it can minus the hop size. But I want to ask, l2tp has a bug?? coz i have tunnel, and my client can't send email (sometimes), but if i don't use tunnel, my client running well. Any suggestion??

Thx all,
Ferry

ferry

Dear all, thx before.I have the inspration from u guys. I have found the way.. Yes, just that simple, 1. just add mangle with prerouting - mark packet 2. Create queue type - pcq down & upload 3. Just create 2 queue tree, 1 download and 1 upload ---- add mangle ------ /ip firewall mangle add chai...

ferry

Hi all, I used to limit pppoe user with rate-limit in ppp profile. just the simpe to limit the tx/rx / user. The thing i want to ask is what about this : - i do not want to limit each user, but i have total 256K to share with the all users login to my radius. U can imagine i set the pcq with downloa...

ferry

if u confuse, just block the ip u don't want it to. u can add block in ip firewall or in ip-dhcp-lease. just add the blocking ip

ferry

Yes, absolutely great. then the use of voip can be max and the network(except voip, can be limit with max limit). u can just use simple queues for this.

ferry

maybe u can just check the bw u use (is that enough??) or u can restart ur mikrotik and then try again...

ferry

Just go to the ip-proxy/web proxy, and go to the taab settings. just fill in the address you want to and the others you need to.

ferry

What do u mean it doesn't connect????, just set in the radius menu, then all are clear in there. just decide what is radius use for(ppp, hotspot,...), and ip the radius server, that's all man..., don't forget the port too

ferry

if you want to make proxy, just make sure that u have a enough memory and HD space. just want to remember that 1Gigabyte for space HD use 15 RAM + 55 RAM for default, so just check again your config of your proxy

ferry

Just go to ip - arp, and remove the mac address you want to. and if the arp appear again, just make it static. you can di it by right click and set it to static

ferry

If u have NAT server, why just u configure it to your server (the hotspot), or is better that u just NAT your hotspot in ur mikrotik

, just a few step then finish, is easy to use

ferry

Yes, mrz your link is good. But mr wissammohamed says that he want to flexible his connection.. ex : 10 connextion or 20 connection, the entire network must have the equal bw. Can anyone suggest the script for this??, coz i didn't understand about how to script....

ferry

Just go tool - graph and make the graph for urself.

ferry

I'm setting up an exchange server and the only think holding me up is that my ISP blocks port 25 in and out.

Just ask to your ISP provider

ferry

better u set like this : 1.define ip mikrotik(as ip gateway ofcourse, ex:1.250) 2.define ip mikrotik(as ip gateway ofcourse, ex:2.250, for net 2) two of all above, just add ip address with the same interface, ex: interface local ex: ip address add addr=192.168.1.250/24 interface=local // for gateway...

ferry

Yes, u can do that. just go ip - proxy/web proxy(the place u were set) - access, just allow from source you define and allow from your source ip.and the second rule just add net except rule 1 to deny.

ferry

Can u give the configuration for me??? the profile for the VPN??, maybe the settings are incorrect

ferry

The first thing to backup is :

1. Go to files-backup --> to backup file, don't forget to see if ur files has been backup.
2. if u see the file and exist, you may restore it. i guarantee there will be no problem.

thx,

ferry

Maybe i can help u. ur configuration in ip - web proxy is right. You must see this rule to block mp3 (watch the order): 1. ip web proxy access> add url=":\\.mp\[3g\]$" action=deny 2. ip web-proxy access> add src-address=x.x.x.x/x action=allow // specific ip u want to allow download mp3 and...

ferry

Yes tony.sergjey solves the problem. u just add snmp in mikrotik in the menu SNMP - and then add(+).u can specify the the address in there. After add the snmp server for the specific address, don't forget to add the user in tab USERS(this user to allow the access of the graph). of course u fill the ...

ferry

Yes. i agree with that. To see log from spcific ip, u must mangle, and add action=log. And then set log in the system - logging - info=web-proxy. Just add the system logging in there. Have a luck

ferry

Okay.thx for all. Now, if i have all 384 kbps and i have 10 pc in my office. How to set this bw, for the limit, max-limit, burst, and the others??? Coz if one pc download, the others become slowly, so i want to limit bw for all, but still have the burst. Can u guys tell me the best way to do this???...

ferry

Yes, i know. I think janisk is wrong, cause i use parent. And for valens and the others, i want to ask? the rule : the average data rate / burst time(ex = 8s) < burst threshold, then he can get burst bw, isn't it???, if the average data rate / burst time(ex = 8s) > burst threshold, then not allowed ...

ferry

Okay, this is my conf, queue simple print : 0 name="queueAll" target-addresses=192.168.3.0/24 dst-address=0.0.0.0/0 interface=all parent=none direction=both priority=8 queue=default-small/default-small limit-at=0/0 max-limit=128000/128000 total-queue=default-small 1 name="queue3.10&qu...

ferry

Hi, i ask for help in setting queue burst. I have read the burst in http://www.mikrotik.com/testdocs/ros/2.9/root/queue.php, the i'm try to use it in my mikrotik and burst it's not work. This is the simple thing : limit-at : 32kb max-limit : 64kb burst ----- burst-limit : 128kb burst threshold : 64k...

ferry

Port 1723(pptp) is opened by default. Or maybe if u don't believe u can allow this port opened by adding in firewall filter. ip - firewall - filter, just look in there

ferry

Why don't you limit user pppoE in profile ????

Just go to ppp menu, u can see menu profile, in tab limits, and then limit in there. download(tx)/upload(rx). Maybe this help u

ferry

Yes.u can do it. 2 different, limit from web-proxy and not proxy. The step is like this : 1. Define the ip(s) which you want to cache proxy (ip-webproxy-tab access) or ip-web-proxy setting.there is a source address. 2. Make the queue(queues simple/tree), one for the proxy(the list of ip) and the 1 f...

ferry

I just want to take a note, that the use of ip pool. in ip pool we can see the used address(the active ip's) and the mac address. from that we can filter by mac address..

* ip - pool - tab used address, u can see the mac addr

Thx,

ferry

Yes, you can limit as ip. just go to the ip - web proxy. go to the tab access and define which source addr u want to limit and the others are limit to cache.

The rule is :
1. limit the source addr , ex:2.4 and 2.11 -- allow
2. the net, ex 192.168.2.0/24 -- deny

Thx,

ferry

I prefer to use ethernet filtering. Maybe at the first step u can filter ping attack (protocol icmp) by drop this and later maybe u can learn how to filter by see what the traffic in-out you want to limit, by seeing tools-torch. with this tool u can see the traffic passed the router.

Thx,

ferry

i don't understand what u sayin. I think the point is with mikrotik we can see traffic passed through mikrotik, or the other program. About the hotspot maybe u can try it with urself.., so u can Do u know what i mean???

Thx,

ferry

Maybe u should change ur rule with this and see : before : The simple ¨add chain=forward p2p=all-p2p connection-state=established action=drop comment="p2p" disabled=no¨ does NOT work. It stops ALL traffic on the router! after : The simple ¨add chain=forward p2p= !all-p2p connection-state=e...

ferry

Maybe u should change ur rule with this and see : before : The simple ¨add chain=forward p2p=all-p2p connection-state=established action=drop comment="p2p" disabled=no¨ does NOT work. It stops ALL traffic on the router! after : The simple ¨add chain=forward p2p= !all-p2p connection-state=e...

ferry

Maybe u wrong about the port. Check it again...

dest address:your web
dest-port :8081

action: dst-nat , ip:your_ip_local, port :let be default

Thx

ferry

It is impossible that u can't limit. Maybe u can try this :

torch to ur interface bridge. if there is a traffic pass the interface, you can limit the traffic with simple queue

with the tool-torch, u can know the source and dest address, and that the ip you can limit

ferry

Yes, u can do that (by redirect the page to page what do you want)

Maybe u can look at winbox --> ip-hotspot - walled garden.

the rule is:
1. allow to your ip (html page)
2. deny to all ip except no 1 (deny 0.0.0.0/0)

Maybe this is help u

Thx

ferry

better you torch in detail. click on the port and protocol to find out what is the problem. I agree with janisk, to firewall the sourde ip, but it looks better if we know the port first, maybe its kind of trojan....

Thx

ferry

Your information is not clear.I don't understand what u sayin. But the point is : if u want to "allow", nothing rule is needed.

If you want to be helped, please give the clearly information

Thx

ferry

usually warcraft 3 uses port 6112 by default. It can be change thru options-gameplay. The rule is like this, add ip - add ip address --> x.x.x.x/32 add source NAT ip firewall nat add chain=srcnat src-address=192.168.1.101 protocol=tcp dst-port=6112 > action=src-nat to-addresses=x.x.x.x to-ports=0-65...

ferry

Hi, I'm ferry. Can anyone help me what is the different between input, prerouting, output and postrouting? I'm a little bit confuse about the different between input & pre, post & output in mangle...

Thx a lot

Search found 75 matches